pike.git / lib / modules / Standards.pmod / X509.pmod

version» Context lines:

pike.git/lib/modules/Standards.pmod/X509.pmod:628:    "issuer" : issuer,    "subject" : subject,    ]);    break;    default:    error("Can't case %O to %O\n", this_program, to);    break;    }    }    -  protected string get_id(object asn) -  { -  foreach(.PKCS.Identifiers.name_ids; string name; object id) -  if( asn==id ) return name; -  return (array(string))asn->id*"."; -  } -  +     protected array fmt_asn1(object asn)    {    array i = ({});    mapping m = ([]);       foreach(asn->elements;; object o)    {    o = o[0]; -  string id = get_id(o[0]); +  string id = .PKCS.Identifiers.reverse_name_ids[o[0]] || +  (array(string))o[0]->id*"."; +     i += ({ ([ id : o[1]->value]) });    if( m )    {    if(m[id])    {    m = 0;    continue;    }    m[id] = o[1]->value;    }
pike.git/lib/modules/Standards.pmod/X509.pmod:1074:    return 0;   }      //! Verifies that all extensions mandated for certificate signing   //! certificates are present and valid.   TBSCertificate verify_ca_certificate(string|TBSCertificate tbs)   {    if(stringp(tbs)) tbs = decode_certificate(tbs);    if(!tbs) return 0;    +  int t = time(); +  if( tbs->not_after < t ) return 0; +  if( tbs->not_before > t ) return 0; +     multiset crit = tbs->critical + (<>);    int self_signed = (tbs->issuer->get_der() == tbs->subject->get_der());       Object lookup(Identifier id)    {    crit[id] = 0;    return tbs->extensions[id];    };       // FIXME: Move extension parsing into tbs.