From 0800c7660118a9e5105bd591666d930d899d0b8c Mon Sep 17 00:00:00 2001 From: miod <> Date: Sat, 17 May 2014 19:56:35 +0000 Subject: KNF --- src/lib/libcrypto/ocsp/ocsp_lib.c | 170 +++++++++++++++++++------------------- 1 file changed, 87 insertions(+), 83 deletions(-) (limited to 'src/lib/libcrypto/ocsp/ocsp_lib.c') diff --git a/src/lib/libcrypto/ocsp/ocsp_lib.c b/src/lib/libcrypto/ocsp/ocsp_lib.c index 514cdabf2d..056bd27665 100644 --- a/src/lib/libcrypto/ocsp/ocsp_lib.c +++ b/src/lib/libcrypto/ocsp/ocsp_lib.c @@ -73,102 +73,112 @@ /* Convert a certificate and its issuer to an OCSP_CERTID */ -OCSP_CERTID *OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer) +OCSP_CERTID * +OCSP_cert_to_id(const EVP_MD *dgst, X509 *subject, X509 *issuer) { X509_NAME *iname; ASN1_INTEGER *serial; ASN1_BIT_STRING *ikey; + #ifndef OPENSSL_NO_SHA1 - if(!dgst) dgst = EVP_sha1(); + if (!dgst) + dgst = EVP_sha1(); #endif - if (subject) - { + if (subject) { iname = X509_get_issuer_name(subject); serial = X509_get_serialNumber(subject); - } - else - { + } else { iname = X509_get_subject_name(issuer); serial = NULL; - } + } ikey = X509_get0_pubkey_bitstr(issuer); return OCSP_cert_id_new(dgst, iname, ikey, serial); } - -OCSP_CERTID *OCSP_cert_id_new(const EVP_MD *dgst, - X509_NAME *issuerName, - ASN1_BIT_STRING* issuerKey, - ASN1_INTEGER *serialNumber) - { +OCSP_CERTID * +OCSP_cert_id_new(const EVP_MD *dgst, X509_NAME *issuerName, + ASN1_BIT_STRING* issuerKey, ASN1_INTEGER *serialNumber) +{ int nid; - unsigned int i; + unsigned int i; X509_ALGOR *alg; OCSP_CERTID *cid = NULL; unsigned char md[EVP_MAX_MD_SIZE]; - if (!(cid = OCSP_CERTID_new())) goto err; + if (!(cid = OCSP_CERTID_new())) + goto err; alg = cid->hashAlgorithm; - if (alg->algorithm != NULL) ASN1_OBJECT_free(alg->algorithm); - if ((nid = EVP_MD_type(dgst)) == NID_undef) - { - OCSPerr(OCSP_F_OCSP_CERT_ID_NEW,OCSP_R_UNKNOWN_NID); + if (alg->algorithm != NULL) + ASN1_OBJECT_free(alg->algorithm); + if ((nid = EVP_MD_type(dgst)) == NID_undef) { + OCSPerr(OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_UNKNOWN_NID); + goto err; + } + if (!(alg->algorithm=OBJ_nid2obj(nid))) + goto err; + if ((alg->parameter=ASN1_TYPE_new()) == NULL) goto err; - } - if (!(alg->algorithm=OBJ_nid2obj(nid))) goto err; - if ((alg->parameter=ASN1_TYPE_new()) == NULL) goto err; alg->parameter->type=V_ASN1_NULL; - if (!X509_NAME_digest(issuerName, dgst, md, &i)) goto digerr; - if (!(ASN1_OCTET_STRING_set(cid->issuerNameHash, md, i))) goto err; + if (!X509_NAME_digest(issuerName, dgst, md, &i)) + goto digerr; + if (!(ASN1_OCTET_STRING_set(cid->issuerNameHash, md, i))) + goto err; /* Calculate the issuerKey hash, excluding tag and length */ if (!EVP_Digest(issuerKey->data, issuerKey->length, md, &i, dgst, NULL)) goto err; - if (!(ASN1_OCTET_STRING_set(cid->issuerKeyHash, md, i))) goto err; + if (!(ASN1_OCTET_STRING_set(cid->issuerKeyHash, md, i))) + goto err; - if (serialNumber) - { + if (serialNumber) { ASN1_INTEGER_free(cid->serialNumber); - if (!(cid->serialNumber = ASN1_INTEGER_dup(serialNumber))) goto err; - } + if (!