verify-high.h \
x509_ext.c \
email-verify.c \
- pkcs7-output.c
+ pkcs7-output.c \
+ virt-san.c \
+ virt-san.h \
+ x509_ext_int.h
if ENABLE_OCSP
libgnutls_x509_la_SOURCES += ocsp.c ocsp_output.c
{NULL, 0, NULL, 0, NULL, 0}
};
-int _san_othername_to_virtual(const char *oid, size_t size)
-{
- if (oid) {
- if ((unsigned) size == (sizeof(XMPP_OID)-1)
- && memcmp(oid, XMPP_OID, sizeof(XMPP_OID)-1) == 0)
- return GNUTLS_SAN_OTHERNAME_XMPP;
- }
-
- return GNUTLS_SAN_OTHERNAME;
-}
-
-const char * _virtual_to_othername_oid(unsigned type)
-{
- switch(type) {
- case GNUTLS_SAN_OTHERNAME_XMPP:
- return XMPP_OID;
- default:
- return NULL;
- }
-}
-
static const struct oid_to_string *get_oid_entry(const char *oid)
{
unsigned int i = 0;
int _gnutls_copy_string(gnutls_datum_t* str, uint8_t *out, size_t *out_size);
int _gnutls_copy_data(gnutls_datum_t* str, uint8_t *out, size_t *out_size);
-int _san_othername_to_virtual(const char *oid, size_t oid_size);
-const char *_virtual_to_othername_oid(unsigned type);
-
int _gnutls_x509_decode_ext(const gnutls_datum_t *der, gnutls_x509_ext_st *out);
int x509_raw_crt_to_raw_pubkey(const gnutls_datum_t * cert,
gnutls_datum_t * rpubkey);
--- /dev/null
+/*
+ * Copyright (C) 2015 Nikos Mavrogiannopoulos
+ * Copyright (C) 2015 Red Hat, Inc.
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains functions to handle the virtual subject alternative names,
+ * based on othernames, such as GNUTLS_SAN_OTHERNAME_XMPP.
+ */
+
+#include "gnutls_int.h"
+#include "x509_int.h"
+#include "common.h"
+#include "virt-san.h"
+
+static
+int san_othername_to_virtual(const char *oid, size_t size)
+{
+ if (oid) {
+ if ((unsigned) size == (sizeof(XMPP_OID)-1)
+ && memcmp(oid, XMPP_OID, sizeof(XMPP_OID)-1) == 0)
+ return GNUTLS_SAN_OTHERNAME_XMPP;
+ }
+
+ return GNUTLS_SAN_OTHERNAME;
+}
+
+static
+const char * virtual_to_othername_oid(unsigned type)
+{
+ switch(type) {
+ case GNUTLS_SAN_OTHERNAME_XMPP:
+ return XMPP_OID;
+ default:
+ return NULL;
+ }
+}
+
+int _gnutls_alt_name_assign_virt_type(struct name_st *name, unsigned type, gnutls_datum_t *san, const char *othername_oid)
+{
+ gnutls_datum_t encoded = {NULL, 0};
+ int ret;
+
+ if (type < 1000) {
+ name->type = type;
+ name->san.data = san->data;
+ name->san.size = san->size;
+
+ if (othername_oid) {
+ name->othername_oid.data = (uint8_t *) othername_oid;
+ name->othername_oid.size = strlen(othername_oid);
+ } else {
+ name->othername_oid.data = NULL;
+ name->othername_oid.size = 0;
+ }
+
+ } else { /* virtual types */
+ const char *oid = virtual_to_othername_oid(type);
+
+ if (oid == NULL)
+ return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+
+ switch(type) {
+ case GNUTLS_SAN_OTHERNAME_XMPP:
+ ret = _gnutls_x509_encode_string(ASN1_ETYPE_UTF8_STRING,
+ san->data, san->size, &encoded);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+
+ name->type = GNUTLS_SAN_OTHERNAME;
+ name->san.data = encoded.data;
+ name->san.size = encoded.size;
+ name->othername_oid.data = (void*)gnutls_strdup(oid);
+ name->othername_oid.size = strlen(oid);
+ break;
+
+ default:
+ return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
+ }
+
+ gnutls_free(san->data);
+ }
+
+ return 0;
+}
+
+/**
+ * gnutls_x509_othername_to_virtual:
+ * @oid: The othername object identifier
+ * @othername: The othername data
+ * @virt_type: GNUTLS_SAN_OTHERNAME_XXX
+ * @virt: allocated printable data
+ *
+ * This function will parse and convert the othername data to a virtual
+ * type supported by gnutls.
