summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authortedu <>2014-04-18 00:58:49 +0000
committertedu <>2014-04-18 00:58:49 +0000
commita1df5b66c7ad477a535e56a504d8da47e1998cfa (patch)
treeb216ca6fba673789f2c494699c4cf41d23337bfa
parent07f5c09b19f56c323fa22ebd5efb5a4df9f5dc4d (diff)
downloadopenbsd-a1df5b66c7ad477a535e56a504d8da47e1998cfa.tar.gz
openbsd-a1df5b66c7ad477a535e56a504d8da47e1998cfa.tar.bz2
openbsd-a1df5b66c7ad477a535e56a504d8da47e1998cfa.zip
lob a few more knf grenades in here to soften things up.
Diffstat
-rw-r--r--src/lib/libcrypto/asn1/a_dup.c18
-rw-r--r--src/lib/libcrypto/asn1/a_enum.c24
-rw-r--r--src/lib/libcrypto/asn1/a_gentm.c28
-rw-r--r--src/lib/libcrypto/asn1/a_i2d_fp.c24
-rw-r--r--src/lib/libcrypto/asn1/a_int.c80
-rw-r--r--src/lib/libcrypto/asn1/a_object.c89
-rw-r--r--src/lib/libcrypto/asn1/a_print.c9
-rw-r--r--src/lib/libcrypto/asn1/a_sign.c34
-rw-r--r--src/lib/libcrypto/asn1/a_strex.c6
-rw-r--r--src/lib/libcrypto/asn1/a_strnid.c26
-rw-r--r--src/lib/libcrypto/asn1/a_time.c15
-rw-r--r--src/lib/libcrypto/asn1/a_type.c17
-rw-r--r--src/lib/libcrypto/asn1/a_utctm.c45
-rw-r--r--src/lib/libcrypto/asn1/a_verify.c34
-rw-r--r--src/lib/libcrypto/asn1/ameth_lib.c33
-rw-r--r--src/lib/libcrypto/asn1/asn1_err.c3
-rw-r--r--src/lib/libcrypto/asn1/asn1_gen.c213
-rw-r--r--src/lib/libcrypto/asn1/asn1_lib.c92
-rw-r--r--src/lib/libcrypto/asn1/asn1_par.c143
-rw-r--r--src/lib/libcrypto/asn1/asn_mime.c56
-rw-r--r--src/lib/libcrypto/asn1/asn_moid.c22
-rw-r--r--src/lib/libcrypto/asn1/bio_asn1.c59
-rw-r--r--src/lib/libcrypto/asn1/bio_ndef.c3
-rw-r--r--src/lib/libcrypto/asn1/d2i_pr.c59
-rw-r--r--src/lib/libcrypto/asn1/d2i_pu.c12
-rw-r--r--src/lib/libcrypto/asn1/evp_asn1.c12
-rw-r--r--src/lib/libcrypto/asn1/f_enum.c49
-rw-r--r--src/lib/libcrypto/asn1/f_int.c52
-rw-r--r--src/lib/libcrypto/asn1/f_string.c46
-rw-r--r--src/lib/libcrypto/asn1/i2d_pr.c3
-rw-r--r--src/lib/libcrypto/asn1/i2d_pu.c3
-rw-r--r--src/lib/libcrypto/asn1/n_pkey.c30
-rw-r--r--src/lib/libcrypto/asn1/p5_pbe.c15
-rw-r--r--src/lib/libcrypto/asn1/p5_pbev2.c30
-rw-r--r--src/lib/libcrypto/asn1/p8_pkey.c22
-rw-r--r--src/lib/libcrypto/asn1/t_crl.c3
-rw-r--r--src/lib/libcrypto/asn1/t_pkey.c16
-rw-r--r--src/lib/libcrypto/asn1/t_req.c69
-rw-r--r--src/lib/libcrypto/asn1/t_spki.c12
-rw-r--r--src/lib/libcrypto/asn1/t_x509.c101
-rw-r--r--src/lib/libcrypto/asn1/tasn_dec.c409
-rw-r--r--src/lib/libcrypto/asn1/tasn_enc.c168
-rw-r--r--src/lib/libcrypto/asn1/tasn_fre.c71
-rw-r--r--src/lib/libcrypto/asn1/tasn_new.c94
-rw-r--r--src/lib/libcrypto/asn1/tasn_prn.c139
-rw-r--r--src/lib/libcrypto/asn1/tasn_utl.c15
-rw-r--r--src/lib/libcrypto/asn1/x_algor.c18
-rw-r--r--src/lib/libcrypto/asn1/x_crl.c79
-rw-r--r--src/lib/libcrypto/asn1/x_info.c3
-rw-r--r--src/lib/libcrypto/asn1/x_name.c98
-rw-r--r--src/lib/libcrypto/asn1/x_pkey.c9
-rw-r--r--src/lib/libcrypto/asn1/x_pubkey.c73
-rw-r--r--src/lib/libcrypto/asn1/x_x509.c6
-rw-r--r--src/lib/libcrypto/asn1/x_x509a.c6
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_dup.c18
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_enum.c24
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_gentm.c28
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_i2d_fp.c24
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_int.c80
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_object.c89
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_print.c9
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_sign.c34
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_strex.c6
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_strnid.c26
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_time.c15
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_type.c17
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_utctm.c45
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_verify.c34
-rw-r--r--src/lib/libssl/src/crypto/asn1/ameth_lib.c33
-rw-r--r--src/lib/libssl/src/crypto/asn1/asn1_err.c3
-rw-r--r--src/lib/libssl/src/crypto/asn1/asn1_gen.c213
-rw-r--r--src/lib/libssl/src/crypto/asn1/asn1_lib.c92
-rw-r--r--src/lib/libssl/src/crypto/asn1/asn1_par.c143
-rw-r--r--src/lib/libssl/src/crypto/asn1/asn_mime.c56
-rw-r--r--src/lib/libssl/src/crypto/asn1/asn_moid.c22
-rw-r--r--src/lib/libssl/src/crypto/asn1/bio_asn1.c59
-rw-r--r--src/lib/libssl/src/crypto/asn1/bio_ndef.c3
-rw-r--r--src/lib/libssl/src/crypto/asn1/d2i_pr.c59
-rw-r--r--src/lib/libssl/src/crypto/asn1/d2i_pu.c12
-rw-r--r--src/lib/libssl/src/crypto/asn1/evp_asn1.c12
-rw-r--r--src/lib/libssl/src/crypto/asn1/f_enum.c49
-rw-r--r--src/lib/libssl/src/crypto/asn1/f_int.c52
-rw-r--r--src/lib/libssl/src/crypto/asn1/f_string.c46
-rw-r--r--src/lib/libssl/src/crypto/asn1/i2d_pr.c3
-rw-r--r--src/lib/libssl/src/crypto/asn1/i2d_pu.c3
-rw-r--r--src/lib/libssl/src/crypto/asn1/n_pkey.c30
-rw-r--r--src/lib/libssl/src/crypto/asn1/p5_pbe.c15
-rw-r--r--src/lib/libssl/src/crypto/asn1/p5_pbev2.c30
-rw-r--r--src/lib/libssl/src/crypto/asn1/p8_pkey.c22
-rw-r--r--src/lib/libssl/src/crypto/asn1/t_crl.c3
-rw-r--r--src/lib/libssl/src/crypto/asn1/t_pkey.c16
-rw-r--r--src/lib/libssl/src/crypto/asn1/t_req.c69
-rw-r--r--src/lib/libssl/src/crypto/asn1/t_spki.c12
-rw-r--r--src/lib/libssl/src/crypto/asn1/t_x509.c101
-rw-r--r--src/lib/libssl/src/crypto/asn1/tasn_dec.c409
-rw-r--r--src/lib/libssl/src/crypto/asn1/tasn_enc.c168
-rw-r--r--src/lib/libssl/src/crypto/asn1/tasn_fre.c71
-rw-r--r--src/lib/libssl/src/crypto/asn1/tasn_new.c94
-rw-r--r--src/lib/libssl/src/crypto/asn1/tasn_prn.c139
-rw-r--r--src/lib/libssl/src/crypto/asn1/tasn_utl.c15
-rw-r--r--src/lib/libssl/src/crypto/asn1/x_algor.c18
-rw-r--r--src/lib/libssl/src/crypto/asn1/x_crl.c79
-rw-r--r--src/lib/libssl/src/crypto/asn1/x_info.c3
-rw-r--r--src/lib/libssl/src/crypto/asn1/x_name.c98
-rw-r--r--src/lib/libssl/src/crypto/asn1/x_pkey.c9
-rw-r--r--src/lib/libssl/src/crypto/asn1/x_pubkey.c73
-rw-r--r--src/lib/libssl/src/crypto/asn1/x_x509.c6
-rw-r--r--src/lib/libssl/src/crypto/asn1/x_x509a.c6
108 files changed, 1998 insertions, 3592 deletions
diff --git a/src/lib/libcrypto/asn1/a_dup.c b/src/lib/libcrypto/asn1/a_dup.c
index 4482a89337..409bdcf2d1 100644
--- a/src/lib/libcrypto/asn1/a_dup.c
+++ b/src/lib/libcrypto/asn1/a_dup.c
@@ -69,13 +69,14 @@ void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x)
69 int i; 69 int i;
70 char *ret; 70 char *ret;
71 71
72 if (x == NULL) return(NULL); 72 if (x == NULL)
73 return(NULL);
73 74
74 i=i2d(x,NULL); 75 i=i2d(x,NULL);
75 b=malloc(i+10); 76 b=malloc(i+10);
76 if (b == NULL) 77 if (b == NULL) {
77 { 78 ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE);
78 ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); 79 return(NULL);
79 } 80 }
80 p= b; 81 p= b;
81 i=i2d(x,&p); 82 i=i2d(x,&p);
@@ -99,12 +100,13 @@ void *ASN1_item_dup(const ASN1_ITEM *it, void *x)
99 long i; 100 long i;
100 void *ret; 101 void *ret;
101 102
102 if (x == NULL) return(NULL); 103 if (x == NULL)
104 return(NULL);
103 105
104 i=ASN1_item_i2d(x,&b,it); 106 i=ASN1_item_i2d(x,&b,it);
105 if (b == NULL) 107 if (b == NULL) {
106 { 108 ASN1err(ASN1_F_ASN1_ITEM_DUP,ERR_R_MALLOC_FAILURE);
107 ASN1err(ASN1_F_ASN1_ITEM_DUP,ERR_R_MALLOC_FAILURE); return(NULL); 109 return(NULL);
108 } 110 }
109 p= b; 111 p= b;
110 ret=ASN1_item_d2i(NULL,&p,i, it); 112 ret=ASN1_item_d2i(NULL,&p,i, it);
diff --git a/src/lib/libcrypto/asn1/a_enum.c b/src/lib/libcrypto/asn1/a_enum.c
index 77c7c2cd88..70cea0aad2 100644
--- a/src/lib/libcrypto/asn1/a_enum.c
+++ b/src/lib/libcrypto/asn1/a_enum.c
@@ -74,27 +74,23 @@ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v)
74 long d; 74 long d;
75 75
76 a->type=V_ASN1_ENUMERATED; 76 a->type=V_ASN1_ENUMERATED;
77 if (a->length < (int)(sizeof(long)+1)) 77 if (a->length < (int)(sizeof(long)+1)) {
78 {
79 if (a->data != NULL) 78 if (a->data != NULL)
80 free(a->data); 79 free(a->data);
81 if ((a->data=(unsigned char *)malloc(sizeof(long)+1)) != NULL) 80 if ((a->data=(unsigned char *)malloc(sizeof(long)+1)) != NULL)
82 memset((char *)a->data,0,sizeof(long)+1); 81 memset((char *)a->data,0,sizeof(long)+1);
83 } 82 }
84 if (a->data == NULL) 83 if (a->data == NULL) {
85 {
86 ASN1err(ASN1_F_ASN1_ENUMERATED_SET,ERR_R_MALLOC_FAILURE); 84 ASN1err(ASN1_F_ASN1_ENUMERATED_SET,ERR_R_MALLOC_FAILURE);
87 return(0); 85 return(0);
88 } 86 }
89 d=v; 87 d=v;
90 if (d < 0) 88 if (d < 0) {
91 {
92 d= -d; 89 d= -d;
93 a->type=V_ASN1_NEG_ENUMERATED; 90 a->type=V_ASN1_NEG_ENUMERATED;
94 } 91 }
95 92
96 for (i=0; i<sizeof(long); i++) 93 for (i=0; i<sizeof(long); i++) {
97 {
98 if (d == 0) break; 94 if (d == 0) break;
99 buf[i]=(int)d&0xff; 95 buf[i]=(int)d&0xff;
100 d>>=8; 96 d>>=8;
@@ -118,16 +114,14 @@ long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a)
118 else if (i != V_ASN1_ENUMERATED) 114 else if (i != V_ASN1_ENUMERATED)
