X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=crypto%2Fasn1%2Fx_x509.c;h=ee3213045ed2cd23a279474d634c877c16a8f40f;hp=5326debe0046a06c15bf72e8695d9b484940c991;hb=ce1b4fe14648007bf054cf54846c0620e4605251;hpb=673b102c5b265bd6c517ac40ab76e1606a243c08 diff --git a/crypto/asn1/x_x509.c b/crypto/asn1/x_x509.c index 5326debe00..ee3213045e 100644 --- a/crypto/asn1/x_x509.c +++ b/crypto/asn1/x_x509.c @@ -118,9 +118,10 @@ X509 *X509_new(void) ret->valid=0; ret->ex_flags = 0; ret->name=NULL; + ret->aux=NULL; M_ASN1_New(ret->cert_info,X509_CINF_new); M_ASN1_New(ret->sig_alg,X509_ALGOR_new); - M_ASN1_New(ret->signature,ASN1_BIT_STRING_new); + M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new); CRYPTO_new_ex_data(x509_meth, (char *)ret, &ret->ex_data); return(ret); M_ASN1_New_Error(ASN1_F_X509_NEW); @@ -148,7 +149,8 @@ void X509_free(X509 *a) CRYPTO_free_ex_data(x509_meth,(char *)a,&a->ex_data); X509_CINF_free(a->cert_info); X509_ALGOR_free(a->sig_alg); - ASN1_BIT_STRING_free(a->signature); + M_ASN1_BIT_STRING_free(a->signature); + X509_CERT_AUX_free(a->aux); if (a->name != NULL) Free(a->name); Free((char *)a); @@ -172,3 +174,37 @@ char *X509_get_ex_data(X509 *r, int idx) return(CRYPTO_get_ex_data(&r->ex_data,idx)); } +/* X509_AUX ASN1 routines. X509_AUX is the name given to + * a certificate with extra info tagged on the end. Since these + * functions set how a certificate is trusted they should only + * be used when the certificate comes from a reliable source + * such as local storage. + * + */ + +X509 *d2i_X509_AUX(X509 **a, unsigned char **pp, long length) +{ + unsigned char *q; + X509 *ret; + /* Save start position */ + q = *pp; + ret = d2i_X509(a, pp, length); + /* If certificate unreadable then forget it */ + if(!ret) return NULL; + /* update length */ + length -= *pp - q; + if(!length) return ret; + if(!d2i_X509_CERT_AUX(&ret->aux, pp, length)) goto err; + return ret; + err: + X509_free(ret); + return NULL; +} + +int i2d_X509_AUX(X509 *a, unsigned char **pp) +{ + int length; + length = i2d_X509(a, pp); + if(a) length += i2d_X509_CERT_AUX(a->aux, pp); + return length; +}