[331] | 1 | /*
|
---|
| 2 | * Copyright 2004-2016 The OpenSSL Project Authors. All Rights Reserved.
|
---|
| 3 | *
|
---|
| 4 | * Licensed under the OpenSSL license (the "License"). You may not use
|
---|
| 5 | * this file except in compliance with the License. You can obtain a copy
|
---|
| 6 | * in the file LICENSE in the source distribution or at
|
---|
| 7 | * https://www.openssl.org/source/license.html
|
---|
| 8 | */
|
---|
| 9 |
|
---|
| 10 | #include "internal/cryptlib.h"
|
---|
| 11 | #include <openssl/x509.h>
|
---|
| 12 | #include <openssl/x509v3.h>
|
---|
| 13 |
|
---|
| 14 | #include "pcy_int.h"
|
---|
| 15 |
|
---|
| 16 | /* Policy Node routines */
|
---|
| 17 |
|
---|
| 18 | void policy_data_free(X509_POLICY_DATA *data)
|
---|
| 19 | {
|
---|
| 20 | if (!data)
|
---|
| 21 | return;
|
---|
| 22 | ASN1_OBJECT_free(data->valid_policy);
|
---|
| 23 | /* Don't free qualifiers if shared */
|
---|
| 24 | if (!(data->flags & POLICY_DATA_FLAG_SHARED_QUALIFIERS))
|
---|
| 25 | sk_POLICYQUALINFO_pop_free(data->qualifier_set, POLICYQUALINFO_free);
|
---|
| 26 | sk_ASN1_OBJECT_pop_free(data->expected_policy_set, ASN1_OBJECT_free);
|
---|
| 27 | OPENSSL_free(data);
|
---|
| 28 | }
|
---|
| 29 |
|
---|
| 30 | /*
|
---|
| 31 | * Create a data based on an existing policy. If 'id' is NULL use the OID in
|
---|
| 32 | * the policy, otherwise use 'id'. This behaviour covers the two types of
|
---|
| 33 | * data in RFC3280: data with from a CertificatePolicies extension and
|
---|
| 34 | * additional data with just the qualifiers of anyPolicy and ID from another
|
---|
| 35 | * source.
|
---|
| 36 | */
|
---|
| 37 |
|
---|
| 38 | X509_POLICY_DATA *policy_data_new(POLICYINFO *policy,
|
---|
| 39 | const ASN1_OBJECT *cid, int crit)
|
---|
| 40 | {
|
---|
| 41 | X509_POLICY_DATA *ret;
|
---|
| 42 | ASN1_OBJECT *id;
|
---|
| 43 | if (!policy && !cid)
|
---|
| 44 | return NULL;
|
---|
| 45 | if (cid) {
|
---|
| 46 | id = OBJ_dup(cid);
|
---|
| 47 | if (!id)
|
---|
| 48 | return NULL;
|
---|
| 49 | } else
|
---|
| 50 | id = NULL;
|
---|
| 51 | ret = OPENSSL_zalloc(sizeof(*ret));
|
---|
| 52 | if (ret == NULL)
|
---|
| 53 | return NULL;
|
---|
| 54 | ret->expected_policy_set = sk_ASN1_OBJECT_new_null();
|
---|
| 55 | if (ret->expected_policy_set == NULL) {
|
---|
| 56 | OPENSSL_free(ret);
|
---|
| 57 | ASN1_OBJECT_free(id);
|
---|
| 58 | return NULL;
|
---|
| 59 | }
|
---|
| 60 |
|
---|
| 61 | if (crit)
|
---|
| 62 | ret->flags = POLICY_DATA_FLAG_CRITICAL;
|
---|
| 63 |
|
---|
| 64 | if (id)
|
---|
| 65 | ret->valid_policy = id;
|
---|
| 66 | else {
|
---|
| 67 | ret->valid_policy = policy->policyid;
|
---|
| 68 | policy->policyid = NULL;
|
---|
| 69 | }
|
---|
| 70 |
|
---|
| 71 | if (policy) {
|
---|
| 72 | ret->qualifier_set = policy->qualifiers;
|
---|
| 73 | policy->qualifiers = NULL;
|
---|
| 74 | }
|
---|
| 75 |
|
---|
| 76 | return ret;
|
---|
| 77 | }
|
---|