/src/openssl/crypto/x509/x_x509a.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the OpenSSL license (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | #include <stdio.h> |
11 | | #include "internal/cryptlib.h" |
12 | | #include <openssl/evp.h> |
13 | | #include <openssl/asn1t.h> |
14 | | #include <openssl/x509.h> |
15 | | #include "internal/x509_int.h" |
16 | | |
17 | | /* |
18 | | * X509_CERT_AUX routines. These are used to encode additional user |
19 | | * modifiable data about a certificate. This data is appended to the X509 |
20 | | * encoding when the *_X509_AUX routines are used. This means that the |
21 | | * "traditional" X509 routines will simply ignore the extra data. |
22 | | */ |
23 | | |
24 | | static X509_CERT_AUX *aux_get(X509 *x); |
25 | | |
26 | | ASN1_SEQUENCE(X509_CERT_AUX) = { |
27 | | ASN1_SEQUENCE_OF_OPT(X509_CERT_AUX, trust, ASN1_OBJECT), |
28 | | ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, reject, ASN1_OBJECT, 0), |
29 | | ASN1_OPT(X509_CERT_AUX, alias, ASN1_UTF8STRING), |
30 | | ASN1_OPT(X509_CERT_AUX, keyid, ASN1_OCTET_STRING), |
31 | | ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, other, X509_ALGOR, 1) |
32 | | } ASN1_SEQUENCE_END(X509_CERT_AUX) |
33 | | |
34 | | IMPLEMENT_ASN1_FUNCTIONS(X509_CERT_AUX) |
35 | | |
36 | | int X509_trusted(const X509 *x) |
37 | 0 | { |
38 | 0 | return x->aux ? 1 : 0; |
39 | 0 | } |
40 | | |
41 | | static X509_CERT_AUX *aux_get(X509 *x) |
42 | 0 | { |
43 | 0 | if (x == NULL) |
44 | 0 | return NULL; |
45 | 0 | if (x->aux == NULL && (x->aux = X509_CERT_AUX_new()) == NULL) |
46 | 0 | return NULL; |
47 | 0 | return x->aux; |
48 | 0 | } |
49 | | |
50 | | int X509_alias_set1(X509 *x, const unsigned char *name, int len) |
51 | 0 | { |
52 | 0 | X509_CERT_AUX *aux; |
53 | 0 | if (!name) { |
54 | 0 | if (!x || !x->aux || !x->aux->alias) |
55 | 0 | return 1; |
56 | 0 | ASN1_UTF8STRING_free(x->aux->alias); |
57 | 0 | x->aux->alias = NULL; |
58 | 0 | return 1; |
59 | 0 | } |
60 | 0 | if ((aux = aux_get(x)) == NULL) |
61 | 0 | return 0; |
62 | 0 | if (aux->alias == NULL && (aux->alias = ASN1_UTF8STRING_new()) == NULL) |
63 | 0 | return 0; |
64 | 0 | return ASN1_STRING_set(aux->alias, name, len); |
65 | 0 | } |
66 | | |
67 | | int X509_keyid_set1(X509 *x, const unsigned char *id, int len) |
68 | 0 | { |
69 | 0 | X509_CERT_AUX *aux; |
70 | 0 | if (!id) { |
71 | 0 | if (!x || !x->aux || !x->aux->keyid) |
72 | 0 | return 1; |
73 | 0 | ASN1_OCTET_STRING_free(x->aux->keyid); |
74 | 0 | x->aux->keyid = NULL; |
75 | 0 | return 1; |
76 | 0 | } |
77 | 0 | if ((aux = aux_get(x)) == NULL) |
78 | 0 | return 0; |
79 | 0 | if (aux->keyid == NULL |
80 | 0 | && (aux->keyid = ASN1_OCTET_STRING_new()) == NULL) |
