x509cset.c revision 1.21 
1/* $OpenBSD: x509cset.c,v 1.21 2024/03/26 22:45:38 tb Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2001.
4 */
5/* ====================================================================
6 * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 *    notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 *    notice, this list of conditions and the following disclaimer in
17 *    the documentation and/or other materials provided with the
18 *    distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 *    software must display the following acknowledgment:
22 *    "This product includes software developed by the OpenSSL Project
23 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 *    endorse or promote products derived from this software without
27 *    prior written permission. For written permission, please contact
28 *    licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 *    nor may "OpenSSL" appear in their names without prior written
32 *    permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 *    acknowledgment:
36 *    "This product includes software developed by the OpenSSL Project
37 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com).  This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60
61#include <openssl/asn1.h>
62#include <openssl/evp.h>
63#include <openssl/objects.h>
64#include <openssl/x509.h>
65
66#include "x509_local.h"
67
68int
69X509_CRL_up_ref(X509_CRL *x)
70{
71	int refs = CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509_CRL);
72	return (refs > 1) ? 1 : 0;
73}
74LCRYPTO_ALIAS(X509_CRL_up_ref);
75
76int
77X509_CRL_set_version(X509_CRL *x, long version)
78{
79	if (x == NULL)
80		return (0);
81	/*
82	 * RFC 5280, 4.1: versions 1 - 3 are specified as follows.
83	 * Version  ::=  INTEGER  {  v1(0), v2(1), v3(2) }
84	 * The only specified versions for CRLs are 1 and 2.
85	 */
86	if (version < 0 || version > 1)
87		return (0);
88	if (x->crl->version == NULL) {
89		if ((x->crl->version = ASN1_INTEGER_new()) == NULL)
90			return (0);
91	}
92	return (ASN1_INTEGER_set(x->crl->version, version));
93}
94LCRYPTO_ALIAS(X509_CRL_set_version);
95
96int
97X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name)
98{
99	if ((x == NULL) || (x->crl == NULL))
100		return (0);
101	return (X509_NAME_set(&x->crl->issuer, name));
102}
103LCRYPTO_ALIAS(X509_CRL_set_issuer_name);
104
105int
106X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm)
107{
108	ASN1_TIME *in;
109
110	if (x == NULL)
111		return (0);
112	in = x->crl->lastUpdate;
113	if (in != tm) {
114		in = ASN1_STRING_dup(tm);
115		if (in != NULL) {
116			ASN1_TIME_free(x->crl->lastUpdate);
117			x->crl->lastUpdate = in;
118		}
119	}
120	return (in != NULL);
121}
122LCRYPTO_ALIAS(X509_CRL_set_lastUpdate);
123
124int
125X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm)
126{
127	return X509_CRL_set_lastUpdate(x, tm);
128}
129LCRYPTO_ALIAS(X509_CRL_set1_lastUpdate);
130
131int
132X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm)
133{
134	ASN1_TIME *in;
135
136	if (x == NULL)
137		return (0);
138	in = x->crl->nextUpdate;
139	if (in != tm) {
140		in = ASN1_STRING_dup(tm);
141		if (in != NULL) {
142			ASN1_TIME_free(x->crl->nextUpdate);
143			x->crl->nextUpdate = in;
144		}
145	}
146	return (in != NULL);
147}
148LCRYPTO_ALIAS(X509_CRL_set_nextUpdate);
149
150int
151X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm)
152{
153	return X509_CRL_set_nextUpdate(x, tm);
154}
155LCRYPTO_ALIAS(X509_CRL_set1_nextUpdate);
156
157int
158X509_CRL_sort(X509_CRL *c)
159{
160	int i;
161	X509_REVOKED *r;
162
163	/* sort the data so it will be written in serial
164	 * number order */
165	sk_X509_REVOKED_sort(c->crl->revoked);
166	for (i = 0; i < sk_X509_REVOKED_num(c->crl->revoked); i++) {
167		r = sk_X509_REVOKED_value(c->crl->revoked, i);
168		r->sequence = i;
169	}
170	c->crl->enc.modified = 1;
171	return 1;
172}
173LCRYPTO_ALIAS(X509_CRL_sort);
174
175const STACK_OF(X509_EXTENSION) *
176X509_REVOKED_get0_extensions(const X509_REVOKED *x)
177{
178	return x->extensions;
179}
180LCRYPTO_ALIAS(X509_REVOKED_get0_extensions);
181
182const ASN1_TIME *
183X509_REVOKED_get0_revocationDate(const X509_REVOKED *x)
184{
185	return x->revocationDate;
186}
187LCRYPTO_ALIAS(X509_REVOKED_get0_revocationDate);
188
189const ASN1_INTEGER *
190X509_REVOKED_get0_serialNumber(const X509_REVOKED *x)
191{
192	return x->serialNumber;
193}
194LCRYPTO_ALIAS(X509_REVOKED_get0_serialNumber);
195
196int
197X509_REVOKED_set_revocationDate(X509_REVOKED *x, ASN1_TIME *tm)
198{
199	ASN1_TIME *in;
200
201	if (x == NULL)
202		return (0);
203	in = x->revocationDate;
204	if (in != tm) {
205		in = ASN1_STRING_dup(tm);
206		if (in != NULL) {
207			ASN1_TIME_free(x->revocationDate);
208			x->revocationDate = in;
209		}
210	}
211	return (in != NULL);
212}
213LCRYPTO_ALIAS(X509_REVOKED_set_revocationDate);
214
215int
216X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial)
217{
218	ASN1_INTEGER *in;
219
220	if (x == NULL)
221		return (0);
222	in = x->serialNumber;
223	if (in != serial) {
224		in = ASN1_INTEGER_dup(serial);
225		if (in != NULL) {
226			ASN1_INTEGER_free(x->serialNumber);
227			x->serialNumber = in;
228		}
229	}
230	return (in != NULL);
231}
232LCRYPTO_ALIAS(X509_REVOKED_set_serialNumber);
233
234int
235i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **pp)
236{
237	crl->crl->enc.modified = 1;
238	return i2d_X509_CRL_INFO(crl->crl, pp);
239}
240LCRYPTO_ALIAS(i2d_re_X509_CRL_tbs);
241