summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509/x509_v3.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/x509/x509_v3.c')
-rw-r--r--src/lib/libcrypto/x509/x509_v3.c235
1 files changed, 134 insertions, 101 deletions
diff --git a/src/lib/libcrypto/x509/x509_v3.c b/src/lib/libcrypto/x509/x509_v3.c
index f41fab3367..cabace584b 100644
--- a/src/lib/libcrypto/x509/x509_v3.c
+++ b/src/lib/libcrypto/x509/x509_v3.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -65,202 +65,235 @@
65#include <openssl/x509.h> 65#include <openssl/x509.h>
66#include <openssl/x509v3.h> 66#include <openssl/x509v3.h>
67 67
68int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x) 68int
69X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x)
69{ 70{
70 if (x == NULL) return(0); 71 if (x == NULL)
71 return(sk_X509_EXTENSION_num(x)); 72 return (0);
73 return (sk_X509_EXTENSION_num(x));
72} 74}
73 75
74int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, int nid, 76int
75 int lastpos) 77X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, int nid, int lastpos)
76{ 78{
77 ASN1_OBJECT *obj; 79 ASN1_OBJECT *obj;
78 80
79 obj=OBJ_nid2obj(nid); 81 obj = OBJ_nid2obj(nid);
80 if (obj == NULL) return(-2); 82 if (obj == NULL)
81 return(X509v3_get_ext_by_OBJ(x,obj,lastpos)); 83 return (-2);
84 return (X509v3_get_ext_by_OBJ(x, obj, lastpos));
82} 85}
83 86
84int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *sk, ASN1_OBJECT *obj, 87int
85 int lastpos) 88X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *sk, ASN1_OBJECT *obj,
89 int lastpos)
86{ 90{
87 int n; 91 int n;
88 X509_EXTENSION *ex; 92 X509_EXTENSION *ex;
89 93
90 if (sk == NULL) return(-1); 94 if (sk == NULL)
95 return (-1);
91 lastpos++; 96 lastpos++;
92 if (lastpos < 0) 97 if (lastpos < 0)
93 lastpos=0; 98 lastpos = 0;
94 n=sk_X509_EXTENSION_num(sk); 99 n = sk_X509_EXTENSION_num(sk);
95 for ( ; lastpos < n; lastpos++) { 100 for (; lastpos < n; lastpos++) {
96 ex=sk_X509_EXTENSION_value(sk,lastpos); 101 ex = sk_X509_EXTENSION_value(sk, lastpos);
97 if (OBJ_cmp(ex->object,obj) == 0) 102 if (OBJ_cmp(ex->object, obj) == 0)
98 return(lastpos); 103 return (lastpos);
99 } 104 }
100 return(-1); 105 return (-1);
101} 106}
102 107
103int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *sk, int crit, 108int
104 int lastpos) 109X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *sk, int crit,
110 int lastpos)
105{ 111{
106 int n; 112 int n;
107 X509_EXTENSION *ex; 113 X509_EXTENSION *ex;
108 114
109 if (sk == NULL) return(-1); 115 if (sk == NULL)
116 return (-1);
110 lastpos++; 117 lastpos++;
111 if (lastpos < 0) 118 if (lastpos < 0)
112 lastpos=0; 119 lastpos = 0;
113 n=sk_X509_EXTENSION_num(sk); 120 n = sk_X509_EXTENSION_num(sk);
114 for ( ; lastpos < n; lastpos++) { 121 for (; lastpos < n; lastpos++) {
115 ex=sk_X509_EXTENSION_value(sk,lastpos); 122 ex = sk_X509_EXTENSION_value(sk, lastpos);
116 if ( ((ex->critical > 0) && crit) || 123 if (((ex->critical > 0) && crit) ||
117 ((ex->critical <= 0) && !crit)) 124 ((ex->critical <= 0) && !crit))
118 return(lastpos); 125 return (lastpos);
119 } 126 }
120 return(-1); 127 return (-1);
121} 128}
122 129
123X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc) 130X509_EXTENSION *
131X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc)
124{ 132{
125 if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0) 133 if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0)
126 return NULL; 134 return NULL;
127 else 135 else
