/src/openssl/crypto/x509/v3_aaa.c

Source (jump to first uncovered line)
/*
 * Copyright 2024-2025 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <openssl/asn1t.h>
#include <openssl/x509v3.h>
#include <openssl/x509.h>
#include <crypto/x509.h>
#include "ext_dat.h"

ASN1_CHOICE(OSSL_ALLOWED_ATTRIBUTES_CHOICE) = {
    ASN1_IMP(OSSL_ALLOWED_ATTRIBUTES_CHOICE, choice.attributeType, ASN1_OBJECT,
             OSSL_AAA_ATTRIBUTE_TYPE),
    ASN1_IMP(OSSL_ALLOWED_ATTRIBUTES_CHOICE, choice.attributeTypeandValues,
             X509_ATTRIBUTE, OSSL_AAA_ATTRIBUTE_VALUES),
} ASN1_CHOICE_END(OSSL_ALLOWED_ATTRIBUTES_CHOICE)

ASN1_SEQUENCE(OSSL_ALLOWED_ATTRIBUTES_ITEM) = {
    ASN1_IMP_SET_OF(OSSL_ALLOWED_ATTRIBUTES_ITEM, attributes,
                    OSSL_ALLOWED_ATTRIBUTES_CHOICE, 0),
    /* This MUST be EXPLICIT, because it contains a CHOICE. */
    ASN1_EXP(OSSL_ALLOWED_ATTRIBUTES_ITEM, holderDomain, GENERAL_NAME, 1),
} ASN1_SEQUENCE_END(OSSL_ALLOWED_ATTRIBUTES_ITEM)

ASN1_ITEM_TEMPLATE(OSSL_ALLOWED_ATTRIBUTES_SYNTAX) =
    ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, OSSL_ALLOWED_ATTRIBUTES_SYNTAX,
                          OSSL_ALLOWED_ATTRIBUTES_ITEM)
ASN1_ITEM_TEMPLATE_END(OSSL_ALLOWED_ATTRIBUTES_SYNTAX)

IMPLEMENT_ASN1_FUNCTIONS(OSSL_ALLOWED_ATTRIBUTES_CHOICE)
IMPLEMENT_ASN1_FUNCTIONS(OSSL_ALLOWED_ATTRIBUTES_ITEM)
IMPLEMENT_ASN1_FUNCTIONS(OSSL_ALLOWED_ATTRIBUTES_SYNTAX)

static int i2r_ALLOWED_ATTRIBUTES_CHOICE(X509V3_EXT_METHOD *method,
                                         OSSL_ALLOWED_ATTRIBUTES_CHOICE *a,
                                         BIO *out, int indent)
{
    ASN1_OBJECT *attr_obj;
    int attr_nid, j;
    X509_ATTRIBUTE *attr;
    ASN1_TYPE *av;

    switch (a->type) {
    case (OSSL_AAA_ATTRIBUTE_TYPE):
        if (BIO_printf(out, "%*sAttribute Type: ", indent, "") <= 0)
            return 0;
        if (i2a_ASN1_OBJECT(out, a->choice.attributeType) <= 0)
            return 0;
        return BIO_puts(out, "\n") > 0;
    case (OSSL_AAA_ATTRIBUTE_VALUES):
        attr = a->choice.attributeTypeandValues;
        attr_obj = X509_ATTRIBUTE_get0_object(attr);
        attr_nid = OBJ_obj2nid(attr_obj);
        if (BIO_printf(out, "%*sAttribute Values: ", indent, "") <= 0)
            return 0;
        if (i2a_ASN1_OBJECT(out, attr_obj) <= 0)
            return 0;
        if (BIO_puts(out, "\n") <= 0)
            return 0;
        for (j = 0; j < X509_ATTRIBUTE_count(attr); j++) {
            av = X509_ATTRIBUTE_get0_type(attr, j);
            if (ossl_print_attribute_value(out, attr_nid, av, indent + 4) <= 0)
                return 0;
            if (BIO_puts(out, "\n") <= 0)
                return 0;
        }
        break;
    default:
        return 0;
    }
    return 1;
}

static int i2r_ALLOWED_ATTRIBUTES_ITEM(X509V3_EXT_METHOD *method,
                                       OSSL_ALLOWED_ATTRIBUTES_ITEM *aai,
                                       BIO *out, int indent)
{
    int i;
    OSSL_ALLOWED_ATTRIBUTES_CHOICE *a;

