Commit fd1d26b7 authored by Niels Möller's avatar Niels Möller

* certificate.c (spki_cert_parse_body): Deleted function (replaced

by code in parse.c).
(spki_5_tuple_free_chain): New function.
(spki_process_sequence_no_signatures): New function.

Rev: src/spki/certificate.c:1.12
Rev: src/spki/certificate.h:1.12
parent c6c26821
......@@ -278,73 +278,78 @@ spki_acl_parse(struct spki_acl_db *db, struct sexp_iterator *i)
return type == SPKI_TYPE_END_OF_EXPR && spki_parse_end(i);
}
#define SKIP(t) do \
{ \
if (type == (t)) \
type = spki_parse_skip(i); \
} while (0)
/* Should be called with the iterator pointing just after the "cert"
* type tag. */
int
spki_cert_parse_body(struct spki_acl_db *db, struct sexp_iterator *i,
struct spki_5_tuple *cert)
void
spki_5_tuple_free_chain(struct spki_acl_db *db,
struct spki_5_tuple *chain)
{
enum spki_type type = spki_parse_type(i);
cert->flags = 0;
if (type == SPKI_TYPE_VERSION)
type = spki_parse_version(i);
SKIP(SPKI_TYPE_DISPLAY);
while (chain)
{
struct spki_5_tuple *next = chain->next;
if (chain->tag)
SPKI_FREE(db, chain->tag);
SPKI_FREE(db, chain);
if (type != SPKI_TYPE_ISSUER)
return 0;
chain = next;
}
}
type = spki_parse_principal(db, i, &cert->issuer);
if (!type || !(type = spki_parse_end(i)))
return 0;
struct spki_5_tuple *
spki_process_sequence_no_signatures(struct spki_acl_db *db,
struct sexp_iterator *i)
{
struct spki_5_tuple *chain = NULL;
enum spki_type type;
SKIP(SPKI_TYPE_ISSUER_INFO);
if (!spki_check_type(i, SPKI_TYPE_SEQUENCE))
return NULL;
type = spki_parse_principal(db, i, &cert->subject);
if (!type || !(type = spki_parse_end(i)))
return 0;
type = spki_parse_type(i);
SKIP(SPKI_TYPE_SUBJECT_INFO);
if (type == SPKI_TYPE_PROPAGATE)
for (;;)
{
if (!sexp_iterator_exit_list(i))
return 0;
switch (type)
{
default:
goto fail;
cert->flags |= SPKI_PROPAGATE;
}
case SPKI_TYPE_END_OF_EXPR:
goto done;
case SPKI_TYPE_CERT:
{
SPKI_NEW(db, struct spki_5_tuple, cert);
cert->next = chain;
chain = cert;
type = spki_parse_cert(db, i, cert);
if (type != SPKI_TYPE_TAG)
return 0;
type = spki_parse_tag(db, i, cert);
if (!type)
return 0;
if (!type)
goto fail;
if (type == SPKI_TYPE_VALID)
type = spki_parse_valid(i, cert);
break;
}
case SPKI_TYPE_PUBLIC_KEY:
case SPKI_TYPE_SIGNATURE:
case SPKI_TYPE_DO:
/* Ignore */
type = spki_parse_skip(i);
break;
}
}
SKIP(SPKI_TYPE_COMMENT);
done:
return (type == SPKI_TYPE_END_OF_EXPR) && sexp_iterator_exit_list(i);
assert(type == SPKI_TYPE_END_OF_EXPR);
if (sexp_iterator_exit_list(i))
return chain;
fail:
spki_5_tuple_free_chain(db, chain);
return NULL;
}
int
spki_cert_parse(struct spki_acl_db *db, struct sexp_iterator *i,
struct spki_5_tuple *cert)
{
return spki_check_type(i, SPKI_TYPE_CERT)
&& spki_cert_parse_body(db, i, cert);
}
/* Dates */
......
......@@ -179,13 +179,14 @@ spki_acl_by_authorization_next(struct spki_acl_db *,
/* Certificates */
int
spki_cert_parse(struct spki_acl_db *db, struct sexp_iterator *i,
struct spki_5_tuple *cert);
int
spki_cert_parse_body(struct spki_acl_db *db, struct sexp_iterator *i,
struct spki_5_tuple *cert);
void
spki_5_tuple_free_chain(struct spki_acl_db *db,
struct spki_5_tuple *chain);
struct spki_5_tuple *
spki_process_sequence_no_signatures(struct spki_acl_db *db,
struct sexp_iterator *i);
/* Other more or less internal functions. */
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment