xref: /openbsd-src/lib/libcrypto/x509/x509cset.c (revision 7c0ec4b8992567abb1e1536622dc789a9a39d9f1) 
1 /* $OpenBSD: x509cset.c,v 1.22 2024/03/26 23:41:45 tb Exp $ */
2 /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3  * project 2001.
4  */
5 /* ====================================================================
6  * Copyright (c) 2001 The OpenSSL Project.  All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  *
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in
17  *    the documentation and/or other materials provided with the
18  *    distribution.
19  *
20  * 3. All advertising materials mentioning features or use of this
21  *    software must display the following acknowledgment:
22  *    "This product includes software developed by the OpenSSL Project
23  *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24  *
25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26  *    endorse or promote products derived from this software without
27  *    prior written permission. For written permission, please contact
28  *    licensing@OpenSSL.org.
29  *
30  * 5. Products derived from this software may not be called "OpenSSL"
31  *    nor may "OpenSSL" appear in their names without prior written
32  *    permission of the OpenSSL Project.
33  *
34  * 6. Redistributions of any form whatsoever must retain the following
35  *    acknowledgment:
36  *    "This product includes software developed by the OpenSSL Project
37  *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38  *
39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50  * OF THE POSSIBILITY OF SUCH DAMAGE.
51  * ====================================================================
52  *
53  * This product includes cryptographic software written by Eric Young
54  * (eay@cryptsoft.com).  This product includes software written by Tim
55  * Hudson (tjh@cryptsoft.com).
56  *
57  */
58 
59 #include <stdio.h>
60 
61 #include <openssl/asn1.h>
62 #include <openssl/evp.h>
63 #include <openssl/objects.h>
64 #include <openssl/x509.h>
65 
66 #include "x509_local.h"
67 
68 int
69 X509_CRL_up_ref(X509_CRL *x)
70 {
71 	return CRYPTO_add(&x->references, 1, CRYPTO_LOCK_X509_CRL) > 1;
72 }
73 LCRYPTO_ALIAS(X509_CRL_up_ref);
74 
75 int
76 X509_CRL_set_version(X509_CRL *x, long version)
77 {
78 	if (x == NULL)
79 		return 0;
80 	/*
81 	 * RFC 5280, 4.1: versions 1 - 3 are specified as follows.
82 	 * Version  ::=  INTEGER  {  v1(0), v2(1), v3(2) }
83 	 * The only specified versions for CRLs are 1 and 2.
84 	 */
85 	if (version < 0 || version > 1)
86 		return 0;
87 	if (x->crl->version == NULL) {
88 		if ((x->crl->version = ASN1_INTEGER_new()) == NULL)
89 			return 0;
90 	}
91 	return ASN1_INTEGER_set(x->crl->version, version);
92 }
93 LCRYPTO_ALIAS(X509_CRL_set_version);
94 
95 int
96 X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name)
97 {
98 	if (x == NULL || x->crl == NULL)
99 		return 0;
100 	return X509_NAME_set(&x->crl->issuer, name);
101 }
102 LCRYPTO_ALIAS(X509_CRL_set_issuer_name);
103 
104 int
105 X509_CRL_set_lastUpdate(X509_CRL *x, const ASN1_TIME *tm)
106 {
107 	ASN1_TIME *in;
108 