119 return -1; 115 return -1;
120 116
121 if (a->length > (int)sizeof(long)) 117 if (a->length > (int)sizeof(long)) {
122 {
123 /* hmm... a bit ugly */ 118 /* hmm... a bit ugly */
124 return(0xffffffffL); 119 return(0xffffffffL);
125 } 120 }
126 if (a->data == NULL) 121 if (a->data == NULL)
127 return 0; 122 return 0;
128 123
129 for (i=0; i<a->length; i++) 124 for (i=0; i<a->length; i++) {
130 {
131 r<<=8; 125 r<<=8;
132 r|=(unsigned char)a->data[i]; 126 r|=(unsigned char)a->data[i];
133 } 127 }
@@ -144,8 +138,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai)
144 ret=M_ASN1_ENUMERATED_new(); 138 ret=M_ASN1_ENUMERATED_new();
145 else 139 else
146 ret=ai; 140 ret=ai;
147 if (ret == NULL) 141 if (ret == NULL) {
148 {
149 ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED,ERR_R_NESTED_ASN1_ERROR); 142 ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED,ERR_R_NESTED_ASN1_ERROR);
150 goto err; 143 goto err;
151 } 144 }
@@ -153,8 +146,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai)
153 else ret->type=V_ASN1_ENUMERATED; 146 else ret->type=V_ASN1_ENUMERATED;
154 j=BN_num_bits(bn); 147 j=BN_num_bits(bn);
155 len=((j == 0)?0:((j/8)+1)); 148 len=((j == 0)?0:((j/8)+1));
156 if (ret->length < len+4) 149 if (ret->length < len+4) {
157 {
158 unsigned char *new_data=realloc(ret->data, len+4); 150 unsigned char *new_data=realloc(ret->data, len+4);
159 if (!new_data) 151 if (!new_data)
160 { 152 {
diff --git a/src/lib/libcrypto/asn1/a_gentm.c b/src/lib/libcrypto/asn1/a_gentm.c
index 54016dc8e7..2ef6e6bc22 100644
--- a/src/lib/libcrypto/asn1/a_gentm.c
+++ b/src/lib/libcrypto/asn1/a_gentm.c
@@ -116,8 +116,7 @@ int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d)
116 * field so make first two fields 00 to 99 116 * field so make first two fields 00 to 99
117 */ 117 */
118 if (l < 13) goto err; 118 if (l < 13) goto err;
119 for (i=0; i<7; i++) 119 for (i=0; i<7; i++) {
120 {
121 if ((i == 6) && ((a[o] == 'Z') || 120 if ((i == 6) && ((a[o] == 'Z') ||
122 (a[o] == '+') || (a[o] == '-'))) 121 (a[o] == '+') || (a[o] == '-')))
123 { i++; break; } 122 { i++; break; }
@@ -146,12 +145,10 @@ int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d)
146 145
147 if (a[o] == 'Z') 146 if (a[o] == 'Z')
148 o++; 147 o++;
149 else if ((a[o] == '+') || (a[o] == '-')) 148 else if ((a[o] == '+') || (a[o] == '-')) {
150 {
151 o++; 149 o++;
152 if (o+4 > l) goto err; 150 if (o+4 > l) goto err;
153 for (i=7; i<9; i++) 151 for (i=7; i<9; i++) {
154 {
155 if ((a[o] < '0') || (a[o] > '9')) goto err; 152 if ((a[o] < '0') || (a[o] > '9')) goto err;
156 n= a[o]-'0'; 153 n= a[o]-'0';
157 o++; 154 o++;
@@ -160,9 +157,7 @@ int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d)
160 if ((n < min[i]) || (n > max[i])) goto err; 157 if ((n < min[i]) || (n > max[i])) goto err;
161 o++; 158 o++;
162 } 159 }
163 } 160 } else {
164 else
165 {
166 /* Missing time zone information. */ 161 /* Missing time zone information. */
167 goto err; 162 goto err;
168 } 163 }
@@ -178,10 +173,8 @@ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str)
178 t.type=V_ASN1_GENERALIZEDTIME; 173 t.type=V_ASN1_GENERALIZEDTIME;
179 t.length=strlen(str); 174 t.length=strlen(str);
180 t.data=(unsigned char *)str; 175 t.data=(unsigned char *)str;
181 if (ASN1_GENERALIZEDTIME_check(&t)) 176 if (ASN1_GENERALIZEDTIME_check(&t)) {
182 { 177 if (s != NULL) {
183 if (s != NULL)
184 {
185 if (!ASN1_STRING_set((ASN1_STRING *)s, 178 if (!ASN1_STRING_set((ASN1_STRING *)s,
186 (unsigned char *)str,t.length)) 179 (unsigned char *)str,t.length))
187 return 0; 180 return 0;
@@ -216,18 +209,15 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
216 if (ts == NULL) 209 if (ts == NULL)
217 return(NULL); 210 return(NULL);
218 211
219 if (offset_day || offset_sec) 212 if (offset_day || offset_sec) {
220 {
221 if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec)) 213 if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
222 return NULL; 214 return NULL;
223 } 215 }
224 216
225 p=(char *)s->data; 217 p=(char *)s->data;
226 if ((p == NULL) || ((size_t)s->length < len)) 218 if ((p == NULL) || ((size_t)s->length < len)) {
227 {
228 p=malloc(len); 219 p=malloc(len);
229 if (p == NULL) 220 if (p == NULL) {
230 {
231 ASN1err(ASN1_F_ASN1_GENERALIZEDTIME_ADJ, 221 ASN1err(ASN1_F_ASN1_GENERALIZEDTIME_ADJ,
232 ERR_R_MALLOC_FAILURE); 222 ERR_R_MALLOC_FAILURE);
233 return(NULL); 223 return(NULL);
diff --git a/src/lib/libcrypto/asn1/a_i2d_fp.c b/src/lib/libcrypto/asn1/a_i2d_fp.c
index 52bedb3f73..93e6d8351b 100644
--- a/src/lib/libcrypto/asn1/a_i2d_fp.c
+++ b/src/lib/libcrypto/asn1/a_i2d_fp.c
@@ -69,8 +69,7 @@ int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x)
69 BIO *b; 69 BIO *b;
70 int ret; 70 int ret;
71 71
72 if ((b=BIO_new(BIO_s_file())) == NULL) 72 if ((b=BIO_new(BIO_s_file())) == NULL) {
73 {
74 ASN1err(ASN1_F_ASN1_I2D_FP,ERR_R_BUF_LIB); 73 ASN1err(ASN1_F_ASN1_I2D_FP,ERR_R_BUF_LIB);
75 return(0); 74 return(0);
76 } 75 }
@@ -89,8 +88,7 @@ int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x)
89 88
90 n=i2d(x,NULL); 89 n=i2d(x,NULL);
91 b=(char *)malloc(n); 90 b=(char *)malloc(n);
92 if (b == NULL) 91 if (b == NULL) {
93 {
94 ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE); 92 ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE);
95 return(0); 93 return(0);
96 } 94 }
@@ -98,12 +96,10 @@ int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x)
98 p=(unsigned char *)b; 96 p=(unsigned char *)b;
99 i2d(x,&p); 97 i2d(x,&p);
100 98
101 for (;;) 99 for (;;) {
102 {
103 i=BIO_write(out,&(b[j]),n); 100 i=BIO_write(out,&(b[j]),n);
104 if (i == n) break; 101 if (i == n) break;
105 if (i <= 0) 102 if (i <= 0) {
106 {
107 ret=0; 103 ret=0;
108 break; 104 break;
109 } 105 }
@@ -122,8 +118,7 @@ int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x)
122 BIO *b; 118 BIO *b;
123 int ret; 119 int ret;
124 120
125 if ((b=BIO_new(BIO_s_file())) == NULL) 121 if ((b=BIO_new(BIO_s_file())) == NULL) {
126 {
127 ASN1err(ASN1_F_ASN1_ITEM_I2D_FP,ERR_R_BUF_LIB); 122 ASN1err(ASN1_F_ASN1_ITEM_I2D_FP,ERR_R_BUF_LIB);
128 return(0); 123 return(0);
129 } 124 }
@@ -140,18 +135,15 @@ int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x)
140 int i,j=0,n,ret=1; 135 int i,j=0,n,ret=1;
141 136
142 n = ASN1_item_i2d(x, &b, it); 137 n = ASN1_item_i2d(x, &b, it);
143 if (b == NULL) 138 if (b == NULL) {
144 {
145 ASN1err(ASN1_F_ASN1_ITEM_I2D_BIO,ERR_R_MALLOC_FAILURE); 139 ASN1err(ASN1_F_ASN1_ITEM_I2D_BIO,ERR_R_MALLOC_FAILURE);
146 return(0); 140 return(0);
147 } 141 }
148 142
149 for (;;) 143 for (;;) {
150 {
151 i=BIO_write(out,&(b[j]),n); 144 i=BIO_write(out,&(b[j]),n);
152 if (i == n) break; 145 if (i == n) break;
153 if (i <= 0) 146 if (i <= 0) {
154 {
155 ret=0; 147 ret=0;
156 break; 148 break;
157 } 149 }
diff --git a/src/lib/libcrypto/asn1/a_int.c b/src/lib/libcrypto/asn1/a_int.c
index f41d462ffe..cc2b985fa1 100644
--- a/src/lib/libcrypto/asn1/a_int.c
+++ b/src/lib/libcrypto/asn1/a_int.c
@@ -69,8 +69,7 @@ int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y)
69 int neg, ret; 69 int neg, ret;
70 /* Compare signs */ 70 /* Compare signs */
71 neg = x->type & V_ASN1_NEG; 71 neg = x->type & V_ASN1_NEG;
72 if (neg != (y->type & V_ASN1_NEG)) 72 if (neg != (y->type & V_ASN1_NEG)) {
73 {
74 if (neg) 73 if (neg)
75 return -1; 74 return -1;
76 else 75 else
@@ -120,8 +119,7 @@ int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
120 neg=a->type & V_ASN1_NEG; 119 neg=a->type & V_ASN1_NEG;
121 if (a->length == 0) 120 if (a->length == 0)
122 ret=1; 121 ret=1;
123 else 122 else {
124 {
125 ret=a->length; 123 ret=a->length;
126 i=a->data[0]; 124 i=a->data[0];
127 if (!neg && (i > 127)) { 125 if (!neg && (i > 127)) {
@@ -183,8 +181,7 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
183 unsigned char *to,*s; 181 unsigned char *to,*s;
184 int i; 182 int i;
185 183
186 if ((a == NULL) || ((*a) == NULL)) 184 if ((a == NULL) || ((*a) == NULL)) {
187 {
188 if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL); 185 if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL);
189 ret->type=V_ASN1_INTEGER; 186 ret->type=V_ASN1_INTEGER;
190 } 187 }
@@ -197,8 +194,7 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
197 /* We must malloc stuff, even for 0 bytes otherwise it 194 /* We must malloc stuff, even for 0 bytes otherwise it
198 * signifies a missing NULL parameter. */ 195 * signifies a missing NULL parameter. */
199 s=(unsigned char *)malloc((int)len+1); 196 s=(unsigned char *)malloc((int)len+1);
200 if (s == NULL) 197 if (s == NULL) {
201 {
202 i=ERR_R_MALLOC_FAILURE; 198 i=ERR_R_MALLOC_FAILURE;
203 goto err; 199 goto err;
204 } 200 }
@@ -208,13 +204,12 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
208 * tolerate it. 204 * tolerate it.
