xref: /third_party/openssl/crypto/x509/x_x509a.c (revision e1051a39) 
1e1051a39Sopenharmony_ci/*
2e1051a39Sopenharmony_ci * Copyright 1999-2021 The OpenSSL Project Authors. All Rights Reserved.
3e1051a39Sopenharmony_ci *
4e1051a39Sopenharmony_ci * Licensed under the Apache License 2.0 (the "License").  You may not use
5e1051a39Sopenharmony_ci * this file except in compliance with the License.  You can obtain a copy
6e1051a39Sopenharmony_ci * in the file LICENSE in the source distribution or at
7e1051a39Sopenharmony_ci * https://www.openssl.org/source/license.html
8e1051a39Sopenharmony_ci */
9e1051a39Sopenharmony_ci
10e1051a39Sopenharmony_ci#include <stdio.h>
11e1051a39Sopenharmony_ci#include "internal/cryptlib.h"
12e1051a39Sopenharmony_ci#include <openssl/evp.h>
13e1051a39Sopenharmony_ci#include <openssl/asn1t.h>
14e1051a39Sopenharmony_ci#include <openssl/x509.h>
15e1051a39Sopenharmony_ci#include "crypto/x509.h"
16e1051a39Sopenharmony_ci
17e1051a39Sopenharmony_ci/*
18e1051a39Sopenharmony_ci * X509_CERT_AUX routines. These are used to encode additional user
19e1051a39Sopenharmony_ci * modifiable data about a certificate. This data is appended to the X509
20e1051a39Sopenharmony_ci * encoding when the *_X509_AUX routines are used. This means that the
21e1051a39Sopenharmony_ci * "traditional" X509 routines will simply ignore the extra data.
22e1051a39Sopenharmony_ci */
23e1051a39Sopenharmony_ci
24e1051a39Sopenharmony_cistatic X509_CERT_AUX *aux_get(X509 *x);
25e1051a39Sopenharmony_ci
26e1051a39Sopenharmony_ciASN1_SEQUENCE(X509_CERT_AUX) = {
27e1051a39Sopenharmony_ci        ASN1_SEQUENCE_OF_OPT(X509_CERT_AUX, trust, ASN1_OBJECT),
28e1051a39Sopenharmony_ci        ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, reject, ASN1_OBJECT, 0),
29e1051a39Sopenharmony_ci        ASN1_OPT(X509_CERT_AUX, alias, ASN1_UTF8STRING),
30e1051a39Sopenharmony_ci        ASN1_OPT(X509_CERT_AUX, keyid, ASN1_OCTET_STRING),
31e1051a39Sopenharmony_ci        ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, other, X509_ALGOR, 1)
32e1051a39Sopenharmony_ci} ASN1_SEQUENCE_END(X509_CERT_AUX)
33e1051a39Sopenharmony_ci
34e1051a39Sopenharmony_ciIMPLEMENT_ASN1_FUNCTIONS(X509_CERT_AUX)
35e1051a39Sopenharmony_ci
36e1051a39Sopenharmony_ciint X509_trusted(const X509 *x)
37e1051a39Sopenharmony_ci{
38e1051a39Sopenharmony_ci    return x->aux ? 1 : 0;
39e1051a39Sopenharmony_ci}
40e1051a39Sopenharmony_ci
41e1051a39Sopenharmony_cistatic X509_CERT_AUX *aux_get(X509 *x)
42e1051a39Sopenharmony_ci{
43e1051a39Sopenharmony_ci    if (x == NULL)
44e1051a39Sopenharmony_ci        return NULL;
45e1051a39Sopenharmony_ci    if (x->aux == NULL && (x->aux = X509_CERT_AUX_new()) == NULL)
46e1051a39Sopenharmony_ci        return NULL;
47e1051a39Sopenharmony_ci    return x->aux;
48e1051a39Sopenharmony_ci}
49e1051a39Sopenharmony_ci
50e1051a39Sopenharmony_ciint X509_alias_set1(X509 *x, const unsigned char *name, int len)
51e1051a39Sopenharmony_ci{
52e1051a39Sopenharmony_ci    X509_CERT_AUX *aux;
