OLD | NEW |
1 /* pcy_int.h */ | 1 /* pcy_int.h */ |
2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL | 2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL |
3 * project 2004. | 3 * project 2004. |
4 */ | 4 */ |
5 /* ==================================================================== | 5 /* ==================================================================== |
6 * Copyright (c) 2004 The OpenSSL Project. All rights reserved. | 6 * Copyright (c) 2004 The OpenSSL Project. All rights reserved. |
7 * | 7 * |
8 * Redistribution and use in source and binary forms, with or without | 8 * Redistribution and use in source and binary forms, with or without |
9 * modification, are permitted provided that the following conditions | 9 * modification, are permitted provided that the following conditions |
10 * are met: | 10 * are met: |
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | 49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
50 * OF THE POSSIBILITY OF SUCH DAMAGE. | 50 * OF THE POSSIBILITY OF SUCH DAMAGE. |
51 * ==================================================================== | 51 * ==================================================================== |
52 * | 52 * |
53 * This product includes cryptographic software written by Eric Young | 53 * This product includes cryptographic software written by Eric Young |
54 * (eay@cryptsoft.com). This product includes software written by Tim | 54 * (eay@cryptsoft.com). This product includes software written by Tim |
55 * Hudson (tjh@cryptsoft.com). | 55 * Hudson (tjh@cryptsoft.com). |
56 * | 56 * |
57 */ | 57 */ |
58 | 58 |
59 DECLARE_STACK_OF(X509_POLICY_DATA) | |
60 DECLARE_STACK_OF(X509_POLICY_REF) | |
61 DECLARE_STACK_OF(X509_POLICY_NODE) | |
62 | 59 |
63 typedef struct X509_POLICY_DATA_st X509_POLICY_DATA; | 60 typedef struct X509_POLICY_DATA_st X509_POLICY_DATA; |
64 typedef struct X509_POLICY_REF_st X509_POLICY_REF; | 61 |
| 62 DECLARE_STACK_OF(X509_POLICY_DATA) |
65 | 63 |
66 /* Internal structures */ | 64 /* Internal structures */ |
67 | 65 |
68 /* This structure and the field names correspond to the Policy 'node' of | 66 /* This structure and the field names correspond to the Policy 'node' of |
69 * RFC3280. NB this structure contains no pointers to parent or child | 67 * RFC3280. NB this structure contains no pointers to parent or child |
70 * data: X509_POLICY_NODE contains that. This means that the main policy data | 68 * data: X509_POLICY_NODE contains that. This means that the main policy data |
71 * can be kept static and cached with the certificate. | 69 * can be kept static and cached with the certificate. |
72 */ | 70 */ |
73 | 71 |
74 struct X509_POLICY_DATA_st | 72 struct X509_POLICY_DATA_st |
(...skipping 28 matching lines...) Expand all Loading... |
103 #define POLICY_DATA_FLAG_SHARED_QUALIFIERS 0x4 | 101 #define POLICY_DATA_FLAG_SHARED_QUALIFIERS 0x4 |
104 | 102 |
105 /* Parent node is an extra node and should be freed */ | 103 /* Parent node is an extra node and should be freed */ |
106 | 104 |
107 #define POLICY_DATA_FLAG_EXTRA_NODE 0x8 | 105 #define POLICY_DATA_FLAG_EXTRA_NODE 0x8 |
108 | 106 |
109 /* Corresponding CertificatePolicies is critical */ | 107 /* Corresponding CertificatePolicies is critical */ |
110 | 108 |
111 #define POLICY_DATA_FLAG_CRITICAL 0x10 | 109 #define POLICY_DATA_FLAG_CRITICAL 0x10 |
112 | 110 |
113 /* This structure is an entry from a table of mapped policies which | |
114 * cross reference the policy it refers to. | |
115 */ | |
116 | |
117 struct X509_POLICY_REF_st | |
118 { | |
119 ASN1_OBJECT *subjectDomainPolicy; | |
120 const X509_POLICY_DATA *data; | |
121 }; | |
122 | |
123 /* This structure is cached with a certificate */ | 111 /* This structure is cached with a certificate */ |
124 | 112 |
125 struct X509_POLICY_CACHE_st { | 113 struct X509_POLICY_CACHE_st { |
126 /* anyPolicy data or NULL if no anyPolicy */ | 114 /* anyPolicy data or NULL if no anyPolicy */ |
