1 /* crypto/asn1/x_req.c */ 2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 3 * All rights reserved. 4 * 5 * This package is an SSL implementation written 6 * by Eric Young (eay@cryptsoft.com). 7 * The implementation was written so as to conform with Netscapes SSL. 8 * 9 * This library is free for commercial and non-commercial use as long as 10 * the following conditions are aheared to. The following conditions 11 * apply to all code found in this distribution, be it the RC4, RSA, 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 13 * included with this distribution is covered by the same copyright terms 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 15 * 16 * Copyright remains Eric Young's, and as such any Copyright notices in 17 * the code are not to be removed. 18 * If this package is used in a product, Eric Young should be given attribution 19 * as the author of the parts of the library used. 20 * This can be in the form of a textual message at program startup or 21 * in documentation (online or textual) provided with the package. 22 * 23 * Redistribution and use in source and binary forms, with or without 24 * modification, are permitted provided that the following conditions 25 * are met: 26 * 1. Redistributions of source code must retain the copyright 27 * notice, this list of conditions and the following disclaimer. 28 * 2. Redistributions in binary form must reproduce the above copyright 29 * notice, this list of conditions and the following disclaimer in the 30 * documentation and/or other materials provided with the distribution. 31 * 3. All advertising materials mentioning features or use of this software 32 * must display the following acknowledgement: 33 * "This product includes cryptographic software written by 34 * Eric Young (eay@cryptsoft.com)" 35 * The word 'cryptographic' can be left out if the rouines from the library 36 * being used are not cryptographic related :-). 37 * 4. If you include any Windows specific code (or a derivative thereof) from 38 * the apps directory (application code) you must include an acknowledgement: 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 40 * 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 51 * SUCH DAMAGE. 52 * 53 * The licence and distribution terms for any publically available version or 54 * derivative of this code cannot be changed. i.e. this code cannot simply be 55 * copied and put under another distribution licence 56 * [including the GNU Public Licence.] 57 */ 58 59 #include <stdio.h> 60 #include "cryptlib.h" 61 #include <openssl/asn1_mac.h> 62 #include <openssl/x509.h> 63 64 int i2d_X509_REQ_INFO(X509_REQ_INFO *a, unsigned char **pp) 65 { 66 M_ASN1_I2D_vars(a); 67 68 if(a->asn1) { 69 if(pp) { 70 memcpy(*pp, a->asn1, a->length); 71 *pp += a->length; 72 } 73 return a->length; 74 } 75 76 M_ASN1_I2D_len(a->version, i2d_ASN1_INTEGER); 77 M_ASN1_I2D_len(a->subject, i2d_X509_NAME); 78 M_ASN1_I2D_len(a->pubkey, i2d_X509_PUBKEY); 79 80 /* this is a *nasty* hack reported to be required to 81 * allow some CA Software to accept the cert request. 82 * It is not following the PKCS standards ... 83 * PKCS#10 pg 5 84 * attributes [0] IMPLICIT Attributes 85 * NOTE: no OPTIONAL ... so it *must* be there 86 */ 87 if (a->req_kludge) 88 { 89 M_ASN1_I2D_len_IMP_SET_opt_type(X509_ATTRIBUTE,a->attributes,i2d_X509_ATTRIBUTE,0); 90 } 91 else 92 { 93 M_ASN1_I2D_len_IMP_SET_type(X509_ATTRIBUTE,a->attributes, 94 i2d_X509_ATTRIBUTE,0); 95 } 96 97 M_ASN1_I2D_seq_total(); 98 M_ASN1_I2D_put(a->version, i2d_ASN1_INTEGER); 99 M_ASN1_I2D_put(a->subject, i2d_X509_NAME); 100 M_ASN1_I2D_put(a->pubkey, i2d_X509_PUBKEY); 101 102 /* this is a *nasty* hack reported to be required by some CA's. 103 * It is not following the PKCS standards ... 