128 return sk_X509_EXTENSION_value(x,loc); 136 return sk_X509_EXTENSION_value(x, loc);
129} 137}
130 138
131X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc) 139X509_EXTENSION *
140X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc)
132{ 141{
133 X509_EXTENSION *ret; 142 X509_EXTENSION *ret;
134 143
135 if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0) 144 if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0)
136 return(NULL); 145 return (NULL);
137 ret=sk_X509_EXTENSION_delete(x,loc); 146 ret = sk_X509_EXTENSION_delete(x, loc);
138 return(ret); 147 return (ret);
139} 148}
140 149
141STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, 150STACK_OF(X509_EXTENSION) *
142 X509_EXTENSION *ex, int loc) 151X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, X509_EXTENSION *ex, int loc)
143{ 152{
144 X509_EXTENSION *new_ex=NULL; 153 X509_EXTENSION *new_ex = NULL;
145 int n; 154 int n;
146 STACK_OF(X509_EXTENSION) *sk=NULL; 155 STACK_OF(X509_EXTENSION) *sk = NULL;
147 156
148 if (x == NULL) { 157 if (x == NULL) {
149 X509err(X509_F_X509V3_ADD_EXT,ERR_R_PASSED_NULL_PARAMETER); 158 X509err(X509_F_X509V3_ADD_EXT, ERR_R_PASSED_NULL_PARAMETER);
150 goto err2; 159 goto err2;
151 } 160 }
152 161
153 if (*x == NULL) { 162 if (*x == NULL) {
154 if ((sk=sk_X509_EXTENSION_new_null()) == NULL) 163 if ((sk = sk_X509_EXTENSION_new_null()) == NULL)
155 goto err; 164 goto err;
156 } else 165 } else
157 sk= *x; 166 sk= *x;
158 167
159 n=sk_X509_EXTENSION_num(sk); 168 n = sk_X509_EXTENSION_num(sk);
160 if (loc > n) loc=n; 169 if (loc > n)
161 else if (loc < 0) loc=n; 170 loc = n;
171 else if (loc < 0)
172 loc = n;
162 173
163 if ((new_ex=X509_EXTENSION_dup(ex)) == NULL) 174 if ((new_ex = X509_EXTENSION_dup(ex)) == NULL)
164 goto err2; 175 goto err2;
165 if (!sk_X509_EXTENSION_insert(sk,new_ex,loc)) 176 if (!sk_X509_EXTENSION_insert(sk, new_ex, loc))
166 goto err; 177 goto err;
167 if (*x == NULL) 178 if (*x == NULL)
168 *x=sk; 179 *x = sk;
169 return(sk); 180 return (sk);
181
170err: 182err:
171 X509err(X509_F_X509V3_ADD_EXT,ERR_R_MALLOC_FAILURE); 183 X509err(X509_F_X509V3_ADD_EXT, ERR_R_MALLOC_FAILURE);
172err2: 184err2:
173 if (new_ex != NULL) X509_EXTENSION_free(new_ex); 185 if (new_ex != NULL)
174 if (sk != NULL) sk_X509_EXTENSION_free(sk); 186 X509_EXTENSION_free(new_ex);
175 return(NULL); 187 if (sk != NULL)
188 sk_X509_EXTENSION_free(sk);
189 return (NULL);
176} 190}
177 191
178X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, int nid, 192X509_EXTENSION *
179 int crit, ASN1_OCTET_STRING *data) 193X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, int nid, int crit,
194 ASN1_OCTET_STRING *data)
180{ 195{
181 ASN1_OBJECT *obj; 196 ASN1_OBJECT *obj;
182 X509_EXTENSION *ret; 197 X509_EXTENSION *ret;
183 198
184 obj=OBJ_nid2obj(nid); 199 obj = OBJ_nid2obj(nid);
185 if (obj == NULL) { 200 if (obj == NULL) {
186 X509err(X509_F_X509_EXTENSION_CREATE_BY_NID,X509_R_UNKNOWN_NID); 201 X509err(X509_F_X509_EXTENSION_CREATE_BY_NID,
187 return(NULL); 202 X509_R_UNKNOWN_NID);
203 return (NULL);
188 } 204 }
189 ret=X509_EXTENSION_create_by_OBJ(ex,obj,crit,data); 205 ret = X509_EXTENSION_create_by_OBJ(ex, obj, crit, data);
190 if (ret == NULL) ASN1_OBJECT_free(obj); 206 if (ret == NULL)
191 return(ret); 207 ASN1_OBJECT_free(obj);
208 return (ret);
192} 209}
193 210
194X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, 211X509_EXTENSION *
