/src/openssl/crypto/x509/x509_v3.c

Source (jump to first uncovered line)
/* crypto/x509/x509_v3.c */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
 * This package is an SSL implementation written
 * by Eric Young (eay@cryptsoft.com).
 * The implementation was written so as to conform with Netscapes SSL.
 *
 * This library is free for commercial and non-commercial use as long as
 * the following conditions are aheared to.  The following conditions
 * apply to all code found in this distribution, be it the RC4, RSA,
 * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
 * included with this distribution is covered by the same copyright terms
 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
 *
 * Copyright remains Eric Young's, and as such any Copyright notices in
 * the code are not to be removed.
 * If this package is used in a product, Eric Young should be given attribution
 * as the author of the parts of the library used.
 * This can be in the form of a textual message at program startup or
 * in documentation (online or textual) provided with the package.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. All advertising materials mentioning features or use of this software
 *    must display the following acknowledgement:
 *    "This product includes cryptographic software written by
 *     Eric Young (eay@cryptsoft.com)"
 *    The word 'cryptographic' can be left out if the rouines from the library
 *    being used are not cryptographic related :-).
 * 4. If you include any Windows specific code (or a derivative thereof) from
 *    the apps directory (application code) you must include an acknowledgement:
 *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
 *
 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 *
 * The licence and distribution terms for any publically available version or
 * derivative of this code cannot be changed.  i.e. this code cannot simply be
 * copied and put under another distribution licence
 * [including the GNU Public Licence.]
 */

#include <stdio.h>
#include <openssl/stack.h>
#include "cryptlib.h"
#include <openssl/asn1.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>

int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x)
{
    if (x == NULL)
        return (0);
    return (sk_X509_EXTENSION_num(x));
}

int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, int nid,
                          int lastpos)
{
    ASN1_OBJECT *obj;

    obj = OBJ_nid2obj(nid);
    if (obj == NULL)
        return (-2);
    return (X509v3_get_ext_by_OBJ(x, obj, lastpos));
}

int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *sk,
                          ASN1_OBJECT *obj, int lastpos)
{
    int n;
    X509_EXTENSION *ex;

    if (sk == NULL)
        return (-1);
    lastpos++;
    if (lastpos < 0)
        lastpos = 0;
    n = sk_X509_EXTENSION_num(sk);
    for (; lastpos < n; lastpos++) {
        ex = sk_X509_EXTENSION_value(sk, lastpos);
        if (OBJ_cmp(ex->object, obj) == 0)
            return (lastpos);
    }
    return (-1);
}

int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *sk, int crit,
                               int lastpos)
{
    int n;
    X509_EXTENSION *ex;

    if (sk == NULL)
        return (-1);
    lastpos++;
    if (lastpos < 0)
        lastpos = 0;
    n = sk_X509_EXTENSION_num(sk);
    for (; lastpos < n; lastpos++) {
        ex = sk_X509_EXTENSION_value(sk, lastpos);
        if (((ex->critical > 0) && crit) || ((ex->critical <= 0) && !crit))
            return (lastpos);
    }
    return (-1);
}

X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc)
{
    if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0)
        return NULL;
    else
        return sk_X509_EXTENSION_value(x, loc);
}

X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc)
{
    X509_EXTENSION *ret;

    if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0)
        return (NULL);
    ret = sk_X509_EXTENSION_delete(x, loc);
    return (ret);
}

STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
                                         X509_EXTENSION *ex, int loc)
{
    X509_EXTENSION *new_ex = NULL;
    int n;
    STACK_OF(X509_EXTENSION) *sk = NULL;

    if (x == NULL) {
        X509err(X509_F_X509V3_ADD_EXT, ERR_R_PASSED_NULL_PARAMETER);
        goto err2;
    }

    if (*x == NULL) {
        if ((sk = sk_X509_EXTENSION_new_null()) == NULL)
            goto err;
    } else
        sk = *x;

    n = sk_X509_EXTENSION_num(sk);
    if (loc > n)
        loc = n;
    else if (loc < 0)
        loc = n;

    if ((new_ex = X509_EXTENSION_dup(ex)) == NULL)
        goto err2;
    if (!sk_X509_EXTENSION_insert(sk, new_ex, loc))
        goto err;
    if (*x == NULL)
        *x = sk;
    return (sk);
 err:
    X509err(X509_F_X509V3_ADD_EXT, ERR_R_MALLOC_FAILURE);
 err2:
    if (new_ex != NULL)
        X509_EXTENSION_free(new_ex);
    if (sk != NULL)
        sk_X509_EXTENSION_free(sk);
    return (NULL);
}

