[thirdparty/openssl.git] / crypto / x509 / v3_pcons.c

/*
 * Copyright 2003-2020 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include "internal/cryptlib.h"
#include <openssl/asn1.h>
#include <openssl/asn1t.h>
#include <openssl/conf.h>
#include <openssl/x509v3.h>
#include "ext_dat.h"

DEFINE_STACK_OF(CONF_VALUE)

static STACK_OF(CONF_VALUE) *i2v_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD
                                                    *method, void *bcons, STACK_OF(CONF_VALUE)
                                                    *extlist);
static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method,
                                    X509V3_CTX *ctx,
                                    STACK_OF(CONF_VALUE) *values);

const X509V3_EXT_METHOD v3_policy_constraints = {
    NID_policy_constraints, 0,
    ASN1_ITEM_ref(POLICY_CONSTRAINTS),
    0, 0, 0, 0,
    0, 0,
    i2v_POLICY_CONSTRAINTS,
    v2i_POLICY_CONSTRAINTS,
    NULL, NULL,
    NULL
};

ASN1_SEQUENCE(POLICY_CONSTRAINTS) = {
        ASN1_IMP_OPT(POLICY_CONSTRAINTS, requireExplicitPolicy, ASN1_INTEGER,0),
        ASN1_IMP_OPT(POLICY_CONSTRAINTS, inhibitPolicyMapping, ASN1_INTEGER,1)
} ASN1_SEQUENCE_END(POLICY_CONSTRAINTS)

IMPLEMENT_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)

static STACK_OF(CONF_VALUE) *i2v_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD
                                                    *method, void *a, STACK_OF(CONF_VALUE)
                                                    *extlist)
{
    POLICY_CONSTRAINTS *pcons = a;
    X509V3_add_value_int("Require Explicit Policy",
                         pcons->requireExplicitPolicy, &extlist);
    X509V3_add_value_int("Inhibit Policy Mapping",
                         pcons->inhibitPolicyMapping, &extlist);
    return extlist;
}

static void *v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD *method,
                                    X509V3_CTX *ctx,
                                    STACK_OF(CONF_VALUE) *values)
{
    POLICY_CONSTRAINTS *pcons = NULL;
    CONF_VALUE *val;
    int i;

    if ((pcons = POLICY_CONSTRAINTS_new()) == NULL) {
        X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS, ERR_R_MALLOC_FAILURE);
        return NULL;
    }
    for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
        val = sk_CONF_VALUE_value(values, i);
        if (strcmp(val->name, "requireExplicitPolicy") == 0) {
            if (!X509V3_get_value_int(val, &pcons->requireExplicitPolicy))
                goto err;
        } else if (strcmp(val->name, "inhibitPolicyMapping") == 0) {
            if (!X509V3_get_value_int(val, &pcons->inhibitPolicyMapping))
                goto err;
        } else {
            X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS, X509V3_R_INVALID_NAME);
            X509V3_conf_err(val);
            goto err;
        }
    }
    if (pcons->inhibitPolicyMapping == NULL
            && pcons->requireExplicitPolicy == NULL) {
        X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS,
                  X509V3_R_ILLEGAL_EMPTY_EXTENSION);
        goto err;
    }

