]>
Commit | Line | Data |
---|---|---|
9e1a8b5e DHG |
1 | /* |
2 | * Copyright 2021 The OpenSSL Project Authors. All Rights Reserved. | |
3 | * | |
4 | * Licensed under the Apache License 2.0 (the "License"). You may not use | |
5 | * this file except in compliance with the License. You can obtain a copy | |
6 | * in the file LICENSE in the source distribution or at | |
7 | * https://www.openssl.org/source/license.html | |
8 | */ | |
9 | ||
10 | #include <openssl/err.h> | |
11 | #include <openssl/x509.h> | |
12 | #include <openssl/x509v3.h> | |
13 | #include "x509_acert.h" | |
14 | ||
15 | static int replace_gentime(ASN1_STRING **dest, const ASN1_GENERALIZEDTIME *src) | |
16 | { | |
17 | ASN1_STRING *s; | |
18 | ||
19 | if (src->type != V_ASN1_GENERALIZEDTIME) | |
20 | return 0; | |
21 | ||
22 | if (*dest == src) | |
23 | return 1; | |
24 | ||
25 | s = ASN1_STRING_dup(src); | |
26 | if (s == NULL) { | |
27 | ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB); | |
28 | return 0; | |
29 | } | |
30 | ||
31 | ASN1_STRING_free(*dest); | |
32 | *dest = s; | |
33 | ||
34 | return 1; | |
35 | } | |
36 | ||
37 | static int replace_dirName(GENERAL_NAMES **names, const X509_NAME *dirName) | |
38 | { | |
39 | GENERAL_NAME *gen_name = NULL; | |
40 | STACK_OF(GENERAL_NAME) *new_names = NULL; | |
41 | X509_NAME *name_copy; | |
42 | ||
43 | if ((name_copy = X509_NAME_dup(dirName)) == NULL) { | |
44 | ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB); | |
45 | goto err; | |
46 | } | |
47 | ||
48 | if ((new_names = sk_GENERAL_NAME_new_null()) == NULL) { | |
49 | ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB); | |
50 | goto err; | |
51 | } | |
52 | ||
53 | if ((gen_name = GENERAL_NAME_new()) == NULL) { | |
54 | ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB); | |
55 | goto err; | |
56 | } | |
57 | ||
58 | if (sk_GENERAL_NAME_push(new_names, gen_name) <= 0) { | |
59 | ERR_raise(ERR_LIB_X509, ERR_R_CRYPTO_LIB); | |
60 | goto err; | |
61 | } | |
62 | ||
63 | GENERAL_NAME_set0_value(gen_name, GEN_DIRNAME, name_copy); | |
64 | ||
65 | GENERAL_NAMES_free(*names); | |
66 | *names = new_names; | |
67 | ||
68 | return 1; | |
69 | ||
70 | err: | |
71 | GENERAL_NAME_free(gen_name); | |
72 | sk_GENERAL_NAME_free(new_names); | |
73 | X509_NAME_free(name_copy); | |
74 | return 0; | |
75 | } | |
76 | ||
77 | int OSSL_OBJECT_DIGEST_INFO_set1_digest(OSSL_OBJECT_DIGEST_INFO *o, | |
78 | int digestedObjectType, | |
79 | X509_ALGOR *digestAlgorithm, | |
80 | ASN1_BIT_STRING *digest) | |
81 | { | |
82 | ||
83 | if (ASN1_ENUMERATED_set(&o->digestedObjectType, digestedObjectType) <= 0) | |
84 | return 0; | |
85 | ||
86 | if (X509_ALGOR_copy(&o->digestAlgorithm, digestAlgorithm) <= 0) | |
87 | return 0; | |
88 | ||
89 | if (ASN1_STRING_copy(&o->objectDigest, digest) <= 0) | |
90 | return 0; | |
91 | ||
92 | return 1; | |
93 | } | |
94 | ||
95 | int OSSL_ISSUER_SERIAL_set1_issuer(OSSL_ISSUER_SERIAL *isss, | |
