/src/openssl/crypto/x509/v3_genn.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 1999-2024 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | #include <stdio.h> |
11 | | #include "internal/cryptlib.h" |
12 | | #include <openssl/asn1t.h> |
13 | | #include <openssl/conf.h> |
14 | | #include <openssl/x509v3.h> |
15 | | |
16 | | ASN1_SEQUENCE(OTHERNAME) = { |
17 | | ASN1_SIMPLE(OTHERNAME, type_id, ASN1_OBJECT), |
18 | | /* Maybe have a true ANY DEFINED BY later */ |
19 | | ASN1_EXP(OTHERNAME, value, ASN1_ANY, 0) |
20 | | } ASN1_SEQUENCE_END(OTHERNAME) |
21 | | |
22 | | IMPLEMENT_ASN1_FUNCTIONS(OTHERNAME) |
23 | | |
24 | | ASN1_SEQUENCE(EDIPARTYNAME) = { |
25 | | /* DirectoryString is a CHOICE type so use explicit tagging */ |
26 | | ASN1_EXP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0), |
27 | | ASN1_EXP(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1) |
28 | | } ASN1_SEQUENCE_END(EDIPARTYNAME) |
29 | | |
30 | | IMPLEMENT_ASN1_FUNCTIONS(EDIPARTYNAME) |
31 | | |
32 | | ASN1_CHOICE(GENERAL_NAME) = { |
33 | | ASN1_IMP(GENERAL_NAME, d.otherName, OTHERNAME, GEN_OTHERNAME), |
34 | | ASN1_IMP(GENERAL_NAME, d.rfc822Name, ASN1_IA5STRING, GEN_EMAIL), |
35 | | ASN1_IMP(GENERAL_NAME, d.dNSName, ASN1_IA5STRING, GEN_DNS), |
36 | | /* Don't decode this */ |
37 | | ASN1_IMP(GENERAL_NAME, d.x400Address, ASN1_SEQUENCE, GEN_X400), |
38 | | /* X509_NAME is a CHOICE type so use EXPLICIT */ |
39 | | ASN1_EXP(GENERAL_NAME, d.directoryName, X509_NAME, GEN_DIRNAME), |
40 | | ASN1_IMP(GENERAL_NAME, d.ediPartyName, EDIPARTYNAME, GEN_EDIPARTY), |
41 | | ASN1_IMP(GENERAL_NAME, d.uniformResourceIdentifier, ASN1_IA5STRING, GEN_URI), |
42 | | ASN1_IMP(GENERAL_NAME, d.iPAddress, ASN1_OCTET_STRING, GEN_IPADD), |
43 | | ASN1_IMP(GENERAL_NAME, d.registeredID, ASN1_OBJECT, GEN_RID) |
44 | | } ASN1_CHOICE_END(GENERAL_NAME) |
45 | | |
46 | | IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAME) |
47 | | |
48 | | ASN1_ITEM_TEMPLATE(GENERAL_NAMES) = |
49 | | ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, GENERAL_NAME) |
50 | | ASN1_ITEM_TEMPLATE_END(GENERAL_NAMES) |
51 | | |
52 | | IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAMES) |
53 | | |
54 | | GENERAL_NAME *GENERAL_NAME_dup(const GENERAL_NAME *a) |
55 | 0 | { |
56 | 0 | return (GENERAL_NAME *)ASN1_dup((i2d_of_void *)i2d_GENERAL_NAME, |
57 | 0 | (d2i_of_void *)d2i_GENERAL_NAME, |
58 | 0 | (char *)a); |
59 | 0 | } |
60 | | |
61 | | int GENERAL_NAME_set1_X509_NAME(GENERAL_NAME **tgt, const X509_NAME *src) |
62 | 15.5k | { |
63 | 15.5k | GENERAL_NAME *name; |
64 | | |
65 | 15.5k | if (tgt == NULL) { |
66 | 0 | ERR_raise(ERR_LIB_X509V3, X509V3_R_INVALID_NULL_ARGUMENT); |
67 | 0 | return 0; |
68 | 0 | } |
69 | | |
70 | 15.5k | if ((name = GENERAL_NAME_new()) == NULL) |
71 | 0 | return 0; |
72 | 15.5k | name->type = GEN_DIRNAME; |
73 | | |
74 | 15.5k | if (src == NULL) { /* NULL-DN */ |
