crypto/x509v3/v3_sxnet.c

   1 /* v3_sxnet.c */
   2 /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
   3  * project 1999.
   4  */
   5 /* ====================================================================
   6  * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
   7  *
   8  * Redistribution and use in source and binary forms, with or without
   9  * modification, are permitted provided that the following conditions
  10  * are met:
  11  *
  12  * 1. Redistributions of source code must retain the above copyright
  13  *    notice, this list of conditions and the following disclaimer.
  14  *
  15  * 2. Redistributions in binary form must reproduce the above copyright
  16  *    notice, this list of conditions and the following disclaimer in
  17  *    the documentation and/or other materials provided with the
  18  *    distribution.
  19  *
  20  * 3. All advertising materials mentioning features or use of this
  21  *    software must display the following acknowledgment:
  22  *    "This product includes software developed by the OpenSSL Project
  23  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
  24  *
  25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  26  *    endorse or promote products derived from this software without
  27  *    prior written permission. For written permission, please contact
  28  *    licensing@OpenSSL.org.
  29  *
  30  * 5. Products derived from this software may not be called "OpenSSL"
  31  *    nor may "OpenSSL" appear in their names without prior written
  32  *    permission of the OpenSSL Project.
  33  *
  34  * 6. Redistributions of any form whatsoever must retain the following
  35  *    acknowledgment:
  36  *    "This product includes software developed by the OpenSSL Project
  37  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
  38  *
  39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  42  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
  43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  50  * OF THE POSSIBILITY OF SUCH DAMAGE.
  51  * ====================================================================
  52  *
  53  * This product includes cryptographic software written by Eric Young
  54  * (eay@cryptsoft.com).  This product includes software written by Tim
  55  * Hudson (tjh@cryptsoft.com).
  56  *
  57  */
  58
  59 #include <stdio.h>
  60 #include "cryptlib.h"
  61 #include "conf.h"
  62 #include "asn1.h"
  63 #include "asn1_mac.h"
  64 #include "x509v3.h"
  65
  66 /* Support for Thawte strong extranet extension */
  67
  68 #define SXNET_TEST
  69
  70 #ifndef NOPROTO
  71 static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, int indent);
  72 #ifdef SXNET_TEST
  73 static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK *nval);
  74 #endif
  75 #else
  76 static int sxnet_i2r();
  77 #endif
  78
  79 X509V3_EXT_METHOD v3_sxnet = {
  80 NID_sxnet, X509V3_EXT_MULTILINE,
  81 (X509V3_EXT_NEW)SXNET_new,
  82 SXNET_free,
  83 (X509V3_EXT_D2I)d2i_SXNET,
  84 i2d_SXNET,
  85 NULL, NULL,
  86 NULL,
  87 #ifdef SXNET_TEST
  88 (X509V3_EXT_V2I)sxnet_v2i,
  89 #else
  90 NULL,
  91 #endif
  92 (X509V3_EXT_I2R)sxnet_i2r,
  93 NULL,
  94 NULL
  95 };
  96
  97
  98 /*
  99  * ASN1err(ASN1_F_SXNET_NEW,ERR_R_MALLOC_FAILURE);
 100  * ASN1err(ASN1_F_D2I_SXNET,ERR_R_MALLOC_FAILURE);
 101  * ASN1err(ASN1_F_SXNETID_NEW,ERR_R_MALLOC_FAILURE);
 102  * ASN1err(ASN1_F_D2I_SXNETID,ERR_R_MALLOC_FAILURE);
 103  */
 104
 105 int i2d_SXNET(a,pp)
 106 SXNET *a;
 107 unsigned char **pp;
 108 {
 109         M_ASN1_I2D_vars(a);
 110
 111         M_ASN1_I2D_len (a->version, i2d_ASN1_INTEGER);
