/src/boringssl/crypto/x509/x509cset.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project |
3 | | * 2001. |
4 | | */ |
5 | | /* ==================================================================== |
6 | | * Copyright (c) 2001 The OpenSSL Project. All rights reserved. |
7 | | * |
8 | | * Redistribution and use in source and binary forms, with or without |
9 | | * modification, are permitted provided that the following conditions |
10 | | * are met: |
11 | | * |
12 | | * 1. Redistributions of source code must retain the above copyright |
13 | | * notice, this list of conditions and the following disclaimer. |
14 | | * |
15 | | * 2. Redistributions in binary form must reproduce the above copyright |
16 | | * notice, this list of conditions and the following disclaimer in |
17 | | * the documentation and/or other materials provided with the |
18 | | * distribution. |
19 | | * |
20 | | * 3. All advertising materials mentioning features or use of this |
21 | | * software must display the following acknowledgment: |
22 | | * "This product includes software developed by the OpenSSL Project |
23 | | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" |
24 | | * |
25 | | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to |
26 | | * endorse or promote products derived from this software without |
27 | | * prior written permission. For written permission, please contact |
28 | | * licensing@OpenSSL.org. |
29 | | * |
30 | | * 5. Products derived from this software may not be called "OpenSSL" |
31 | | * nor may "OpenSSL" appear in their names without prior written |
32 | | * permission of the OpenSSL Project. |
33 | | * |
34 | | * 6. Redistributions of any form whatsoever must retain the following |
35 | | * acknowledgment: |
36 | | * "This product includes software developed by the OpenSSL Project |
37 | | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" |
38 | | * |
39 | | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY |
40 | | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
41 | | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
42 | | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR |
43 | | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
44 | | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
45 | | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
46 | | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
47 | | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, |
48 | | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
49 | | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED |
50 | | * OF THE POSSIBILITY OF SUCH DAMAGE. |
51 | | * ==================================================================== |
52 | | * |
53 | | * This product includes cryptographic software written by Eric Young |
54 | | * (eay@cryptsoft.com). This product includes software written by Tim |
55 | | * Hudson (tjh@cryptsoft.com). */ |
56 | | |
57 | | #include <openssl/asn1.h> |
58 | | #include <openssl/evp.h> |
59 | | #include <openssl/obj.h> |
60 | | #include <openssl/x509.h> |
61 | | |
62 | | #include "../asn1/internal.h" |
63 | | #include "../internal.h" |
64 | | #include "internal.h" |
65 | | |
66 | 0 | int X509_CRL_set_version(X509_CRL *x, long version) { |
67 | 0 | if (x == NULL) { |
68 | 0 | return 0; |
69 | 0 | } |
70 | | |
71 | 0 | if (version < X509_CRL_VERSION_1 || version > X509_CRL_VERSION_2) { |
