コード例 #1
0
ファイル: x509_write.c プロジェクト: ffmpeg-build-win/gnutls
/* If OPTIONAL fields have not been initialized then
 * disable them.
 */
static void disable_optional_stuff(gnutls_x509_crt_t cert)
{
	asn1_data_node_st n;
	asn1_node node;
	unsigned remove_subject_unique_id = 1;
	unsigned remove_issuer_unique_id = 1;

	node = asn1_find_node(cert->cert, "tbsCertificate.issuerUniqueID");
	if (node) {
		if (asn1_read_node_value(node, &n) == ASN1_SUCCESS && n.value_len != 0)
			remove_issuer_unique_id = 0;
	}

	node = asn1_find_node(cert->cert, "tbsCertificate.subjectUniqueID");
	if (node) {
		if (asn1_read_node_value(node, &n) == ASN1_SUCCESS && n.value_len != 0)
			remove_subject_unique_id = 0;
	}

	if (remove_issuer_unique_id)
		asn1_write_value(cert->cert, "tbsCertificate.issuerUniqueID", NULL,
				 0);

	if (remove_subject_unique_id)
		asn1_write_value(cert->cert, "tbsCertificate.subjectUniqueID",
				 NULL, 0);

	if (cert->use_extensions == 0) {
		_gnutls_debug_log("Disabling X.509 extensions.\n");
		asn1_write_value(cert->cert, "tbsCertificate.extensions",
				 NULL, 0);
	}

	return;
}
コード例 #2
0
ファイル: dn.c プロジェクト: ffmpeg-build-win/gnutls
/* This will write the AttributeTypeAndValue field. The data must be already DER encoded.
 * 'multi' must be (0) if writing an AttributeTypeAndValue, and 1 if Attribute.
 * In all cases only one value is written.
 */
static int
_gnutls_x509_write_attribute(const char *given_oid,
			     ASN1_TYPE asn1_struct, const char *where,
			     const void *_data, int sizeof_data)
{
	char tmp[128];
	int result;

	/* write the data (value)
	 */

	_gnutls_str_cpy(tmp, sizeof(tmp), where);
	_gnutls_str_cat(tmp, sizeof(tmp), ".value");

	result = asn1_write_value(asn1_struct, tmp, _data, sizeof_data);
	if (result < 0) {
		gnutls_assert();
		return _gnutls_asn2err(result);
	}

	/* write the type
	 */
	_gnutls_str_cpy(tmp, sizeof(tmp), where);
	_gnutls_str_cat(tmp, sizeof(tmp), ".type");

	result = asn1_write_value(asn1_struct, tmp, given_oid, 1);
	if (result != ASN1_SUCCESS) {
		gnutls_assert();
		return _gnutls_asn2err(result);
	}

	return 0;
}
コード例 #3
0
ファイル: common.c プロジェクト: MihirKulkarni/TLS_extension
/* Writes the value of the datum in the given ASN1_TYPE. If str is non
 * (0) it encodes it as OCTET STRING.
 */
int
_gnutls_x509_write_value (ASN1_TYPE c, const char *root,
                          const gnutls_datum_t * data, int str)
{
  int result;
  ASN1_TYPE c2 = ASN1_TYPE_EMPTY;
  gnutls_datum_t val = { NULL, 0 };

  if (str)
    {
      /* Convert it to OCTET STRING
       */
      if ((result = asn1_create_element
           (_gnutls_get_pkix (), "PKIX1.pkcs-7-Data", &c2)) != ASN1_SUCCESS)
        {
          gnutls_assert ();
          result = _gnutls_asn2err (result);
          goto cleanup;
        }

      result = asn1_write_value (c2, "", data->data, data->size);
      if (result != ASN1_SUCCESS)
        {
          gnutls_assert ();
          result = _gnutls_asn2err (result);
          goto cleanup;
        }

      result = _gnutls_x509_der_encode (c2, "", &val, 0);
      if (result < 0)
        {
          gnutls_assert ();
          goto cleanup;
        }

    }
  else
    {
      val.data = data->data;
      val.size = data->size;
    }

  /* Write the data.
   */
  result = asn1_write_value (c, root, val.data, val.size);
  if (result != ASN1_SUCCESS)
    {
      gnutls_assert ();
      result = _gnutls_asn2err (result);
      goto cleanup;
    }

  result = 0;

cleanup:
  asn1_delete_structure (&c2);
  if (val.data != data->data)
    _gnutls_free_datum (&val);
  return result;
}
コード例 #4
0
ファイル: test-asn1x.c プロジェクト: bhull2010/mate-keyring
static void
build_personal_name (void)
{
	ASN1_TYPE asn1_pkix = NULL, asn;
	guchar buffer[10024];
	int res, len;

	res = asn1_array2tree (pkix_asn1_tab, &asn1_pkix, NULL);
	g_assert (res == ASN1_SUCCESS);

