︙ | | | ︙ | |
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
|
- (X509OID *)X509_stringFromASN1Object: (ASN1_OBJECT *)obj;
- (OFString *)X509_stringFromASN1String: (ASN1_STRING *)str;
@end
OF_ASSUME_NONNULL_END
@implementation X509Certificate
- init
{
OF_INVALID_INIT_METHOD
}
- initWithFile: (OFString *)path
{
self = [super init];
@try {
void *pool = objc_autoreleasePoolPush();
OFData *data = [OFData dataWithContentsOfFile: path];
const unsigned char *dataItems = data.items;
|
|
|
|
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
|
- (X509OID *)X509_stringFromASN1Object: (ASN1_OBJECT *)obj;
- (OFString *)X509_stringFromASN1String: (ASN1_STRING *)str;
@end
OF_ASSUME_NONNULL_END
@implementation X509Certificate
- (instancetype)init
{
OF_INVALID_INIT_METHOD
}
- (instancetype)initWithFile: (OFString *)path
{
self = [super init];
@try {
void *pool = objc_autoreleasePoolPush();
OFData *data = [OFData dataWithContentsOfFile: path];
const unsigned char *dataItems = data.items;
|
︙ | | | ︙ | |
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
|
[self release];
@throw e;
}
return self;
}
- initWithX509Struct: (X509 *)certificate
{
self = [super init];
@try {
_certificate = X509_dup(certificate);
if (_certificate == NULL)
@throw [OFInitializationFailedException
|
|
|
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
|
[self release];
@throw e;
}
return self;
}
- (instancetype)initWithX509Struct: (X509 *)certificate
{
self = [super init];
@try {
_certificate = X509_dup(certificate);
if (_certificate == NULL)
@throw [OFInitializationFailedException
|
︙ | | | ︙ | |
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
|
}
key = [self X509_stringFromASN1Object:
otherName->type_id];
list = [types objectForKey: key];
if (list == nil) {
list = [OFList list];
[types setObject: list
forKey: key];
}
[list appendObject:
[self X509_stringFromASN1String:
otherName->value->value.asn1_string]];
break;
case GEN_EMAIL:
|
|
<
|
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
|
}
key = [self X509_stringFromASN1Object:
otherName->type_id];
list = [types objectForKey: key];
if (list == nil) {
list = [OFList list];
[types setObject: list forKey: key];
}
[list appendObject:
[self X509_stringFromASN1String:
otherName->value->value.asn1_string]];
break;
case GEN_EMAIL:
|
︙ | | | ︙ | |
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
|
return ret;
}
- (bool)hasCommonNameMatchingDomain: (OFString *)domain
{
void *pool = objc_autoreleasePoolPush();
for (OFString *name in [[self subject] objectForKey: OID_commonName]) {
if ([self X509_isAssertedDomain: name
equalDomain: domain]) {
objc_autoreleasePoolPop(pool);
return true;
}
}
objc_autoreleasePoolPop(pool);
return false;
}
- (bool)hasDNSNameMatchingDomain: (OFString *)domain
{
void *pool = objc_autoreleasePoolPush();
for (OFString *name in
[[self subjectAlternativeName] objectForKey: @"dNSName"]) {
if ([self X509_isAssertedDomain: name
equalDomain: domain]) {
objc_autoreleasePoolPop(pool);
return true;
}
}
objc_autoreleasePoolPop(pool);
return false;
}
- (bool)hasSRVNameMatchingDomain: (OFString *)domain
service: (OFString *)service
{
size_t serviceLength;
void *pool = objc_autoreleasePoolPush();
OFDictionary *SANs = self.subjectAlternativeName;
OFList *assertedNames = [[SANs objectForKey: @"otherName"]
objectForKey: OID_SRVName];
if (![service hasPrefix: @"_"])
service = [service stringByPrependingString: @"_"];
service = [service stringByAppendingString: @"."];
serviceLength = service.length;
|
|
|
<
|
|
<
|
|
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
|
return ret;
}
- (bool)hasCommonNameMatchingDomain: (OFString *)domain
{
void *pool = objc_autoreleasePoolPush();
for (OFString *name in [self.subject objectForKey: OID_commonName]) {
if ([self X509_isAssertedDomain: name equalDomain: domain]) {
objc_autoreleasePoolPop(pool);
