1 /*
2 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
3 * 2001.
4 */
5 /* ====================================================================
6 * Copyright (c) 2001 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com). */
56
57 #include <openssl/asn1.h>
58 #include <openssl/evp.h>
59 #include <openssl/obj.h>
60 #include <openssl/x509.h>
61
62 #include "../asn1/internal.h"
63 #include "../internal.h"
64 #include "internal.h"
65
X509_CRL_set_version(X509_CRL * x,long version)66 int X509_CRL_set_version(X509_CRL *x, long version) {
67 if (x == NULL) {
68 return 0;
69 }
70
71 if (version < X509_CRL_VERSION_1 || version > X509_CRL_VERSION_2) {
72 OPENSSL_PUT_ERROR(X509, X509_R_INVALID_VERSION);
73 return 0;
74 }
75
76 // v1(0) is default and is represented by omitting the version.
77 if (version == X509_CRL_VERSION_1) {
78 ASN1_INTEGER_free(x->crl->version);
79 x->crl->version = NULL;
80 return 1;
81 }
82
83 if (x->crl->version == NULL) {
84 x->crl->version = ASN1_INTEGER_new();
85 if (x->crl->version == NULL) {
86 return 0;
87 }
88 }
89 return ASN1_INTEGER_set_int64(x->crl->version, version);
90 }
91
X509_CRL_set_issuer_name(X509_CRL * x,X509_NAME * name)92 int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name) {
93 if ((x == NULL) || (x->crl == NULL)) {
94 return 0;
95 }
96 return (X509_NAME_set(&x->crl->issuer, name));
97 }
98
X509_CRL_set1_lastUpdate(X509_CRL * x,const ASN1_TIME * tm)99 int X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm) {
100 ASN1_TIME *in;
101
102 if (x == NULL) {
103 return 0;
104 }
105 in = x->crl->lastUpdate;
106 if (in != tm) {
107 in = ASN1_STRING_dup(tm);
108 if (in != NULL) {
109 ASN1_TIME_free(x->crl->lastUpdate);
110 x->crl->lastUpdate = in;
111 }
112 }
113 return in != NULL;
114 }
115
X509_CRL_set1_nextUpdate(X509_CRL * x,const ASN1_TIME * tm)116 int X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm) {
117 ASN1_TIME *in;
118
119 if (x == NULL) {
120 return 0;
121 }
122 in = x->crl->nextUpdate;
123 if (in != tm) {
124 in = ASN1_STRING_dup(tm);
125 if (in != NULL) {
126 ASN1_TIME_free(x->crl->nextUpdate);
127 x->crl->nextUpdate = in;
128 }
129 }
130 return in != NULL;
131 }
132
X509_CRL_sort(X509_CRL * c)133 int X509_CRL_sort(X509_CRL *c) {
134 // Sort the data so it will be written in serial number order.
135 sk_X509_REVOKED_sort(c->crl->revoked);
136 asn1_encoding_clear(&c->crl->enc);
137 return 1;
138 }
139
X509_CRL_up_ref(X509_CRL * crl)140 int X509_CRL_up_ref(X509_CRL *crl) {
141 CRYPTO_refcount_inc(&crl->references);
142 return 1;
143 }
144
X509_CRL_get_version(const X509_CRL * crl)145 long X509_CRL_get_version(const X509_CRL *crl) {
146 return ASN1_INTEGER_get(crl->crl->version);
147 }
148
X509_CRL_get0_lastUpdate(const X509_CRL * crl)149 const ASN1_TIME *X509_CRL_get0_lastUpdate(const X509_CRL *crl) {
150 return crl->crl->lastUpdate;
151 }
152
X509_CRL_get0_nextUpdate(const X509_CRL * crl)153 const ASN1_TIME *X509_CRL_get0_nextUpdate(const X509_CRL *crl) {
154 return crl->crl->nextUpdate;
155 }
156
X509_CRL_get_lastUpdate(X509_CRL * crl)157 ASN1_TIME *X509_CRL_get_lastUpdate(X509_CRL *crl) {
158 return crl->crl->lastUpdate;
159 }
160
X509_CRL_get_nextUpdate(X509_CRL * crl)161 ASN1_TIME *X509_CRL_get_nextUpdate(X509_CRL *crl) {
162 return crl->crl->nextUpdate;
163 }
164
X509_CRL_get_issuer(const X509_CRL * crl)165 X509_NAME *X509_CRL_get_issuer(const X509_CRL *crl) { return crl->crl->issuer; }
166
STACK_OF(X509_REVOKED)167 STACK_OF(X509_REVOKED) *X509_CRL_get_REVOKED(X509_CRL *crl) {
168 return crl->crl->revoked;
169 }
170