	res = asn1_create_element (asn1_pkix, "PKIX1.PersonalName", &asn);
	g_assert (res == ASN1_SUCCESS);

	asn1_write_value (asn, "surname", "Turanga", 7);
	asn1_write_value (asn, "given-name", "Leela", 5);
	asn1_write_value (asn, "initials", NULL, 0);
	asn1_write_value (asn, "generation-qualifier", "Alien", 5);

	len = sizeof (buffer);
	res = asn1_der_coding (asn, "", buffer, &len, NULL);
	g_assert (res == ASN1_SUCCESS);

	asn1_delete_structure (&asn);
	asn1_delete_structure (&asn1_pkix);

	if (!g_file_set_contents ("/tmp/personal-name.der", (gchar*)buffer, len, NULL))
		g_assert (FALSE);

}
コード例 #5
0
ファイル: common.c プロジェクト: MihirKulkarni/TLS_extension
/* Sets the time in time_t in the ASN1_TYPE given. Where should
 * be something like "tbsCertList.thisUpdate".
 */
int
_gnutls_x509_set_time (ASN1_TYPE c2, const char *where, time_t tim)
{
  char str_time[MAX_TIME];
  char name[128];
  int result, len;

  _gnutls_str_cpy (name, sizeof (name), where);

  if ((result = asn1_write_value (c2, name, "utcTime", 1)) < 0)
    {
      gnutls_assert ();
      return _gnutls_asn2err (result);
    }

  result = _gnutls_x509_gtime2utcTime (tim, str_time, sizeof (str_time));
  if (result < 0)
    {
      gnutls_assert ();
      return result;
    }

  _gnutls_str_cat (name, sizeof (name), ".utcTime");

  len = strlen (str_time);
  result = asn1_write_value (c2, name, str_time, len);
  if (result != ASN1_SUCCESS)
    {
      gnutls_assert ();
      return _gnutls_asn2err (result);
    }

  return 0;
}
コード例 #6
0
ファイル: extract-openssl.c プロジェクト: Distrotech/p11-kit
static bool
write_usages (node_asn *asn,
              const char *field,
              p11_array *oids)
{
	char *last;
	int ret;
	int i;

	/*
	 * No oids? Then doing this will make the entire optional
	 * field go away
	 */
	if (oids == NULL) {
		ret = asn1_write_value (asn, field, NULL, 0);
		return_val_if_fail (ret == ASN1_SUCCESS, false);

	} else {
		if (asprintf (&last, "%s.?LAST", field) < 0)
			return_val_if_reached (false);
		for (i = 0; i < oids->num; i++) {
			ret = asn1_write_value (asn, field, "NEW", 1);
			return_val_if_fail (ret == ASN1_SUCCESS, false);
			ret = asn1_write_value (asn, last, oids->elem[i], -1);
			return_val_if_fail (ret == ASN1_SUCCESS, false);
		}

		free (last);
	}

	return true;
}
コード例 #7
0
ファイル: extensions.c プロジェクト: randombit/hacrypto
/* generate the proxyCertInfo in a DER encoded extension
 */
int
_gnutls_x509_ext_gen_proxyCertInfo(int pathLenConstraint,
                                   const char *policyLanguage,
                                   const char *policy,
                                   size_t sizeof_policy,
                                   gnutls_datum_t * der_ext)
{
    ASN1_TYPE ext = ASN1_TYPE_EMPTY;
    int result;

    result = asn1_create_element(_gnutls_get_pkix(),
                                 "PKIX1.ProxyCertInfo", &ext);
    if (result != ASN1_SUCCESS) {
        gnutls_assert();
        return _gnutls_asn2err(result);
    }

    if (pathLenConstraint < 0) {
        result =
            asn1_write_value(ext, "pCPathLenConstraint", NULL, 0);
        if (result != ASN1_SUCCESS)
            result = _gnutls_asn2err(result);
    } else
        result =
            _gnutls_x509_write_uint32(ext, "pCPathLenConstraint",
                                      pathLenConstraint);
    if (result < 0) {
        gnutls_assert();
        asn1_delete_structure(&ext);
        return result;
    }

    result = asn1_write_value(ext, "proxyPolicy.policyLanguage",
                              policyLanguage, 1);
    if (result != ASN1_SUCCESS) {
        gnutls_assert();
        asn1_delete_structure(&ext);
        return _gnutls_asn2err(result);
    }

    result = asn1_write_value(ext, "proxyPolicy.policy",
                              policy, sizeof_policy);
    if (result != ASN1_SUCCESS) {
        gnutls_assert();
        asn1_delete_structure(&ext);
        return _gnutls_asn2err(result);
    }

    result = _gnutls_x509_der_encode(ext, "", der_ext, 0);

    asn1_delete_structure(&ext);

    if (result < 0) {
        gnutls_assert();
        return result;
    }

    return 0;
}
コード例 #8
0
ファイル: extensions.c プロジェクト: randombit/hacrypto
/* This function will attempt to set the requested extension in
 * the given X509v3 certificate.
 *
 * Critical will be either 0 or 1.
 */
static int
add_extension(ASN1_TYPE asn, const char *root, const char *extension_id,
              const gnutls_datum_t * ext_data, unsigned int critical)
{
    int result;
    const char *str;
    char name[ASN1_MAX_NAME_SIZE];

    snprintf(name, sizeof(name), "%s", root);

