GCC Code Coverage Report
Directory: ./ Exec Total Coverage
File: lib/libcrypto/asn1/x_x509a.c Lines: 35 76 46.1 %
Date: 2017-11-07 Branches: 26 74 35.1 %

Line Branch Exec Source
1
/* $OpenBSD: x_x509a.c,v 1.14 2015/02/14 15:28:39 miod Exp $ */
2
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3
 * project 1999.
4
 */
5
/* ====================================================================
6
 * Copyright (c) 1999 The OpenSSL Project.  All rights reserved.
7
 *
8
 * Redistribution and use in source and binary forms, with or without
9
 * modification, are permitted provided that the following conditions
10
 * are met:
11
 *
12
 * 1. Redistributions of source code must retain the above copyright
13
 *    notice, this list of conditions and the following disclaimer.
14
 *
15
 * 2. Redistributions in binary form must reproduce the above copyright
16
 *    notice, this list of conditions and the following disclaimer in
17
 *    the documentation and/or other materials provided with the
18
 *    distribution.
19
 *
20
 * 3. All advertising materials mentioning features or use of this
21
 *    software must display the following acknowledgment:
22
 *    "This product includes software developed by the OpenSSL Project
23
 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24
 *
25
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26
 *    endorse or promote products derived from this software without
27
 *    prior written permission. For written permission, please contact
28
 *    licensing@OpenSSL.org.
29
 *
30
 * 5. Products derived from this software may not be called "OpenSSL"
31
 *    nor may "OpenSSL" appear in their names without prior written
32
 *    permission of the OpenSSL Project.
33
 *
34
 * 6. Redistributions of any form whatsoever must retain the following
35
 *    acknowledgment:
36
 *    "This product includes software developed by the OpenSSL Project
37
 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38
 *
39
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
43
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50
 * OF THE POSSIBILITY OF SUCH DAMAGE.
51
 * ====================================================================
52
 *
53
 * This product includes cryptographic software written by Eric Young
54
 * (eay@cryptsoft.com).  This product includes software written by Tim
55
 * Hudson (tjh@cryptsoft.com).
56
 *
57
 */
58
59
#include <stdio.h>
60
61
#include <openssl/asn1t.h>
62
#include <openssl/evp.h>
63
#include <openssl/x509.h>
64
65
/* X509_CERT_AUX routines. These are used to encode additional
66
 * user modifiable data about a certificate. This data is
67
 * appended to the X509 encoding when the *_X509_AUX routines
68
 * are used. This means that the "traditional" X509 routines
69
 * will simply ignore the extra data.
70
 */
71
72
static X509_CERT_AUX *aux_get(X509 *x);
73
74
static const ASN1_TEMPLATE X509_CERT_AUX_seq_tt[] = {
75
	{
76
		.flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
77
		.offset = offsetof(X509_CERT_AUX, trust),
78
		.field_name = "trust",
79
		.item = &ASN1_OBJECT_it,
80
	},
81
	{
82
		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF |
83
		    ASN1_TFLG_OPTIONAL,
84
		.tag = 0,
85
		.offset = offsetof(X509_CERT_AUX, reject),
86
		.field_name = "reject",
87
		.item = &ASN1_OBJECT_it,
88
	},
89
	{
90
		.flags = ASN1_TFLG_OPTIONAL,
91
		.offset = offsetof(X509_CERT_AUX, alias),
92
		.field_name = "alias",
93
		.item = &ASN1_UTF8STRING_it,
94
	},
95
	{
96
		.flags = ASN1_TFLG_OPTIONAL,
97
		.offset = offsetof(X509_CERT_AUX, keyid),
98
		.field_name = "keyid",
99
		.item = &ASN1_OCTET_STRING_it,
100
	},
101
	{
102
		.flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF |
103
		    ASN1_TFLG_OPTIONAL,
104
		.tag = 1,
105
		.offset = offsetof(X509_CERT_AUX, other),
106
		.field_name = "other",
107
		.item = &X509_ALGOR_it,
108
	},
109
};
110
111
const ASN1_ITEM X509_CERT_AUX_it = {
112
	.itype = ASN1_ITYPE_SEQUENCE,
113
	.utype = V_ASN1_SEQUENCE,
114
	.templates = X509_CERT_AUX_seq_tt,
115
	.tcount = sizeof(X509_CERT_AUX_seq_tt) / sizeof(ASN1_TEMPLATE),
116
	.size = sizeof(X509_CERT_AUX),
117
	.sname = "X509_CERT_AUX",
118
};
119
120
121
X509_CERT_AUX *
122
d2i_X509_CERT_AUX(X509_CERT_AUX **a, const unsigned char **in, long len)
123
{
124
	return (X509_CERT_AUX *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
125
	    &X509_CERT_AUX_it);
126
}
127
128
int
129
i2d_X509_CERT_AUX(X509_CERT_AUX *a, unsigned char **out)
130
{
131
8
	return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_CERT_AUX_it);
132
}
133
134
X509_CERT_AUX *
135
X509_CERT_AUX_new(void)
136
{
137
8
	return (X509_CERT_AUX *)ASN1_item_new(&X509_CERT_AUX_it);
138
}
139
140
void
141
X509_CERT_AUX_free(X509_CERT_AUX *a)
142
{
143
31072
	ASN1_item_free((ASN1_VALUE *)a, &X509_CERT_AUX_it);
144
15536
}
145
146
static X509_CERT_AUX *
147
aux_get(X509 *x)
148
{
149
12
	if (!x)
150
		return NULL;
151

10
	if (!x->aux && !(x->aux = X509_CERT_AUX_new()))
152
		return NULL;
153
6
	return x->aux;
154
6
}
155
156
int
157
X509_alias_set1(X509 *x, unsigned char *name, int len)
158
{
159
	X509_CERT_AUX *aux;
160
12
	if (!name) {
161

