• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * Copyright 1995-2021 The OpenSSL Project Authors. All Rights Reserved.
3  *
4  * Licensed under the Apache License 2.0 (the "License").  You may not use
5  * this file except in compliance with the License.  You can obtain a copy
6  * in the file LICENSE in the source distribution or at
7  * https://www.openssl.org/source/license.html
8  */
9 
10 #include <stdio.h>
11 #include "internal/cryptlib.h"
12 #include <openssl/safestack.h>
13 #include <openssl/asn1.h>
14 #include <openssl/objects.h>
15 #include <openssl/evp.h>
16 #include <openssl/x509.h>
17 #include <openssl/x509v3.h>
18 #include "crypto/x509.h"
19 #include "x509_local.h"
20 
X509at_get_attr_count(const STACK_OF (X509_ATTRIBUTE)* x)21 int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x)
22 {
23     return sk_X509_ATTRIBUTE_num(x);
24 }
25 
X509at_get_attr_by_NID(const STACK_OF (X509_ATTRIBUTE)* x,int nid,int lastpos)26 int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
27                            int lastpos)
28 {
29     const ASN1_OBJECT *obj = OBJ_nid2obj(nid);
30 
31     if (obj == NULL)
32         return -2;
33     return X509at_get_attr_by_OBJ(x, obj, lastpos);
34 }
35 
X509at_get_attr_by_OBJ(const STACK_OF (X509_ATTRIBUTE)* sk,const ASN1_OBJECT * obj,int lastpos)36 int X509at_get_attr_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *sk,
37                            const ASN1_OBJECT *obj, int lastpos)
38 {
39     int n;
40     X509_ATTRIBUTE *ex;
41 
42     if (sk == NULL)
43         return -1;
44     lastpos++;
45     if (lastpos < 0)
46         lastpos = 0;
47     n = sk_X509_ATTRIBUTE_num(sk);
48     for (; lastpos < n; lastpos++) {
49         ex = sk_X509_ATTRIBUTE_value(sk, lastpos);
50         if (OBJ_cmp(ex->object, obj) == 0)
51             return lastpos;
52     }
53     return -1;
54 }
55 
X509at_get_attr(const STACK_OF (X509_ATTRIBUTE)* x,int loc)56 X509_ATTRIBUTE *X509at_get_attr(const STACK_OF(X509_ATTRIBUTE) *x, int loc)
57 {
58     if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0)
59         return NULL;
60 
61     return sk_X509_ATTRIBUTE_value(x, loc);
62 }
63 
X509at_delete_attr(STACK_OF (X509_ATTRIBUTE)* x,int loc)64 X509_ATTRIBUTE *X509at_delete_attr(STACK_OF(X509_ATTRIBUTE) *x, int loc)
65 {
66     X509_ATTRIBUTE *ret;
67 
68     if (x == NULL || sk_X509_ATTRIBUTE_num(x) <= loc || loc < 0)
69         return NULL;
70     ret = sk_X509_ATTRIBUTE_delete(x, loc);
71     return ret;
72 }
73 
STACK_OF(X509_ATTRIBUTE)74 STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
75                                            X509_ATTRIBUTE *attr)
76 {
77     X509_ATTRIBUTE *new_attr = NULL;
78     STACK_OF(X509_ATTRIBUTE) *sk = NULL;
79 
80     if (x == NULL) {
81         ERR_raise(ERR_LIB_X509, ERR_R_PASSED_NULL_PARAMETER);
82         return NULL;
83     }
84 
85     if (*x == NULL) {
86         if ((sk = sk_X509_ATTRIBUTE_new_null()) == NULL)
87             goto err;
88     } else {
89         sk = *x;
90     }
91 
92     if ((new_attr = X509_ATTRIBUTE_dup(attr)) == NULL)
93         goto err2;
94     if (!sk_X509_ATTRIBUTE_push(sk, new_attr))
95         goto err;
96     if (*x == NULL)
97         *x = sk;
98     return sk;
99  err:
100     ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
101  err2:
102     X509_ATTRIBUTE_free(new_attr);
103     if (*x == NULL)
104         sk_X509_ATTRIBUTE_free(sk);
105     return NULL;
106 }
107 
STACK_OF(X509_ATTRIBUTE)108 STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_OBJ(STACK_OF(X509_ATTRIBUTE)
109                                                   **x, const ASN1_OBJECT *obj,
110                                                   int type,
111                                                   const unsigned char *bytes,
112                                                   int len)
113 {
114     X509_ATTRIBUTE *attr;
115     STACK_OF(X509_ATTRIBUTE) *ret;
116     attr = X509_ATTRIBUTE_create_by_OBJ(NULL, obj, type, bytes, len);
117     if (!attr)
118         return 0;
119     ret = X509at_add1_attr(x, attr);
120     X509_ATTRIBUTE_free(attr);
121     return ret;
122 }
123 
STACK_OF(X509_ATTRIBUTE)124 STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE)
