2
0

x509_att.c 9.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329
  1. /*
  2. * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the OpenSSL license (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include "internal/cryptlib.h"
  11. #include <openssl/safestack.h>
  12. #include <openssl/asn1.h>
  13. #include <openssl/objects.h>
  14. #include <openssl/evp.h>
  15. #include <openssl/x509.h>
  16. #include <openssl/x509v3.h>
  17. #include "x509_lcl.h"
  18. int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x)
  19. {
  20. return sk_X509_ATTRIBUTE_num(x);
  21. }
  22. int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
  23. int lastpos)
  24. {
  25. const ASN1_OBJECT *obj = OBJ_nid2obj(nid);
  26. if (obj == NULL)
  27. return -2;
  28. return X509at_get_attr_by_OBJ(x, obj, lastpos);
  29. }
  30. int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
  31. const ASN1_OBJECT *obj, int lastpos)
  32. {
  33. int n;
  34. X509_ATTRIBUTE *ex;
  35. if (sk == NULL)
  36. return -1;
  37. lastpos++;
  38. if (lastpos < 0)
  39. lastpos = 0;
  40. n = sk_X509_ATTRIBUTE_num(sk);
  41. for (; lastpos < n; lastpos++) {
  42. ex = sk_X509_ATTRIBUTE_value(sk, lastpos);
  43. if (OBJ_cmp(ex->object, obj) == 0)
  44. return lastpos;
  45. }
  46. return -1;
  47. }
  48. X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc)
  49. {
  50. if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0)
  51. return NULL;
  52. return sk_X509_ATTRIBUTE_value(x, loc);
  53. }
  54. X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc)
  55. {
  56. X509_ATTRIBUTE *ret;
  57. if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0)
  58. return NULL;
  59. ret = sk_X509_ATTRIBUTE_delete(x, loc);
  60. return ret;
  61. }
  62. STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
  63. X509_ATTRIBUTE *attr)
  64. {
  65. X509_ATTRIBUTE *new_attr = NULL;
  66. STACK_OF(X509_ATTRIBUTE) *sk = NULL;
  67. if (x == NULL) {
  68. X509err(X509_F_X509AT_ADD1_ATTR, ERR_R_PASSED_NULL_PARAMETER);
  69. goto err2;
  70. }
  71. if (*x == NULL) {
  72. if ((sk = sk_X509_ATTRIBUTE_new_null()) == NULL)
  73. goto err;
  74. } else
  75. sk = *x;
  76. if ((new_attr = X509_ATTRIBUTE_dup(attr)) == NULL)
  77. goto err2;
  78. if (!sk_X509_ATTRIBUTE_push(sk, new_attr))
  79. goto err;
  80. if (*x == NULL)
  81. *x = sk;
  82. return sk;
  83. err:
  84. X509err(X509_F_X509AT_ADD1_ATTR, ERR_R_MALLOC_FAILURE);
  85. err2:
  86. X509_ATTRIBUTE_free(new_attr);
  87. sk_X509_ATTRIBUTE_free(sk);
  88. return NULL;
  89. }
  90. STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE)
  91. **x, const ASN1_OBJECT *obj,
  92. int type,
  93. const unsigned char *bytes,
  94. int len)
  95. {
  96. X509_ATTRIBUTE *attr;
  97. STACK_OF(X509_ATTRIBUTE) *ret;
  98. attr = X509_ATTRIBUTE_create_by_OBJ(NULL, obj, type, bytes, len);
  99. if (!attr)
  100. return 0;
  101. ret = X509at_add1_attr(x, attr);
  102. X509_ATTRIBUTE_free(attr);
  103. return ret;
  104. }
  105. STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE)
  106. **x, int nid, int type,
  107. const unsigned char *bytes,
  108. int len)
  109. {
  110. X509_ATTRIBUTE *attr;
  111. STACK_OF(X509_ATTRIBUTE) *ret;
  112. attr = X509_ATTRIBUTE_create_by_NID(NULL, nid, type, bytes, len);
  113. if (!attr)
  114. return 0;
  115. ret = X509at_add1_attr(x, attr);
  116. X509_ATTRIBUTE_free(attr);
  117. return ret;
  118. }
  119. STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE)
  120. **x, const char *attrname,
  121. int type,
  122. const unsigned char *bytes,
  123. int len)
  124. {
  125. X509_ATTRIBUTE *attr;
  126. STACK_OF(X509_ATTRIBUTE) *ret;
  127. attr = X509_ATTRIBUTE_create_by_txt(NULL, attrname, type, bytes, len);
  128. if (!attr)
  129. return 0;
  130. ret = X509at_add1_attr(x, attr);
  131. X509_ATTRIBUTE_free(attr);
  132. return ret;
  133. }
  134. void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
  135. const ASN1_OBJECT *obj, int lastpos, int type)
  136. {
  137. int i;
  138. X509_ATTRIBUTE *at;
  139. i = X509at_get_attr_by_OBJ(x, obj, lastpos);
  140. if (i == -1)
  141. return NULL;
  142. if ((lastpos <= -2) && (X509at_get_attr_by_OBJ(x, obj, i) != -1))
  143. return NULL;
  144. at = X509at_get_attr(x, i);
  145. if (lastpos <= -3 && (X509_ATTRIBUTE_count(at) != 1))
  146. return NULL;
  147. return X509_ATTRIBUTE_get0_data(at, 0, type, NULL);
  148. }
  149. X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