53e1051a39Sopenharmony_ci    if (!name) {
54e1051a39Sopenharmony_ci        if (!x || !x->aux || !x->aux->alias)
55e1051a39Sopenharmony_ci            return 1;
56e1051a39Sopenharmony_ci        ASN1_UTF8STRING_free(x->aux->alias);
57e1051a39Sopenharmony_ci        x->aux->alias = NULL;
58e1051a39Sopenharmony_ci        return 1;
59e1051a39Sopenharmony_ci    }
60e1051a39Sopenharmony_ci    if ((aux = aux_get(x)) == NULL)
61e1051a39Sopenharmony_ci        return 0;
62e1051a39Sopenharmony_ci    if (aux->alias == NULL && (aux->alias = ASN1_UTF8STRING_new()) == NULL)
63e1051a39Sopenharmony_ci        return 0;
64e1051a39Sopenharmony_ci    return ASN1_STRING_set(aux->alias, name, len);
65e1051a39Sopenharmony_ci}
66e1051a39Sopenharmony_ci
67e1051a39Sopenharmony_ciint X509_keyid_set1(X509 *x, const unsigned char *id, int len)
68e1051a39Sopenharmony_ci{
69e1051a39Sopenharmony_ci    X509_CERT_AUX *aux;
70e1051a39Sopenharmony_ci    if (!id) {
71e1051a39Sopenharmony_ci        if (!x || !x->aux || !x->aux->keyid)
72e1051a39Sopenharmony_ci            return 1;
73e1051a39Sopenharmony_ci        ASN1_OCTET_STRING_free(x->aux->keyid);
74e1051a39Sopenharmony_ci        x->aux->keyid = NULL;
75e1051a39Sopenharmony_ci        return 1;
76e1051a39Sopenharmony_ci    }
77e1051a39Sopenharmony_ci    if ((aux = aux_get(x)) == NULL)
78e1051a39Sopenharmony_ci        return 0;
79e1051a39Sopenharmony_ci    if (aux->keyid == NULL
80e1051a39Sopenharmony_ci        && (aux->keyid = ASN1_OCTET_STRING_new()) == NULL)
81e1051a39Sopenharmony_ci        return 0;
82e1051a39Sopenharmony_ci    return ASN1_STRING_set(aux->keyid, id, len);
83e1051a39Sopenharmony_ci}
84e1051a39Sopenharmony_ci
85e1051a39Sopenharmony_ciunsigned char *X509_alias_get0(X509 *x, int *len)
86e1051a39Sopenharmony_ci{
87e1051a39Sopenharmony_ci    if (!x->aux || !x->aux->alias)
88e1051a39Sopenharmony_ci        return NULL;
89e1051a39Sopenharmony_ci    if (len)
90e1051a39Sopenharmony_ci        *len = x->aux->alias->length;
91e1051a39Sopenharmony_ci    return x->aux->alias->data;
92e1051a39Sopenharmony_ci}
93e1051a39Sopenharmony_ci
94e1051a39Sopenharmony_ciunsigned char *X509_keyid_get0(X509 *x, int *len)
95e1051a39Sopenharmony_ci{
96e1051a39Sopenharmony_ci    if (!x->aux || !x->aux->keyid)
97e1051a39Sopenharmony_ci        return NULL;
98e1051a39Sopenharmony_ci    if (len)
99e1051a39Sopenharmony_ci        *len = x->aux->keyid->length;
100e1051a39Sopenharmony_ci    return x->aux->keyid->data;
101e1051a39Sopenharmony_ci}
102e1051a39Sopenharmony_ci
103e1051a39Sopenharmony_ciint X509_add1_trust_object(X509 *x, const ASN1_OBJECT *obj)
104e1051a39Sopenharmony_ci{
105e1051a39Sopenharmony_ci    X509_CERT_AUX *aux;
106e1051a39Sopenharmony_ci    ASN1_OBJECT *objtmp = NULL;
107e1051a39Sopenharmony_ci    if (obj) {
108e1051a39Sopenharmony_ci        objtmp = OBJ_dup(obj);
109e1051a39Sopenharmony_ci        if (!objtmp)
110e1051a39Sopenharmony_ci            return 0;
111e1051a39Sopenharmony_ci    }
