CMP: Add missing getter functions to CRMF API and CMP API

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/15790)

5 files changed, 62 insertions, 7 deletions

diff --git a/doc/man3/OSSL_CMP_MSG_get0_header.pod b/doc/man3/OSSL_CMP_MSG_get0_header.pod
index 2ecb48d7a1..32cdf81187 100644
--- a/doc/man3/OSSL_CMP_MSG_get0_header.pod
+++ b/doc/man3/OSSL_CMP_MSG_get0_header.pod
@@ -3,6 +3,7 @@
 =head1 NAME
 
 OSSL_CMP_MSG_get0_header,
+OSSL_CMP_MSG_get_bodytype,
 OSSL_CMP_MSG_update_transactionID,
 OSSL_CMP_CTX_setup_CRM,
 OSSL_CMP_MSG_read,
@@ -16,6 +17,7 @@ i2d_OSSL_CMP_MSG_bio
   #include <openssl/cmp.h>
 
   OSSL_CMP_PKIHEADER *OSSL_CMP_MSG_get0_header(const OSSL_CMP_MSG *msg);
+  int OSSL_CMP_MSG_get_bodytype(const OSSL_CMP_MSG *msg);
   int OSSL_CMP_MSG_update_transactionID(OSSL_CMP_CTX *ctx, OSSL_CMP_MSG *msg);
   OSSL_CRMF_MSG *OSSL_CMP_CTX_setup_CRM(OSSL_CMP_CTX *ctx, int for_KUR, int rid);
   OSSL_CMP_MSG *OSSL_CMP_MSG_read(const char *file);
@@ -27,6 +29,8 @@ i2d_OSSL_CMP_MSG_bio
 
 OSSL_CMP_MSG_get0_header() returns the header of the given CMP message.
 
+OSSL_CMP_MSG_get_bodytype() returns the body type of the given CMP message.
+
 OSSL_CMP_MSG_update_transactionID() updates the transactionID field
 in the header of the given message according to the CMP_CTX.
 This requires re-protecting the message (if it was protected).
@@ -58,6 +62,8 @@ CMP is defined in RFC 4210.
 OSSL_CMP_MSG_get0_header() returns the intended pointer value as described above
 or NULL if the respective entry does not exist and on error.
 
+OSSL_CMP_MSG_get_bodytype() returns the body type or -1 on error.
+
 OSSL_CMP_CTX_setup_CRM() returns a pointer to a OSSL_CRMF_MSG on success,
 NULL on error.
 
diff --git a/doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod b/doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod
index f59abb4f11..8abd997ecc 100644
--- a/doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod
+++ b/doc/man3/OSSL_CRMF_MSG_get0_tmpl.pod
@@ -4,7 +4,9 @@
 
 OSSL_CRMF_MSG_get0_tmpl,
 OSSL_CRMF_CERTTEMPLATE_get0_serialNumber,
+OSSL_CRMF_CERTTEMPLATE_get0_subject,
 OSSL_CRMF_CERTTEMPLATE_get0_issuer,
+OSSL_CRMF_CERTTEMPLATE_get0_extensions,
 OSSL_CRMF_CERTID_get0_serialNumber,
 OSSL_CRMF_CERTID_get0_issuer,
 OSSL_CRMF_ENCRYPTEDVALUE_get1_encCert,
@@ -19,7 +21,11 @@ OSSL_CRMF_MSG_get_certReqId
  ASN1_INTEGER
  *OSSL_CRMF_CERTTEMPLATE_get0_serialNumber(const OSSL_CRMF_CERTTEMPLATE *tmpl);
  X509_NAME
+ *OSSL_CRMF_CERTTEMPLATE_get0_subject(const OSSL_CRMF_CERTTEMPLATE *tmpl);
+ X509_NAME
  *OSSL_CRMF_CERTTEMPLATE_get0_issuer(const OSSL_CRMF_CERTTEMPLATE *tmpl);
+ X509_EXTENSIONS
+ *OSSL_CRMF_CERTTEMPLATE_get0_extensions(const OSSL_CRMF_CERTTEMPLATE *tmpl);
 
  ASN1_INTEGER *OSSL_CRMF_CERTID_get0_serialNumber(const OSSL_CRMF_CERTID *cid);
  const X509_NAME *OSSL_CRMF_CERTID_get0_issuer(const OSSL_CRMF_CERTID *cid);
@@ -39,9 +45,15 @@ OSSL_CRMF_MSG_get0_tmpl() retrieves the certificate template of I<crm>.
 OSSL_CRMF_CERTTEMPLATE_get0_serialNumber() retrieves the serialNumber of the
 given certificate template I<tmpl>.
 