104 * PKCS#10 pg 5 105 * attributes [0] IMPLICIT Attributes 106 * NOTE: no OPTIONAL ... so it *must* be there 107 */ 108 if (a->req_kludge) 109 { 110 M_ASN1_I2D_put_IMP_SET_opt_type(X509_ATTRIBUTE,a->attributes, 111 i2d_X509_ATTRIBUTE,0); 112 } 113 else 114 { 115 M_ASN1_I2D_put_IMP_SET_type(X509_ATTRIBUTE,a->attributes, 116 i2d_X509_ATTRIBUTE,0); 117 } 118 119 M_ASN1_I2D_finish(); 120 } 121 122 X509_REQ_INFO *d2i_X509_REQ_INFO(X509_REQ_INFO **a, unsigned char **pp, 123 long length) 124 { 125 M_ASN1_D2I_vars(a,X509_REQ_INFO *,X509_REQ_INFO_new); 126 127 M_ASN1_D2I_Init(); 128 M_ASN1_D2I_start_sequence(); 129 M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER); 130 M_ASN1_D2I_get(ret->subject,d2i_X509_NAME); 131 M_ASN1_D2I_get(ret->pubkey,d2i_X509_PUBKEY); 132 133 /* this is a *nasty* hack to allow for some CA's that 134 * have been reported as requiring it. 135 * It is not following the PKCS standards ... 136 * PKCS#10 pg 5 137 * attributes [0] IMPLICIT Attributes 138 * NOTE: no OPTIONAL ... so it *must* be there 139 */ 140 if (asn1_Finish(&c)) 141 ret->req_kludge=1; 142 else 143 { 144 M_ASN1_D2I_get_IMP_set_type(X509_ATTRIBUTE,ret->attributes, 145 d2i_X509_ATTRIBUTE, 146 X509_ATTRIBUTE_free,0); 147 } 148 149 M_ASN1_D2I_Finish(a,X509_REQ_INFO_free,ASN1_F_D2I_X509_REQ_INFO); 150 } 151 152 X509_REQ_INFO *X509_REQ_INFO_new(void) 153 { 154 X509_REQ_INFO *ret=NULL; 155 ASN1_CTX c; 156 157 M_ASN1_New_Malloc(ret,X509_REQ_INFO); 158 M_ASN1_New(ret->version,M_ASN1_INTEGER_new); 159 M_ASN1_New(ret->subject,X509_NAME_new); 160 M_ASN1_New(ret->pubkey,X509_PUBKEY_new); 161 M_ASN1_New(ret->attributes,sk_X509_ATTRIBUTE_new_null); 162 ret->req_kludge=0; 163 ret->asn1 = NULL; 164 return(ret); 165 M_ASN1_New_Error(ASN1_F_X509_REQ_INFO_NEW); 166 } 167 168 void X509_REQ_INFO_free(X509_REQ_INFO *a) 169 { 170 if (a == NULL) return; 171 if(a->asn1) OPENSSL_free(a->asn1); 172 M_ASN1_INTEGER_free(a->version); 173 X509_NAME_free(a->subject); 174 X509_PUBKEY_free(a->pubkey); 175 sk_X509_ATTRIBUTE_pop_free(a->attributes,X509_ATTRIBUTE_free); 176 OPENSSL_free(a); 177 } 178 179 int i2d_X509_REQ(X509_REQ *a, unsigned char **pp) 180 { 181 M_ASN1_I2D_vars(a); 182 M_ASN1_I2D_len(a->req_info, i2d_X509_REQ_INFO); 183 M_ASN1_I2D_len(a->sig_alg, i2d_X509_ALGOR); 184 M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING); 185 186 M_ASN1_I2D_seq_total(); 187 188 M_ASN1_I2D_put(a->req_info, i2d_X509_REQ_INFO); 189 M_ASN1_I2D_put(a->sig_alg, i2d_X509_ALGOR); 190 M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING); 191 192 M_ASN1_I2D_finish(); 193 } 194 195 X509_REQ *d2i_X509_REQ(X509_REQ **a, unsigned char **pp, long length) 196 { 197 M_ASN1_D2I_vars(a,X509_REQ *,X509_REQ_new); 198 199 M_ASN1_D2I_Init(); 200 M_ASN1_D2I_start_sequence(); 201 M_ASN1_D2I_get(ret->req_info,d2i_X509_REQ_INFO); 202 203 /* Keep a copy of the original encoding for signature checking */ 204 ret->req_info->length = c.p - c.q; 205 if(!(ret->req_info->asn1 = OPENSSL_malloc(ret->req_info->length))) { 206 c.line=__LINE__; 207 c.error = ERR_R_MALLOC_FAILURE; 208 goto err; 209 } 210 211 memcpy(ret->req_info->asn1, c.q, ret->req_info->length); 212 213 M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR); 214 M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING); 215 M_ASN1_D2I_Finish(a,X509_REQ_free,ASN1_F_D2I_X509_REQ); 216 } 217 218 X509_REQ *X509_REQ_new(void) 219 { 220 X509_REQ *ret=NULL; 221 ASN1_CTX c; 222 223 M_ASN1_New_Malloc(ret,X509_REQ); 224 ret->references=1; 225 M_ASN1_New(ret->req_info,X509_REQ_INFO_new); 226 M_ASN1_New(ret->sig_alg,X509_ALGOR_new); 227 M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new); 228 return(ret); 229 M_ASN1_New_Error(ASN1_F_X509_REQ_NEW); 230 } 231 232 void X509_REQ_free(X509_REQ *a) 233 { 234 int i; 235 236 if (a == NULL) return; 237 238 i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_REQ); 239 #ifdef REF_PRINT 240 REF_PRINT("X509_REQ",a); 241 #endif 242 if (i > 0) return; 243 #ifdef REF_CHECK 244 if (i < 0) 245 { 246 fprintf(stderr,"X509_REQ_free, bad reference count\n"); 247 abort(); 248 } 249 #endif 250 251 X509_REQ_INFO_free(a->req_info); 252 X509_ALGOR_free(a->sig_alg); 253 M_ASN1_BIT_STRING_free(a->signature); 254 OPENSSL_free(a); 255 } 256 257 258