diff options
Diffstat (limited to 'src/ocsp.c')
-rw-r--r-- | src/ocsp.c | 198 |
1 files changed, 0 insertions, 198 deletions
@@ -63,202 +63,6 @@ dump_hex (const unsigned char *p, size_t n) } #endif - -static void -parse_skip (unsigned char const **buf, size_t *len, struct tag_info *ti) -{ - if (ti->length) - { - assert (ti->length <= *len); - *len -= ti->length; - *buf += ti->length; - } -} - -static gpg_error_t -parse_sequence (unsigned char const **buf, size_t *len, struct tag_info *ti) -{ - gpg_error_t err; - - err = _ksba_ber_parse_tl (buf, len, ti); - if (err) - ; - else if (!(ti->class == CLASS_UNIVERSAL && ti->tag == TYPE_SEQUENCE - && ti->is_constructed) ) - err = gpg_error (GPG_ERR_INV_OBJ); - else if (ti->length > *len) - err = gpg_error (GPG_ERR_BAD_BER); - return err; -} - -static gpg_error_t -parse_enumerated (unsigned char const **buf, size_t *len, struct tag_info *ti, - size_t maxlen) -{ - gpg_error_t err; - - err = _ksba_ber_parse_tl (buf, len, ti); - if (err) - ; - else if (!(ti->class == CLASS_UNIVERSAL && ti->tag == TYPE_ENUMERATED - && !ti->is_constructed) ) - err = gpg_error (GPG_ERR_INV_OBJ); - else if (!ti->length) - err = gpg_error (GPG_ERR_TOO_SHORT); - else if (maxlen && ti->length > maxlen) - err = gpg_error (GPG_ERR_TOO_LARGE); - else if (ti->length > *len) - err = gpg_error (GPG_ERR_BAD_BER); - - return err; -} - -static gpg_error_t -parse_integer (unsigned char const **buf, size_t *len, struct tag_info *ti) -{ - gpg_error_t err; - - err = _ksba_ber_parse_tl (buf, len, ti); - if (err) - ; - else if (!(ti->class == CLASS_UNIVERSAL && ti->tag == TYPE_INTEGER - && !ti->is_constructed) ) - err = gpg_error (GPG_ERR_INV_OBJ); - else if (!ti->length) - err = gpg_error (GPG_ERR_TOO_SHORT); - else if (ti->length > *len) - err = gpg_error (GPG_ERR_BAD_BER); - - return err; -} - -static gpg_error_t -parse_octet_string (unsigned char const **buf, size_t *len, struct tag_info *ti) -{ - gpg_error_t err; - - err= _ksba_ber_parse_tl (buf, len, ti); - if (err) - ; - else if (!(ti->class == CLASS_UNIVERSAL && ti->tag == TYPE_OCTET_STRING - && !ti->is_constructed) ) - err = gpg_error (GPG_ERR_INV_OBJ); - else if (!ti->length) - err = gpg_error (GPG_ERR_TOO_SHORT); - else if (ti->length > *len) - err = gpg_error (GPG_ERR_BAD_BER); - - return err; -} - - -/* Note that R_BOOL will only be set if a value has been given. Thus - the caller should set it to the default value prior to calling this - function. Obviously no call to parse_skip is required after - calling this function. */ -static gpg_error_t -parse_optional_boolean (unsigned char const **buf, size_t *len, int *r_bool) -{ - gpg_error_t err; - struct tag_info ti; - - err = _ksba_ber_parse_tl (buf, len, &ti); - if (err) - ; - else if (!ti.length) - err = gpg_error (GPG_ERR_TOO_SHORT); - else if (ti.length > *len) - err = gpg_error (GPG_ERR_BAD_BER); - else if (ti.class == CLASS_UNIVERSAL && ti.tag == TYPE_BOOLEAN - && !ti.is_constructed) - { - if (ti.length != 1) - err = gpg_error (GPG_ERR_BAD_BER); - *r_bool = !!**buf; - parse_skip (buf, len, &ti); - } - else - { /* Undo the read. */ - *buf -= ti.nhdr; - *len += ti.nhdr; - } - - return err; -} - - - -static gpg_error_t -parse_object_id_into_str (unsigned char const **buf, size_t *len, char **oid) -{ - struct tag_info ti; - gpg_error_t err; - - *oid = NULL; - err = _ksba_ber_parse_tl (buf, len, &ti); - if (err) - ; - else if (!(ti.class == CLASS_UNIVERSAL && ti.tag == TYPE_OBJECT_ID - && !ti.is_constructed) ) - err = gpg_error (GPG_ERR_INV_OBJ); - else if (!ti.length) - err = gpg_error (GPG_ERR_TOO_SHORT); - else if (ti.length > *len) - err = gpg_error (GPG_ERR_BAD_BER); - else if (!(*oid = ksba_oid_to_str (*buf, ti.length))) - err = gpg_error_from_syserror (); - else - { - *buf += ti.length; - *len -= ti.length; - } - return err; -} - - -static gpg_error_t -parse_asntime_into_isotime (unsigned char const **buf, size_t *len, - ksba_isotime_t isotime) -{ - struct tag_info ti; - gpg_error_t err; - - err = _ksba_ber_parse_tl (buf, len, &ti); - if (err) - ; - else if ( !(ti.class == CLASS_UNIVERSAL - && (ti.tag == TYPE_UTC_TIME || ti.tag == TYPE_GENERALIZED_TIME) - && !ti.is_constructed) ) - err = gpg_error (GPG_ERR_INV_OBJ); - else if (ti.length > *len) - err = gpg_error (GPG_ERR_INV_BER); - else if (!(err = _ksba_asntime_to_iso (*buf, ti.length, - ti.tag == TYPE_UTC_TIME, isotime))) - parse_skip (buf, len, &ti); - - return err; -} - - -static gpg_error_t -parse_context_tag (unsigned char const **buf, size_t *len, struct tag_info *ti, - int tag) -{ - gpg_error_t err; - - err = _ksba_ber_parse_tl (buf, len, ti); - if (err) - ; - else if (!(ti->class == CLASS_CONTEXT && ti->tag == tag - && ti->is_constructed) ) - err = gpg_error (GPG_ERR_INV_OBJ); - else if (ti->length > *len) - err = gpg_error (GPG_ERR_BAD_BER); - - return err; -} - - /* Create a new OCSP object and retrun it in R_OCSP. Return 0 on success or an error code. @@ -616,8 +420,6 @@ ksba_ocsp_prepare_request (ksba_ocsp_t ocsp) /* Write the serialNumber of the certificate to be checked. */ err = _ksba_cert_get_serial_ptr (ri->cert, &der, &derlen); if (!err) - err = _ksba_ber_write_tl (w1, TYPE_INTEGER, CLASS_UNIVERSAL, 0, derlen); - if (!err) err = ksba_writer_write (w1, der, derlen); if (err) goto leave; |