summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStef Walter <stef@thewalter.net>2013-07-04 15:37:34 +0200
committerStef Walter <stef@thewalter.net>2013-07-04 15:42:16 +0200
commitec7c2ff2011d774217c1e35d664072d0487853c7 (patch)
treec2ff76fc08c9b237f101d4119451ef04229c7788
parenta2165fe35e336fd807af053a21a396b020f90a23 (diff)
trust: Add p11_asn1_read() and p11_asn1_free() functions
Some helpers for commonly used ASN.1 related stuff.
-rw-r--r--trust/asn1.c38
-rw-r--r--trust/asn1.h6
-rw-r--r--trust/parser.c16
-rw-r--r--trust/persist.c11
-rw-r--r--trust/tests/test-asn1.c19
-rw-r--r--trust/x509.c42
6 files changed, 74 insertions, 58 deletions
diff --git a/trust/asn1.c b/trust/asn1.c
index 29cca3a..fcd8e1c 100644
--- a/trust/asn1.c
+++ b/trust/asn1.c
@@ -192,6 +192,44 @@ p11_asn1_encode (node_asn *asn,
return der;
}
+void *
+p11_asn1_read (node_asn *asn,
+ const char *field,
+ size_t *length)
+{
+ void *value;
+ int len;
+ int ret;
+
+ return_val_if_fail (asn != NULL, NULL);
+ return_val_if_fail (field != NULL, NULL);
+ return_val_if_fail (length != NULL, NULL);
+
+ len = 0;
+ ret = asn1_read_value (asn, field, NULL, &len);
+ if (ret == ASN1_ELEMENT_NOT_FOUND)
+ return NULL;
+
+ return_val_if_fail (ret == ASN1_MEM_ERROR, NULL);
+
+ value = malloc (len);
+ return_val_if_fail (value != NULL, NULL);
+
+ ret = asn1_read_value (asn, field, value, &len);
+ return_val_if_fail (ret == ASN1_SUCCESS, NULL);
+
+ *length = len;
+ return value;
+}
+
+void
+p11_asn1_free (void *asn)
+{
+ node_asn *node = asn;
+ if (node != NULL)
+ asn1_delete_structure (&node);
+}
+
ssize_t
p11_asn1_tlv_length (const unsigned char *data,
size_t length)
diff --git a/trust/asn1.h b/trust/asn1.h
index 1bd7dd1..a5f9caf 100644
--- a/trust/asn1.h
+++ b/trust/asn1.h
@@ -55,6 +55,12 @@ node_asn * p11_asn1_create (p11_dict *asn1_defs,
unsigned char * p11_asn1_encode (node_asn *asn,
size_t *der_len);
+void * p11_asn1_read (node_asn *asn,
+ const char *field,
+ size_t *length);
+
+void p11_asn1_free (void *asn);
+
ssize_t p11_asn1_tlv_length (const unsigned char *data,
size_t length);
diff --git a/trust/parser.c b/trust/parser.c
index 1ae3dc1..77e41bc 100644
--- a/trust/parser.c
+++ b/trust/parser.c
@@ -247,8 +247,7 @@ load_seq_of_oid_str (node_asn *node,
p11_dict *oids;
char field[128];
char *oid;
- int len;
- int ret;
+ size_t len;
int i;
oids = p11_dict_new (p11_dict_str_hash, p11_dict_str_equal, free, NULL);
@@ -257,19 +256,10 @@ load_seq_of_oid_str (node_asn *node,
if (snprintf (field, sizeof (field), "%s.?%u", seqof, i) < 0)
return_val_if_reached (NULL);
- len = 0;
- ret = asn1_read_value (node, field, NULL, &len);
- if (ret == ASN1_ELEMENT_NOT_FOUND)
+ oid = p11_asn1_read (node, field, &len);
+ if (oid == NULL)
break;
- return_val_if_fail (ret == ASN1_MEM_ERROR, NULL);
-
- oid = malloc (len + 1);
- return_val_if_fail (oid != NULL, NULL);
-
- ret = asn1_read_value (node, field, oid, &len);
- return_val_if_fail (ret == ASN1_SUCCESS, NULL);
-
if (!p11_dict_set (oids, oid, oid))
return_val_if_reached (NULL);
}
diff --git a/trust/persist.c b/trust/persist.c
index f70240a..f973e84 100644
--- a/trust/persist.c
+++ b/trust/persist.c
@@ -443,7 +443,7 @@ format_oid (p11_persist *persist,
char message[ASN1_MAX_ERROR_DESCRIPTION_SIZE] = { 0, };
node_asn *asn;
char *data;
- int len;
+ size_t len;
int ret;
if (attr->type != CKA_OBJECT_ID || attr->ulValueLen == 0)
@@ -471,16 +471,9 @@ format_oid (p11_persist *persist,
return false;
}
- len = 0;
- ret = asn1_read_value (asn, "", NULL, &len);
- return_val_if_fail (ret == ASN1_MEM_ERROR, false);
-
- data = calloc (len + 1, 1);