81 | 0 | return 0; |
82 | 0 | return ASN1_STRING_set(aux->keyid, id, len); |
83 | 0 | } |
84 | | |
85 | | unsigned char *X509_alias_get0(X509 *x, int *len) |
86 | 0 | { |
87 | 0 | if (!x->aux || !x->aux->alias) |
88 | 0 | return NULL; |
89 | 0 | if (len) |
90 | 0 | *len = x->aux->alias->length; |
91 | 0 | return x->aux->alias->data; |
92 | 0 | } |
93 | | |
94 | | unsigned char *X509_keyid_get0(X509 *x, int *len) |
95 | 0 | { |
96 | 0 | if (!x->aux || !x->aux->keyid) |
97 | 0 | return NULL; |
98 | 0 | if (len) |
99 | 0 | *len = x->aux->keyid->length; |
100 | 0 | return x->aux->keyid->data; |
101 | 0 | } |
102 | | |
103 | | int X509_add1_trust_object(X509 *x, const ASN1_OBJECT *obj) |
104 | 0 | { |
105 | 0 | X509_CERT_AUX *aux; |
106 | 0 | ASN1_OBJECT *objtmp = NULL; |
107 | 0 | if (obj) { |
108 | 0 | objtmp = OBJ_dup(obj); |
109 | 0 | if (!objtmp) |
110 | 0 | return 0; |
111 | 0 | } |
112 | 0 | if ((aux = aux_get(x)) == NULL) |
113 | 0 | goto err; |
114 | 0 | if (aux->trust == NULL |
115 | 0 | && (aux->trust = sk_ASN1_OBJECT_new_null()) == NULL) |
116 | 0 | goto err; |
117 | 0 | if (!objtmp || sk_ASN1_OBJECT_push(aux->trust, objtmp)) |
118 | 0 | return 1; |
119 | 0 | err: |
120 | 0 | ASN1_OBJECT_free(objtmp); |
121 | 0 | return 0; |
122 | 0 | } |
123 | | |
124 | | int X509_add1_reject_object(X509 *x, const ASN1_OBJECT *obj) |
125 | 0 | { |
126 | 0 | X509_CERT_AUX *aux; |
127 | 0 | ASN1_OBJECT *objtmp; |
128 | 0 | if ((objtmp = OBJ_dup(obj)) == NULL) |
129 | 0 | return 0; |
130 | 0 | if ((aux = aux_get(x)) == NULL) |
131 | 0 | goto err; |
132 | 0 | if (aux->reject == NULL |
133 | 0 | && (aux->reject = sk_ASN1_OBJECT_new_null()) == NULL) |
134 | 0 | goto err; |
135 | 0 | return sk_ASN1_OBJECT_push(aux->reject, objtmp); |
136 | 0 | err: |
137 | 0 | ASN1_OBJECT_free(objtmp); |
138 | 0 | return 0; |
139 | 0 | } |
140 | | |
141 | | void X509_trust_clear(X509 *x) |
142 | 0 | { |
143 | 0 | if (x->aux) { |
144 | 0 | sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free); |
145 | 0 | x->aux->trust = NULL; |
146 | 0 | } |
147 | 0 | } |
148 | | |
149 | | void X509_reject_clear(X509 *x) |
150 | 0 | { |
151 | 0 | if (x->aux) { |
152 | 0 | sk_ASN1_OBJECT_pop_free(x->aux->reject, ASN1_OBJECT_free); |
153 | 0 | x->aux->reject = NULL; |
154 | 0 | } |
155 | 0 | } |
156 | | |
157 | | STACK_OF(ASN1_OBJECT) *X509_get0_trust_objects(X509 *x) |
158 | 0 | { |
159 | 0 | if (x->aux != NULL) |
160 | 0 | return x->aux->trust; |
161 | 0 | return NULL; |
162 | 0 | } |
163 | | |
164 | | STACK_OF(ASN1_OBJECT) *X509_get0_reject_objects(X509 *x) |
165 | 0 | { |
166 | 0 | if (x->aux != NULL) |
167 | 0 | return x->aux->reject; |
168 | 0 | return NULL; |
169 | 0 | } |