125                                                   **x, int nid, int type,
126                                                   const unsigned char *bytes,
127                                                   int len)
128 {
129     X509_ATTRIBUTE *attr;
130     STACK_OF(X509_ATTRIBUTE) *ret;
131     attr = X509_ATTRIBUTE_create_by_NID(NULL, nid, type, bytes, len);
132     if (!attr)
133         return 0;
134     ret = X509at_add1_attr(x, attr);
135     X509_ATTRIBUTE_free(attr);
136     return ret;
137 }
138 
STACK_OF(X509_ATTRIBUTE)139 STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE)
140                                                   **x, const char *attrname,
141                                                   int type,
142                                                   const unsigned char *bytes,
143                                                   int len)
144 {
145     X509_ATTRIBUTE *attr;
146     STACK_OF(X509_ATTRIBUTE) *ret;
147     attr = X509_ATTRIBUTE_create_by_txt(NULL, attrname, type, bytes, len);
148     if (!attr)
149         return 0;
150     ret = X509at_add1_attr(x, attr);
151     X509_ATTRIBUTE_free(attr);
152     return ret;
153 }
154 
X509at_get0_data_by_OBJ(const STACK_OF (X509_ATTRIBUTE)* x,const ASN1_OBJECT * obj,int lastpos,int type)155 void *X509at_get0_data_by_OBJ(const STACK_OF(X509_ATTRIBUTE) *x,
156                               const ASN1_OBJECT *obj, int lastpos, int type)
157 {
158     int i;
159     X509_ATTRIBUTE *at;
160     i = X509at_get_attr_by_OBJ(x, obj, lastpos);
161     if (i == -1)
162         return NULL;
163     if ((lastpos <= -2) && (X509at_get_attr_by_OBJ(x, obj, i) != -1))
164         return NULL;
165     at = X509at_get_attr(x, i);
166     if (lastpos <= -3 && (X509_ATTRIBUTE_count(at) != 1))
167         return NULL;
168     return X509_ATTRIBUTE_get0_data(at, 0, type, NULL);
169 }
170 
STACK_OF(X509_ATTRIBUTE)171 STACK_OF(X509_ATTRIBUTE) *ossl_x509at_dup(const STACK_OF(X509_ATTRIBUTE) *x)
172 {
173     int i, n;
174     STACK_OF(X509_ATTRIBUTE) *sk = NULL;
175 
176     n = sk_X509_ATTRIBUTE_num(x);
177     for (i = 0; i < n; ++i) {
178         X509_ATTRIBUTE *attr = sk_X509_ATTRIBUTE_value(x, i);
179 
180         if (X509at_add1_attr(&sk, attr) == NULL) {
181             sk_X509_ATTRIBUTE_pop_free(sk, X509_ATTRIBUTE_free);
182             return NULL;
183         }
184     }
185     return sk;
186 }
187 
X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE ** attr,int nid,int atrtype,const void * data,int len)188 X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
189                                              int atrtype, const void *data,
190                                              int len)
191 {
192     ASN1_OBJECT *obj;
193     X509_ATTRIBUTE *ret;
194 
195     obj = OBJ_nid2obj(nid);
196     if (obj == NULL) {
197         ERR_raise(ERR_LIB_X509, X509_R_UNKNOWN_NID);
198         return NULL;
199     }
200     ret = X509_ATTRIBUTE_create_by_OBJ(attr, obj, atrtype, data, len);
201     if (ret == NULL)
202         ASN1_OBJECT_free(obj);
203     return ret;
204 }
205 
X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE ** attr,const ASN1_OBJECT * obj,int atrtype,const void * data,int len)206 X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
207                                              const ASN1_OBJECT *obj,
208                                              int atrtype, const void *data,
209                                              int len)
210 {
211     X509_ATTRIBUTE *ret;
212 
213     if ((attr == NULL) || (*attr == NULL)) {
214         if ((ret = X509_ATTRIBUTE_new()) == NULL) {
215             ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
216             return NULL;
217         }
218     } else
219         ret = *attr;
220 
221     if (!X509_ATTRIBUTE_set1_object(ret, obj))
222         goto err;
223     if (!X509_ATTRIBUTE_set1_data(ret, atrtype, data, len))
224         goto err;
225 
226     if ((attr != NULL) && (*attr == NULL))
227         *attr = ret;
228     return ret;
229  err:
230     if ((attr == NULL) || (ret != *attr))
231         X509_ATTRIBUTE_free(ret);
232     return NULL;
233 }
234 
