[thirdparty/openssl.git] / crypto / x509 / x509aset.c

/*
 * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <openssl/err.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include "x509_acert.h"

static int replace_gentime(ASN1_STRING **dest, const ASN1_GENERALIZEDTIME *src)
{
    ASN1_STRING *s;

    if (src->type != V_ASN1_GENERALIZEDTIME)
        return 0;

    if (*dest == src)
        return 1;

    s = ASN1_STRING_dup(src);
    if (s == NULL) {
        ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
        return 0;
    }

    ASN1_STRING_free(*dest);
    *dest = s;

    return 1;
}

static int replace_dirName(GENERAL_NAMES **names, const X509_NAME *dirName)
{
    GENERAL_NAME *gen_name = NULL;
    STACK_OF(GENERAL_NAME) *new_names = NULL;
    X509_NAME *name_copy;

    if ((name_copy = X509_NAME_dup(dirName)) == NULL) {
        ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
        goto err;
    }

    if ((new_names = sk_GENERAL_NAME_new_null()) == NULL) {
        ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
        goto err;
    }

    if ((gen_name = GENERAL_NAME_new()) == NULL) {
        ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
        goto err;
    }

    if (sk_GENERAL_NAME_push(new_names, gen_name) <= 0) {
        ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
        goto err;
    }

    GENERAL_NAME_set0_value(gen_name, GEN_DIRNAME, name_copy);

    GENERAL_NAMES_free(*names);
    *names = new_names;

    return 1;

err:
    GENERAL_NAME_free(gen_name);
    sk_GENERAL_NAME_free(new_names);
    X509_NAME_free(name_copy);
    return 0;
}

int OSSL_OBJECT_DIGEST_INFO_set1_digest(OSSL_OBJECT_DIGEST_INFO *o,
                                        int digestedObjectType,
                                        X509_ALGOR *digestAlgorithm,
                                        ASN1_BIT_STRING *digest)
{

    if (ASN1_ENUMERATED_set(&o->digestedObjectType, digestedObjectType) <= 0)
        return 0;

    if (X509_ALGOR_copy(&o->digestAlgorithm, digestAlgorithm) <= 0)
        return 0;

    if (ASN1_STRING_copy(&o->objectDigest, digest) <= 0)
        return 0;

    return 1;
}

int OSSL_ISSUER_SERIAL_set1_issuer(OSSL_ISSUER_SERIAL *isss,
                                   const X509_NAME *issuer)
{
    return replace_dirName(&isss->issuer, issuer);
}

int OSSL_ISSUER_SERIAL_set1_serial(OSSL_ISSUER_SERIAL *isss,
                                   const ASN1_INTEGER *serial)
{
    return ASN1_STRING_copy(&isss->serial, serial);
}

int OSSL_ISSUER_SERIAL_set1_issuerUID(OSSL_ISSUER_SERIAL *isss,
                                      const ASN1_BIT_STRING *uid)
{
    ASN1_BIT_STRING_free(isss->issuerUID);
    isss->issuerUID = ASN1_STRING_dup(uid);
    if (isss->issuerUID == NULL) {
        ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
        return 0;
    }
    return 1;
}

int X509_ACERT_set_version(X509_ACERT *x, long version)
{
    return ASN1_INTEGER_set(&x->acinfo->version, version);
}

void X509_ACERT_set0_holder_entityName(X509_ACERT *x, GENERAL_NAMES *names)
{
    GENERAL_NAMES_free(x->acinfo->holder.entityName);
    x->acinfo->holder.entityName = names;
}

void X509_ACERT_set0_holder_baseCertId(X509_ACERT *x,
                                       OSSL_ISSUER_SERIAL *isss)
{
    OSSL_ISSUER_SERIAL_free(x->acinfo->holder.baseCertificateID);
    x->acinfo->holder.baseCertificateID = isss;
}

void X509_ACERT_set0_holder_digest(X509_ACERT *x,
                                   OSSL_OBJECT_DIGEST_INFO *dinfo)
{
    OSSL_OBJECT_DIGEST_INFO_free(x->acinfo->holder.objectDigestInfo);
    x->acinfo->holder.objectDigestInfo = dinfo;
}

int X509_ACERT_set1_issuerName(X509_ACERT *x, const X509_NAME *name)
{
    X509_ACERT_ISSUER_V2FORM *v2Form;

    v2Form = x->acinfo->issuer.u.v2Form;