    /* Add a new extension in the list.
     */
    result = asn1_write_value(asn, name, "NEW", 1);
    if (result != ASN1_SUCCESS) {
        gnutls_assert();
        return _gnutls_asn2err(result);
    }

    if (root[0] != 0)
        snprintf(name, sizeof(name), "%s.?LAST.extnID", root);
    else
        snprintf(name, sizeof(name), "?LAST.extnID");

    result = asn1_write_value(asn, name, extension_id, 1);
    if (result != ASN1_SUCCESS) {
        gnutls_assert();
        return _gnutls_asn2err(result);
    }

    if (critical == 0)
        str = "FALSE";
    else
        str = "TRUE";

    if (root[0] != 0)
        snprintf(name, sizeof(name), "%s.?LAST.critical", root);
    else
        snprintf(name, sizeof(name), "?LAST.critical");

    result = asn1_write_value(asn, name, str, 1);
    if (result != ASN1_SUCCESS) {
        gnutls_assert();
        return _gnutls_asn2err(result);
    }

    if (root[0] != 0)
        snprintf(name, sizeof(name), "%s.?LAST.extnValue", root);
    else
        snprintf(name, sizeof(name), "?LAST.extnValue");

    result = _gnutls_x509_write_value(asn, name, ext_data);
    if (result < 0) {
        gnutls_assert();
        return result;
    }

    return 0;
}
コード例 #9
0
ファイル: extensions.c プロジェクト: nobled/gnutls
/* generate the basicConstraints in a DER encoded extension
 * Use 0 or 1 (TRUE) for CA.
 * Use negative error codes for pathLenConstraint to indicate that the field
 * should not be present, >= 0 to indicate set values.
 */
int
_gnutls_x509_ext_gen_basicConstraints (int CA,
                                       int pathLenConstraint,
                                       gnutls_datum_t * der_ext)
{
  ASN1_TYPE ext = ASN1_TYPE_EMPTY;
  const char *str;
  int result;

  if (CA == 0)
    str = "FALSE";
  else
    str = "TRUE";

  result =
    asn1_create_element (_gnutls_get_pkix (), "PKIX1.BasicConstraints", &ext);
  if (result != ASN1_SUCCESS)
    {
      gnutls_assert ();
      return _gnutls_asn2err (result);
    }

  result = asn1_write_value (ext, "cA", str, 1);
  if (result != ASN1_SUCCESS)
    {
      gnutls_assert ();
      asn1_delete_structure (&ext);
      return _gnutls_asn2err (result);
    }

  if (pathLenConstraint < 0)
    {
      result = asn1_write_value (ext, "pathLenConstraint", NULL, 0);
      if (result < 0)
        result = _gnutls_asn2err (result);
    }
  else
    result = _gnutls_x509_write_uint32 (ext, "pathLenConstraint",
                                        pathLenConstraint);
  if (result < 0)
    {
      gnutls_assert ();
      asn1_delete_structure (&ext);
      return result;
    }

  result = _gnutls_x509_der_encode (ext, "", der_ext, 0);

  asn1_delete_structure (&ext);

  if (result < 0)
    {
      gnutls_assert ();
      return result;
    }

  return 0;
}
コード例 #10
0
ファイル: extensions.c プロジェクト: randombit/hacrypto
static int
write_new_general_name(ASN1_TYPE ext, const char *ext_name,
                       gnutls_x509_subject_alt_name_t type,
                       const void *data, unsigned int data_size)
{
    const char *str;
    int result;
    char name[128];

    result = asn1_write_value(ext, ext_name, "NEW", 1);
    if (result != ASN1_SUCCESS) {
        gnutls_assert();
        return _gnutls_asn2err(result);
    }

    switch (type) {
    case GNUTLS_SAN_DNSNAME:
        str = "dNSName";
        break;
    case GNUTLS_SAN_RFC822NAME:
        str = "rfc822Name";
        break;
    case GNUTLS_SAN_URI:
        str = "uniformResourceIdentifier";
        break;
    case GNUTLS_SAN_IPADDRESS:
        str = "iPAddress";
        break;
    default:
        gnutls_assert();
        return GNUTLS_E_INTERNAL_ERROR;
    }

    if (ext_name[0] == 0) {	/* no dot */
        _gnutls_str_cpy(name, sizeof(name), "?LAST");
    } else {
        _gnutls_str_cpy(name, sizeof(name), ext_name);
        _gnutls_str_cat(name, sizeof(name), ".?LAST");
    }

    result = asn1_write_value(ext, name, str, 1);
    if (result != ASN1_SUCCESS) {
        gnutls_assert();
        return _gnutls_asn2err(result);
    }

