diff options
| author | jsing <> | 2014-06-29 17:05:36 +0000 |
|---|---|---|
| committer | jsing <> | 2014-06-29 17:05:36 +0000 |
| commit | 65797b47d303414106c290cf6f046b5e030a6eaf (patch) | |
| tree | a4b77bc415a0ed73aa4cc548cf42bb540b90de9d /src/lib/libcrypto/pkcs7/example.c | |
| parent | a0b0af8d68705c778afa7d47ffc5ad421a87d2c1 (diff) | |
| download | openbsd-65797b47d303414106c290cf6f046b5e030a6eaf.tar.gz openbsd-65797b47d303414106c290cf6f046b5e030a6eaf.tar.bz2 openbsd-65797b47d303414106c290cf6f046b5e030a6eaf.zip | |
KNF.
I just spent too long chasing a bug in here and really should have done
this first. Gem of the day... is it an if test or a for loop? No, it is a
super ifloop!
if (!(flags & PKCS7_NOVERIFY)) for (k = 0; k < sk_X509_num(signers); k++) {
Diffstat (limited to 'src/lib/libcrypto/pkcs7/example.c')
| -rw-r--r-- | src/lib/libcrypto/pkcs7/example.c | 402 |
1 files changed, 206 insertions, 196 deletions
diff --git a/src/lib/libcrypto/pkcs7/example.c b/src/lib/libcrypto/pkcs7/example.c index 611c27b113..2dc1b655b1 100644 --- a/src/lib/libcrypto/pkcs7/example.c +++ b/src/lib/libcrypto/pkcs7/example.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: example.c,v 1.5 2014/06/12 15:49:30 deraadt Exp $ */ | 1 | /* $OpenBSD: example.c,v 1.6 2014/06/29 17:05:36 jsing Exp $ */ |
| 2 | #include <stdio.h> | 2 | #include <stdio.h> |
| 3 | #include <stdlib.h> | 3 | #include <stdlib.h> |
| 4 | #include <string.h> | 4 | #include <string.h> |
| @@ -6,325 +6,335 @@ | |||
| 6 | #include <openssl/asn1_mac.h> | 6 | #include <openssl/asn1_mac.h> |
| 7 | #include <openssl/x509.h> | 7 | #include <openssl/x509.h> |
| 8 | 8 | ||
| 9 | int add_signed_time(PKCS7_SIGNER_INFO *si) | 9 | int |
| 10 | { | 10 | add_signed_time(PKCS7_SIGNER_INFO *si) |
| 11 | { | ||
| 11 | ASN1_UTCTIME *sign_time; | 12 | ASN1_UTCTIME *sign_time; |
| 12 | 13 | ||
| 13 | /* The last parameter is the amount to add/subtract from the current | 14 | /* The last parameter is the amount to add/subtract from the current |
| 14 | * time (in seconds) */ | 15 | * time (in seconds) */ |
| 15 | sign_time=X509_gmtime_adj(NULL,0); | 16 | sign_time = X509_gmtime_adj(NULL, 0); |
| 16 | PKCS7_add_signed_attribute(si,NID_pkcs9_signingTime, | 17 | PKCS7_add_signed_attribute(si, NID_pkcs9_signingTime, |
| 17 | V_ASN1_UTCTIME,(char *)sign_time); | 18 | V_ASN1_UTCTIME, (char *)sign_time); |
| 18 | return(1); | 19 | return (1); |
| 19 | } | 20 | } |
| 20 | 21 | ||
| 21 | ASN1_UTCTIME *get_signed_time(PKCS7_SIGNER_INFO *si) | 22 | ASN1_UTCTIME * |
| 22 | { | 23 | get_signed_time(PKCS7_SIGNER_INFO *si) |
| 24 | { | ||
| 23 | ASN1_TYPE *so; | 25 | ASN1_TYPE *so; |
| 24 | 26 | ||
| 25 | so=PKCS7_get_signed_attribute(si,NID_pkcs9_signingTime); | 27 | so = PKCS7_get_signed_attribute(si, NID_pkcs9_signingTime); |
| 26 | if (so->type == V_ASN1_UTCTIME) | 28 | if (so->type == V_ASN1_UTCTIME) |
