pike.git / lib / modules / Standards.pmod / X509.pmod

version» Context lines:

pike.git/lib/modules/Standards.pmod/X509.pmod:844:    sizeof(a[i])==1 &&    a[i][0]->type_name == "SEQUENCE") {    raw_extensions = a[i][0];    i++;      #define EXT(X) do { \    Object o = internal_extensions[.PKCS.Identifiers.ce_ids.##X]; \    if(o && !parse_##X(o)) \    DBG("TBSCertificate: Failed to parse extension %O.\n", #X); \    } while (0) -  EXT(basicConstraints); -  EXT(authorityKeyIdentifier); -  EXT(subjectKeyIdentifier); -  EXT(keyUsage); +  EXT(basicConstraints); // 2.5.29.19 +  EXT(authorityKeyIdentifier); // 2.5.29.35 +  EXT(subjectKeyIdentifier); // 2.5.29.14 +  EXT(keyUsage); // 2.5.29.15 +  EXT(extKeyUsage); // 2.5.29.37   #undef EXT    }    }    internal_der = asn1->get_der();    if (i == sizeof(a))    return this;    /* Too many fields */    return 0;    }   
pike.git/lib/modules/Standards.pmod/X509.pmod:910:    }       //! Set if the certificate contains a valid authorityKeyIdentifier    //! extension. RFC3280 4.2.1.1.    int(0..1) ext_authorityKeyIdentifier;       protected int(0..1) parse_authorityKeyIdentifier(Object o)    {    if( o->type_name!="SEQUENCE" )    return 0; +  Sequence s = [object(Sequence)]o;       // FIXME: Actually parse this.    ext_authorityKeyIdentifier = 1;    return 1;    }       //! Set to the value of the SubjectKeyIdentifier if the certificate    //! contains the subjectKeyIdentifier extension. RFC3280 4.2.1.2.    string ext_subjectKeyIdentifier;   
pike.git/lib/modules/Standards.pmod/X509.pmod:950:    {    int bit = !!(char & 0x80);    ext_keyUsage |= (bit << pos);    pos++;    char <<= 1;    }       return 1;    }    +  //! Set to the list of extended key usages from anyExtendedKeyUsage, +  //! if the certificate contains the extKeyUsage extensions. These +  //! Identifier objects are typically found in +  //! @[.PKCS.Identifiers.reverse_kp_ids]. RFC3280 4.2.1.13. +  array(Identifier) ext_extKeyUsage; +  +  protected int(0..1) parse_extKeyUsage(Object o) +  { +  if( o->type_name!="SEQUENCE" ) +  return 0; +  +  ext_extKeyUsage = o->elements; +  return 1;    }    -  + } +    //! Creates the ASN.1 TBSCertificate sequence (see RFC2459 section   //! 4.1) to be signed (TBS) by the CA. version is explicitly set to   //! v3, and @[extensions] is optionally added to the sequence.   //! issuerUniqueID and subjectUniqueID are not supported.   TBSCertificate make_tbs(Sequence issuer, Sequence algorithm,    Sequence subject, Sequence keyinfo,    Integer serial, Sequence validity,    array|int(0..0)|void extensions)   {    TBSCertificate tbs = TBSCertificate();