 112         M_ASN1_I2D_len_SEQUENCE_type (SXNETID, a->ids, i2d_SXNETID);
 113
 114         M_ASN1_I2D_seq_total();
 115
 116         M_ASN1_I2D_put (a->version, i2d_ASN1_INTEGER);
 117         M_ASN1_I2D_put_SEQUENCE_type (SXNETID, a->ids, i2d_SXNETID);
 118
 119         M_ASN1_I2D_finish();
 120 }
 121
 122 SXNET *SXNET_new()
 123 {
 124         SXNET *ret=NULL;
 125         ASN1_CTX c;
 126         M_ASN1_New_Malloc(ret, SXNET);
 127         M_ASN1_New(ret->version,ASN1_INTEGER_new);
 128         M_ASN1_New(ret->ids,sk_SXNETID_new_null);
 129         return (ret);
 130         M_ASN1_New_Error(ASN1_F_SXNET_NEW);
 131 }
 132
 133 SXNET *d2i_SXNET(a,pp,length)
 134 SXNET **a;
 135 unsigned char **pp;
 136 long length;
 137 {
 138         M_ASN1_D2I_vars(a,SXNET *,SXNET_new);
 139         M_ASN1_D2I_Init();
 140         M_ASN1_D2I_start_sequence();
 141         M_ASN1_D2I_get (ret->version, d2i_ASN1_INTEGER);
 142         M_ASN1_D2I_get_seq_type (SXNETID, ret->ids, d2i_SXNETID, SXNETID_free);
 143         M_ASN1_D2I_Finish(a, SXNET_free, ASN1_F_D2I_SXNET);
 144 }
 145
 146 void SXNET_free(a)
 147 SXNET *a;
 148 {
 149         if (a == NULL) return;
 150         ASN1_INTEGER_free(a->version);
 151         sk_SXNETID_pop_free(a->ids, SXNETID_free);
 152         Free (a);
 153 }
 154
 155 int i2d_SXNETID(a,pp)
 156 SXNETID *a;
 157 unsigned char **pp;
 158 {
 159         M_ASN1_I2D_vars(a);
 160
 161         M_ASN1_I2D_len (a->zone, i2d_ASN1_INTEGER);
 162         M_ASN1_I2D_len (a->user, i2d_ASN1_OCTET_STRING);
 163
 164         M_ASN1_I2D_seq_total();
 165
 166         M_ASN1_I2D_put (a->zone, i2d_ASN1_INTEGER);
 167         M_ASN1_I2D_put (a->user, i2d_ASN1_OCTET_STRING);
 168
 169         M_ASN1_I2D_finish();
 170 }
 171
 172 SXNETID *SXNETID_new()
 173 {
 174         SXNETID *ret=NULL;
 175         ASN1_CTX c;
 176         M_ASN1_New_Malloc(ret, SXNETID);
 177         ret->zone = NULL;
 178         M_ASN1_New(ret->user,ASN1_OCTET_STRING_new);
 179         return (ret);
 180         M_ASN1_New_Error(ASN1_F_SXNETID_NEW);
 181 }
 182
 183 SXNETID *d2i_SXNETID(a,pp,length)
 184 SXNETID **a;
 185 unsigned char **pp;
 186 long length;
 187 {
 188         M_ASN1_D2I_vars(a,SXNETID *,SXNETID_new);
 189         M_ASN1_D2I_Init();
 190         M_ASN1_D2I_start_sequence();
 191         M_ASN1_D2I_get(ret->zone, d2i_ASN1_INTEGER);
 192         M_ASN1_D2I_get(ret->user, d2i_ASN1_OCTET_STRING);
 193         M_ASN1_D2I_Finish(a, SXNETID_free, ASN1_F_D2I_SXNETID);
 194 }
 195
 196 void SXNETID_free(a)
 197 SXNETID *a;
 198 {
 199         if (a == NULL) return;
 200         ASN1_INTEGER_free(a->zone);
 201         ASN1_OCTET_STRING_free(a->user);
 202         Free (a);
 203 }
 204
 205 static int sxnet_i2r(method, sx, out, indent)
 206 X509V3_EXT_METHOD *method;
 207 SXNET *sx;
 208 BIO *out;
 209 int indent;
 210 {
 211         long v;
 212         char *tmp;
 213         SXNETID *id;
 214         int i;
 215         v = ASN1_INTEGER_get(sx->version);
 216         BIO_printf(out, "%*sVersion: %d (0x%X)", indent, "", v + 1, v);
 217         for(i = 0; i < sk_SXNETID_num(sx->ids); i++) {
 218                 id = sk_SXNETID_value(sx->ids, i);
 219                 tmp = i2s_ASN1_INTEGER(NULL, id->zone);
 220                 BIO_printf(out, "\n%*sZone: %s, User: ", indent, "", tmp);
 221                 Free(tmp);
 222                 ASN1_OCTET_STRING_print(out, id->user);
 223         }
 224         return 1;
 225 }
 226
 227 #ifdef SXNET_TEST
 228
 229 /* NBB: this is used for testing only. It should *not* be used for anything
 230  * else because it will just take static IDs from the configuration file and
 231  * they should really be separate values for each user.
