/* char *value: Value */
static X509_EXTENSION *
do_ext_nconf(CONF *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value)
{
const X509V3_EXT_METHOD *method;
X509_EXTENSION *ext;
STACK_OF(CONF_VALUE) *nval;
void *ext_struc;
if (ext_nid == NID_undef) {
X509V3err(X509V3_F_DO_EXT_NCONF,
X509V3_R_UNKNOWN_EXTENSION_NAME);
return NULL;
}
if (!(method = X509V3_EXT_get_nid(ext_nid))) {
X509V3err(X509V3_F_DO_EXT_NCONF, X509V3_R_UNKNOWN_EXTENSION);
return NULL;
}
/* Now get internal extension representation based on type */
if (method->v2i) {
if (*value == '@')
nval = NCONF_get_section(conf, value + 1);
else
nval = X509V3_parse_list(value);
if (sk_CONF_VALUE_num(nval) <= 0) {
X509V3err(X509V3_F_DO_EXT_NCONF,
X509V3_R_INVALID_EXTENSION_STRING);
ERR_asprintf_error_data("name=%s,section=%s",
OBJ_nid2sn(ext_nid), value);
return NULL;
}
ext_struc = method->v2i(method, ctx, nval);
if (*value != '@')
sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
if (!ext_struc)
return NULL;
} else if (method->s2i) {
if (!(ext_struc = method->s2i(method, ctx, value)))
return NULL;
} else if (method->r2i) {
if (!ctx->db || !ctx->db_meth) {
X509V3err(X509V3_F_DO_EXT_NCONF,
X509V3_R_NO_CONFIG_DATABASE);
return NULL;
}
if (!(ext_struc = method->r2i(method, ctx, value)))
return NULL;
} else {
X509V3err(X509V3_F_DO_EXT_NCONF,
X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED);
ERR_asprintf_error_data("name=%s", OBJ_nid2sn(ext_nid));
return NULL;
}
ext = do_ext_i2d(method, ext_nid, crit, ext_struc);
if (method->it)
ASN1_item_free(ext_struc, ASN1_ITEM_ptr(method->it));
else
method->ext_free(ext_struc);
return ext;
}
int FuzzerTestOneInput(const uint8_t *buf, size_t len) {
for (int n = 0; item_type[n] != NULL; ++n) {
const uint8_t *b = buf;
ASN1_VALUE *o = ASN1_item_d2i(NULL, &b, len, item_type[n]);
ASN1_item_free(o, item_type[n]);
}
return 0;
}
int X509V3_EXT_free(int nid, void *ext_data)
{
const X509V3_EXT_METHOD *ext_method = X509V3_EXT_get_nid(nid);
if (ext_method == NULL) {
OPENSSL_PUT_ERROR(X509V3, X509V3_R_CANNOT_FIND_FREE_FUNCTION);
return 0;
}
if (ext_method->it != NULL)
ASN1_item_free(ext_data, ASN1_ITEM_ptr(ext_method->it));
else if (ext_method->ext_free != NULL)
ext_method->ext_free(ext_data);
else {
OPENSSL_PUT_ERROR(X509V3, X509V3_R_CANNOT_FIND_FREE_FUNCTION);
return 0;
}
return 1;
}
void
NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a)
{
ASN1_item_free((ASN1_VALUE *)a, &NETSCAPE_SPKAC_it);
}
void
ESS_SIGNING_CERT_free(ESS_SIGNING_CERT *a)
{
ASN1_item_free((ASN1_VALUE *)a, &ESS_SIGNING_CERT_it);
}
void
X509_ATTRIBUTE_free(X509_ATTRIBUTE *a)
{
ASN1_item_free((ASN1_VALUE *)a, &X509_ATTRIBUTE_it);
}
void
X509_free(X509 *a)
{
ASN1_item_free((ASN1_VALUE *)a, &X509_it);
}
void
PKCS12_SAFEBAG_free(PKCS12_SAFEBAG *a)
{
ASN1_item_free((ASN1_VALUE *)a, &PKCS12_SAFEBAG_it);
}
void
PKCS12_MAC_DATA_free(PKCS12_MAC_DATA *a)
{
ASN1_item_free((ASN1_VALUE *)a, &PKCS12_MAC_DATA_it);
}
void
PROXY_POLICY_free(PROXY_POLICY *a)
{
ASN1_item_free((ASN1_VALUE *)a, &PROXY_POLICY_it);
}
void
EDIPARTYNAME_free(EDIPARTYNAME *a)
{
ASN1_item_free((ASN1_VALUE *)a, &EDIPARTYNAME_it);
}
void
OTHERNAME_free(OTHERNAME *a)
{
ASN1_item_free((ASN1_VALUE *)a, &OTHERNAME_it);
}
void ASN1_INTEGER_free(ASN1_INTEGER *a)
{
ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(ASN1_INTEGER));
}
void
X509_EXTENSION_free(X509_EXTENSION *a)
{
ASN1_item_free((ASN1_VALUE *)a, &X509_EXTENSION_it);
}
void
X509_PUBKEY_free(X509_PUBKEY *a)
{
ASN1_item_free((ASN1_VALUE *)a, &X509_PUBKEY_it);
}
static X509_EXTENSION* openssl_new_xextension(lua_State*L, int idx, int v3)
{
int nid;
int critical = 0;
