int X509_supported_extension(X509_EXTENSION *ex)
{
/* This table is a list of the NIDs of supported extensions:
* that is those which are used by the verify process. If
* an extension is critical and doesn't appear in this list
* then the verify process will normally reject the certificate.
* The list must be kept in numerical order because it will be
* searched using bsearch.
*/
static int supported_nids[] = {
NID_netscape_cert_type, /* 71 */
NID_key_usage, /* 83 */
NID_subject_alt_name, /* 85 */
NID_basic_constraints, /* 87 */
NID_ext_key_usage, /* 126 */
NID_proxyCertInfo /* 661 */
};
int ex_nid;
ex_nid = OBJ_obj2nid(X509_EXTENSION_get_object(ex));
if (ex_nid == NID_undef)
return 0;
if (OBJ_bsearch((char *)&ex_nid, (char *)supported_nids,
sizeof(supported_nids)/sizeof(int), sizeof(int),
(int (*)(const void *, const void *))nid_cmp))
return 1;
return 0;
}
/* This function needs to check if the ciphers required are actually
* available */
SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)
{
static int init=1;
static SSL_CIPHER *sorted[SSL2_NUM_CIPHERS];
SSL_CIPHER c,*cp= &c,**cpp;
unsigned long id;
int i;
if (init)
{
CRYPTO_w_lock(CRYPTO_LOCK_SSL);
for (i=0; i<SSL2_NUM_CIPHERS; i++)
sorted[i]= &(ssl2_ciphers[i]);
qsort( (char *)sorted,
SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *),
FP_ICC ssl_cipher_ptr_id_cmp);
CRYPTO_w_unlock(CRYPTO_LOCK_SSL);
init=0;
}
id=0x02000000L|((unsigned long)p[0]<<16L)|
((unsigned long)p[1]<<8L)|(unsigned long)p[2];
c.id=id;
cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
(char *)sorted,
SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *),
FP_ICC ssl_cipher_ptr_id_cmp);
if ((cpp == NULL) || !(*cpp)->valid)
return(NULL);
else
return(*cpp);
}
EXPORT_C X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid)
{
X509V3_EXT_METHOD tmp, *t = &tmp, **ret;
int idx;
if(nid < 0) return NULL;
tmp.ext_nid = nid;
ret = (X509V3_EXT_METHOD **) OBJ_bsearch((char *)&t,
(char *)standard_exts, STANDARD_EXTENSION_COUNT,
sizeof(X509V3_EXT_METHOD *), (int (*)(const void *, const void *))ext_cmp);
if(ret) return *ret;
if(!ext_list) return NULL;
idx = sk_X509V3_EXT_METHOD_find(ext_list, &tmp);
if(idx == -1) return NULL;
return sk_X509V3_EXT_METHOD_value(ext_list, idx);
}
ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid)
{
int idx;
ASN1_STRING_TABLE *ttmp;
ASN1_STRING_TABLE fnd;
fnd.nid = nid;
ttmp = (ASN1_STRING_TABLE *) OBJ_bsearch((char *)&fnd,
(char *)tbl_standard,
sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE),
sizeof(ASN1_STRING_TABLE), table_cmp);
if(ttmp) return ttmp;
if(!stable) return NULL;
idx = sk_ASN1_STRING_TABLE_find(stable, &fnd);
if(idx < 0) return NULL;
return sk_ASN1_STRING_TABLE_value(stable, idx);
}
/* This function needs to check if the ciphers required are actually
* available */
SSL_CIPHER *ssl2_get_cipher_by_char(const unsigned char *p)
{
SSL_CIPHER c,*cp;
unsigned long id;
id=0x02000000L|((unsigned long)p[0]<<16L)|
((unsigned long)p[1]<<8L)|(unsigned long)p[2];
c.id=id;
cp = (SSL_CIPHER *)OBJ_bsearch((char *)&c,
(char *)ssl2_ciphers,
SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER),
FP_ICC ssl_cipher_id_cmp);
if ((cp == NULL) || (cp->valid == 0))
return NULL;
else
return cp;
}
int OBJ_sn2nid(const char *s)
{
ASN1_OBJECT o,*oo= &o,**op;
ADDED_OBJ ad,*adp;
o.sn=s;
if (added != NULL)
{
ad.type=ADDED_SNAME;
ad.obj= &o;
adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
if (adp != NULL) return (adp->obj->nid);
}
op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)sn_objs,NUM_SN,
sizeof(ASN1_OBJECT *),sn_cmp);
if (op == NULL) return(NID_undef);
return((*op)->nid);
}
int X509_supported_extension(X509_EXTENSION *ex)
{
/*
* This table is a list of the NIDs of supported extensions: that is
* those which are used by the verify process. If an extension is
* critical and doesn't appear in this list then the verify process will
* normally reject the certificate. The list must be kept in numerical
* order because it will be searched using bsearch.
*/
static int supported_nids[] = {
NID_netscape_cert_type, /* 71 */
NID_key_usage, /* 83 */
NID_subject_alt_name, /* 85 */
NID_basic_constraints, /* 87 */
NID_certificate_policies, /* 89 */
NID_ext_key_usage, /* 126 */
#ifndef OPENSSL_NO_RFC3779
NID_sbgp_ipAddrBlock, /* 290 */
NID_sbgp_autonomousSysNum, /* 291 */
#endif
NID_policy_constraints, /* 401 */
NID_proxyCertInfo, /* 661 */
NID_inhibit_any_policy /* 748 */
};
int ex_nid;
ex_nid = OBJ_obj2nid(X509_EXTENSION_get_object(ex));
if (ex_nid == NID_undef)
return 0;
if (OBJ_bsearch((char *)&ex_nid, (char *)supported_nids,
sizeof(supported_nids) / sizeof(int), sizeof(int),
(int (*)(const void *, const void *))nid_cmp))
return 1;
return 0;
}
int OBJ_obj2nid(const ASN1_OBJECT *a)
{
ASN1_OBJECT **op;
ADDED_OBJ ad,*adp;
if (a == NULL)
return(NID_undef);
if (a->nid != 0)
return(a->nid);
if (added != NULL)
{
ad.type=ADDED_DATA;
ad.obj=(ASN1_OBJECT *)a; /* XXX: ugly but harmless */
adp=(ADDED_OBJ *)lh_retrieve(added,&ad);
if (adp != NULL) return (adp->obj->nid);
}
op=(ASN1_OBJECT **)OBJ_bsearch((const char *)&a,(const char *)obj_objs,
NUM_OBJ, sizeof(ASN1_OBJECT *),obj_cmp);
if (op == NULL)
return(NID_undef);
return((*op)->nid);
}
