x509name.c 9.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358
  1. /*
  2. * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
  3. *
  4. * Licensed under the OpenSSL license (the "License"). You may not use
  5. * this file except in compliance with the License. You can obtain a copy
  6. * in the file LICENSE in the source distribution or at
  7. * https://www.openssl.org/source/license.html
  8. */
  9. #include <stdio.h>
  10. #include "internal/cryptlib.h"
  11. #include <openssl/safestack.h>
  12. #include <openssl/asn1.h>
  13. #include <openssl/objects.h>
  14. #include <openssl/evp.h>
  15. #include <openssl/x509.h>
  16. #include "internal/x509_int.h"
  17. int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len)
  18. {
  19. ASN1_OBJECT *obj;
  20. obj = OBJ_nid2obj(nid);
  21. if (obj == NULL)
  22. return -1;
  23. return X509_NAME_get_text_by_OBJ(name, obj, buf, len);
  24. }
  25. int X509_NAME_get_text_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, char *buf,
  26. int len)
  27. {
  28. int i;
  29. const ASN1_STRING *data;
  30. i = X509_NAME_get_index_by_OBJ(name, obj, -1);
  31. if (i < 0)
  32. return -1;
  33. data = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name, i));
  34. i = (data->length > (len - 1)) ? (len - 1) : data->length;
  35. if (buf == NULL)
  36. return data->length;
  37. memcpy(buf, data->data, i);
  38. buf[i] = '\0';
  39. return i;
  40. }
  41. int X509_NAME_entry_count(const X509_NAME *name)
  42. {
  43. if (name == NULL)
  44. return 0;
  45. return sk_X509_NAME_ENTRY_num(name->entries);
  46. }
  47. int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos)
  48. {
  49. ASN1_OBJECT *obj;
  50. obj = OBJ_nid2obj(nid);
  51. if (obj == NULL)
  52. return -2;
  53. return X509_NAME_get_index_by_OBJ(name, obj, lastpos);
  54. }
  55. /* NOTE: you should be passing -1, not 0 as lastpos */
  56. int X509_NAME_get_index_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, int lastpos)
  57. {
  58. int n;
  59. X509_NAME_ENTRY *ne;
  60. STACK_OF(X509_NAME_ENTRY) *sk;
  61. if (name == NULL)
  62. return -1;
  63. if (lastpos < 0)
  64. lastpos = -1;
  65. sk = name->entries;
  66. n = sk_X509_NAME_ENTRY_num(sk);
  67. for (lastpos++; lastpos < n; lastpos++) {
  68. ne = sk_X509_NAME_ENTRY_value(sk, lastpos);
  69. if (OBJ_cmp(ne->object, obj) == 0)
  70. return lastpos;
  71. }
  72. return -1;
  73. }
  74. X509_NAME_ENTRY *X509_NAME_get_entry(const X509_NAME *name, int loc)
  75. {
  76. if (name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc
  77. || loc < 0)
  78. return NULL;
  79. return sk_X509_NAME_ENTRY_value(name->entries, loc);
  80. }
  81. X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc)
  82. {
  83. X509_NAME_ENTRY *ret;
  84. int i, n, set_prev, set_next;
  85. STACK_OF(X509_NAME_ENTRY) *sk;
  86. if (name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc
  87. || loc < 0)
  88. return NULL;
  89. sk = name->entries;
  90. ret = sk_X509_NAME_ENTRY_delete(sk, loc);
  91. n = sk_X509_NAME_ENTRY_num(sk);
  92. name->modified = 1;