+ *
+ * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
+ *
+ * Since: 3.3.8
+ **/
+int gnutls_x509_othername_to_virtual(const char *oid,
+ const gnutls_datum_t *othername,
+ unsigned int *virt_type,
+ gnutls_datum_t *virt)
+{
+ int ret;
+ unsigned type;
+
+ type = san_othername_to_virtual(oid, strlen(oid));
+ if (type == GNUTLS_SAN_OTHERNAME)
+ return gnutls_assert_val(GNUTLS_E_X509_UNKNOWN_SAN);
+
+ if (virt_type)
+ *virt_type = type;
+
+ switch(type) {
+ case GNUTLS_SAN_OTHERNAME_XMPP:
+ ret = _gnutls_x509_decode_string
+ (ASN1_ETYPE_UTF8_STRING, othername->data,
+ othername->size, virt, 0);
+ if (ret < 0) {
+ gnutls_assert();
+ return ret;
+ }
+ return 0;
+ default:
+ return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
+ }
+}
--- /dev/null
+/*
+ * Copyright (C) 2015 Nikos Mavrogiannopoulos
+ * Copyright (C) 2015 Red Hat, Inc.
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef VIRT_SAN_H
+# define VIRT_SAN_H
+
+#include "x509_ext_int.h"
+
+int _gnutls_alt_name_assign_virt_type(struct name_st *name, unsigned type, gnutls_datum_t *san, const char *othername_oid);
+
+#endif
*/
#include "gnutls_int.h"
-
#include <datum.h>
#include "errors.h"
#include <common.h>
#include <x509.h>
#include <x509_b64.h>
#include <c-ctype.h>
+#include "x509_ext_int.h"
+#include "virt-san.h"
#include <gnutls/x509-ext.h>
-struct name_st {
- unsigned int type;
- gnutls_datum_t san;
- gnutls_datum_t othername_oid;
-};
-
#define MAX_ENTRIES 64
struct gnutls_subject_alt_names_st {
struct name_st *names;
return 0;
}
-static
-int assign_virt_type(struct name_st *name, unsigned type, gnutls_datum_t *san, const char *othername_oid)
-{
- gnutls_datum_t encoded = {NULL, 0};
- int ret;
-
- if (type < 1000) {
- name->type = type;
- name->san.data = san->data;
- name->san.size = san->size;
-
- if (othername_oid) {
- name->othername_oid.data = (uint8_t *) othername_oid;
- name->othername_oid.size = strlen(othername_oid);
- } else {
- name->othername_oid.data = NULL;
- name->othername_oid.size = 0;
- }
-
- } else { /* virtual types */
- const char *oid = _virtual_to_othername_oid(type);
-
- if (oid == NULL)
- return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
-
- switch(type) {
- case GNUTLS_SAN_OTHERNAME_XMPP:
- ret = _gnutls_x509_encode_string(ASN1_ETYPE_UTF8_STRING,
- san->data, san->size, &encoded);
- if (ret < 0)
- return gnutls_assert_val(ret);
-
- name->type = GNUTLS_SAN_OTHERNAME;
- name->san.data = encoded.data;
- name->san.size = encoded.size;
- name->othername_oid.data = (void*)gnutls_strdup(oid);
- name->othername_oid.size = strlen(oid);
- break;
-
- default:
- return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
- }
-
- gnutls_free(san->data);
- }
-
- return 0;
-}
-
/* This is the same as gnutls_subject_alt_names_set() but will not
* copy the strings. It expects all the provided input to be already
* allocated by gnutls. */
}
*names = tmp;
- ret = assign_virt_type(&(*names)[*size], san_type, san, othername_oid);
+ ret = _gnutls_alt_name_assign_virt_type(&(*names)[*size], san_type, san, othername_oid);
if (ret < 0)
return gnutls_assert_val(ret);
}
-/**
- * gnutls_x509_othername_to_virtual:
- * @oid: The othername object identifier
- * @othername: The othername data
- * @virt_type: GNUTLS_SAN_OTHERNAME_XXX
- * @virt: allocated printable data
- *
- * This function will parse and convert the othername data to a virtual
- * type supported by gnutls.
- *
- * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.
- *
- * Since: 3.3.8
- **/
-int gnutls_x509_othername_to_virtual(const char *oid,
- const gnutls_datum_t *othername,
- unsigned int *virt_type,
- gnutls_datum_t *virt)
-{
- int ret;
- unsigned type;
-
- type = _san_othername_to_virtual(oid, strlen(oid));
- if (type == GNUTLS_SAN_OTHERNAME)
- return gnutls_assert_val(GNUTLS_E_X509_UNKNOWN_SAN);
-
- if (virt_type)
- *virt_type = type;
-
- switch(type) {
- case GNUTLS_SAN_OTHERNAME_XMPP:
- ret = _gnutls_x509_decode_string
- (ASN1_ETYPE_UTF8_STRING, othername->data,
- othername->size, virt, 0);
- if (ret < 0) {
- gnutls_assert();
- return ret;
- }
- return 0;
- default:
- return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
- }
-}
--- /dev/null
+/*
+ * Copyright (C) 2014 Free Software Foundation
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>
+ *
+ */
+
+#ifndef X509_EXT_INT_H
+#define X509_EXT_INT_H
+
+#include "gnutls_int.h"
+struct name_st {
+ unsigned int type;
+ gnutls_datum_t san;
+ gnutls_datum_t othername_oid;
+};
+
+#endif
projects / thirdparty / gnutls.git / commitdiff