72 | 0 | OPENSSL_PUT_ERROR(X509, X509_R_INVALID_VERSION); |
73 | 0 | return 0; |
74 | 0 | } |
75 | | |
76 | | // v1(0) is default and is represented by omitting the version. |
77 | 0 | if (version == X509_CRL_VERSION_1) { |
78 | 0 | ASN1_INTEGER_free(x->crl->version); |
79 | 0 | x->crl->version = NULL; |
80 | 0 | return 1; |
81 | 0 | } |
82 | | |
83 | 0 | if (x->crl->version == NULL) { |
84 | 0 | x->crl->version = ASN1_INTEGER_new(); |
85 | 0 | if (x->crl->version == NULL) { |
86 | 0 | return 0; |
87 | 0 | } |
88 | 0 | } |
89 | 0 | return ASN1_INTEGER_set_int64(x->crl->version, version); |
90 | 0 | } |
91 | | |
92 | 0 | int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name) { |
93 | 0 | if ((x == NULL) || (x->crl == NULL)) { |
94 | 0 | return 0; |
95 | 0 | } |
96 | 0 | return (X509_NAME_set(&x->crl->issuer, name)); |
97 | 0 | } |
98 | | |
99 | 0 | int X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm) { |
100 | 0 | ASN1_TIME *in; |
101 | |
|
102 | 0 | if (x == NULL) { |
103 | 0 | return 0; |
104 | 0 | } |
105 | 0 | in = x->crl->lastUpdate; |
106 | 0 | if (in != tm) { |
107 | 0 | in = ASN1_STRING_dup(tm); |
108 | 0 | if (in != NULL) { |
109 | 0 | ASN1_TIME_free(x->crl->lastUpdate); |
110 | 0 | x->crl->lastUpdate = in; |
111 | 0 | } |
112 | 0 | } |
113 | 0 | return in != NULL; |
114 | 0 | } |
115 | | |
116 | 0 | int X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm) { |
117 | 0 | ASN1_TIME *in; |
118 | |
|
119 | 0 | if (x == NULL) { |
120 | 0 | return 0; |
121 | 0 | } |
122 | 0 | in = x->crl->nextUpdate; |
123 | 0 | if (in != tm) { |
124 | 0 | in = ASN1_STRING_dup(tm); |
125 | 0 | if (in != NULL) { |
126 | 0 | ASN1_TIME_free(x->crl->nextUpdate); |
127 | 0 | x->crl->nextUpdate = in; |
128 | 0 | } |
129 | 0 | } |
130 | 0 | return in != NULL; |
131 | 0 | } |
132 | | |
133 | 0 | int X509_CRL_sort(X509_CRL *c) { |
134 | | // Sort the data so it will be written in serial number order. |
135 | 0 | sk_X509_REVOKED_sort(c->crl->revoked); |
136 | 0 | asn1_encoding_clear(&c->crl->enc); |
137 | 0 | return 1; |
138 | 0 | } |
139 | | |
140 | 0 | int X509_CRL_up_ref(X509_CRL *crl) { |
141 | 0 | CRYPTO_refcount_inc(&crl->references); |
142 | 0 | return 1; |
143 | 0 | } |
144 | | |
145 | 0 | long X509_CRL_get_version(const X509_CRL *crl) { |
146 | 0 | return ASN1_INTEGER_get(crl->crl->version); |
147 | 0 | } |
148 | | |
149 | 0 | const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl) { |
150 | 0 | return crl->crl->lastUpdate; |
151 | 0 | } |
152 | | |
153 | 0 | const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl) { |
154 | 0 | return crl->crl->nextUpdate; |
155 | 0 | } |
156 | | |
157 | 0 | ASN1_TIME *X509_CRL_get_lastUpdate(X509_CRL *crl) { |
158 | 0 | return crl->crl->lastUpdate; |
159 | 0 | } |
160 | | |
161 | 0 | ASN1_TIME *X509_CRL_get_nextUpdate(X509_CRL *crl) { |
162 | 0 | return crl->crl->nextUpdate; |
163 | 0 | } |
164 | | |
165 | 0 | X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl) { return crl->crl->issuer; } |
166 | | |
167 | 0 | STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl) { |
168 | 0 | return crl->crl->revoked; |
169 | 0 | } |
170 | | |
171 | 0 | const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl) { |
172 | 0 | return crl->crl->extensions; |
173 | 0 | } |
174 | | |
175 | | void X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig, |
176 | 0 | const X509_ALGOR **palg) { |
