113039Sthartmann/* crypto/ts/ts_verify_ctx.c */
216972Sdlong/*
313039Sthartmann * Written by Zoltan Glozik (zglozik@stones.com) for the OpenSSL project
413039Sthartmann * 2003.
513039Sthartmann */
613039Sthartmann/* ====================================================================
713039Sthartmann * Copyright (c) 2006 The OpenSSL Project.  All rights reserved.
813039Sthartmann *
913039Sthartmann * Redistribution and use in source and binary forms, with or without
1013039Sthartmann * modification, are permitted provided that the following conditions
1113039Sthartmann * are met:
1213039Sthartmann *
1313039Sthartmann * 1. Redistributions of source code must retain the above copyright
1413039Sthartmann *    notice, this list of conditions and the following disclaimer.
1513039Sthartmann *
1613039Sthartmann * 2. Redistributions in binary form must reproduce the above copyright
1713039Sthartmann *    notice, this list of conditions and the following disclaimer in
1813039Sthartmann *    the documentation and/or other materials provided with the
1913039Sthartmann *    distribution.
2013039Sthartmann *
2113039Sthartmann * 3. All advertising materials mentioning features or use of this
2213039Sthartmann *    software must display the following acknowledgment:
2313039Sthartmann *    "This product includes software developed by the OpenSSL Project
2413039Sthartmann *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
2513039Sthartmann *
2613039Sthartmann * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
2713039Sthartmann *    endorse or promote products derived from this software without
2813039Sthartmann *    prior written permission. For written permission, please contact
2913039Sthartmann *    licensing@OpenSSL.org.
3013039Sthartmann *
3113039Sthartmann * 5. Products derived from this software may not be called "OpenSSL"
3213039Sthartmann *    nor may "OpenSSL" appear in their names without prior written
3316972Sdlong *    permission of the OpenSSL Project.
3416972Sdlong *
3513039Sthartmann * 6. Redistributions of any form whatsoever must retain the following
3613039Sthartmann *    acknowledgment:
3713039Sthartmann *    "This product includes software developed by the OpenSSL Project
3813039Sthartmann *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
3913039Sthartmann *
4013039Sthartmann * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
4113039Sthartmann * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
4213039Sthartmann * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
4313039Sthartmann * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
4413039Sthartmann * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
4513039Sthartmann * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
4613039Sthartmann * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
4713039Sthartmann * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
4813039Sthartmann * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
4913039Sthartmann * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
5013039Sthartmann * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
5113039Sthartmann * OF THE POSSIBILITY OF SUCH DAMAGE.
5213039Sthartmann * ====================================================================
5316972Sdlong *
5416972Sdlong * This product includes cryptographic software written by Eric Young
5516972Sdlong * (eay@cryptsoft.com).  This product includes software written by Tim
5613039Sthartmann * Hudson (tjh@cryptsoft.com).
5713039Sthartmann *
5813039Sthartmann */
5913039Sthartmann
6013039Sthartmann#include "cryptlib.h"
6113039Sthartmann#include <openssl/objects.h>
6216972Sdlong#include <openssl/ts.h>
6316972Sdlong
6416972SdlongTS_VERIFY_CTX *TS_VERIFY_CTX_new(void)
6513039Sthartmann{
6613039Sthartmann    TS_VERIFY_CTX *ctx =
6713039Sthartmann        (TS_VERIFY_CTX *)OPENSSL_malloc(sizeof(TS_VERIFY_CTX));
