]>
Commit | Line | Data |
---|---|---|
0f113f3e | 1 | /* |
4333b89f | 2 | * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved. |
175b0942 | 3 | * |
4286ca47 | 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
d2e9e320 RS |
5 | * this file except in compliance with the License. You can obtain a copy |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
175b0942 DSH |
8 | */ |
9 | ||
10 | #include <stdio.h> | |
b39fc560 | 11 | #include "internal/cryptlib.h" |
ec577822 | 12 | #include <openssl/x509v3.h> |
25f2138b | 13 | #include "crypto/x509.h" |
df2ee0e2 | 14 | #include "ext_dat.h" |
175b0942 | 15 | |
0f113f3e MC |
16 | static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, |
17 | X509V3_CTX *ctx, char *str); | |
47864aea | 18 | const X509V3_EXT_METHOD ossl_v3_skey_id = { |
0f113f3e MC |
19 | NID_subject_key_identifier, 0, ASN1_ITEM_ref(ASN1_OCTET_STRING), |
20 | 0, 0, 0, 0, | |
21 | (X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING, | |
22 | (X509V3_EXT_S2I)s2i_skey_id, | |
23 | 0, 0, 0, 0, | |
24 | NULL | |
25 | }; | |
26 | ||
609b0852 | 27 | char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, |
bf9d5e48 | 28 | const ASN1_OCTET_STRING *oct) |
175b0942 | 29 | { |
14f051a0 | 30 | return OPENSSL_buf2hexstr(oct->data, oct->length); |
175b0942 DSH |
31 | } |
32 | ||
6b691a5c | 33 | ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, |
bf9d5e48 | 34 | X509V3_CTX *ctx, const char *str) |
175b0942 | 35 | { |
0f113f3e MC |
36 | ASN1_OCTET_STRING *oct; |
37 | long length; | |
175b0942 | 38 | |
75ebbd9a | 39 | if ((oct = ASN1_OCTET_STRING_new()) == NULL) { |
e077455e | 40 | ERR_raise(ERR_LIB_X509V3, ERR_R_ASN1_LIB); |
0f113f3e MC |
41 | return NULL; |
42 | } | |
175b0942 | 43 | |
14f051a0 | 44 | if ((oct->data = OPENSSL_hexstr2buf(str, &length)) == NULL) { |
f422a514 | 45 | ASN1_OCTET_STRING_free(oct); |
0f113f3e MC |
46 | return NULL; |
47 | } | |
175b0942 | 48 | |
0f113f3e | 49 | oct->length = length; |
175b0942 | 50 | |
0f113f3e | 51 | return oct; |
175b0942 DSH |
52 | |
53 | } | |
54 | ||
47864aea | 55 | ASN1_OCTET_STRING *ossl_x509_pubkey_hash(X509_PUBKEY *pubkey) |
175b0942 | 56 | { |
0f113f3e | 57 | ASN1_OCTET_STRING *oct; |
29fa0a1a DSH |
58 | const unsigned char *pk; |
59 | int pklen; | |
0f113f3e MC |
60 | unsigned char pkey_dig[EVP_MAX_MD_SIZE]; |
61 | unsigned int diglen; | |
192d5008 P |
62 | const char *propq; |
63 | OSSL_LIB_CTX *libctx; | |
64 | EVP_MD *md; | |
0f113f3e | 65 | |
41e597a0 DDO |
66 | if (pubkey == NULL) { |
67 | ERR_raise(ERR_LIB_X509V3, X509V3_R_NO_PUBLIC_KEY); | |
0f113f3e MC |
68 | return NULL; |
69 | } | |
192d5008 | 70 | if (!ossl_x509_PUBKEY_get0_libctx(&libctx, &propq, pubkey)) |
41e597a0 | 71 | return NULL; |
192d5008 P |
72 | if ((md = EVP_MD_fetch(libctx, SN_sha1, propq)) == NULL) |
73 | return NULL; | |
74 | if ((oct = ASN1_OCTET_STRING_new()) == NULL) { | |
75 | EVP_MD_free(md); | |
76 | return NULL; | |
77 | } | |
0f113f3e | 78 | |
41e597a0 | 79 | X509_PUBKEY_get0_param(NULL, &pk, &pklen, NULL, pubkey); |
192d5008 P |
80 | if (EVP_Digest(pk, pklen, pkey_dig, &diglen, md, NULL) |
81 | && ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) { | |
82 | EVP_MD_free(md); | |
0f113f3e | 83 | return oct; |
192d5008 | 84 | } |
0f113f3e | 85 | |
192d5008 | 86 | EVP_MD_free(md); |
41e597a0 DDO |
87 | ASN1_OCTET_STRING_free(oct); |
88 | return NULL; | |
89 | } | |
0f113f3e | 90 | |
41e597a0 DDO |
91 | static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, |
92 | X509V3_CTX *ctx, char *str) | |
93 | { | |
94 | if (strcmp(str, "none") == 0) | |
95 | return ASN1_OCTET_STRING_new(); /* dummy */ | |
29fa0a1a | 96 | |
41e597a0 DDO |
97 | if (strcmp(str, "hash") != 0) |
98 | return s2i_ASN1_OCTET_STRING(method, ctx /* not used */, str); | |
0f113f3e | 99 | |
2ed63033 | 100 | if (ctx != NULL && (ctx->flags & X509V3_CTX_TEST) != 0) |
41e597a0 DDO |
101 | return ASN1_OCTET_STRING_new(); |
102 | if (ctx == NULL | |
103 | || (ctx->subject_cert == NULL && ctx->subject_req == NULL)) { | |
104 | ERR_raise(ERR_LIB_X509V3, X509V3_R_NO_SUBJECT_DETAILS); | |
105 | return NULL; | |
0f113f3e MC |
106 | } |
107 | ||
15ac84e6 DDO |
108 | return ossl_x509_pubkey_hash(ctx->subject_cert != NULL ? |
109 | ctx->subject_cert->cert_info.key : | |
110 | ctx->subject_req->req_info.pubkey); | |
175b0942 | 111 | } |