    /* only v2Form is supported, so always create that version */
    if (v2Form == NULL) {
        v2Form = X509_ACERT_ISSUER_V2FORM_new();
        if (v2Form == NULL) {
            ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
            return 0;
        }
        x->acinfo->issuer.u.v2Form = v2Form;
        x->acinfo->issuer.type = X509_ACERT_ISSUER_V2;
    }

    return replace_dirName(&v2Form->issuerName, name);
}

int X509_ACERT_set1_serialNumber(X509_ACERT *x, const ASN1_INTEGER *serial)
{
    return ASN1_STRING_copy(&x->acinfo->serialNumber, serial);
}

int X509_ACERT_set1_notBefore(X509_ACERT *x, const ASN1_GENERALIZEDTIME *time)
{
    return replace_gentime(&x->acinfo->validityPeriod.notBefore, time);
}

int X509_ACERT_set1_notAfter(X509_ACERT *x, const ASN1_GENERALIZEDTIME *time)
{
    return replace_gentime(&x->acinfo->validityPeriod.notAfter, time);
}
Commit	Line	Data
9e1a8b5e DHG	1	/*
	2	* Copyright 2021 The OpenSSL Project Authors. All Rights Reserved.
	3	*
	4	* Licensed under the Apache License 2.0 (the "License"). You may not use
	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
	8	*/
	9
	10	#include <openssl/err.h>
	11	#include <openssl/x509.h>
	12	#include <openssl/x509v3.h>
	13	#include "x509_acert.h"
	14
	15	static int replace_gentime(ASN1_STRING *dest, const ASN1_GENERALIZEDTIME src)
	16	{
	17	ASN1_STRING *s;
	18
	19	if (src->type != V_ASN1_GENERALIZEDTIME)
	20	return 0;
	21
	22	if (*dest == src)
	23	return 1;
	24
	25	s = ASN1_STRING_dup(src);
	26	if (s == NULL) {
	27	ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
	28	return 0;
	29	}
	30
	31	ASN1_STRING_free(*dest);
	32	*dest = s;
	33
	34	return 1;
	35	}
	36
	37	static int replace_dirName(GENERAL_NAMES *names, const X509_NAME dirName)
	38	{
	39	GENERAL_NAME *gen_name = NULL;
	40	STACK_OF(GENERAL_NAME) *new_names = NULL;
	41	X509_NAME *name_copy;
	42
	43	if ((name_copy = X509_NAME_dup(dirName)) == NULL) {
	44	ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
	45	goto err;
	46	}
	47
	48	if ((new_names = sk_GENERAL_NAME_new_null()) == NULL) {
	49	ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
	50	goto err;
	51	}
	52
	53	if ((gen_name = GENERAL_NAME_new()) == NULL) {
	54	ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
	55	goto err;
	56	}
	57
	58	if (sk_GENERAL_NAME_push(new_names, gen_name) <= 0) {
	59	ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB);
	60	goto err;
	61	}
	62
	63	GENERAL_NAME_set0_value(gen_name, GEN_DIRNAME, name_copy);
	64
65	GENERAL_NAMES_free(*names);
66	*names = new_names;
67
68	return 1;
69
70	err:
71	GENERAL_NAME_free(gen_name);
72	sk_GENERAL_NAME_free(new_names);
73	X509_NAME_free(name_copy);
74	return 0;
75	}
76
77	int OSSL_OBJECT_DIGEST_INFO_set1_digest(OSSL_OBJECT_DIGEST_INFO *o,
78	int digestedObjectType,
