1 // Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 // https://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14
15 #include <openssl/asn1.h>
16 #include <openssl/err.h>
17 #include <openssl/obj.h>
18 #include <openssl/x509.h>
19
20 #include "../asn1/internal.h"
21 #include "internal.h"
22
23
X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE ** attr,int nid,int attrtype,const void * data,int len)24 X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
25 int attrtype, const void *data,
26 int len) {
27 const ASN1_OBJECT *obj;
28
29 obj = OBJ_nid2obj(nid);
30 if (obj == NULL) {
31 OPENSSL_PUT_ERROR(X509, X509_R_UNKNOWN_NID);
32 return NULL;
33 }
34 return X509_ATTRIBUTE_create_by_OBJ(attr, obj, attrtype, data, len);
35 }
36
X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE ** attr,const ASN1_OBJECT * obj,int attrtype,const void * data,int len)37 X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
38 const ASN1_OBJECT *obj,
39 int attrtype, const void *data,
40 int len) {
41 X509_ATTRIBUTE *ret;
42
43 if ((attr == NULL) || (*attr == NULL)) {
44 if ((ret = X509_ATTRIBUTE_new()) == NULL) {
45 return NULL;
46 }
47 } else {
48 ret = *attr;
49 }
50
51 if (!X509_ATTRIBUTE_set1_object(ret, obj)) {
52 goto err;
53 }
54 if (!X509_ATTRIBUTE_set1_data(ret, attrtype, data, len)) {
55 goto err;
56 }
57
58 if ((attr != NULL) && (*attr == NULL)) {
59 *attr = ret;
60 }
61 return ret;
62 err:
63 if ((attr == NULL) || (ret != *attr)) {
64 X509_ATTRIBUTE_free(ret);
65 }
66 return NULL;
67 }
68
X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE ** attr,const char * attrname,int type,const unsigned char * bytes,int len)69 X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_txt(X509_ATTRIBUTE **attr,
70 const char *attrname, int type,
71 const unsigned char *bytes,
72 int len) {
73 ASN1_OBJECT *obj;
74 X509_ATTRIBUTE *nattr;
75
76 obj = OBJ_txt2obj(attrname, 0);
77 if (obj == NULL) {
78 OPENSSL_PUT_ERROR(X509, X509_R_INVALID_FIELD_NAME);
79 ERR_add_error_data(2, "name=", attrname);
80 return NULL;
81 }
82 nattr = X509_ATTRIBUTE_create_by_OBJ(attr, obj, type, bytes, len);
83 ASN1_OBJECT_free(obj);
84 return nattr;
85 }
86
X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE * attr,const ASN1_OBJECT * obj)87 int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj) {
88 if ((attr == NULL) || (obj == NULL)) {
89 return 0;
90 }
91 ASN1_OBJECT_free(attr->object);
92 attr->object = OBJ_dup(obj);
93 return attr->object != NULL;
94 }
95
X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE * attr,int attrtype,const void * data,int len)96 int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype,
97 const void *data, int len) {
98 if (!attr) {
99 return 0;
100 }
101
102 if (attrtype == 0) {
103 // Do nothing. This is used to create an empty value set in
104 // |X509_ATTRIBUTE_create_by_*|. This is invalid, but supported by OpenSSL.
105 return 1;
106 }
107
108 ASN1_TYPE *typ = ASN1_TYPE_new();
109 if (typ == NULL) {
110 return 0;
111 }
112
113 // This function is several functions in one.
114 if (attrtype & MBSTRING_FLAG) {
115 // |data| is an encoded string. We must decode and re-encode it to |attr|'s
116 // preferred ASN.1 type. Note |len| may be -1, in which case
117 // |ASN1_STRING_set_by_NID| calls |strlen| automatically.
118 ASN1_STRING *str =
119 ASN1_STRING_set_by_NID(NULL, reinterpret_cast<const uint8_t *>(data),
120 len, attrtype, OBJ_obj2nid(attr->object));
121 if (str == NULL) {
122 OPENSSL_PUT_ERROR(X509, ERR_R_ASN1_LIB);
123 goto err;
124 }
125 asn1_type_set0_string(typ, str);
126 } else if (len != -1) {
127 // |attrtype| must be a valid |ASN1_STRING| type. |data| and |len| is a
128 // value in the corresponding |ASN1_STRING| representation.
129 ASN1_STRING *str = ASN1_STRING_type_new(attrtype);
130 if (str == NULL || !ASN1_STRING_set(str, data, len)) {
131 ASN1_STRING_free(str);
132 goto err;
133 }
134 asn1_type_set0_string(typ, str);
135 } else {
136 // |attrtype| must be a valid |ASN1_TYPE| type. |data| is a pointer to an
137 // object of the corresponding type.
138 if (!ASN1_TYPE_set1(typ, attrtype, data)) {
139 goto err;
140 }
141 }
142
143 if (!sk_ASN1_TYPE_push(attr->set, typ)) {
144 goto err;
145 }
146 return 1;
147
148 err:
149 ASN1_TYPE_free(typ);
150 return 0;
151 }
152
X509_ATTRIBUTE_count(const X509_ATTRIBUTE * attr)153 int X509_ATTRIBUTE_count(const X509_ATTRIBUTE *attr) {
154 return (int)sk_ASN1_TYPE_num(attr->set);
155 }
156
X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE * attr)157 ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr) {
158 if (attr == NULL) {
159 return NULL;
160 }
161 return attr->object;
162 }
163
X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE * attr,int idx,int attrtype,void * unused)164 void *X509_ATTRIBUTE_get0_data(X509_ATTRIBUTE *attr, int idx, int attrtype,
165 void *unused) {
166 ASN1_TYPE *ttmp;
167 ttmp = X509_ATTRIBUTE_get0_type(attr, idx);
168 if (!ttmp) {
169 return NULL;
170 }
171 if (attrtype != ASN1_TYPE_get(ttmp)) {
172 OPENSSL_PUT_ERROR(X509, X509_R_WRONG_TYPE);
173 return NULL;
174 }
175 return (void *)asn1_type_value_as_pointer(ttmp);
176 }
177
X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE * attr,int idx)178 ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx) {
179 if (attr == NULL) {
180 return NULL;
181 }
182 if (idx >= X509_ATTRIBUTE_count(attr)) {
183 return NULL;
184 }
185 return sk_ASN1_TYPE_value(attr->set, idx);
186 }
187