X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, int nid,
                                             int crit,
                                             ASN1_OCTET_STRING *data)
{
    ASN1_OBJECT *obj;
    X509_EXTENSION *ret;

    obj = OBJ_nid2obj(nid);
    if (obj == NULL) {
        X509err(X509_F_X509_EXTENSION_CREATE_BY_NID, X509_R_UNKNOWN_NID);
        return (NULL);
    }
    ret = X509_EXTENSION_create_by_OBJ(ex, obj, crit, data);
    if (ret == NULL)
        ASN1_OBJECT_free(obj);
    return (ret);
}

X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
                                             ASN1_OBJECT *obj, int crit,
                                             ASN1_OCTET_STRING *data)
{
    X509_EXTENSION *ret;

    if ((ex == NULL) || (*ex == NULL)) {
        if ((ret = X509_EXTENSION_new()) == NULL) {
            X509err(X509_F_X509_EXTENSION_CREATE_BY_OBJ,
                    ERR_R_MALLOC_FAILURE);
            return (NULL);
        }
    } else
        ret = *ex;

    if (!X509_EXTENSION_set_object(ret, obj))
        goto err;
    if (!X509_EXTENSION_set_critical(ret, crit))
        goto err;
    if (!X509_EXTENSION_set_data(ret, data))
        goto err;

    if ((ex != NULL) && (*ex == NULL))
        *ex = ret;
    return (ret);
 err:
    if ((ex == NULL) || (ret != *ex))
        X509_EXTENSION_free(ret);
    return (NULL);
}

int X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj)
{
    if ((ex == NULL) || (obj == NULL))
        return (0);
    ASN1_OBJECT_free(ex->object);
    ex->object = OBJ_dup(obj);
    return (1);
}

int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit)
{
    if (ex == NULL)
        return (0);
    ex->critical = (crit) ? 0xFF : -1;
    return (1);
}

int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data)
{
    int i;

    if (ex == NULL)
        return (0);
    i = M_ASN1_OCTET_STRING_set(ex->value, data->data, data->length);
    if (!i)
        return (0);
    return (1);
}

ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex)
{
    if (ex == NULL)
        return (NULL);
    return (ex->object);
}

ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ex)
{
    if (ex == NULL)
        return (NULL);
    return (ex->value);
}

int X509_EXTENSION_get_critical(X509_EXTENSION *ex)
{
    if (ex == NULL)
        return (0);
    if (ex->critical > 0)
        return 1;
    return 0;
}

