/src/openssl/crypto/x509/pcy_data.c

Source
/*
 * Copyright 2004-2021 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include "internal/cryptlib.h"
#include <openssl/x509.h>
#include <openssl/x509v3.h>

#include "pcy_local.h"

/* Policy Node routines */

void ossl_policy_data_free(X509_POLICY_DATA *data)
{
    if (data == NULL)
        return;
    ASN1_OBJECT_free(data->valid_policy);
    /* Don't free qualifiers if shared */
    if (!(data->flags & POLICY_DATA_FLAG_SHARED_QUALIFIERS))
        sk_POLICYQUALINFO_pop_free(data->qualifier_set, POLICYQUALINFO_free);
    sk_ASN1_OBJECT_pop_free(data->expected_policy_set, ASN1_OBJECT_free);
    OPENSSL_free(data);
}

/*
 * Create a data based on an existing policy. If 'id' is NULL use the OID in
 * the policy, otherwise use 'id'. This behaviour covers the two types of
 * data in RFC3280: data with from a CertificatePolicies extension and
 * additional data with just the qualifiers of anyPolicy and ID from another
 * source.
 */

X509_POLICY_DATA *ossl_policy_data_new(POLICYINFO *policy,
                                       const ASN1_OBJECT *cid, int crit)
{
    X509_POLICY_DATA *ret;
    ASN1_OBJECT *id;

    if (policy == NULL && cid == NULL)
        return NULL;
    if (cid) {
        id = OBJ_dup(cid);
        if (id == NULL)
            return NULL;
    } else
        id = NULL;
    ret = OPENSSL_zalloc(sizeof(*ret));
    if (ret == NULL) {
        ASN1_OBJECT_free(id);
        return NULL;
    }
    ret->expected_policy_set = sk_ASN1_OBJECT_new_null();
    if (ret->expected_policy_set == NULL) {
        OPENSSL_free(ret);
        ASN1_OBJECT_free(id);
        ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
        return NULL;
    }

    if (crit)
        ret->flags = POLICY_DATA_FLAG_CRITICAL;

    if (id)
        ret->valid_policy = id;
    else {
        ret->valid_policy = policy->policyid;
        policy->policyid = NULL;
    }

    if (policy) {
        ret->qualifier_set = policy->qualifiers;
        policy->qualifiers = NULL;
    }

    return ret;
}

Coverage Report

Created: 2025-10-28 06:56

Line	Count	Source
1		/*
2		* Copyright 2004-2021 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the Apache License 2.0 (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include "internal/cryptlib.h"
11		#include <openssl/x509.h>
12		#include <openssl/x509v3.h>
13
14		#include "pcy_local.h"
15
16		/* Policy Node routines */
17
18		void ossl_policy_data_free(X509_POLICY_DATA *data)
19	0	{
20	0	if (data == NULL)
21	0	return;
22	0	ASN1_OBJECT_free(data->valid_policy);
23		/* Don't free qualifiers if shared */
24	0	if (!(data->flags & POLICY_DATA_FLAG_SHARED_QUALIFIERS))
25	0	sk_POLICYQUALINFO_pop_free(data->qualifier_set, POLICYQUALINFO_free);
26	0	sk_ASN1_OBJECT_pop_free(data->expected_policy_set, ASN1_OBJECT_free);
27	0	OPENSSL_free(data);
28	0	}
29
30		/*
31		* Create a data based on an existing policy. If 'id' is NULL use the OID in
32		* the policy, otherwise use 'id'. This behaviour covers the two types of
33		* data in RFC3280: data with from a CertificatePolicies extension and
34		* additional data with just the qualifiers of anyPolicy and ID from another
35		* source.
36		*/
37
38		X509_POLICY_DATA ossl_policy_data_new(POLICYINFO policy,
39		const ASN1_OBJECT *cid, int crit)
40	0	{
41	0	X509_POLICY_DATA *ret;
42	0	ASN1_OBJECT *id;
43
44	0	if (policy == NULL && cid == NULL)
45	0	return NULL;
46	0	if (cid) {
47	0	id = OBJ_dup(cid);
48	0	if (id == NULL)
49	0	return NULL;
50	0	} else
51	0	id = NULL;
52	0	ret = OPENSSL_zalloc(sizeof(*ret));
53	0	if (ret == NULL) {
54	0	ASN1_OBJECT_free(id);
55	0	return NULL;
56	0	}
57	0	ret->expected_policy_set = sk_ASN1_OBJECT_new_null();
58	0	if (ret->expected_policy_set == NULL) {
59	0	OPENSSL_free(ret);
60	0	ASN1_OBJECT_free(id);
61	0	ERR_raise(ERR_LIB_X509V3, ERR_R_CRYPTO_LIB);
62	0	return NULL;
63	0	}
64
65	0	if (crit)
66	0	ret->flags = POLICY_DATA_FLAG_CRITICAL;
67
68	0	if (id)
69	0	ret->valid_policy = id;
70	0	else {
71	0	ret->valid_policy = policy->policyid;
72	0	policy->policyid = NULL;
73	0	}
74
75	0	if (policy) {
76	0	ret->qualifier_set = policy->qualifiers;
77	0	policy->qualifiers = NULL;
78	0	}
79
80	0	return ret;
81	0	}