209 */ 205 */
210 ret->type=V_ASN1_INTEGER; 206 ret->type=V_ASN1_INTEGER;
211} else if (*p & 0x80) /* a negative number */ 207 } else if (*p & 0x80) /* a negative number */ {
212 {
213 ret->type=V_ASN1_NEG_INTEGER; 208 ret->type=V_ASN1_NEG_INTEGER;
214 if ((*p == 0xff) && (len != 1)) { 209 if ((*p == 0xff) && (len != 1)) {
215 p++; 210 p++;
216 len--; 211 len--;
217 } 212 }
218 i = len; 213 i = len;
219 p += i - 1; 214 p += i - 1;
220 to += i - 1; 215 to += i - 1;
@@ -222,7 +217,7 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
222 *(to--) = 0; 217 *(to--) = 0;
223 i--; 218 i--;
224 p--; 219 p--;
225 } 220 }
226 /* Special case: if all zeros then the number will be of 221 /* Special case: if all zeros then the number will be of
227 * the form FF followed by n zero bytes: this corresponds to 222 * the form FF followed by n zero bytes: this corresponds to
228 * 1 followed by n zero bytes. We've already written n zeros 223 * 1 followed by n zero bytes. We've already written n zeros
@@ -234,20 +229,19 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
234 *s = 1; 229 *s = 1;
235 s[len] = 0; 230 s[len] = 0;
236 len++; 231 len++;
237 } else { 232 } else {
238 *(to--) = (*(p--) ^ 0xff) + 1; 233 *(to--) = (*(p--) ^ 0xff) + 1;
239 i--; 234 i--;
240 for(;i > 0; i--) *(to--) = *(p--) ^ 0xff; 235 for(;i > 0; i--) *(to--) = *(p--) ^ 0xff;
241 } 236 }
242} else { 237 } else {
243 ret->type=V_ASN1_INTEGER; 238 ret->type=V_ASN1_INTEGER;
244 if ((*p == 0) && (len != 1)) 239 if ((*p == 0) && (len != 1)) {
245 {
246 p++; 240 p++;
247 len--; 241 len--;
248 } 242 }
249 memcpy(s,p,(int)len); 243 memcpy(s,p,(int)len);
250} 244 }
251 245
252 if (ret->data != NULL) free(ret->data); 246 if (ret->data != NULL) free(ret->data);
253 ret->data=s; 247 ret->data=s;
@@ -278,24 +272,20 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
278 int inf,tag,xclass; 272 int inf,tag,xclass;
279 int i; 273 int i;
280 274
281 if ((a == NULL) || ((*a) == NULL)) 275 if ((a == NULL) || ((*a) == NULL)) {
282 {
283 if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL); 276 if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL);
284 ret->type=V_ASN1_INTEGER; 277 ret->type=V_ASN1_INTEGER;
285 } 278 } else
286 else
287 ret=(*a); 279 ret=(*a);
288 280
289 p= *pp; 281 p= *pp;
290 inf=ASN1_get_object(&p,&len,&tag,&xclass,length); 282 inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
291 if (inf & 0x80) 283 if (inf & 0x80) {
292 {
293 i=ASN1_R_BAD_OBJECT_HEADER; 284 i=ASN1_R_BAD_OBJECT_HEADER;
294 goto err; 285 goto err;
295 } 286 }
296 287
297 if (tag != V_ASN1_INTEGER) 288 if (tag != V_ASN1_INTEGER) {
298 {
299 i=ASN1_R_EXPECTING_AN_INTEGER; 289 i=ASN1_R_EXPECTING_AN_INTEGER;
300 goto err; 290 goto err;
301 } 291 }
@@ -303,21 +293,19 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
303 /* We must malloc stuff, even for 0 bytes otherwise it 293 /* We must malloc stuff, even for 0 bytes otherwise it
304 * signifies a missing NULL parameter. */ 294 * signifies a missing NULL parameter. */
305 s=(unsigned char *)malloc((int)len+1); 295 s=(unsigned char *)malloc((int)len+1);
306 if (s == NULL) 296 if (s == NULL) {
307 {
308 i=ERR_R_MALLOC_FAILURE; 297 i=ERR_R_MALLOC_FAILURE;
309 goto err; 298 goto err;
310 } 299 }
311 ret->type=V_ASN1_INTEGER; 300 ret->type=V_ASN1_INTEGER;
312 if(len) { 301 if(len) {
313 if ((*p == 0) && (len != 1)) 302 if ((*p == 0) && (len != 1)) {
314 {
315 p++; 303 p++;
316 len--; 304 len--;
317 } 305 }
318 memcpy(s,p,(int)len); 306 memcpy(s,p,(int)len);
319 p+=len; 307 p+=len;
320} 308 }
321 309
322 if (ret->data != NULL) free(ret->data); 310 if (ret->data != NULL) free(ret->data);
323 ret->data=s; 311 ret->data=s;
@@ -340,27 +328,23 @@ int ASN1_INTEGER_set(ASN1_INTEGER *a, long v)
340 long d; 328 long d;
341 329
342 a->type=V_ASN1_INTEGER; 330 a->type=V_ASN1_INTEGER;
343 if (a->length < (int)(sizeof(long)+1)) 331 if (a->length < (int)(sizeof(long)+1)) {
344 {
345 if (a->data != NULL) 332 if (a->data != NULL)
346 free(a->data); 333 free(a->data);
347 if ((a->data=(unsigned char *)malloc(sizeof(long)+1)) != NULL) 334 if ((a->data=(unsigned char *)malloc(sizeof(long)+1)) != NULL)
348 memset((char *)a->data,0,sizeof(long)+1); 335 memset((char *)a->data,0,sizeof(long)+1);
349 } 336 }
350 if (a->data == NULL) 337 if (a->data == NULL) {
351 {
352 ASN1err(ASN1_F_ASN1_INTEGER_SET,ERR_R_MALLOC_FAILURE); 338 ASN1err(ASN1_F_ASN1_INTEGER_SET,ERR_R_MALLOC_FAILURE);
353 return(0); 339 return(0);
354 } 340 }
355 d=v; 341 d=v;
356 if (d < 0) 342 if (d < 0) {
357 {
358 d= -d; 343 d= -d;
359 a->type=V_ASN1_NEG_INTEGER; 344 a->type=V_ASN1_NEG_INTEGER;
360 } 345 }
361 346
362 for (i=0; i<sizeof(long); i++) 347 for (i=0; i<sizeof(long); i++) {
363 {
364 if (d == 0) break; 348 if (d == 0) break;
365 buf[i]=(int)d&0xff; 349 buf[i]=(int)d&0xff;
366 d>>=8; 350 d>>=8;
@@ -384,16 +368,14 @@ long ASN1_INTEGER_get(const ASN1_INTEGER *a)
384 else if (i != V_ASN1_INTEGER) 368 else if (i != V_ASN1_INTEGER)
385 return -1; 369 return -1;
386 370
387 if (a->length > (int)sizeof(long)) 371 if (a->length > (int)sizeof(long)) {
388 {
389 /* hmm... a bit ugly, return all ones */ 372 /* hmm... a bit ugly, return all ones */
390 return -1; 373 return -1;
391 } 374 }
392 if (a->data == NULL) 375 if (a->data == NULL)
393 return 0; 376 return 0;
394 377
395 for (i=0; i<a->length; i++) 378 for (i=0; i<a->length; i++) {
396 {
397 r<<=8; 379 r<<=8;
398 r|=(unsigned char)a->data[i]; 380 r|=(unsigned char)a->data[i];
399 } 381 }
@@ -410,8 +392,7 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai)
410 ret=M_ASN1_INTEGER_new(); 392 ret=M_ASN1_INTEGER_new();
411 else 393 else
412 ret=ai; 394 ret=ai;
413 if (ret == NULL) 395 if (ret == NULL) {
414 {
415 ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_NESTED_ASN1_ERROR); 396 ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_NESTED_ASN1_ERROR);
416 goto err; 397 goto err;
417 } 398 }
@@ -420,11 +401,9 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai)
420 else ret->type=V_ASN1_INTEGER; 401 else ret->type=V_ASN1_INTEGER;
421 j=BN_num_bits(bn); 402 j=BN_num_bits(bn);
422 len=((j == 0)?0:((j/8)+1)); 403 len=((j == 0)?0:((j/8)+1));
423 if (ret->length < len+4) 404 if (ret->length < len+4) {
424 {
425 unsigned char *new_data=realloc(ret->data, len+4); 405 unsigned char *new_data=realloc(ret->data, len+4);
426 if (!new_data) 406 if (!new_data) {
427 {
428 ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE); 407 ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
429 goto err; 408 goto err;
430 } 409 }
@@ -432,8 +411,7 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai)
432 } 411 }
433 ret->length=BN_bn2bin(bn,ret->data); 412 ret->length=BN_bn2bin(bn,ret->data);
434 /* Correct zero case */ 413 /* Correct zero case */
435 if(!ret->length) 414 if(!ret->length) {
436 {
437 ret->data[0] = 0; 415 ret->data[0] = 0;
438 ret->length = 1; 416 ret->length = 1;
439 } 417 }
diff --git a/src/lib/libcrypto/asn1/a_object.c b/src/lib/libcrypto/asn1/a_object.c
index 7e9eeaa2e1..e73b1223de 100644
--- a/src/lib/libcrypto/asn1/a_object.c
+++ b/src/lib/libcrypto/asn1/a_object.c
@@ -100,55 +100,45 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
100 p=buf; 100 p=buf;
101 c= *(p++); 101 c= *(p++);
102 num--; 102 num--;
103 if ((c >= '0') && (c <= '2')) 103 if ((c >= '0') && (c <= '2')) {
104 {
105 first= c-'0'; 104 first= c-'0';
106 } 105 } else {
107 else
108 {
109 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_FIRST_NUM_TOO_LARGE); 106 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_FIRST_NUM_TOO_LARGE);
110 goto err; 107 goto err;
111 } 108 }
112 109
113 if (num <= 0) 110 if (num <= 0) {
114 {
115 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_MISSING_SECOND_NUMBER); 111 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_MISSING_SECOND_NUMBER);
116 goto err; 112 goto err;
117 } 113 }
118 c= *(p++); 114 c= *(p++);
119 num--; 115 num--;
120 for (;;) 116 for (;;) {
121 {
122 if (num <= 0) break; 117 if (num <= 0) break;
123 if ((c != '.') && (c != ' ')) 118 if ((c != '.') && (c != ' ')) {
124 {
125 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_SEPARATOR); 119 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_SEPARATOR);
126 goto err; 120 goto err;
127 } 121 }
128 l=0; 122 l=0;
129 use_bn = 0; 123 use_bn = 0;
130 for (;;) 124 for (;;) {
131 {
132 if (num <= 0) break; 125 if (num <= 0) break;
133 num--; 126 num--;
134 c= *(p++); 127 c= *(p++);
135 if ((c == ' ') || (c == '.')) 128 if ((c == ' ') || (c == '.'))
