Google Git
Sign in
boringssl / boringssl / refs/heads/chromium-2311 / . / crypto / x509 / x509name.c
blob: 042d18b9ba7a0271e07d516d83f34fa628f8a852 [file] [log] [blame]
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]1/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
2 * All rights reserved.
3 *
4 * This package is an SSL implementation written
5 * by Eric Young (eay@cryptsoft.com).
6 * The implementation was written so as to conform with Netscapes SSL.
7 *
8 * This library is free for commercial and non-commercial use as long as
9 * the following conditions are aheared to. The following conditions
10 * apply to all code found in this distribution, be it the RC4, RSA,
11 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
12 * included with this distribution is covered by the same copyright terms
13 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
14 *
15 * Copyright remains Eric Young's, and as such any Copyright notices in
16 * the code are not to be removed.
17 * If this package is used in a product, Eric Young should be given attribution
18 * as the author of the parts of the library used.
19 * This can be in the form of a textual message at program startup or
20 * in documentation (online or textual) provided with the package.
21 *
22 * Redistribution and use in source and binary forms, with or without
23 * modification, are permitted provided that the following conditions
24 * are met:
25 * 1. Redistributions of source code must retain the copyright
26 * notice, this list of conditions and the following disclaimer.
27 * 2. Redistributions in binary form must reproduce the above copyright
28 * notice, this list of conditions and the following disclaimer in the
29 * documentation and/or other materials provided with the distribution.
30 * 3. All advertising materials mentioning features or use of this software
31 * must display the following acknowledgement:
32 * "This product includes cryptographic software written by
33 * Eric Young (eay@cryptsoft.com)"
34 * The word 'cryptographic' can be left out if the rouines from the library
35 * being used are not cryptographic related :-).
36 * 4. If you include any Windows specific code (or a derivative thereof) from
37 * the apps directory (application code) you must include an acknowledgement:
38 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
39 *
40 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
41 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
43 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
44 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
45 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
46 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
48 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
49 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
50 * SUCH DAMAGE.
51 *
52 * The licence and distribution terms for any publically available version or
53 * derivative of this code cannot be changed. i.e. this code cannot simply be
54 * copied and put under another distribution licence
55 * [including the GNU Public Licence.] */
56
Adam Langley2b2d66d2015-01-30 17:08:37 -0800[diff] [blame]57#include <string.h>
58
Adam Langley95c29f32014-06-20 12:00:00 -0700[diff] [blame]59#include <openssl/asn1.h>
60#include <openssl/err.h>
61#include <openssl/evp.h>
62#include <openssl/obj.h>
63#include <openssl/stack.h>
64#include <openssl/x509.h>
65
66
67int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len)
68 {
69 const ASN1_OBJECT *obj;
70
71 obj=OBJ_nid2obj(nid);
72 if (obj == NULL) return(-1);
73 return(X509_NAME_get_text_by_OBJ(name,obj,buf,len));
74 }
75
76int X509_NAME_get_text_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj, char *buf,
77 int len)
78 {
79 int i;
80 ASN1_STRING *data;
81
82 i=X509_NAME_get_index_by_OBJ(name,obj,-1);
83 if (i < 0) return(-1);
84 data=X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name,i));
