/src/openssl/crypto/x509/x509_set.c

Source (jump to first uncovered line)
/*
 * Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stdio.h>
#include "internal/cryptlib.h"
#include "internal/refcount.h"
#include <openssl/asn1.h>
#include <openssl/objects.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
#include "crypto/asn1.h"
#include "crypto/x509.h"
#include "x509_local.h"

int X509_set_version(X509 *x, long version)
{
    if (x == NULL)
        return 0;
    if (version == X509_get_version(x))
        return 1; /* avoid needless modification even re-allocation */
    if (version == X509_VERSION_1) {
        ASN1_INTEGER_free(x->cert_info.version);
        x->cert_info.version = NULL;
        x->cert_info.enc.modified = 1;
        return 1;
    }
    if (x->cert_info.version == NULL) {
        if ((x->cert_info.version = ASN1_INTEGER_new()) == NULL)
            return 0;
    }
    if (!ASN1_INTEGER_set(x->cert_info.version, version))
        return 0;
    x->cert_info.enc.modified = 1;
    return 1;
}

int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial)
{
    ASN1_INTEGER *in;

    if (x == NULL)
        return 0;
    in = &x->cert_info.serialNumber;
    if (in != serial)
        return ASN1_STRING_copy(in, serial);
    x->cert_info.enc.modified = 1;
    return 1;
}

int X509_set_issuer_name(X509 *x, const X509_NAME *name)
{
    if (x == NULL || !X509_NAME_set(&x->cert_info.issuer, name))
        return 0;
    x->cert_info.enc.modified = 1;
    return 1;
}

int X509_set_subject_name(X509 *x, const X509_NAME *name)
{
    if (x == NULL || !X509_NAME_set(&x->cert_info.subject, name))
        return 0;
    x->cert_info.enc.modified = 1;
    return 1;
}

int ossl_x509_set1_time(int *modified, ASN1_TIME **ptm, const ASN1_TIME *tm)
{
    ASN1_TIME *new;

    if (*ptm == tm)
        return 1;
    new = ASN1_STRING_dup(tm);
    if (tm != NULL && new == NULL)
        return 0;
    ASN1_TIME_free(*ptm);
    *ptm = new;
    if (modified != NULL)
        *modified = 1;
    return 1;
}

int X509_set1_notBefore(X509 *x, const ASN1_TIME *tm)
{
    if (x == NULL || tm == NULL)
        return 0;
    return ossl_x509_set1_time(&x->cert_info.enc.modified,
                               &x->cert_info.validity.notBefore, tm);
}

int X509_set1_notAfter(X509 *x, const ASN1_TIME *tm)
{
    if (x == NULL || tm == NULL)
        return 0;
    return ossl_x509_set1_time(&x->cert_info.enc.modified,
                               &x->cert_info.validity.notAfter, tm);
}

int X509_set_pubkey(X509 *x, EVP_PKEY *pkey)
{
    if (x == NULL)
        return 0;
    if (!X509_PUBKEY_set(&(x->cert_info.key), pkey))
        return 0;
    x->cert_info.enc.modified = 1;
    return 1;
}

int X509_up_ref(X509 *x)
{
    int i;

    if (CRYPTO_UP_REF(&x->references, &i) <= 0)
        return 0;

    REF_PRINT_COUNT("X509", i, x);
    REF_ASSERT_ISNT(i < 2);
    return i > 1;
}

long X509_get_version(const X509 *x)
{
    return ASN1_INTEGER_get(x->cert_info.version);
}

const ASN1_TIME *X509_get0_notBefore(const X509 *x)
{
    return x->cert_info.validity.notBefore;
}

const ASN1_TIME *X509_get0_notAfter(const X509 *x)
{
    return x->cert_info.validity.notAfter;
}

ASN1_TIME *X509_getm_notBefore(const X509 *x)
{
    return x->cert_info.validity.notBefore;
}

ASN1_TIME *X509_getm_notAfter(const X509 *x)
{
    return x->cert_info.validity.notAfter;
}

int X509_get_signature_type(const X509 *x)
{
    return EVP_PKEY_type(OBJ_obj2nid(x->sig_alg.algorithm));
}