| 27 | return so->value.utctime; | 29 | return so->value.utctime; |
| 28 | return NULL; | 30 | return NULL; |
| 29 | } | 31 | } |
| 30 | |||
| 31 | static int signed_string_nid= -1; | ||
| 32 | 32 | ||
| 33 | void add_signed_string(PKCS7_SIGNER_INFO *si, char *str) | 33 | static int signed_string_nid = -1; |
| 34 | { | 34 | |
| 35 | void | ||
| 36 | add_signed_string(PKCS7_SIGNER_INFO *si, char *str) | ||
| 37 | { | ||
| 35 | ASN1_OCTET_STRING *os; | 38 | ASN1_OCTET_STRING *os; |
| 36 | 39 | ||
| 37 | /* To a an object of OID 1.2.3.4.5, which is an octet string */ | 40 | /* To a an object of OID 1.2.3.4.5, which is an octet string */ |
| 38 | if (signed_string_nid == -1) | 41 | if (signed_string_nid == -1) |
| 39 | signed_string_nid= | 42 | signed_string_nid = |
| 40 | OBJ_create("1.2.3.4.5","OID_example","Our example OID"); | 43 | OBJ_create("1.2.3.4.5","OID_example","Our example OID"); |
| 41 | os=ASN1_OCTET_STRING_new(); | 44 | os = ASN1_OCTET_STRING_new(); |
| 42 | ASN1_OCTET_STRING_set(os,(unsigned char*)str,strlen(str)); | 45 | ASN1_OCTET_STRING_set(os, (unsigned char*)str, strlen(str)); |
| 43 | /* When we add, we do not free */ | 46 | /* When we add, we do not free */ |
| 44 | PKCS7_add_signed_attribute(si,signed_string_nid, | 47 | PKCS7_add_signed_attribute(si, signed_string_nid, |
| 45 | V_ASN1_OCTET_STRING,(char *)os); | 48 | V_ASN1_OCTET_STRING, (char *)os); |
| 46 | } | 49 | } |
| 47 | 50 | ||
| 48 | int get_signed_string(PKCS7_SIGNER_INFO *si, char *buf, int len) | 51 | int |
| 49 | { | 52 | get_signed_string(PKCS7_SIGNER_INFO *si, char *buf, int len) |
| 53 | { | ||
| 50 | ASN1_TYPE *so; | 54 | ASN1_TYPE *so; |
| 51 | ASN1_OCTET_STRING *os; | 55 | ASN1_OCTET_STRING *os; |
| 52 | int i; | 56 | int i; |
| 53 | 57 | ||
| 54 | if (signed_string_nid == -1) | 58 | if (signed_string_nid == -1) |
| 55 | signed_string_nid= | 59 | signed_string_nid = |
| 56 | OBJ_create("1.2.3.4.5","OID_example","Our example OID"); | 60 | OBJ_create("1.2.3.4.5","OID_example","Our example OID"); |
| 57 | /* To retrieve */ | 61 | /* To retrieve */ |
| 58 | so=PKCS7_get_signed_attribute(si,signed_string_nid); | 62 | so = PKCS7_get_signed_attribute(si, signed_string_nid); |
| 59 | if (so != NULL) | 63 | if (so != NULL) { |
| 60 | { | 64 | if (so->type == V_ASN1_OCTET_STRING) { |
| 61 | if (so->type == V_ASN1_OCTET_STRING) | 65 | os = so->value.octet_string; |
| 62 | { | 66 | i = os->length; |
| 63 | os=so->value.octet_string; | 67 | if ((i + 1) > len) |
| 64 | i=os->length; | 68 | i = len - 1; |
| 65 | if ((i+1) > len) | 69 | memcpy(buf, os->data, i); |
| 66 | i=len-1; | 70 | return (i); |
| 67 | memcpy(buf,os->data,i); | ||
| 68 | return(i); | ||
| 69 | } | ||
| 70 | } | 71 | } |
| 71 | return(0); | ||
| 72 | } | 72 | } |
| 73 | return (0); | ||
| 74 | } | ||
| 73 | 75 | ||
| 74 | static int signed_seq2string_nid= -1; | 76 | static int signed_seq2string_nid = -1; |
