]>
Commit | Line | Data |
---|---|---|
0f113f3e | 1 | /* |
4f22f405 | 2 | * Copyright 2006-2016 The OpenSSL Project Authors. All Rights Reserved. |
c7235be6 | 3 | * |
4f22f405 RS |
4 | * Licensed under the OpenSSL license (the "License"). You may not use |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
c7235be6 UM |
8 | */ |
9 | ||
b39fc560 | 10 | #include "internal/cryptlib.h" |
c7235be6 UM |
11 | #include <openssl/objects.h> |
12 | #include <openssl/ts.h> | |
ca4a494c | 13 | #include "ts_lcl.h" |
c7235be6 UM |
14 | |
15 | TS_VERIFY_CTX *TS_VERIFY_CTX_new(void) | |
0f113f3e | 16 | { |
b51bce94 | 17 | TS_VERIFY_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); |
b196e7d9 | 18 | |
90945fa3 | 19 | if (ctx == NULL) |
0f113f3e MC |
20 | TSerr(TS_F_TS_VERIFY_CTX_NEW, ERR_R_MALLOC_FAILURE); |
21 | return ctx; | |
22 | } | |
c7235be6 UM |
23 | |
24 | void TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx) | |
0f113f3e MC |
25 | { |
26 | OPENSSL_assert(ctx != NULL); | |
16f8d4eb | 27 | memset(ctx, 0, sizeof(*ctx)); |
0f113f3e | 28 | } |
c7235be6 UM |
29 | |
30 | void TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx) | |
0f113f3e MC |
31 | { |
32 | if (!ctx) | |
33 | return; | |
c7235be6 | 34 | |
0f113f3e MC |
35 | TS_VERIFY_CTX_cleanup(ctx); |
36 | OPENSSL_free(ctx); | |
37 | } | |
c7235be6 | 38 | |
ca4a494c RS |
39 | int TS_VERIFY_CTX_add_flags(TS_VERIFY_CTX *ctx, int f) |
40 | { | |
41 | ctx->flags |= f; | |
42 | return ctx->flags; | |
43 | } | |
44 | ||
45 | int TS_VERIFY_CTX_set_flags(TS_VERIFY_CTX *ctx, int f) | |
46 | { | |
47 | ctx->flags = f; | |
48 | return ctx->flags; | |
49 | } | |
50 | ||
51 | BIO *TS_VERIFY_CTX_set_data(TS_VERIFY_CTX *ctx, BIO *b) | |
52 | { | |
53 | ctx->data = b; | |
54 | return ctx->data; | |
55 | } | |
56 | ||
57 | X509_STORE *TS_VERIFY_CTX_set_store(TS_VERIFY_CTX *ctx, X509_STORE *s) | |
58 | { | |
59 | ctx->store = s; | |
60 | return ctx->store; | |
61 | } | |
62 | ||
63 | STACK_OF(X509) *TS_VERIFY_CTS_set_certs(TS_VERIFY_CTX *ctx, | |
64 | STACK_OF(X509) *certs) | |
65 | { | |
66 | ctx->certs = certs; | |
67 | return ctx->certs; | |
68 | } | |
69 | ||
70 | unsigned char *TS_VERIFY_CTX_set_imprint(TS_VERIFY_CTX *ctx, | |
71 | unsigned char *hexstr, long len) | |
72 | { | |
73 | ctx->imprint = hexstr; | |
74 | ctx->imprint_len = len; | |
75 | return ctx->imprint; | |
76 | } | |
77 | ||
c7235be6 | 78 | void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx) |
0f113f3e MC |
79 | { |
80 | if (!ctx) | |
81 | return; | |
c7235be6 | 82 | |
0f113f3e MC |
83 | X509_STORE_free(ctx->store); |
84 | sk_X509_pop_free(ctx->certs, X509_free); | |
c7235be6 | 85 | |
0f113f3e | 86 | ASN1_OBJECT_free(ctx->policy); |
c7235be6 | 87 | |
0f113f3e MC |
88 | X509_ALGOR_free(ctx->md_alg); |
89 | OPENSSL_free(ctx->imprint); | |
c7235be6 | 90 | |
0f113f3e | 91 | BIO_free_all(ctx->data); |
c7235be6 | 92 | |
0f113f3e | 93 | ASN1_INTEGER_free(ctx->nonce); |
c7235be6 | 94 | |
0f113f3e MC |
95 | GENERAL_NAME_free(ctx->tsa_name); |
96 | ||
97 | TS_VERIFY_CTX_init(ctx); | |
98 | } | |
c7235be6 UM |
99 | |
100 | TS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx) | |
0f113f3e MC |
101 | { |
102 | TS_VERIFY_CTX *ret = ctx; | |
103 | ASN1_OBJECT *policy; | |
104 | TS_MSG_IMPRINT *imprint; | |
105 | X509_ALGOR *md_alg; | |
106 | ASN1_OCTET_STRING *msg; | |
107 | const ASN1_INTEGER *nonce; | |
108 | ||
109 | OPENSSL_assert(req != NULL); | |
110 | if (ret) | |
111 | TS_VERIFY_CTX_cleanup(ret); | |
75ebbd9a | 112 | else if ((ret = TS_VERIFY_CTX_new()) == NULL) |
0f113f3e MC |
113 | return NULL; |
114 | ||
0f113f3e MC |
115 | ret->flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE); |
116 | ||
ca4a494c | 117 | if ((policy = req->policy_id) != NULL) { |
75ebbd9a | 118 | if ((ret->policy = OBJ_dup(policy)) == NULL) |
0f113f3e MC |
119 | goto err; |
120 | } else | |
121 | ret->flags &= ~TS_VFY_POLICY; | |
122 | ||
ca4a494c RS |
123 | imprint = req->msg_imprint; |
124 | md_alg = imprint->hash_algo; | |
75ebbd9a | 125 | if ((ret->md_alg = X509_ALGOR_dup(md_alg)) == NULL) |
0f113f3e | 126 | goto err; |
ca4a494c | 127 | msg = imprint->hashed_msg; |
0f113f3e | 128 | ret->imprint_len = ASN1_STRING_length(msg); |
75ebbd9a | 129 | if ((ret->imprint = OPENSSL_malloc(ret->imprint_len)) == NULL) |
0f113f3e MC |
130 | goto err; |
131 | memcpy(ret->imprint, ASN1_STRING_data(msg), ret->imprint_len); | |
132 | ||
ca4a494c | 133 | if ((nonce = req->nonce) != NULL) { |
75ebbd9a | 134 | if ((ret->nonce = ASN1_INTEGER_dup(nonce)) == NULL) |
0f113f3e MC |
135 | goto err; |
136 | } else | |
137 | ret->flags &= ~TS_VFY_NONCE; | |
138 | ||
139 | return ret; | |
c7235be6 | 140 | err: |
0f113f3e MC |
141 | if (ctx) |
142 | TS_VERIFY_CTX_cleanup(ctx); | |
143 | else | |
144 | TS_VERIFY_CTX_free(ret); | |
145 | return NULL; | |
146 | } |