    for (i = 0; i < sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_num(aai->attributes); i++) {
        if (BIO_printf(out, "%*sAllowed Attribute Type or Values:\n", indent, "") <= 0)
            return 0;
        a = sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_value(aai->attributes, i);
        if (i2r_ALLOWED_ATTRIBUTES_CHOICE(method, a, out, indent + 4) <= 0)
            return 0;
    }
    if (BIO_printf(out, "%*sHolder Domain: ", indent, "") <= 0)
        return 0;
    if (GENERAL_NAME_print(out, aai->holderDomain) <= 0)
        return 0;
    if (BIO_puts(out, "\n") <= 0)
        return 0;
    return 1;
}

static int i2r_ALLOWED_ATTRIBUTES_SYNTAX(X509V3_EXT_METHOD *method,
                                         OSSL_ALLOWED_ATTRIBUTES_SYNTAX *aaa,
                                         BIO *out, int indent)
{
    int i;
    OSSL_ALLOWED_ATTRIBUTES_ITEM *aai;

    for (i = 0; i < sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_num(aaa); i++) {
        if (BIO_printf(out, "%*sAllowed Attributes:\n", indent, "") <= 0)
            return 0;
        aai = sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_value(aaa, i);
        if (i2r_ALLOWED_ATTRIBUTES_ITEM(method, aai, out, indent + 4) <= 0)
            return 0;
    }
    return 1;
}

const X509V3_EXT_METHOD ossl_v3_allowed_attribute_assignments = {
    NID_allowed_attribute_assignments, 0,
    ASN1_ITEM_ref(OSSL_ALLOWED_ATTRIBUTES_SYNTAX),
    0, 0, 0, 0,
    0, 0,
    0,
    0,
    (X509V3_EXT_I2R)i2r_ALLOWED_ATTRIBUTES_SYNTAX,
    0,
    NULL
};