79	X509_ALGOR *digestAlgorithm,
80	ASN1_BIT_STRING *digest)
81	{
82
83	if (ASN1_ENUMERATED_set(&o->digestedObjectType, digestedObjectType) <= 0)
84	return 0;
85
86	if (X509_ALGOR_copy(&o->digestAlgorithm, digestAlgorithm) <= 0)
87	return 0;
88
89	if (ASN1_STRING_copy(&o->objectDigest, digest) <= 0)
90	return 0;
91
92	return 1;
93	}
94
95	int OSSL_ISSUER_SERIAL_set1_issuer(OSSL_ISSUER_SERIAL *isss,
96	const X509_NAME *issuer)
97	{
98	return replace_dirName(&isss->issuer, issuer);
99	}
100
101	int OSSL_ISSUER_SERIAL_set1_serial(OSSL_ISSUER_SERIAL *isss,
102	const ASN1_INTEGER *serial)
103	{
104	return ASN1_STRING_copy(&isss->serial, serial);
105	}
106
107	int OSSL_ISSUER_SERIAL_set1_issuerUID(OSSL_ISSUER_SERIAL *isss,
108	const ASN1_BIT_STRING *uid)
109	{
110	ASN1_BIT_STRING_free(isss->issuerUID);
111	isss->issuerUID = ASN1_STRING_dup(uid);
112	if (isss->issuerUID == NULL) {
113	ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
114	return 0;
115	}
116	return 1;
117	}
118
119	int X509_ACERT_set_version(X509_ACERT *x, long version)
120	{
121	return ASN1_INTEGER_set(&x->acinfo->version, version);
122	}
123
124	void X509_ACERT_set0_holder_entityName(X509_ACERT x, GENERAL_NAMES names)
125	{
126	GENERAL_NAMES_free(x->acinfo->holder.entityName);
127	x->acinfo->holder.entityName = names;
128	}
129
130	void X509_ACERT_set0_holder_baseCertId(X509_ACERT *x,
131	OSSL_ISSUER_SERIAL *isss)
132	{
133	OSSL_ISSUER_SERIAL_free(x->acinfo->holder.baseCertificateID);
134	x->acinfo->holder.baseCertificateID = isss;
135	}
136
137	void X509_ACERT_set0_holder_digest(X509_ACERT *x,
138	OSSL_OBJECT_DIGEST_INFO *dinfo)
139	{
140	OSSL_OBJECT_DIGEST_INFO_free(x->acinfo->holder.objectDigestInfo);
141	x->acinfo->holder.objectDigestInfo = dinfo;
142	}
143
144	int X509_ACERT_set1_issuerName(X509_ACERT x, const X509_NAME name)
145	{
146	X509_ACERT_ISSUER_V2FORM *v2Form;
147
148	v2Form = x->acinfo->issuer.u.v2Form;
149
150	/* only v2Form is supported, so always create that version */
151	if (v2Form == NULL) {
152	v2Form = X509_ACERT_ISSUER_V2FORM_new();
153	if (v2Form == NULL) {
154	ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
155	return 0;
156	}
157	x->acinfo->issuer.u.v2Form = v2Form;
158	x->acinfo->issuer.type = X509_ACERT_ISSUER_V2;
159	}
160
161	return replace_dirName(&v2Form->issuerName, name);
162	}
163
164	int X509_ACERT_set1_serialNumber(X509_ACERT x, const ASN1_INTEGER serial)
165	{
166	return ASN1_STRING_copy(&x->acinfo->serialNumber, serial);
167	}
168
169	int X509_ACERT_set1_notBefore(X509_ACERT x, const ASN1_GENERALIZEDTIME time)
170	{
171	return replace_gentime(&x->acinfo->validityPeriod.notBefore, time);
172	}
173
174	int X509_ACERT_set1_notAfter(X509_ACERT x, const ASN1_GENERALIZEDTIME time)
175	{
176	return replace_gentime(&x->acinfo->validityPeriod.notAfter, time);
177	}