summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/ocsp/ocsp_ext.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/ocsp/ocsp_ext.c')
-rw-r--r--src/lib/libcrypto/ocsp/ocsp_ext.c47
1 files changed, 37 insertions, 10 deletions
diff --git a/src/lib/libcrypto/ocsp/ocsp_ext.c b/src/lib/libcrypto/ocsp/ocsp_ext.c
index ec884cb08f..815cc29d58 100644
--- a/src/lib/libcrypto/ocsp/ocsp_ext.c
+++ b/src/lib/libcrypto/ocsp/ocsp_ext.c
@@ -264,7 +264,7 @@ int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc)
264 } 264 }
265 265
266/* also CRL Entry Extensions */ 266/* also CRL Entry Extensions */
267#if 0 267
268ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d, 268ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d,
269 void *data, STACK_OF(ASN1_OBJECT) *sk) 269 void *data, STACK_OF(ASN1_OBJECT) *sk)
270 { 270 {
@@ -305,7 +305,6 @@ err:
305 if (b) OPENSSL_free(b); 305 if (b) OPENSSL_free(b);
306 return NULL; 306 return NULL;
307 } 307 }
308#endif
309 308
310/* Nonce handling functions */ 309/* Nonce handling functions */
311 310
@@ -443,10 +442,17 @@ X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim)
443 if (!(ASN1_GENERALIZEDTIME_set_string(cid->crlTime, tim))) 442 if (!(ASN1_GENERALIZEDTIME_set_string(cid->crlTime, tim)))
444 goto err; 443 goto err;
445 } 444 }
446 x = X509V3_EXT_i2d(NID_id_pkix_OCSP_CrlID, 0, cid); 445 if (!(x = X509_EXTENSION_new())) goto err;
446 if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_CrlID))) goto err;
447 if (!(ASN1_STRING_encode_of(OCSP_CRLID,x->value,i2d_OCSP_CRLID,cid,
448 NULL)))
449 goto err;
450 OCSP_CRLID_free(cid);
451 return x;
447err: 452err:
453 if (x) X509_EXTENSION_free(x);
448 if (cid) OCSP_CRLID_free(cid); 454 if (cid) OCSP_CRLID_free(cid);
449 return x; 455 return NULL;
450 } 456 }
451 457
452/* AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER */ 458/* AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER */
@@ -464,10 +470,18 @@ X509_EXTENSION *OCSP_accept_responses_new(char **oids)
464 sk_ASN1_OBJECT_push(sk, o); 470 sk_ASN1_OBJECT_push(sk, o);
465 oids++; 471 oids++;
466 } 472 }
467 x = X509V3_EXT_i2d(NID_id_pkix_OCSP_acceptableResponses, 0, sk); 473 if (!(x = X509_EXTENSION_new())) goto err;
474 if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_acceptableResponses)))
475 goto err;
476 if (!(ASN1_STRING_encode_of(ASN1_OBJECT,x->value,i2d_ASN1_OBJECT,NULL,
477 sk)))
478 goto err;
479 sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free);
480 return x;
468err: 481err:
482 if (x) X509_EXTENSION_free(x);
469 if (sk) sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free); 483 if (sk) sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free);
470 return x; 484 return NULL;
471 } 485 }
472 486
473/* ArchiveCutoff ::= GeneralizedTime */ 487/* ArchiveCutoff ::= GeneralizedTime */
@@ -478,10 +492,16 @@ X509_EXTENSION *OCSP_archive_cutoff_new(char* tim)
478 492
479 if (!(gt = ASN1_GENERALIZEDTIME_new())) goto err; 493 if (!(gt = ASN1_GENERALIZEDTIME_new())) goto err;
480 if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim))) goto err; 494 if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim))) goto err;
481 x = X509V3_EXT_i2d(NID_id_pkix_OCSP_archiveCutoff, 0, gt); 495 if (!(x = X509_EXTENSION_new())) goto err;
496 if (!(x->object=OBJ_nid2obj(NID_id_pkix_OCSP_archiveCutoff)))goto err;
497 if (!(ASN1_STRING_encode_of(ASN1_GENERALIZEDTIME,x->value,
498 i2d_ASN1_GENERALIZEDTIME,gt,NULL))) goto err;
499 ASN1_GENERALIZEDTIME_free(gt);
500 return x;
482err: 501err:
483 if (gt) ASN1_GENERALIZEDTIME_free(gt); 502 if (gt) ASN1_GENERALIZEDTIME_free(gt);
484 return x; 503 if (x) X509_EXTENSION_free(x);
504 return NULL;
485 } 505 }
486 506
487/* per ACCESS_DESCRIPTION parameter are oids, of which there are currently 507/* per ACCESS_DESCRIPTION parameter are oids, of which there are currently
@@ -510,9 +530,16 @@ X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME* issuer, char **urls)
510 if (!sk_ACCESS_DESCRIPTION_push(sloc->locator, ad)) goto err; 530 if (!sk_ACCESS_DESCRIPTION_push(sloc->locator, ad)) goto err;
511 urls++; 531 urls++;
512 } 532 }
513 x = X509V3_EXT_i2d(NID_id_pkix_OCSP_serviceLocator, 0, sloc); 533 if (!(x = X509_EXTENSION_new())) goto err;
534 if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_serviceLocator)))
535 goto err;
536 if (!(ASN1_STRING_encode_of(OCSP_SERVICELOC,x->value,
537 i2d_OCSP_SERVICELOC,sloc,NULL))) goto err;
538 OCSP_SERVICELOC_free(sloc);
539 return x;
514err: 540err:
541 if (x) X509_EXTENSION_free(x);
515 if (sloc) OCSP_SERVICELOC_free(sloc); 542 if (sloc) OCSP_SERVICELOC_free(sloc);
516 return x; 543 return NULL;
517 } 544 }
518 545