195 ASN1_OBJECT *obj, int crit, ASN1_OCTET_STRING *data) 212X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, ASN1_OBJECT *obj, int crit,
213 ASN1_OCTET_STRING *data)
196{ 214{
197 X509_EXTENSION *ret; 215 X509_EXTENSION *ret;
198 216
199 if ((ex == NULL) || (*ex == NULL)) { 217 if ((ex == NULL) || (*ex == NULL)) {
200 if ((ret=X509_EXTENSION_new()) == NULL) 218 if ((ret = X509_EXTENSION_new()) == NULL) {
201 { 219 X509err(X509_F_X509_EXTENSION_CREATE_BY_OBJ,
202 X509err(X509_F_X509_EXTENSION_CREATE_BY_OBJ,ERR_R_MALLOC_FAILURE); 220 ERR_R_MALLOC_FAILURE);
203 return(NULL); 221 return (NULL);
204 } 222 }
205 } else 223 } else
206 ret= *ex; 224 ret= *ex;
207 225
208 if (!X509_EXTENSION_set_object(ret,obj)) 226 if (!X509_EXTENSION_set_object(ret, obj))
209 goto err; 227 goto err;
210 if (!X509_EXTENSION_set_critical(ret,crit)) 228 if (!X509_EXTENSION_set_critical(ret, crit))
211 goto err; 229 goto err;
212 if (!X509_EXTENSION_set_data(ret,data)) 230 if (!X509_EXTENSION_set_data(ret, data))
213 goto err; 231 goto err;
214 232
215 if ((ex != NULL) && (*ex == NULL)) *ex=ret; 233 if ((ex != NULL) && (*ex == NULL))
216 return(ret); 234 *ex = ret;
235 return (ret);
236
217err: 237err:
218 if ((ex == NULL) || (ret != *ex)) 238 if ((ex == NULL) || (ret != *ex))
219 X509_EXTENSION_free(ret); 239 X509_EXTENSION_free(ret);
220 return(NULL); 240 return (NULL);
221} 241}
222 242
223int X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj) 243int
244X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj)
224{ 245{
225 if ((ex == NULL) || (obj == NULL)) 246 if ((ex == NULL) || (obj == NULL))
226 return(0); 247 return (0);
227 ASN1_OBJECT_free(ex->object); 248 ASN1_OBJECT_free(ex->object);
228 ex->object=OBJ_dup(obj); 249 ex->object = OBJ_dup(obj);
229 return(1); 250 return (1);
230} 251}
231 252
232int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit) 253int
254X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit)
233{ 255{
234 if (ex == NULL) return(0); 256 if (ex == NULL)
235 ex->critical=(crit)?0xFF:-1; 257 return (0);
236 return(1); 258 ex->critical = (crit) ? 0xFF : -1;
259 return (1);
237} 260}
238 261
239int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data) 262int
263X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data)
240{ 264{
241 int i; 265 int i;
242 266
243 if (ex == NULL) return(0); 267 if (ex == NULL)
244 i=M_ASN1_OCTET_STRING_set(ex->value,data->data,data->length); 268 return (0);
245 if (!i) return(0); 269 i = M_ASN1_OCTET_STRING_set(ex->value, data->data, data->length);
246 return(1); 270 if (!i)
271 return (0);
272 return (1);
247} 273}
248 274
249ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex) 275ASN1_OBJECT *
276X509_EXTENSION_get_object(X509_EXTENSION *ex)
250{ 277{
251 if (ex == NULL) return(NULL); 278 if (ex == NULL)
252 return(ex->object); 279 return (NULL);
280 return (ex->object);
253} 281}
254 282
255ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ex) 283ASN1_OCTET_STRING *
284X509_EXTENSION_get_data(X509_EXTENSION *ex)
256{ 285{
257 if (ex == NULL) return(NULL); 286 if (ex == NULL)
258 return(ex->value); 287 return (NULL);
288 return (ex->value);
259} 289}
260 290
261int X509_EXTENSION_get_critical(X509_EXTENSION *ex) 291int
292X509_EXTENSION_get_critical(X509_EXTENSION *ex)
262{ 293{
263 if (ex == NULL) return(0); 294 if (ex == NULL)
264 if(ex->critical > 0) return 1; 295 return (0);
296 if (ex->critical > 0)
297 return 1;
265 return 0; 298 return 0;
266} 299}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-27 13:50:29 +0000