Coverage Report

Created: 2022-11-30 06:20

Line	Count	Source (jump to first uncovered line)
1		/* crypto/x509/x509_v3.c */
2		/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3		* All rights reserved.
4		*
5		* This package is an SSL implementation written
6		* by Eric Young (eay@cryptsoft.com).
7		* The implementation was written so as to conform with Netscapes SSL.
8		*
9		* This library is free for commercial and non-commercial use as long as
10		* the following conditions are aheared to. The following conditions
11		* apply to all code found in this distribution, be it the RC4, RSA,
12		* lhash, DES, etc., code; not just the SSL code. The SSL documentation
13		* included with this distribution is covered by the same copyright terms
14		* except that the holder is Tim Hudson (tjh@cryptsoft.com).
15		*
16		* Copyright remains Eric Young's, and as such any Copyright notices in
17		* the code are not to be removed.
18		* If this package is used in a product, Eric Young should be given attribution
19		* as the author of the parts of the library used.
20		* This can be in the form of a textual message at program startup or
21		* in documentation (online or textual) provided with the package.
22		*
23		* Redistribution and use in source and binary forms, with or without
24		* modification, are permitted provided that the following conditions
25		* are met:
26		* 1. Redistributions of source code must retain the copyright
27		* notice, this list of conditions and the following disclaimer.
28		* 2. Redistributions in binary form must reproduce the above copyright
29		* notice, this list of conditions and the following disclaimer in the
30		* documentation and/or other materials provided with the distribution.
31		* 3. All advertising materials mentioning features or use of this software
32		* must display the following acknowledgement:
33		* "This product includes cryptographic software written by
34		* Eric Young (eay@cryptsoft.com)"
35		* The word 'cryptographic' can be left out if the rouines from the library
36		* being used are not cryptographic related :-).
37		* 4. If you include any Windows specific code (or a derivative thereof) from
38		* the apps directory (application code) you must include an acknowledgement:
39		* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40		*
41		* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42		* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43		* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44		* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45		* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46		* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47		* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48		* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49		* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50		* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51		* SUCH DAMAGE.
52		*
53		* The licence and distribution terms for any publically available version or
54		* derivative of this code cannot be changed. i.e. this code cannot simply be
55		* copied and put under another distribution licence
56		* [including the GNU Public Licence.]
57		*/
58
59		#include <stdio.h>
60		#include <openssl/stack.h>
61		#include "cryptlib.h"
62		#include <openssl/asn1.h>
63		#include <openssl/objects.h>
64		#include <openssl/evp.h>
65		#include <openssl/x509.h>
66		#include <openssl/x509v3.h>
67
68		int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x)
69	0	{
70	0	if (x == NULL)
71	0	return (0);
72	0	return (sk_X509_EXTENSION_num(x));
73	0	}
74
75		int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, int nid,
76		int lastpos)
77	0	{
78	0	ASN1_OBJECT *obj;
79
80	0	obj = OBJ_nid2obj(nid);
81	0	if (obj == NULL)
82	0	return (-2);
83	0	return (X509v3_get_ext_by_OBJ(x, obj, lastpos));
84	0	}
85
86		int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *sk,
87		ASN1_OBJECT *obj, int lastpos)
88	0	{
89	0	int n;
90	0	X509_EXTENSION *ex;
91
92	0	if (sk == NULL)
93	0	return (-1);
94	0	lastpos++;
95	0	if (lastpos < 0)
96	0	lastpos = 0;
97	0	n = sk_X509_EXTENSION_num(sk);
98	0	for (; lastpos < n; lastpos++) {
99	0	ex = sk_X509_EXTENSION_value(sk, lastpos);
100	0	if (OBJ_cmp(ex->object, obj) == 0)
101	0	return (lastpos);
102	0	}
103	0	return (-1);
104	0	}
105
106		int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *sk, int crit,
107		int lastpos)
