[thirdparty/openssl.git] / crypto / ct / ct_x509v3.c

/*
 * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the OpenSSL license (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#ifdef OPENSSL_NO_CT
# error "CT is disabled"
#endif

#include "ct_locl.h"

static char *i2s_poison(const X509V3_EXT_METHOD *method, void *val)
{
    return OPENSSL_strdup("NULL");
}

static void *s2i_poison(const X509V3_EXT_METHOD *method, X509V3_CTX *ctx, const char *str)
{
   return ASN1_NULL_new();
}

static int i2r_SCT_LIST(X509V3_EXT_METHOD *method, STACK_OF(SCT) *sct_list,
                 BIO *out, int indent)
{
    SCT_LIST_print(sct_list, out, indent, "\n", NULL);
    return 1;
}

/* Handlers for X509v3/OCSP Certificate Transparency extensions */
const X509V3_EXT_METHOD v3_ct_scts[] = {
    /* X509v3 extension in certificates that contains SCTs */
    { NID_ct_precert_scts, 0, NULL,
    NULL, (X509V3_EXT_FREE)SCT_LIST_free,
    (X509V3_EXT_D2I)d2i_SCT_LIST, (X509V3_EXT_I2D)i2d_SCT_LIST,
    NULL, NULL,
    NULL, NULL,
    (X509V3_EXT_I2R)i2r_SCT_LIST, NULL,
    NULL },

    /* X509v3 extension to mark a certificate as a pre-certificate */
    { NID_ct_precert_poison, 0, ASN1_ITEM_ref(ASN1_NULL),
    NULL, NULL, NULL, NULL,
    i2s_poison, s2i_poison,
    NULL, NULL,
    NULL, NULL,
    NULL },

    /* OCSP extension that contains SCTs */
    { NID_ct_cert_scts, 0, NULL,
    0, (X509V3_EXT_FREE)SCT_LIST_free,
    (X509V3_EXT_D2I)d2i_SCT_LIST, (X509V3_EXT_I2D)i2d_SCT_LIST,
    NULL, NULL,
    NULL, NULL,
    (X509V3_EXT_I2R)i2r_SCT_LIST, NULL,
    NULL },
};
Commit	Line	Data
0cea8832	1	/*
d2e9e320	2	* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
0cea8832	3	*
d2e9e320 RS	4	* Licensed under the OpenSSL license (the "License"). You may not use
	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
0cea8832 RP	8	*/
	9
	10	#ifdef OPENSSL_NO_CT
	11	# error "CT is disabled"
	12	#endif
	13
d57611ea	14	#include "ct_locl.h"
0cea8832 RP	15
	16	static char i2s_poison(const X509V3_EXT_METHOD method, void *val)
	17	{
	18	return OPENSSL_strdup("NULL");
	19	}
	20
367071f1 RP	21	static void s2i_poison(const X509V3_EXT_METHOD method, X509V3_CTX ctx, const char str)
	22	{
	23	return ASN1_NULL_new();
	24	}
	25
0cea8832 RP	26	static int i2r_SCT_LIST(X509V3_EXT_METHOD method, STACK_OF(SCT) sct_list,
	27	BIO *out, int indent)
	28	{
8359b57f	29	SCT_LIST_print(sct_list, out, indent, "\n", NULL);
0cea8832 RP	30	return 1;
	31	}
	32
	33	/* Handlers for X509v3/OCSP Certificate Transparency extensions */
	34	const X509V3_EXT_METHOD v3_ct_scts[] = {
	35	/* X509v3 extension in certificates that contains SCTs */
	36	{ NID_ct_precert_scts, 0, NULL,
	37	NULL, (X509V3_EXT_FREE)SCT_LIST_free,
	38	(X509V3_EXT_D2I)d2i_SCT_LIST, (X509V3_EXT_I2D)i2d_SCT_LIST,
	39	NULL, NULL,
	40	NULL, NULL,
	41	(X509V3_EXT_I2R)i2r_SCT_LIST, NULL,
	42	NULL },
	43
	44	/* X509v3 extension to mark a certificate as a pre-certificate */
	45	{ NID_ct_precert_poison, 0, ASN1_ITEM_ref(ASN1_NULL),
	46	NULL, NULL, NULL, NULL,
367071f1	47	i2s_poison, s2i_poison,
0cea8832 RP	48	NULL, NULL,
	49	NULL, NULL,
	50	NULL },
	51
	52	/* OCSP extension that contains SCTs */
	53	{ NID_ct_cert_scts, 0, NULL,
	54	0, (X509V3_EXT_FREE)SCT_LIST_free,
	55	(X509V3_EXT_D2I)d2i_SCT_LIST, (X509V3_EXT_I2D)i2d_SCT_LIST,
	56	NULL, NULL,
	57	NULL, NULL,
	58	(X509V3_EXT_I2R)i2r_SCT_LIST, NULL,
	59	NULL },
	60	};