    return pcons;
 err:
    POLICY_CONSTRAINTS_free(pcons);
    return NULL;
}
Commit	Line	Data
0f113f3e	1	/*
454afd98	2	* Copyright 2003-2020 The OpenSSL Project Authors. All Rights Reserved.
f80153e2	3	*
4286ca47	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
d2e9e320 RS	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
f80153e2 DSH	8	*/
f80153e2 DSH	9
f80153e2	10	#include <stdio.h>
b39fc560	11	#include "internal/cryptlib.h"
f80153e2 DSH	12	#include <openssl/asn1.h>
	13	#include <openssl/asn1t.h>
	14	#include <openssl/conf.h>
	15	#include <openssl/x509v3.h>
df2ee0e2	16	#include "ext_dat.h"
f80153e2	17
852c2ed2 RS	18	DEFINE_STACK_OF(CONF_VALUE)
852c2ed2 RS	19
0f113f3e MC	20	static STACK_OF(CONF_VALUE) *i2v_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD
	21	method, void bcons, STACK_OF(CONF_VALUE)
	22	*extlist);
babb3798	23	static void v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD method,
0f113f3e MC	24	X509V3_CTX *ctx,
0f113f3e MC	25	STACK_OF(CONF_VALUE) *values);
f80153e2	26
560b79cb	27	const X509V3_EXT_METHOD v3_policy_constraints = {
0f113f3e MC	28	NID_policy_constraints, 0,
	29	ASN1_ITEM_ref(POLICY_CONSTRAINTS),
	30	0, 0, 0, 0,
	31	0, 0,
	32	i2v_POLICY_CONSTRAINTS,
	33	v2i_POLICY_CONSTRAINTS,
	34	NULL, NULL,
	35	NULL
f80153e2 DSH	36	};
	37
	38	ASN1_SEQUENCE(POLICY_CONSTRAINTS) = {
0f113f3e MC	39	ASN1_IMP_OPT(POLICY_CONSTRAINTS, requireExplicitPolicy, ASN1_INTEGER,0),
0f113f3e MC	40	ASN1_IMP_OPT(POLICY_CONSTRAINTS, inhibitPolicyMapping, ASN1_INTEGER,1)
f80153e2 DSH	41	} ASN1_SEQUENCE_END(POLICY_CONSTRAINTS)
	42
	43	IMPLEMENT_ASN1_ALLOC_FUNCTIONS(POLICY_CONSTRAINTS)
	44
0f113f3e MC	45	static STACK_OF(CONF_VALUE) *i2v_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD
	46	method, void a, STACK_OF(CONF_VALUE)
	47	*extlist)
f80153e2	48	{
0f113f3e MC	49	POLICY_CONSTRAINTS *pcons = a;
	50	X509V3_add_value_int("Require Explicit Policy",
	51	pcons->requireExplicitPolicy, &extlist);
	52	X509V3_add_value_int("Inhibit Policy Mapping",
	53	pcons->inhibitPolicyMapping, &extlist);
	54	return extlist;
f80153e2 DSH	55	}
f80153e2 DSH	56
babb3798	57	static void v2i_POLICY_CONSTRAINTS(const X509V3_EXT_METHOD method,
0f113f3e MC	58	X509V3_CTX *ctx,
0f113f3e MC	59	STACK_OF(CONF_VALUE) *values)
f80153e2	60	{
0f113f3e MC	61	POLICY_CONSTRAINTS *pcons = NULL;
	62	CONF_VALUE *val;
	63	int i;
75ebbd9a RS	64
75ebbd9a RS	65	if ((pcons = POLICY_CONSTRAINTS_new()) == NULL) {
0f113f3e MC	66	X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS, ERR_R_MALLOC_FAILURE);
	67	return NULL;
	68	}
	69	for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
	70	val = sk_CONF_VALUE_value(values, i);
86885c28	71	if (strcmp(val->name, "requireExplicitPolicy") == 0) {
0f113f3e MC	72	if (!X509V3_get_value_int(val, &pcons->requireExplicitPolicy))
0f113f3e MC	73	goto err;
86885c28	74	} else if (strcmp(val->name, "inhibitPolicyMapping") == 0) {
0f113f3e MC	75	if (!X509V3_get_value_int(val, &pcons->inhibitPolicyMapping))
	76	goto err;
	77	} else {
	78	X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS, X509V3_R_INVALID_NAME);
	79	X509V3_conf_err(val);
	80	goto err;
	81	}
	82	}
12a765a5 RS	83	if (pcons->inhibitPolicyMapping == NULL
12a765a5 RS	84	&& pcons->requireExplicitPolicy == NULL) {
0f113f3e MC	85	X509V3err(X509V3_F_V2I_POLICY_CONSTRAINTS,
	86	X509V3_R_ILLEGAL_EMPTY_EXTENSION);
	87	goto err;
	88	}
f80153e2	89
0f113f3e MC	90	return pcons;
	91	err:
	92	POLICY_CONSTRAINTS_free(pcons);
	93	return NULL;
f80153e2	94	}