X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE ** attr,const char * atrname,int type,const unsigned char * bytes,int len)235 X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
236                                              const char *atrname, int type,
237                                              const unsigned char *bytes,
238                                              int len)
239 {
240     ASN1_OBJECT *obj;
241     X509_ATTRIBUTE *nattr;
242 
243     obj = OBJ_txt2obj(atrname, 0);
244     if (obj == NULL) {
245         ERR_raise_data(ERR_LIB_X509, X509_R_INVALID_FIELD_NAME,
246                        "name=%s", atrname);
247         return NULL;
248     }
249     nattr = X509_ATTRIBUTE_create_by_OBJ(attr, obj, type, bytes, len);
250     ASN1_OBJECT_free(obj);
251     return nattr;
252 }
253 
X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE * attr,const ASN1_OBJECT * obj)254 int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj)
255 {
256     if ((attr == NULL) || (obj == NULL))
257         return 0;
258     ASN1_OBJECT_free(attr->object);
259     attr->object = OBJ_dup(obj);
260     return attr->object != NULL;
261 }
262 
X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE * attr,int attrtype,const void * data,int len)263 int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype,
264                              const void *data, int len)
265 {
266     ASN1_TYPE *ttmp = NULL;
267     ASN1_STRING *stmp = NULL;
268     int atype = 0;
269     if (!attr)
270         return 0;
271     if (attrtype & MBSTRING_FLAG) {
272         stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype,
273                                       OBJ_obj2nid(attr->object));
274         if (!stmp) {
275             ERR_raise(ERR_LIB_X509, ERR_R_ASN1_LIB);
276             return 0;
277         }
278         atype = stmp->type;
279     } else if (len != -1) {
280         if ((stmp = ASN1_STRING_type_new(attrtype)) == NULL)
281             goto err;
282         if (!ASN1_STRING_set(stmp, data, len))
283             goto err;
284         atype = attrtype;
285     }
286     /*
287      * This is a bit naughty because the attribute should really have at
288      * least one value but some types use and zero length SET and require
289      * this.
290      */
291     if (attrtype == 0) {
292         ASN1_STRING_free(stmp);
293         return 1;
294     }
295     if ((ttmp = ASN1_TYPE_new()) == NULL)
296         goto err;
297     if ((len == -1) && !(attrtype & MBSTRING_FLAG)) {
298         if (!ASN1_TYPE_set1(ttmp, attrtype, data))
299             goto err;
300     } else {
301         ASN1_TYPE_set(ttmp, atype, stmp);
302         stmp = NULL;
303     }
304     if (!sk_ASN1_TYPE_push(attr->set, ttmp))
305         goto err;
306     return 1;
307  err:
308     ERR_raise(ERR_LIB_X509, ERR_R_MALLOC_FAILURE);
309     ASN1_TYPE_free(ttmp);
310     ASN1_STRING_free(stmp);
311     return 0;
312 }
313 
X509_ATTRIBUTE_count(const X509_ATTRIBUTE * attr)314 int X509_ATTRIBUTE_count(const X509_ATTRIBUTE *attr)
315 {
316     if (attr == NULL)
317         return 0;
318     return sk_ASN1_TYPE_num(attr->set);
319 }
320 
X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE * attr)321 ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr)
322 {
323     if (attr == NULL)
324         return NULL;
325     return attr->object;
326 }
327 
X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE * attr,int idx,int atrtype,void * data)328 void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx,
329                                int atrtype, void *data)
330 {
331     ASN1_TYPE *ttmp;
332     ttmp = X509_ATTRIBUTE_get0_type(attr, idx);
333     if (!ttmp)
334         return NULL;
335     if (atrtype == V_ASN1_BOOLEAN
336             || atrtype == V_ASN1_NULL
337             || atrtype != ASN1_TYPE_get(ttmp)) {
338         ERR_raise(ERR_LIB_X509, X509_R_WRONG_TYPE);
339         return NULL;
340     }
341     return ttmp->value.ptr;
342 }
343 
X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE * attr,int idx)344 ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx)
345 {
346     if (attr == NULL)
347         return NULL;
348     return sk_ASN1_TYPE_value(attr->set, idx);
349 }
350