/src/openssl/crypto/x509/v3_aaa.c

Source
/*
 * Copyright 2024-2025 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <openssl/asn1t.h>
#include <openssl/x509v3.h>
#include <openssl/x509.h>
#include <crypto/x509.h>
#include "ext_dat.h"

ASN1_CHOICE(OSSL_ALLOWED_ATTRIBUTES_CHOICE) = {
    ASN1_IMP(OSSL_ALLOWED_ATTRIBUTES_CHOICE, choice.attributeType, ASN1_OBJECT,
        OSSL_AAA_ATTRIBUTE_TYPE),
    ASN1_IMP(OSSL_ALLOWED_ATTRIBUTES_CHOICE, choice.attributeTypeandValues,
        X509_ATTRIBUTE, OSSL_AAA_ATTRIBUTE_VALUES),
} ASN1_CHOICE_END(OSSL_ALLOWED_ATTRIBUTES_CHOICE)

ASN1_SEQUENCE(OSSL_ALLOWED_ATTRIBUTES_ITEM) = {
    ASN1_IMP_SET_OF(OSSL_ALLOWED_ATTRIBUTES_ITEM, attributes,
        OSSL_ALLOWED_ATTRIBUTES_CHOICE, 0),
    /* This MUST be EXPLICIT, because it contains a CHOICE. */
    ASN1_EXP(OSSL_ALLOWED_ATTRIBUTES_ITEM, holderDomain, GENERAL_NAME, 1),
} ASN1_SEQUENCE_END(OSSL_ALLOWED_ATTRIBUTES_ITEM)

ASN1_ITEM_TEMPLATE(OSSL_ALLOWED_ATTRIBUTES_SYNTAX) = ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, OSSL_ALLOWED_ATTRIBUTES_SYNTAX,
    OSSL_ALLOWED_ATTRIBUTES_ITEM)
ASN1_ITEM_TEMPLATE_END(OSSL_ALLOWED_ATTRIBUTES_SYNTAX)

IMPLEMENT_ASN1_FUNCTIONS(OSSL_ALLOWED_ATTRIBUTES_CHOICE)
IMPLEMENT_ASN1_FUNCTIONS(OSSL_ALLOWED_ATTRIBUTES_ITEM)
IMPLEMENT_ASN1_FUNCTIONS(OSSL_ALLOWED_ATTRIBUTES_SYNTAX)

static int i2r_ALLOWED_ATTRIBUTES_CHOICE(X509V3_EXT_METHOD *method,
    OSSL_ALLOWED_ATTRIBUTES_CHOICE *a,
    BIO *out, int indent)
{
    ASN1_OBJECT *attr_obj;
    int attr_nid, j;
    X509_ATTRIBUTE *attr;
    ASN1_TYPE *av;

    switch (a->type) {
    case (OSSL_AAA_ATTRIBUTE_TYPE):
        if (BIO_printf(out, "%*sAttribute Type: ", indent, "") <= 0)
            return 0;
        if (i2a_ASN1_OBJECT(out, a->choice.attributeType) <= 0)
            return 0;
        return BIO_puts(out, "\n") > 0;
    case (OSSL_AAA_ATTRIBUTE_VALUES):
        attr = a->choice.attributeTypeandValues;
        attr_obj = X509_ATTRIBUTE_get0_object(attr);
        attr_nid = OBJ_obj2nid(attr_obj);
        if (BIO_printf(out, "%*sAttribute Values: ", indent, "") <= 0)
            return 0;
        if (i2a_ASN1_OBJECT(out, attr_obj) <= 0)
            return 0;
        if (BIO_puts(out, "\n") <= 0)
            return 0;
        for (j = 0; j < X509_ATTRIBUTE_count(attr); j++) {
            av = X509_ATTRIBUTE_get0_type(attr, j);
            if (ossl_print_attribute_value(out, attr_nid, av, indent + 4) <= 0)
                return 0;
            if (BIO_puts(out, "\n") <= 0)
                return 0;
        }
        break;
    default:
        return 0;
    }
    return 1;
}

static int i2r_ALLOWED_ATTRIBUTES_ITEM(X509V3_EXT_METHOD *method,
    OSSL_ALLOWED_ATTRIBUTES_ITEM *aai,
    BIO *out, int indent)
{
    int i;
    OSSL_ALLOWED_ATTRIBUTES_CHOICE *a;