112e1051a39Sopenharmony_ci    if ((aux = aux_get(x)) == NULL)
113e1051a39Sopenharmony_ci        goto err;
114e1051a39Sopenharmony_ci    if (aux->trust == NULL
115e1051a39Sopenharmony_ci        && (aux->trust = sk_ASN1_OBJECT_new_null()) == NULL)
116e1051a39Sopenharmony_ci        goto err;
117e1051a39Sopenharmony_ci    if (!objtmp || sk_ASN1_OBJECT_push(aux->trust, objtmp))
118e1051a39Sopenharmony_ci        return 1;
119e1051a39Sopenharmony_ci err:
120e1051a39Sopenharmony_ci    ASN1_OBJECT_free(objtmp);
121e1051a39Sopenharmony_ci    return 0;
122e1051a39Sopenharmony_ci}
123e1051a39Sopenharmony_ci
124e1051a39Sopenharmony_ciint X509_add1_reject_object(X509 *x, const ASN1_OBJECT *obj)
125e1051a39Sopenharmony_ci{
126e1051a39Sopenharmony_ci    X509_CERT_AUX *aux;
127e1051a39Sopenharmony_ci    ASN1_OBJECT *objtmp;
128e1051a39Sopenharmony_ci    int res = 0;
129e1051a39Sopenharmony_ci
130e1051a39Sopenharmony_ci    if ((objtmp = OBJ_dup(obj)) == NULL)
131e1051a39Sopenharmony_ci        return 0;
132e1051a39Sopenharmony_ci    if ((aux = aux_get(x)) == NULL)
133e1051a39Sopenharmony_ci        goto err;
134e1051a39Sopenharmony_ci    if (aux->reject == NULL
135e1051a39Sopenharmony_ci        && (aux->reject = sk_ASN1_OBJECT_new_null()) == NULL)
136e1051a39Sopenharmony_ci        goto err;
137e1051a39Sopenharmony_ci    if (sk_ASN1_OBJECT_push(aux->reject, objtmp) > 0)
138e1051a39Sopenharmony_ci        res = 1;
139e1051a39Sopenharmony_ci
140e1051a39Sopenharmony_ci err:
141e1051a39Sopenharmony_ci    if (!res)
142e1051a39Sopenharmony_ci        ASN1_OBJECT_free(objtmp);
143e1051a39Sopenharmony_ci    return res;
144e1051a39Sopenharmony_ci}
145e1051a39Sopenharmony_ci
146e1051a39Sopenharmony_civoid X509_trust_clear(X509 *x)
147e1051a39Sopenharmony_ci{
148e1051a39Sopenharmony_ci    if (x->aux) {
149e1051a39Sopenharmony_ci        sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free);
150e1051a39Sopenharmony_ci        x->aux->trust = NULL;
151e1051a39Sopenharmony_ci    }
152e1051a39Sopenharmony_ci}
153e1051a39Sopenharmony_ci
154e1051a39Sopenharmony_civoid X509_reject_clear(X509 *x)
155e1051a39Sopenharmony_ci{
156e1051a39Sopenharmony_ci    if (x->aux) {
157e1051a39Sopenharmony_ci        sk_ASN1_OBJECT_pop_free(x->aux->reject, ASN1_OBJECT_free);
158e1051a39Sopenharmony_ci        x->aux->reject = NULL;
159e1051a39Sopenharmony_ci    }
160e1051a39Sopenharmony_ci}
161e1051a39Sopenharmony_ci
162e1051a39Sopenharmony_ciSTACK_OF(ASN1_OBJECT) *X509_get0_trust_objects(X509 *x)
163e1051a39Sopenharmony_ci{
164e1051a39Sopenharmony_ci    if (x->aux != NULL)
165e1051a39Sopenharmony_ci        return x->aux->trust;
166e1051a39Sopenharmony_ci    return NULL;
167e1051a39Sopenharmony_ci}
168e1051a39Sopenharmony_ci
169e1051a39Sopenharmony_ciSTACK_OF(ASN1_OBJECT) *X509_get0_reject_objects(X509 *x)
170e1051a39Sopenharmony_ci{
171e1051a39Sopenharmony_ci    if (x->aux != NULL)
172e1051a39Sopenharmony_ci        return x->aux->reject;
173e1051a39Sopenharmony_ci    return NULL;
174e1051a39Sopenharmony_ci}
175