/**
* gnutls_x509_crl_set_number - Set the CRL's number extension
* @crl: a CRL of type #gnutls_x509_crl_t
* @nr: The CRL number
* @nr_size: Holds the size of the nr field.
*
* This function will set the CRL's number extension.
*
* Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a
* negative error value.
*
* Since: 2.8.0
**/
int
gnutls_x509_crl_set_number (gnutls_x509_crl_t crl,
const void *nr, size_t nr_size)
{
int result;
gnutls_datum_t old_id, der_data;
unsigned int critical;
if (crl == NULL)
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
/* Check if the extension already exists.
*/
result =
_gnutls_x509_crl_get_extension (crl, "2.5.29.20", 0, &old_id, &critical);
if (result >= 0)
_gnutls_free_datum (&old_id);
if (result != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
/* generate the extension.
*/
result = _gnutls_x509_ext_gen_number (nr, nr_size, &der_data);
if (result < 0)
{
gnutls_assert ();
return result;
}
result = _gnutls_x509_crl_set_extension (crl, "2.5.29.20", &der_data, 0);
_gnutls_free_datum (&der_data);
if (result < 0)
{
gnutls_assert ();
return result;
}
crl->use_extensions = 1;
return 0;
}
/**
* gnutls_x509_crl_get_number - get the CRL number (extension)
* @crl: should contain a #gnutls_x509_crl_t structure
* @ret: The place where the number will be copied
* @ret_size: Holds the size of the result field.
* @critical: will be non zero if the extension is marked as critical
* (may be null)
*
* This function will return the CRL number extension. This is
* obtained by the CRL Number extension field (2.5.29.20).
*
* Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a
* negative value in case of an error.
*
* Since: 2.8.0
**/
int
gnutls_x509_crl_get_number (gnutls_x509_crl_t crl, void *ret,
size_t * ret_size, unsigned int *critical)
{
int result;
gnutls_datum_t id;
if (crl == NULL)
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
if (ret)
memset (ret, 0, *ret_size);
else
*ret_size = 0;
if ((result =
_gnutls_x509_crl_get_extension (crl, "2.5.29.20", 0, &id,
critical)) < 0)
{
return result;
}
if (id.size == 0 || id.data == NULL)
{
gnutls_assert ();
return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
}
result = _gnutls_x509_ext_extract_number (ret, ret_size, id.data, id.size);
_gnutls_free_datum (&id);
if (result < 0)
{
gnutls_assert ();
return result;
}
return 0;
}
static int
_get_authority_key_id(gnutls_x509_crl_t cert, ASN1_TYPE * c2,
unsigned int *critical)
{
int ret;
gnutls_datum_t id;
*c2 = ASN1_TYPE_EMPTY;
if (cert == NULL) {
gnutls_assert();
return GNUTLS_E_INVALID_REQUEST;
}
if ((ret =
_gnutls_x509_crl_get_extension(cert, "2.5.29.35", 0, &id,
critical)) < 0) {
return gnutls_assert_val(ret);
}
if (id.size == 0 || id.data == NULL) {
gnutls_assert();
return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
}
ret = asn1_create_element
(_gnutls_get_pkix(), "PKIX1.AuthorityKeyIdentifier", c2);
if (ret != ASN1_SUCCESS) {
gnutls_assert();
_gnutls_free_datum(&id);
return _gnutls_asn2err(ret);
}
ret = asn1_der_decoding(c2, id.data, id.size, NULL);
_gnutls_free_datum(&id);
if (ret != ASN1_SUCCESS) {
gnutls_assert();
asn1_delete_structure(c2);
return _gnutls_asn2err(ret);
}
return 0;
}
/**
* gnutls_x509_crl_get_authority_key_id - get the CRL authority's identifier
* @crl: should contain a #gnutls_x509_crl_t structure
* @ret: The place where the identifier will be copied
* @ret_size: Holds the size of the result field.
* @critical: will be non zero if the extension is marked as critical
* (may be null)
*
* This function will return the CRL authority's key identifier. This
* is obtained by the X.509 Authority Key identifier extension field
* (2.5.29.35). Note that this function only returns the
* keyIdentifier field of the extension.
*
* Returns: On success, %GNUTLS_E_SUCCESS is returned, otherwise a
* negative value in case of an error.
*
* Since: 2.8.0
**/
int
gnutls_x509_crl_get_authority_key_id (gnutls_x509_crl_t crl, void *ret,
size_t * ret_size,
unsigned int *critical)
{
int result, len;
gnutls_datum_t id;
ASN1_TYPE c2 = ASN1_TYPE_EMPTY;
if (crl == NULL)
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
if (ret)
memset (ret, 0, *ret_size);
else
*ret_size = 0;
if ((result =
_gnutls_x509_crl_get_extension (crl, "2.5.29.35", 0, &id,
critical)) < 0)
{
return result;
}
if (id.size == 0 || id.data == NULL)
{
gnutls_assert ();
return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
}
result = asn1_create_element
(_gnutls_get_pkix (), "PKIX1.AuthorityKeyIdentifier", &c2);
if (result != ASN1_SUCCESS)
{
gnutls_assert ();
_gnutls_free_datum (&id);
return _gnutls_asn2err (result);
}
result = asn1_der_decoding (&c2, id.data, id.size, NULL);
_gnutls_free_datum (&id);
if (result != ASN1_SUCCESS)
{
gnutls_assert ();
asn1_delete_structure (&c2);
return _gnutls_asn2err (result);
}
len = *ret_size;
result = asn1_read_value (c2, "keyIdentifier", ret, &len);
*ret_size = len;
asn1_delete_structure (&c2);
if (result == ASN1_VALUE_NOT_FOUND || result == ASN1_ELEMENT_NOT_FOUND)
{
return GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE;
}
if (result != ASN1_SUCCESS)
{
gnutls_assert ();
return _gnutls_asn2err (result);
}
return 0;
}
