[thirdparty/openssl.git] / crypto / x509 / x_x509a.c

/*
 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
 * 1999.
 */
/* ====================================================================
 * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    licensing@OpenSSL.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 * This product includes cryptographic software written by Eric Young
 * (eay@cryptsoft.com).  This product includes software written by Tim
 * Hudson (tjh@cryptsoft.com).
 *
 */

#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/evp.h>
#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include "internal/x509_int.h"

/*
 * X509_CERT_AUX routines. These are used to encode additional user
 * modifiable data about a certificate. This data is appended to the X509
 * encoding when the *_X509_AUX routines are used. This means that the
 * "traditional" X509 routines will simply ignore the extra data.
 */

static X509_CERT_AUX *aux_get(X509 *x);

ASN1_SEQUENCE(X509_CERT_AUX) = {
        ASN1_SEQUENCE_OF_OPT(X509_CERT_AUX, trust, ASN1_OBJECT),
        ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, reject, ASN1_OBJECT, 0),
        ASN1_OPT(X509_CERT_AUX, alias, ASN1_UTF8STRING),
        ASN1_OPT(X509_CERT_AUX, keyid, ASN1_OCTET_STRING),
        ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, other, X509_ALGOR, 1)
} ASN1_SEQUENCE_END(X509_CERT_AUX)

IMPLEMENT_ASN1_FUNCTIONS(X509_CERT_AUX)

int X509_trusted(const X509 *x)
{
    return x->aux ? 1 : 0;
}

static X509_CERT_AUX *aux_get(X509 *x)
{
    if (x == NULL)
        return NULL;
    if (x->aux == NULL && (x->aux = X509_CERT_AUX_new()) == NULL)
        return NULL;
    return x->aux;
}

int X509_alias_set1(X509 *x, unsigned char *name, int len)
{
    X509_CERT_AUX *aux;
    if (!name) {
        if (!x || !x->aux || !x->aux->alias)
            return 1;
        ASN1_UTF8STRING_free(x->aux->alias);
        x->aux->alias = NULL;
        return 1;
    }
    if ((aux = aux_get(x)) == NULL)
        return 0;
    if (aux->alias == NULL && (aux->alias = ASN1_UTF8STRING_new()) == NULL)
        return 0;
    return ASN1_STRING_set(aux->alias, name, len);
}

int X509_keyid_set1(X509 *x, unsigned char *id, int len)
{
    X509_CERT_AUX *aux;
    if (!id) {
        if (!x || !x->aux || !x->aux->keyid)
            return 1;
        ASN1_OCTET_STRING_free(x->aux->keyid);
        x->aux->keyid = NULL;
        return 1;
    }
    if ((aux = aux_get(x)) == NULL)
        return 0;
    if (aux->keyid ==NULL
        && (aux->keyid = ASN1_OCTET_STRING_new()) == NULL)
        return 0;
    return ASN1_STRING_set(aux->keyid, id, len);
}

unsigned char *X509_alias_get0(X509 *x, int *len)
{
    if (!x->aux || !x->aux->alias)
        return NULL;
    if (len)
        *len = x->aux->alias->length;
    return x->aux->alias->data;
}

unsigned char *X509_keyid_get0(X509 *x, int *len)
{
    if (!x->aux || !x->aux->keyid)
        return NULL;
    if (len)
        *len = x->aux->keyid->length;
    return x->aux->keyid->data;
}

int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj)
{
    X509_CERT_AUX *aux;
    ASN1_OBJECT *objtmp = NULL;
    if (obj) {
        objtmp = OBJ_dup(obj);
        if (!objtmp)
            return 0;
    }
    if ((aux = aux_get(x)) == NULL)
        goto err;
    if (aux->trust == NULL
        && (aux->trust = sk_ASN1_OBJECT_new_null()) == NULL)
        goto err;
    if (!objtmp || sk_ASN1_OBJECT_push(aux->trust, objtmp))
        return 1;
 err:
    ASN1_OBJECT_free(objtmp);
    return 0;
}

int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj)
{
    X509_CERT_AUX *aux;
    ASN1_OBJECT *objtmp;
    if ((objtmp = OBJ_dup(obj)) == NULL)
        return 0;
    if ((aux = aux_get(x)) == NULL)
        goto err;
    if (aux->reject == NULL
        && (aux->reject = sk_ASN1_OBJECT_new_null()) == NULL)
        goto err;
    return sk_ASN1_OBJECT_push(aux->reject, objtmp);
 err:
    ASN1_OBJECT_free(objtmp);
    return 0;
}

void X509_trust_clear(X509 *x)
{
    if (x->aux) {
        sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free);
        x->aux->trust = NULL;
    }
}

void X509_reject_clear(X509 *x)
{
    if (x->aux) {
        sk_ASN1_OBJECT_pop_free(x->aux->reject, ASN1_OBJECT_free);
        x->aux->reject = NULL;
    }
}

STACK_OF(ASN1_OBJECT) *X509_get0_trust_objects(X509 *x)
{
    if (x->aux != NULL)
        return x->aux->trust;
    return NULL;
}