+OSSL_CRMF_CERTTEMPLATE_get0_subject() retrieves the subject name of the
+given certificate template I<tmpl>.
+
 OSSL_CRMF_CERTTEMPLATE_get0_issuer() retrieves the issuer name of the
 given certificate template I<tmpl>.
 
+OSSL_CRMF_CERTTEMPLATE_get0_extensions() retrieves the X.509 extensions
+of the given certificate template I<tmpl>, or NULL if not present.
+
 OSSL_CRMF_CERTID_get0_serialNumber retrieves the serialNumber
 of the given CertId I<cid>.
 
diff --git a/doc/man3/OSSL_CRMF_MSG_set0_validity.pod b/doc/man3/OSSL_CRMF_MSG_set0_validity.pod
index 70a4120e86..fd42159d67 100644
--- a/doc/man3/OSSL_CRMF_MSG_set0_validity.pod
+++ b/doc/man3/OSSL_CRMF_MSG_set0_validity.pod
@@ -51,6 +51,7 @@ OSSL_CRMF_MSG_set_certReqId() sets I<rid> as the certReqId of I<crm>.
 OSSL_CRMF_CERTTEMPLATE_fill() sets those fields of the certTemplate I<tmpl>
 for which non-NULL values are provided: I<pubkey>, I<subject>, I<issuer>,
 and/or I<serial>.
+X.509 extensions may be set using OSSL_CRMF_MSG_set0_extensions().
 On success the reference counter of the I<pubkey> (if given) is incremented,
 while the I<subject>, I<issuer>, and I<serial> structures (if given) are copied.
 
diff --git a/doc/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod b/doc/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod
index b1f732257e..77377ef7eb 100644
--- a/doc/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod
+++ b/doc/man3/OSSL_CRMF_MSG_set1_regCtrl_regToken.pod
@@ -2,23 +2,32 @@
 
 =head1 NAME
 
+OSSL_CRMF_MSG_get0_regCtrl_regToken,
 OSSL_CRMF_MSG_set1_regCtrl_regToken,
+OSSL_CRMF_MSG_get0_regCtrl_authenticator,
 OSSL_CRMF_MSG_set1_regCtrl_authenticator,
 OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo,
 OSSL_CRMF_MSG_set0_SinglePubInfo,
 OSSL_CRMF_MSG_set_PKIPublicationInfo_action,
+OSSL_CRMF_MSG_get0_regCtrl_pkiPublicationInfo,
 OSSL_CRMF_MSG_set1_regCtrl_pkiPublicationInfo,
+OSSL_CRMF_MSG_get0_regCtrl_protocolEncrKey,
 OSSL_CRMF_MSG_set1_regCtrl_protocolEncrKey,
+OSSL_CRMF_MSG_get0_regCtrl_oldCertID,
 OSSL_CRMF_MSG_set1_regCtrl_oldCertID,
 OSSL_CRMF_CERTID_gen
-- functions setting CRMF Registration Controls
+- functions getting or setting CRMF Registration Controls
 
 =head1 SYNOPSIS
 
  #include <openssl/crmf.h>
 
+ ASN1_UTF8STRING
+    *OSSL_CRMF_MSG_get0_regCtrl_regToken(const OSSL_CRMF_MSG *msg);
  int OSSL_CRMF_MSG_set1_regCtrl_regToken(OSSL_CRMF_MSG *msg,
                                          const ASN1_UTF8STRING *tok);
+ ASN1_UTF8STRING
+    *OSSL_CRMF_MSG_get0_regCtrl_authenticator(const OSSL_CRMF_MSG *msg);
  int OSSL_CRMF_MSG_set1_regCtrl_authenticator(OSSL_CRMF_MSG *msg,
                                               const ASN1_UTF8STRING *auth);
  int OSSL_CRMF_MSG_PKIPublicationInfo_push0_SinglePubInfo(
@@ -28,10 +37,16 @@ OSSL_CRMF_CERTID_gen
                                       int method, GENERAL_NAME *nm);
  int OSSL_CRMF_MSG_set_PKIPublicationInfo_action(
                                   OSSL_CRMF_PKIPUBLICATIONINFO *pi, int action);
+ OSSL_CRMF_PKIPUBLICATIONINFO
+    *OSSL_CRMF_MSG_get0_regCtrl_pkiPublicationInfo(const OSSL_CRMF_MSG *msg);
  int OSSL_CRMF_MSG_set1_regCtrl_pkiPublicationInfo(OSSL_CRMF_MSG *msg,
                                         const OSSL_CRMF_PKIPUBLICATIONINFO *pi);
+ X509_PUBKEY
+    *OSSL_CRMF_MSG_get0_regCtrl_protocolEncrKey(const OSSL_CRMF_MSG *msg);
  int OSSL_CRMF_MSG_set1_regCtrl_protocolEncrKey(OSSL_CRMF_MSG *msg,
                                                 const X509_PUBKEY *pubkey);
+ OSSL_CRMF_CERTID
+    *OSSL_CRMF_MSG_get0_regCtrl_oldCertID(const OSSL_CRMF_MSG *msg);
  int OSSL_CRMF_MSG_set1_regCtrl_oldCertID(OSSL_CRMF_MSG *msg,
                                           const OSSL_CRMF_CERTID *cid);
  OSSL_CRMF_CERTID *OSSL_CRMF_CERTID_gen(const X509_NAME *issuer,
@@ -39,6 +54,9 @@ OSSL_CRMF_CERTID_gen
 