X509_PUBKEY *X509_get_X509_PUBKEY(const X509 *x)
{
    return x->cert_info.key;
}

const STACK_OF(X509_EXTENSION) *X509_get0_extensions(const X509 *x)
{
    return x->cert_info.extensions;
}

void X509_get0_uids(const X509 *x, const ASN1_BIT_STRING **piuid,
                    const ASN1_BIT_STRING **psuid)
{
    if (piuid != NULL)
        *piuid = x->cert_info.issuerUID;
    if (psuid != NULL)
        *psuid = x->cert_info.subjectUID;
}

const X509_ALGOR *X509_get0_tbs_sigalg(const X509 *x)
{
    return &x->cert_info.signature;
}

int X509_SIG_INFO_get(const X509_SIG_INFO *siginf, int *mdnid, int *pknid,
                      int *secbits, uint32_t *flags)
{
    if (mdnid != NULL)
        *mdnid = siginf->mdnid;
    if (pknid != NULL)
        *pknid = siginf->pknid;
    if (secbits != NULL)
        *secbits = siginf->secbits;
    if (flags != NULL)
        *flags = siginf->flags;
    return (siginf->flags & X509_SIG_INFO_VALID) != 0;
}

void X509_SIG_INFO_set(X509_SIG_INFO *siginf, int mdnid, int pknid,
                       int secbits, uint32_t flags)
{
    siginf->mdnid = mdnid;
    siginf->pknid = pknid;
    siginf->secbits = secbits;
    siginf->flags = flags;
}

int X509_get_signature_info(X509 *x, int *mdnid, int *pknid, int *secbits,
                            uint32_t *flags)
{
    X509_check_purpose(x, -1, -1);
    return X509_SIG_INFO_get(&x->siginf, mdnid, pknid, secbits, flags);
}

/* Modify *siginf according to alg and sig. Return 1 on success, else 0. */
static int x509_sig_info_init(X509_SIG_INFO *siginf, const X509_ALGOR *alg,
                              const ASN1_STRING *sig, const EVP_PKEY *pubkey)
{
    int pknid, mdnid, md_size;
    const EVP_MD *md;
    const EVP_PKEY_ASN1_METHOD *ameth;

    siginf->mdnid = NID_undef;
    siginf->pknid = NID_undef;
    siginf->secbits = -1;
    siginf->flags = 0;
    if (!OBJ_find_sigid_algs(OBJ_obj2nid(alg->algorithm), &mdnid, &pknid)
            || pknid == NID_undef) {
        ERR_raise(ERR_LIB_X509, X509_R_UNKNOWN_SIGID_ALGS);
        return 0;
    }
    siginf->mdnid = mdnid;
    siginf->pknid = pknid;

    switch (mdnid) {
    case NID_undef:
        /* If we have one, use a custom handler for this algorithm */
        ameth = EVP_PKEY_asn1_find(NULL, pknid);
        if (ameth != NULL && ameth->siginf_set != NULL
                && ameth->siginf_set(siginf, alg, sig))
           break;
        if (pubkey != NULL) {
            int secbits;

            secbits = EVP_PKEY_get_security_bits(pubkey);
            if (secbits != 0) {
                siginf->secbits = secbits;
                break;
            }
        }
        ERR_raise(ERR_LIB_X509, X509_R_ERROR_USING_SIGINF_SET);
        return 0;
        /*
         * SHA1 and MD5 are known to be broken. Reduce security bits so that
         * they're no longer accepted at security level 1.
         * The real values don't really matter as long as they're lower than 80,
         * which is our security level 1.
         */
    case NID_sha1:
        /*
         * https://eprint.iacr.org/2020/014 puts a chosen-prefix attack
         * for SHA1 at2^63.4
         */
        siginf->secbits = 63;
        break;
    case NID_md5:
        /*
         * https://documents.epfl.ch/users/l/le/lenstra/public/papers/lat.pdf
         * puts a chosen-prefix attack for MD5 at 2^39.
         */
        siginf->secbits = 39;
        break;
    case NID_id_GostR3411_94:
        /*
         * There is a collision attack on GOST R 34.11-94 at 2^105, see
         * https://link.springer.com/chapter/10.1007%2F978-3-540-85174-5_10
         */
        siginf->secbits = 105;
        break;
    default:
        /* Security bits: half number of bits in digest */
        if ((md = EVP_get_digestbynid(mdnid)) == NULL) {
            ERR_raise(ERR_LIB_X509, X509_R_ERROR_GETTING_MD_BY_NID);
            return 0;
        }
        md_size = EVP_MD_get_size(md);
        if (md_size <= 0)
            return 0;
        siginf->secbits = md_size * 4;
        break;
    }
    switch (mdnid) {
    case NID_sha1:
    case NID_sha256:
    case NID_sha384:
    case NID_sha512:
        siginf->flags |= X509_SIG_INFO_TLS;
    }
    siginf->flags |= X509_SIG_INFO_VALID;
    return 1;
}