STACK_OF(ASN1_OBJECT) *X509_get0_reject_objects(X509 *x)
{
    if (x->aux != NULL)
        return x->aux->reject;
    return NULL;
}
Commit	Line	Data
0f113f3e MC	1	/*
	2	* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
	3	* 1999.
ce1b4fe1 DSH	4	*/
	5	/* ====================================================================
	6	* Copyright (c) 1999 The OpenSSL Project. All rights reserved.
	7	*
	8	* Redistribution and use in source and binary forms, with or without
	9	* modification, are permitted provided that the following conditions
	10	* are met:
	11	*
	12	* 1. Redistributions of source code must retain the above copyright
0f113f3e	13	* notice, this list of conditions and the following disclaimer.
ce1b4fe1 DSH	14	*
	15	* 2. Redistributions in binary form must reproduce the above copyright
	16	* notice, this list of conditions and the following disclaimer in
	17	* the documentation and/or other materials provided with the
	18	* distribution.
	19	*
	20	* 3. All advertising materials mentioning features or use of this
	21	* software must display the following acknowledgment:
	22	* "This product includes software developed by the OpenSSL Project
	23	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
	24	*
	25	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
	26	* endorse or promote products derived from this software without
	27	* prior written permission. For written permission, please contact
	28	* licensing@OpenSSL.org.
	29	*
	30	* 5. Products derived from this software may not be called "OpenSSL"
	31	* nor may "OpenSSL" appear in their names without prior written
	32	* permission of the OpenSSL Project.
	33	*
	34	* 6. Redistributions of any form whatsoever must retain the following
	35	* acknowledgment:
	36	* "This product includes software developed by the OpenSSL Project
	37	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
	38	*
	39	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
	40	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	41	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	42	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
	43	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	44	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	45	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	46	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	47	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	48	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	49	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
	50	* OF THE POSSIBILITY OF SUCH DAMAGE.
	51	* ====================================================================
	52	*
	53	* This product includes cryptographic software written by Eric Young
	54	* (eay@cryptsoft.com). This product includes software written by Tim
	55	* Hudson (tjh@cryptsoft.com).
	56	*
	57	*/
	58
	59	#include <stdio.h>
b39fc560	60	#include "internal/cryptlib.h"
ce1b4fe1	61	#include <openssl/evp.h>
9d6b1ce6	62	#include <openssl/asn1t.h>
ce1b4fe1	63	#include <openssl/x509.h>
bc3686df	64	#include "internal/x509_int.h"
ce1b4fe1	65
0f113f3e MC	66	/*
	67	* X509_CERT_AUX routines. These are used to encode additional user
	68	* modifiable data about a certificate. This data is appended to the X509
	69	* encoding when the *_X509_AUX routines are used. This means that the
	70	* "traditional" X509 routines will simply ignore the extra data.
ce1b4fe1 DSH	71	*/
	72
	73	static X509_CERT_AUX aux_get(X509 x);
	74
9d6b1ce6	75	ASN1_SEQUENCE(X509_CERT_AUX) = {
0f113f3e MC	76	ASN1_SEQUENCE_OF_OPT(X509_CERT_AUX, trust, ASN1_OBJECT),
	77	ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, reject, ASN1_OBJECT, 0),
	78	ASN1_OPT(X509_CERT_AUX, alias, ASN1_UTF8STRING),
	79	ASN1_OPT(X509_CERT_AUX, keyid, ASN1_OCTET_STRING),
	80	ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, other, X509_ALGOR, 1)
d339187b	81	} ASN1_SEQUENCE_END(X509_CERT_AUX)
ce1b4fe1	82
9d6b1ce6	83	IMPLEMENT_ASN1_FUNCTIONS(X509_CERT_AUX)
ce1b4fe1	84
748118a8 DSH	85	int X509_trusted(const X509 *x)