    _gnutls_str_cat(name, sizeof(name), ".");
    _gnutls_str_cat(name, sizeof(name), str);

    result = asn1_write_value(ext, name, data, data_size);
    if (result != ASN1_SUCCESS) {
        gnutls_assert();
        asn1_delete_structure(&ext);
        return _gnutls_asn2err(result);
    }

    return 0;
}
コード例 #11
0
ファイル: pkcs12.c プロジェクト: Chronic-Dev/gnutls
/* Creates an empty PFX structure for the PKCS12 structure.
 */
static int
create_empty_pfx (ASN1_TYPE pkcs12)
{
  uint8_t three = 3;
  int result;
  ASN1_TYPE c2 = ASN1_TYPE_EMPTY;

  /* Use version 3
   */
  result = asn1_write_value (pkcs12, "version", &three, 1);
  if (result != ASN1_SUCCESS)
    {
      gnutls_assert ();
      result = _gnutls_asn2err (result);
      goto cleanup;
    }

  /* Write the content type of the data
   */
  result = asn1_write_value (pkcs12, "authSafe.contentType", DATA_OID, 1);
  if (result != ASN1_SUCCESS)
    {
      gnutls_assert ();
      result = _gnutls_asn2err (result);
      goto cleanup;
    }

  /* Check if the authenticatedSafe content is empty, and encode a
   * null one in that case.
   */

  if ((result = asn1_create_element
       (_gnutls_get_pkix (), "PKIX1.pkcs-12-AuthenticatedSafe",
	&c2)) != ASN1_SUCCESS)
    {
      gnutls_assert ();
      result = _gnutls_asn2err (result);
      goto cleanup;
    }

  result =
    _gnutls_x509_der_encode_and_copy (c2, "", pkcs12, "authSafe.content", 1);
  if (result < 0)
    {
      gnutls_assert ();
      goto cleanup;
    }
  asn1_delete_structure (&c2);

  return 0;

cleanup:
  asn1_delete_structure (&c2);
  return result;

}
コード例 #12
0
/**
  * gnutls_x509_crl_set_crt_serial - This function will set a revoked certificate's serial number
  * @crl: should contain a gnutls_x509_crl_t structure
  * @serial: The revoked certificate's serial number
  * @serial_size: Holds the size of the serial field.
  * @revocation_time: The time this certificate was revoked
  *
  * This function will set a revoked certificate's serial number to the CRL. 
  *
  * Returns 0 on success, or a negative value in case of an error.
  *
  **/
int
gnutls_x509_crl_set_crt_serial (gnutls_x509_crl_t crl,
				const void *serial, size_t serial_size,
				time_t revocation_time)
{
  int ret;

  if (crl == NULL)
    {
      gnutls_assert ();
      return GNUTLS_E_INVALID_REQUEST;
    }

  ret =
    asn1_write_value (crl->crl, "tbsCertList.revokedCertificates", "NEW", 1);
  if (ret != ASN1_SUCCESS)
    {
      gnutls_assert ();
      return _gnutls_asn2err (ret);
    }

  ret =
    asn1_write_value (crl->crl,
		      "tbsCertList.revokedCertificates.?LAST.userCertificate",
		      serial, serial_size);
  if (ret != ASN1_SUCCESS)
    {
      gnutls_assert ();
      return _gnutls_asn2err (ret);
    }

  ret =
    _gnutls_x509_set_time (crl->crl,
			   "tbsCertList.revokedCertificates.?LAST.revocationDate",
			   revocation_time);
  if (ret < 0)
    {
      gnutls_assert ();
      return ret;
    }

  ret =
    asn1_write_value (crl->crl,
		      "tbsCertList.revokedCertificates.?LAST.crlEntryExtensions",
		      NULL, 0);
  if (ret != ASN1_SUCCESS)
    {
      gnutls_assert ();
      return _gnutls_asn2err (ret);
    }

  return 0;
}
コード例 #13
0
ファイル: x509_write.c プロジェクト: randombit/hacrypto
static int encode_user_notice(const gnutls_datum_t * txt,
			      gnutls_datum_t * der_data)
{
	int result;
	ASN1_TYPE c2 = ASN1_TYPE_EMPTY;

	if ((result =
	     asn1_create_element(_gnutls_get_pkix(),
				 "PKIX1.UserNotice",
				 &c2)) != ASN1_SUCCESS) {
		gnutls_assert();
		result = _gnutls_asn2err(result);
		goto error;
	}