  93. if (loc == n)
  94. return ret;
  95. /* else we need to fixup the set field */
  96. if (loc != 0)
  97. set_prev = (sk_X509_NAME_ENTRY_value(sk, loc - 1))->set;
  98. else
  99. set_prev = ret->set - 1;
  100. set_next = sk_X509_NAME_ENTRY_value(sk, loc)->set;
  101. /*-
  102. * set_prev is the previous set
  103. * set is the current set
  104. * set_next is the following
  105. * prev 1 1 1 1 1 1 1 1
  106. * set 1 1 2 2
  107. * next 1 1 2 2 2 2 3 2
  108. * so basically only if prev and next differ by 2, then
  109. * re-number down by 1
  110. */
  111. if (set_prev + 1 < set_next)
  112. for (i = loc; i < n; i++)
  113. sk_X509_NAME_ENTRY_value(sk, i)->set--;
  114. return ret;
  115. }
  116. int X509_NAME_add_entry_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, int type,
  117. const unsigned char *bytes, int len, int loc,
  118. int set)
  119. {
  120. X509_NAME_ENTRY *ne;
  121. int ret;
  122. ne = X509_NAME_ENTRY_create_by_OBJ(NULL, obj, type, bytes, len);
  123. if (!ne)
  124. return 0;
  125. ret = X509_NAME_add_entry(name, ne, loc, set);
  126. X509_NAME_ENTRY_free(ne);
  127. return ret;
  128. }
  129. int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
  130. const unsigned char *bytes, int len, int loc,
  131. int set)
  132. {
  133. X509_NAME_ENTRY *ne;
  134. int ret;
  135. ne = X509_NAME_ENTRY_create_by_NID(NULL, nid, type, bytes, len);
  136. if (!ne)
  137. return 0;
  138. ret = X509_NAME_add_entry(name, ne, loc, set);
  139. X509_NAME_ENTRY_free(ne);
  140. return ret;
  141. }
  142. int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
  143. const unsigned char *bytes, int len, int loc,
  144. int set)
  145. {
  146. X509_NAME_ENTRY *ne;
  147. int ret;
  148. ne = X509_NAME_ENTRY_create_by_txt(NULL, field, type, bytes, len);
  149. if (!ne)
  150. return 0;
  151. ret = X509_NAME_add_entry(name, ne, loc, set);
  152. X509_NAME_ENTRY_free(ne);
  153. return ret;
  154. }
  155. /*
  156. * if set is -1, append to previous set, 0 'a new one', and 1, prepend to the
  157. * guy we are about to stomp on.
  158. */
  159. int X509_NAME_add_entry(X509_NAME *name, const X509_NAME_ENTRY *ne, int loc,
  160. int set)
  161. {
  162. X509_NAME_ENTRY *new_name = NULL;
  163. int n, i, inc;
  164. STACK_OF(X509_NAME_ENTRY) *sk;
  165. if (name == NULL)
  166. return 0;
  167. sk = name->entries;
  168. n = sk_X509_NAME_ENTRY_num(sk);
  169. if (loc > n)
  170. loc = n;
  171. else if (loc < 0)
  172. loc = n;
  173. inc = (set == 0);
  174. name->modified = 1;
  175. if (set == -1) {
  176. if (loc == 0) {
  177. set = 0;
  178. inc = 1;
  179. } else {
  180. set = sk_X509_NAME_ENTRY_value(sk, loc - 1)->set;
  181. }
  182. } else { /* if (set >= 0) */
  183. if (loc >= n) {
  184. if (loc != 0)
  185. set = sk_X509_NAME_ENTRY_value(sk, loc - 1)->set + 1;
  186. else
  187. set = 0;
  188. } else
  189. set = sk_X509_NAME_ENTRY_value(sk, loc)->set;
  190. }
  191. /*
  192. * X509_NAME_ENTRY_dup is ASN1 generated code, that can't be easily
  193. * const'ified; harmless cast since dup() don't modify its input.
