Commit 0b7347ef authored by Dr. Stephen Henson's avatar Dr. Stephen Henson
Browse files

Add X509_getm_notBefore, X509_getm_notAfter 



Add mutable versions of X509_get0_notBefore and X509_get0_notAfter.

Rename X509_SIG_get0_mutable to X509_SIG_getm.

Reviewed-by: default avatarViktor Dukhovni <viktor@openssl.org>
parent bf932fbd

apps/apps.c

+11 −25
Original line number Diff line number Diff line
@@ -2593,33 +2593,19 @@ void corrupt_signature(const ASN1_STRING *signature) 
int set_cert_times(X509 *x, const char *startdate, const char *enddate,

                   int days)

{

    int rv = 0;

    ASN1_TIME *tm = ASN1_TIME_new();

    if (tm == NULL)

        goto err;

    if (startdate == NULL || strcmp(startdate, "today") == 0) {

        if (!X509_gmtime_adj(tm, 0))

            goto err;

    } else if (!ASN1_TIME_set_string(tm, startdate)) {

            goto err;

        if (X509_gmtime_adj(X509_getm_notBefore(x), 0) == NULL)

            return 0;

    } else {

        if (!ASN1_TIME_set_string(X509_getm_notBefore(x), startdate))

            return 0;

    }



    if (!X509_set1_notBefore(x, tm))

        goto err;



    if (enddate == NULL) {

        if (!X509_time_adj_ex(tm, days, 0, NULL))

            goto err;

    } else if (!ASN1_TIME_set_string(tm, enddate)) {

            goto err;

        if (X509_time_adj_ex(X509_getm_notAfter(x), days, 0, NULL)

            == NULL)

            return 0;

    } else if (!ASN1_TIME_set_string(X509_getm_notAfter(x), enddate)) {

        return 0;

    }



    if (!X509_set1_notAfter(x, tm))

        goto err;



    rv = 1;



    err:

    ASN1_TIME_free(tm);

    return rv;

    return 1;

}

crypto/asn1/x_sig.c

+2 −2
Original line number Diff line number Diff line
@@ -29,7 +29,7 @@ void X509_SIG_get0(const X509_SIG *sig, const X509_ALGOR **palg, 
        *pdigest = sig->digest;

}



void X509_SIG_get0_mutable(X509_SIG *sig, X509_ALGOR **palg,

void X509_SIG_getm(X509_SIG *sig, X509_ALGOR **palg,

                   ASN1_OCTET_STRING **pdigest)

{

    if (palg)

crypto/pkcs12/p12_mutl.c

+2 −2
Original line number Diff line number Diff line
@@ -170,7 +170,7 @@ int PKCS12_set_mac(PKCS12 *p12, const char *pass, int passlen, 
        PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_GENERATION_ERROR);

        return 0;

    }

    X509_SIG_get0_mutable(p12->mac->dinfo, NULL, &macoct);

    X509_SIG_getm(p12->mac->dinfo, NULL, &macoct);

    if (!ASN1_OCTET_STRING_set(macoct, mac, maclen)) {

        PKCS12err(PKCS12_F_PKCS12_SET_MAC, PKCS12_R_MAC_STRING_SET_ERROR);

        return 0;
@@ -208,7 +208,7 @@ int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen, 
            return 0;

    } else

        memcpy(p12->mac->salt->data, salt, saltlen);

    X509_SIG_get0_mutable(p12->mac->dinfo, &macalg, NULL);

    X509_SIG_getm(p12->mac->dinfo, &macalg, NULL);

    if (!X509_ALGOR_set0(macalg, OBJ_nid2obj(EVP_MD_type(md_type)),

                         V_ASN1_NULL, NULL)) {

        PKCS12err(PKCS12_F_PKCS12_SETUP_MAC, ERR_R_MALLOC_FAILURE);

crypto/pkcs12/p12_npas.c

+1 −1
Original line number Diff line number Diff line
@@ -110,7 +110,7 @@ static int newpass_p12(PKCS12 *p12, const char *oldpass, const char *newpass) 


    if (!PKCS12_gen_mac(p12, newpass, -1, mac, &maclen))

        goto err;

    X509_SIG_get0_mutable(p12->mac->dinfo, NULL, &macoct);

    X509_SIG_getm(p12->mac->dinfo, NULL, &macoct);

    if (!ASN1_OCTET_STRING_set(macoct, mac, maclen))

        goto err;

crypto/x509/x509_set.c

+2 −4
Original line number Diff line number Diff line
@@ -119,17 +119,15 @@ const ASN1_TIME *X509_get0_notAfter(const X509 *x) 
    return x->cert_info.validity.notAfter;

}



#if OPENSSL_API_COMPAT < 0x10100000L

ASN1_TIME *X509_get_notBefore(const X509 *x)

ASN1_TIME *X509_getm_notBefore(const X509 *x)

{

    return x->cert_info.validity.notBefore;

}



ASN1_TIME *X509_get_notAfter(const X509 *x)

ASN1_TIME *X509_getm_notAfter(const X509 *x)

{

    return x->cert_info.validity.notAfter;

}

#endif



int X509_get_signature_type(const X509 *x)

{