85 i=(data->length > (len-1))?(len-1):data->length;
86 if (buf == NULL) return(data->length);
87 memcpy(buf,data->data,i);
88 buf[i]='\0';
89 return(i);
90 }
91
92int X509_NAME_entry_count(X509_NAME *name)
93 {
94 if (name == NULL) return(0);
95 return(sk_X509_NAME_ENTRY_num(name->entries));
96 }
97
98int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos)
99 {
100 const ASN1_OBJECT *obj;
101
102 obj=OBJ_nid2obj(nid);
103 if (obj == NULL) return(-2);
104 return(X509_NAME_get_index_by_OBJ(name,obj,lastpos));
105 }
106
107/* NOTE: you should be passsing -1, not 0 as lastpos */
108int X509_NAME_get_index_by_OBJ(X509_NAME *name, const ASN1_OBJECT *obj,
109 int lastpos)
110 {
111 int n;
112 X509_NAME_ENTRY *ne;
113 STACK_OF(X509_NAME_ENTRY) *sk;
114
115 if (name == NULL) return(-1);
116 if (lastpos < 0)
117 lastpos= -1;
118 sk=name->entries;
119 n=sk_X509_NAME_ENTRY_num(sk);
120 for (lastpos++; lastpos < n; lastpos++)
121 {
122 ne=sk_X509_NAME_ENTRY_value(sk,lastpos);
123 if (OBJ_cmp(ne->object,obj) == 0)
124 return(lastpos);
125 }
126 return(-1);
127 }
128
129X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc)
130 {
131 if(name == NULL || loc < 0 || sk_X509_NAME_ENTRY_num(name->entries) <= (size_t) loc)
132 return(NULL);
133 else
134 return(sk_X509_NAME_ENTRY_value(name->entries,loc));
135 }
136
137X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc)
138 {
139 X509_NAME_ENTRY *ret;
140 int i,n,set_prev,set_next;
141 STACK_OF(X509_NAME_ENTRY) *sk;
142
143 if (name == NULL || loc < 0 || sk_X509_NAME_ENTRY_num(name->entries) <= (size_t) loc)
144 return(NULL);
145 sk=name->entries;
146 ret=sk_X509_NAME_ENTRY_delete(sk,loc);
147 n=sk_X509_NAME_ENTRY_num(sk);
148 name->modified=1;
149 if (loc == n) return(ret);
150
151 /* else we need to fixup the set field */
152 if (loc != 0)
153 set_prev=(sk_X509_NAME_ENTRY_value(sk,loc-1))->set;
154 else
155 set_prev=ret->set-1;
156 set_next=sk_X509_NAME_ENTRY_value(sk,loc)->set;
157
158 /* set_prev is the previous set
159 * set is the current set
160 * set_next is the following
161 * prev 1 1 1 1 1 1 1 1
162 * set 1 1 2 2
163 * next 1 1 2 2 2 2 3 2
164 * so basically only if prev and next differ by 2, then
165 * re-number down by 1 */
166 if (set_prev+1 < set_next)
167 for (i=loc; i<n; i++)
168 sk_X509_NAME_ENTRY_value(sk,i)->set--;
169 return(ret);
170 }
171
172int X509_NAME_add_entry_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, int type,
173 unsigned char *bytes, int len, int loc, int set)
174{
175 X509_NAME_ENTRY *ne;
176 int ret;
177 ne = X509_NAME_ENTRY_create_by_OBJ(NULL, obj, type, bytes, len);
178 if(!ne) return 0;
179 ret = X509_NAME_add_entry(name, ne, loc, set);
180 X509_NAME_ENTRY_free(ne);
181 return ret;
182}
183
184int X509_NAME_add_entry_by_NID(X509_NAME *name, int nid, int type,
185 unsigned char *bytes, int len, int loc, int set)
186{
187 X509_NAME_ENTRY *ne;
188 int ret;
189 ne = X509_NAME_ENTRY_create_by_NID(NULL, nid, type, bytes, len);
190 if(!ne) return 0;
191 ret = X509_NAME_add_entry(name, ne, loc, set);
192 X509_NAME_ENTRY_free(ne);
193 return ret;
194}
195
196int X509_NAME_add_entry_by_txt(X509_NAME *name, const char *field, int type,
197 const unsigned char *bytes, int len, int loc, int set)
198{
199 X509_NAME_ENTRY *ne;
200 int ret;
201 ne = X509_NAME_ENTRY_create_by_txt(NULL, field, type, bytes, len);
202 if(!ne) return 0;
203 ret = X509_NAME_add_entry(name, ne, loc, set);
204 X509_NAME_ENTRY_free(ne);
205 return ret;
206}
207
208/* if set is -1, append to previous set, 0 'a new one', and 1,
209 * prepend to the guy we are about to stomp on. */
210int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne, int loc,
211 int set)
212 {
213 X509_NAME_ENTRY *new_name=NULL;
214 int n,i,inc;
215 STACK_OF(X509_NAME_ENTRY) *sk;
216
217 if (name == NULL) return(0);
218 sk=name->entries;
219 n=sk_X509_NAME_ENTRY_num(sk);
