oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

remove trailing whitespace

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@23815 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2008-09-13 09:21:03 +00:00
parent e172367898
commit 6937d41a02
940 changed files with 23827 additions and 23827 deletions
Download Patch File Download Diff File Expand all files Collapse all files

116
lib/hx509/ca.c
View File

@@ -1,34 +1,34 @@
/*
* Copyright (c) 2006 - 2007 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "hx_locl.h"
@@ -236,7 +236,7 @@ hx509_ca_tbs_set_template(hx509_context context,
hx509_name_free(&tbs->subject);
ret = hx509_cert_get_subject(cert, &tbs->subject);
if (ret) {
hx509_set_error_string(context, 0, ret,
hx509_set_error_string(context, 0, ret,
"Failed to get subject from template");
return ret;
}
@@ -246,7 +246,7 @@ hx509_ca_tbs_set_template(hx509_context context,
ret = hx509_cert_get_serialnumber(cert, &tbs->serial);
tbs->flags.serial = !ret;
if (ret) {
hx509_set_error_string(context, 0, ret,
hx509_set_error_string(context, 0, ret,
"Failed to copy serial number");
return ret;
}
@@ -473,7 +473,7 @@ hx509_ca_tbs_add_crl_dp_uri(hx509_context context,
int ret;
memset(&dp, 0, sizeof(dp));
dp.distributionPoint = ecalloc(1, sizeof(*dp.distributionPoint));
{
@@ -488,8 +488,8 @@ hx509_ca_tbs_add_crl_dp_uri(hx509_context context,
gn.element = choice_GeneralName_uniformResourceIdentifier;
gn.u.uniformResourceIdentifier = rk_UNCONST(uri);
ASN1_MALLOC_ENCODE(DistributionPointName,
dp.distributionPoint->data,
ASN1_MALLOC_ENCODE(DistributionPointName,
dp.distributionPoint->data,
dp.distributionPoint->length,
&name, &size, ret);
if (ret) {
@@ -509,7 +509,7 @@ hx509_ca_tbs_add_crl_dp_uri(hx509_context context,
hx509_set_error_string(context, 0, EINVAL,
"CRLDistributionPoints.name.issuername not yet supported");
return EINVAL;
#else
#else
GeneralNames *crlissuer;
GeneralName gn;
Name n;
@@ -579,7 +579,7 @@ hx509_ca_tbs_add_san_otherName(hx509_context context,
gn.element = choice_GeneralName_otherName;
gn.u.otherName.type_id = *oid;
gn.u.otherName.value = *os;
return add_GeneralNames(&tbs->san, &gn);
}
@@ -621,7 +621,7 @@ hx509_ca_tbs_add_san_pkinit(hx509_context context,
if(*str=='\\'){
if(str[1] == '\0' || str[1] == '@') {
ret = HX509_PARSING_NAME_FAILED;
hx509_set_error_string(context, 0, ret,
hx509_set_error_string(context, 0, ret,
"trailing \\ in principal name");
goto out;
}
@@ -629,7 +629,7 @@ hx509_ca_tbs_add_san_pkinit(hx509_context context,
} else if(*str == '/')
n++;
}
p.principalName.name_string.val =
p.principalName.name_string.val =
calloc(n, sizeof(*p.principalName.name_string.val));
if (p.principalName.name_string.val == NULL) {
ret = ENOMEM;
@@ -661,7 +661,7 @@ hx509_ca_tbs_add_san_pkinit(hx509_context context,
*q++ = '\0';
}
}
ASN1_MALLOC_ENCODE(KRB5PrincipalName, os.data, os.length, &p, &size, ret);
if (ret) {
hx509_set_error_string(context, 0, ret, "Out of memory");
@@ -669,7 +669,7 @@ hx509_ca_tbs_add_san_pkinit(hx509_context context,
}
if (size != os.length)
_hx509_abort("internal ASN.1 encoder error");
ret = hx509_ca_tbs_add_san_otherName(context,
tbs,
oid_id_pkinit_san(),
@@ -682,7 +682,7 @@ out:
free(s);
return ret;
}
/*
*
*/
@@ -708,7 +708,7 @@ add_utf8_san(hx509_context context,
}
if (size != os.length)
_hx509_abort("internal ASN.1 encoder error");
ret = hx509_ca_tbs_add_san_otherName(context,
tbs,
oid,
@@ -787,7 +787,7 @@ hx509_ca_tbs_add_san_hostname(hx509_context context,
memset(&gn, 0, sizeof(gn));
gn.element = choice_GeneralName_dNSName;
gn.u.dNSName = rk_UNCONST(dnsname);
return add_GeneralNames(&tbs->san, &gn);
}
@@ -814,7 +814,7 @@ hx509_ca_tbs_add_san_rfc822name(hx509_context context,
memset(&gn, 0, sizeof(gn));
gn.element = choice_GeneralName_rfc822Name;
gn.u.rfc822Name = rk_UNCONST(rfc822Name);
return add_GeneralNames(&tbs->san, &gn);
}
@@ -1005,7 +1005,7 @@ ca_sign(hx509_context context,
return EINVAL;
}
if (hx509_name_is_null_p(tbs->subject) && tbs->san.len == 0) {
hx509_set_error_string(context, 0, EINVAL,
hx509_set_error_string(context, 0, EINVAL,
"NULL subject and no SubjectAltNames");
return EINVAL;
}
@@ -1017,7 +1017,7 @@ ca_sign(hx509_context context,
}
if (tbs->flags.proxy) {
if (tbs->san.len > 0) {
hx509_set_error_string(context, 0, EINVAL,
hx509_set_error_string(context, 0, EINVAL,
