/*
- * Copyright (c) 2003-2004,2006,2009-2010,2012,2014 Apple Inc. All Rights Reserved.
+ * Copyright (c) 2003-2004,2006,2009-2017 Apple Inc. All Rights Reserved.
*
* @APPLE_LICENSE_HEADER_START@
- *
+ *
* This file contains Original Code and/or Modifications of Original Code
* as defined in and that are subject to the Apple Public Source License
* Version 2.0 (the 'License'). You may not use this file except in
* compliance with the License. Please obtain a copy of the License at
* http://www.opensource.apple.com/apsl/ and read it before using this
* file.
- *
+ *
* The Original Code and all software distributed under the License are
* distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
* EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
* FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
* Please see the License for the specific language governing rights and
* limitations under the License.
- *
+ *
* @APPLE_LICENSE_HEADER_END@
*
* trusted_cert_utils.c
#include <Security/SecTrustSettings.h>
#include <Security/cssmapple.h>
#include <Security/oidsalg.h>
-#include <security_cdsa_utils/cuFileIo.h>
+#include <utilities/fileIo.h>
#include <security_cdsa_utils/cuPem.h>
static int indentSize = 0;
SecCertificateRef *certRef)
{
unsigned char *cp = NULL;
- unsigned len = 0;
+ size_t len = 0;
CSSM_DATA certData;
OSStatus ortn;
unsigned char *decoded = NULL;
unsigned decodedLen = 0;
- if(readFile(fileName, &cp, &len)) {
+ if(readFileSizet(fileName, &cp, &len)) {
printf("***Error reading file %s\n", fileName);
return -1;
}
- if(isPem(cp, len)) {
- if(pemDecode(cp, len, &decoded, &decodedLen)) {
+ if(isPem(cp, (unsigned) len)) {
+ if(pemDecode(cp, (unsigned) len, &decoded, &decodedLen)) {
fprintf(stderr, "Error decoding cert file %s\n", fileName);
return -1;
}
else if(!strcmp(policy, "IPSec")) {
return &CSSMOID_APPLE_TP_IP_SEC;
}
- else if(!strcmp(policy, "iChat")) {
- return &CSSMOID_APPLE_TP_ICHAT;
- }
else if(!strcmp(policy, "basic")) {
return &CSSMOID_APPLE_X509_BASIC;
}
else if(!strcmp(policy, "pkgSign")) {
return &CSSMOID_APPLE_TP_PACKAGE_SIGNING;
}
- else if(!strcmp(policy, "pkinitClient")) {
- return &CSSMOID_APPLE_TP_PKINIT_CLIENT;
- }
- else if(!strcmp(policy, "pkinitServer")) {
- return &CSSMOID_APPLE_TP_PKINIT_SERVER;
- }
else if(!strcmp(policy, "eap")) {
return &CSSMOID_APPLE_TP_EAP;
}
return NULL;
}
}
+
+CFOptionFlags revCheckOptionStringToFlags(
+ const char *revCheckOption)
+{
+ CFOptionFlags result = 0;
+ if(revCheckOption == NULL) {
+ return result;
+ }
+ else if(!strcmp(revCheckOption, "ocsp")) {
+ result |= kSecRevocationOCSPMethod;
+ }
+ else if(!strcmp(revCheckOption, "crl")) {
+ result |= kSecRevocationCRLMethod;
+ }
+ else if(!strcmp(revCheckOption, "require")) {
+ result |= kSecRevocationRequirePositiveResponse;
+ }
+ else if(!strcmp(revCheckOption, "offline")) {
+ result |= kSecRevocationNetworkAccessDisabled;
+ }
+ else if(!strcmp(revCheckOption, "online")) {
+ result |= kSecRevocationOnlineCheck;
+ }
+ return result;
+}
projects / apple / security.git / blobdiff