220 if (loc > n) loc=n;
221 else if (loc < 0) loc=n;
222
223 name->modified=1;
224
225 if (set == -1)
226 {
227 if (loc == 0)
228 {
229 set=0;
230 inc=1;
231 }
232 else
233 {
234 set=sk_X509_NAME_ENTRY_value(sk,loc-1)->set;
235 inc=0;
236 }
237 }
238 else /* if (set >= 0) */
239 {
240 if (loc >= n)
241 {
242 if (loc != 0)
243 set=sk_X509_NAME_ENTRY_value(sk,loc-1)->set+1;
244 else
245 set=0;
246 }
247 else
248 set=sk_X509_NAME_ENTRY_value(sk,loc)->set;
249 inc=(set == 0)?1:0;
250 }
251
252 if ((new_name=X509_NAME_ENTRY_dup(ne)) == NULL)
253 goto err;
254 new_name->set=set;
255 if (!sk_X509_NAME_ENTRY_insert(sk,new_name,loc))
256 {
257 OPENSSL_PUT_ERROR(X509, X509_NAME_add_entry, ERR_R_MALLOC_FAILURE);
258 goto err;
259 }
260 if (inc)
261 {
262 n=sk_X509_NAME_ENTRY_num(sk);
263 for (i=loc+1; i<n; i++)
264 sk_X509_NAME_ENTRY_value(sk,i-1)->set+=1;
265 }
266 return(1);
267err:
268 if (new_name != NULL)
269 X509_NAME_ENTRY_free(new_name);
270 return(0);
271 }
272
273X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_txt(X509_NAME_ENTRY **ne,
274 const char *field, int type, const unsigned char *bytes, int len)
275 {
276 ASN1_OBJECT *obj;
277 X509_NAME_ENTRY *nentry;
278
279 obj=OBJ_txt2obj(field, 0);
280 if (obj == NULL)
281 {
282 OPENSSL_PUT_ERROR(X509, X509_NAME_ENTRY_create_by_txt, X509_R_INVALID_FIELD_NAME);
283 ERR_add_error_data(2, "name=", field);
284 return(NULL);
285 }
286 nentry = X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len);
287 ASN1_OBJECT_free(obj);
288 return nentry;
289 }
290
291X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
292 int type, unsigned char *bytes, int len)
293 {
294 const ASN1_OBJECT *obj;
295 X509_NAME_ENTRY *nentry;
296
297 obj=OBJ_nid2obj(nid);
298 if (obj == NULL)
299 {
300 OPENSSL_PUT_ERROR(X509, X509_NAME_ENTRY_create_by_NID, X509_R_UNKNOWN_NID);
301 return(NULL);
302 }
303 nentry = X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len);
304 /* TODO(fork): remove this? */
305 /* ASN1_OBJECT_free(obj); */
306 return nentry;
307 }
308
309X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
310 const ASN1_OBJECT *obj, int type, const unsigned char *bytes, int len)
311 {
312 X509_NAME_ENTRY *ret;
313
314 if ((ne == NULL) || (*ne == NULL))
315 {
316 if ((ret=X509_NAME_ENTRY_new()) == NULL)
317 return(NULL);
318 }
319 else
320 ret= *ne;
321
322 if (!X509_NAME_ENTRY_set_object(ret,obj))
323 goto err;
324 if (!X509_NAME_ENTRY_set_data(ret,type,bytes,len))
325 goto err;
326
327 if ((ne != NULL) && (*ne == NULL)) *ne=ret;
328 return(ret);
329err:
330 if ((ne == NULL) || (ret != *ne))
331 X509_NAME_ENTRY_free(ret);
332 return(NULL);
333 }
334
335int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, const ASN1_OBJECT *obj)
336 {
337 if ((ne == NULL) || (obj == NULL))
338 {
339 OPENSSL_PUT_ERROR(X509, X509_NAME_ENTRY_set_object, ERR_R_PASSED_NULL_PARAMETER);
340 return(0);
341 }
342 ASN1_OBJECT_free(ne->object);
343 ne->object=OBJ_dup(obj);
344 return((ne->object == NULL)?0:1);
345 }
346
347int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
348 const unsigned char *bytes, int len)
349 {
350 int i;
351
352 if ((ne == NULL) || ((bytes == NULL) && (len != 0))) return(0);
353 if((type > 0) && (type & MBSTRING_FLAG))
354 return ASN1_STRING_set_by_NID(&ne->value, bytes,
355 len, type,
356 OBJ_obj2nid(ne->object)) ? 1 : 0;
357 if (len < 0) len=strlen((const char *)bytes);
358 i=ASN1_STRING_set(ne->value,bytes,len);
359 if (!i) return(0);
360 if (type != V_ASN1_UNDEF)
361 {
362 if (type == V_ASN1_APP_CHOOSE)
363 ne->value->type=ASN1_PRINTABLE_type(bytes,len);
364 else
365 ne->value->type=type;
366 }
367 return(1);
368 }
369
370ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne)
371 {
372 if (ne == NULL) return(NULL);
373 return(ne->object);
374 }
375
376ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne)
377 {
378 if (ne == NULL) return(NULL);
379 return(ne->value);
380 }
381