	/* delete noticeRef */
	result = asn1_write_value(c2, "noticeRef", NULL, 0);
	if (result != ASN1_SUCCESS) {
		gnutls_assert();
		result = _gnutls_asn2err(result);
		goto error;
	}

	result = asn1_write_value(c2, "explicitText", "utf8String", 1);
	if (result != ASN1_SUCCESS) {
		gnutls_assert();
		result = _gnutls_asn2err(result);
		goto error;
	}

	result =
	    asn1_write_value(c2, "explicitText.utf8String", txt->data,
			     txt->size);
	if (result != ASN1_SUCCESS) {
		gnutls_assert();
		result = _gnutls_asn2err(result);
		goto error;
	}

	result = _gnutls_x509_der_encode(c2, "", der_data, 0);
	if (result < 0) {
		gnutls_assert();
		goto error;
	}

	result = 0;

      error:
	asn1_delete_structure(&c2);
	return result;

}
コード例 #14
0
/*
 * This function writes and encodes the parameters for DSS or RSA keys.
 * This is the "signatureAlgorithm" fields.
 */
int
_gnutls_x509_write_sig_params (ASN1_TYPE dst, const char *dst_name,
                               gnutls_pk_algorithm_t pk_algorithm,
                               gnutls_digest_algorithm_t dig)
{
  int result;
  char name[128];
  const char *pk;

  _gnutls_str_cpy (name, sizeof (name), dst_name);
  _gnutls_str_cat (name, sizeof (name), ".algorithm");

  pk = _gnutls_x509_sign_to_oid (pk_algorithm, HASH2MAC (dig));
  if (pk == NULL)
    {
      gnutls_assert ();
      _gnutls_debug_log
        ("Cannot find OID for sign algorithm pk: %d dig: %d\n",
         (int) pk_algorithm, (int) dig);
      return GNUTLS_E_INVALID_REQUEST;
    }

  /* write the OID.
   */
  result = asn1_write_value (dst, name, pk, 1);
  if (result != ASN1_SUCCESS)
    {
      gnutls_assert ();
      return _gnutls_asn2err (result);
    }


  _gnutls_str_cpy (name, sizeof (name), dst_name);
  _gnutls_str_cat (name, sizeof (name), ".parameters");

  if (pk_algorithm == GNUTLS_PK_RSA)
    result = asn1_write_value (dst, name, ASN1_NULL, ASN1_NULL_SIZE);
  else
    result = asn1_write_value (dst, name, NULL, 0);

  if (result != ASN1_SUCCESS && result != ASN1_ELEMENT_NOT_FOUND)
    {
      /* Here we ignore the element not found error, since this
       * may have been disabled before.
       */
      gnutls_assert ();
      return _gnutls_asn2err (result);
    }

  return 0;
}
コード例 #15
0
ファイル: extensions.c プロジェクト: Distrotech/gnutls
int
_gnutls_write_general_name(ASN1_TYPE ext, const char *ext_name,
		       gnutls_x509_subject_alt_name_t type,
		       const void *data, unsigned int data_size)
{
	const char *str;
	int result;
	char name[128];

	if (data == NULL) {
		if (data_size == 0)
			data = (void*)"";
		else
			return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
	}

	switch (type) {
	case GNUTLS_SAN_DNSNAME:
		str = "dNSName";
		break;
	case GNUTLS_SAN_RFC822NAME:
		str = "rfc822Name";
		break;
	case GNUTLS_SAN_URI:
		str = "uniformResourceIdentifier";
		break;
	case GNUTLS_SAN_IPADDRESS:
		str = "iPAddress";
		break;
	default:
		gnutls_assert();
		return GNUTLS_E_INTERNAL_ERROR;
	}

	result = asn1_write_value(ext, ext_name, str, 1);
	if (result != ASN1_SUCCESS) {
		gnutls_assert();
		return _gnutls_asn2err(result);
	}

	snprintf(name, sizeof(name), "%s.%s", ext_name, str);

	result = asn1_write_value(ext, name, data, data_size);
	if (result != ASN1_SUCCESS) {
		gnutls_assert();
		asn1_delete_structure(&ext);
		return _gnutls_asn2err(result);
	}

	return 0;
}
コード例 #16
0
ファイル: key_encode.c プロジェクト: scorp2kk/steamlink-sdk
/*
 * This function writes the parameters for ECC keys.
 * That is the ECParameters struct.
 *
 * Allocates the space used to store the DER data.
 */
int
_gnutls_x509_write_ecc_params(gnutls_ecc_curve_t curve,
                              gnutls_datum_t * der)
{
    int result;
    ASN1_TYPE spk = ASN1_TYPE_EMPTY;
    const char *oid;

    der->data = NULL;
    der->size = 0;

    oid = _gnutls_ecc_curve_get_oid(curve);
    if (oid == NULL)
        return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);