127 X509_POLICY_DATA *anyPolicy; | 115 X509_POLICY_DATA *anyPolicy; |
128 /* other policy data */ | 116 /* other policy data */ |
129 STACK_OF(X509_POLICY_DATA) *data; | 117 STACK_OF(X509_POLICY_DATA) *data; |
130 /* If policyMappings extension present a table of mapped policies */ | |
131 STACK_OF(X509_POLICY_REF) *maps; | |
132 /* If InhibitAnyPolicy present this is its value or -1 if absent. */ | 118 /* If InhibitAnyPolicy present this is its value or -1 if absent. */ |
133 long any_skip; | 119 long any_skip; |
134 /* If policyConstraints and requireExplicitPolicy present this is its | 120 /* If policyConstraints and requireExplicitPolicy present this is its |
135 * value or -1 if absent. | 121 * value or -1 if absent. |
136 */ | 122 */ |
137 long explicit_skip; | 123 long explicit_skip; |
138 /* If policyConstraints and policyMapping present this is its | 124 /* If policyConstraints and policyMapping present this is its |
139 * value or -1 if absent. | 125 * value or -1 if absent. |
140 */ | 126 */ |
141 long map_skip; | 127 long map_skip; |
(...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
186 /* Set if anyPolicy present in user policies */ | 172 /* Set if anyPolicy present in user policies */ |
187 #define POLICY_FLAG_ANY_POLICY 0x2 | 173 #define POLICY_FLAG_ANY_POLICY 0x2 |
188 | 174 |
189 /* Useful macros */ | 175 /* Useful macros */ |
190 | 176 |
191 #define node_data_critical(data) (data->flags & POLICY_DATA_FLAG_CRITICAL) | 177 #define node_data_critical(data) (data->flags & POLICY_DATA_FLAG_CRITICAL) |
192 #define node_critical(node) node_data_critical(node->data) | 178 #define node_critical(node) node_data_critical(node->data) |
193 | 179 |
194 /* Internal functions */ | 180 /* Internal functions */ |
195 | 181 |
196 X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, ASN1_OBJECT *id, | 182 X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, const ASN1_OBJECT *id, |
197 int crit); | 183 int crit); |
198 void policy_data_free(X509_POLICY_DATA *data); | 184 void policy_data_free(X509_POLICY_DATA *data); |
199 | 185 |
200 X509_POLICY_DATA *policy_cache_find_data(const X509_POLICY_CACHE *cache, | 186 X509_POLICY_DATA *policy_cache_find_data(const X509_POLICY_CACHE *cache, |
201 const ASN1_OBJECT *id); | 187 const ASN1_OBJECT *id); |
202 int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps); | 188 int policy_cache_set_mapping(X509 *x, POLICY_MAPPINGS *maps); |
203 | 189 |
204 | 190 |
205 STACK_OF(X509_POLICY_NODE) *policy_node_cmp_new(void); | 191 STACK_OF(X509_POLICY_NODE) *policy_node_cmp_new(void); |
206 | 192 |
207 void policy_cache_init(void); | 193 void policy_cache_init(void); |
208 | 194 |
209 void policy_cache_free(X509_POLICY_CACHE *cache); | 195 void policy_cache_free(X509_POLICY_CACHE *cache); |
210 | 196 |
211 X509_POLICY_NODE *level_find_node(const X509_POLICY_LEVEL *level, | 197 X509_POLICY_NODE *level_find_node(const X509_POLICY_LEVEL *level, |
| 198 const X509_POLICY_NODE *parent, |
212 const ASN1_OBJECT *id); | 199 const ASN1_OBJECT *id); |
213 | 200 |
214 X509_POLICY_NODE *tree_find_sk(STACK_OF(X509_POLICY_NODE) *sk, | 201 X509_POLICY_NODE *tree_find_sk(STACK_OF(X509_POLICY_NODE) *sk, |
215 const ASN1_OBJECT *id); | 202 const ASN1_OBJECT *id); |
216 | 203 |
217 X509_POLICY_NODE *level_add_node(X509_POLICY_LEVEL *level, | 204 X509_POLICY_NODE *level_add_node(X509_POLICY_LEVEL *level, |
218 » » » X509_POLICY_DATA *data, | 205 » » » const X509_POLICY_DATA *data, |
219 X509_POLICY_NODE *parent, | 206 X509_POLICY_NODE *parent, |
220 X509_POLICY_TREE *tree); | 207 X509_POLICY_TREE *tree); |
221 void policy_node_free(X509_POLICY_NODE *node); | 208 void policy_node_free(X509_POLICY_NODE *node); |
| 209 int policy_node_match(const X509_POLICY_LEVEL *lvl, |
| 210 const X509_POLICY_NODE *node, const ASN1_OBJECT *oid); |
222 | 211 |
223 const X509_POLICY_CACHE *policy_cache_set(X509 *x); | 212 const X509_POLICY_CACHE *policy_cache_set(X509 *x); |
OLD | NEW |