177 | 0 | if (psig != NULL) { |
178 | 0 | *psig = crl->signature; |
179 | 0 | } |
180 | 0 | if (palg != NULL) { |
181 | 0 | *palg = crl->sig_alg; |
182 | 0 | } |
183 | 0 | } |
184 | | |
185 | 0 | int X509_CRL_get_signature_nid(const X509_CRL *crl) { |
186 | 0 | return OBJ_obj2nid(crl->sig_alg->algorithm); |
187 | 0 | } |
188 | | |
189 | 0 | const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *revoked) { |
190 | 0 | return revoked->revocationDate; |
191 | 0 | } |
192 | | |
193 | | int X509_REVOKED_set_revocationDate(X509_REVOKED *revoked, |
194 | 0 | const ASN1_TIME *tm) { |
195 | 0 | ASN1_TIME *in; |
196 | |
|
197 | 0 | if (revoked == NULL) { |
198 | 0 | return 0; |
199 | 0 | } |
200 | 0 | in = revoked->revocationDate; |
201 | 0 | if (in != tm) { |
202 | 0 | in = ASN1_STRING_dup(tm); |
203 | 0 | if (in != NULL) { |
204 | 0 | ASN1_TIME_free(revoked->revocationDate); |
205 | 0 | revoked->revocationDate = in; |
206 | 0 | } |
207 | 0 | } |
208 | 0 | return in != NULL; |
209 | 0 | } |
210 | | |
211 | | const ASN1_INTEGER *X509_REVOKED_get0_serialNumber( |
212 | 0 | const X509_REVOKED *revoked) { |
213 | 0 | return revoked->serialNumber; |
214 | 0 | } |
215 | | |
216 | | int X509_REVOKED_set_serialNumber(X509_REVOKED *revoked, |
217 | 0 | const ASN1_INTEGER *serial) { |
218 | 0 | ASN1_INTEGER *in; |
219 | |
|
220 | 0 | if (serial->type != V_ASN1_INTEGER && serial->type != V_ASN1_NEG_INTEGER) { |
221 | 0 | OPENSSL_PUT_ERROR(ASN1, ASN1_R_WRONG_TYPE); |
222 | 0 | return 0; |
223 | 0 | } |
224 | | |
225 | 0 | if (revoked == NULL) { |
226 | 0 | return 0; |
227 | 0 | } |
228 | 0 | in = revoked->serialNumber; |
229 | 0 | if (in != serial) { |
230 | 0 | in = ASN1_INTEGER_dup(serial); |
231 | 0 | if (in != NULL) { |
232 | 0 | ASN1_INTEGER_free(revoked->serialNumber); |
233 | 0 | revoked->serialNumber = in; |
234 | 0 | } |
235 | 0 | } |
236 | 0 | return in != NULL; |
237 | 0 | } |
238 | | |
239 | | const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions( |
240 | 0 | const X509_REVOKED *r) { |
241 | 0 | return r->extensions; |
242 | 0 | } |
243 | | |
244 | 0 | int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **outp) { |
245 | 0 | asn1_encoding_clear(&crl->crl->enc); |
246 | 0 | return i2d_X509_CRL_INFO(crl->crl, outp); |
247 | 0 | } |
248 | | |
249 | 0 | int i2d_X509_CRL_tbs(X509_CRL *crl, unsigned char **outp) { |
250 | 0 | return i2d_X509_CRL_INFO(crl->crl, outp); |
251 | 0 | } |
252 | | |
253 | 0 | int X509_CRL_set1_signature_algo(X509_CRL *crl, const X509_ALGOR *algo) { |
254 | 0 | X509_ALGOR *copy1 = X509_ALGOR_dup(algo); |
255 | 0 | X509_ALGOR *copy2 = X509_ALGOR_dup(algo); |
256 | 0 | if (copy1 == NULL || copy2 == NULL) { |
257 | 0 | X509_ALGOR_free(copy1); |
258 | 0 | X509_ALGOR_free(copy2); |
259 | 0 | return 0; |
260 | 0 | } |
261 | | |
262 | 0 | X509_ALGOR_free(crl->sig_alg); |
263 | 0 | crl->sig_alg = copy1; |
264 | 0 | X509_ALGOR_free(crl->crl->sig_alg); |
265 | 0 | crl->crl->sig_alg = copy2; |
266 | 0 | return 1; |
267 | 0 | } |
268 | | |
269 | | int X509_CRL_set1_signature_value(X509_CRL *crl, const uint8_t *sig, |
270 | 0 | size_t sig_len) { |
271 | 0 | if (!ASN1_STRING_set(crl->signature, sig, sig_len)) { |
272 | 0 | return 0; |
273 | 0 | } |
274 | 0 | crl->signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); |
275 | 0 | crl->signature->flags |= ASN1_STRING_FLAG_BITS_LEFT; |
276 | 0 | return 1; |
277 | 0 | } |