| 75 | /* ########################################### */ | 77 | /* ########################################### */ |
| 76 | int add_signed_seq2string(PKCS7_SIGNER_INFO *si, char *str1, char *str2) | 78 | int |
| 77 | { | 79 | add_signed_seq2string(PKCS7_SIGNER_INFO *si, char *str1, char *str2) |
| 80 | { | ||
| 78 | /* To add an object of OID 1.9.999, which is a sequence containing | 81 | /* To add an object of OID 1.9.999, which is a sequence containing |
| 79 | * 2 octet strings */ | 82 | * 2 octet strings */ |
| 80 | unsigned char *p; | 83 | unsigned char *p; |
| 81 | ASN1_OCTET_STRING *os1,*os2; | 84 | ASN1_OCTET_STRING *os1, *os2; |
| 82 | ASN1_STRING *seq; | 85 | ASN1_STRING *seq; |
| 83 | unsigned char *data; | 86 | unsigned char *data; |
| 84 | int i,total; | 87 | int i, total; |
| 85 | 88 | ||
| 86 | if (signed_seq2string_nid == -1) | 89 | if (signed_seq2string_nid == -1) |
| 87 | signed_seq2string_nid= | 90 | signed_seq2string_nid = |
| 88 | OBJ_create("1.9.9999","OID_example","Our example OID"); | 91 | OBJ_create("1.9.9999","OID_example","Our example OID"); |
| 89 | 92 | ||
| 90 | os1=ASN1_OCTET_STRING_new(); | 93 | os1 = ASN1_OCTET_STRING_new(); |
| 91 | os2=ASN1_OCTET_STRING_new(); | 94 | os2 = ASN1_OCTET_STRING_new(); |
| 92 | ASN1_OCTET_STRING_set(os1,(unsigned char*)str1,strlen(str1)); | 95 | ASN1_OCTET_STRING_set(os1, (unsigned char*)str1, strlen(str1)); |
| 93 | ASN1_OCTET_STRING_set(os2,(unsigned char*)str1,strlen(str1)); | 96 | ASN1_OCTET_STRING_set(os2, (unsigned char*)str1, strlen(str1)); |
| 94 | i =i2d_ASN1_OCTET_STRING(os1,NULL); | 97 | i = i2d_ASN1_OCTET_STRING(os1, NULL); |
| 95 | i+=i2d_ASN1_OCTET_STRING(os2,NULL); | 98 | i += i2d_ASN1_OCTET_STRING(os2, NULL); |
| 96 | total=ASN1_object_size(1,i,V_ASN1_SEQUENCE); | 99 | total = ASN1_object_size(1, i, V_ASN1_SEQUENCE); |
| 97 | 100 | ||
| 98 | data=malloc(total); | 101 | data = malloc(total); |
| 99 | p=data; | 102 | p = data; |
| 100 | ASN1_put_object(&p,1,i,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); | 103 | ASN1_put_object(&p, 1,i, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); |
| 101 | i2d_ASN1_OCTET_STRING(os1,&p); | 104 | i2d_ASN1_OCTET_STRING(os1, &p); |
| 102 | i2d_ASN1_OCTET_STRING(os2,&p); | 105 | i2d_ASN1_OCTET_STRING(os2, &p); |
| 103 | 106 | ||
| 104 | seq=ASN1_STRING_new(); | 107 | seq = ASN1_STRING_new(); |
| 105 | ASN1_STRING_set(seq,data,total); | 108 | ASN1_STRING_set(seq, data, total); |
| 106 | free(data); | 109 | free(data); |
| 107 | ASN1_OCTET_STRING_free(os1); | 110 | ASN1_OCTET_STRING_free(os1); |
| 108 | ASN1_OCTET_STRING_free(os2); | 111 | ASN1_OCTET_STRING_free(os2); |
| 109 | 112 | ||
| 110 | PKCS7_add_signed_attribute(si,signed_seq2string_nid, | 113 | PKCS7_add_signed_attribute(si, signed_seq2string_nid, |
| 111 | V_ASN1_SEQUENCE,(char *)seq); | 114 | V_ASN1_SEQUENCE, (char *)seq); |
