kris
/
boringssl
1
0
Forka 0
Codice Problemi 0 Pull Requests 0 Rilasci 0 Wiki Attività
Non puoi selezionare più di 25 argomenti Gli argomenti devono iniziare con una lettera o un numero, possono includere trattini ('-') e possono essere lunghi fino a 35 caratteri.
5667 Commit
12 Rami (Branch)
38 MiB
 
 
 
 
 
 
Albero (Tree): 9978f0a865
Rami (Branch) Tag
${ item.name }
Crea branch ${ searchTerm }
da '9978f0a865'
${ noResults }
boringssl/crypto/x509/x509_v3.c

279 righe
8.4 KiB
Originale Blame Cronologia 

  1. /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

  2.  * All rights reserved.

  3.  *

  4.  * This package is an SSL implementation written

  5.  * by Eric Young (eay@cryptsoft.com).

  6.  * The implementation was written so as to conform with Netscapes SSL.

  7.  *

  8.  * This library is free for commercial and non-commercial use as long as

  9.  * the following conditions are aheared to.  The following conditions

  10.  * apply to all code found in this distribution, be it the RC4, RSA,

  11.  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation

  12.  * included with this distribution is covered by the same copyright terms

  13.  * except that the holder is Tim Hudson (tjh@cryptsoft.com).

  14.  *

  15.  * Copyright remains Eric Young's, and as such any Copyright notices in

  16.  * the code are not to be removed.

  17.  * If this package is used in a product, Eric Young should be given attribution

  18.  * as the author of the parts of the library used.

  19.  * This can be in the form of a textual message at program startup or

  20.  * in documentation (online or textual) provided with the package.

  21.  *

  22.  * Redistribution and use in source and binary forms, with or without

  23.  * modification, are permitted provided that the following conditions

  24.  * are met:

  25.  * 1. Redistributions of source code must retain the copyright

  26.  *    notice, this list of conditions and the following disclaimer.

  27.  * 2. Redistributions in binary form must reproduce the above copyright

  28.  *    notice, this list of conditions and the following disclaimer in the

  29.  *    documentation and/or other materials provided with the distribution.

  30.  * 3. All advertising materials mentioning features or use of this software

  31.  *    must display the following acknowledgement:

  32.  *    "This product includes cryptographic software written by

  33.  *     Eric Young (eay@cryptsoft.com)"

  34.  *    The word 'cryptographic' can be left out if the rouines from the library

  35.  *    being used are not cryptographic related :-).

  36.  * 4. If you include any Windows specific code (or a derivative thereof) from

  37.  *    the apps directory (application code) you must include an acknowledgement:

  38.  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

  39.  *

  40.  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND

  41.  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE

  42.  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

  43.  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE

  44.  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL

  45.  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS

  46.  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)

  47.  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT

  48.  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY

  49.  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF

  50.  * SUCH DAMAGE.

  51.  *

  52.  * The licence and distribution terms for any publically available version or

  53.  * derivative of this code cannot be changed.  i.e. this code cannot simply be

  54.  * copied and put under another distribution licence

  55.  * [including the GNU Public Licence.] */

  56. 

  57. #include <openssl/asn1.h>

  58. #include <openssl/err.h>

  59. #include <openssl/evp.h>

  60. #include <openssl/obj.h>

  61. #include <openssl/stack.h>

  62. #include <openssl/x509.h>

  63. #include <openssl/x509v3.h>

  64. 

  65. int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x)

  66. {

  67.     if (x == NULL)

  68.         return (0);

  69.     return (sk_X509_EXTENSION_num(x));

  70. }

  71. 

  72. int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, int nid,

  73.                           int lastpos)

  74. {

  75.     const ASN1_OBJECT *obj;

  76. 

  77.     obj = OBJ_nid2obj(nid);

  78.     if (obj == NULL)

  79.         return (-2);

  80.     return (X509v3_get_ext_by_OBJ(x, obj, lastpos));

  81. }

  82. 

  83. int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *sk,

  84.                           const ASN1_OBJECT *obj, int lastpos)

  85. {

  86.     int n;

  87.     X509_EXTENSION *ex;

  88. 

  89.     if (sk == NULL)

  90.         return (-1);

  91.     lastpos++;

  92.     if (lastpos < 0)

  93.         lastpos = 0;

  94.     n = sk_X509_EXTENSION_num(sk);

  95.     for (; lastpos < n; lastpos++) {

  96.         ex = sk_X509_EXTENSION_value(sk, lastpos);

  97.         if (OBJ_cmp(ex->object, obj) == 0)

  98.             return (lastpos);

  99.     }

  100.     return (-1);

  101. }

  102. 

  103. int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *sk, int crit,

  104.                                int lastpos)

  105. {

  106.     int n;

  107.     X509_EXTENSION *ex;

  108. 

  109.     if (sk == NULL)

  110.         return (-1);

  111.     lastpos++;

  112.     if (lastpos < 0)

  113.         lastpos = 0;

  114.     n = sk_X509_EXTENSION_num(sk);

  115.     for (; lastpos < n; lastpos++) {

  116.         ex = sk_X509_EXTENSION_value(sk, lastpos);

  117.         if (((ex->critical > 0) && crit) || ((ex->critical <= 0) && !crit))

  118.             return (lastpos);

  119.     }

  120.     return (-1);

  121. }

  122. 