136 break; 129 break;
137 if ((c < '0') || (c > '9')) 130 if ((c < '0') || (c > '9')) {
138 {
139 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT); 131 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT);
140 goto err; 132 goto err;
141 } 133 }
142 if (!use_bn && l >= ((ULONG_MAX - 80) / 10L)) 134 if (!use_bn && l >= ((ULONG_MAX - 80) / 10L)) {
143 {
144 use_bn = 1; 135 use_bn = 1;
145 if (!bl) 136 if (!bl)
146 bl = BN_new(); 137 bl = BN_new();
147 if (!bl || !BN_set_word(bl, l)) 138 if (!bl || !BN_set_word(bl, l))
148 goto err; 139 goto err;
149 } 140 }
150 if (use_bn) 141 if (use_bn) {
151 {
152 if (!BN_mul_word(bl, 10L) 142 if (!BN_mul_word(bl, 10L)
153 || !BN_add_word(bl, c-'0')) 143 || !BN_add_word(bl, c-'0'))
154 goto err; 144 goto err;
@@ -156,15 +146,12 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
156 else 146 else
157 l=l*10L+(long)(c-'0'); 147 l=l*10L+(long)(c-'0');
158 } 148 }
159 if (len == 0) 149 if (len == 0) {
160 { 150 if ((first < 2) && (l >= 40)) {
161 if ((first < 2) && (l >= 40))
162 {
163 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_SECOND_NUMBER_TOO_LARGE); 151 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_SECOND_NUMBER_TOO_LARGE);
164 goto err; 152 goto err;
165 } 153 }
166 if (use_bn) 154 if (use_bn) {
167 {
168 if (!BN_add_word(bl, first * 40)) 155 if (!BN_add_word(bl, first * 40))
169 goto err; 156 goto err;
170 } 157 }
@@ -172,13 +159,11 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
172 l+=(long)first*40; 159 l+=(long)first*40;
173 } 160 }
174 i=0; 161 i=0;
175 if (use_bn) 162 if (use_bn) {
176 {
177 int blsize; 163 int blsize;
178 blsize = BN_num_bits(bl); 164 blsize = BN_num_bits(bl);
179 blsize = (blsize + 6)/7; 165 blsize = (blsize + 6)/7;
180 if (blsize > tmpsize) 166 if (blsize > tmpsize) {
181 {
182 if (tmp != ftmp) 167 if (tmp != ftmp)
183 free(tmp); 168 free(tmp);
184 tmpsize = blsize + 32; 169 tmpsize = blsize + 32;
@@ -188,22 +173,17 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
188 } 173 }
189 while(blsize--) 174 while(blsize--)
190 tmp[i++] = (unsigned char)BN_div_word(bl, 0x80L); 175 tmp[i++] = (unsigned char)BN_div_word(bl, 0x80L);
191 } 176 } else {
192 else
193 {
194 177
195 for (;;) 178 for (;;) {
196 {
197 tmp[i++]=(unsigned char)l&0x7f; 179 tmp[i++]=(unsigned char)l&0x7f;
198 l>>=7L; 180 l>>=7L;
199 if (l == 0L) break; 181 if (l == 0L) break;
200 } 182 }
201 183
202 } 184 }
203 if (out != NULL) 185 if (out != NULL) {
204 { 186 if (len+i > olen) {
205 if (len+i > olen)
206 {
207 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_BUFFER_TOO_SMALL); 187 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_BUFFER_TOO_SMALL);
208 goto err; 188 goto err;
209 } 189 }
@@ -240,8 +220,7 @@ int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
240 if ((a == NULL) || (a->data == NULL)) 220 if ((a == NULL) || (a->data == NULL))
241 return(BIO_write(bp,"NULL",4)); 221 return(BIO_write(bp,"NULL",4));
242 i=i2t_ASN1_OBJECT(buf,sizeof buf,a); 222 i=i2t_ASN1_OBJECT(buf,sizeof buf,a);
243 if (i > (int)(sizeof(buf) - 1)) 223 if (i > (int)(sizeof(buf) - 1)) {
244 {
245 p = malloc(i + 1); 224 p = malloc(i + 1);
246 if (!p) 225 if (!p)
247 return -1; 226 return -1;
@@ -265,14 +244,12 @@ ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
265 ASN1_OBJECT *ret = NULL; 244 ASN1_OBJECT *ret = NULL;
266 p= *pp; 245 p= *pp;
267 inf=ASN1_get_object(&p,&len,&tag,&xclass,length); 246 inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
268 if (inf & 0x80) 247 if (inf & 0x80) {
269 {
270 i=ASN1_R_BAD_OBJECT_HEADER; 248 i=ASN1_R_BAD_OBJECT_HEADER;
271 goto err; 249 goto err;
272 } 250 }
273 251
274 if (tag != V_ASN1_OBJECT) 252 if (tag != V_ASN1_OBJECT) {
275 {
276 i=ASN1_R_EXPECTING_AN_OBJECT; 253 i=ASN1_R_EXPECTING_AN_OBJECT;
277 goto err; 254 goto err;
278 } 255 }
@@ -293,10 +270,8 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
293 /* Sanity check OID encoding: can't have leading 0x80 in 270 /* Sanity check OID encoding: can't have leading 0x80 in
294 * subidentifiers, see: X.690 8.19.2 271 * subidentifiers, see: X.690 8.19.2
295 */ 272 */
296 for (i = 0, p = *pp; i < len; i++, p++) 273 for (i = 0, p = *pp; i < len; i++, p++) {
297 { 274 if (*p == 0x80 && (!i || !(p[-1] & 0x80))) {
298 if (*p == 0x80 && (!i || !(p[-1] & 0x80)))
299 {
300 ASN1err(ASN1_F_C2I_ASN1_OBJECT,ASN1_R_INVALID_OBJECT_ENCODING); 275 ASN1err(ASN1_F_C2I_ASN1_OBJECT,ASN1_R_INVALID_OBJECT_ENCODING);
301 return NULL; 276 return NULL;
302 } 277 }
@@ -305,8 +280,7 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
305 /* only the ASN1_OBJECTs from the 'table' will have values 280 /* only the ASN1_OBJECTs from the 'table' will have values
306 * for ->sn or ->ln */ 281 * for ->sn or ->ln */
307 if ((a == NULL) || ((*a) == NULL) || 282 if ((a == NULL) || ((*a) == NULL) ||
308 !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC)) 283 !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC)) {
309 {
310 if ((ret=ASN1_OBJECT_new()) == NULL) return(NULL); 284 if ((ret=ASN1_OBJECT_new()) == NULL) return(NULL);
311 } 285 }
312 else ret=(*a); 286 else ret=(*a);
@@ -316,13 +290,11 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
316 data = (unsigned char *)ret->data; 290 data = (unsigned char *)ret->data;
317 ret->data = NULL; 291 ret->data = NULL;
318 /* once detached we can change it */ 292 /* once detached we can change it */
319 if ((data == NULL) || (ret->length < len)) 293 if ((data == NULL) || (ret->length < len)) {
320 {
321 ret->length=0; 294 ret->length=0;
322 if (data != NULL) free(data); 295 if (data != NULL) free(data);
323 data=(unsigned char *)malloc(len ? (int)len : 1); 296 data=(unsigned char *)malloc(len ? (int)len : 1);
324 if (data == NULL) 297 if (data == NULL) { i=ERR_R_MALLOC_FAILURE; goto err; }
325 { i=ERR_R_MALLOC_FAILURE; goto err; }
326 ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA; 298 ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA;
327 } 299 }
328 memcpy(data,p,(int)len); 300 memcpy(data,p,(int)len);
@@ -349,8 +321,7 @@ ASN1_OBJECT *ASN1_OBJECT_new(void)
349 ASN1_OBJECT *ret; 321 ASN1_OBJECT *ret;
350 322
351 ret=(ASN1_OBJECT *)malloc(sizeof(ASN1_OBJECT)); 323 ret=(ASN1_OBJECT *)malloc(sizeof(ASN1_OBJECT));
352 if (ret == NULL) 324 if (ret == NULL) {
353 {
354 ASN1err(ASN1_F_ASN1_OBJECT_NEW,ERR_R_MALLOC_FAILURE); 325 ASN1err(ASN1_F_ASN1_OBJECT_NEW,ERR_R_MALLOC_FAILURE);
355 return(NULL); 326 return(NULL);
356 } 327 }
@@ -366,16 +337,14 @@ ASN1_OBJECT *ASN1_OBJECT_new(void)
366void ASN1_OBJECT_free(ASN1_OBJECT *a) 337void ASN1_OBJECT_free(ASN1_OBJECT *a)
367{ 338{
368 if (a == NULL) return; 339 if (a == NULL) return;
369 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) 340 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) {
370 {
371#ifndef CONST_STRICT /* disable purely for compile-time strict const checking. Doing this on a "real" compile will cause memory leaks */ 341#ifndef CONST_STRICT /* disable purely for compile-time strict const checking. Doing this on a "real" compile will cause memory leaks */
372 if (a->sn != NULL) free((void *)a->sn); 342 if (a->sn != NULL) free((void *)a->sn);
373 if (a->ln != NULL) free((void *)a->ln); 343 if (a->ln != NULL) free((void *)a->ln);
374#endif 344#endif
375 a->sn=a->ln=NULL; 345 a->sn=a->ln=NULL;
376 } 346 }
377 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) 347 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) {
378 {
379 if (a->data != NULL) free((void *)a->data); 348 if (a->data != NULL) free((void *)a->data);
380 a->data=NULL; 349 a->data=NULL;
381 a->length=0; 350 a->length=0;
diff --git a/src/lib/libcrypto/asn1/a_print.c b/src/lib/libcrypto/asn1/a_print.c
index cfd0452f13..9e421dba66 100644
--- a/src/lib/libcrypto/asn1/a_print.c
+++ b/src/lib/libcrypto/asn1/a_print.c
@@ -69,8 +69,7 @@ int ASN1_PRINTABLE_type(const unsigned char *s, int len)
69 if (len <= 0) len= -1; 69 if (len <= 0) len= -1;
70 if (s == NULL) return(V_ASN1_PRINTABLESTRING); 70 if (s == NULL) return(V_ASN1_PRINTABLESTRING);
71 71
72 while ((*s) && (len-- != 0)) 72 while ((*s) && (len-- != 0)) {
73 {
74 c= *(s++); 73 c= *(s++);
75 if (!( ((c >= 'a') && (c <= 'z')) || 74 if (!( ((c >= 'a') && (c <= 'z')) ||
76 ((c >= 'A') && (c <= 'Z')) || 75 ((c >= 'A') && (c <= 'Z')) ||
@@ -99,8 +98,7 @@ int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s)
99 if (s->type != V_ASN1_UNIVERSALSTRING) return(0); 98 if (s->type != V_ASN1_UNIVERSALSTRING) return(0);
100 if ((s->length%4) != 0) return(0); 99 if ((s->length%4) != 0) return(0);
101 p=s->data; 100 p=s->data;
102 for (i=0; i<s->length; i+=4) 101 for (i=0; i<s->length; i+=4) {
103 {
104 if ((p[0] != '\0') || (p[1] != '\0') || (p[2] != '\0')) 102 if ((p[0] != '\0') || (p[1] != '\0') || (p[2] != '\0'))
105 break; 103 break;
106 else 104 else
@@ -108,8 +106,7 @@ int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s)
108 } 106 }
109 if (i < s->length) return(0); 107 if (i < s->length) return(0);
110 p=s->data; 108 p=s->data;
111 for (i=3; i<s->length; i+=4) 109 for (i=3; i<s->length; i+=4) {
112 {
113 *(p++)=s->data[i]; 110 *(p++)=s->data[i];
114 } 111 }
115 *(p)='\0'; 112 *(p)='\0';
diff --git a/src/lib/libcrypto/asn1/a_sign.c b/src/lib/libcrypto/asn1/a_sign.c
index 349422fe9a..046f3b4a99 100644
--- a/src/lib/libcrypto/asn1/a_sign.c
+++ b/src/lib/libcrypto/asn1/a_sign.c
@@ -131,8 +131,7 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
131{ 131{
132 EVP_MD_CTX ctx; 132 EVP_MD_CTX ctx;
133 EVP_MD_CTX_init(&ctx); 133 EVP_MD_CTX_init(&ctx);
134 if (!EVP_DigestSignInit(&ctx, NULL, type, NULL, pkey)) 134 if (!EVP_DigestSignInit(&ctx, NULL, type, NULL, pkey)) {
135 {
136 EVP_MD_CTX_cleanup(&ctx); 135 EVP_MD_CTX_cleanup(&ctx);
137 return 0; 136 return 0;