STACK_OF(X509_EXTENSION)171 const STACK_OF(X509_EXTENSION) *X509_CRL_get0_extensions(const X509_CRL *crl) {
172 return crl->crl->extensions;
173 }
174
X509_CRL_get0_signature(const X509_CRL * crl,const ASN1_BIT_STRING ** psig,const X509_ALGOR ** palg)175 void X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig,
176 const X509_ALGOR **palg) {
177 if (psig != NULL) {
178 *psig = crl->signature;
179 }
180 if (palg != NULL) {
181 *palg = crl->sig_alg;
182 }
183 }
184
X509_CRL_get_signature_nid(const X509_CRL * crl)185 int X509_CRL_get_signature_nid(const X509_CRL *crl) {
186 return OBJ_obj2nid(crl->sig_alg->algorithm);
187 }
188
X509_REVOKED_get0_revocationDate(const X509_REVOKED * revoked)189 const ASN1_TIME *X509_REVOKED_get0_revocationDate(const X509_REVOKED *revoked) {
190 return revoked->revocationDate;
191 }
192
X509_REVOKED_set_revocationDate(X509_REVOKED * revoked,const ASN1_TIME * tm)193 int X509_REVOKED_set_revocationDate(X509_REVOKED *revoked,
194 const ASN1_TIME *tm) {
195 ASN1_TIME *in;
196
197 if (revoked == NULL) {
198 return 0;
199 }
200 in = revoked->revocationDate;
201 if (in != tm) {
202 in = ASN1_STRING_dup(tm);
203 if (in != NULL) {
204 ASN1_TIME_free(revoked->revocationDate);
205 revoked->revocationDate = in;
206 }
207 }
208 return in != NULL;
209 }
210
X509_REVOKED_get0_serialNumber(const X509_REVOKED * revoked)211 const ASN1_INTEGER *X509_REVOKED_get0_serialNumber(
212 const X509_REVOKED *revoked) {
213 return revoked->serialNumber;
214 }
215
X509_REVOKED_set_serialNumber(X509_REVOKED * revoked,const ASN1_INTEGER * serial)216 int X509_REVOKED_set_serialNumber(X509_REVOKED *revoked,
217 const ASN1_INTEGER *serial) {
218 ASN1_INTEGER *in;
219
220 if (serial->type != V_ASN1_INTEGER && serial->type != V_ASN1_NEG_INTEGER) {
221 OPENSSL_PUT_ERROR(ASN1, ASN1_R_WRONG_TYPE);
222 return 0;
223 }
224
225 if (revoked == NULL) {
226 return 0;
227 }
228 in = revoked->serialNumber;
229 if (in != serial) {
230 in = ASN1_INTEGER_dup(serial);
231 if (in != NULL) {
232 ASN1_INTEGER_free(revoked->serialNumber);
233 revoked->serialNumber = in;
234 }
235 }
236 return in != NULL;
237 }
238
STACK_OF(X509_EXTENSION)239 const STACK_OF(X509_EXTENSION) *X509_REVOKED_get0_extensions(
240 const X509_REVOKED *r) {
241 return r->extensions;
242 }
243
i2d_re_X509_CRL_tbs(X509_CRL * crl,unsigned char ** outp)244 int i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **outp) {
245 asn1_encoding_clear(&crl->crl->enc);
246 return i2d_X509_CRL_INFO(crl->crl, outp);
247 }
248
i2d_X509_CRL_tbs(X509_CRL * crl,unsigned char ** outp)249 int i2d_X509_CRL_tbs(X509_CRL *crl, unsigned char **outp) {
250 return i2d_X509_CRL_INFO(crl->crl, outp);
251 }
252
X509_CRL_set1_signature_algo(X509_CRL * crl,const X509_ALGOR * algo)253 int X509_CRL_set1_signature_algo(X509_CRL *crl, const X509_ALGOR *algo) {
254 X509_ALGOR *copy1 = X509_ALGOR_dup(algo);
255 X509_ALGOR *copy2 = X509_ALGOR_dup(algo);
256 if (copy1 == NULL || copy2 == NULL) {
257 X509_ALGOR_free(copy1);
258 X509_ALGOR_free(copy2);
259 return 0;
260 }
261
262 X509_ALGOR_free(crl->sig_alg);
263 crl->sig_alg = copy1;
264 X509_ALGOR_free(crl->crl->sig_alg);
265 crl->crl->sig_alg = copy2;
266 return 1;
267 }
268
X509_CRL_set1_signature_value(X509_CRL * crl,const uint8_t * sig,size_t sig_len)269 int X509_CRL_set1_signature_value(X509_CRL *crl, const uint8_t *sig,
270 size_t sig_len) {
271 if (!ASN1_STRING_set(crl->signature, sig, sig_len)) {
272 return 0;
273 }
274 crl->signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
275 crl->signature->flags |= ASN1_STRING_FLAG_BITS_LEFT;
276 return 1;
277 }
278