108	0	{
109	0	int n;
110	0	X509_EXTENSION *ex;
111
112	0	if (sk == NULL)
113	0	return (-1);
114	0	lastpos++;
115	0	if (lastpos < 0)
116	0	lastpos = 0;
117	0	n = sk_X509_EXTENSION_num(sk);
118	0	for (; lastpos < n; lastpos++) {
119	0	ex = sk_X509_EXTENSION_value(sk, lastpos);
120	0	if (((ex->critical > 0) && crit) \|\| ((ex->critical <= 0) && !crit))
121	0	return (lastpos);
122	0	}
123	0	return (-1);
124	0	}
125
126		X509_EXTENSION X509v3_get_ext(const STACK_OF(X509_EXTENSION) x, int loc)
127	0	{
128	0	if (x == NULL \|\| sk_X509_EXTENSION_num(x) <= loc \|\| loc < 0)
129	0	return NULL;
130	0	else
131	0	return sk_X509_EXTENSION_value(x, loc);
132	0	}
133
134		X509_EXTENSION X509v3_delete_ext(STACK_OF(X509_EXTENSION) x, int loc)
135	0	{
136	0	X509_EXTENSION *ret;
137
138	0	if (x == NULL \|\| sk_X509_EXTENSION_num(x) <= loc \|\| loc < 0)
139	0	return (NULL);
140	0	ret = sk_X509_EXTENSION_delete(x, loc);
141	0	return (ret);
142	0	}
143
144		STACK_OF(X509_EXTENSION) X509v3_add_ext(STACK_OF(X509_EXTENSION) *x,
145		X509_EXTENSION *ex, int loc)
146	0	{
147	0	X509_EXTENSION *new_ex = NULL;
148	0	int n;
149	0	STACK_OF(X509_EXTENSION) *sk = NULL;
150
151	0	if (x == NULL) {
152	0	X509err(X509_F_X509V3_ADD_EXT, ERR_R_PASSED_NULL_PARAMETER);
153	0	goto err2;
154	0	}
155
156	0	if (*x == NULL) {
157	0	if ((sk = sk_X509_EXTENSION_new_null()) == NULL)
158	0	goto err;
159	0	} else
160	0	sk = *x;
161
162	0	n = sk_X509_EXTENSION_num(sk);
163	0	if (loc > n)
164	0	loc = n;
165	0	else if (loc < 0)
166	0	loc = n;
167
168	0	if ((new_ex = X509_EXTENSION_dup(ex)) == NULL)
169	0	goto err2;
170	0	if (!sk_X509_EXTENSION_insert(sk, new_ex, loc))
171	0	goto err;
172	0	if (*x == NULL)
173	0	*x = sk;
174	0	return (sk);
175	0	err:
176	0	X509err(X509_F_X509V3_ADD_EXT, ERR_R_MALLOC_FAILURE);
177	0	err2:
178	0	if (new_ex != NULL)
179	0	X509_EXTENSION_free(new_ex);
180	0	if (sk != NULL)
181	0	sk_X509_EXTENSION_free(sk);
182	0	return (NULL);
183	0	}
184
185		X509_EXTENSION X509_EXTENSION_create_by_NID(X509_EXTENSION *ex, int nid,
186		int crit,
187		ASN1_OCTET_STRING *data)
188	0	{
189	0	ASN1_OBJECT *obj;
190	0	X509_EXTENSION *ret;
191
192	0	obj = OBJ_nid2obj(nid);
193	0	if (obj == NULL) {
194	0	X509err(X509_F_X509_EXTENSION_CREATE_BY_NID, X509_R_UNKNOWN_NID);
195	0	return (NULL);
196	0	}
197	0	ret = X509_EXTENSION_create_by_OBJ(ex, obj, crit, data);
198	0	if (ret == NULL)
199	0	ASN1_OBJECT_free(obj);
200	0	return (ret);
201	0	}
202
203		X509_EXTENSION X509_EXTENSION_create_by_OBJ(X509_EXTENSION *ex,
204		ASN1_OBJECT *obj, int crit,
205		ASN1_OCTET_STRING *data)
206	0	{
207	0	X509_EXTENSION *ret;
208
209	0	if ((ex == NULL) \|\| (*ex == NULL)) {
210	0	if ((ret = X509_EXTENSION_new()) == NULL) {
211	0	X509err(X509_F_X509_EXTENSION_CREATE_BY_OBJ,
212	0	ERR_R_MALLOC_FAILURE);
213	0	return (NULL);
214	0	}
215	0	} else
216	0	ret = *ex;
217
218	0	if (!X509_EXTENSION_set_object(ret, obj))
219	0	goto err;
220	0	if (!X509_EXTENSION_set_critical(ret, crit))
221	0	goto err;
222	0	if (!X509_EXTENSION_set_data(ret, data))
223	0	goto err;
224
225	0	if ((ex != NULL) && (*ex == NULL))
226	0	*ex = ret;
227	0	return (ret);
228	0	err:
229	0	if ((ex == NULL) \|\| (ret != *ex))
230	0	X509_EXTENSION_free(ret);
231	0	return (NULL);
232	0	}
233
234		int X509_EXTENSION_set_object(X509_EXTENSION ex, ASN1_OBJECT obj)
235	0	{
236	0	if ((ex == NULL) \|\| (obj == NULL))
237	0	return (0);
238	0	ASN1_OBJECT_free(ex->object);
239	0	ex->object = OBJ_dup(obj);
240	0	return (1);
241	0	}
242
243		int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit)
244	0	{
245	0	if (ex == NULL)
246	0	return (0);
247	0	ex->critical = (crit) ? 0xFF : -1;
248	0	return (1);
249	0	}
250
251		int X509_EXTENSION_set_data(X509_EXTENSION ex, ASN1_OCTET_STRING data)
252	0	{
253	0	int i;
254
255	0	if (ex == NULL)
256	0	return (0);
257	0	i = M_ASN1_OCTET_STRING_set(ex->value, data->data, data->length);
258	0	if (!i)
259	0	return (0);
260	0	return (1);
261	0	}
262
263		ASN1_OBJECT X509_EXTENSION_get_object(X509_EXTENSION ex)
264	0	{
265	0	if (ex == NULL)
266	0	return (NULL);
267	0	return (ex->object);
268	0	}
269
270		ASN1_OCTET_STRING X509_EXTENSION_get_data(X509_EXTENSION ex)
271	0	{
272	0	if (ex == NULL)
273	0	return (NULL);
274	0	return (ex->value);
275	0	}
276
277		int X509_EXTENSION_get_critical(X509_EXTENSION *ex)
278	0	{
279	0	if (ex == NULL)
280	0	return (0);
281	0	if (ex->critical > 0)
282	0	return 1;
283	0	return 0;
284	0	}