75 | 11.6k | if ((name->d.directoryName = X509_NAME_new()) == NULL) |
76 | 0 | goto err; |
77 | 11.6k | } else if (!X509_NAME_set(&name->d.directoryName, src)) { |
78 | 0 | goto err; |
79 | 0 | } |
80 | | |
81 | 15.5k | GENERAL_NAME_free(*tgt); |
82 | 15.5k | *tgt = name; |
83 | 15.5k | return 1; |
84 | | |
85 | 0 | err: |
86 | 0 | GENERAL_NAME_free(name); |
87 | 0 | return 0; |
88 | 15.5k | } |
89 | | |
90 | | static int edipartyname_cmp(const EDIPARTYNAME *a, const EDIPARTYNAME *b) |
91 | 0 | { |
92 | 0 | int res; |
93 | |
|
94 | 0 | if (a == NULL || b == NULL) { |
95 | | /* |
96 | | * Shouldn't be possible in a valid GENERAL_NAME, but we handle it |
97 | | * anyway. OTHERNAME_cmp treats NULL != NULL so we do the same here |
98 | | */ |
99 | 0 | return -1; |
100 | 0 | } |
101 | 0 | if (a->nameAssigner == NULL && b->nameAssigner != NULL) |
102 | 0 | return -1; |
103 | 0 | if (a->nameAssigner != NULL && b->nameAssigner == NULL) |
104 | 0 | return 1; |
105 | | /* If we get here then both have nameAssigner set, or both unset */ |
106 | 0 | if (a->nameAssigner != NULL) { |
107 | 0 | res = ASN1_STRING_cmp(a->nameAssigner, b->nameAssigner); |
108 | 0 | if (res != 0) |
109 | 0 | return res; |
110 | 0 | } |
111 | | /* |
112 | | * partyName is required, so these should never be NULL. We treat it in |
113 | | * the same way as the a == NULL || b == NULL case above |
114 | | */ |
115 | 0 | if (a->partyName == NULL || b->partyName == NULL) |
116 | 0 | return -1; |
117 | | |
118 | 0 | return ASN1_STRING_cmp(a->partyName, b->partyName); |
119 | 0 | } |
120 | | |
121 | | /* Returns 0 if they are equal, != 0 otherwise. */ |
122 | | int GENERAL_NAME_cmp(GENERAL_NAME *a, GENERAL_NAME *b) |
123 | 0 | { |
124 | 0 | int result = -1; |
125 | |
|
126 | 0 | if (!a || !b || a->type != b->type) |
127 | 0 | return -1; |
128 | 0 | switch (a->type) { |
129 | 0 | case GEN_X400: |
130 | 0 | result = ASN1_STRING_cmp(a->d.x400Address, b->d.x400Address); |
131 | 0 | break; |
132 | | |
133 | 0 | case GEN_EDIPARTY: |
134 | 0 | result = edipartyname_cmp(a->d.ediPartyName, b->d.ediPartyName); |
135 | 0 | break; |
136 | | |
137 | 0 | case GEN_OTHERNAME: |
138 | 0 | result = OTHERNAME_cmp(a->d.otherName, b->d.otherName); |
139 | 0 | break; |
140 | | |
141 | 0 | case GEN_EMAIL: |
142 | 0 | case GEN_DNS: |
143 | 0 | case GEN_URI: |
144 | 0 | result = ASN1_STRING_cmp(a->d.ia5, b->d.ia5); |
145 | 0 | break; |
146 | | |
147 | 0 | case GEN_DIRNAME: |
148 | 0 | result = X509_NAME_cmp(a->d.dirn, b->d.dirn); |
149 | 0 | break; |
150 | | |
151 | 0 | case GEN_IPADD: |
152 | 0 | result = ASN1_OCTET_STRING_cmp(a->d.ip, b->d.ip); |
153 | 0 | break; |
154 | | |
155 | 0 | case GEN_RID: |
156 | 0 | result = OBJ_cmp(a->d.rid, b->d.rid); |
157 | 0 | break; |
158 | 0 | } |
159 | 0 | return result; |
160 | 0 | } |
161 | | |
162 | | /* Returns 0 if they are equal, != 0 otherwise. */ |
