From ec7c2ff2011d774217c1e35d664072d0487853c7 Mon Sep 17 00:00:00 2001 From: Stef Walter Date: Thu, 4 Jul 2013 15:37:34 +0200 Subject: trust: Add p11_asn1_read() and p11_asn1_free() functions Some helpers for commonly used ASN.1 related stuff. --- trust/asn1.c | 38 ++++++++++++++++++++++++++++++++++++++ trust/asn1.h | 6 ++++++ trust/parser.c | 16 +++------------- trust/persist.c | 11 ++--------- trust/tests/test-asn1.c | 19 +++++++++++++++++++ trust/x509.c | 42 ++++++------------------------------------ 6 files changed, 74 insertions(+), 58 deletions(-) diff --git a/trust/asn1.c b/trust/asn1.c index 29cca3a..fcd8e1c 100644 --- a/trust/asn1.c +++ b/trust/asn1.c @@ -192,6 +192,44 @@ p11_asn1_encode (node_asn *asn, return der; } +void * +p11_asn1_read (node_asn *asn, + const char *field, + size_t *length) +{ + void *value; + int len; + int ret; + + return_val_if_fail (asn != NULL, NULL); + return_val_if_fail (field != NULL, NULL); + return_val_if_fail (length != NULL, NULL); + + len = 0; + ret = asn1_read_value (asn, field, NULL, &len); + if (ret == ASN1_ELEMENT_NOT_FOUND) + return NULL; + + return_val_if_fail (ret == ASN1_MEM_ERROR, NULL); + + value = malloc (len); + return_val_if_fail (value != NULL, NULL); + + ret = asn1_read_value (asn, field, value, &len); + return_val_if_fail (ret == ASN1_SUCCESS, NULL); + + *length = len; + return value; +} + +void +p11_asn1_free (void *asn) +{ + node_asn *node = asn; + if (node != NULL) + asn1_delete_structure (&node); +} + ssize_t p11_asn1_tlv_length (const unsigned char *data, size_t length) diff --git a/trust/asn1.h b/trust/asn1.h index 1bd7dd1..a5f9caf 100644 --- a/trust/asn1.h +++ b/trust/asn1.h @@ -55,6 +55,12 @@ node_asn * p11_asn1_create (p11_dict *asn1_defs, unsigned char * p11_asn1_encode (node_asn *asn, size_t *der_len); +void * p11_asn1_read (node_asn *asn, + const char *field, + size_t *length); + +void p11_asn1_free (void *asn); + ssize_t p11_asn1_tlv_length (const unsigned char *data, size_t length); diff --git a/trust/parser.c b/trust/parser.c index 1ae3dc1..77e41bc 100644 --- a/trust/parser.c +++ b/trust/parser.c @@ -247,8 +247,7 @@ load_seq_of_oid_str (node_asn *node, p11_dict *oids; char field[128]; char *oid; - int len; - int ret; + size_t len; int i; oids = p11_dict_new (p11_dict_str_hash, p11_dict_str_equal, free, NULL); @@ -257,19 +256,10 @@ load_seq_of_oid_str (node_asn *node, if (snprintf (field, sizeof (field), "%s.?%u", seqof, i) < 0) return_val_if_reached (NULL); - len = 0; - ret = asn1_read_value (node, field, NULL, &len); - if (ret == ASN1_ELEMENT_NOT_FOUND) + oid = p11_asn1_read (node, field, &len); + if (oid == NULL) break; - return_val_if_fail (ret == ASN1_MEM_ERROR, NULL); - - oid = malloc (len + 1); - return_val_if_fail (oid != NULL, NULL); - - ret = asn1_read_value (node, field, oid, &len); - return_val_if_fail (ret == ASN1_SUCCESS, NULL); - if (!p11_dict_set (oids, oid, oid)) return_val_if_reached (NULL); } diff --git a/trust/persist.c b/trust/persist.c index f70240a..f973e84 100644 --- a/trust/persist.c +++ b/trust/persist.c @@ -443,7 +443,7 @@ format_oid (p11_persist *persist, char message[ASN1_MAX_ERROR_DESCRIPTION_SIZE] = { 0, }; node_asn *asn; char *data; - int len; + size_t len; int ret; if (attr->type != CKA_OBJECT_ID || attr->ulValueLen == 0) @@ -471,16 +471,9 @@ format_oid (p11_persist *persist, return false; } - len = 0; - ret = asn1_read_value (asn, "", NULL, &len); - return_val_if_fail (ret == ASN1_MEM_ERROR, false); - - data = calloc (len + 1, 1); + data = p11_asn1_read (asn, "", &len); return_val_if_fail (data != NULL, false); - ret = asn1_read_value (asn, "", data, &len); - return_val_if_fail (ret == ASN1_SUCCESS, false); - asn1_delete_structure (&asn); p11_buffer_add (buf, data, len - 1); diff --git a/trust/tests/test-asn1.c b/trust/tests/test-asn1.c index 710928c..d5ec131 100644 --- a/trust/tests/test-asn1.c +++ b/trust/tests/test-asn1.c @@ -130,6 +130,24 @@ test_asn1_cache (void) p11_asn1_cache_free (cache); } +static void +test_asn1_free (void) +{ + p11_dict *defs; + node_asn *asn; + + defs = p11_asn1_defs_load (); + assert_ptr_not_null (defs); + + asn = p11_asn1_decode (defs, "PKIX1.ExtKeyUsageSyntax", + test_eku_server_and_client, + sizeof (test_eku_server_and_client), NULL); + assert_ptr_not_null (defs); + + p11_asn1_free (asn); + p11_asn1_free (NULL); +} + int main (int argc, char *argv[]) @@ -139,6 +157,7 @@ main (int argc, p11_fixture (NULL, NULL); p11_test (test_asn1_cache, "/asn1/asn1_cache"); + p11_test (test_asn1_free, "/asn1/free"); return p11_test_run (argc, argv); } diff --git a/trust/x509.c b/trust/x509.c index aa6e171..2f81463 100644 --- a/trust/x509.c +++ b/trust/x509.c @@ -53,11 +53,9 @@ p11_x509_find_extension (node_asn *cert, size_t *ext_len) { char field[128]; - char *value; int start; int end; int ret; - int len; int i; return_val_if_fail (cert != NULL, NULL); @@ -87,18 +85,7 @@ p11_x509_find_extension (node_asn *cert, if (snprintf (field, sizeof (field), "tbsCertificate.extensions.?%u.extnValue", i) < 0) return_val_if_reached (NULL); - len = 0; - ret = asn1_read_value (cert, field, NULL, &len); - return_val_if_fail (ret == ASN1_MEM_ERROR, NULL); - - value = malloc (len); - return_val_if_fail (value != NULL, NULL); - - ret = asn1_read_value (cert, field, value, &len); - return_val_if_fail (ret == ASN1_SUCCESS, NULL); - - *ext_len = len; - return (unsigned char *)value; + return p11_asn1_read (cert, field, ext_len); } return NULL; @@ -195,9 +182,8 @@ p11_x509_parse_extended_key_usage (p11_dict *asn1_defs, node_asn *asn; char field[128]; p11_array *ekus; + size_t len; char *eku; - int ret; - int len; int i; asn = p11_asn1_decode (asn1_defs, "PKIX1.ExtKeyUsageSyntax", ext_der, ext_len, NULL); @@ -210,19 +196,10 @@ p11_x509_parse_extended_key_usage (p11_dict *asn1_defs, if (snprintf (field, sizeof (field), "?%u", i) < 0) return_val_if_reached (NULL); - len = 0; - ret = asn1_read_value (asn, field, NULL, &len); - if (ret == ASN1_ELEMENT_NOT_FOUND) + eku = p11_asn1_read (asn, field, &len); + if (eku == NULL) break; - return_val_if_fail (ret == ASN1_MEM_ERROR, NULL); - - eku = malloc (len + 1); - return_val_if_fail (eku != NULL, NULL); - - ret = asn1_read_value (asn, field, eku, &len); - return_val_if_fail (ret == ASN1_SUCCESS, NULL); - eku[len] = 0; /* If it's our reserved OID, then skip */ @@ -321,7 +298,7 @@ p11_x509_lookup_dn_name (node_asn *asn, { unsigned char *value; char field[128]; - int value_len; + size_t value_len; char *part; int i, j; int start; @@ -352,16 +329,9 @@ p11_x509_lookup_dn_name (node_asn *asn, snprintf (field, sizeof (field), "%s%srdnSequence.?%d.?%d.value", dn_field, dn_field ? "." : "", i, j); - value_len = 0; - ret = asn1_read_value (asn, field, NULL, &value_len); - return_val_if_fail (ret == ASN1_MEM_ERROR, NULL); - - value = malloc (value_len + 1); + value = p11_asn1_read (asn, field, &value_len); return_val_if_fail (value != NULL, NULL); - ret = asn1_read_value (asn, field, value, &value_len); - return_val_if_fail (ret == ASN1_SUCCESS, false); - part = p11_x509_parse_directory_string (value, value_len, NULL, NULL); free (value); -- cgit v1.1