"Proxy certificate is not allowed "
"to have SubjectAltNames");
return EINVAL;
@@ -1099,7 +1099,7 @@ ca_sign(hx509_context context,
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
/* Add the text BMP string Domaincontroller to the cert */
if (tbs->flags.domaincontroller) {
data.data = rk_UNCONST("\x1e\x20\x00\x44\x00\x6f\x00\x6d"
@@ -1137,7 +1137,7 @@ ca_sign(hx509_context context,
/* add ExtendedKeyUsage */
if (tbs->eku.len > 0) {
ASN1_MALLOC_ENCODE(ExtKeyUsage, data.data, data.length,
ASN1_MALLOC_ENCODE(ExtKeyUsage, data.data, data.length,
&tbs->eku, &size, ret);
if (ret) {
hx509_set_error_string(context, 0, ret, "Out of memory");
@@ -1154,7 +1154,7 @@ ca_sign(hx509_context context,
/* add Subject Alternative Name */
if (tbs->san.len > 0) {
ASN1_MALLOC_ENCODE(GeneralNames, data.data, data.length,
ASN1_MALLOC_ENCODE(GeneralNames, data.data, data.length,
&tbs->san, &size, ret);
if (ret) {
hx509_set_error_string(context, 0, ret, "Out of memory");
@@ -1172,7 +1172,7 @@ ca_sign(hx509_context context,
/* Add Authority Key Identifier */
if (ai) {
ASN1_MALLOC_ENCODE(AuthorityKeyIdentifier, data.data, data.length,
ASN1_MALLOC_ENCODE(AuthorityKeyIdentifier, data.data, data.length,
ai, &size, ret);
if (ret) {
hx509_set_error_string(context, 0, ret, "Out of memory");
@@ -1195,7 +1195,7 @@ ca_sign(hx509_context context,
{
SHA_CTX m;
SHA1_Init(&m);
SHA1_Update(&m, tbs->spki.subjectPublicKey.data,
tbs->spki.subjectPublicKey.length / 8);
@@ -1205,7 +1205,7 @@ ca_sign(hx509_context context,
si.data = hash;
si.length = sizeof(hash);
ASN1_MALLOC_ENCODE(SubjectKeyIdentifier, data.data, data.length,
ASN1_MALLOC_ENCODE(SubjectKeyIdentifier, data.data, data.length,
&si, &size, ret);
if (ret) {
hx509_set_error_string(context, 0, ret, "Out of memory");
@@ -1221,7 +1221,7 @@ ca_sign(hx509_context context,
goto out;
}
/* Add BasicConstraints */
/* Add BasicConstraints */
{
BasicConstraints bc;
int aCA = 1;
@@ -1237,7 +1237,7 @@ ca_sign(hx509_context context,
}
}
ASN1_MALLOC_ENCODE(BasicConstraints, data.data, data.length,
ASN1_MALLOC_ENCODE(BasicConstraints, data.data, data.length,
&bc, &size, ret);
if (ret) {
hx509_set_error_string(context, 0, ret, "Out of memory");
@@ -1261,7 +1261,7 @@ ca_sign(hx509_context context,
memset(&info, 0, sizeof(info));
if (tbs->pathLenConstraint >= 0) {
info.pCPathLenConstraint =
info.pCPathLenConstraint =
malloc(sizeof(*info.pCPathLenConstraint));
if (info.pCPathLenConstraint == NULL) {
ret = ENOMEM;
@@ -1279,7 +1279,7 @@ ca_sign(hx509_context context,
goto out;
}
ASN1_MALLOC_ENCODE(ProxyCertInfo, data.data, data.length,
ASN1_MALLOC_ENCODE(ProxyCertInfo, data.data, data.length,
&info, &size, ret);
free_ProxyCertInfo(&info);
if (ret) {
@@ -1377,14 +1377,14 @@ get_AuthorityKeyIdentifier(hx509_context context,
memset(&gns, 0, sizeof(gns));
memset(&name, 0, sizeof(name));
ai->authorityCertIssuer =
ai->authorityCertIssuer =
calloc(1, sizeof(*ai->authorityCertIssuer));
if (ai->authorityCertIssuer == NULL) {
ret = ENOMEM;
hx509_set_error_string(context, 0, ret, "Out of memory");
goto out;
}
ai->authorityCertSerialNumber =
ai->authorityCertSerialNumber =
calloc(1, sizeof(*ai->authorityCertSerialNumber));
if (ai->authorityCertSerialNumber == NULL) {
ret = ENOMEM;
@@ -1392,7 +1392,7 @@ get_AuthorityKeyIdentifier(hx509_context context,
goto out;
}
/*
/*
* XXX unbreak when asn1 compiler handle IMPLICIT
*
* This is so horrible.
@@ -1407,7 +1407,7 @@ get_AuthorityKeyIdentifier(hx509_context context,
memset(&gn, 0, sizeof(gn));
gn.element = choice_GeneralName_directoryName;
gn.u.directoryName.element =
gn.u.directoryName.element =
choice_GeneralName_directoryName_rdnSequence;
gn.u.directoryName.u.rdnSequence = name.u.rdnSequence;
@@ -1436,7 +1436,7 @@ out:
/**
* Sign a to-be-signed certificate object with a issuer certificate.
* Sign a to-be-signed certificate object with a issuer certificate.
*
* The caller needs to at least have called the following functions on the
* to-be-signed certificate object:
@@ -1478,7 +1478,7 @@ hx509_ca_sign(hx509_context context,
goto out;
ret = ca_sign(context,
tbs,
tbs,
_hx509_cert_private_key(signer),
&ai,
&signer_cert->tbsCertificate.subject,
@@ -1510,7 +1510,7 @@ hx509_ca_sign_self(hx509_context context,
hx509_cert *certificate)
{
return ca_sign(context,
tbs,
tbs,
signer,
NULL,
NULL,