163 | | int OTHERNAME_cmp(OTHERNAME *a, OTHERNAME *b) |
164 | 0 | { |
165 | 0 | int result = -1; |
166 | |
|
167 | 0 | if (!a || !b) |
168 | 0 | return -1; |
169 | | /* Check their type first. */ |
170 | 0 | if ((result = OBJ_cmp(a->type_id, b->type_id)) != 0) |
171 | 0 | return result; |
172 | | /* Check the value. */ |
173 | 0 | result = ASN1_TYPE_cmp(a->value, b->value); |
174 | 0 | return result; |
175 | 0 | } |
176 | | |
177 | | void GENERAL_NAME_set0_value(GENERAL_NAME *a, int type, void *value) |
178 | 0 | { |
179 | 0 | switch (type) { |
180 | 0 | case GEN_X400: |
181 | 0 | a->d.x400Address = value; |
182 | 0 | break; |
183 | | |
184 | 0 | case GEN_EDIPARTY: |
185 | 0 | a->d.ediPartyName = value; |
186 | 0 | break; |
187 | | |
188 | 0 | case GEN_OTHERNAME: |
189 | 0 | a->d.otherName = value; |
190 | 0 | break; |
191 | | |
192 | 0 | case GEN_EMAIL: |
193 | 0 | case GEN_DNS: |
194 | 0 | case GEN_URI: |
195 | 0 | a->d.ia5 = value; |
196 | 0 | break; |
197 | | |
198 | 0 | case GEN_DIRNAME: |
199 | 0 | a->d.dirn = value; |
200 | 0 | break; |
201 | | |
202 | 0 | case GEN_IPADD: |
203 | 0 | a->d.ip = value; |
204 | 0 | break; |
205 | | |
206 | 0 | case GEN_RID: |
207 | 0 | a->d.rid = value; |
208 | 0 | break; |
209 | 0 | } |
210 | 0 | a->type = type; |
211 | 0 | } |
212 | | |
213 | | void *GENERAL_NAME_get0_value(const GENERAL_NAME *a, int *ptype) |
214 | 0 | { |
215 | 0 | if (ptype) |
216 | 0 | *ptype = a->type; |
217 | 0 | switch (a->type) { |
218 | 0 | case GEN_X400: |
219 | 0 | return a->d.x400Address; |
220 | | |
221 | 0 | case GEN_EDIPARTY: |
222 | 0 | return a->d.ediPartyName; |
223 | | |
224 | 0 | case GEN_OTHERNAME: |
225 | 0 | return a->d.otherName; |
226 | | |
227 | 0 | case GEN_EMAIL: |
228 | 0 | case GEN_DNS: |
229 | 0 | case GEN_URI: |
230 | 0 | return a->d.ia5; |
231 | | |
232 | 0 | case GEN_DIRNAME: |
233 | 0 | return a->d.dirn; |
234 | | |
235 | 0 | case GEN_IPADD: |
236 | 0 | return a->d.ip; |
237 | | |
238 | 0 | case GEN_RID: |
239 | 0 | return a->d.rid; |
240 | | |
241 | 0 | default: |
242 | 0 | return NULL; |
243 | 0 | } |
244 | 0 | } |
245 | | |
246 | | int GENERAL_NAME_set0_othername(GENERAL_NAME *gen, |
247 | | ASN1_OBJECT *oid, ASN1_TYPE *value) |
248 | 0 | { |
249 | 0 | OTHERNAME *oth; |
250 | 0 | oth = OTHERNAME_new(); |
251 | 0 | if (oth == NULL) |
252 | 0 | return 0; |
253 | 0 | ASN1_TYPE_free(oth->value); |
254 | 0 | oth->type_id = oid; |
255 | 0 | oth->value = value; |
256 | 0 | GENERAL_NAME_set0_value(gen, GEN_OTHERNAME, oth); |
257 | 0 | return 1; |
258 | 0 | } |
259 | | |
260 | | int GENERAL_NAME_get0_otherName(const GENERAL_NAME *gen, |
261 | | ASN1_OBJECT **poid, ASN1_TYPE **pvalue) |
262 | 0 | { |
263 | 0 | if (gen->type != GEN_OTHERNAME) |
264 | 0 | return 0; |
265 | 0 | if (poid) |
266 | 0 | *poid = gen->d.otherName->type_id; |
267 | 0 | if (pvalue) |
268 | 0 | *pvalue = gen->d.otherName->value; |
269 | 0 | return 1; |
270 | 0 | } |