]>
Commit | Line | Data |
---|---|---|
0f113f3e | 1 | /* |
454afd98 | 2 | * Copyright 2004-2020 The OpenSSL Project Authors. All Rights Reserved. |
4acc3e90 | 3 | * |
4286ca47 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
d2e9e320 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
4acc3e90 DSH |
8 | */ |
9 | ||
b39fc560 | 10 | #include "internal/cryptlib.h" |
4acc3e90 DSH |
11 | #include <openssl/x509.h> |
12 | #include <openssl/x509v3.h> | |
13 | ||
706457b7 | 14 | #include "pcy_local.h" |
4acc3e90 | 15 | |
852c2ed2 | 16 | DEFINE_STACK_OF(ASN1_OBJECT) |
852c2ed2 | 17 | |
4acc3e90 DSH |
18 | /* Policy Node routines */ |
19 | ||
20 | void policy_data_free(X509_POLICY_DATA *data) | |
0f113f3e | 21 | { |
3f23390b | 22 | if (data == NULL) |
25aaa98a | 23 | return; |
0f113f3e MC |
24 | ASN1_OBJECT_free(data->valid_policy); |
25 | /* Don't free qualifiers if shared */ | |
26 | if (!(data->flags & POLICY_DATA_FLAG_SHARED_QUALIFIERS)) | |
27 | sk_POLICYQUALINFO_pop_free(data->qualifier_set, POLICYQUALINFO_free); | |
28 | sk_ASN1_OBJECT_pop_free(data->expected_policy_set, ASN1_OBJECT_free); | |
29 | OPENSSL_free(data); | |
30 | } | |
4acc3e90 | 31 | |
0f113f3e | 32 | /* |
0ad69cd6 | 33 | * Create a data based on an existing policy. If 'id' is NULL use the OID in |
0f113f3e | 34 | * the policy, otherwise use 'id'. This behaviour covers the two types of |
0ad69cd6 | 35 | * data in RFC3280: data with from a CertificatePolicies extension and |
0f113f3e MC |
36 | * additional data with just the qualifiers of anyPolicy and ID from another |
37 | * source. | |
4acc3e90 DSH |
38 | */ |
39 | ||
002e66c0 | 40 | X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, |
0f113f3e MC |
41 | const ASN1_OBJECT *cid, int crit) |
42 | { | |
43 | X509_POLICY_DATA *ret; | |
44 | ASN1_OBJECT *id; | |
7fcdbd83 | 45 | |
3f23390b | 46 | if (policy == NULL && cid == NULL) |
0f113f3e MC |
47 | return NULL; |
48 | if (cid) { | |
49 | id = OBJ_dup(cid); | |
3f23390b | 50 | if (id == NULL) |
0f113f3e MC |
51 | return NULL; |
52 | } else | |
53 | id = NULL; | |
64b25758 | 54 | ret = OPENSSL_zalloc(sizeof(*ret)); |
7fcdbd83 | 55 | if (ret == NULL) { |
19b4e6f8 | 56 | ASN1_OBJECT_free(id); |
7fcdbd83 | 57 | X509V3err(X509V3_F_POLICY_DATA_NEW, ERR_R_MALLOC_FAILURE); |
0f113f3e | 58 | return NULL; |
7fcdbd83 | 59 | } |
0f113f3e | 60 | ret->expected_policy_set = sk_ASN1_OBJECT_new_null(); |
90945fa3 | 61 | if (ret->expected_policy_set == NULL) { |
0f113f3e | 62 | OPENSSL_free(ret); |
0dfb9398 | 63 | ASN1_OBJECT_free(id); |
7fcdbd83 | 64 | X509V3err(X509V3_F_POLICY_DATA_NEW, ERR_R_MALLOC_FAILURE); |
0f113f3e MC |
65 | return NULL; |
66 | } | |
4acc3e90 | 67 | |
0f113f3e MC |
68 | if (crit) |
69 | ret->flags = POLICY_DATA_FLAG_CRITICAL; | |
4acc3e90 | 70 | |
0f113f3e MC |
71 | if (id) |
72 | ret->valid_policy = id; | |
73 | else { | |
74 | ret->valid_policy = policy->policyid; | |
75 | policy->policyid = NULL; | |
76 | } | |
4acc3e90 | 77 | |
0f113f3e MC |
78 | if (policy) { |
79 | ret->qualifier_set = policy->qualifiers; | |
80 | policy->qualifiers = NULL; | |
64b25758 | 81 | } |
4acc3e90 | 82 | |
0f113f3e MC |
83 | return ret; |
84 | } |