diff options
| author | Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com> | 2017-09-13 12:09:40 -0700 |
|---|---|---|
| committer | Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com> | 2017-09-13 12:09:40 -0700 |
| commit | b6f94dbeacfc6f0a507413096189304c58dbe66c (patch) | |
| tree | bce8c7db22209078618294c51d95a0c033aec7d9 /Cryptlib/OpenSSL/crypto/x509v3/v3_cpols.c | |
| parent | 25f7fd1fb389a5f6356f353d16c5ead80dac6bbc (diff) | |
| download | efi-boot-shim-upstream/13_git1505328970.9c1c35c5.tar.gz efi-boot-shim-upstream/13_git1505328970.9c1c35c5.zip | |
New upstream version 13~git1505328970.9c1c35c5upstream/13_git1505328970.9c1c35c5
Diffstat (limited to 'Cryptlib/OpenSSL/crypto/x509v3/v3_cpols.c')
| -rw-r--r-- | Cryptlib/OpenSSL/crypto/x509v3/v3_cpols.c | 118 |
1 files changed, 84 insertions, 34 deletions
diff --git a/Cryptlib/OpenSSL/crypto/x509v3/v3_cpols.c b/Cryptlib/OpenSSL/crypto/x509v3/v3_cpols.c index f717e132..d97f6226 100644 --- a/Cryptlib/OpenSSL/crypto/x509v3/v3_cpols.c +++ b/Cryptlib/OpenSSL/crypto/x509v3/v3_cpols.c @@ -1,28 +1,77 @@ +/* v3_cpols.c */ /* - * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. + * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project + * 1999. + */ +/* ==================================================================== + * Copyright (c) 1999-2004 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). * - * Licensed under the OpenSSL license (the "License"). You may not use - * this file except in compliance with the License. You can obtain a copy - * in the file LICENSE in the source distribution or at - * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "internal/cryptlib.h" +#include "cryptlib.h" #include <openssl/conf.h> #include <openssl/asn1.h> #include <openssl/asn1t.h> #include <openssl/x509v3.h> #include "pcy_int.h" -#include "ext_dat.h" /* Certificate policies extension support: this one is a bit complex... */ static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, BIO *out, int indent); static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, const char *value); + X509V3_CTX *ctx, char *value); static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals, int indent); static void print_notice(BIO *out, USERNOTICE *notice, int indent); @@ -84,7 +133,7 @@ ASN1_SEQUENCE(NOTICEREF) = { IMPLEMENT_ASN1_FUNCTIONS(NOTICEREF) static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, - X509V3_CTX *ctx, const char *value) + X509V3_CTX *ctx, char *value) { STACK_OF(POLICYINFO) *pols = NULL; char *pstr; @@ -113,7 +162,7 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, goto err; } pstr = cnf->name; - if (strcmp(pstr, "ia5org") == 0) { + if (!strcmp(pstr, "ia5org")) { ia5org = 1; continue; } else if (*pstr == '@') { @@ -127,10 +176,10 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, } pol = policy_section(ctx, polsect, ia5org); X509V3_section_free(ctx, polsect); - if (pol == NULL) + if (!pol) goto err; } else { - if ((pobj = OBJ_txt2obj(cnf->name, 0)) == NULL) { + if (!(pobj = OBJ_txt2obj(cnf->name, 0))) { X509V3err(X509V3_F_R2I_CERTPOL, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(cnf); @@ -139,7 +188,6 @@ static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, pol = POLICYINFO_new(); if (pol == NULL) { X509V3err(X509V3_F_R2I_CERTPOL, ERR_R_MALLOC_FAILURE); - ASN1_OBJECT_free(pobj); goto err; } pol->policyid = pobj; @@ -165,14 +213,13 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, CONF_VALUE *cnf; POLICYINFO *pol; POLICYQUALINFO *qual; - - if ((pol = POLICYINFO_new()) == NULL) + if (!(pol = POLICYINFO_new())) goto merr; for (i = 0; i < sk_CONF_VALUE_num(polstrs); i++) { cnf = sk_CONF_VALUE_value(polstrs, i); - if (strcmp(cnf->name, "policyIdentifier") == 0) { + if (!strcmp(cnf->name, "policyIdentifier")) { ASN1_OBJECT *pobj; - if ((pobj = OBJ_txt2obj(cnf->value, 0)) == NULL) { + if (!