138 } 137 }
@@ -154,14 +153,12 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
154 type = EVP_MD_CTX_md(ctx); 153 type = EVP_MD_CTX_md(ctx);
155 pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx); 154 pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx);
156 155
157 if (!type || !pkey) 156 if (!type || !pkey) {
158 {
159 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED); 157 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED);
160 return 0; 158 return 0;
161 } 159 }
162 160
163 if (pkey->ameth->item_sign) 161 if (pkey->ameth->item_sign) {
164 {
165 rv = pkey->ameth->item_sign(ctx, it, asn, algor1, algor2, 162 rv = pkey->ameth->item_sign(ctx, it, asn, algor1, algor2,
166 signature); 163 signature);
167 if (rv == 1) 164 if (rv == 1)
@@ -180,15 +177,12 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
180 else 177 else
181 rv = 2; 178 rv = 2;
182 179
183 if (rv == 2) 180 if (rv == 2) {
184 { 181 if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
185 if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE)
186 {
187 if (!pkey->ameth || 182 if (!pkey->ameth ||
188 !OBJ_find_sigid_by_algs(&signid, 183 !OBJ_find_sigid_by_algs(&signid,
189 EVP_MD_nid(type), 184 EVP_MD_nid(type),
190 pkey->ameth->pkey_id)) 185 pkey->ameth->pkey_id)) {
191 {
192 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, 186 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,
193 ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); 187 ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
194 return 0; 188 return 0;
@@ -212,16 +206,14 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
212 inl=ASN1_item_i2d(asn,&buf_in, it); 206 inl=ASN1_item_i2d(asn,&buf_in, it);
213 outll=outl=EVP_PKEY_size(pkey); 207 outll=outl=EVP_PKEY_size(pkey);
214 buf_out=malloc((unsigned int)outl); 208 buf_out=malloc((unsigned int)outl);
215 if ((buf_in == NULL) || (buf_out == NULL)) 209 if ((buf_in == NULL) || (buf_out == NULL)) {
216 {
217 outl=0; 210 outl=0;
218 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,ERR_R_MALLOC_FAILURE); 211 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,ERR_R_MALLOC_FAILURE);
219 goto err; 212 goto err;
220 } 213 }
221 214
222 if (!EVP_DigestSignUpdate(ctx, buf_in, inl) 215 if (!EVP_DigestSignUpdate(ctx, buf_in, inl)
223 || !EVP_DigestSignFinal(ctx, buf_out, &outl)) 216 || !EVP_DigestSignFinal(ctx, buf_out, &outl)) {
224 {
225 outl=0; 217 outl=0;
226 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,ERR_R_EVP_LIB); 218 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,ERR_R_EVP_LIB);
227 goto err; 219 goto err;
@@ -237,9 +229,11 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
237 signature->flags|=ASN1_STRING_FLAG_BITS_LEFT; 229 signature->flags|=ASN1_STRING_FLAG_BITS_LEFT;
238err: 230err:
239 EVP_MD_CTX_cleanup(ctx); 231 EVP_MD_CTX_cleanup(ctx);
240 if (buf_in != NULL) 232 if (buf_in != NULL) {
241 { OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); free(buf_in); } 233 OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); free(buf_in);
242 if (buf_out != NULL) 234 }
243 { OPENSSL_cleanse((char *)buf_out,outll); free(buf_out); } 235 if (buf_out != NULL) {
236 OPENSSL_cleanse((char *)buf_out,outll); free(buf_out);
237 }
244 return(outl); 238 return(outl);
245} 239}
diff --git a/src/lib/libcrypto/asn1/a_strex.c b/src/lib/libcrypto/asn1/a_strex.c
index 65f95532a3..7dc531a2d8 100644
--- a/src/lib/libcrypto/asn1/a_strex.c
+++ b/src/lib/libcrypto/asn1/a_strex.c
@@ -405,8 +405,7 @@ static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n,
405 if(indent < 0) indent = 0; 405 if(indent < 0) indent = 0;
406 outlen = indent; 406 outlen = indent;
407 if(!do_indent(io_ch, arg, indent)) return -1; 407 if(!do_indent(io_ch, arg, indent)) return -1;
408 switch (flags & XN_FLAG_SEP_MASK) 408 switch (flags & XN_FLAG_SEP_MASK) {
409 {
410 case XN_FLAG_SEP_MULTILINE: 409 case XN_FLAG_SEP_MULTILINE:
411 sep_dn = "\n"; 410 sep_dn = "\n";
412 sep_dn_len = 1; 411 sep_dn_len = 1;
@@ -526,8 +525,7 @@ int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags)
526#ifndef OPENSSL_NO_FP_API 525#ifndef OPENSSL_NO_FP_API
527int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags) 526int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags)
528{ 527{
529 if(flags == XN_FLAG_COMPAT) 528 if(flags == XN_FLAG_COMPAT) {
530 {
531 BIO *btmp; 529 BIO *btmp;
532 int ret; 530 int ret;
533 btmp = BIO_new_fp(fp, BIO_NOCLOSE); 531 btmp = BIO_new_fp(fp, BIO_NOCLOSE);
diff --git a/src/lib/libcrypto/asn1/a_strnid.c b/src/lib/libcrypto/asn1/a_strnid.c
index 74bc7b316c..6c59dcc8ec 100644
--- a/src/lib/libcrypto/asn1/a_strnid.c
+++ b/src/lib/libcrypto/asn1/a_strnid.c
@@ -264,26 +264,24 @@ main()
264 int i, last_nid = -1; 264 int i, last_nid = -1;
265 265
266 for (tmp = tbl_standard, i = 0; 266 for (tmp = tbl_standard, i = 0;
267 i < sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE); i++, tmp++) 267 i < sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE); i++, tmp++) {
268 { 268 if (tmp->nid < last_nid) {
269 if (tmp->nid < last_nid) 269 last_nid = 0;
270 { 270 break;
271 last_nid = 0;
272 break;
273 }
274 last_nid = tmp->nid;
275 } 271 }
272 last_nid = tmp->nid;
273 }
276 274
277 if (last_nid != 0) 275 if (last_nid != 0) {
278 {
279 printf("Table order OK\n"); 276 printf("Table order OK\n");
280 exit(0); 277 exit(0);
281 } 278 }
282 279
283 for (tmp = tbl_standard, i = 0; 280 for (tmp = tbl_standard, i = 0;
284 i < sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE); i++, tmp++) 281 i < sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE); i++, tmp++) {
285 printf("Index %d, NID %d, Name=%s\n", i, tmp->nid, 282 printf("Index %d, NID %d, Name=%s\n", i, tmp->nid,
286 OBJ_nid2ln(tmp->nid)); 283 OBJ_nid2ln(tmp->nid));
284 }
287 285
288} 286}
289 287
diff --git a/src/lib/libcrypto/asn1/a_time.c b/src/lib/libcrypto/asn1/a_time.c
index 3461660b5f..13fd324517 100644
--- a/src/lib/libcrypto/asn1/a_time.c
+++ b/src/lib/libcrypto/asn1/a_time.c
@@ -95,13 +95,11 @@ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t,
95 struct tm data; 95 struct tm data;
96 96
97 ts=OPENSSL_gmtime(&t,&data); 97 ts=OPENSSL_gmtime(&t,&data);
98 if (ts == NULL) 98 if (ts == NULL) {
99 {
100 ASN1err(ASN1_F_ASN1_TIME_ADJ, ASN1_R_ERROR_GETTING_TIME); 99 ASN1err(ASN1_F_ASN1_TIME_ADJ, ASN1_R_ERROR_GETTING_TIME);
101 return NULL; 100 return NULL;
102 } 101 }
103 if (offset_day || offset_sec) 102 if (offset_day || offset_sec) {
104 {
105 if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec)) 103 if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
106 return NULL; 104 return NULL;
107 } 105 }
@@ -128,8 +126,7 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZE
128 126
129 if (!ASN1_TIME_check(t)) return NULL; 127 if (!ASN1_TIME_check(t)) return NULL;
130 128
131 if (!out || !*out) 129 if (!out || !*out) {
132 {
133 if (!(ret = ASN1_GENERALIZEDTIME_new ())) 130 if (!(ret = ASN1_GENERALIZEDTIME_new ()))
134 return NULL; 131 return NULL;
135 if (out) *out = ret; 132 if (out) *out = ret;
@@ -137,8 +134,7 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZE
137 else ret = *out; 134 else ret = *out;
138 135
139 /* If already GeneralizedTime just copy across */ 136 /* If already GeneralizedTime just copy across */
140 if (t->type == V_ASN1_GENERALIZEDTIME) 137 if (t->type == V_ASN1_GENERALIZEDTIME) {
141 {
142 if(!ASN1_STRING_set(ret, t->data, t->length)) 138 if(!ASN1_STRING_set(ret, t->data, t->length))
143 return NULL; 139 return NULL;
144 return ret; 140 return ret;
@@ -169,8 +165,7 @@ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str)
169 165
170 t.type = V_ASN1_UTCTIME; 166 t.type = V_ASN1_UTCTIME;
171 167
172 if (!ASN1_TIME_check(&t)) 168 if (!ASN1_TIME_check(&t)) {
173 {
174 t.type = V_ASN1_GENERALIZEDTIME; 169 t.type = V_ASN1_GENERALIZEDTIME;
175 if (!ASN1_TIME_check(&t)) 170 if (!ASN1_TIME_check(&t))
176 return 0; 171 return 0;
diff --git a/src/lib/libcrypto/asn1/a_type.c b/src/lib/libcrypto/asn1/a_type.c
index c790d74d60..dd746e925e 100644
--- a/src/lib/libcrypto/asn1/a_type.c
+++ b/src/lib/libcrypto/asn1/a_type.c
@@ -71,8 +71,7 @@ int ASN1_TYPE_get(ASN1_TYPE *a)
71 71
72void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value) 72void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
73{ 73{
74 if (a->value.ptr != NULL) 74 if (a->value.ptr != NULL) {
75 {
76 ASN1_TYPE **tmp_a = &a; 75 ASN1_TYPE **tmp_a = &a;
77 ASN1_primitive_free((ASN1_VALUE **)tmp_a, NULL); 76 ASN1_primitive_free((ASN1_VALUE **)tmp_a, NULL);
78 } 77 }
@@ -85,21 +84,16 @@ void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
85 84
86int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value) 85int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value)
87{ 86{
88 if (!value || (type == V_ASN1_BOOLEAN)) 87 if (!value || (type == V_ASN1_BOOLEAN)) {
89 {
90 void *p = (void *)value; 88 void *p = (void *)value;
91 ASN1_TYPE_set(a, type, p); 89 ASN1_TYPE_set(a, type, p);
92 } 90 } else if (type == V_ASN1_OBJECT) {
93 else if (type == V_ASN1_OBJECT)
94 {
95 ASN1_OBJECT *odup; 91 ASN1_OBJECT *odup;
96 odup = OBJ_dup(value); 92 odup = OBJ_dup(value);
97 if (!odup) 93 if (!odup)
98 return 0; 94 return 0;
99 ASN1_TYPE_set(a, type, odup); 95 ASN1_TYPE_set(a, type, odup);
100 } 96 } else {
101 else
102 {
103 ASN1_STRING *sdup; 97 ASN1_STRING *sdup;
104 sdup = ASN1_STRING_dup(value); 98 sdup = ASN1_STRING_dup(value);
105 if (!sdup) 99 if (!sdup)
@@ -119,8 +113,7 @@ int ASN1_TYPE_cmp(ASN1_TYPE *a, ASN1_TYPE *b)
119 113
120 if (!a || !b || a->type != b->type) return -1; 114 if (!a || !b || a->type != b->type) return -1;
121 115
122 switch (a->type) 116 switch (a->type) {
123 {
124 case V_ASN1_OBJECT: 117 case V_ASN1_OBJECT:
125 result = OBJ_cmp(a->value.object, b->value.object); 118 result = OBJ_cmp(a->value.object, b->value.object);
126 break; 119 break;
diff --git a/src/lib/libcrypto/asn1/a_utctm.c b/src/lib/libcrypto/asn1/a_utctm.c
index e75f2ecbb6..d8135d0457 100644
--- a/src/lib/libcrypto/asn1/a_utctm.c
+++ b/src/lib/libcrypto/asn1/a_utctm.c
@@ -77,13 +77,11 @@ ASN1_UTCTIME *d2i_ASN1_UTCTIME(ASN1_UTCTIME **a, unsigned char **pp,
77 77
78 ret=(ASN1_UTCTIME *)d2i_ASN1_bytes((ASN1_STRING **)a,pp,length, 78 ret=(ASN1_UTCTIME *)d2i_ASN1_bytes((ASN1_STRING **)a,pp,length,
79 V_ASN1_UTCTIME,V_ASN1_UNIVERSAL); 79 V_ASN1_UTCTIME,V_ASN1_UNIVERSAL);
80 if (ret == NULL) 80 if (ret == NULL) {
81 {
82 ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ERR_R_NESTED_ASN1_ERROR); 81 ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ERR_R_NESTED_ASN1_ERROR);
83 return(NULL); 82 return(NULL);
84 } 83 }
85 if (!ASN1_UTCTIME_check(ret)) 84 if (!ASN1_UTCTIME_check(ret)) {
86 {
87 ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_INVALID_TIME_FORMAT); 85 ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_INVALID_TIME_FORMAT);
88 goto err; 86 goto err;
89 } 87 }
@@ -110,11 +108,12 @@ int ASN1_UTCTIME_check(ASN1_UTCTIME *d)
110 o=0; 108 o=0;
111 109
112 if (l < 11) goto err; 110 if (l < 11) goto err;
113 for (i=0; i<6; i++) 111 for (i=0; i<6; i++) {
114 {
115 if ((i == 5) && ((a[o] == 'Z') || 112 if ((i == 5) && ((a[o] == 'Z') ||
116 (a[o] == '+') || (a[o] == '-'))) 113 (a[o] == '+') || (a[o] == '-'))) {
117 { i++; break; } 114 i++;
115 break;
116 }
118 if ((a[o] < '0') || (a[o] > '9')) goto err; 117 if ((a[o] < '0') || (a[o] > '9')) goto err;
119 n= a[o]-'0'; 118 n= a[o]-'0';
120 if (++o > l) goto err; 119 if (++o > l) goto err;
@@ -127,12 +126,10 @@ int ASN1_UTCTIME_check(ASN1_UTCTIME *d)
127 } 126 }
128 if (a[o] == 'Z') 127 if (a[o] == 'Z')
129 o++; 128 o++;
130 else if ((a[o] == '+') || (a[o] == '-')) 129 else if ((a[o] == '+') || (a[o] == '-')) {
131 {
132 o++; 130 o++;
133 if (o+4 > l) goto err; 131 if (o+4 > l) goto err;
134 for (i=6; i<8; i++) 132 for (i=6; i<8; i++) {
135 {
136 if ((a[o] < '0') || (a[o] > '9')) goto err; 133 if ((a[o] < '0') || (a[o] > '9')) goto err;
137 n= a[o]-'0'; 134 n= a[o]-'0';
138 o++; 135 o++;
@@ -154,18 +151,15 @@ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str)
154 t.type=V_ASN1_UTCTIME; 151 t.type=V_ASN1_UTCTIME;
155 t.length=strlen(str); 152 t.length=strlen(str);
156 t.data=(unsigned char *)str; 153 t.data=(unsigned char *)str;
157 if (ASN1_UTCTIME_check(&t)) 154 if (ASN1_UTCTIME_check(&t)) {
158 { 155 if (s != NULL) {
159 if (s != NULL)
160 {
161 if (!ASN1_STRING_set((ASN1_STRING *)s, 156 if (!ASN1_STRING_set((ASN1_STRING *)s,
162 (unsigned char *)str,t.length)) 157 (unsigned char *)str,t.length))
163 return 0; 158 return 0;
164 s->type = V_ASN1_UTCTIME; 159 s->type = V_ASN1_UTCTIME;
165 } 160 }
166 return(1); 161 return(1);
167 } 162 } else
168 else
169 return(0); 163 return(0);
170} 164}
171 165
@@ -191,8 +185,7 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
191 if (ts == NULL) 185 if (ts == NULL)
192 return(NULL); 186 return(NULL);
193 187
194 if (offset_day || offset_sec) 188 if (offset_day || offset_sec) {
195 {
196 if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec)) 189 if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
197 return NULL; 190 return NULL;
198 } 191 }
@@ -201,11 +194,9 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
201 return NULL; 194 return NULL;
202 195
203 p=(char *)s->data; 196 p=(char *)s->data;
204 if ((p == NULL) || ((size_t)s->length < len)) 197 if ((p == NULL) || ((size_t)s->length < len)) {
205 {
206 p=malloc(len); 198 p=malloc(len);
207 if (p == NULL) 199 if (p == NULL) {
208 {
209 ASN1err(ASN1_F_ASN1_UTCTIME_ADJ,ERR_R_MALLOC_FAILURE); 200 ASN1err(ASN1_F_ASN1_UTCTIME_ADJ,ERR_R_MALLOC_FAILURE);
210 return(NULL); 201 return(NULL);
211 } 202 }
@@ -233,8 +224,7 @@ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
233 224
234 if (s->data[12] == 'Z') 225 if (s->data[12] == 'Z')
235 offset=0; 226 offset=0;
236 else 227 else {
237 {
238 offset = g2(s->data+13)*60+g2(s->data+15); 228 offset = g2(s->data+13)*60+g2(s->data+15);
239 if (s->data[12] == '-') 229 if (s->data[12] == '-')
240 offset = -offset; 230 offset = -offset;
@@ -280,8 +270,7 @@ time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s)
280 tm.tm_sec=g2(s->data+10); 270 tm.tm_sec=g2(s->data+10);
281 if(s->data[12] == 'Z') 271 if(s->data[12] == 'Z')
282 offset=0; 272 offset=0;
283 else 273 else {
284 {
285 offset=g2(s->data+13)*60+g2(s->data+15); 274 offset=g2(s->data+13)*60+g2(s->data+15);
286 if(s->data[12] == '-') 275 if(s->data[12] == '-')
287 offset= -offset; 276 offset= -offset;
diff --git a/src/lib/libcrypto/asn1/a_verify.c b/src/lib/libcrypto/asn1/a_verify.c
index 59c5b876b5..8df0b038d1 100644
--- a/src/lib/libcrypto/asn1/a_verify.c
+++ b/src/lib/libcrypto/asn1/a_verify.c
@@ -81,8 +81,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
81 81
82 int mdnid, pknid; 82 int mdnid, pknid;
83 83
84 if (!pkey) 84 if (!pkey) {
85 {
86 ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_PASSED_NULL_PARAMETER); 85 ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_PASSED_NULL_PARAMETER);
87 return -1; 86 return -1;
88 } 87 }
@@ -90,15 +89,12 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
90 EVP_MD_CTX_init(&ctx); 89 EVP_MD_CTX_init(&ctx);
91 90
92 /* Convert signature OID into digest and public key OIDs */ 91 /* Convert signature OID into digest and public key OIDs */
93 if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) 92 if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) {
94 {
95 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); 93 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
96 goto err; 94 goto err;
97 } 95 }
98 if (mdnid == NID_undef) 96 if (mdnid == NID_undef) {
99 { 97 if (!pkey->ameth || !pkey->ameth->item_verify) {
100 if (!pkey->ameth || !pkey->ameth->item_verify)
101 {
102 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); 98 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
103 goto err; 99 goto err;
104 } 100 }
@@ -111,26 +107,21 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
111 if (ret != 2) 107 if (ret != 2)
112 goto err; 108 goto err;
113 ret = -1; 109 ret = -1;
114 } 110 } else {
115 else
116 {
117 const EVP_MD *type; 111 const EVP_MD *type;
118 type=EVP_get_digestbynid(mdnid); 112 type=EVP_get_digestbynid(mdnid);
119 if (type == NULL) 113 if (type == NULL) {
120 {
121 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); 114 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
122 goto err; 115 goto err;
123 } 116 }
124 117
125 /* Check public key OID matches public key type */ 118 /* Check public key OID matches public key type */
126 if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) 119 if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) {
127 {
128 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_WRONG_PUBLIC_KEY_TYPE); 120 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_WRONG_PUBLIC_KEY_TYPE);
129 goto err; 121 goto err;
130 } 122 }
131 123
132 if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)) 124 if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)) {
133 {
134 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); 125 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB);
135 ret=0; 126 ret=0;
136 goto err; 127 goto err;
@@ -140,14 +131,12 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
140 131
141 inl = ASN1_item_i2d(asn, &buf_in, it); 132 inl = ASN1_item_i2d(asn, &buf_in, it);
142 133
143 if (buf_in == NULL) 134 if (buf_in == NULL) {
144 {
145 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_MALLOC_FAILURE); 135 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_MALLOC_FAILURE);
146 goto err; 136 goto err;
147 } 137 }
148 138
149 if (!EVP_DigestVerifyUpdate(&ctx,buf_in,inl)) 139 if (!EVP_DigestVerifyUpdate(&ctx,buf_in,inl)) {
150 {
151 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); 140 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB);
152 ret=0; 141 ret=0;
153 goto err; 142 goto err;
@@ -157,8 +146,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
157 free(buf_in); 146 free(buf_in);
158 147
159 if (EVP_DigestVerifyFinal(&ctx,signature->data, 148 if (EVP_DigestVerifyFinal(&ctx,signature->data,
160 (size_t)signature->length) <= 0) 149 (size_t)signature->length) <= 0) {
161 {
162 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); 150 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB);
163 ret=0; 151 ret=0;
164 goto err; 152 goto err;
diff --git a/src/lib/libcrypto/asn1/ameth_lib.c b/src/lib/libcrypto/asn1/ameth_lib.c
index 8f96e00c93..bbaf6b4dfb 100644
--- a/src/lib/libcrypto/asn1/ameth_lib.c
+++ b/src/lib/libcrypto/asn1/ameth_lib.c
@@ -150,8 +150,7 @@ static const EVP_PKEY_ASN1_METHOD *pkey_asn1_find(int type)
150 EVP_PKEY_ASN1_METHOD tmp; 150 EVP_PKEY_ASN1_METHOD tmp;
151 const EVP_PKEY_ASN1_METHOD *t = &tmp, **ret; 151 const EVP_PKEY_ASN1_METHOD *t = &tmp, **ret;
152 tmp.pkey_id = type; 152 tmp.pkey_id = type;
153 if (app_methods) 153 if (app_methods) {
154 {
155 int idx; 154 int idx;
156 idx = sk_EVP_PKEY_ASN1_METHOD_find(app_methods, &tmp); 155 idx = sk_EVP_PKEY_ASN1_METHOD_find(app_methods, &tmp);
157 if (idx >= 0) 156 if (idx >= 0)
@@ -175,21 +174,18 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type)
175{ 174{
176 const EVP_PKEY_ASN1_METHOD *t; 175 const EVP_PKEY_ASN1_METHOD *t;
177 176
178 for (;;) 177 for (;;) {
179 {
180 t = pkey_asn1_find(type); 178 t = pkey_asn1_find(type);
181 if (!t || !(t->pkey_flags & ASN1_PKEY_ALIAS)) 179 if (!t || !(t->pkey_flags & ASN1_PKEY_ALIAS))
182 break; 180 break;