/* Returns 1 on success, 0 on failure */
int ossl_x509_init_sig_info(X509 *x)
{
    return x509_sig_info_init(&x->siginf, &x->sig_alg, &x->signature,
                              X509_PUBKEY_get0(x->cert_info.key));
}

Coverage Report

Created: 2025-06-13 06:57

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright 1995-2024 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the Apache License 2.0 (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include <stdio.h>
11		#include "internal/cryptlib.h"
12		#include "internal/refcount.h"
13		#include <openssl/asn1.h>
14		#include <openssl/objects.h>
15		#include <openssl/evp.h>
16		#include <openssl/x509.h>
17		#include <openssl/x509v3.h>
18		#include "crypto/asn1.h"
19		#include "crypto/x509.h"
20		#include "x509_local.h"
21
22		int X509_set_version(X509 *x, long version)
23	0	{
24	0	if (x == NULL)
25	0	return 0;
26	0	if (version == X509_get_version(x))
27	0	return 1; /* avoid needless modification even re-allocation */
28	0	if (version == X509_VERSION_1) {
29	0	ASN1_INTEGER_free(x->cert_info.version);
30	0	x->cert_info.version = NULL;
31	0	x->cert_info.enc.modified = 1;
32	0	return 1;
33	0	}
34	0	if (x->cert_info.version == NULL) {
35	0	if ((x->cert_info.version = ASN1_INTEGER_new()) == NULL)
36	0	return 0;
37	0	}
38	0	if (!ASN1_INTEGER_set(x->cert_info.version, version))
39	0	return 0;
40	0	x->cert_info.enc.modified = 1;
41	0	return 1;
42	0	}
43
44		int X509_set_serialNumber(X509 x, ASN1_INTEGER serial)
45	0	{
46	0	ASN1_INTEGER *in;
47
48	0	if (x == NULL)
49	0	return 0;
50	0	in = &x->cert_info.serialNumber;
51	0	if (in != serial)
52	0	return ASN1_STRING_copy(in, serial);
53	0	x->cert_info.enc.modified = 1;
54	0	return 1;
55	0	}
56
57		int X509_set_issuer_name(X509 x, const X509_NAME name)
58	0	{
59	0	if (x == NULL \|\| !X509_NAME_set(&x->cert_info.issuer, name))
60	0	return 0;
61	0	x->cert_info.enc.modified = 1;
62	0	return 1;
63	0	}
64
65		int X509_set_subject_name(X509 x, const X509_NAME name)
66	0	{
67	0	if (x == NULL \|\| !X509_NAME_set(&x->cert_info.subject, name))
68	0	return 0;
69	0	x->cert_info.enc.modified = 1;
70	0	return 1;
71	0	}
72
73		int ossl_x509_set1_time(int modified, ASN1_TIME ptm, const ASN1_TIME tm)
74	0	{
75	0	ASN1_TIME *new;
76
77	0	if (*ptm == tm)
78	0	return 1;
79	0	new = ASN1_STRING_dup(tm);
80	0	if (tm != NULL && new == NULL)
81	0	return 0;
82	0	ASN1_TIME_free(*ptm);
83	0	*ptm = new;
84	0	if (modified != NULL)
85	0	*modified = 1;
86	0	return 1;
87	0	}
88
89		int X509_set1_notBefore(X509 x, const ASN1_TIME tm)
90	0	{
91	0	if (x == NULL \|\| tm == NULL)
92	0	return 0;
93	0	return ossl_x509_set1_time(&x->cert_info.enc.modified,
94	0	&x->cert_info.validity.notBefore, tm);
95	0	}
96
97		int X509_set1_notAfter(X509 x, const ASN1_TIME tm)
98	0	{
99	0	if (x == NULL \|\| tm == NULL)
100	0	return 0;
101	0	return ossl_x509_set1_time(&x->cert_info.enc.modified,