 =head1 DESCRIPTION
 
+Each of the OSSL_CRMF_MSG_get0_regCtrl_X() functions
+returns the respective control X in the given I<msg>, if present.
+
 OSSL_CRMF_MSG_set1_regCtrl_regToken() sets the regToken control in the given
 I<msg> copying the given I<tok> as value. See RFC 4211, section 6.1.
 
@@ -79,10 +97,13 @@ given I<issuer> name and I<serial> number.
 
 =head1 RETURN VALUES
 
-OSSL_CRMF_CERTID_gen returns a pointer to the resulting structure
-or NULL on error.
+All OSSL_CRMF_MSG_get0_*() functions
+return the respective pointer value or NULL if not present and on error.
 
-All other functions return 1 on success, 0 on error.
+All OSSL_CRMF_MSG_set1_*() functions return 1 on success, 0 on error.
+
+OSSL_CRMF_CERTID_gen() returns a pointer to the resulting structure
+or NULL on error.
 
 =head1 NOTES
 
diff --git a/doc/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.pod b/doc/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.pod
index 56a6814ea0..f3d8fb1217 100644
--- a/doc/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.pod
+++ b/doc/man3/OSSL_CRMF_MSG_set1_regInfo_certReq.pod
@@ -2,34 +2,49 @@
 
 =head1 NAME
 
+OSSL_CRMF_MSG_get0_regInfo_utf8Pairs,
 OSSL_CRMF_MSG_set1_regInfo_utf8Pairs,
+OSSL_CRMF_MSG_get0_regInfo_certReq,
 OSSL_CRMF_MSG_set1_regInfo_certReq
-- functions setting CRMF Registration Info
+- functions getting or setting CRMF Registration Info
 
 =head1 SYNOPSIS
 
  #include <openssl/crmf.h>
 
+ ASN1_UTF8STRING
+     *OSSL_CRMF_MSG_get0_regInfo_utf8Pairs(const OSSL_CRMF_MSG *msg);
  int OSSL_CRMF_MSG_set1_regInfo_utf8Pairs(OSSL_CRMF_MSG *msg,
                                           const ASN1_UTF8STRING *utf8pairs);
+ OSSL_CRMF_CERTREQUEST
+     *OSSL_CRMF_MSG_get0_regInfo_certReq(const OSSL_CRMF_MSG *msg);
  int OSSL_CRMF_MSG_set1_regInfo_certReq(OSSL_CRMF_MSG *msg,
                                         const OSSL_CRMF_CERTREQUEST *cr);
 
 =head1 DESCRIPTION
 
+OSSL_CRMF_MSG_get0_regInfo_utf8Pairs() returns the first utf8Pairs regInfo
+in the given I<msg>, if present.
+
 OSSL_CRMF_MSG_set1_regInfo_utf8Pairs() adds a copy of the given I<utf8pairs>
 value as utf8Pairs regInfo to the given I<msg>. See RFC 4211 section 7.1.
 
+OSSL_CRMF_MSG_get0_regInfo_certReq() returns the first certReq regInfo
+in the given I<msg>, if present.
+
 OSSL_CRMF_MSG_set1_regInfo_certReq() adds a copy of the given I<cr> value
 as certReq regInfo to the given I<msg>. See RFC 4211 section 7.2.
 
 =head1 RETURN VALUES
 
-All functions return 1 on success, 0 on error.
+All get0_*() functions return the respective pointer value, NULL if not present.
+
+All set1_*() functions return 1 on success, 0 on error.
 
 =head1 NOTES
 
-Calling these functions multiple times adds multiple instances of the respective
+Calling the set1_*() functions multiple times
+adds multiple instances of the respective
 control to the regInfo structure of the given I<msg>. While RFC 4211 expects
 multiple utf8Pairs in one regInfo structure, it does not allow multiple certReq.