96 | const X509_NAME *issuer) | |
97 | { | |
98 | return replace_dirName(&isss->issuer, issuer); | |
99 | } | |
100 | ||
101 | int OSSL_ISSUER_SERIAL_set1_serial(OSSL_ISSUER_SERIAL *isss, | |
102 | const ASN1_INTEGER *serial) | |
103 | { | |
104 | return ASN1_STRING_copy(&isss->serial, serial); | |
105 | } | |
106 | ||
107 | int OSSL_ISSUER_SERIAL_set1_issuerUID(OSSL_ISSUER_SERIAL *isss, | |
108 | const ASN1_BIT_STRING *uid) | |
109 | { | |
110 | ASN1_BIT_STRING_free(isss->issuerUID); | |
111 | isss->issuerUID = ASN1_STRING_dup(uid); | |
112 | if (isss->issuerUID == NULL) { | |
113 | ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB); | |
114 | return 0; | |
115 | } | |
116 | return 1; | |
117 | } | |
118 | ||
119 | int X509_ACERT_set_version(X509_ACERT *x, long version) | |
120 | { | |
121 | return ASN1_INTEGER_set(&x->acinfo->version, version); | |
122 | } | |
123 | ||
124 | void X509_ACERT_set0_holder_entityName(X509_ACERT *x, GENERAL_NAMES *names) | |
125 | { | |
126 | GENERAL_NAMES_free(x->acinfo->holder.entityName); | |
127 | x->acinfo->holder.entityName = names; | |
128 | } | |
129 | ||
130 | void X509_ACERT_set0_holder_baseCertId(X509_ACERT *x, | |
131 | OSSL_ISSUER_SERIAL *isss) | |
132 | { | |
133 | OSSL_ISSUER_SERIAL_free(x->acinfo->holder.baseCertificateID); | |
134 | x->acinfo->holder.baseCertificateID = isss; | |
135 | } | |
136 | ||
137 | void X509_ACERT_set0_holder_digest(X509_ACERT *x, | |
138 | OSSL_OBJECT_DIGEST_INFO *dinfo) | |
139 | { | |
140 | OSSL_OBJECT_DIGEST_INFO_free(x->acinfo->holder.objectDigestInfo); | |
141 | x->acinfo->holder.objectDigestInfo = dinfo; | |
142 | } | |
143 | ||
144 | int X509_ACERT_set1_issuerName(X509_ACERT *x, const X509_NAME *name) | |
145 | { | |
146 | X509_ACERT_ISSUER_V2FORM *v2Form; | |
147 | ||
148 | v2Form = x->acinfo->issuer.u.v2Form; | |
149 | ||
150 | /* only v2Form is supported, so always create that version */ | |
151 | if (v2Form == NULL) { | |
152 | v2Form = X509_ACERT_ISSUER_V2FORM_new(); | |
153 | if (v2Form == NULL) { | |
154 | ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB); | |
155 | return 0; | |
156 | } | |
157 | x->acinfo->issuer.u.v2Form = v2Form; | |
158 | x->acinfo->issuer.type = X509_ACERT_ISSUER_V2; | |
159 | } | |
160 | ||
161 | return replace_dirName(&v2Form->issuerName, name); | |
162 | } | |
163 | ||
164 | int X509_ACERT_set1_serialNumber(X509_ACERT *x, const ASN1_INTEGER *serial) | |
165 | { | |
166 | return ASN1_STRING_copy(&x->acinfo->serialNumber, serial); | |
167 | } | |
168 | ||
169 | int X509_ACERT_set1_notBefore(X509_ACERT *x, const ASN1_GENERALIZEDTIME *time) | |
170 | { | |
171 | return replace_gentime(&x->acinfo->validityPeriod.notBefore, time); | |
172 | } | |
173 | ||
174 | int X509_ACERT_set1_notAfter(X509_ACERT *x, const ASN1_GENERALIZEDTIME *time) | |
175 | { | |
176 | return replace_gentime(&x->acinfo->validityPeriod.notAfter, time); | |
177 | } |