| 112 | return(1); | 115 | return (1); |
| 113 | } | 116 | } |
| 114 | 117 | ||
| 115 | /* For this case, I will malloc the return strings */ | 118 | /* For this case, I will malloc the return strings */ |
| 116 | int get_signed_seq2string(PKCS7_SIGNER_INFO *si, char **str1, char **str2) | 119 | int |
| 117 | { | 120 | get_signed_seq2string(PKCS7_SIGNER_INFO *si, char **str1, char **str2) |
| 121 | { | ||
| 118 | ASN1_TYPE *so; | 122 | ASN1_TYPE *so; |
| 119 | 123 | ||
| 120 | if (signed_seq2string_nid == -1) | 124 | if (signed_seq2string_nid == -1) |
| 121 | signed_seq2string_nid= | 125 | signed_seq2string_nid = |
| 122 | OBJ_create("1.9.9999","OID_example","Our example OID"); | 126 | OBJ_create("1.9.9999","OID_example","Our example OID"); |
| 123 | /* To retrieve */ | 127 | /* To retrieve */ |
| 124 | so=PKCS7_get_signed_attribute(si,signed_seq2string_nid); | 128 | so = PKCS7_get_signed_attribute(si, signed_seq2string_nid); |
| 125 | if (so && (so->type == V_ASN1_SEQUENCE)) | 129 | if (so && (so->type == V_ASN1_SEQUENCE)) { |
| 126 | { | ||
| 127 | ASN1_const_CTX c; | 130 | ASN1_const_CTX c; |
| 128 | ASN1_STRING *s; | 131 | ASN1_STRING *s; |
| 129 | long length; | 132 | long length; |
| 130 | ASN1_OCTET_STRING *os1,*os2; | 133 | ASN1_OCTET_STRING *os1, *os2; |
| 131 | 134 | ||
| 132 | s=so->value.sequence; | 135 | s = so->value.sequence; |
| 133 | c.p=ASN1_STRING_data(s); | 136 | c.p = ASN1_STRING_data(s); |
| 134 | c.max=c.p+ASN1_STRING_length(s); | 137 | c.max = c.p + ASN1_STRING_length(s); |
| 135 | if (!asn1_GetSequence(&c,&length)) goto err; | 138 | if (!asn1_GetSequence(&c, &length)) |
| 139 | goto err; | ||
| 136 | /* Length is the length of the seqence */ | 140 | /* Length is the length of the seqence */ |
| 137 | 141 | ||
| 138 | c.q=c.p; | 142 | c.q = c.p; |
| 139 | if ((os1=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) | 143 | if ((os1 = d2i_ASN1_OCTET_STRING(NULL, &c.p, c.slen)) == NULL) |
| 140 | goto err; | 144 | goto err; |
| 141 | c.slen-=(c.p-c.q); | 145 | c.slen -= (c.p - c.q); |
| 142 | 146 | ||
| 143 | c.q=c.p; | 147 | c.q = c.p; |
| 144 | if ((os2=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) | 148 | if ((os2 = d2i_ASN1_OCTET_STRING(NULL, &c.p, c.slen)) == NULL) |
| 145 | goto err; | 149 | goto err; |
| 146 | c.slen-=(c.p-c.q); | 150 | c.slen -= (c.p - c.q); |
| 147 | 151 | ||
| 148 | if (!asn1_const_Finish(&c)) goto err; | 152 | if (!asn1_const_Finish(&c)) |
| 149 | *str1=malloc(os1->length+1); | 153 | goto err; |
| 150 | *str2=malloc(os2->length+1); | 154 | *str1 = malloc(os1->length + 1); |
| 151 | memcpy(*str1,os1->data,os1->length); | 155 | *str2 = malloc(os2->length + 1); |
| 152 | memcpy(*str2,os2->data,os2->length); | 156 | memcpy(*str1, os1->data, os1->length); |
| 157 | memcpy(*str2, os2->data, os2->length); | ||
| 153 | (*str1)[os1->length]='\0'; | 158 | (*str1)[os1->length]='\0'; |