4
		if (!x || !x->aux || !x->aux->alias)
162
2
			return 1;
163
		ASN1_UTF8STRING_free(x->aux->alias);
164
		x->aux->alias = NULL;
165
		return 1;
166
	}
167
4
	if (!(aux = aux_get(x)))
168
		return 0;
169

8
	if (!aux->alias && !(aux->alias = ASN1_UTF8STRING_new()))
170
		return 0;
171
4
	return ASN1_STRING_set(aux->alias, name, len);
172
6
}
173
174
int
175
X509_keyid_set1(X509 *x, unsigned char *id, int len)
176
{
177
	X509_CERT_AUX *aux;
178
4
	if (!id) {
179

4
		if (!x || !x->aux || !x->aux->keyid)
180
2
			return 1;
181
		ASN1_OCTET_STRING_free(x->aux->keyid);
182
		x->aux->keyid = NULL;
183
		return 1;
184
	}
185
	if (!(aux = aux_get(x)))
186
		return 0;
187
	if (!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new()))
188
		return 0;
189
	return ASN1_STRING_set(aux->keyid, id, len);
190
2
}
191
192
unsigned char *
193
X509_alias_get0(X509 *x, int *len)
194
{
195

14
	if (!x->aux || !x->aux->alias)
196
4
		return NULL;
197
2
	if (len)
198
2
		*len = x->aux->alias->length;
199
2
	return x->aux->alias->data;
200
6
}
201
202
unsigned char *
203
X509_keyid_get0(X509 *x, int *len)
204
{
205

14
	if (!x->aux || !x->aux->keyid)
206
6
		return NULL;
207
	if (len)
208
		*len = x->aux->keyid->length;
209
	return x->aux->keyid->data;
210
6
}
211
212
int
213
X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj)
214
{
215
	X509_CERT_AUX *aux;
216
	ASN1_OBJECT *objtmp;
217
	int rc;
218
219
4
	if (!(objtmp = OBJ_dup(obj)))
220
		return 0;
221
2
	if (!(aux = aux_get(x)))
222
		goto err;
223

4
	if (!aux->trust && !(aux->trust = sk_ASN1_OBJECT_new_null()))
224
		goto err;
225
2
	rc = sk_ASN1_OBJECT_push(aux->trust, objtmp);
226
2
	if (rc != 0)
227
2
		return rc;
228
229
err:
230
	ASN1_OBJECT_free(objtmp);
231
	return 0;
232
2
}
233
234
int
235
X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj)
236
{
237
	X509_CERT_AUX *aux;
238
	ASN1_OBJECT *objtmp;
239
	int rc;
240
241
	if (!(objtmp = OBJ_dup(obj)))
242
		return 0;
243
	if (!(aux = aux_get(x)))
244
		goto err;
245
	if (!aux->reject && !(aux->reject = sk_ASN1_OBJECT_new_null()))
246
		goto err;
247
	rc = sk_ASN1_OBJECT_push(aux->reject, objtmp);
248
	if (rc != 0)
249
		return rc;
250
251
err:
252
	ASN1_OBJECT_free(objtmp);
253
	return 0;
254
}
255
256
void
257
X509_trust_clear(X509 *x)
258
{
259
	if (x->aux && x->aux->trust) {
260
		sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free);
261
		x->aux->trust = NULL;
262
	}
263
}
264
265
void
266
X509_reject_clear(X509 *x)
267
{
268
	if (x->aux && x->aux->reject) {
269
		sk_ASN1_OBJECT_pop_free(x->aux->reject, ASN1_OBJECT_free);
270
		x->aux->reject = NULL;
271
	}
272
}
273
274
static const ASN1_TEMPLATE X509_CERT_PAIR_seq_tt[] = {
275
	{
276
		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
277
		.tag = 0,
278
		.offset = offsetof(X509_CERT_PAIR, forward),
279
		.field_name = "forward",
280
		.item = &X509_it,
281
	},
282
	{
283
		.flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
284
		.tag = 1,
285
		.offset = offsetof(X509_CERT_PAIR, reverse),
286
		.field_name = "reverse",
287
		.item = &X509_it,
288
	},
289
};
290
291
const ASN1_ITEM X509_CERT_PAIR_it = {
292
	.itype = ASN1_ITYPE_SEQUENCE,
293
	.utype = V_ASN1_SEQUENCE,
294
	.templates = X509_CERT_PAIR_seq_tt,
295
	.tcount = sizeof(X509_CERT_PAIR_seq_tt) / sizeof(ASN1_TEMPLATE),
296
	.funcs = NULL,
297
	.size = sizeof(X509_CERT_PAIR),
298
	.sname = "X509_CERT_PAIR",
299
};
300
301
302
X509_CERT_PAIR *
303
d2i_X509_CERT_PAIR(X509_CERT_PAIR **a, const unsigned char **in, long len)
304
{
305
	return (X509_CERT_PAIR *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
306
	    &X509_CERT_PAIR_it);
307
}
308
309
int
310
i2d_X509_CERT_PAIR(X509_CERT_PAIR *a, unsigned char **out)
311
{
312
	return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_CERT_PAIR_it);
313
}
314
315
X509_CERT_PAIR *
316
X509_CERT_PAIR_new(void)
317
{
318
	return (X509_CERT_PAIR *)ASN1_item_new(&X509_CERT_PAIR_it);
319
}
320
321
void
322
X509_CERT_PAIR_free(X509_CERT_PAIR *a)
323
{
324
	ASN1_item_free((ASN1_VALUE *)a, &X509_CERT_PAIR_it);
325
}