Line data Source code
1 : /* v3_pcons.c */
2 : /*
3 : * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
4 : * project.
5 : */
6 : /* ====================================================================
7 : * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
8 : *
9 : * Redistribution and use in source and binary forms, with or without
10 : * modification, are permitted provided that the following conditions
11 : * are met:
12 : *
13 : * 1. Redistributions of source code must retain the above copyright
14 : * notice, this list of conditions and the following disclaimer.
15 : *
16 : * 2. Redistributions in binary form must reproduce the above copyright
17 : * notice, this list of conditions and the following disclaimer in
18 : * the documentation and/or other materials provided with the
19 : * distribution.
20 : *
21 : * 3. All advertising materials mentioning features or use of this
22 : * software must display the following acknowledgment:
23 : * "This product includes software developed by the OpenSSL Project
24 : * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
25 : *
26 : * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27 : * endorse or promote products derived from this software without
28 : * prior written permission. For written permission, please contact
29 : * licensing@OpenSSL.org.
30 : *
31 : * 5. Products derived from this software may not be called "OpenSSL"
32 : * nor may "OpenSSL" appear in their names without prior written
33 : * permission of the OpenSSL Project.
34 : *
35 : * 6. Redistributions of any form whatsoever must retain the following
36 : * acknowledgment:
37 : * "This product includes software developed by the OpenSSL Project
38 : * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
39 : *
40 : * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41 : * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 : * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43 : * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44 : * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45 : * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46 : * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47 : * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 : * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49 : * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50 : * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51 : * OF THE POSSIBILITY OF SUCH DAMAGE.
52 : * ====================================================================
53 : *
54 : * This product includes cryptographic software written by Eric Young
55 : * (eay@cryptsoft.com). This product includes software written by Tim
56 : * Hudson (tjh@cryptsoft.com).
57 : *
58 : */
59 :
60 : #include <stdio.h>
61 : #include "cryptlib.h"
62 : #include <openssl/asn1.h>
63 : #include <openssl/asn1t.h>
64 : #include <openssl/conf.h>
65 : #include <openssl/x509v3.h>
66 :
67 : static STACK_OF(CONF_VALUE) *i2v_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD
68 : *method, void *bcons, STACK_OF(CONF_VALUE)
69 : *extlist);
70 : static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method,
71 : X509V3_CTX *ctx,
72 : STACK_OF(CONF_VALUE) *values);
73 :
74 : const X509V3_EXT_METHOD v3_policy_constraints = {
75 : NID_policy_constraints, 0,
76 : ASN1_ITEM_ref(POLICY_CONSTRAINTS),
77 : 0, 0, 0, 0,
78 : 0, 0,
79 : i2v_POLICY_CONSTRAINTS,
80 : v2i_POLICY_CONSTRAINTS,
81 : NULL, NULL,
82 : NULL
83 : };
84 :
85 : ASN1_SEQUENCE(POLICY_CONSTRAINTS) = {
86 : ASN1_IMP_OPT(POLICY_CONSTRAINTS, requireExplicitPolicy, ASN1_INTEGER,0),
87 : ASN1_IMP_OPT(POLICY_CONSTRAINTS, inhibitPolicyMapping, ASN1_INTEGER,1)
88 : } ASN1_SEQUENCE_END(POLICY_CONSTRAINTS)
89 :
90 0 : IMPLEMENT_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
91 :
92 0 : static STACK_OF(CONF_VALUE) *i2v_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD
93 : *method, void *a, STACK_OF(CONF_VALUE)
94 : *extlist)
95 : {
96 : POLICY_CONSTRAINTS *pcons = a;
97 0 : X509V3_add_value_int("Require Explicit Policy",
98 : pcons->requireExplicitPolicy, &extlist);
99 0 : X509V3_add_value_int("Inhibit Policy Mapping",
100 : pcons->inhibitPolicyMapping, &extlist);
101 0 : return extlist;
102 : }
103 :
104 0 : static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method,
105 : X509V3_CTX *ctx,
106 : STACK_OF(CONF_VALUE) *values)
107 : {
108 : POLICY_CONSTRAINTS *pcons = NULL;
109 : CONF_VALUE *val;
110 : int i;
111 0 : if (!(pcons = POLICY_CONSTRAINTS_new())) {
112 0 : X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS, ERR_R_MALLOC_FAILURE);
113 0 : return NULL;
114 : }
115 0 : for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
116 0 : val = sk_CONF_VALUE_value(values, i);
117 0 : if (!strcmp(val->name, "requireExplicitPolicy")) {
118 0 : if (!X509V3_get_value_int(val, &pcons->requireExplicitPolicy))
119 : goto err;
120 0 : } else if (!strcmp(val->name, "inhibitPolicyMapping")) {
121 0 : if (!X509V3_get_value_int(val, &pcons->inhibitPolicyMapping))
122 : goto err;
123 : } else {
124 0 : X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS, X509V3_R_INVALID_NAME);
125 0 : X509V3_conf_err(val);
126 0 : goto err;
127 : }
128 : }
129 0 : if (!pcons->inhibitPolicyMapping && !pcons->requireExplicitPolicy) {
130 0 : X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS,
131 : X509V3_R_ILLEGAL_EMPTY_EXTENSION);
132 0 : goto err;
133 : }
134 :
135 : return pcons;
136 : err:
137 : POLICY_CONSTRAINTS_free(pcons);
138 0 : return NULL;
139 : }
|