183 type = t->pkey_base_id; 181 type = t->pkey_base_id;
184 } 182 }
185 if (pe) 183 if (pe) {
186 {
187#ifndef OPENSSL_NO_ENGINE 184#ifndef OPENSSL_NO_ENGINE
188 ENGINE *e; 185 ENGINE *e;
189 /* type will contain the final unaliased type */ 186 /* type will contain the final unaliased type */
190 e = ENGINE_get_pkey_asn1_meth_engine(type); 187 e = ENGINE_get_pkey_asn1_meth_engine(type);
191 if (e) 188 if (e) {
192 {
193 *pe = e; 189 *pe = e;
194 return ENGINE_get_pkey_asn1_meth(e, type); 190 return ENGINE_get_pkey_asn1_meth(e, type);
195 } 191 }
@@ -206,13 +202,11 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
206 const EVP_PKEY_ASN1_METHOD *ameth; 202 const EVP_PKEY_ASN1_METHOD *ameth;
207 if (len == -1) 203 if (len == -1)
208 len = strlen(str); 204 len = strlen(str);
209 if (pe) 205 if (pe) {
210 {
211#ifndef OPENSSL_NO_ENGINE 206#ifndef OPENSSL_NO_ENGINE
212 ENGINE *e; 207 ENGINE *e;
213 ameth = ENGINE_pkey_asn1_find_str(&e, str, len); 208 ameth = ENGINE_pkey_asn1_find_str(&e, str, len);
214 if (ameth) 209 if (ameth) {
215 {
216 /* Convert structural into 210 /* Convert structural into
217 * functional reference 211 * functional reference
218 */ 212 */
@@ -225,8 +219,7 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
225#endif 219#endif
226 *pe = NULL; 220 *pe = NULL;
227 } 221 }
228 for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) 222 for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) {
229 {
230 ameth = EVP_PKEY_asn1_get0(i); 223 ameth = EVP_PKEY_asn1_get0(i);
231 if (ameth->pkey_flags & ASN1_PKEY_ALIAS) 224 if (ameth->pkey_flags & ASN1_PKEY_ALIAS)
232 continue; 225 continue;
@@ -239,8 +232,7 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
239 232
240int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth) 233int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth)
241{ 234{
242 if (app_methods == NULL) 235 if (app_methods == NULL) {
243 {
244 app_methods = sk_EVP_PKEY_ASN1_METHOD_new(ameth_cmp); 236 app_methods = sk_EVP_PKEY_ASN1_METHOD_new(ameth_cmp);
245 if (!app_methods) 237 if (!app_methods)
246 return 0; 238 return 0;
@@ -299,8 +291,7 @@ EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags,
299 ameth->pkey_base_id = id; 291 ameth->pkey_base_id = id;
300 ameth->pkey_flags = flags | ASN1_PKEY_DYNAMIC; 292 ameth->pkey_flags = flags | ASN1_PKEY_DYNAMIC;
301 293
302 if (info) 294 if (info) {
303 {
304 ameth->info = BUF_strdup(info); 295 ameth->info = BUF_strdup(info);
305 if (!ameth->info) 296 if (!ameth->info)
306 goto err; 297 goto err;
@@ -308,8 +299,7 @@ EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags,
308 else 299 else
309 ameth->info = NULL; 300 ameth->info = NULL;
310 301
311 if (pem_str) 302 if (pem_str) {
312 {
313 ameth->pem_str = BUF_strdup(pem_str); 303 ameth->pem_str = BUF_strdup(pem_str);
314 if (!ameth->pem_str) 304 if (!ameth->pem_str)
315 goto err; 305 goto err;
@@ -390,8 +380,7 @@ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
390 380
391void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth) 381void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth)
392{ 382{
393 if (ameth && (ameth->pkey_flags & ASN1_PKEY_DYNAMIC)) 383 if (ameth && (ameth->pkey_flags & ASN1_PKEY_DYNAMIC)) {
394 {
395 if (ameth->pem_str) 384 if (ameth->pem_str)
396 free(ameth->pem_str); 385 free(ameth->pem_str);
397 if (ameth->info) 386 if (ameth->info)
diff --git a/src/lib/libcrypto/asn1/asn1_err.c b/src/lib/libcrypto/asn1/asn1_err.c
index 582f613744..c229c4b4db 100644
--- a/src/lib/libcrypto/asn1/asn1_err.c
+++ b/src/lib/libcrypto/asn1/asn1_err.c
@@ -323,8 +323,7 @@ void ERR_load_ASN1_strings(void)
323{ 323{
324#ifndef OPENSSL_NO_ERR 324#ifndef OPENSSL_NO_ERR
325 325
326 if (ERR_func_error_string(ASN1_str_functs[0].error) == NULL) 326 if (ERR_func_error_string(ASN1_str_functs[0].error) == NULL) {
327 {
328 ERR_load_strings(0,ASN1_str_functs); 327 ERR_load_strings(0,ASN1_str_functs);
329 ERR_load_strings(0,ASN1_str_reasons); 328 ERR_load_strings(0,ASN1_str_reasons);
330 } 329 }
diff --git a/src/lib/libcrypto/asn1/asn1_gen.c b/src/lib/libcrypto/asn1/asn1_gen.c
index f78aac7148..314df379f9 100644
--- a/src/lib/libcrypto/asn1/asn1_gen.c
+++ b/src/lib/libcrypto/asn1/asn1_gen.c
@@ -156,10 +156,8 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)
156 if (CONF_parse_list(str, ',', 1, asn1_cb, &asn1_tags) != 0) 156 if (CONF_parse_list(str, ',', 1, asn1_cb, &asn1_tags) != 0)
157 return NULL; 157 return NULL;
158 158
159 if ((asn1_tags.utype == V_ASN1_SEQUENCE) || (asn1_tags.utype == V_ASN1_SET)) 159 if ((asn1_tags.utype == V_ASN1_SEQUENCE) || (asn1_tags.utype == V_ASN1_SET)) {
160 { 160 if (!cnf) {
161 if (!cnf)
162 {
163 ASN1err(ASN1_F_ASN1_GENERATE_V3, ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG); 161 ASN1err(ASN1_F_ASN1_GENERATE_V3, ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG);
164 return NULL; 162 return NULL;
165 } 163 }
@@ -183,8 +181,7 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)
183 cpy_start = orig_der; 181 cpy_start = orig_der;
184 182
185 /* Do we need IMPLICIT tagging? */ 183 /* Do we need IMPLICIT tagging? */
186 if (asn1_tags.imp_tag != -1) 184 if (asn1_tags.imp_tag != -1) {
187 {
188 /* If IMPLICIT we will replace the underlying tag */ 185 /* If IMPLICIT we will replace the underlying tag */
189 /* Skip existing tag+len */ 186 /* Skip existing tag+len */
190 r = ASN1_get_object(&cpy_start, &hdr_len, &hdr_tag, &hdr_class, cpy_len); 187 r = ASN1_get_object(&cpy_start, &hdr_len, &hdr_tag, &hdr_class, cpy_len);
@@ -196,8 +193,7 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)
196 * original length and constructed flag should be 193 * original length and constructed flag should be
197 * consistent. 194 * consistent.
198 */ 195 */
199 if (r & 0x1) 196 if (r & 0x1) {
200 {
201 /* Indefinite length constructed */ 197 /* Indefinite length constructed */
202 hdr_constructed = 2; 198 hdr_constructed = 2;
203 hdr_len = 0; 199 hdr_len = 0;
@@ -215,8 +211,7 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)
215 211
216 /* Work out length in any EXPLICIT, starting from end */ 212 /* Work out length in any EXPLICIT, starting from end */
217 213
218 for(i = 0, etmp = asn1_tags.exp_list + asn1_tags.exp_count - 1; i < asn1_tags.exp_count; i++, etmp--) 214 for(i = 0, etmp = asn1_tags.exp_list + asn1_tags.exp_count - 1; i < asn1_tags.exp_count; i++, etmp--) {
219 {
220 /* Content length: number of content octets + any padding */ 215 /* Content length: number of content octets + any padding */
221 len += etmp->exp_pad; 216 len += etmp->exp_pad;
222 etmp->exp_len = len; 217 etmp->exp_len = len;
@@ -236,8 +231,7 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)
236 231
237 /* Output explicit tags first */ 232 /* Output explicit tags first */
238 233
239 for (i = 0, etmp = asn1_tags.exp_list; i < asn1_tags.exp_count; i++, etmp++) 234 for (i = 0, etmp = asn1_tags.exp_list; i < asn1_tags.exp_count; i++, etmp++) {
240 {
241 ASN1_put_object(&p, etmp->exp_constructed, etmp->exp_len, 235 ASN1_put_object(&p, etmp->exp_constructed, etmp->exp_len,
242 etmp->exp_tag, etmp->exp_class); 236 etmp->exp_tag, etmp->exp_class);
243 if (etmp->exp_pad) 237 if (etmp->exp_pad)
@@ -246,8 +240,7 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)
246 240
247 /* If IMPLICIT, output tag */ 241 /* If IMPLICIT, output tag */
248 242
249 if (asn1_tags.imp_tag != -1) 243 if (asn1_tags.imp_tag != -1) {
250 {
251 if (asn1_tags.imp_class == V_ASN1_UNIVERSAL 244 if (asn1_tags.imp_class == V_ASN1_UNIVERSAL
252 && (asn1_tags.imp_tag == V_ASN1_SEQUENCE 245 && (asn1_tags.imp_tag == V_ASN1_SEQUENCE
253 || asn1_tags.imp_tag == V_ASN1_SET) ) 246 || asn1_tags.imp_tag == V_ASN1_SET) )
@@ -284,11 +277,9 @@ static int asn1_cb(const char *elem, int len, void *bitstr)
284 277
285 int tmp_tag, tmp_class; 278 int tmp_tag, tmp_class;
286 279
287 for(i = 0, p = elem; i < len; p++, i++) 280 for(i = 0, p = elem; i < len; p++, i++) {
288 {
289 /* Look for the ':' in name value pairs */ 281 /* Look for the ':' in name value pairs */
290 if (*p == ':') 282 if (*p == ':') {
291 {
292 vstart = p + 1; 283 vstart = p + 1;
293 vlen = len - (vstart - elem); 284 vlen = len - (vstart - elem);
294 len = p - elem; 285 len = p - elem;
@@ -298,34 +289,29 @@ static int asn1_cb(const char *elem, int len, void *bitstr)
298 289
299 utype = asn1_str2tag(elem, len); 290 utype = asn1_str2tag(elem, len);
300 291
301 if (utype == -1) 292 if (utype == -1) {
302 {
303 ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKNOWN_TAG); 293 ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKNOWN_TAG);
304 ERR_add_error_data(2, "tag=", elem); 294 ERR_add_error_data(2, "tag=", elem);
305 return -1; 295 return -1;
306 } 296 }
307 297
308 /* If this is not a modifier mark end of string and exit */ 298 /* If this is not a modifier mark end of string and exit */
309 if (!(utype & ASN1_GEN_FLAG)) 299 if (!(utype & ASN1_GEN_FLAG)) {
310 {
311 arg->utype = utype; 300 arg->utype = utype;
312 arg->str = vstart; 301 arg->str = vstart;
313 /* If no value and not end of string, error */ 302 /* If no value and not end of string, error */
314 if (!vstart && elem[len]) 303 if (!vstart && elem[len]) {
315 {
316 ASN1err(ASN1_F_ASN1_CB, ASN1_R_MISSING_VALUE); 304 ASN1err(ASN1_F_ASN1_CB, ASN1_R_MISSING_VALUE);
317 return -1; 305 return -1;
318 } 306 }
319 return 0; 307 return 0;
320 } 308 }
321 309
322 switch(utype) 310 switch(utype) {
323 {
324 311
325 case ASN1_GEN_FLAG_IMP: 312 case ASN1_GEN_FLAG_IMP:
326 /* Check for illegal multiple IMPLICIT tagging */ 313 /* Check for illegal multiple IMPLICIT tagging */
327 if (arg->imp_tag != -1) 314 if (arg->imp_tag != -1) {
328 {
