diff options
Diffstat (limited to 'src/lib/libcrypto/ocsp/ocsp_ext.c')
-rw-r--r-- | src/lib/libcrypto/ocsp/ocsp_ext.c | 47 |
1 files changed, 37 insertions, 10 deletions
diff --git a/src/lib/libcrypto/ocsp/ocsp_ext.c b/src/lib/libcrypto/ocsp/ocsp_ext.c index ec884cb08f..815cc29d58 100644 --- a/src/lib/libcrypto/ocsp/ocsp_ext.c +++ b/src/lib/libcrypto/ocsp/ocsp_ext.c | |||
@@ -264,7 +264,7 @@ int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc) | |||
264 | } | 264 | } |
265 | 265 | ||
266 | /* also CRL Entry Extensions */ | 266 | /* also CRL Entry Extensions */ |
267 | #if 0 | 267 | |
268 | ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d, | 268 | ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d, |
269 | void *data, STACK_OF(ASN1_OBJECT) *sk) | 269 | void *data, STACK_OF(ASN1_OBJECT) *sk) |
270 | { | 270 | { |
@@ -305,7 +305,6 @@ err: | |||
305 | if (b) OPENSSL_free(b); | 305 | if (b) OPENSSL_free(b); |
306 | return NULL; | 306 | return NULL; |
307 | } | 307 | } |
308 | #endif | ||
309 | 308 | ||
310 | /* Nonce handling functions */ | 309 | /* Nonce handling functions */ |
311 | 310 | ||
@@ -443,10 +442,17 @@ X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim) | |||
443 | if (!(ASN1_GENERALIZEDTIME_set_string(cid->crlTime, tim))) | 442 | if (!(ASN1_GENERALIZEDTIME_set_string(cid->crlTime, tim))) |
444 | goto err; | 443 | goto err; |
445 | } | 444 | } |
446 | x = X509V3_EXT_i2d(NID_id_pkix_OCSP_CrlID, 0, cid); | 445 | if (!(x = X509_EXTENSION_new())) goto err; |
446 | if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_CrlID))) goto err; | ||
447 | if (!(ASN1_STRING_encode_of(OCSP_CRLID,x->value,i2d_OCSP_CRLID,cid, | ||
448 | NULL))) | ||
449 | goto err; | ||
450 | OCSP_CRLID_free(cid); | ||
451 | return x; | ||
447 | err: | 452 | err: |
453 | if (x) X509_EXTENSION_free(x); | ||
448 | if (cid) OCSP_CRLID_free(cid); | 454 | if (cid) OCSP_CRLID_free(cid); |
449 | return x; | 455 | return NULL; |
450 | } | 456 | } |
451 | 457 | ||
452 | /* AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER */ | 458 | /* AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER */ |
@@ -464,10 +470,18 @@ X509_EXTENSION *OCSP_accept_responses_new(char **oids) | |||
464 | sk_ASN1_OBJECT_push(sk, o); | 470 | sk_ASN1_OBJECT_push(sk, o); |
465 | oids++; | 471 | oids++; |
466 | } | 472 | } |
467 | x = X509V3_EXT_i2d(NID_id_pkix_OCSP_acceptableResponses, 0, sk); | 473 | if (!(x = X509_EXTENSION_new())) goto err; |
474 | if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_acceptableResponses))) | ||
475 | goto err; | ||
476 | if (!(ASN1_STRING_encode_of(ASN1_OBJECT,x->value,i2d_ASN1_OBJECT,NULL, | ||
477 | sk))) | ||
478 | goto err; | ||
479 | sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free); | ||
480 | return x; | ||
468 | err: | 481 | err: |
482 | if (x) X509_EXTENSION_free(x); | ||
469 | if (sk) sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free); | 483 | if (sk) sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free); |
470 | return x; | 484 | return NULL; |
471 | } | 485 | } |
472 | 486 | ||
473 | /* ArchiveCutoff ::= GeneralizedTime */ | 487 | /* ArchiveCutoff ::= GeneralizedTime */ |
@@ -478,10 +492,16 @@ X509_EXTENSION *OCSP_archive_cutoff_new(char* tim) | |||
478 | 492 | ||
479 | if (!(gt = ASN1_GENERALIZEDTIME_new())) goto err; | 493 | if (!(gt = ASN1_GENERALIZEDTIME_new())) goto err; |
480 | if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim))) goto err; | 494 | if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim))) goto err; |
481 | x = X509V3_EXT_i2d(NID_id_pkix_OCSP_archiveCutoff, 0, gt); | 495 | if (!(x = X509_EXTENSION_new())) goto err; |
496 | if (!(x->object=OBJ_nid2obj(NID_id_pkix_OCSP_archiveCutoff)))goto err; | ||
497 | if (!(ASN1_STRING_encode_of(ASN1_GENERALIZEDTIME,x->value, | ||
498 | i2d_ASN1_GENERALIZEDTIME,gt,NULL))) goto err; | ||
499 | ASN1_GENERALIZEDTIME_free(gt); | ||
500 | return x; | ||
482 | err: | 501 | err: |
483 | if (gt) ASN1_GENERALIZEDTIME_free(gt); | 502 | if (gt) ASN1_GENERALIZEDTIME_free(gt); |
484 | return x; | 503 | if (x) X509_EXTENSION_free(x); |
504 | return NULL; | ||
485 | } | 505 | } |
486 | 506 | ||
487 | /* per ACCESS_DESCRIPTION parameter are oids, of which there are currently | 507 | /* per ACCESS_DESCRIPTION parameter are oids, of which there are currently |
@@ -510,9 +530,16 @@ X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME* issuer, char **urls) | |||
510 | if (!sk_ACCESS_DESCRIPTION_push(sloc->locator, ad)) goto err; | 530 | if (!sk_ACCESS_DESCRIPTION_push(sloc->locator, ad)) goto err; |
511 | urls++; | 531 | urls++; |
512 | } | 532 | } |
513 | x = X509V3_EXT_i2d(NID_id_pkix_OCSP_serviceLocator, 0, sloc); | 533 | if (!(x = X509_EXTENSION_new())) goto err; |
534 | if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_serviceLocator))) | ||
535 | goto err; | ||
536 | if (!(ASN1_STRING_encode_of(OCSP_SERVICELOC,x->value, | ||
537 | i2d_OCSP_SERVICELOC,sloc,NULL))) goto err; | ||
538 | OCSP_SERVICELOC_free(sloc); | ||
539 | return x; | ||
514 | err: | 540 | err: |
541 | if (x) X509_EXTENSION_free(x); | ||
515 | if (sloc) OCSP_SERVICELOC_free(sloc); | 542 | if (sloc) OCSP_SERVICELOC_free(sloc); |
516 | return x; | 543 | return NULL; |
517 | } | 544 | } |
518 | 545 | ||