]>
git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/ts/ts_verify_ctx.c
2f6f00c0ccd694747645ed3d5626421a1b173e5a
2 * Copyright 2006-2021 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
10 #include "internal/cryptlib.h"
11 #include <openssl/objects.h>
12 #include <openssl/ts.h>
15 TS_VERIFY_CTX
*TS_VERIFY_CTX_new(void)
17 TS_VERIFY_CTX
*ctx
= OPENSSL_zalloc(sizeof(*ctx
));
20 ERR_raise(ERR_LIB_TS
, ERR_R_MALLOC_FAILURE
);
24 void TS_VERIFY_CTX_init(TS_VERIFY_CTX
*ctx
)
26 OPENSSL_assert(ctx
!= NULL
);
27 memset(ctx
, 0, sizeof(*ctx
));
30 void TS_VERIFY_CTX_free(TS_VERIFY_CTX
*ctx
)
35 TS_VERIFY_CTX_cleanup(ctx
);
39 int TS_VERIFY_CTX_add_flags(TS_VERIFY_CTX
*ctx
, int f
)
45 int TS_VERIFY_CTX_set_flags(TS_VERIFY_CTX
*ctx
, int f
)
51 BIO
*TS_VERIFY_CTX_set_data(TS_VERIFY_CTX
*ctx
, BIO
*b
)
57 X509_STORE
*TS_VERIFY_CTX_set_store(TS_VERIFY_CTX
*ctx
, X509_STORE
*s
)
63 STACK_OF(X509
) *TS_VERIFY_CTX_set_certs(TS_VERIFY_CTX
*ctx
,
64 STACK_OF(X509
) *certs
)
70 unsigned char *TS_VERIFY_CTX_set_imprint(TS_VERIFY_CTX
*ctx
,
71 unsigned char *hexstr
, long len
)
73 OPENSSL_free(ctx
->imprint
);
74 ctx
->imprint
= hexstr
;
75 ctx
->imprint_len
= len
;
79 void TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX
*ctx
)
84 X509_STORE_free(ctx
->store
);
85 sk_X509_pop_free(ctx
->certs
, X509_free
);
87 ASN1_OBJECT_free(ctx
->policy
);
89 X509_ALGOR_free(ctx
->md_alg
);
90 OPENSSL_free(ctx
->imprint
);
92 BIO_free_all(ctx
->data
);
94 ASN1_INTEGER_free(ctx
->nonce
);
96 GENERAL_NAME_free(ctx
->tsa_name
);
98 TS_VERIFY_CTX_init(ctx
);
101 TS_VERIFY_CTX
*TS_REQ_to_TS_VERIFY_CTX(TS_REQ
*req
, TS_VERIFY_CTX
*ctx
)
103 TS_VERIFY_CTX
*ret
= ctx
;
105 TS_MSG_IMPRINT
*imprint
;
107 ASN1_OCTET_STRING
*msg
;
108 const ASN1_INTEGER
*nonce
;
110 OPENSSL_assert(req
!= NULL
);
112 TS_VERIFY_CTX_cleanup(ret
);
113 else if ((ret
= TS_VERIFY_CTX_new()) == NULL
)
116 ret
->flags
= TS_VFY_ALL_IMPRINT
& ~(TS_VFY_TSA_NAME
| TS_VFY_SIGNATURE
);
118 if ((policy
= req
->policy_id
) != NULL
) {
119 if ((ret
->policy
= OBJ_dup(policy
)) == NULL
)
122 ret
->flags
&= ~TS_VFY_POLICY
;
124 imprint
= req
->msg_imprint
;
125 md_alg
= imprint
->hash_algo
;
126 if ((ret
->md_alg
= X509_ALGOR_dup(md_alg
)) == NULL
)
128 msg
= imprint
->hashed_msg
;
129 ret
->imprint_len
= ASN1_STRING_length(msg
);
130 if (ret
->imprint_len
<= 0)
132 if ((ret
->imprint
= OPENSSL_malloc(ret
->imprint_len
)) == NULL
)
134 memcpy(ret
->imprint
, ASN1_STRING_get0_data(msg
), ret
->imprint_len
);
136 if ((nonce
= req
->nonce
) != NULL
) {
137 if ((ret
->nonce
= ASN1_INTEGER_dup(nonce
)) == NULL
)
140 ret
->flags
&= ~TS_VFY_NONCE
;
145 TS_VERIFY_CTX_cleanup(ctx
);
147 TS_VERIFY_CTX_free(ret
);