    for (i = 0; i < sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_num(aai->attributes); i++) {
        if (BIO_printf(out, "%*sAllowed Attribute Type or Values:\n", indent, "") <= 0)
            return 0;
        a = sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_value(aai->attributes, i);
        if (i2r_ALLOWED_ATTRIBUTES_CHOICE(method, a, out, indent + 4) <= 0)
            return 0;
    }
    if (BIO_printf(out, "%*sHolder Domain: ", indent, "") <= 0)
        return 0;
    if (GENERAL_NAME_print(out, aai->holderDomain) <= 0)
        return 0;
    if (BIO_puts(out, "\n") <= 0)
        return 0;
    return 1;
}

static int i2r_ALLOWED_ATTRIBUTES_SYNTAX(X509V3_EXT_METHOD *method,
    OSSL_ALLOWED_ATTRIBUTES_SYNTAX *aaa,
    BIO *out, int indent)
{
    int i;
    OSSL_ALLOWED_ATTRIBUTES_ITEM *aai;

    for (i = 0; i < sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_num(aaa); i++) {
        if (BIO_printf(out, "%*sAllowed Attributes:\n", indent, "") <= 0)
            return 0;
        aai = sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_value(aaa, i);
        if (i2r_ALLOWED_ATTRIBUTES_ITEM(method, aai, out, indent + 4) <= 0)
            return 0;
    }
    return 1;
}

const X509V3_EXT_METHOD ossl_v3_allowed_attribute_assignments = {
    NID_allowed_attribute_assignments, 0,
    ASN1_ITEM_ref(OSSL_ALLOWED_ATTRIBUTES_SYNTAX),
    0, 0, 0, 0,
    0, 0,
    0,
    0,
    (X509V3_EXT_I2R)i2r_ALLOWED_ATTRIBUTES_SYNTAX,
    0,
    NULL
};