  123. X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc)

  124. {

  125.     if (x == NULL || loc < 0 || sk_X509_EXTENSION_num(x) <= (size_t)loc)

  126.         return NULL;

  127.     else

  128.         return sk_X509_EXTENSION_value(x, loc);

  129. }

  130. 

  131. X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc)

  132. {

  133.     X509_EXTENSION *ret;

  134. 

  135.     if (x == NULL || loc < 0 || sk_X509_EXTENSION_num(x) <= (size_t)loc)

  136.         return (NULL);

  137.     ret = sk_X509_EXTENSION_delete(x, loc);

  138.     return (ret);

  139. }

  140. 

  141. STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,

  142.                                          X509_EXTENSION *ex, int loc)

  143. {

  144.     X509_EXTENSION *new_ex = NULL;

  145.     int n;

  146.     STACK_OF(X509_EXTENSION) *sk = NULL;

  147. 

  148.     if (x == NULL) {

  149.         OPENSSL_PUT_ERROR(X509, ERR_R_PASSED_NULL_PARAMETER);

  150.         goto err2;

  151.     }

  152. 

  153.     if (*x == NULL) {

  154.         if ((sk = sk_X509_EXTENSION_new_null()) == NULL)

  155.             goto err;

  156.     } else

  157.         sk = *x;

  158. 

  159.     n = sk_X509_EXTENSION_num(sk);

  160.     if (loc > n)

  161.         loc = n;

  162.     else if (loc < 0)

  163.         loc = n;

  164. 

  165.     if ((new_ex = X509_EXTENSION_dup(ex)) == NULL)

  166.         goto err2;

  167.     if (!sk_X509_EXTENSION_insert(sk, new_ex, loc))

  168.         goto err;

  169.     if (*x == NULL)

  170.         *x = sk;

  171.     return (sk);

  172.  err:

  173.     OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);

  174.  err2:

  175.     if (new_ex != NULL)

  176.         X509_EXTENSION_free(new_ex);

  177.     if (sk != NULL)

  178.         sk_X509_EXTENSION_free(sk);

  179.     return (NULL);

  180. }

  181. 

  182. X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, int nid,

  183.                                              int crit,

  184.                                              ASN1_OCTET_STRING *data)

  185. {

  186.     const ASN1_OBJECT *obj;

  187.     X509_EXTENSION *ret;

  188. 

  189.     obj = OBJ_nid2obj(nid);

  190.     if (obj == NULL) {

  191.         OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_NID);

  192.         return (NULL);

  193.     }

  194.     ret = X509_EXTENSION_create_by_OBJ(ex, obj, crit, data);

  195.     return (ret);

  196. }

  197. 

  198. X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,

  199.                                              const ASN1_OBJECT *obj, int crit,

  200.                                              ASN1_OCTET_STRING *data)

  201. {

  202.     X509_EXTENSION *ret;

  203. 

  204.     if ((ex == NULL) || (*ex == NULL)) {

  205.         if ((ret = X509_EXTENSION_new()) == NULL) {

  206.             OPENSSL_PUT_ERROR(X509, ERR_R_MALLOC_FAILURE);

  207.             return (NULL);

  208.         }

  209.     } else

  210.         ret = *ex;

  211. 

  212.     if (!X509_EXTENSION_set_object(ret, obj))

  213.         goto err;

  214.     if (!X509_EXTENSION_set_critical(ret, crit))

  215.         goto err;

  216.     if (!X509_EXTENSION_set_data(ret, data))

  217.         goto err;

  218. 

  219.     if ((ex != NULL) && (*ex == NULL))

  220.         *ex = ret;

  221.     return (ret);

  222.  err:

  223.     if ((ex == NULL) || (ret != *ex))

  224.         X509_EXTENSION_free(ret);

  225.     return (NULL);

  226. }

  227. 

  228. int X509_EXTENSION_set_object(X509_EXTENSION *ex, const ASN1_OBJECT *obj)

  229. {

  230.     if ((ex == NULL) || (obj == NULL))

  231.         return (0);

  232.     ASN1_OBJECT_free(ex->object);

  233.     ex->object = OBJ_dup(obj);

  234.     return ex->object != NULL;

  235. }

  236. 

  237. int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit)

  238. {

  239.     if (ex == NULL)

  240.         return (0);

  241.     ex->critical = (crit) ? 0xFF : -1;

  242.     return (1);

  243. }

  244. 

  245. int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data)

  246. {

  247.     int i;

  248. 

  249.     if (ex == NULL)

  250.         return (0);

  251.     i = M_ASN1_OCTET_STRING_set(ex->value, data->data, data->length);

  252.     if (!i)

  253.         return (0);

  254.     return (1);

  255. }

  256. 

  257. ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex)

  258. {

  259.     if (ex == NULL)

  260.         return (NULL);

  261.     return (ex->object);

  262. }

  263. 

  264. ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ex)

  265. {

  266.     if (ex == NULL)

  267.         return (NULL);

  268.     return (ex->value);

  269. }

  270. 

  271. int X509_EXTENSION_get_critical(X509_EXTENSION *ex)

  272. {

  273.     if (ex == NULL)

  274.         return (0);

  275.     if (ex->critical > 0)

  276.         return 1;

  277.     return 0;

  278. }