crypto/x509/v3_skey.c

   1 /*
   2  * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved.
   3  *
   4  * Licensed under the Apache License 2.0 (the "License").  You may not use
   5  * this file except in compliance with the License.  You can obtain a copy
   6  * in the file LICENSE in the source distribution or at
   7  * https://www.openssl.org/source/license.html
   8  */
   9
  10 #include <stdio.h>
  11 #include "internal/cryptlib.h"
  12 #include <openssl/x509v3.h>
  13 #include "crypto/x509.h"
  14 #include "ext_dat.h"
  15
  16 static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
  17                                       X509V3_CTX *ctx, char *str);
  18 const X509V3_EXT_METHOD v3_skey_id = {
  19     NID_subject_key_identifier, 0, ASN1_ITEM_ref(ASN1_OCTET_STRING),
  20     0, 0, 0, 0,
  21     (X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING,
  22     (X509V3_EXT_S2I)s2i_skey_id,
  23     0, 0, 0, 0,
  24     NULL
  25 };
  26
  27 char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
  28                             const ASN1_OCTET_STRING *oct)
  29 {
  30     return OPENSSL_buf2hexstr(oct->data, oct->length);
  31 }
  32
  33 ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method,
  34                                          X509V3_CTX *ctx, const char *str)
  35 {
  36     ASN1_OCTET_STRING *oct;
  37     long length;
  38
  39     if ((oct = ASN1_OCTET_STRING_new()) == NULL) {
  40         X509V3err(X509V3_F_S2I_ASN1_OCTET_STRING, ERR_R_MALLOC_FAILURE);
  41         return NULL;
  42     }
  43
  44     if ((oct->data = OPENSSL_hexstr2buf(str, &length)) == NULL) {
  45         ASN1_OCTET_STRING_free(oct);
  46         return NULL;
  47     }
  48
  49     oct->length = length;
  50
  51     return oct;
  52
  53 }
  54
  55 static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method,
  56                                       X509V3_CTX *ctx, char *str)
  57 {
  58     ASN1_OCTET_STRING *oct;
  59     X509_PUBKEY *pubkey;
  60     const unsigned char *pk;
  61     int pklen;
  62     unsigned char pkey_dig[EVP_MAX_MD_SIZE];
  63     unsigned int diglen;
  64
  65     if (strcmp(str, "hash"))
  66         return s2i_ASN1_OCTET_STRING(method, ctx, str);
  67
  68     if ((oct = ASN1_OCTET_STRING_new()) == NULL) {
  69         X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE);
  70         return NULL;
  71     }
  72
  73     if (ctx && (ctx->flags == CTX_TEST))
  74         return oct;
  75
  76     if (!ctx || (!ctx->subject_req && !ctx->subject_cert)) {
  77         X509V3err(X509V3_F_S2I_SKEY_ID, X509V3_R_NO_PUBLIC_KEY);
  78         goto err;
  79     }
  80
  81     if (ctx->subject_req)
  82         pubkey = ctx->subject_req->req_info.pubkey;
  83     else
  84         pubkey = ctx->subject_cert->cert_info.key;
  85
  86     if (pubkey == NULL) {
  87         X509V3err(X509V3_F_S2I_SKEY_ID, X509V3_R_NO_PUBLIC_KEY);
  88         goto err;
  89     }
  90
  91     X509_PUBKEY_get0_param(NULL, &pk, &pklen, NULL, pubkey);
  92
  93     if (!EVP_Digest(pk, pklen, pkey_dig, &diglen, EVP_sha1(), NULL))
  94         goto err;
  95
  96     if (!ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) {
  97         X509V3err(X509V3_F_S2I_SKEY_ID, ERR_R_MALLOC_FAILURE);
  98         goto err;
  99     }
 100
 101     return oct;
 102
 103  err:
 104     ASN1_OCTET_STRING_free(oct);
 105     return NULL;
 106 }