| yuezonghe | 824eb0c | 2024-06-27 02:32:26 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright 2004-2020 The OpenSSL Project Authors. All Rights Reserved. |
| 3 | * |
| 4 | * Licensed under the OpenSSL license (the "License"). You may not use |
| 5 | * this file except in compliance with the License. You can obtain a copy |
| 6 | * in the file LICENSE in the source distribution or at |
| 7 | * https://www.openssl.org/source/license.html |
| 8 | */ |
| 9 | |
| 10 | #include "internal/cryptlib.h" |
| 11 | #include <openssl/x509.h> |
| 12 | #include <openssl/x509v3.h> |
| 13 | |
| 14 | #include "pcy_local.h" |
| 15 | |
| 16 | /* Policy Node routines */ |
| 17 | |
| 18 | void policy_data_free(X509_POLICY_DATA *data) |
| 19 | { |
| 20 | if (data == NULL) |
| 21 | return; |
| 22 | ASN1_OBJECT_free(data->valid_policy); |
| 23 | /* Don't free qualifiers if shared */ |
| 24 | if (!(data->flags & POLICY_DATA_FLAG_SHARED_QUALIFIERS)) |
| 25 | sk_POLICYQUALINFO_pop_free(data->qualifier_set, POLICYQUALINFO_free); |
| 26 | sk_ASN1_OBJECT_pop_free(data->expected_policy_set, ASN1_OBJECT_free); |
| 27 | OPENSSL_free(data); |
| 28 | } |
| 29 | |
| 30 | /* |
| 31 | * Create a data based on an existing policy. If 'id' is NULL use the OID in |
| 32 | * the policy, otherwise use 'id'. This behaviour covers the two types of |
| 33 | * data in RFC3280: data with from a CertificatePolicies extension and |
| 34 | * additional data with just the qualifiers of anyPolicy and ID from another |
| 35 | * source. |
| 36 | */ |
| 37 | |
| 38 | X509_POLICY_DATA *policy_data_new(POLICYINFO *policy, |
| 39 | const ASN1_OBJECT *cid, int crit) |
| 40 | { |
| 41 | X509_POLICY_DATA *ret; |
| 42 | ASN1_OBJECT *id; |
| 43 | |
| 44 | if (policy == NULL && cid == NULL) |
| 45 | return NULL; |
| 46 | if (cid) { |
| 47 | id = OBJ_dup(cid); |
| 48 | if (id == NULL) |
| 49 | return NULL; |
| 50 | } else |
| 51 | id = NULL; |
| 52 | ret = OPENSSL_zalloc(sizeof(*ret)); |
| 53 | if (ret == NULL) { |
| 54 | X509V3err(X509V3_F_POLICY_DATA_NEW, ERR_R_MALLOC_FAILURE); |
| 55 | ASN1_OBJECT_free(id); |
| 56 | return NULL; |
| 57 | } |
| 58 | ret->expected_policy_set = sk_ASN1_OBJECT_new_null(); |
| 59 | if (ret->expected_policy_set == NULL) { |
| 60 | OPENSSL_free(ret); |
| 61 | ASN1_OBJECT_free(id); |
| 62 | X509V3err(X509V3_F_POLICY_DATA_NEW, ERR_R_MALLOC_FAILURE); |
| 63 | return NULL; |
| 64 | } |
| 65 | |
| 66 | if (crit) |
| 67 | ret->flags = POLICY_DATA_FLAG_CRITICAL; |
| 68 | |
| 69 | if (id) |
| 70 | ret->valid_policy = id; |
| 71 | else { |
| 72 | ret->valid_policy = policy->policyid; |
| 73 | policy->policyid = NULL; |
| 74 | } |
| 75 | |
| 76 | if (policy) { |
| 77 | ret->qualifier_set = policy->qualifiers; |
| 78 | policy->qualifiers = NULL; |
| 79 | } |
| 80 | |
| 81 | return ret; |
| 82 | } |