6813039Sthartmann    if (ctx)
6913039Sthartmann        memset(ctx, 0, sizeof(TS_VERIFY_CTX));
7013039Sthartmann    else
7113039Sthartmann        TSerr(TS_F_TS_VERIFY_CTX_NEW, ERR_R_MALLOC_FAILURE);
7213039Sthartmann    return ctx;
7313039Sthartmann}
7416972Sdlong
7516972Sdlongvoid TS_VERIFY_CTX_init(TS_VERIFY_CTX *ctx)
7616972Sdlong{
7716972Sdlong    OPENSSL_assert(ctx != NULL);
7816972Sdlong    memset(ctx, 0, sizeof(TS_VERIFY_CTX));
7913039Sthartmann}
8013039Sthartmann
8116972Sdlongvoid TS_VERIFY_CTX_free(TS_VERIFY_CTX *ctx)
8216972Sdlong{
8316972Sdlong    if (!ctx)
8413039Sthartmann        return;
8513039Sthartmann
8613039Sthartmann    TS_VERIFY_CTX_cleanup(ctx);
8713039Sthartmann    OPENSSL_free(ctx);
8813039Sthartmann}
8913039Sthartmann
9013039Sthartmannvoid TS_VERIFY_CTX_cleanup(TS_VERIFY_CTX *ctx)
9113039Sthartmann{
9216972Sdlong    if (!ctx)
9316972Sdlong        return;
9416972Sdlong
9516972Sdlong    X509_STORE_free(ctx->store);
9616972Sdlong    sk_X509_pop_free(ctx->certs, X509_free);
9716972Sdlong
9816972Sdlong    ASN1_OBJECT_free(ctx->policy);
9916972Sdlong
10016972Sdlong    X509_ALGOR_free(ctx->md_alg);
10116972Sdlong    OPENSSL_free(ctx->imprint);
10213039Sthartmann
10316972Sdlong    BIO_free_all(ctx->data);
10416972Sdlong
10516972Sdlong    ASN1_INTEGER_free(ctx->nonce);
10616972Sdlong
10716972Sdlong    GENERAL_NAME_free(ctx->tsa_name);
10813039Sthartmann
10913039Sthartmann    TS_VERIFY_CTX_init(ctx);
11013039Sthartmann}
11113039Sthartmann
11213039SthartmannTS_VERIFY_CTX *TS_REQ_to_TS_VERIFY_CTX(TS_REQ *req, TS_VERIFY_CTX *ctx)
11313039Sthartmann{
11413039Sthartmann    TS_VERIFY_CTX *ret = ctx;
11516972Sdlong    ASN1_OBJECT *policy;
11616972Sdlong    TS_MSG_IMPRINT *imprint;
11716972Sdlong    X509_ALGOR *md_alg;
11816972Sdlong    ASN1_OCTET_STRING *msg;
11916972Sdlong    const ASN1_INTEGER *nonce;
12016972Sdlong
12113039Sthartmann    OPENSSL_assert(req != NULL);
12216972Sdlong    if (ret)
12316972Sdlong        TS_VERIFY_CTX_cleanup(ret);
12416972Sdlong    else if (!(ret = TS_VERIFY_CTX_new()))
12516972Sdlong        return NULL;
12616972Sdlong
12713039Sthartmann    /* Setting flags. */
12813039Sthartmann    ret->flags = TS_VFY_ALL_IMPRINT & ~(TS_VFY_TSA_NAME | TS_VFY_SIGNATURE);
12913039Sthartmann
13013039Sthartmann    /* Setting policy. */
13113039Sthartmann    if ((policy = TS_REQ_get_policy_id(req)) != NULL) {
13213039Sthartmann        if (!(ret->policy = OBJ_dup(policy)))
13313039Sthartmann            goto err;
13413039Sthartmann    } else
13513039Sthartmann        ret->flags &= ~TS_VFY_POLICY;
13616972Sdlong
13716972Sdlong    /* Setting md_alg, imprint and imprint_len. */
13816972Sdlong    imprint = TS_REQ_get_msg_imprint(req);
13916972Sdlong    md_alg = TS_MSG_IMPRINT_get_algo(imprint);
14013039Sthartmann    if (!(ret->md_alg = X509_ALGOR_dup(md_alg)))
14113039Sthartmann        goto err;
14213039Sthartmann    msg = TS_MSG_IMPRINT_get_msg(imprint);
14313039Sthartmann    ret->imprint_len = ASN1_STRING_length(msg);
14413039Sthartmann    if (!(ret->imprint = OPENSSL_malloc(ret->imprint_len)))
14513039Sthartmann        goto err;
14613039Sthartmann    memcpy(ret->imprint, ASN1_STRING_data(msg), ret->imprint_len);
14713039Sthartmann
14813039Sthartmann    /* Setting nonce. */
14913039Sthartmann    if ((nonce = TS_REQ_get_nonce(req)) != NULL) {
15013327Sshade        if (!(ret->nonce = ASN1_INTEGER_dup(nonce)))
15113327Sshade            goto err;
15213039Sthartmann    } else
15313039Sthartmann        ret->flags &= ~TS_VFY_NONCE;
15413039Sthartmann
15513039Sthartmann    return ret;
15613039Sthartmann err:
15713039Sthartmann    if (ctx)
15813039Sthartmann        TS_VERIFY_CTX_cleanup(ctx);
15913039Sthartmann    else
16013039Sthartmann        TS_VERIFY_CTX_free(ret);
16113039Sthartmann    return NULL;
16213039Sthartmann}
16313039Sthartmann