STACK_OF(X509_EXTENSION) *
X509_REQ_get_extensions(X509_REQ *req)
{
X509_ATTRIBUTE *attr;
ASN1_TYPE *ext = NULL;
int idx, *pnid;
const unsigned char *p;
if ((req == NULL) || (req->req_info == NULL) || !ext_nids)
return (NULL);
for (pnid = ext_nids; *pnid != NID_undef; pnid++) {
idx = X509_REQ_get_attr_by_NID(req, *pnid, -1);
if (idx == -1)
continue;
attr = X509_REQ_get_attr(req, idx);
if (attr->single)
ext = attr->value.single;
else if (sk_ASN1_TYPE_num(attr->value.set))
ext = sk_ASN1_TYPE_value(attr->value.set, 0);
break;
}
if (!ext || (ext->type != V_ASN1_SEQUENCE))
return NULL;
p = ext->value.sequence->data;
return (STACK_OF(X509_EXTENSION) *)ASN1_item_d2i(NULL, &p,
ext->value.sequence->length, ASN1_ITEM_rptr(X509_EXTENSIONS));
}
QString pki_x509req::getAttribute(int nid) const
{
int n;
int count;
QStringList ret;
n = X509_REQ_get_attr_by_NID(request, nid, -1);
if (n == -1)
return QString("");
X509_ATTRIBUTE *att = X509_REQ_get_attr(request, n);
if (!att)
return QString("");
count = X509_ATTRIBUTE_count(att);
for (int j = 0; j < count; j++)
ret << asn1ToQString(X509_ATTRIBUTE_get0_type(att, j)->
value.asn1_string);
return ret.join(", ");
}
static QString getAttribute(X509_REQ *req, int nid)
{
int n;
n = X509_REQ_get_attr_by_NID(req, nid, -1);
if (n == -1)
return QString("");
X509_ATTRIBUTE *att = X509_REQ_get_attr(req, n);
if (!att)
return QString("");
if (att->single)
return asn1ToQString(att->value.single->value.asn1_string);
int count = sk_ASN1_TYPE_num(att->value.set);
QStringList ret;
for (int j=0; j<count; j++) {
ret << asn1ToQString(sk_ASN1_TYPE_value(att->value.set, j)->
value.asn1_string);
}
return ret.join(", ");
}
char *get_challenge(scep_t *scep) {
int loc, type, n;
X509_ATTRIBUTE *attr;
X509_REQ *req;
ASN1_TYPE *asn1;
ASN1_IA5STRING *asn1_string;
char *challenge;
/* get our hands on the request */
req = scep->clientreq;
if (debug)
BIO_printf(bio_err, "%s:%d: getting challenge password from "
"X.509 request %p\n", __FILE__, __LINE__, req);
/* if the client req is not set, we have no chance of finding */
/* password */
if (NULL == req) {
BIO_printf(bio_err, "%s:%d: no X.509 request available\n",
__FILE__, __LINE__);
goto err;
}
/* get the challengePassword attribute from the request */
n = X509_REQ_get_attr_count(req);
if (debug)
BIO_printf(bio_err, "%s%d: %d attributes found\n", __FILE__,
__LINE__, n);
loc = X509_REQ_get_attr_by_NID(req, NID_pkcs9_challengePassword, -1);
if (loc < 0) {
if (debug)
BIO_printf(bio_err, "%s:%d: challengePassword not "
"found\n", __FILE__, __LINE__);
return NULL;
}
if (debug)
BIO_printf(bio_err, "%s:%d: challengePassword at offset %d\n",
__FILE__, __LINE__, loc);
attr = X509_REQ_get_attr(req, loc);
/* retrieve the value of the challengePassword attribute */
if (NULL == (asn1 = X509_ATTRIBUTE_get0_type(attr, 0))) {
BIO_printf(bio_err, "%s:%d: cannot retrieve value\n",
__FILE__, __LINE__);
goto err;
}
type = ASN1_TYPE_get(asn1);
if (debug)
BIO_printf(bio_err, "%s:%d: type of challengePassword is %d\n",
__FILE__, __LINE__, type);
if ((type != V_ASN1_IA5STRING) && (type != V_ASN1_PRINTABLESTRING)) {
BIO_printf(bio_err, "%s:%d: challengePassword has wrong type\n",
__FILE__, __LINE__, type);
goto err;
}
asn1_string = (ASN1_STRING *)asn1->value.ptr;
challenge = (char *)malloc(asn1_string->length + 1);
memcpy(challenge, asn1_string->data, asn1_string->length);
challenge[asn1_string->length] = '\0';
if (debug)
BIO_printf(bio_err, "%s:%d: challenge Password '%s'\n",
__FILE__, __LINE__, challenge);
/* return the challenge password we have found */
return challenge;
/* error return */
err:
ERR_print_errors(bio_err);
return NULL;
}
