diff options
Diffstat (limited to 'Cryptlib/OpenSSL/crypto/ocsp/ocsp_ext.c')
| -rw-r--r-- | Cryptlib/OpenSSL/crypto/ocsp/ocsp_ext.c | 63 |
1 files changed, 12 insertions, 51 deletions
diff --git a/Cryptlib/OpenSSL/crypto/ocsp/ocsp_ext.c b/Cryptlib/OpenSSL/crypto/ocsp/ocsp_ext.c index e341caea..c19648c7 100644 --- a/Cryptlib/OpenSSL/crypto/ocsp/ocsp_ext.c +++ b/Cryptlib/OpenSSL/crypto/ocsp/ocsp_ext.c @@ -287,7 +287,7 @@ int OCSP_SINGLERESP_add_ext(OCSP_SINGLERESP *x, X509_EXTENSION *ex, int loc) } /* also CRL Entry Extensions */ - +#if 0 ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d, void *data, STACK_OF(ASN1_OBJECT) *sk) { @@ -329,6 +329,7 @@ ASN1_STRING *ASN1_STRING_encode(ASN1_STRING *s, i2d_of_void *i2d, OPENSSL_free(b); return NULL; } +#endif /* Nonce handling functions */ @@ -360,8 +361,8 @@ static int ocsp_add1_nonce(STACK_OF(X509_EXTENSION) **exts, ASN1_put_object(&tmpval, 0, len, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL); if (val) memcpy(tmpval, val, len); - else - RAND_pseudo_bytes(tmpval, len); + else if (RAND_pseudo_bytes(tmpval, len) < 0) + goto err; if (!X509V3_add1_i2d(exts, NID_id_pkix_OCSP_Nonce, &os, 0, X509V3_ADD_REPLACE)) goto err; @@ -476,21 +477,11 @@ X509_EXTENSION *OCSP_crlID_new(char *url, long *n, char *tim) if (!(ASN1_GENERALIZEDTIME_set_string(cid->crlTime, tim))) goto err; } - if (!(x = X509_EXTENSION_new())) - goto err; - if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_CrlID))) - goto err; - if (!(ASN1_STRING_encode_of(OCSP_CRLID, x->value, i2d_OCSP_CRLID, cid, - NULL))) - goto err; - OCSP_CRLID_free(cid); - return x; + x = X509V3_EXT_i2d(NID_id_pkix_OCSP_CrlID, 0, cid); err: - if (x) - X509_EXTENSION_free(x); if (cid) OCSP_CRLID_free(cid); - return NULL; + return x; } /* AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER */ @@ -508,21 +499,11 @@ X509_EXTENSION *OCSP_accept_responses_new(char **oids) sk_ASN1_OBJECT_push(sk, o); oids++; } - if (!(x = X509_EXTENSION_new())) - goto err; - if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_acceptableResponses))) - goto err; - if (!(ASN1_STRING_encode_of(ASN1_OBJECT, x->value, i2d_ASN1_OBJECT, NULL, - sk))) - goto err; - sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free); - return x; + x = X509V3_EXT_i2d(NID_id_pkix_OCSP_acceptableResponses, 0, sk); err: - if (x) - X509_EXTENSION_free(x); if (sk) sk_ASN1_OBJECT_pop_free(sk, ASN1_OBJECT_free); - return NULL; + return x; } /* ArchiveCutoff ::= GeneralizedTime */ @@ -535,21 +516,11 @@ X509_EXTENSION *OCSP_archive_cutoff_new(char *tim) goto err; if (!(ASN1_GENERALIZEDTIME_set_string(gt, tim))) goto err; - if (!(x = X509_EXTENSION_new())) - goto err; - if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_archiveCutoff))) - goto err; - if (!(ASN1_STRING_encode_of(ASN1_GENERALIZEDTIME, x->value, - i2d_ASN1_GENERALIZEDTIME, gt, NULL))) - goto err; - ASN1_GENERALIZEDTIME_free(gt); - return x; + x = X509V3_EXT_i2d(NID_id_pkix_OCSP_archiveCutoff, 0, gt); err: if (gt) ASN1_GENERALIZEDTIME_free(gt); - if (x) - X509_EXTENSION_free(x); - return NULL; + return x; } /* @@ -587,19 +558,9 @@ X509_EXTENSION *OCSP_url_svcloc_new(X509_NAME *issuer, char **urls) goto err; urls++; } - if (!(x = X509_EXTENSION_new())) - goto err; - if (!(x->object = OBJ_nid2obj(NID_id_pkix_OCSP_serviceLocator))) - goto err; - if (!(ASN1_STRING_encode_of(OCSP_SERVICELOC, x->value, - i2d_OCSP_SERVICELOC, sloc, NULL))) - goto err; - OCSP_SERVICELOC_free(sloc); - return x; + x = X509V3_EXT_i2d(NID_id_pkix_OCSP_serviceLocator, 0, sloc); err: - if (x) - X509_EXTENSION_free(x); if (sloc) OCSP_SERVICELOC_free(sloc); - return NULL; + return x; } |