    if ((result = asn1_create_element
                  (_gnutls_get_gnutls_asn(), "GNUTLS.ECParameters", &spk))
            != ASN1_SUCCESS) {
        gnutls_assert();
        return _gnutls_asn2err(result);
    }

    if ((result =
                asn1_write_value(spk, "", "namedCurve", 1)) != ASN1_SUCCESS) {
        gnutls_assert();
        result = _gnutls_asn2err(result);
        goto cleanup;
    }

    if ((result =
                asn1_write_value(spk, "namedCurve", oid,
                                 1)) != ASN1_SUCCESS) {
        gnutls_assert();
        result = _gnutls_asn2err(result);
        goto cleanup;
    }

    result = _gnutls_x509_der_encode(spk, "", der, 0);
    if (result < 0) {
        gnutls_assert();
        goto cleanup;
    }

    result = 0;

cleanup:
    asn1_delete_structure(&spk);
    return result;
}
コード例 #17
0
ファイル: dn.c プロジェクト: uvbs/SupportCenter
/* This will write the AttributeTypeAndValue field. The data must be already DER encoded.
 * 'multi' must be zero if writing an AttributeTypeAndValue, and 1 if Attribute.
 * In all cases only one value is written.
 */
int
_gnutls_x509_write_attribute (const char *given_oid,
			      ASN1_TYPE asn1_struct, const char *where,
			      const void *_data, int sizeof_data, int multi)
{
  char tmp[128];
  int result;

  /* write the data (value)
   */

  _gnutls_str_cpy (tmp, sizeof (tmp), where);
  _gnutls_str_cat (tmp, sizeof (tmp), ".value");

  if (multi != 0)
    {				/* if not writing an AttributeTypeAndValue, but an Attribute */
      _gnutls_str_cat (tmp, sizeof (tmp), "s");	/* values */

      result = asn1_write_value (asn1_struct, tmp, "NEW", 1);
      if (result != ASN1_SUCCESS)
	{
	  gnutls_assert ();
	  return _gnutls_asn2err (result);
	}

      _gnutls_str_cat (tmp, sizeof (tmp), ".?LAST");

    }

  result = asn1_write_value (asn1_struct, tmp, _data, sizeof_data);
  if (result < 0)
    {
      gnutls_assert ();
      return _gnutls_asn2err (result);
    }

  /* write the type
   */
  _gnutls_str_cpy (tmp, sizeof (tmp), where);
  _gnutls_str_cat (tmp, sizeof (tmp), ".type");

  result = asn1_write_value (asn1_struct, tmp, given_oid, 1);
  if (result != ASN1_SUCCESS)
    {
      gnutls_assert ();
      return _gnutls_asn2err (result);
    }

  return 0;
}
コード例 #18
0
ファイル: common.c プロジェクト: Drakey83/steamlink-sdk
/* Writes the value of the datum in the given ASN1_TYPE as a string. 
 */
int
_gnutls_x509_write_string(ASN1_TYPE c, const char *root,
			  const gnutls_datum_t * data, unsigned int etype)
{
	int ret;
	gnutls_datum_t val = { NULL, 0 };

	ret =
	    _gnutls_x509_encode_string(etype, data->data, data->size,
				       &val);
	if (ret < 0)
		return gnutls_assert_val(ret);

	/* Write the data.
	 */
	ret = asn1_write_value(c, root, val.data, val.size);
	if (ret != ASN1_SUCCESS) {
		gnutls_assert();
		ret = _gnutls_asn2err(ret);
		goto cleanup;
	}

	ret = 0;

      cleanup:
	_gnutls_free_datum(&val);
	return ret;
}
コード例 #19
0
ファイル: crl_write.c プロジェクト: gnutls/gnutls
/* If OPTIONAL fields have not been initialized then
 * disable them.
 */
static void disable_optional_stuff(gnutls_x509_crl_t crl)
{
	time_t t;

	t = _gnutls_x509_get_time(crl->crl, "tbsCertList.nextUpdate", 0);
	if (t == (time_t)-1) {
		(void)asn1_write_value(crl->crl, "tbsCertList.nextUpdate", NULL, 0);
	}

	if (crl->use_extensions == 0) {
		(void)asn1_write_value(crl->crl, "tbsCertList.crlExtensions",
				 NULL, 0);
	}

	return;
}
コード例 #20
0
ファイル: extensions.c プロジェクト: randombit/hacrypto
/* generate the SubjectKeyID in a DER encoded extension
 */
int
_gnutls_x509_ext_gen_key_id(const void *id, size_t id_size,
                            gnutls_datum_t * der_ext)
{
    ASN1_TYPE ext = ASN1_TYPE_EMPTY;
    int result;

    result =
        asn1_create_element(_gnutls_get_pkix(),
                            "PKIX1.SubjectKeyIdentifier", &ext);
    if (result != ASN1_SUCCESS) {
        gnutls_assert();
        return _gnutls_asn2err(result);
    }