102	0	&x->cert_info.validity.notAfter, tm);
103	0	}
104
105		int X509_set_pubkey(X509 x, EVP_PKEY pkey)
106	0	{
107	0	if (x == NULL)
108	0	return 0;
109	0	if (!X509_PUBKEY_set(&(x->cert_info.key), pkey))
110	0	return 0;
111	0	x->cert_info.enc.modified = 1;
112	0	return 1;
113	0	}
114
115		int X509_up_ref(X509 *x)
116	29.8k	{
117	29.8k	int i;
118
119	29.8k	if (CRYPTO_UP_REF(&x->references, &i) <= 0)
120	0	return 0;
121
122	29.8k	REF_PRINT_COUNT("X509", i, x);
123	29.8k	REF_ASSERT_ISNT(i < 2);
124	29.8k	return i > 1;
125	29.8k	}
126
127		long X509_get_version(const X509 *x)
128	13.6k	{
129	13.6k	return ASN1_INTEGER_get(x->cert_info.version);
130	13.6k	}
131
132		const ASN1_TIME X509_get0_notBefore(const X509 x)
133	0	{
134	0	return x->cert_info.validity.notBefore;
135	0	}
136
137		const ASN1_TIME X509_get0_notAfter(const X509 x)
138	0	{
139	0	return x->cert_info.validity.notAfter;
140	0	}
141
142		ASN1_TIME X509_getm_notBefore(const X509 x)
143	0	{
144	0	return x->cert_info.validity.notBefore;
145	0	}
146
147		ASN1_TIME X509_getm_notAfter(const X509 x)
148	0	{
149	0	return x->cert_info.validity.notAfter;
150	0	}
151
152		int X509_get_signature_type(const X509 *x)
153	0	{
154	0	return EVP_PKEY_type(OBJ_obj2nid(x->sig_alg.algorithm));
155	0	}
156
157		X509_PUBKEY X509_get_X509_PUBKEY(const X509 x)
158	0	{
159	0	return x->cert_info.key;
160	0	}
161
162		const STACK_OF(X509_EXTENSION) X509_get0_extensions(const X509 x)
163	0	{
164	0	return x->cert_info.extensions;
165	0	}
166
167		void X509_get0_uids(const X509 x, const ASN1_BIT_STRING *piuid,
168		const ASN1_BIT_STRING **psuid)
169	0	{
170	0	if (piuid != NULL)
171	0	*piuid = x->cert_info.issuerUID;
172	0	if (psuid != NULL)
173	0	*psuid = x->cert_info.subjectUID;
174	0	}
175
176		const X509_ALGOR X509_get0_tbs_sigalg(const X509 x)
177	0	{
178	0	return &x->cert_info.signature;
179	0	}
180
181		int X509_SIG_INFO_get(const X509_SIG_INFO siginf, int mdnid, int *pknid,
182		int secbits, uint32_t flags)
183	476	{
184	476	if (mdnid != NULL)
185	476	*mdnid = siginf->mdnid;
186	476	if (pknid != NULL)
187	476	*pknid = siginf->pknid;
188	476	if (secbits != NULL)
189	0	*secbits = siginf->secbits;
190	476	if (flags != NULL)
191	0	*flags = siginf->flags;
192	476	return (siginf->flags & X509_SIG_INFO_VALID) != 0;
193	476	}
194
195		void X509_SIG_INFO_set(X509_SIG_INFO *siginf, int mdnid, int pknid,
196		int secbits, uint32_t flags)
197	0	{
198	0	siginf->mdnid = mdnid;
199	0	siginf->pknid = pknid;
200	0	siginf->secbits = secbits;
201	0	siginf->flags = flags;
202	0	}
203
204		int X509_get_signature_info(X509 x, int mdnid, int pknid, int secbits,
205		uint32_t *flags)
206	476	{
207	476	X509_check_purpose(x, -1, -1);
208	476	return X509_SIG_INFO_get(&x->siginf, mdnid, pknid, secbits, flags);
209	476	}
210
211		/* Modify siginf according to alg and sig. Return 1 on success, else 0. /
212		static int x509_sig_info_init(X509_SIG_INFO siginf, const X509_ALGOR alg,