109 	if (x == NULL)
110 		return 0;
111 	in = x->crl->lastUpdate;
112 	if (in != tm) {
113 		in = ASN1_STRING_dup(tm);
114 		if (in != NULL) {
115 			ASN1_TIME_free(x->crl->lastUpdate);
116 			x->crl->lastUpdate = in;
117 		}
118 	}
119 	return in != NULL;
120 }
121 LCRYPTO_ALIAS(X509_CRL_set_lastUpdate);
122 
123 int
124 X509_CRL_set1_lastUpdate(X509_CRL *x, const ASN1_TIME *tm)
125 {
126 	return X509_CRL_set_lastUpdate(x, tm);
127 }
128 LCRYPTO_ALIAS(X509_CRL_set1_lastUpdate);
129 
130 int
131 X509_CRL_set_nextUpdate(X509_CRL *x, const ASN1_TIME *tm)
132 {
133 	ASN1_TIME *in;
134 
135 	if (x == NULL)
136 		return 0;
137 	in = x->crl->nextUpdate;
138 	if (in != tm) {
139 		in = ASN1_STRING_dup(tm);
140 		if (in != NULL) {
141 			ASN1_TIME_free(x->crl->nextUpdate);
142 			x->crl->nextUpdate = in;
143 		}
144 	}
145 	return in != NULL;
146 }
147 LCRYPTO_ALIAS(X509_CRL_set_nextUpdate);
148 
149 int
150 X509_CRL_set1_nextUpdate(X509_CRL *x, const ASN1_TIME *tm)
151 {
152 	return X509_CRL_set_nextUpdate(x, tm);
153 }
154 LCRYPTO_ALIAS(X509_CRL_set1_nextUpdate);
155 
156 int
157 X509_CRL_sort(X509_CRL *c)
158 {
159 	X509_REVOKED *r;
160 	int i;
161 
162 	/* Sort the data so it will be written in serial number order */
163 	sk_X509_REVOKED_sort(c->crl->revoked);
164 	for (i = 0; i < sk_X509_REVOKED_num(c->crl->revoked); i++) {
165 		r = sk_X509_REVOKED_value(c->crl->revoked, i);
166 		r->sequence = i;
167 	}
168 	c->crl->enc.modified = 1;
169 	return 1;
170 }
171 LCRYPTO_ALIAS(X509_CRL_sort);
172 
173 const STACK_OF(X509_EXTENSION) *
174 X509_REVOKED_get0_extensions(const X509_REVOKED *x)
175 {
176 	return x->extensions;
177 }
178 LCRYPTO_ALIAS(X509_REVOKED_get0_extensions);
179 
180 const ASN1_TIME *
181 X509_REVOKED_get0_revocationDate(const X509_REVOKED *x)
182 {
183 	return x->revocationDate;
184 }
185 LCRYPTO_ALIAS(X509_REVOKED_get0_revocationDate);
186 
187 const ASN1_INTEGER *
188 X509_REVOKED_get0_serialNumber(const X509_REVOKED *x)
189 {
190 	return x->serialNumber;
191 }
192 LCRYPTO_ALIAS(X509_REVOKED_get0_serialNumber);
193 
194 int
195 X509_REVOKED_set_revocationDate(X509_REVOKED *x, ASN1_TIME *tm)
196 {
197 	ASN1_TIME *in;
198 
199 	if (x == NULL)
200 		return 0;
201 	in = x->revocationDate;
202 	if (in != tm) {
203 		in = ASN1_STRING_dup(tm);
204 		if (in != NULL) {
205 			ASN1_TIME_free(x->revocationDate);
206 			x->revocationDate = in;
207 		}
208 	}
209 	return in != NULL;
210 }
211 LCRYPTO_ALIAS(X509_REVOKED_set_revocationDate);
212 
213 int
214 X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial)
215 {
216 	ASN1_INTEGER *in;
217 
218 	if (x == NULL)
219 		return 0;
220 	in = x->serialNumber;
221 	if (in != serial) {
222 		in = ASN1_INTEGER_dup(serial);
223 		if (in != NULL) {
224 			ASN1_INTEGER_free(x->serialNumber);
225 			x->serialNumber = in;
226 		}
227 	}
228 	return in != NULL;
229 }
230 LCRYPTO_ALIAS(X509_REVOKED_set_serialNumber);
231 
232 int
233 i2d_re_X509_CRL_tbs(X509_CRL *crl, unsigned char **pp)
234 {
235 	crl->crl->enc.modified = 1;
236 	return i2d_X509_CRL_INFO(crl->crl, pp);
237 }
238 LCRYPTO_ALIAS(i2d_re_X509_CRL_tbs);
239