 232  */
 233
 234
 235 static SXNET * sxnet_v2i(method, ctx, nval)
 236 X509V3_EXT_METHOD *method;
 237 X509V3_CTX *ctx;
 238 STACK *nval;
 239 {
 240         CONF_VALUE *cnf;
 241         SXNET *sx = NULL;
 242         int i;
 243         for(i = 0; i < sk_num(nval); i++) {
 244                 cnf = (CONF_VALUE *)sk_value(nval, i);
 245                 if(!SXNET_add_id_asc(&sx, cnf->name, cnf->value, -1))
 246                                                                  return NULL;
 247         }
 248         return sx;
 249 }
 250
 251
 252 #endif
 253
 254 /* Strong Extranet utility functions */
 255
 256 /* Add an id given the zone as an ASCII number */
 257
 258 int SXNET_add_id_asc(psx, zone, user, userlen)
 259 SXNET **psx;
 260 char *zone;
 261 unsigned char *user;
 262 int userlen;
 263 {
 264         ASN1_INTEGER *izone = NULL;
 265         if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
 266                 X509V3err(X509V3_F_SXNET_ADD_ASC,X509V3_R_ERROR_CONVERTING_ZONE);
 267                 return 0;
 268         }
 269         return SXNET_add_id_INTEGER(psx, izone, user, userlen);
 270 }
 271
 272 /* Add an id given the zone as an unsigned long */
 273
 274 int SXNET_add_id_ulong(psx, lzone, user, userlen)
 275 SXNET **psx;
 276 unsigned long lzone;
 277 unsigned char *user;
 278 int userlen;
 279 {
 280         ASN1_INTEGER *izone = NULL;
 281         if(!(izone = ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) {
 282                 X509V3err(X509V3_F_SXNET_ADD_ID_ULONG,ERR_R_MALLOC_FAILURE);
 283                 ASN1_INTEGER_free(izone);
 284                 return 0;
 285         }
 286         return SXNET_add_id_INTEGER(psx, izone, user, userlen);
 287
 288 }
 289
 290 /* Add an id given the zone as an ASN1_INTEGER.
 291  * Note this version uses the passed integer and doesn't make a copy so don't
 292  * free it up afterwards.
 293  */
 294
 295 int SXNET_add_id_INTEGER(psx, zone, user, userlen)
 296 SXNET **psx;
 297 ASN1_INTEGER *zone;
 298 unsigned char *user;
 299 int userlen;
 300 {
 301         SXNET *sx = NULL;
 302         SXNETID *id = NULL;
 303         if(!psx || !zone || !user) {
 304                 X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_INVALID_NULL_ARGUMENT);
 305                 return 0;
 306         }
 307         if(userlen == -1) userlen = strlen(user);
 308         if(userlen > 64) {
 309                 X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_USER_TOO_LONG);
 310                 return 0;
 311         }
 312         if(!*psx) {
 313                 if(!(sx = SXNET_new())) goto err;
 314                 if(!ASN1_INTEGER_set(sx->version, 0)) goto err;
 315                 *psx = sx;
 316         } else sx = *psx;
 317         if(SXNET_get_id_INTEGER(sx, zone)) {
 318                 X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_DUPLICATE_ZONE_ID);
 319                 return 0;
 320         }
 321
 322         if(!(id = SXNETID_new())) goto err;
 323         if(userlen == -1) userlen = strlen(user);
 324
 325         if(!ASN1_OCTET_STRING_set(id->user, user, userlen)) goto err;
 326         if(!sk_SXNETID_push(sx->ids, id)) goto err;
 327         id->zone = zone;
 328         return 1;
 329
 330         err:
 331         X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,ERR_R_MALLOC_FAILURE);
 332         SXNETID_free(id);
 333         SXNET_free(sx);
 334         *psx = NULL;
 335         return 0;
 336 }
 337
 338 ASN1_OCTET_STRING *SXNET_get_id_asc(sx, zone)
 339 SXNET *sx;
 340 char *zone;
 341 {
 342         ASN1_INTEGER *izone = NULL;
 343         ASN1_OCTET_STRING *oct;
 344         if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) {
 345                 X509V3err(X509V3_F_SXNET_GET_ID_ASC,X509V3_R_ERROR_CONVERTING_ZONE);
 346                 return NULL;
 347         }
 348         oct = SXNET_get_id_INTEGER(sx, izone);
 349         ASN1_INTEGER_free(oct);
 350         return oct;
 351 }
 352
 353 ASN1_OCTET_STRING *SXNET_get_id_ulong(sx, lzone)
 354 SXNET *sx;
 355 unsigned long lzone;
 356 {
 357         ASN1_INTEGER *izone = NULL;
 358         ASN1_OCTET_STRING *oct;
 359         if(!(izone = ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) {
 360                 X509V3err(X509V3_F_SXNET_GET_ID_ULONG,ERR_R_MALLOC_FAILURE);
 361                 ASN1_INTEGER_free(izone);
 362                 return NULL;
 363         }
 364         oct = SXNET_get_id_INTEGER(sx, izone);
 365         ASN1_INTEGER_free(oct);
 366         return oct;
 367 }
 368
 369 ASN1_OCTET_STRING *SXNET_get_id_INTEGER(sx, zone)
 370 SXNET *sx;
 371 ASN1_INTEGER *zone;
 372 {
 373         SXNETID *id;
 374         int i;
 375         for(i = 0; i < sk_SXNETID_num(sx->ids); i++) {
 376                 id = sk_SXNETID_value(sx->ids, i);
 377                 if(!ASN1_INTEGER_cmp(id->zone, zone)) return id->user;
 378         }
 379         return NULL;
 380 }
 381
 382 IMPLEMENT_STACK_OF(SXNETID)
 383 IMPLEMENT_ASN1_SET_OF(SXNETID)