	86	{
	87	return x->aux ? 1 : 0;
	88	}
	89
ce1b4fe1 DSH	90	static X509_CERT_AUX aux_get(X509 x)
ce1b4fe1 DSH	91	{
75ebbd9a	92	if (x == NULL)
0f113f3e	93	return NULL;
75ebbd9a	94	if (x->aux == NULL && (x->aux = X509_CERT_AUX_new()) == NULL)
0f113f3e MC	95	return NULL;
0f113f3e MC	96	return x->aux;
ce1b4fe1 DSH	97	}
ce1b4fe1 DSH	98
6d0d5431	99	int X509_alias_set1(X509 x, unsigned char name, int len)
ce1b4fe1	100	{
0f113f3e MC	101	X509_CERT_AUX *aux;
	102	if (!name) {
	103	if (!x \|\| !x->aux \|\| !x->aux->alias)
	104	return 1;
	105	ASN1_UTF8STRING_free(x->aux->alias);
	106	x->aux->alias = NULL;
	107	return 1;
	108	}
75ebbd9a	109	if ((aux = aux_get(x)) == NULL)
0f113f3e	110	return 0;
75ebbd9a	111	if (aux->alias == NULL && (aux->alias = ASN1_UTF8STRING_new()) == NULL)
0f113f3e MC	112	return 0;
0f113f3e MC	113	return ASN1_STRING_set(aux->alias, name, len);
ce1b4fe1 DSH	114	}
ce1b4fe1 DSH	115
84b65340 DSH	116	int X509_keyid_set1(X509 x, unsigned char id, int len)
84b65340 DSH	117	{
0f113f3e MC	118	X509_CERT_AUX *aux;
	119	if (!id) {
	120	if (!x \|\| !x->aux \|\| !x->aux->keyid)
	121	return 1;
	122	ASN1_OCTET_STRING_free(x->aux->keyid);
	123	x->aux->keyid = NULL;
	124	return 1;
	125	}
75ebbd9a	126	if ((aux = aux_get(x)) == NULL)
0f113f3e	127	return 0;
75ebbd9a RS	128	if (aux->keyid ==NULL
75ebbd9a RS	129	&& (aux->keyid = ASN1_OCTET_STRING_new()) == NULL)
0f113f3e MC	130	return 0;
0f113f3e MC	131	return ASN1_STRING_set(aux->keyid, id, len);
84b65340 DSH	132	}
84b65340 DSH	133
6d0d5431	134	unsigned char X509_alias_get0(X509 x, int *len)
ce1b4fe1	135	{
0f113f3e MC	136	if (!x->aux \|\| !x->aux->alias)
	137	return NULL;
	138	if (len)
	139	*len = x->aux->alias->length;
	140	return x->aux->alias->data;
ce1b4fe1 DSH	141	}
ce1b4fe1 DSH	142
9a48b07e DSH	143	unsigned char X509_keyid_get0(X509 x, int *len)
9a48b07e DSH	144	{
0f113f3e MC	145	if (!x->aux \|\| !x->aux->keyid)
	146	return NULL;
	147	if (len)
	148	*len = x->aux->keyid->length;
	149	return x->aux->keyid->data;
9a48b07e DSH	150	}
9a48b07e DSH	151
c7cb16a8	152	int X509_add1_trust_object(X509 x, ASN1_OBJECT obj)
0f113f3e MC	153	{
	154	X509_CERT_AUX *aux;
	155	ASN1_OBJECT *objtmp = NULL;
	156	if (obj) {
	157	objtmp = OBJ_dup(obj);
	158	if (!objtmp)
	159	return 0;
	160	}
75ebbd9a	161	if ((aux = aux_get(x)) == NULL)
0f113f3e	162	goto err;
75ebbd9a RS	163	if (aux->trust == NULL
75ebbd9a RS	164	&& (aux->trust = sk_ASN1_OBJECT_new_null()) == NULL)
0f113f3e MC	165	goto err;
	166	if (!objtmp \|\| sk_ASN1_OBJECT_push(aux->trust, objtmp))
	167	return 1;
	168	err:
0dfb9398	169	ASN1_OBJECT_free(objtmp);
0f113f3e MC	170	return 0;
0f113f3e MC	171	}
ce1b4fe1	172
c7cb16a8	173	int X509_add1_reject_object(X509 x, ASN1_OBJECT obj)
ce1b4fe1	174	{
0f113f3e MC	175	X509_CERT_AUX *aux;
0f113f3e MC	176	ASN1_OBJECT *objtmp;
75ebbd9a	177	if ((objtmp = OBJ_dup(obj)) == NULL)
0f113f3e	178	return 0;
75ebbd9a	179	if ((aux = aux_get(x)) == NULL)
55500ea7	180	goto err;
75ebbd9a RS	181	if (aux->reject == NULL
75ebbd9a RS	182	&& (aux->reject = sk_ASN1_OBJECT_new_null()) == NULL)
55500ea7	183	goto err;
0f113f3e	184	return sk_ASN1_OBJECT_push(aux->reject, objtmp);
55500ea7 AG	185	err:
	186	ASN1_OBJECT_free(objtmp);
	187	return 0;
ce1b4fe1 DSH	188	}
ce1b4fe1 DSH	189
6447cce3	190	void X509_trust_clear(X509 *x)
ce1b4fe1	191	{
2ace7450	192	if (x->aux) {
0f113f3e MC	193	sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free);
	194	x->aux->trust = NULL;
	195	}
ce1b4fe1 DSH	196	}
ce1b4fe1 DSH	197
6447cce3	198	void X509_reject_clear(X509 *x)
ce1b4fe1	199	{
2ace7450	200	if (x->aux) {
0f113f3e MC	201	sk_ASN1_OBJECT_pop_free(x->aux->reject, ASN1_OBJECT_free);
	202	x->aux->reject = NULL;
	203	}
ce1b4fe1	204	}
748118a8 DSH	205
	206	STACK_OF(ASN1_OBJECT) X509_get0_trust_objects(X509 x)
	207	{
	208	if (x->aux != NULL)
	209	return x->aux->trust;
	210	return NULL;
	211	}
	212
	213	STACK_OF(ASN1_OBJECT) X509_get0_reject_objects(X509 x)
	214	{
	215	if (x->aux != NULL)
	216	return x->aux->reject;
	217	return NULL;
	218	}