  150. int atrtype, const void *data,
  151. int len)
  152. {
  153. ASN1_OBJECT *obj;
  154. X509_ATTRIBUTE *ret;
  155. obj = OBJ_nid2obj(nid);
  156. if (obj == NULL) {
  157. X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_NID, X509_R_UNKNOWN_NID);
  158. return NULL;
  159. }
  160. ret = X509_ATTRIBUTE_create_by_OBJ(attr, obj, atrtype, data, len);
  161. if (ret == NULL)
  162. ASN1_OBJECT_free(obj);
  163. return ret;
  164. }
  165. X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
  166. const ASN1_OBJECT *obj,
  167. int atrtype, const void *data,
  168. int len)
  169. {
  170. X509_ATTRIBUTE *ret;
  171. if ((attr == NULL) || (*attr == NULL)) {
  172. if ((ret = X509_ATTRIBUTE_new()) == NULL) {
  173. X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ,
  174. ERR_R_MALLOC_FAILURE);
  175. return NULL;
  176. }
  177. } else
  178. ret = *attr;
  179. if (!X509_ATTRIBUTE_set1_object(ret, obj))
  180. goto err;
  181. if (!X509_ATTRIBUTE_set1_data(ret, atrtype, data, len))
  182. goto err;
  183. if ((attr != NULL) && (*attr == NULL))
  184. *attr = ret;
  185. return ret;
  186. err:
  187. if ((attr == NULL) || (ret != *attr))
  188. X509_ATTRIBUTE_free(ret);
  189. return NULL;
  190. }
  191. X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
  192. const char *atrname, int type,
  193. const unsigned char *bytes,
  194. int len)
  195. {
  196. ASN1_OBJECT *obj;
  197. X509_ATTRIBUTE *nattr;
  198. obj = OBJ_txt2obj(atrname, 0);
  199. if (obj == NULL) {
  200. X509err(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT,
  201. X509_R_INVALID_FIELD_NAME);
  202. ERR_add_error_data(2, "name=", atrname);
  203. return NULL;
  204. }
  205. nattr = X509_ATTRIBUTE_create_by_OBJ(attr, obj, type, bytes, len);
  206. ASN1_OBJECT_free(obj);
  207. return nattr;
  208. }
  209. int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj)
  210. {
  211. if ((attr == NULL) || (obj == NULL))
  212. return 0;
  213. ASN1_OBJECT_free(attr->object);
  214. attr->object = OBJ_dup(obj);
  215. return attr->object != NULL;
  216. }
  217. int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype,
  218. const void *data, int len)
  219. {
  220. ASN1_TYPE *ttmp = NULL;
  221. ASN1_STRING *stmp = NULL;
  222. int atype = 0;
  223. if (!attr)
  224. return 0;
  225. if (attrtype & MBSTRING_FLAG) {
  226. stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype,
  227. OBJ_obj2nid(attr->object));
  228. if (!stmp) {
  229. X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_ASN1_LIB);
  230. return 0;
  231. }
  232. atype = stmp->type;
  233. } else if (len != -1) {
  234. if ((stmp = ASN1_STRING_type_new(attrtype)) == NULL)
  235. goto err;
  236. if (!ASN1_STRING_set(stmp, data, len))
  237. goto err;
  238. atype = attrtype;
  239. }
  240. /*
  241. * This is a bit naughty because the attribute should really have at
  242. * least one value but some types use and zero length SET and require
  243. * this.
  244. */
  245. if (attrtype == 0) {
  246. ASN1_STRING_free(stmp);
  247. return 1;
  248. }
  249. if ((ttmp = ASN1_TYPE_new()) == NULL)
  250. goto err;
  251. if ((len == -1) && !(attrtype & MBSTRING_FLAG)) {
  252. if (!ASN1_TYPE_set1(ttmp, attrtype, data))
  253. goto err;
  254. } else {
  255. ASN1_TYPE_set(ttmp, atype, stmp);
  256. stmp = NULL;
  257. }
  258. if (!sk_ASN1_TYPE_push(attr->set, ttmp))
  259. goto err;
  260. return 1;
  261. err:
  262. X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_MALLOC_FAILURE);
  263. ASN1_TYPE_free(ttmp);
  264. ASN1_STRING_free(stmp);
  265. return 0;
  266. }
  267. int X509_ATTRIBUTE_count(const X509_ATTRIBUTE *attr)
  268. {
  269. if (attr == NULL)
  270. return 0;
  271. return sk_ASN1_TYPE_num(attr->set);
  272. }
  273. ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr)
  274. {
  275. if (attr == NULL)
  276. return NULL;
  277. return attr->object;
  278. }
  279. void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx,
  280. int atrtype, void *data)
  281. {
  282. ASN1_TYPE *ttmp;
  283. ttmp = X509_ATTRIBUTE_get0_type(attr, idx);
  284. if (!ttmp)
  285. return NULL;
  286. if (atrtype != ASN1_TYPE_get(ttmp)) {
  287. X509err(X509_F_X509_ATTRIBUTE_GET0_DATA, X509_R_WRONG_TYPE);
  288. return NULL;
  289. }
  290. return ttmp->value.ptr;
  291. }
  292. ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx)
  293. {
  294. if (attr == NULL)
  295. return NULL;
  296. return sk_ASN1_TYPE_value(attr->set, idx);
  297. }