| 154 | (*str2)[os2->length]='\0'; | 159 | (*str2)[os2->length]='\0'; |
| 155 | ASN1_OCTET_STRING_free(os1); | 160 | ASN1_OCTET_STRING_free(os1); |
| 156 | ASN1_OCTET_STRING_free(os2); | 161 | ASN1_OCTET_STRING_free(os2); |
| 157 | return(1); | 162 | return (1); |
| 158 | } | ||
| 159 | err: | ||
| 160 | return(0); | ||
| 161 | } | 163 | } |
| 164 | err: | ||
| 165 | return (0); | ||
| 166 | } | ||
| 162 | 167 | ||
| 163 | 168 | ||
| 164 | /* ####################################### | 169 | /* ####################################### |
| 165 | * THE OTHER WAY TO DO THINGS | 170 | * THE OTHER WAY TO DO THINGS |
| 166 | * ####################################### | 171 | * ####################################### |
| 167 | */ | 172 | */ |
| 168 | X509_ATTRIBUTE *create_time(void) | 173 | X509_ATTRIBUTE * |
| 169 | { | 174 | create_time(void) |
| 175 | { | ||
| 170 | ASN1_UTCTIME *sign_time; | 176 | ASN1_UTCTIME *sign_time; |
| 171 | X509_ATTRIBUTE *ret; | 177 | X509_ATTRIBUTE *ret; |
| 172 | 178 | ||
| 173 | /* The last parameter is the amount to add/subtract from the current | 179 | /* The last parameter is the amount to add/subtract from the current |
| 174 | * time (in seconds) */ | 180 | * time (in seconds) */ |
| 175 | sign_time=X509_gmtime_adj(NULL,0); | 181 | sign_time = X509_gmtime_adj(NULL, 0); |
| 176 | ret=X509_ATTRIBUTE_create(NID_pkcs9_signingTime, | 182 | ret = X509_ATTRIBUTE_create(NID_pkcs9_signingTime, |
| 177 | V_ASN1_UTCTIME,(char *)sign_time); | 183 | V_ASN1_UTCTIME, (char *)sign_time); |
| 178 | return(ret); | 184 | return (ret); |
| 179 | } | 185 | } |
| 180 | 186 | ||
| 181 | ASN1_UTCTIME *sk_get_time(STACK_OF(X509_ATTRIBUTE) *sk) | 187 | ASN1_UTCTIME * |
| 182 | { | 188 | sk_get_time(STACK_OF(X509_ATTRIBUTE) *sk) |
| 189 | { | ||
| 183 | ASN1_TYPE *so; | 190 | ASN1_TYPE *so; |
| 184 | PKCS7_SIGNER_INFO si; | 191 | PKCS7_SIGNER_INFO si; |
| 185 | 192 | ||
| 186 | si.auth_attr=sk; | 193 | si.auth_attr = sk; |
| 187 | so=PKCS7_get_signed_attribute(&si,NID_pkcs9_signingTime); | 194 | so = PKCS7_get_signed_attribute(&si, NID_pkcs9_signingTime); |
| 188 | if (so->type == V_ASN1_UTCTIME) | 195 | if (so->type == V_ASN1_UTCTIME) |
| 189 | return so->value.utctime; | 196 | return so->value.utctime; |
| 190 | return NULL; | 197 | return NULL; |
| 191 | } | 198 | } |
| 192 | 199 | ||
| 193 | X509_ATTRIBUTE *create_string(char *str) | 200 | X509_ATTRIBUTE * |
| 194 | { | 201 | create_string(char *str) |
| 202 | { | ||
| 195 | ASN1_OCTET_STRING *os; | 203 | ASN1_OCTET_STRING *os; |
| 196 | X509_ATTRIBUTE *ret; | 204 | X509_ATTRIBUTE *ret; |
| 197 | 205 | ||
| 198 | /* To a an object of OID 1.2.3.4.5, which is an octet string */ | 206 | /* To a an object of OID 1.2.3.4.5, which is an octet string */ |
| 199 | if (signed_string_nid == -1) | 207 | if (signed_string_nid == -1) |
