search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
nightly: more concise mail_msg
[unleashed/tickless.git] / lib / libcrypto / asn1 / x_x509a.c
blob29817915b61802f9b01acb347c38c33eff973c23
1 /* $OpenBSD: x_x509a.c,v 1.14 2015/02/14 15:28:39 miod Exp $ */
2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5 /* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59 #include <stdio.h>
60
61 #include <openssl/asn1t.h>
62 #include <openssl/evp.h>
63 #include <openssl/x509.h>
64
65 /* X509_CERT_AUX routines. These are used to encode additional
66 * user modifiable data about a certificate. This data is
67 * appended to the X509 encoding when the *_X509_AUX routines
68 * are used. This means that the "traditional" X509 routines
69 * will simply ignore the extra data.
70 */
71
72 static X509_CERT_AUX *aux_get(X509 *x);
73
74 static const ASN1_TEMPLATE X509_CERT_AUX_seq_tt[] = {
75 {
76 .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
77 .offset = offsetof(X509_CERT_AUX, trust),
78 .field_name = "trust",
79 .item = &ASN1_OBJECT_it,
80 },
81 {
82 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF |
83 ASN1_TFLG_OPTIONAL,
84 .tag = 0,
85 .offset = offsetof(X509_CERT_AUX, reject),
86 .field_name = "reject",
87 .item = &ASN1_OBJECT_it,
88 },
89 {
90 .flags = ASN1_TFLG_OPTIONAL,
91 .offset = offsetof(X509_CERT_AUX, alias),
92 .field_name = "alias",
93 .item = &ASN1_UTF8STRING_it,
94 },
95 {
96 .flags = ASN1_TFLG_OPTIONAL,
97 .offset = offsetof(X509_CERT_AUX, keyid),
98 .field_name = "keyid",
99 .item = &ASN1_OCTET_STRING_it,
100 },
101 {
102 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF |
103 ASN1_TFLG_OPTIONAL,
104 .tag = 1,
105 .offset = offsetof(X509_CERT_AUX, other),
106 .field_name = "other",
107 .item = &X509_ALGOR_it,
108 },
109 };
110
111 const ASN1_ITEM X509_CERT_AUX_it = {
112 .itype = ASN1_ITYPE_SEQUENCE,
113 .utype = V_ASN1_SEQUENCE,
114 .templates = X509_CERT_AUX_seq_tt,
115 .tcount = sizeof(X509_CERT_AUX_seq_tt) / sizeof(ASN1_TEMPLATE),
116 .size = sizeof(X509_CERT_AUX),
117 .sname = "X509_CERT_AUX",
118 };
119
120
121 X509_CERT_AUX *
122 d2i_X509_CERT_AUX(X509_CERT_AUX **a, const unsigned char **in, long len)
123 {
124 return (X509_CERT_AUX *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
125 &X509_CERT_AUX_it);
126 }
127
128 int
129 i2d_X509_CERT_AUX(X509_CERT_AUX *a, unsigned char **out)
130 {
131 return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_CERT_AUX_it);
132 }
133
134 X509_CERT_AUX *
135 X509_CERT_AUX_new(void)
136 {
137 return (X509_CERT_AUX *)ASN1_item_new(&X509_CERT_AUX_it);
138 }
139
140 void
141 X509_CERT_AUX_free(X509_CERT_AUX *a)
142 {
143 ASN1_item_free((ASN1_VALUE *)a, &X509_CERT_AUX_it);
144 }
145
146 static X509_CERT_AUX *
147 aux_get(X509 *x)
148 {
149 if (!x)
150 return NULL;
151 if (!x->aux && !(x->aux = X509_CERT_AUX_new()))
152 return NULL;
153 return x->aux;
154 }
155
156 int
157 X509_alias_set1(X509 *x, unsigned char *name, int len)
158 {
159 X509_CERT_AUX *aux;
160 if (!name) {
161 if (!x || !x->aux || !x->aux->alias)
162 return 1;
163 ASN1_UTF8STRING_free(x->aux->alias);
164 x->aux->alias = NULL;
165 return 1;
166 }
167 if (!(aux = aux_get(x)))
168 return 0;
169 if (!aux->alias && !(aux->alias = ASN1_UTF8STRING_new()))
170 return 0;
171 return ASN1_STRING_set(aux->alias, name, len);
172 }
173
174 int
175 X509_keyid_set1(X509 *x, unsigned char *id, int len)
176 {
177 X509_CERT_AUX *aux;
178 if (!id) {