+ data = p11_asn1_read (asn, "", &len);
return_val_if_fail (data != NULL, false);
- ret = asn1_read_value (asn, "", data, &len);
- return_val_if_fail (ret == ASN1_SUCCESS, false);
-
asn1_delete_structure (&asn);
p11_buffer_add (buf, data, len - 1);
diff --git a/trust/tests/test-asn1.c b/trust/tests/test-asn1.c
index 710928c..d5ec131 100644
--- a/trust/tests/test-asn1.c
+++ b/trust/tests/test-asn1.c
@@ -130,6 +130,24 @@ test_asn1_cache (void)
p11_asn1_cache_free (cache);
}
+static void
+test_asn1_free (void)
+{
+ p11_dict *defs;
+ node_asn *asn;
+
+ defs = p11_asn1_defs_load ();
+ assert_ptr_not_null (defs);
+
+ asn = p11_asn1_decode (defs, "PKIX1.ExtKeyUsageSyntax",
+ test_eku_server_and_client,
+ sizeof (test_eku_server_and_client), NULL);
+ assert_ptr_not_null (defs);
+
+ p11_asn1_free (asn);
+ p11_asn1_free (NULL);
+}
+
int
main (int argc,
char *argv[])
@@ -139,6 +157,7 @@ main (int argc,
p11_fixture (NULL, NULL);
p11_test (test_asn1_cache, "/asn1/asn1_cache");
+ p11_test (test_asn1_free, "/asn1/free");
return p11_test_run (argc, argv);
}
diff --git a/trust/x509.c b/trust/x509.c
index aa6e171..2f81463 100644
--- a/trust/x509.c
+++ b/trust/x509.c
@@ -53,11 +53,9 @@ p11_x509_find_extension (node_asn *cert,
size_t *ext_len)
{
char field[128];
- char *value;
int start;
int end;
int ret;
- int len;
int i;
return_val_if_fail (cert != NULL, NULL);
@@ -87,18 +85,7 @@ p11_x509_find_extension (node_asn *cert,
if (snprintf (field, sizeof (field), "tbsCertificate.extensions.?%u.extnValue", i) < 0)
return_val_if_reached (NULL);
- len = 0;
- ret = asn1_read_value (cert, field, NULL, &len);
- return_val_if_fail (ret == ASN1_MEM_ERROR, NULL);
-
- value = malloc (len);
- return_val_if_fail (value != NULL, NULL);
-
- ret = asn1_read_value (cert, field, value, &len);
- return_val_if_fail (ret == ASN1_SUCCESS, NULL);
-
- *ext_len = len;
- return (unsigned char *)value;
+ return p11_asn1_read (cert, field, ext_len);
}
return NULL;
@@ -195,9 +182,8 @@ p11_x509_parse_extended_key_usage (p11_dict *asn1_defs,
node_asn *asn;
char field[128];
p11_array *ekus;
+ size_t len;
char *eku;
- int ret;
- int len;
int i;
asn = p11_asn1_decode (asn1_defs, "PKIX1.ExtKeyUsageSyntax", ext_der, ext_len, NULL);
@@ -210,19 +196,10 @@ p11_x509_parse_extended_key_usage (p11_dict *asn1_defs,
if (snprintf (field, sizeof (field), "?%u", i) < 0)
return_val_if_reached (NULL);
- len = 0;
- ret = asn1_read_value (asn, field, NULL, &len);
- if (ret == ASN1_ELEMENT_NOT_FOUND)
+ eku = p11_asn1_read (asn, field, &len);
+ if (eku == NULL)
break;
- return_val_if_fail (ret == ASN1_MEM_ERROR, NULL);
-
- eku = malloc (len + 1);
- return_val_if_fail (eku != NULL, NULL);
-
- ret = asn1_read_value (asn, field, eku, &len);
- return_val_if_fail (ret == ASN1_SUCCESS, NULL);
-
eku[len] = 0;
/* If it's our reserved OID, then skip */
@@ -321,7 +298,7 @@ p11_x509_lookup_dn_name (node_asn *asn,
{
unsigned char *value;
char field[128];
- int value_len;
+ size_t value_len;
char *part;
int i, j;
int start;
@@ -352,16 +329,9 @@ p11_x509_lookup_dn_name (node_asn *asn,
snprintf (field, sizeof (field), "%s%srdnSequence.?%d.?%d.value",
dn_field, dn_field ? "." : "", i, j);
- value_len = 0;
- ret = asn1_read_value (asn, field, NULL, &value_len);
- return_val_if_fail (ret == ASN1_MEM_ERROR, NULL);
-
- value = malloc (value_len + 1);
+ value = p11_asn1_read (asn, field, &value_len);
return_val_if_fail (value != NULL, NULL);
- ret = asn1_read_value (asn, field, value, &value_len);
- return_val_if_fail (ret == ASN1_SUCCESS, false);
-
part = p11_x509_parse_directory_string (value, value_len, NULL, NULL);
free (value);