    result = asn1_write_value(ext, "", id, id_size);
    if (result != ASN1_SUCCESS) {
        gnutls_assert();
        asn1_delete_structure(&ext);
        return _gnutls_asn2err(result);
    }

    result = _gnutls_x509_der_encode(ext, "", der_ext, 0);

    asn1_delete_structure(&ext);

    if (result < 0) {
        gnutls_assert();
        return result;
    }

    return 0;
}
コード例 #21
0
ファイル: extensions.c プロジェクト: randombit/hacrypto
/* generate an INTEGER in a DER encoded extension
 */
int
_gnutls_x509_ext_gen_number(const uint8_t * number, size_t nr_size,
                            gnutls_datum_t * der_ext)
{
    ASN1_TYPE ext = ASN1_TYPE_EMPTY;
    int result;

    result =
        asn1_create_element(_gnutls_get_pkix(),
                            "PKIX1.CertificateSerialNumber", &ext);
    if (result != ASN1_SUCCESS) {
        gnutls_assert();
        return _gnutls_asn2err(result);
    }

    result = asn1_write_value(ext, "", number, nr_size);
    if (result != ASN1_SUCCESS) {
        gnutls_assert();
        asn1_delete_structure(&ext);
        return _gnutls_asn2err(result);
    }

    result = _gnutls_x509_der_encode(ext, "", der_ext, 0);

    asn1_delete_structure(&ext);

    if (result < 0) {
        gnutls_assert();
        return result;
    }

    return 0;
}
コード例 #22
0
ファイル: extensions.c プロジェクト: Distrotech/gnutls
int
_gnutls_write_new_general_name(ASN1_TYPE ext, const char *ext_name,
		       gnutls_x509_subject_alt_name_t type,
		       const void *data, unsigned int data_size)
{
	int result;
	char name[128];

	result = asn1_write_value(ext, ext_name, "NEW", 1);
	if (result != ASN1_SUCCESS) {
		gnutls_assert();
		return _gnutls_asn2err(result);
	}

	if (ext_name[0] == 0) {	/* no dot */
		_gnutls_str_cpy(name, sizeof(name), "?LAST");
	} else {
		_gnutls_str_cpy(name, sizeof(name), ext_name);
		_gnutls_str_cat(name, sizeof(name), ".?LAST");
	}

	result = _gnutls_write_general_name(ext, name, type,
		data, data_size);
	if (result < 0) {
		gnutls_assert();
		return result;
	}

	return 0;
}
コード例 #23
0
ファイル: extensions.c プロジェクト: randombit/hacrypto
/* generate the keyUsage in a DER encoded extension
 * Use an ORed SEQUENCE of GNUTLS_KEY_* for usage.
 */
int _gnutls_x509_ext_gen_keyUsage(uint16_t usage, gnutls_datum_t * der_ext)
{
    ASN1_TYPE ext = ASN1_TYPE_EMPTY;
    int result;
    uint8_t str[2];

    result =
        asn1_create_element(_gnutls_get_pkix(), "PKIX1.KeyUsage",
                            &ext);
    if (result != ASN1_SUCCESS) {
        gnutls_assert();
        return _gnutls_asn2err(result);
    }

    str[0] = usage & 0xff;
    str[1] = usage >> 8;

    result = asn1_write_value(ext, "", str, 9);
    if (result != ASN1_SUCCESS) {
        gnutls_assert();
        asn1_delete_structure(&ext);
        return _gnutls_asn2err(result);
    }

    result = _gnutls_x509_der_encode(ext, "", der_ext, 0);

    asn1_delete_structure(&ext);

    if (result < 0) {
        gnutls_assert();
        return result;
    }

    return 0;
}
コード例 #24
0
/**
  * gnutls_x509_crl_set_version - This function will set the CRL version
  * @crl: should contain a gnutls_x509_crl_t structure
  * @version: holds the version number. For CRLv1 crls must be 1.
  *
  * This function will set the version of the CRL. This
  * must be one for CRL version 1, and so on. The CRLs generated
  * by gnutls should have a version number of 2.
  *
  * Returns 0 on success.
  *
  **/
int
gnutls_x509_crl_set_version (gnutls_x509_crl_t crl, unsigned int version)
{
  int result;
  char null = version;

  if (crl == NULL)
    {
      gnutls_assert ();
      return GNUTLS_E_INVALID_REQUEST;
    }

  null -= 1;
  if (null < 0)
    null = 0;

  result = asn1_write_value (crl->crl, "tbsCertList.version", &null, 1);
  if (result != ASN1_SUCCESS)
    {
      gnutls_assert ();
      return _gnutls_asn2err (result);
    }