179 if (!x || !x->aux || !x->aux->keyid)
180 return 1;
181 ASN1_OCTET_STRING_free(x->aux->keyid);
182 x->aux->keyid = NULL;
183 return 1;
184 }
185 if (!(aux = aux_get(x)))
186 return 0;
187 if (!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new()))
188 return 0;
189 return ASN1_STRING_set(aux->keyid, id, len);
190 }
191
192 unsigned char *
193 X509_alias_get0(X509 *x, int *len)
194 {
195 if (!x->aux || !x->aux->alias)
196 return NULL;
197 if (len)
198 *len = x->aux->alias->length;
199 return x->aux->alias->data;
200 }
201
202 unsigned char *
203 X509_keyid_get0(X509 *x, int *len)
204 {
205 if (!x->aux || !x->aux->keyid)
206 return NULL;
207 if (len)
208 *len = x->aux->keyid->length;
209 return x->aux->keyid->data;
210 }
211
212 int
213 X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj)
214 {
215 X509_CERT_AUX *aux;
216 ASN1_OBJECT *objtmp;
217 int rc;
218
219 if (!(objtmp = OBJ_dup(obj)))
220 return 0;
221 if (!(aux = aux_get(x)))
222 goto err;
223 if (!aux->trust && !(aux->trust = sk_ASN1_OBJECT_new_null()))
224 goto err;
225 rc = sk_ASN1_OBJECT_push(aux->trust, objtmp);
226 if (rc != 0)
227 return rc;
228
229 err:
230 ASN1_OBJECT_free(objtmp);
231 return 0;
232 }
233
234 int
235 X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj)
236 {
237 X509_CERT_AUX *aux;
238 ASN1_OBJECT *objtmp;
239 int rc;
240
241 if (!(objtmp = OBJ_dup(obj)))
242 return 0;
243 if (!(aux = aux_get(x)))
244 goto err;
245 if (!aux->reject && !(aux->reject = sk_ASN1_OBJECT_new_null()))
246 goto err;
247 rc = sk_ASN1_OBJECT_push(aux->reject, objtmp);
248 if (rc != 0)
249 return rc;
250
251 err:
252 ASN1_OBJECT_free(objtmp);
253 return 0;
254 }
255
256 void
257 X509_trust_clear(X509 *x)
258 {
259 if (x->aux && x->aux->trust) {
260 sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free);
261 x->aux->trust = NULL;
262 }
263 }
264
265 void
266 X509_reject_clear(X509 *x)
267 {
268 if (x->aux && x->aux->reject) {
269 sk_ASN1_OBJECT_pop_free(x->aux->reject, ASN1_OBJECT_free);
270 x->aux->reject = NULL;
271 }
272 }
273
274 static const ASN1_TEMPLATE X509_CERT_PAIR_seq_tt[] = {
275 {
276 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
277 .tag = 0,
278 .offset = offsetof(X509_CERT_PAIR, forward),
279 .field_name = "forward",
280 .item = &X509_it,
281 },
282 {
283 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
284 .tag = 1,
285 .offset = offsetof(X509_CERT_PAIR, reverse),
286 .field_name = "reverse",
287 .item = &X509_it,
288 },
289 };
290
291 const ASN1_ITEM X509_CERT_PAIR_it = {
292 .itype = ASN1_ITYPE_SEQUENCE,
293 .utype = V_ASN1_SEQUENCE,
294 .templates = X509_CERT_PAIR_seq_tt,
295 .tcount = sizeof(X509_CERT_PAIR_seq_tt) / sizeof(ASN1_TEMPLATE),
296 .funcs = NULL,
297 .size = sizeof(X509_CERT_PAIR),
298 .sname = "X509_CERT_PAIR",
299 };
300
301
302 X509_CERT_PAIR *
303 d2i_X509_CERT_PAIR(X509_CERT_PAIR **a, const unsigned char **in, long len)
304 {
305 return (X509_CERT_PAIR *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
306 &X509_CERT_PAIR_it);
307 }
308
309 int
310 i2d_X509_CERT_PAIR(X509_CERT_PAIR *a, unsigned char **out)
311 {
312 return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_CERT_PAIR_it);
313 }
314
315 X509_CERT_PAIR *
316 X509_CERT_PAIR_new(void)
317 {
318 return (X509_CERT_PAIR *)ASN1_item_new(&X509_CERT_PAIR_it);
319 }
320
321 void
322 X509_CERT_PAIR_free(X509_CERT_PAIR *a)
323 {
324 ASN1_item_free((ASN1_VALUE *)a, &X509_CERT_PAIR_it);
325 }
unleashed repo fork