xref: /openbsd-src/lib/libcrypto/x509/x509_set.c (revision aa997e528a848ca5596493c2a801bdd6fb26ae61) 
1 /* $OpenBSD: x509_set.c,v 1.16 2018/02/22 17:09:28 jsing Exp $ */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3  * All rights reserved.
4  *
5  * This package is an SSL implementation written
6  * by Eric Young (eay@cryptsoft.com).
7  * The implementation was written so as to conform with Netscapes SSL.
8  *
9  * This library is free for commercial and non-commercial use as long as
10  * the following conditions are aheared to.  The following conditions
11  * apply to all code found in this distribution, be it the RC4, RSA,
12  * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
13  * included with this distribution is covered by the same copyright terms
14  * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15  *
16  * Copyright remains Eric Young's, and as such any Copyright notices in
17  * the code are not to be removed.
18  * If this package is used in a product, Eric Young should be given attribution
19  * as the author of the parts of the library used.
20  * This can be in the form of a textual message at program startup or
21  * in documentation (online or textual) provided with the package.
22  *
23  * Redistribution and use in source and binary forms, with or without
24  * modification, are permitted provided that the following conditions
25  * are met:
26  * 1. Redistributions of source code must retain the copyright
27  *    notice, this list of conditions and the following disclaimer.
28  * 2. Redistributions in binary form must reproduce the above copyright
29  *    notice, this list of conditions and the following disclaimer in the
30  *    documentation and/or other materials provided with the distribution.
31  * 3. All advertising materials mentioning features or use of this software
32  *    must display the following acknowledgement:
33  *    "This product includes cryptographic software written by
34  *     Eric Young (eay@cryptsoft.com)"
35  *    The word 'cryptographic' can be left out if the rouines from the library
36  *    being used are not cryptographic related :-).
37  * 4. If you include any Windows specific code (or a derivative thereof) from
38  *    the apps directory (application code) you must include an acknowledgement:
39  *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40  *
41  * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51  * SUCH DAMAGE.
52  *
53  * The licence and distribution terms for any publically available version or
54  * derivative of this code cannot be changed.  i.e. this code cannot simply be
55  * copied and put under another distribution licence
56  * [including the GNU Public Licence.]
57  */
58 
59 #include <stdio.h>
60 
61 #include <openssl/asn1.h>
62 #include <openssl/evp.h>
63 #include <openssl/objects.h>
64 #include <openssl/x509.h>
65 
66 const STACK_OF(X509_EXTENSION) *
67 X509_get0_extensions(const X509 *x)
68 {
69 	return x->cert_info->extensions;
70 }
71 
72 const X509_ALGOR *
73 X509_get0_tbs_sigalg(const X509 *x)
74 {
75 	return x->cert_info->signature;
76 }
77 
78 int
79 X509_set_version(X509 *x, long version)
80 {
81 	if (x == NULL)
82 		return (0);
83 	if (x->cert_info->version == NULL) {
84 		if ((x->cert_info->version = ASN1_INTEGER_new()) == NULL)
85 			return (0);
86 	}
87 	return (ASN1_INTEGER_set(x->cert_info->version, version));
88 }
89 
90 int
91 X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial)
92 {
93 	ASN1_INTEGER *in;
94 
95 	if (x == NULL)
96 		return (0);
97 	in = x->cert_info->serialNumber;
98 	if (in != serial) {
99 		in = ASN1_INTEGER_dup(serial);
100 		if (in != NULL) {
101 			ASN1_INTEGER_free(x->cert_info->serialNumber);
102 			x->cert_info->serialNumber = in;
103 		}
104 	}
105 	return (in != NULL);
106 }
107 
108 int
109 X509_set_issuer_name(X509 *x, X509_NAME *name)
110 {
111 	if ((x == NULL) || (x->cert_info == NULL))
112 		return (0);
113 	return (X509_NAME_set(&x->cert_info->issuer, name));
114 }
115 
116 int
117 X509_set_subject_name(X509 *x, X509_NAME *name)
118 {
119 	if (x == NULL || x->cert_info == NULL)
120 		return (0);
121 	return (X509_NAME_set(&x->cert_info->subject, name));
122 }
123 
124 const ASN1_TIME *
125 X509_get0_notBefore(const X509 *x)
126 {
127 	return X509_getm_notBefore(x);
128 }
129 
130 ASN1_TIME *
131 X509_getm_notBefore(const X509 *x)
132 {
133 	if (x == NULL || x->cert_info == NULL || x->cert_info->validity == NULL)
134 		return (NULL);
135 	return x->cert_info->validity->notBefore;
136 }
137 
138 int
139 X509_set_notBefore(X509 *x, const ASN1_TIME *tm)
140 {
141 	ASN1_TIME *in;
142 
143 	if (x == NULL || x->cert_info->validity == NULL)
144 		return (0);
145 	in = x->cert_info->validity->notBefore;
146 	if (in != tm) {
147 		in = ASN1_STRING_dup(tm);
148 		if (in != NULL) {
149 			ASN1_TIME_free(x->cert_info->validity->notBefore);
150 			x->cert_info->validity->notBefore = in;
151 		}
152 	}
153 	return (in != NULL);
154 }
155 
156 int
157 X509_set1_notBefore(X509 *x, const ASN1_TIME *tm)
158 {
159 	return X509_set_notBefore(x, tm);
160 }
161 
162 const ASN1_TIME *
163 X509_get0_notAfter(const X509 *x)
164 {
165 	return X509_getm_notAfter(x);
166 }
167 
168 ASN1_TIME *
169 X509_getm_notAfter(const X509 *x)
170 {
171 	if (x == NULL || x->cert_info == NULL || x->cert_info->validity == NULL)
172 		return (NULL);
173 	return x->cert_info->validity->notAfter;
174 }
175 
176 int
177 X509_set_notAfter(X509 *x, const ASN1_TIME *tm)
178 {
179 	ASN1_TIME *in;
180 
181 	if (x == NULL || x->cert_info->validity == NULL)
182 		return (0);
183 	in = x->cert_info->validity->notAfter;
184 	if (in != tm) {
185 		in = ASN1_STRING_dup(tm);
186 		if (in != NULL) {
187 			ASN1_TIME_free(x->cert_info->validity->notAfter);
188 			x->cert_info->validity->notAfter = in;
189 		}
190 	}
191 	return (in != NULL);
192 }
193 
194 int
195 X509_set1_notAfter(X509 *x, const ASN1_TIME *tm)
196 {
197 	return X509_set_notAfter(x, tm);
198 }
199 
200 int
201 X509_set_pubkey(X509 *x, EVP_PKEY *pkey)
202 {
203 	if ((x == NULL) || (x->cert_info == NULL))
204 		return (0);
205 	return (X509_PUBKEY_set(&(x->cert_info->key), pkey));
206 }
207