return true;
}
}
objc_autoreleasePoolPop(pool);
return false;
}
- (bool)hasDNSNameMatchingDomain: (OFString *)domain
{
void *pool = objc_autoreleasePoolPush();
for (OFString *name in
[self.subjectAlternativeName objectForKey: @"dNSName"]) {
if ([self X509_isAssertedDomain: name equalDomain: domain]) {
objc_autoreleasePoolPop(pool);
return true;
}
}
objc_autoreleasePoolPop(pool);
return false;
}
- (bool)hasSRVNameMatchingDomain: (OFString *)domain
service: (OFString *)service
{
size_t serviceLength;
void *pool = objc_autoreleasePoolPush();
OFDictionary *SANs = self.subjectAlternativeName;
OFList *assertedNames = [[SANs objectForKey: @"otherName"]
objectForKey: OID_SRVName];
if (![service hasPrefix: @"_"])
service = [service stringByPrependingString: @"_"];
service = [service stringByAppendingString: @"."];
serviceLength = service.length;
|
︙ | | | ︙ | |
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
|
firstDot = [domain rangeOfString: @"."].location;
if (firstDot == OF_NOT_FOUND)
return false;
domain = [domain substringWithRange:
of_range(firstDot + 1, domain.length - firstDot - 1)];
if (![asserted caseInsensitiveCompare: domain])
return true;
return false;
}
- (OFDictionary *)X509_dictionaryFromX509Name: (X509_NAME *)name
{
OFMutableDictionary *dict = [OFMutableDictionary dictionary];
int i, count = X509_NAME_entry_count(name);
for (i = 0; i < count; i++) {
void *pool = objc_autoreleasePoolPush();
X509OID *key;
OFString *value;
X509_NAME_ENTRY *entry = X509_NAME_get_entry(name, i);
ASN1_OBJECT *obj = X509_NAME_ENTRY_get_object(entry);
ASN1_STRING *str = X509_NAME_ENTRY_get_data(entry);
key = [self X509_stringFromASN1Object: obj];
if ([dict objectForKey: key] == nil)
[dict setObject: [OFList list]
forKey: key];
value = [self X509_stringFromASN1String: str];
[[dict objectForKey: key] appendObject: value];
objc_autoreleasePoolPop(pool);
}
|
|
|
<
|
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
|
firstDot = [domain rangeOfString: @"."].location;
if (firstDot == OF_NOT_FOUND)
return false;
domain = [domain substringWithRange:
of_range(firstDot + 1, domain.length - firstDot - 1)];
if ([asserted caseInsensitiveCompare: domain] == 0)
return true;
return false;
}
- (OFDictionary *)X509_dictionaryFromX509Name: (X509_NAME *)name
{
OFMutableDictionary *dict = [OFMutableDictionary dictionary];
int i, count = X509_NAME_entry_count(name);
for (i = 0; i < count; i++) {
void *pool = objc_autoreleasePoolPush();
X509OID *key;
OFString *value;
X509_NAME_ENTRY *entry = X509_NAME_get_entry(name, i);
ASN1_OBJECT *obj = X509_NAME_ENTRY_get_object(entry);
ASN1_STRING *str = X509_NAME_ENTRY_get_data(entry);
key = [self X509_stringFromASN1Object: obj];
if ([dict objectForKey: key] == nil)
[dict setObject: [OFList list] forKey: key];
value = [self X509_stringFromASN1String: str];
[[dict objectForKey: key] appendObject: value];
objc_autoreleasePoolPop(pool);
}
|
︙ | | | ︙ | |
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
|
}
return ret;
}
@end
@implementation X509OID
- init
{
OF_INVALID_INIT_METHOD
}
- initWithUTF8String: (const char *)string
{
self = [super init];
@try {
_string = [[OFString alloc] initWithUTF8String: string];
} @catch (id e) {
[self release];
|
|
|
|
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
|
}
return ret;
}
@end
@implementation X509OID
- (instancetype)init
{
OF_INVALID_INIT_METHOD
}
- (instancetype)initWithUTF8String: (const char *)string
{
self = [super init];
@try {
_string = [[OFString alloc] initWithUTF8String: string];
} @catch (id e) {
[self release];
|
︙ | | | ︙ | |
500
501
502
503
504
505
506
507
508
509
510
511
|
}
- (unsigned long)hash
{
return _string.hash;
}
- copy
{
return [self retain];
}
@end
|
|
|
496
497
498
499
500
501
502
503
504
505
506
507
|
}
- (unsigned long)hash
{
return _string.hash;
}
- (id)copy
{
return [self retain];
}
@end
|