void
_hx509_request_free(hx509_request *req)
{
if ((*req)->name)
hx509_name_free(&(*req)->name);
free_SubjectPublicKeyInfo(&(*req)->key);
free_ExtKeyUsage(&(*req)->eku);
free_GeneralNames(&(*req)->san);
memset(*req, 0, sizeof(**req));
free(*req);
*req = NULL;
}
void
hx509_ca_tbs_free(hx509_ca_tbs *tbs)
{
if (tbs == NULL || *tbs == NULL)
return;
free_SubjectPublicKeyInfo(&(*tbs)->spki);
free_GeneralNames(&(*tbs)->san);
free_ExtKeyUsage(&(*tbs)->eku);
der_free_heim_integer(&(*tbs)->serial);
free_CRLDistributionPoints(&(*tbs)->crldp);
hx509_name_free(&(*tbs)->subject);
memset(*tbs, 0, sizeof(**tbs));
free(*tbs);
*tbs = NULL;
}
void
hx509_ca_tbs_free(hx509_ca_tbs *tbs)
{
if (tbs == NULL || *tbs == NULL)
return;
free_SubjectPublicKeyInfo(&(*tbs)->spki);
free_GeneralNames(&(*tbs)->san);
free_ExtKeyUsage(&(*tbs)->eku);
der_free_heim_integer(&(*tbs)->serial);
free_CRLDistributionPoints(&(*tbs)->crldp);
der_free_bit_string(&(*tbs)->subjectUniqueID);
der_free_bit_string(&(*tbs)->issuerUniqueID);
hx509_name_free(&(*tbs)->subject);
if ((*tbs)->sigalg) {
free_AlgorithmIdentifier((*tbs)->sigalg);
free((*tbs)->sigalg);
}
memset(*tbs, 0, sizeof(**tbs));
free(*tbs);
*tbs = NULL;
}
static int
check_altName(hx509_validate_ctx ctx,
struct cert_status *status,
const char *name,
enum critical_flag cf,
const Extension *e)
{
GeneralNames gn;
size_t size;
int ret, i;
check_Null(ctx, status, cf, e);
if (e->extnValue.length == 0) {
validate_print(ctx, HX509_VALIDATE_F_VALIDATE,
"%sAltName empty, not allowed", name);
return 1;
}
ret = decode_GeneralNames(e->extnValue.data, e->extnValue.length,
&gn, &size);
if (ret) {
validate_print(ctx, HX509_VALIDATE_F_VALIDATE,
"\tret = %d while decoding %s GeneralNames\n",
ret, name);
return 1;
}
if (gn.len == 0) {
validate_print(ctx, HX509_VALIDATE_F_VALIDATE,
"%sAltName generalName empty, not allowed\n", name);
return 1;
}
for (i = 0; i < gn.len; i++) {
switch (gn.val[i].element) {
case choice_GeneralName_otherName: {
unsigned j;
validate_print(ctx, HX509_VALIDATE_F_VERBOSE,
"%sAltName otherName ", name);
for (j = 0; j < sizeof(altname_types)/sizeof(altname_types[0]); j++) {
if (der_heim_oid_cmp(altname_types[j].oid,
&gn.val[i].u.otherName.type_id) != 0)
continue;
validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "%s: ",
altname_types[j].name);
(*altname_types[j].func)(ctx, &gn.val[i].u.otherName.value);
break;
}
if (j == sizeof(altname_types)/sizeof(altname_types[0])) {
hx509_oid_print(&gn.val[i].u.otherName.type_id,
validate_vprint, ctx);
validate_print(ctx, HX509_VALIDATE_F_VERBOSE, " unknown");
}
validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "\n");
break;
}
default: {
char *s;
ret = hx509_general_name_unparse(&gn.val[i], &s);
if (ret) {
validate_print(ctx, HX509_VALIDATE_F_VALIDATE,
"ret = %d unparsing GeneralName\n", ret);
return 1;
}
validate_print(ctx, HX509_VALIDATE_F_VERBOSE, "%s\n", s);
free(s);
break;
}
}
}
free_GeneralNames(&gn);
return 0;
}
