]>
git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/ts/ts_verify_ctx.c
2 * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include "internal/cryptlib.h"
11 #include <openssl/objects.h>
12 #include <openssl/ts.h>
15 TS_VERIFY_CTX
*TS_VERIFY_CTX_new(void)
17 TS_VERIFY_CTX
*ctx
= OPENSSL_zalloc(sizeof(*ctx
));
20 TSerr(TS_F_TS_VERIFY_CTX_NEW
, ERR_R_MALLOC_FAILURE
);
24 void TS_VERIFY_CTX_init(TS_VERIFY_CTX
*ctx
)
26 OPENSSL_assert(ctx
!= NULL
);
27 memset(ctx
, 0, sizeof(*ctx
));
30 void TS_VERIFY_CTX_free(TS_VERIFY_CTX
*ctx
)
35 TS_VERIFY_CTX_cleanup(ctx
);
39 int TS_VERIFY_CTX_add_flags(TS_VERIFY_CTX
*ctx
, int f
)
45 int TS_VERIFY_CTX_set_flags(TS_VERIFY_CTX
*ctx
, int f
)
51 BIO
*TS_VERIFY_CTX_set_data(TS_VERIFY_CTX
*ctx
, BIO
*b
)
57 X509_STORE
*TS_VERIFY_CTX_set_store(TS_VERIFY_CTX
*ctx
, X509_STORE
*s
)
63 STACK_OF(X509
) *TS_VERIFY_CTS_set_certs(TS_VERIFY_CTX
*ctx
,
64 STACK_OF(X509
) *certs
)
70 unsigned char *TS_VERIFY_CTX_set_imprint(TS_VERIFY_CTX
*ctx
,
71 unsigned char *hexstr
, long len
)
73 ctx
->imprint
= hexstr
;
74 ctx
->imprint_len
= len
;
78 void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX
*ctx
)
83 X509_STORE_free(ctx
->store
);
84 sk_X509_pop_free(ctx
->certs
, X509_free
);
86 ASN1_OBJECT_free(ctx
->policy
);
88 X509_ALGOR_free(ctx
->md_alg
);
89 OPENSSL_free(ctx
->imprint
);
91 BIO_free_all(ctx
->data
);
93 ASN1_INTEGER_free(ctx
->nonce
);
95 GENERAL_NAME_free(ctx
->tsa_name
);
97 TS_VERIFY_CTX_init(ctx
);
100 TS_VERIFY_CTX
*TS_REQ_to_TS_VERIFY_CTX(TS_REQ
*req
, TS_VERIFY_CTX
*ctx
)
102 TS_VERIFY_CTX
*ret
= ctx
;
104 TS_MSG_IMPRINT
*imprint
;
106 ASN1_OCTET_STRING
*msg
;
107 const ASN1_INTEGER
*nonce
;
109 OPENSSL_assert(req
!= NULL
);
111 TS_VERIFY_CTX_cleanup(ret
);
112 else if ((ret
= TS_VERIFY_CTX_new()) == NULL
)
115 ret
->flags
= TS_VFY_ALL_IMPRINT
& ~(TS_VFY_TSA_NAME
| TS_VFY_SIGNATURE
);
117 if ((policy
= req
->policy_id
) != NULL
) {
118 if ((ret
->policy
= OBJ_dup(policy
)) == NULL
)
121 ret
->flags
&= ~TS_VFY_POLICY
;
123 imprint
= req
->msg_imprint
;
124 md_alg
= imprint
->hash_algo
;
125 if ((ret
->md_alg
= X509_ALGOR_dup(md_alg
)) == NULL
)
127 msg
= imprint
->hashed_msg
;
128 ret
->imprint_len
= ASN1_STRING_length(msg
);
129 if ((ret
->imprint
= OPENSSL_malloc(ret
->imprint_len
)) == NULL
)
131 memcpy(ret
->imprint
, ASN1_STRING_get0_data(msg
), ret
->imprint_len
);
133 if ((nonce
= req
->nonce
) != NULL
) {
134 if ((ret
->nonce
= ASN1_INTEGER_dup(nonce
)) == NULL
)
137 ret
->flags
&= ~TS_VFY_NONCE
;
142 TS_VERIFY_CTX_cleanup(ctx
);
144 TS_VERIFY_CTX_free(ret
);