首頁 探索 說明
登入
OWEALs
/
openssl
镜像来自 git://git.openssl.org/openssl.git
2
0
複刻 0
Files 問題管理 1 Wiki
目錄樹: 47d2080fac
分支列表 標籤列表
openssl
/
crypto
/
x509
/
x_req.c

x_req.c 2.3 KB
文件歷史 原始文件

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768 
  1. /*
    2. 

  2.  * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
    3. 

  3.  *
    4. 

  4.  * Licensed under the OpenSSL license (the "License").  You may not use
    5. 

  5.  * this file except in compliance with the License.  You can obtain a copy
    6. 

  6.  * in the file LICENSE in the source distribution or at
    7. 

  7.  * https://www.openssl.org/source/license.html
    8. 

  8.  */
    9. 

  9. 

  10. #include <stdio.h>
    11. 

  11. #include "internal/cryptlib.h"
    12. 

  12. #include <openssl/asn1t.h>
    13. 

  13. #include <openssl/x509.h>
    14. 

  14. #include "internal/x509_int.h"
    15. 

  15. 

  16. /*-
    17. 

  17.  * X509_REQ_INFO is handled in an unusual way to get round
    18. 

  18.  * invalid encodings. Some broken certificate requests don't
    19. 

  19.  * encode the attributes field if it is empty. This is in
    20. 

  20.  * violation of PKCS#10 but we need to tolerate it. We do
    21. 

  21.  * this by making the attributes field OPTIONAL then using
    22. 

  22.  * the callback to initialise it to an empty STACK.
    23. 

  23.  *
    24. 

  24.  * This means that the field will be correctly encoded unless
    25. 

  25.  * we NULL out the field.
    26. 

  26.  *
    27. 

  27.  * As a result we no longer need the req_kludge field because
    28. 

  28.  * the information is now contained in the attributes field:
    29. 

  29.  * 1. If it is NULL then it's the invalid omission.
    30. 

  30.  * 2. If it is empty it is the correct encoding.
    31. 

  31.  * 3. If it is not empty then some attributes are present.
    32. 

  32.  *
    33. 

  33.  */
    34. 

  34. 

  35. static int rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
    36. 

  36.                    void *exarg)
    37. 

  37. {
    38. 

  38.     X509_REQ_INFO *rinf = (X509_REQ_INFO *)*pval;
    39. 

  39. 

  40.     if (operation == ASN1_OP_NEW_POST) {
    41. 

  41.         rinf->attributes = sk_X509_ATTRIBUTE_new_null();
    42. 

  42.         if (!rinf->attributes)
    43. 

  43.             return 0;
    44. 

  44.     }
    45. 

  45.     return 1;
    46. 

  46. }
    47. 

  47. 

  48. ASN1_SEQUENCE_enc(X509_REQ_INFO, enc, rinf_cb) = {
    49. 

  49.         ASN1_SIMPLE(X509_REQ_INFO, version, ASN1_INTEGER),
    50. 

  50.         ASN1_SIMPLE(X509_REQ_INFO, subject, X509_NAME),
    51. 

  51.         ASN1_SIMPLE(X509_REQ_INFO, pubkey, X509_PUBKEY),
    52. 

  52.         /* This isn't really OPTIONAL but it gets round invalid
    53. 

  53.          * encodings
    54. 

  54.          */
    55. 

  55.         ASN1_IMP_SET_OF_OPT(X509_REQ_INFO, attributes, X509_ATTRIBUTE, 0)
    56. 

  56. } ASN1_SEQUENCE_END_enc(X509_REQ_INFO, X509_REQ_INFO)
    57. 

  57. 

  58. IMPLEMENT_ASN1_FUNCTIONS(X509_REQ_INFO)
    59. 

  59. 

  60. ASN1_SEQUENCE_ref(X509_REQ, 0) = {
    61. 

  61.         ASN1_EMBED(X509_REQ, req_info, X509_REQ_INFO),
    62. 

  62.         ASN1_EMBED(X509_REQ, sig_alg, X509_ALGOR),
    63. 

  63.         ASN1_SIMPLE(X509_REQ, signature, ASN1_BIT_STRING)
    64. 

  64. } ASN1_SEQUENCE_END_ref(X509_REQ, X509_REQ)
    65. 

  65. 

  66. IMPLEMENT_ASN1_FUNCTIONS(X509_REQ)
    67. 

  67. 

  68. IMPLEMENT_ASN1_DUP_FUNCTION(X509_REQ)
    69.