Cryptography Reference
In-Depth Information
Listing 5-20:
“x509.c” parse_extensions
static int parse_extensions( x509_certificate *certificate,
struct asn1struct *source )
{
// Parse each extension; if one is recognized, update the certificate
// in some way
source = source->children->children;
while ( source )
{
if ( parse_extension( certificate, source ) )
{
return 1;
}
source = source->next;
}
return 0;
}
An extension consists of an OID, an optional
critical
marker, and another
optional
data
section whose interpretation varies depending on the OID. Parsing
of the actual extension is shown in Listing 5-21.
Listing 5-21:
“x509.c” parse_extension
static int parse_extension( x509_certificate *certificate,
struct asn1struct *source )
{
struct asn1struct *oid;
struct asn1struct *critical;
struct asn1struct *data;
oid = ( struct asn1struct * ) source->children;
critical = ( struct asn1struct * ) oid->next;
if ( critical->tag == ASN1_BOOLEAN )
{
data = ( struct asn1struct * ) critical->next;
}
else
{
// critical defaults to false
data = critical;
critical = NULL;
}
// TODO recognize and parse extensions - there are several
return 0;
}
The fi rst tag is always an OID; the second can be a boolean value, in which
case it indicates whether the extension should be considered critical or not.
Search WWH ::
Custom Search