213		const ASN1_STRING sig, const EVP_PKEY pubkey)
214	13.6k	{
215	13.6k	int pknid, mdnid, md_size;
216	13.6k	const EVP_MD *md;
217	13.6k	const EVP_PKEY_ASN1_METHOD *ameth;
218
219	13.6k	siginf->mdnid = NID_undef;
220	13.6k	siginf->pknid = NID_undef;
221	13.6k	siginf->secbits = -1;
222	13.6k	siginf->flags = 0;
223	13.6k	if (!OBJ_find_sigid_algs(OBJ_obj2nid(alg->algorithm), &mdnid, &pknid)
224	13.6k	\|\| pknid == NID_undef) {
225	0	ERR_raise(ERR_LIB_X509, X509_R_UNKNOWN_SIGID_ALGS);
226	0	return 0;
227	0	}
228	13.6k	siginf->mdnid = mdnid;
229	13.6k	siginf->pknid = pknid;
230
231	13.6k	switch (mdnid) {
232	0	case NID_undef:
233		/* If we have one, use a custom handler for this algorithm */
234	0	ameth = EVP_PKEY_asn1_find(NULL, pknid);
235	0	if (ameth != NULL && ameth->siginf_set != NULL
236	0	&& ameth->siginf_set(siginf, alg, sig))
237	0	break;
238	0	if (pubkey != NULL) {
239	0	int secbits;
240
241	0	secbits = EVP_PKEY_get_security_bits(pubkey);
242	0	if (secbits != 0) {
243	0	siginf->secbits = secbits;
244	0	break;
245	0	}
246	0	}
247	0	ERR_raise(ERR_LIB_X509, X509_R_ERROR_USING_SIGINF_SET);
248	0	return 0;
249		/*
250		* SHA1 and MD5 are known to be broken. Reduce security bits so that
251		* they're no longer accepted at security level 1.
252		* The real values don't really matter as long as they're lower than 80,
253		* which is our security level 1.
254		*/
255	0	case NID_sha1:
256		/*
257		* https://eprint.iacr.org/2020/014 puts a chosen-prefix attack
258		* for SHA1 at2^63.4
259		*/
260	0	siginf->secbits = 63;
261	0	break;
262	0	case NID_md5:
263		/*
264		* https://documents.epfl.ch/users/l/le/lenstra/public/papers/lat.pdf
265		* puts a chosen-prefix attack for MD5 at 2^39.
266		*/
267	0	siginf->secbits = 39;
268	0	break;
269	0	case NID_id_GostR3411_94:
270		/*
271		* There is a collision attack on GOST R 34.11-94 at 2^105, see
272		* https://link.springer.com/chapter/10.1007%2F978-3-540-85174-5_10
273		*/
274	0	siginf->secbits = 105;
275	0	break;
276	13.6k	default:
277		/* Security bits: half number of bits in digest */
278	13.6k	if ((md = EVP_get_digestbynid(mdnid)) == NULL) {
279	0	ERR_raise(ERR_LIB_X509, X509_R_ERROR_GETTING_MD_BY_NID);
280	0	return 0;
281	0	}
282	13.6k	md_size = EVP_MD_get_size(md);
283	13.6k	if (md_size <= 0)
284	0	return 0;
285	13.6k	siginf->secbits = md_size * 4;
286	13.6k	break;
287	13.6k	}
288	13.6k	switch (mdnid) {
289	0	case NID_sha1:
290	13.6k	case NID_sha256:
291	13.6k	case NID_sha384:
292	13.6k	case NID_sha512:
293	13.6k	siginf->flags \|= X509_SIG_INFO_TLS;
294	13.6k	}
295	13.6k	siginf->flags \|= X509_SIG_INFO_VALID;
296	13.6k	return 1;
297	13.6k	}
298
299		/* Returns 1 on success, 0 on failure */
300		int ossl_x509_init_sig_info(X509 *x)
301	13.6k	{
302	13.6k	return x509_sig_info_init(&x->siginf, &x->sig_alg, &x->signature,
303	13.6k	X509_PUBKEY_get0(x->cert_info.key));
304	13.6k	}