Line	Count	Source
1		/*
2		* Copyright 2024-2025 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the Apache License 2.0 (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include <openssl/asn1t.h>
11		#include <openssl/x509v3.h>
12		#include <openssl/x509.h>
13		#include <crypto/x509.h>
14		#include "ext_dat.h"
15
16		ASN1_CHOICE(OSSL_ALLOWED_ATTRIBUTES_CHOICE) = {
17		ASN1_IMP(OSSL_ALLOWED_ATTRIBUTES_CHOICE, choice.attributeType, ASN1_OBJECT,
18		OSSL_AAA_ATTRIBUTE_TYPE),
19		ASN1_IMP(OSSL_ALLOWED_ATTRIBUTES_CHOICE, choice.attributeTypeandValues,
20		X509_ATTRIBUTE, OSSL_AAA_ATTRIBUTE_VALUES),
21	0	} ASN1_CHOICE_END(OSSL_ALLOWED_ATTRIBUTES_CHOICE)
22	0
23	0	ASN1_SEQUENCE(OSSL_ALLOWED_ATTRIBUTES_ITEM) = {
24	0	ASN1_IMP_SET_OF(OSSL_ALLOWED_ATTRIBUTES_ITEM, attributes,
25	0	OSSL_ALLOWED_ATTRIBUTES_CHOICE, 0),
26	0	/* This MUST be EXPLICIT, because it contains a CHOICE. */
27	0	ASN1_EXP(OSSL_ALLOWED_ATTRIBUTES_ITEM, holderDomain, GENERAL_NAME, 1),
28	0	} ASN1_SEQUENCE_END(OSSL_ALLOWED_ATTRIBUTES_ITEM)
29	0
30	0	ASN1_ITEM_TEMPLATE(OSSL_ALLOWED_ATTRIBUTES_SYNTAX) = ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, OSSL_ALLOWED_ATTRIBUTES_SYNTAX,
31	0	OSSL_ALLOWED_ATTRIBUTES_ITEM)
32	0	ASN1_ITEM_TEMPLATE_END(OSSL_ALLOWED_ATTRIBUTES_SYNTAX)
33
34		IMPLEMENT_ASN1_FUNCTIONS(OSSL_ALLOWED_ATTRIBUTES_CHOICE)
35		IMPLEMENT_ASN1_FUNCTIONS(OSSL_ALLOWED_ATTRIBUTES_ITEM)
36		IMPLEMENT_ASN1_FUNCTIONS(OSSL_ALLOWED_ATTRIBUTES_SYNTAX)
37
38		static int i2r_ALLOWED_ATTRIBUTES_CHOICE(X509V3_EXT_METHOD *method,
39		OSSL_ALLOWED_ATTRIBUTES_CHOICE *a,
40		BIO *out, int indent)
41	0	{
42	0	ASN1_OBJECT *attr_obj;
43	0	int attr_nid, j;
44	0	X509_ATTRIBUTE *attr;
45	0	ASN1_TYPE *av;
46
47	0	switch (a->type) {
48	0	case (OSSL_AAA_ATTRIBUTE_TYPE):
49	0	if (BIO_printf(out, "%*sAttribute Type: ", indent, "") <= 0)
50	0	return 0;
51	0	if (i2a_ASN1_OBJECT(out, a->choice.attributeType) <= 0)
52	0	return 0;
53	0	return BIO_puts(out, "\n") > 0;
54	0	case (OSSL_AAA_ATTRIBUTE_VALUES):
55	0	attr = a->choice.attributeTypeandValues;
56	0	attr_obj = X509_ATTRIBUTE_get0_object(attr);
57	0	attr_nid = OBJ_obj2nid(attr_obj);
58	0	if (BIO_printf(out, "%*sAttribute Values: ", indent, "") <= 0)
59	0	return 0;
60	0	if (i2a_ASN1_OBJECT(out, attr_obj) <= 0)
61	0	return 0;
62	0	if (BIO_puts(out, "\n") <= 0)
63	0	return 0;
64	0	for (j = 0; j < X509_ATTRIBUTE_count(attr); j++) {
65	0	av = X509_ATTRIBUTE_get0_type(attr, j);
66	0	if (ossl_print_attribute_value(out, attr_nid, av, indent + 4) <= 0)
67	0	return 0;
68	0	if (BIO_puts(out, "\n") <= 0)
69	0	return 0;
70	0	}
71	0	break;
72	0	default:
73	0	return 0;
74	0	}
75	0	return 1;
76	0	}
77
78		static int i2r_ALLOWED_ATTRIBUTES_ITEM(X509V3_EXT_METHOD *method,
79		OSSL_ALLOWED_ATTRIBUTES_ITEM *aai,
80		BIO *out, int indent)
81	0	{
82	0	int i;
83	0	OSSL_ALLOWED_ATTRIBUTES_CHOICE *a;
84
85	0	for (i = 0; i < sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_num(aai->attributes); i++) {
86	0	if (BIO_printf(out, "%*sAllowed Attribute Type or Values:\n", indent, "") <= 0)
87	0	return 0;
88	0	a = sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_value(aai->attributes, i);
89	0	if (i2r_ALLOWED_ATTRIBUTES_CHOICE(method, a, out, indent + 4) <= 0)
90	0	return 0;
91	0	}
92	0	if (BIO_printf(out, "%*sHolder Domain: ", indent, "") <= 0)
93	0	return 0;
94	0	if (GENERAL_NAME_print(out, aai->holderDomain) <= 0)
95	0	return 0;
96	0	if (BIO_puts(out, "\n") <= 0)
97	0	return 0;
98	0	return 1;
99	0	}
100
101		static int i2r_ALLOWED_ATTRIBUTES_SYNTAX(X509V3_EXT_METHOD *method,
102		OSSL_ALLOWED_ATTRIBUTES_SYNTAX *aaa,
103		BIO *out, int indent)
104	0	{
105	0	int i;
106	0	OSSL_ALLOWED_ATTRIBUTES_ITEM *aai;
107
108	0	for (i = 0; i < sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_num(aaa); i++) {
109	0	if (BIO_printf(out, "%*sAllowed Attributes:\n", indent, "") <= 0)
110	0	return 0;
111	0	aai = sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_value(aaa, i);
112	0	if (i2r_ALLOWED_ATTRIBUTES_ITEM(method, aai, out, indent + 4) <= 0)
113	0	return 0;
114	0	}
115	0	return 1;
116	0	}
117
118		const X509V3_EXT_METHOD ossl_v3_allowed_attribute_assignments = {
119		NID_allowed_attribute_assignments, 0,
120		ASN1_ITEM_ref(OSSL_ALLOWED_ATTRIBUTES_SYNTAX),
121		0, 0, 0, 0,
122		0, 0,
123		0,
124		0,
125		(X509V3_EXT_I2R)i2r_ALLOWED_ATTRIBUTES_SYNTAX,
126		0,
127		NULL
128		};

Coverage Report

Created: 2025-12-10 06:24