ASN1_OCTET_STRING* value = NULL;
X509_EXTENSION* y = NULL;
lua_getfield(L, idx, "object");
nid = openssl_get_nid(L, -1);
lua_pop(L, 1);
lua_getfield(L, idx, "critical");
critical = lua_isnil(L, -1) ? 0 : lua_toboolean(L, -1);
lua_pop(L, 1);
if (nid == NID_undef)
{
lua_pushfstring(L, "%s is not valid object id", lua_tostring(L, -1));
luaL_argerror(L, idx, lua_tostring(L, -1));
}
lua_getfield(L, idx, "value");
luaL_argcheck(L, lua_isstring(L, -1) || auxiliar_isgroup(L, "openssl.asn1group", -1),
1, "field value must be string or openssl.asn1group object");
if (lua_isstring(L, -1))
{
size_t size;
const char* data = lua_tolstring(L, -1, &size);
if (v3)
{
const X509V3_EXT_METHOD *method = X509V3_EXT_get_nid(nid);
if (method)
{
void *ext_struc = NULL;
STACK_OF(CONF_VALUE) *nval = X509V3_parse_list(data);
/* Now get internal extension representation based on type */
if (method->v2i && nval)
{
if (sk_CONF_VALUE_num(nval) > 0)
{
ext_struc = method->v2i(method, NULL, nval);
}
}
else if (method->s2i)
{
ext_struc = method->s2i(method, NULL, data);
}
if (nval)
sk_CONF_VALUE_pop_free(nval, X509V3_conf_free);
if (ext_struc)
{
unsigned char *ext_der = NULL;
int ext_len;
/* Convert internal representation to DER */
if (method->it)
{
ext_der = NULL;
ext_len = ASN1_item_i2d(ext_struc, &ext_der, ASN1_ITEM_ptr(method->it));
if (ext_len < 0)
{
ext_der = NULL;
}
}
else
{
ext_len = method->i2d(ext_struc, NULL);
ext_der = OPENSSL_malloc(ext_len);
if (ext_der)
{
unsigned char* p = ext_der;
method->i2d(ext_struc, &p);
}
}
if (ext_der)
{
value = ASN1_STRING_type_new(V_ASN1_OCTET_STRING);
ASN1_STRING_set(value, ext_der, ext_len);
}
else
value = NULL;
if (method->it) ASN1_item_free(ext_struc, ASN1_ITEM_ptr(method->it));
else method->ext_free(ext_struc);
}
}
}
else
{
value = ASN1_STRING_type_new(V_ASN1_OCTET_STRING);
ASN1_STRING_set(value, data, size);
}
if (value)
{
y = X509_EXTENSION_create_by_NID(NULL, nid, critical, value);
ASN1_STRING_free(value);
return y;
}
else
{
luaL_error(L, "don't support object(%s) with value (%s)", OBJ_nid2ln(nid), data);
return NULL;
}
}
else
{
value = CHECK_GROUP(-1, ASN1_STRING, "openssl.asn1group");
y = X509_EXTENSION_create_by_NID(NULL, nid, critical, value);
lua_pop(L, 1);
return y;
}
}
void
TS_MSG_IMPRINT_free(TS_MSG_IMPRINT *a)
{
ASN1_item_free((ASN1_VALUE *)a, &TS_MSG_IMPRINT_it);
}
void
NETSCAPE_SPKI_free(NETSCAPE_SPKI *a)
{
ASN1_item_free((ASN1_VALUE *)a, &NETSCAPE_SPKI_it);
}
void
PROXY_CERT_INFO_EXTENSION_free(PROXY_CERT_INFO_EXTENSION *a)
{
ASN1_item_free((ASN1_VALUE *)a, &PROXY_CERT_INFO_EXTENSION_it);
}
void
GENERAL_NAMES_free(GENERAL_NAMES *a)
{
ASN1_item_free((ASN1_VALUE *)a, &GENERAL_NAMES_it);
}
void
PKCS12_free(PKCS12 *a)
{
ASN1_item_free((ASN1_VALUE *)a, &PKCS12_it);
}
void
X509_REVOKED_free(X509_REVOKED *a)
{
ASN1_item_free((ASN1_VALUE *)a, &X509_REVOKED_it);
}
void
PKCS12_BAGS_free(PKCS12_BAGS *a)
{
ASN1_item_free((ASN1_VALUE *)a, &PKCS12_BAGS_it);
}
void
X509_CRL_INFO_free(X509_CRL_INFO *a)
{
ASN1_item_free((ASN1_VALUE *)a, &X509_CRL_INFO_it);
}
void
X509_CINF_free(X509_CINF *a)
{
ASN1_item_free((ASN1_VALUE *)a, &X509_CINF_it);
}
void
ESS_ISSUER_SERIAL_free(ESS_ISSUER_SERIAL *a)
{
ASN1_item_free((ASN1_VALUE *)a, &ESS_ISSUER_SERIAL_it);
}
void
BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a)
{
ASN1_item_free((ASN1_VALUE *)a, &BASIC_CONSTRAINTS_it);
}
void
X509_ALGOR_free(X509_ALGOR *a)
{
ASN1_item_free((ASN1_VALUE *)a, &X509_ALGOR_it);
}
void
X509_CRL_free(X509_CRL *a)
{
ASN1_item_free((ASN1_VALUE *)a, &X509_CRL_it);
}
void
ESS_CERT_ID_free(ESS_CERT_ID *a)
{
ASN1_item_free((ASN1_VALUE *)a, &ESS_CERT_ID_it);
}