  194. */
  195. if ((new_name = X509_NAME_ENTRY_dup((X509_NAME_ENTRY *)ne)) == NULL)
  196. goto err;
  197. new_name->set = set;
  198. if (!sk_X509_NAME_ENTRY_insert(sk, new_name, loc)) {
  199. X509err(X509_F_X509_NAME_ADD_ENTRY, ERR_R_MALLOC_FAILURE);
  200. goto err;
  201. }
  202. if (inc) {
  203. n = sk_X509_NAME_ENTRY_num(sk);
  204. for (i = loc + 1; i < n; i++)
  205. sk_X509_NAME_ENTRY_value(sk, i)->set += 1;
  206. }
  207. return 1;
  208. err:
  209. X509_NAME_ENTRY_free(new_name);
  210. return 0;
  211. }
  212. X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
  213. const char *field, int type,
  214. const unsigned char *bytes,
  215. int len)
  216. {
  217. ASN1_OBJECT *obj;
  218. X509_NAME_ENTRY *nentry;
  219. obj = OBJ_txt2obj(field, 0);
  220. if (obj == NULL) {
  221. X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_TXT,
  222. X509_R_INVALID_FIELD_NAME);
  223. ERR_add_error_data(2, "name=", field);
  224. return NULL;
  225. }
  226. nentry = X509_NAME_ENTRY_create_by_OBJ(ne, obj, type, bytes, len);
  227. ASN1_OBJECT_free(obj);
  228. return nentry;
  229. }
  230. X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
  231. int type,
  232. const unsigned char *bytes,
  233. int len)
  234. {
  235. ASN1_OBJECT *obj;
  236. X509_NAME_ENTRY *nentry;
  237. obj = OBJ_nid2obj(nid);
  238. if (obj == NULL) {
  239. X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID, X509_R_UNKNOWN_NID);
  240. return NULL;
  241. }
  242. nentry = X509_NAME_ENTRY_create_by_OBJ(ne, obj, type, bytes, len);
  243. ASN1_OBJECT_free(obj);
  244. return nentry;
  245. }
  246. X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
  247. const ASN1_OBJECT *obj, int type,
  248. const unsigned char *bytes,
  249. int len)
  250. {
  251. X509_NAME_ENTRY *ret;
  252. if ((ne == NULL) || (*ne == NULL)) {
  253. if ((ret = X509_NAME_ENTRY_new()) == NULL)
  254. return NULL;
  255. } else
  256. ret = *ne;
  257. if (!X509_NAME_ENTRY_set_object(ret, obj))
  258. goto err;
  259. if (!X509_NAME_ENTRY_set_data(ret, type, bytes, len))
  260. goto err;
  261. if ((ne != NULL) && (*ne == NULL))
  262. *ne = ret;
  263. return ret;
  264. err:
  265. if ((ne == NULL) || (ret != *ne))
  266. X509_NAME_ENTRY_free(ret);
  267. return NULL;
  268. }
  269. int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, const ASN1_OBJECT *obj)
  270. {
  271. if ((ne == NULL) || (obj == NULL)) {
  272. X509err(X509_F_X509_NAME_ENTRY_SET_OBJECT,
  273. ERR_R_PASSED_NULL_PARAMETER);
  274. return 0;
  275. }
  276. ASN1_OBJECT_free(ne->object);
  277. ne->object = OBJ_dup(obj);
  278. return ((ne->object == NULL) ? 0 : 1);
  279. }
  280. int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
  281. const unsigned char *bytes, int len)
  282. {
  283. int i;
  284. if ((ne == NULL) || ((bytes == NULL) && (len != 0)))
  285. return 0;
  286. if ((type > 0) && (type & MBSTRING_FLAG))
  287. return ASN1_STRING_set_by_NID(&ne->value, bytes,
  288. len, type,
  289. OBJ_obj2nid(ne->object)) ? 1 : 0;
  290. if (len < 0)
  291. len = strlen((const char *)bytes);
  292. i = ASN1_STRING_set(ne->value, bytes, len);
  293. if (!i)
  294. return 0;
  295. if (type != V_ASN1_UNDEF) {
  296. if (type == V_ASN1_APP_CHOOSE)
  297. ne->value->type = ASN1_PRINTABLE_type(bytes, len);
  298. else
  299. ne->value->type = type;
  300. }
  301. return 1;
  302. }
  303. ASN1_OBJECT *X509_NAME_ENTRY_get_object(const X509_NAME_ENTRY *ne)
  304. {
  305. if (ne == NULL)
  306. return NULL;
  307. return ne->object;
  308. }
  309. ASN1_STRING *X509_NAME_ENTRY_get_data(const X509_NAME_ENTRY *ne)
  310. {
  311. if (ne == NULL)
  312. return NULL;
  313. return ne->value;
  314. }
  315. int X509_NAME_ENTRY_set(const X509_NAME_ENTRY *ne)
  316. {
  317. return ne->set;
  318. }