(cid->serialNumber = ASN1_INTEGER_dup(serialNumber))) + goto err; + } return cid; digerr: - OCSPerr(OCSP_F_OCSP_CERT_ID_NEW,OCSP_R_DIGEST_ERR); + OCSPerr(OCSP_F_OCSP_CERT_ID_NEW, OCSP_R_DIGEST_ERR); err: - if (cid) OCSP_CERTID_free(cid); + if (cid) + OCSP_CERTID_free(cid); return NULL; - } +} -int OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b) - { +int +OCSP_id_issuer_cmp(OCSP_CERTID *a, OCSP_CERTID *b) +{ int ret; + ret = OBJ_cmp(a->hashAlgorithm->algorithm, b->hashAlgorithm->algorithm); - if (ret) return ret; + if (ret) + return ret; ret = ASN1_OCTET_STRING_cmp(a->issuerNameHash, b->issuerNameHash); - if (ret) return ret; + if (ret) + return ret; return ASN1_OCTET_STRING_cmp(a->issuerKeyHash, b->issuerKeyHash); - } +} -int OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b) - { +int +OCSP_id_cmp(OCSP_CERTID *a, OCSP_CERTID *b) +{ int ret; + ret = OCSP_id_issuer_cmp(a, b); - if (ret) return ret; + if (ret) + return ret; return ASN1_INTEGER_cmp(a->serialNumber, b->serialNumber); - } - +} /* Parse a URL and split it up into host, port and path components and whether * it is SSL. */ - -int OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pssl) - { +int +OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pssl) +{ char *p, *buf; - char *host, *port; *phost = NULL; @@ -177,26 +187,23 @@ int OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pss /* dup the buffer since we are going to mess with it */ buf = BUF_strdup(url); - if (!buf) goto mem_err; + if (!buf) + goto mem_err; /* Check for initial colon */ p = strchr(buf, ':'); - - if (!p) goto parse_err; + if (!p) + goto parse_err; *(p++) = '\0'; - if (!strcmp(buf, "http")) - { + if (!strcmp(buf, "http")) { *pssl = 0; port = "80"; - } - else if (!strcmp(buf, "https")) - { + } else if (!strcmp(buf, "https")) { *pssl = 1; port = "443"; - } - else + } else goto parse_err; /* Check for double slash */ @@ -208,59 +215,56 @@ int OCSP_parse_url(char *url, char **phost, char **pport, char **ppath, int *pss host = p; /* Check for trailing part of path */ - p = strchr(p, '/'); - if (!p) *ppath = BUF_strdup("/"); - else - { + else { *ppath = BUF_strdup(p); /* Set start of path to 0 so hostname is valid */ *p = '\0'; - } + } - if (!*ppath) goto mem_err; + if (!*ppath) + goto mem_err; /* Look for optional ':' for port number */ - if ((p = strchr(host, ':'))) - { + if ((p = strchr(host, ':'))) { *p = 0; port = p + 1; - } - else - { + } else { /* Not found: set default port */ - if (*pssl) port = "443"; - else port = "80"; - } + if (*pssl) + port = "443"; + else + port = "80"; + } *pport = BUF_strdup(port); - if (!*pport) goto mem_err; + if (!*pport) + goto mem_err; *phost = BUF_strdup(host); - if (!*phost) goto mem_err; + if (!*phost) + goto mem_err; free(buf); return 1; - mem_err: +mem_err: OCSPerr(OCSP_F_OCSP_PARSE_URL, ERR_R_MALLOC_FAILURE); goto err; - parse_err: +parse_err: OCSPerr(OCSP_F_OCSP_PARSE_URL, OCSP_R_ERROR_PARSING_URL); - - err: - if (buf) free(buf); - if (*ppath) free(*ppath); - if (*pport) free(*pport); - if (*phost) free(*phost); +err: + free(buf); + free(*ppath); + free(*pport); + free(*phost); return 0; - - } +} IMPLEMENT_ASN1_DUP_FUNCTION(OCSP_CERTID) -- cgit v1.2.3-55-g6feb