| 200 | signed_string_nid= | 208 | signed_string_nid = |
| 201 | OBJ_create("1.2.3.4.5","OID_example","Our example OID"); | 209 | OBJ_create("1.2.3.4.5","OID_example","Our example OID"); |
| 202 | os=ASN1_OCTET_STRING_new(); | 210 | os = ASN1_OCTET_STRING_new(); |
| 203 | ASN1_OCTET_STRING_set(os,(unsigned char*)str,strlen(str)); | 211 | ASN1_OCTET_STRING_set(os, (unsigned char*)str, strlen(str)); |
| 204 | /* When we add, we do not free */ | 212 | /* When we add, we do not free */ |
| 205 | ret=X509_ATTRIBUTE_create(signed_string_nid, | 213 | ret = X509_ATTRIBUTE_create(signed_string_nid, |
| 206 | V_ASN1_OCTET_STRING,(char *)os); | 214 | V_ASN1_OCTET_STRING, (char *)os); |
| 207 | return(ret); | 215 | return (ret); |
| 208 | } | 216 | } |
| 209 | 217 | ||
| 210 | int sk_get_string(STACK_OF(X509_ATTRIBUTE) *sk, char *buf, int len) | 218 | int |
| 211 | { | 219 | sk_get_string(STACK_OF(X509_ATTRIBUTE) *sk, char *buf, int len) |
| 220 | { | ||
| 212 | ASN1_TYPE *so; | 221 | ASN1_TYPE *so; |
| 213 | ASN1_OCTET_STRING *os; | 222 | ASN1_OCTET_STRING *os; |
| 214 | int i; | 223 | int i; |
| 215 | PKCS7_SIGNER_INFO si; | 224 | PKCS7_SIGNER_INFO si; |
| 216 | 225 | ||
| 217 | si.auth_attr=sk; | 226 | si.auth_attr = sk; |
| 218 | 227 | ||
| 219 | if (signed_string_nid == -1) | 228 | if (signed_string_nid == -1) |
| 220 | signed_string_nid= | 229 | signed_string_nid = |
| 221 | OBJ_create("1.2.3.4.5","OID_example","Our example OID"); | 230 | OBJ_create("1.2.3.4.5","OID_example","Our example OID"); |
| 222 | /* To retrieve */ | 231 | /* To retrieve */ |
| 223 | so=PKCS7_get_signed_attribute(&si,signed_string_nid); | 232 | so = PKCS7_get_signed_attribute(&si, signed_string_nid); |
| 224 | if (so != NULL) | 233 | if (so != NULL) { |
| 225 | { | 234 | if (so->type == V_ASN1_OCTET_STRING) { |
| 226 | if (so->type == V_ASN1_OCTET_STRING) | 235 | os = so->value.octet_string; |
| 227 | { | 236 | i = os->length; |
| 228 | os=so->value.octet_string; | 237 | if ((i + 1) > len) |
| 229 | i=os->length; | 238 | i = len - 1; |
| 230 | if ((i+1) > len) | 239 | memcpy(buf, os->data, i); |
| 231 | i=len-1; | 240 | return (i); |
| 232 | memcpy(buf,os->data,i); | ||
| 233 | return(i); | ||
| 234 | } | ||
| 235 | } | 241 | } |
| 236 | return(0); | ||
| 237 | } | 242 | } |
| 243 | return (0); | ||
| 244 | } | ||
| 238 | 245 | ||
| 239 | X509_ATTRIBUTE *add_seq2string(PKCS7_SIGNER_INFO *si, char *str1, char *str2) | 246 | X509_ATTRIBUTE * |
| 240 | { | 247 | add_seq2string(PKCS7_SIGNER_INFO *si, char *str1, char *str2) |
| 248 | { | ||
| 241 | /* To add an object of OID 1.9.999, which is a sequence containing | 249 | /* To add an object of OID 1.9.999, which is a sequence containing |
| 242 | * 2 octet strings */ | 250 | * 2 octet strings */ |
| 243 | unsigned char *p; | 251 | unsigned char *p; |
| 244 | ASN1_OCTET_STRING *os1,*os2; | 252 | ASN1_OCTET_STRING *os1, *os2; |