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright 2024-2025 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the Apache License 2.0 (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include <openssl/asn1t.h>
11		#include <openssl/x509v3.h>
12		#include <openssl/x509.h>
13		#include <crypto/x509.h>
14		#include "ext_dat.h"
15
16		ASN1_CHOICE(OSSL_ALLOWED_ATTRIBUTES_CHOICE) = {
17		ASN1_IMP(OSSL_ALLOWED_ATTRIBUTES_CHOICE, choice.attributeType, ASN1_OBJECT,
18		OSSL_AAA_ATTRIBUTE_TYPE),
19		ASN1_IMP(OSSL_ALLOWED_ATTRIBUTES_CHOICE, choice.attributeTypeandValues,
20		X509_ATTRIBUTE, OSSL_AAA_ATTRIBUTE_VALUES),
21		} ASN1_CHOICE_END(OSSL_ALLOWED_ATTRIBUTES_CHOICE)
22
23		ASN1_SEQUENCE(OSSL_ALLOWED_ATTRIBUTES_ITEM) = {
24		ASN1_IMP_SET_OF(OSSL_ALLOWED_ATTRIBUTES_ITEM, attributes,
25		OSSL_ALLOWED_ATTRIBUTES_CHOICE, 0),
26		/* This MUST be EXPLICIT, because it contains a CHOICE. */
27		ASN1_EXP(OSSL_ALLOWED_ATTRIBUTES_ITEM, holderDomain, GENERAL_NAME, 1),
28		} ASN1_SEQUENCE_END(OSSL_ALLOWED_ATTRIBUTES_ITEM)
29
30		ASN1_ITEM_TEMPLATE(OSSL_ALLOWED_ATTRIBUTES_SYNTAX) =
31		ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, OSSL_ALLOWED_ATTRIBUTES_SYNTAX,
32		OSSL_ALLOWED_ATTRIBUTES_ITEM)
33		ASN1_ITEM_TEMPLATE_END(OSSL_ALLOWED_ATTRIBUTES_SYNTAX)
34
35		IMPLEMENT_ASN1_FUNCTIONS(OSSL_ALLOWED_ATTRIBUTES_CHOICE)
36		IMPLEMENT_ASN1_FUNCTIONS(OSSL_ALLOWED_ATTRIBUTES_ITEM)
37		IMPLEMENT_ASN1_FUNCTIONS(OSSL_ALLOWED_ATTRIBUTES_SYNTAX)
38
39		static int i2r_ALLOWED_ATTRIBUTES_CHOICE(X509V3_EXT_METHOD *method,
40		OSSL_ALLOWED_ATTRIBUTES_CHOICE *a,
41		BIO *out, int indent)
42	0	{
43	0	ASN1_OBJECT *attr_obj;
44	0	int attr_nid, j;
45	0	X509_ATTRIBUTE *attr;
46	0	ASN1_TYPE *av;
47
48	0	switch (a->type) {
49	0	case (OSSL_AAA_ATTRIBUTE_TYPE):
50	0	if (BIO_printf(out, "%*sAttribute Type: ", indent, "") <= 0)
51	0	return 0;
52	0	if (i2a_ASN1_OBJECT(out, a->choice.attributeType) <= 0)
53	0	return 0;
54	0	return BIO_puts(out, "\n") > 0;
55	0	case (OSSL_AAA_ATTRIBUTE_VALUES):
56	0	attr = a->choice.attributeTypeandValues;
57	0	attr_obj = X509_ATTRIBUTE_get0_object(attr);
58	0	attr_nid = OBJ_obj2nid(attr_obj);
59	0	if (BIO_printf(out, "%*sAttribute Values: ", indent, "") <= 0)
60	0	return 0;
61	0	if (i2a_ASN1_OBJECT(out, attr_obj) <= 0)
62	0	return 0;
63	0	if (BIO_puts(out, "\n") <= 0)
64	0	return 0;
65	0	for (j = 0; j < X509_ATTRIBUTE_count(attr); j++) {
66	0	av = X509_ATTRIBUTE_get0_type(attr, j);
67	0	if (ossl_print_attribute_value(out, attr_nid, av, indent + 4) <= 0)
68	0	return 0;
69	0	if (BIO_puts(out, "\n") <= 0)
70	0	return 0;
71	0	}
72	0	break;
73	0	default:
74	0	return 0;
75	0	}
76	0	return 1;
77	0	}
78
79		static int i2r_ALLOWED_ATTRIBUTES_ITEM(X509V3_EXT_METHOD *method,
80		OSSL_ALLOWED_ATTRIBUTES_ITEM *aai,
81		BIO *out, int indent)
82	0	{
83	0	int i;
84	0	OSSL_ALLOWED_ATTRIBUTES_CHOICE *a;
85
86	0	for (i = 0; i < sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_num(aai->attributes); i++) {
87	0	if (BIO_printf(out, "%*sAllowed Attribute Type or Values:\n", indent, "") <= 0)
88	0	return 0;
89	0	a = sk_OSSL_ALLOWED_ATTRIBUTES_CHOICE_value(aai->attributes, i);
90	0	if (i2r_ALLOWED_ATTRIBUTES_CHOICE(method, a, out, indent + 4) <= 0)
91	0	return 0;
92	0	}
93	0	if (BIO_printf(out, "%*sHolder Domain: ", indent, "") <= 0)
94	0	return 0;
95	0	if (GENERAL_NAME_print(out, aai->holderDomain) <= 0)
96	0	return 0;
97	0	if (BIO_puts(out, "\n") <= 0)
98	0	return 0;
99	0	return 1;
100	0	}
101
102		static int i2r_ALLOWED_ATTRIBUTES_SYNTAX(X509V3_EXT_METHOD *method,
103		OSSL_ALLOWED_ATTRIBUTES_SYNTAX *aaa,
104		BIO *out, int indent)
105	0	{
106	0	int i;
107	0	OSSL_ALLOWED_ATTRIBUTES_ITEM *aai;
108
109	0	for (i = 0; i < sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_num(aaa); i++) {
110	0	if (BIO_printf(out, "%*sAllowed Attributes:\n", indent, "") <= 0)
111	0	return 0;
112	0	aai = sk_OSSL_ALLOWED_ATTRIBUTES_ITEM_value(aaa, i);
113	0	if (i2r_ALLOWED_ATTRIBUTES_ITEM(method, aai, out, indent + 4) <= 0)
114	0	return 0;
115	0	}
116	0	return 1;
117	0	}
118
119		const X509V3_EXT_METHOD ossl_v3_allowed_attribute_assignments = {
120		NID_allowed_attribute_assignments, 0,
121		ASN1_ITEM_ref(OSSL_ALLOWED_ATTRIBUTES_SYNTAX),
122		0, 0, 0, 0,
123		0, 0,
124		0,
125		0,
126		(X509V3_EXT_I2R)i2r_ALLOWED_ATTRIBUTES_SYNTAX,
127		0,
128		NULL
129		};

Coverage Report

Created: 2025-06-13 06:55