(pobj = OBJ_txt2obj(cnf->value, 0))) { X509V3err(X509V3_F_POLICY_SECTION, X509V3_R_INVALID_OBJECT_IDENTIFIER); X509V3_conf_err(cnf); @@ -181,17 +228,17 @@ static POLICYINFO *policy_section(X509V3_CTX *ctx, pol->policyid = pobj; } else if (!name_cmp(cnf->name, "CPS")) { - if (pol->qualifiers == NULL) + if (!pol->qualifiers) pol->qualifiers = sk_POLICYQUALINFO_new_null(); - if ((qual = POLICYQUALINFO_new()) == NULL) + if (!(qual = POLICYQUALINFO_new())) goto merr; if (!sk_POLICYQUALINFO_push(pol->qualifiers, qual)) goto merr; - if ((qual->pqualid = OBJ_nid2obj(NID_id_qt_cps)) == NULL) { + if (!(qual->pqualid = OBJ_nid2obj(NID_id_qt_cps))) { X509V3err(X509V3_F_POLICY_SECTION, ERR_R_INTERNAL_ERROR); goto err; } - if ((qual->d.cpsuri = ASN1_IA5STRING_new()) == NULL) + if (!(qual->d.cpsuri = M_ASN1_IA5STRING_new())) goto merr; if (!ASN1_STRING_set(qual->d.cpsuri, cnf->value, strlen(cnf->value))) @@ -249,28 +296,27 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, CONF_VALUE *cnf; USERNOTICE *not; POLICYQUALINFO *qual; - - if ((qual = POLICYQUALINFO_new()) == NULL) + if (!(qual = POLICYQUALINFO_new())) goto merr; - if ((qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice)) == NULL) { + if (!(qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice))) { X509V3err(X509V3_F_NOTICE_SECTION, ERR_R_INTERNAL_ERROR); goto err; } - if ((not = USERNOTICE_new()) == NULL) + if (!(not = USERNOTICE_new())) goto merr; qual->d.usernotice = not; for (i = 0; i < sk_CONF_VALUE_num(unot); i++) { cnf = sk_CONF_VALUE_value(unot, i); - if (strcmp(cnf->name, "explicitText") == 0) { - if ((not->exptext = ASN1_VISIBLESTRING_new()) == NULL) + if (!strcmp(cnf->name, "explicitText")) { + if (!(not->exptext = M_ASN1_VISIBLESTRING_new())) goto merr; if (!ASN1_STRING_set(not->exptext, cnf->value, strlen(cnf->value))) goto merr; - } else if (strcmp(cnf->name, "organization") == 0) { + } else if (!strcmp(cnf->name, "organization")) { NOTICEREF *nref; if (!not->noticeref) { - if ((nref = NOTICEREF_new()) == NULL) + if (!(nref = NOTICEREF_new())) goto merr; not->noticeref = nref; } else @@ -282,11 +328,11 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, if (!ASN1_STRING_set(nref->organization, cnf->value, strlen(cnf->value))) goto merr; - } else if (strcmp(cnf->name, "noticeNumbers") == 0) { + } else if (!strcmp(cnf->name, "noticeNumbers")) { NOTICEREF *nref; STACK_OF(CONF_VALUE) *nos; if (!not->noticeref) { - if ((nref = NOTICEREF_new()) == NULL) + if (!(nref = NOTICEREF_new())) goto merr; not->noticeref = nref; } else @@ -295,7 +341,6 @@ static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, if (!nos || !sk_CONF_VALUE_num(nos)) { X509V3err(X509V3_F_NOTICE_SECTION, X509V3_R_INVALID_NUMBERS); X509V3_conf_err(cnf); - sk_CONF_VALUE_pop_free(nos, X509V3_conf_free); goto err; } ret = nref_nos(nref->noticenos, nos); @@ -335,7 +380,7 @@ static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos) for (i = 0; i < sk_CONF_VALUE_num(nos); i++) { cnf = sk_CONF_VALUE_value(nos, i); - if ((aint = s2i_ASN1_INTEGER(NULL, cnf->name)) == NULL) { + if (!(aint = s2i_ASN1_INTEGER(NULL, cnf->name))) { X509V3err(X509V3_F_NREF_NOS, X509V3_R_INVALID_NUMBER); goto err; } @@ -345,10 +390,10 @@ static int nref_nos(STACK_OF(ASN1_INTEGER) *nnums, STACK_OF(CONF_VALUE) *nos) return 1; merr: - ASN1_INTEGER_free(aint); X509V3err(X509V3_F_NREF_NOS, ERR_R_MALLOC_FAILURE); err: + sk_ASN1_INTEGER_pop_free(nnums, ASN1_STRING_free); return 0; } @@ -439,3 +484,8 @@ void X509_POLICY_NODE_print(BIO *out, X509_POLICY_NODE *node, int indent) else BIO_printf(out, "%*sNo Qualifiers\n", indent + 2, ""); } + + +IMPLEMENT_STACK_OF(X509_POLICY_NODE) + +IMPLEMENT_STACK_OF(X509_POLICY_DATA) |