  return 0;
}
コード例 #25
0
/**
  * gnutls_x509_crq_set_version - This function will set the Certificate request version
  * @crq: should contain a gnutls_x509_crq_t structure
  * @version: holds the version number. For v1 Requests must be 1.
  *
  * This function will set the version of the certificate request. For
  * version 1 requests this must be one.
  *
  * Returns 0 on success.
  *
  **/
int
gnutls_x509_crq_set_version (gnutls_x509_crq_t crq, unsigned int version)
{
    int result;
    unsigned char null = version;

    if (crq == NULL)
    {
        gnutls_assert ();
        return GNUTLS_E_INVALID_REQUEST;
    }

    if (null > 0)
        null--;

    result =
        asn1_write_value (crq->crq, "certificationRequestInfo.version", &null, 1);
    if (result != ASN1_SUCCESS)
    {
        gnutls_assert ();
        return _gnutls_asn2err (result);
    }

    return 0;
}
コード例 #26
0
ファイル: common.c プロジェクト: MihirKulkarni/TLS_extension
/* DER Encodes the src ASN1_TYPE and stores it to
 * dest in dest_name. Useful to encode something and store it
 * as OCTET. If str is non null then the data are encoded as
 * an OCTET STRING.
 */
int
_gnutls_x509_der_encode_and_copy (ASN1_TYPE src, const char *src_name,
                                  ASN1_TYPE dest, const char *dest_name,
                                  int str)
{
  int result;
  gnutls_datum_t encoded;

  result = _gnutls_x509_der_encode (src, src_name, &encoded, str);

  if (result < 0)
    {
      gnutls_assert ();
      return result;
    }

  /* Write the data.
   */
  result = asn1_write_value (dest, dest_name, encoded.data, encoded.size);

  _gnutls_free_datum (&encoded);

  if (result != ASN1_SUCCESS)
    {
      gnutls_assert ();
      return _gnutls_asn2err (result);
    }

  return 0;
}
コード例 #27
0
/* If OPTIONAL fields have not been initialized then
 * disable them.
 */
static void
disable_optional_stuff (gnutls_x509_crl_t crl)
{

  asn1_write_value (crl->crl, "tbsCertList.crlExtensions", NULL, 0);

  return;
}
コード例 #28
0
ファイル: x509_write.c プロジェクト: Distrotech/gnutls
/* If OPTIONAL fields have not been initialized then
 * disable them.
 */
static void disable_optional_stuff(gnutls_x509_crt_t cert)
{

	asn1_write_value(cert->cert, "tbsCertificate.issuerUniqueID", NULL,
			 0);

	asn1_write_value(cert->cert, "tbsCertificate.subjectUniqueID",
			 NULL, 0);

	if (cert->use_extensions == 0) {
		_gnutls_debug_log("Disabling X.509 extensions.\n");
		asn1_write_value(cert->cert, "tbsCertificate.extensions",
				 NULL, 0);
	}

	return;
}
コード例 #29
0
ファイル: common.c プロジェクト: Drakey83/steamlink-sdk
/* Sets the time in time_t in the ASN1_TYPE given. Where should
 * be something like "tbsCertList.thisUpdate".
 */
int
_gnutls_x509_set_time(ASN1_TYPE c2, const char *where, time_t tim,
		      int nochoice)
{
	char str_time[MAX_TIME];
	char name[128];
	int result, len;

	if (nochoice != 0) {
		result =
		    gtime2generalTime(tim, str_time, sizeof(str_time));
		if (result < 0)
			return gnutls_assert_val(result);
		len = strlen(str_time);
		result = asn1_write_value(c2, where, str_time, len);
		if (result != ASN1_SUCCESS)
			return gnutls_assert_val(_gnutls_asn2err(result));

		return 0;
	}

	_gnutls_str_cpy(name, sizeof(name), where);

	if ((result = asn1_write_value(c2, name, "generalTime", 1)) < 0) {
		gnutls_assert();
		return _gnutls_asn2err(result);
	}

	result = gtime2generalTime(tim, str_time, sizeof(str_time));
	if (result < 0) {
		gnutls_assert();
		return result;
	}

	_gnutls_str_cat(name, sizeof(name), ".generalTime");

	len = strlen(str_time);
	result = asn1_write_value(c2, name, str_time, len);
	if (result != ASN1_SUCCESS) {
		gnutls_assert();
		return _gnutls_asn2err(result);
	}

	return 0;
}
コード例 #30
0
ファイル: extract-openssl.c プロジェクト: Distrotech/p11-kit
static bool
write_alias (p11_enumerate *ex,
             node_asn *asn)
{
	CK_ATTRIBUTE *label;
	int ret;

	label = p11_attrs_find_valid (ex->attrs, CKA_LABEL);
	if (label == NULL) {
		ret = asn1_write_value (asn, "alias", NULL, 0);
		return_val_if_fail (ret == ASN1_SUCCESS, false);
	} else {
		ret = asn1_write_value (asn, "alias", label->pValue, label->ulValueLen);
		return_val_if_fail (ret == ASN1_SUCCESS, false);
	}

	return true;
}