Add -reqin_new_tid option to apps/cmp.c and OSSL_CMP_MSG_update_transactionID()

[openssl.git] / crypto / cmp / cmp_asn.c
diff --git a/crypto/cmp/cmp_asn.c b/crypto/cmp/cmp_asn.c

index 8555586dfdb75839ccac85ba7c37aac6169efa8e..f109af0502f2284a841672e945fe9577fbe59482 100644 (file)
--- a/crypto/cmp/cmp_asn.c
+++ b/crypto/cmp/cmp_asn.c
@@ -1,5 +1,5 @@
  /*
- * Copyright 2007-2019 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2007-2020 The OpenSSL Project Authors. All Rights Reserved.
   * Copyright Nokia 2007-2019
   * Copyright Siemens AG 2015-2019
   *
@@ -7,18 +7,18 @@
   * this file except in compliance with the License.  You can obtain a copy
   * in the file LICENSE in the source distribution or at
   * https://www.openssl.org/source/license.html
- *
- * CMP implementation by Martin Peylo, Miikka Viljanen, and David von Oheimb.
   */
  
  #include <openssl/asn1t.h>
  
-#include "cmp_int.h"
+#include "cmp_local.h"
  
  /* explicit #includes not strictly needed since implied by the above: */
  #include <openssl/cmp.h>
  #include <openssl/crmf.h>
  
+DEFINE_STACK_OF(OSSL_CMP_ITAV)
+
  /* ASN.1 declarations from RFC4210 */
  ASN1_SEQUENCE(OSSL_CMP_REVANNCONTENT) = {
      /* OSSL_CMP_PKISTATUS is effectively ASN1_INTEGER so it is used directly */
@@ -70,12 +70,14 @@ ASN1_SEQUENCE(OSSL_CMP_ERRORMSGCONTENT) = {
       * so it is used directly
       *
       */
-    ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ERRORMSGCONTENT, errorDetails, ASN1_UTF8STRING)
+    ASN1_SEQUENCE_OF_OPT(OSSL_CMP_ERRORMSGCONTENT, errorDetails,
+                         ASN1_UTF8STRING)
  } ASN1_SEQUENCE_END(OSSL_CMP_ERRORMSGCONTENT)
  IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_ERRORMSGCONTENT)
  
  ASN1_ADB_TEMPLATE(infotypeandvalue_default) = ASN1_OPT(OSSL_CMP_ITAV,
-        infoValue.other, ASN1_ANY);
+                                                       infoValue.other,
+                                                       ASN1_ANY);
  /* ITAV means InfoTypeAndValue */
  ASN1_ADB(OSSL_CMP_ITAV) = {
      /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
@@ -166,19 +168,20 @@ int OSSL_CMP_ITAV_push0_stack_item(STACK_OF(OSSL_CMP_ITAV) **itav_sk_p,
  {
      int created = 0;
  
-    if (itav_sk_p == NULL)
+    if (itav_sk_p == NULL || itav == NULL) {
+        CMPerr(0, CMP_R_NULL_ARGUMENT);
          goto err;
+    }
  
      if (*itav_sk_p == NULL) {
          if ((*itav_sk_p = sk_OSSL_CMP_ITAV_new_null()) == NULL)
              goto err;
          created = 1;
      }
-    if (itav != NULL) {
-        if (!sk_OSSL_CMP_ITAV_push(*itav_sk_p, itav))
-            goto err;
-    }
+    if (!sk_OSSL_CMP_ITAV_push(*itav_sk_p, itav))
+        goto err;
      return 1;
+
   err:
      if (created != 0) {
          sk_OSSL_CMP_ITAV_free(*itav_sk_p);
@@ -187,6 +190,26 @@ int OSSL_CMP_ITAV_push0_stack_item(STACK_OF(OSSL_CMP_ITAV) **itav_sk_p,
      return 0;
  }
  
+/* get ASN.1 encoded integer, return -1 on error */
+int ossl_cmp_asn1_get_int(const ASN1_INTEGER *a)
+{
+    int64_t res;
+
+    if (!ASN1_INTEGER_get_int64(&res, a)) {
+        CMPerr(0, ASN1_R_INVALID_NUMBER);
+        return -1;
+    }
+    if (res < INT_MIN) {
+        CMPerr(0, ASN1_R_TOO_SMALL);
+        return -1;
+    }
+    if (res > INT_MAX) {
+        CMPerr(0, ASN1_R_TOO_LARGE);
+        return -1;
+    }
+    return (int)res;
+}
+
  ASN1_CHOICE(OSSL_CMP_CERTORENCCERT) = {
      /* OSSL_CMP_CMPCERTIFICATE is effectively X509 so it is used directly */
      ASN1_EXP(OSSL_CMP_CERTORENCCERT, value.certificate, X509, 0),
@@ -330,8 +353,10 @@ ASN1_CHOICE(OSSL_CMP_PKIBODY) = {
      ASN1_EXP(OSSL_CMP_PKIBODY, value.cr, OSSL_CRMF_MSGS, 2),
      ASN1_EXP(OSSL_CMP_PKIBODY, value.cp, OSSL_CMP_CERTREPMESSAGE, 3),
      ASN1_EXP(OSSL_CMP_PKIBODY, value.p10cr, X509_REQ, 4),
-    ASN1_EXP(OSSL_CMP_PKIBODY, value.popdecc, OSSL_CMP_POPODECKEYCHALLCONTENT, 5),
-    ASN1_EXP(OSSL_CMP_PKIBODY, value.popdecr, OSSL_CMP_POPODECKEYRESPCONTENT, 6),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.popdecc,
+             OSSL_CMP_POPODECKEYCHALLCONTENT, 5),
+    ASN1_EXP(OSSL_CMP_PKIBODY, value.popdecr,
+             OSSL_CMP_POPODECKEYRESPCONTENT, 6),
      ASN1_EXP(OSSL_CMP_PKIBODY, value.kur, OSSL_CRMF_MSGS, 7),
      ASN1_EXP(OSSL_CMP_PKIBODY, value.kup, OSSL_CMP_CERTREPMESSAGE, 8),
      ASN1_EXP(OSSL_CMP_PKIBODY, value.krr, OSSL_CRMF_MSGS, 9),
@@ -376,11 +401,11 @@ ASN1_SEQUENCE(OSSL_CMP_PKIHEADER) = {
  } ASN1_SEQUENCE_END(OSSL_CMP_PKIHEADER)
  IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PKIHEADER)
  
-ASN1_SEQUENCE(CMP_PROTECTEDPART) = {
+ASN1_SEQUENCE(OSSL_CMP_PROTECTEDPART) = {
      ASN1_SIMPLE(OSSL_CMP_MSG, header, OSSL_CMP_PKIHEADER),
      ASN1_SIMPLE(OSSL_CMP_MSG, body, OSSL_CMP_PKIBODY)
-} ASN1_SEQUENCE_END(CMP_PROTECTEDPART)
-IMPLEMENT_ASN1_FUNCTIONS(CMP_PROTECTEDPART)
+} ASN1_SEQUENCE_END(OSSL_CMP_PROTECTEDPART)
+IMPLEMENT_ASN1_FUNCTIONS(OSSL_CMP_PROTECTEDPART)
  
  ASN1_SEQUENCE(OSSL_CMP_MSG) = {
      ASN1_SIMPLE(OSSL_CMP_MSG, header, OSSL_CMP_PKIHEADER),