| 245 | ASN1_STRING *seq; | 253 | ASN1_STRING *seq; |
| 246 | X509_ATTRIBUTE *ret; | 254 | X509_ATTRIBUTE *ret; |
| 247 | unsigned char *data; | 255 | unsigned char *data; |
| 248 | int i,total; | 256 | int i, total; |
| 249 | 257 | ||
| 250 | if (signed_seq2string_nid == -1) | 258 | if (signed_seq2string_nid == -1) |
| 251 | signed_seq2string_nid= | 259 | signed_seq2string_nid = |
| 252 | OBJ_create("1.9.9999","OID_example","Our example OID"); | 260 | OBJ_create("1.9.9999","OID_example","Our example OID"); |
| 253 | 261 | ||
| 254 | os1=ASN1_OCTET_STRING_new(); | 262 | os1 = ASN1_OCTET_STRING_new(); |
| 255 | os2=ASN1_OCTET_STRING_new(); | 263 | os2 = ASN1_OCTET_STRING_new(); |
| 256 | ASN1_OCTET_STRING_set(os1,(unsigned char*)str1,strlen(str1)); | 264 | ASN1_OCTET_STRING_set(os1, (unsigned char*)str1, strlen(str1)); |
| 257 | ASN1_OCTET_STRING_set(os2,(unsigned char*)str1,strlen(str1)); | 265 | ASN1_OCTET_STRING_set(os2, (unsigned char*)str1, strlen(str1)); |
| 258 | i =i2d_ASN1_OCTET_STRING(os1,NULL); | 266 | i = i2d_ASN1_OCTET_STRING(os1, NULL); |
| 259 | i+=i2d_ASN1_OCTET_STRING(os2,NULL); | 267 | i += i2d_ASN1_OCTET_STRING(os2, NULL); |
| 260 | total=ASN1_object_size(1,i,V_ASN1_SEQUENCE); | 268 | total = ASN1_object_size(1, i, V_ASN1_SEQUENCE); |
| 261 | 269 | ||
| 262 | data=malloc(total); | 270 | data = malloc(total); |
| 263 | p=data; | 271 | p = data; |
| 264 | ASN1_put_object(&p,1,i,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); | 272 | ASN1_put_object(&p, 1,i, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); |
| 265 | i2d_ASN1_OCTET_STRING(os1,&p); | 273 | i2d_ASN1_OCTET_STRING(os1, &p); |
| 266 | i2d_ASN1_OCTET_STRING(os2,&p); | 274 | i2d_ASN1_OCTET_STRING(os2, &p); |
| 267 | 275 | ||
| 268 | seq=ASN1_STRING_new(); | 276 | seq = ASN1_STRING_new(); |
| 269 | ASN1_STRING_set(seq,data,total); | 277 | ASN1_STRING_set(seq, data, total); |
| 270 | free(data); | 278 | free(data); |
| 271 | ASN1_OCTET_STRING_free(os1); | 279 | ASN1_OCTET_STRING_free(os1); |
| 272 | ASN1_OCTET_STRING_free(os2); | 280 | ASN1_OCTET_STRING_free(os2); |
| 273 | 281 | ||
| 274 | ret=X509_ATTRIBUTE_create(signed_seq2string_nid, | 282 | ret = X509_ATTRIBUTE_create(signed_seq2string_nid, |
| 275 | V_ASN1_SEQUENCE,(char *)seq); | 283 | V_ASN1_SEQUENCE, (char *)seq); |
| 276 | return(ret); | 284 | return (ret); |
| 277 | } | 285 | } |
| 278 | 286 | ||
| 279 | /* For this case, I will malloc the return strings */ | 287 | /* For this case, I will malloc the return strings */ |
| 280 | int sk_get_seq2string(STACK_OF(X509_ATTRIBUTE) *sk, char **str1, char **str2) | 288 | int |
| 281 | { | 289 | sk_get_seq2string(STACK_OF(X509_ATTRIBUTE) *sk, char **str1, char **str2) |
| 290 | { | ||
| 282 | ASN1_TYPE *so; | 291 | ASN1_TYPE *so; |
| 283 | PKCS7_SIGNER_INFO si; | 292 | PKCS7_SIGNER_INFO si; |
| 284 | 293 | ||
| 285 | if (signed_seq2string_nid == -1) | 294 | if (signed_seq2string_nid == -1) |
| 286 | signed_seq2string_nid= | 295 | signed_seq2string_nid = |
| 287 | OBJ_create("1.9.9999","OID_example","Our example OID"); | 296 | OBJ_create("1.9.9999","OID_example","Our example OID"); |
| 288 | 297 | ||
| 289 | si.auth_attr=sk; | 298 | si.auth_attr = sk; |
| 290 | /* To retrieve */ | 299 | /* To retrieve */ |
| 291 | so=PKCS7_get_signed_attribute(&si,signed_seq2string_nid); | 300 | so = PKCS7_get_signed_attribute(&si, signed_seq2string_nid); |
| 292 | if (so->type == V_ASN1_SEQUENCE) | 301 | if (so->type == V_ASN1_SEQUENCE) { |
| 293 | { | ||
| 294 | ASN1_const_CTX c; | 302 | ASN1_const_CTX c; |
| 295 | ASN1_STRING *s; | 303 | ASN1_STRING *s; |
| 296 | long length; | 304 | long length; |
| 297 | ASN1_OCTET_STRING *os1,*os2; | 305 | ASN1_OCTET_STRING *os1, *os2; |
| 298 | 306 | ||
| 299 | s=so->value.sequence; | 307 | s = so->value.sequence; |
| 300 | c.p=ASN1_STRING_data(s); | 308 | c.p = ASN1_STRING_data(s); |
| 301 | c.max=c.p+ASN1_STRING_length(s); | 309 | c.max = c.p + ASN1_STRING_length(s); |
| 302 | if (!asn1_GetSequence(&c,&length)) goto err; | 310 | if (!asn1_GetSequence(&c, &length)) |
| 311 | goto err; | ||
| 303 | /* Length is the length of the seqence */ | 312 | /* Length is the length of the seqence */ |
| 304 | 313 | ||
| 305 | c.q=c.p; | 314 | c.q = c.p; |
| 306 | if ((os1=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) | 315 | if ((os1 = d2i_ASN1_OCTET_STRING(NULL, &c.p, c.slen)) == NULL) |
| 307 | goto err; | 316 | goto err; |
| 308 | c.slen-=(c.p-c.q); | 317 | c.slen -= (c.p - c.q); |
| 309 | 318 | ||
| 310 | c.q=c.p; | 319 | c.q = c.p; |
| 311 | if ((os2=d2i_ASN1_OCTET_STRING(NULL,&c.p,c.slen)) == NULL) | 320 | if ((os2 = d2i_ASN1_OCTET_STRING(NULL, &c.p, c.slen)) == NULL) |
| 312 | goto err; | 321 | goto err; |
| 313 | c.slen-=(c.p-c.q); | 322 | c.slen -= (c.p - c.q); |
| 314 | 323 | ||
| 315 | if (!asn1_const_Finish(&c)) goto err; | 324 | if (!asn1_const_Finish(&c)) |
| 316 | *str1=malloc(os1->length+1); | 325 | goto err; |
| 317 | *str2=malloc(os2->length+1); | 326 | *str1 = malloc(os1->length + 1); |
| 318 | memcpy(*str1,os1->data,os1->length); | 327 | *str2 = malloc(os2->length + 1); |
| 319 | memcpy(*str2,os2->data,os2->length); | 328 | memcpy(*str1, os1->data, os1->length); |
| 329 | memcpy(*str2, os2->data, os2->length); | ||
| 320 | (*str1)[os1->length]='\0'; | 330 | (*str1)[os1->length]='\0'; |
| 321 | (*str2)[os2->length]='\0'; | 331 | (*str2)[os2->length]='\0'; |
| 322 | ASN1_OCTET_STRING_free(os1); | 332 | ASN1_OCTET_STRING_free(os1); |
| 323 | ASN1_OCTET_STRING_free(os2); | 333 | ASN1_OCTET_STRING_free(os2); |
| 324 | return(1); | 334 | return (1); |
| 325 | } | ||
| 326 | err: | ||
| 327 | return(0); | ||
| 328 | } | 335 | } |
| 336 | err: | ||
| 337 | return (0); | ||
| 338 | } | ||
| 329 | 339 | ||
| 330 | 340 | ||