329 ASN1err(ASN1_F_ASN1_CB, ASN1_R_ILLEGAL_NESTED_TAGGING); 315 ASN1err(ASN1_F_ASN1_CB, ASN1_R_ILLEGAL_NESTED_TAGGING);
330 return -1; 316 return -1;
331 } 317 }
@@ -333,7 +319,7 @@ static int asn1_cb(const char *elem, int len, void *bitstr)
333 return -1; 319 return -1;
334 break; 320 break;
335 321
336 case ASN1_GEN_FLAG_EXP: 322 case ASN1_GEN_FLAG_EXP:
337 323
338 if (!parse_tagging(vstart, vlen, &tmp_tag, &tmp_class)) 324 if (!parse_tagging(vstart, vlen, &tmp_tag, &tmp_class))
339 return -1; 325 return -1;
@@ -341,27 +327,27 @@ static int asn1_cb(const char *elem, int len, void *bitstr)
341 return -1; 327 return -1;
342 break; 328 break;
343 329
344 case ASN1_GEN_FLAG_SEQWRAP: 330 case ASN1_GEN_FLAG_SEQWRAP:
345 if (!append_exp(arg, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, 1, 0, 1)) 331 if (!append_exp(arg, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, 1, 0, 1))
346 return -1; 332 return -1;
347 break; 333 break;
348 334
349 case ASN1_GEN_FLAG_SETWRAP: 335 case ASN1_GEN_FLAG_SETWRAP:
350 if (!append_exp(arg, V_ASN1_SET, V_ASN1_UNIVERSAL, 1, 0, 1)) 336 if (!append_exp(arg, V_ASN1_SET, V_ASN1_UNIVERSAL, 1, 0, 1))
351 return -1; 337 return -1;
352 break; 338 break;
353 339
354 case ASN1_GEN_FLAG_BITWRAP: 340 case ASN1_GEN_FLAG_BITWRAP:
355 if (!append_exp(arg, V_ASN1_BIT_STRING, V_ASN1_UNIVERSAL, 0, 1, 1)) 341 if (!append_exp(arg, V_ASN1_BIT_STRING, V_ASN1_UNIVERSAL, 0, 1, 1))
356 return -1; 342 return -1;
357 break; 343 break;
358 344
359 case ASN1_GEN_FLAG_OCTWRAP: 345 case ASN1_GEN_FLAG_OCTWRAP:
360 if (!append_exp(arg, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL, 0, 0, 1)) 346 if (!append_exp(arg, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL, 0, 0, 1))
361 return -1; 347 return -1;
362 break; 348 break;
363 349
364 case ASN1_GEN_FLAG_FORMAT: 350 case ASN1_GEN_FLAG_FORMAT:
365 if (!strncmp(vstart, "ASCII", 5)) 351 if (!strncmp(vstart, "ASCII", 5))
366 arg->format = ASN1_GEN_FORMAT_ASCII; 352 arg->format = ASN1_GEN_FORMAT_ASCII;
367 else if (!strncmp(vstart, "UTF8", 4)) 353 else if (!strncmp(vstart, "UTF8", 4))
@@ -370,8 +356,7 @@ static int asn1_cb(const char *elem, int len, void *bitstr)
370 arg->format = ASN1_GEN_FORMAT_HEX; 356 arg->format = ASN1_GEN_FORMAT_HEX;
371 else if (!strncmp(vstart, "BITLIST", 7)) 357 else if (!strncmp(vstart, "BITLIST", 7))
372 arg->format = ASN1_GEN_FORMAT_BITLIST; 358 arg->format = ASN1_GEN_FORMAT_BITLIST;
373 else 359 else {
374 {
375 ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKOWN_FORMAT); 360 ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKOWN_FORMAT);
376 return -1; 361 return -1;
377 } 362 }
@@ -394,8 +379,7 @@ static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass)
394 /* Check we haven't gone past max length: should be impossible */ 379 /* Check we haven't gone past max length: should be impossible */
395 if (eptr && *eptr && (eptr > vstart + vlen)) 380 if (eptr && *eptr && (eptr > vstart + vlen))
396 return 0; 381 return 0;
397 if (tag_num < 0) 382 if (tag_num < 0) {
398 {
399 ASN1err(ASN1_F_PARSE_TAGGING, ASN1_R_INVALID_NUMBER); 383 ASN1err(ASN1_F_PARSE_TAGGING, ASN1_R_INVALID_NUMBER);
400 return 0; 384 return 0;
401 } 385 }
@@ -405,24 +389,22 @@ static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass)
405 vlen -= eptr - vstart; 389 vlen -= eptr - vstart;
406 else 390 else
407 vlen = 0; 391 vlen = 0;
408 if (vlen) 392 if (vlen) {
409 { 393 switch (*eptr) {
410 switch (*eptr)
411 {
412 394
413 case 'U': 395 case 'U':
414 *pclass = V_ASN1_UNIVERSAL; 396 *pclass = V_ASN1_UNIVERSAL;
415 break; 397 break;
416 398
417 case 'A': 399 case 'A':
418 *pclass = V_ASN1_APPLICATION; 400 *pclass = V_ASN1_APPLICATION;
419 break; 401 break;
420 402
421 case 'P': 403 case 'P':
422 *pclass = V_ASN1_PRIVATE; 404 *pclass = V_ASN1_PRIVATE;
423 break; 405 break;
424 406
425 case 'C': 407 case 'C':
426 *pclass = V_ASN1_CONTEXT_SPECIFIC; 408 *pclass = V_ASN1_CONTEXT_SPECIFIC;
427 break; 409 break;
428 410
@@ -456,15 +438,13 @@ static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf)
456 sk = sk_ASN1_TYPE_new_null(); 438 sk = sk_ASN1_TYPE_new_null();
457 if (!sk) 439 if (!sk)
458 goto bad; 440 goto bad;
459 if (section) 441 if (section) {
460 {
461 if (!cnf) 442 if (!cnf)
462 goto bad; 443 goto bad;
463 sect = X509V3_get_section(cnf, (char *)section); 444 sect = X509V3_get_section(cnf, (char *)section);
464 if (!sect) 445 if (!sect)
465 goto bad; 446 goto bad;
466 for (i = 0; i < sk_CONF_VALUE_num(sect); i++) 447 for (i = 0; i < sk_CONF_VALUE_num(sect); i++) {
467 {
468 ASN1_TYPE *typ = ASN1_generate_v3(sk_CONF_VALUE_value(sect, i)->value, cnf); 448 ASN1_TYPE *typ = ASN1_generate_v3(sk_CONF_VALUE_value(sect, i)->value, cnf);
469 if (!typ) 449 if (!typ)
470 goto bad; 450 goto bad;
@@ -513,14 +493,12 @@ static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class, int exp_cons
513{ 493{
514 tag_exp_type *exp_tmp; 494 tag_exp_type *exp_tmp;
515 /* Can only have IMPLICIT if permitted */ 495 /* Can only have IMPLICIT if permitted */
516 if ((arg->imp_tag != -1) && !imp_ok) 496 if ((arg->imp_tag != -1) && !imp_ok) {
517 {
518 ASN1err(ASN1_F_APPEND_EXP, ASN1_R_ILLEGAL_IMPLICIT_TAG); 497 ASN1err(ASN1_F_APPEND_EXP, ASN1_R_ILLEGAL_IMPLICIT_TAG);
519 return 0; 498 return 0;
520 } 499 }
521 500
522 if (arg->exp_count == ASN1_FLAG_EXP_MAX) 501 if (arg->exp_count == ASN1_FLAG_EXP_MAX) {
523 {
524 ASN1err(ASN1_F_APPEND_EXP, ASN1_R_DEPTH_EXCEEDED); 502 ASN1err(ASN1_F_APPEND_EXP, ASN1_R_DEPTH_EXCEEDED);
525 return 0; 503 return 0;
526 } 504 }
@@ -530,15 +508,12 @@ static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class, int exp_cons
530 /* If IMPLICIT set tag to implicit value then 508 /* If IMPLICIT set tag to implicit value then
531 * reset implicit tag since it has been used. 509 * reset implicit tag since it has been used.
532 */ 510 */
533 if (arg->imp_tag != -1) 511 if (arg->imp_tag != -1) {
534 {
535 exp_tmp->exp_tag = arg->imp_tag; 512 exp_tmp->exp_tag = arg->imp_tag;
536 exp_tmp->exp_class = arg->imp_class; 513 exp_tmp->exp_class = arg->imp_class;
537 arg->imp_tag = -1; 514 arg->imp_tag = -1;
538 arg->imp_class = -1; 515 arg->imp_class = -1;
539 } 516 } else {
540 else
541 {
542 exp_tmp->exp_tag = exp_tag; 517 exp_tmp->exp_tag = exp_tag;
543 exp_tmp->exp_class = exp_class; 518 exp_tmp->exp_class = exp_class;
544 } 519 }
@@ -617,8 +592,7 @@ static int asn1_str2tag(const char *tagstr, int len)
617 len = strlen(tagstr); 592 len = strlen(tagstr);
618 593
619 tntmp = tnst; 594 tntmp = tnst;
620 for (i = 0; i < sizeof(tnst) / sizeof(struct tag_name_st); i++, tntmp++) 595 for (i = 0; i < sizeof(tnst) / sizeof(struct tag_name_st); i++, tntmp++) {
621 {
622 if ((len == tntmp->len) && !strncmp(tntmp->strnam, tagstr, len)) 596 if ((len == tntmp->len) && !strncmp(tntmp->strnam, tagstr, len))
623 return tntmp->tag; 597 return tntmp->tag;
624 } 598 }
@@ -637,8 +611,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
637 611
638 int no_unused = 1; 612 int no_unused = 1;
639 613
640 if (!(atmp = ASN1_TYPE_new())) 614 if (!(atmp = ASN1_TYPE_new())) {
641 {
642 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE); 615 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
643 return NULL; 616 return NULL;
644 } 617 }
@@ -646,110 +619,96 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
646 if (!str) 619 if (!str)
647 str = ""; 620 str = "";
648 621
649 switch(utype) 622 switch(utype) {
650 {
651 623
652 case V_ASN1_NULL: 624 case V_ASN1_NULL:
653 if (str && *str) 625 if (str && *str) {
654 {
655 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_NULL_VALUE); 626 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_NULL_VALUE);
656 goto bad_form; 627 goto bad_form;
657 } 628 }
658 break; 629 break;
659 630
660 case V_ASN1_BOOLEAN: 631 case V_ASN1_BOOLEAN:
661 if (format != ASN1_GEN_FORMAT_ASCII) 632 if (format != ASN1_GEN_FORMAT_ASCII) {
662 {
663 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_NOT_ASCII_FORMAT); 633 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_NOT_ASCII_FORMAT);
664 goto bad_form; 634 goto bad_form;
665 } 635 }
666 vtmp.name = NULL; 636 vtmp.name = NULL;
667 vtmp.section = NULL; 637 vtmp.section = NULL;
668 vtmp.value = (char *)str; 638 vtmp.value = (char *)str;
669 if (!X509V3_get_value_bool(&vtmp, &atmp->value.boolean)) 639 if (!X509V3_get_value_bool(&vtmp, &atmp->value.boolean)) {
670 {
671 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_BOOLEAN); 640 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_BOOLEAN);
672 goto bad_str; 641 goto bad_str;
673 } 642 }
674 break; 643 break;
675 644
676 case V_ASN1_INTEGER: 645 case V_ASN1_INTEGER:
677 case V_ASN1_ENUMERATED: 646 case V_ASN1_ENUMERATED:
678 if (format != ASN1_GEN_FORMAT_ASCII) 647 if (format != ASN1_GEN_FORMAT_ASCII) {
679 {
680 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_INTEGER_NOT_ASCII_FORMAT); 648 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_INTEGER_NOT_ASCII_FORMAT);
681 goto bad_form; 649 goto bad_form;
682 } 650 }
683 if (!(atmp->value.integer = s2i_ASN1_INTEGER(NULL, (char *)str))) 651 if (!(atmp->value.integer = s2i_ASN1_INTEGER(NULL, (char *)str))) {
684 {
685 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_INTEGER); 652 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_INTEGER);
686 goto bad_str; 653 goto bad_str;
687 } 654 }
688 break; 655 break;
689 656
690 case V_ASN1_OBJECT: 657 case V_ASN1_OBJECT:
691 if (format != ASN1_GEN_FORMAT_ASCII) 658 if (format != ASN1_GEN_FORMAT_ASCII) {
692 {
693 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_OBJECT_NOT_ASCII_FORMAT); 659 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_OBJECT_NOT_ASCII_FORMAT);
694 goto bad_form; 660 goto bad_form;
695 } 661 }
696 if (!(atmp->value.object = OBJ_txt2obj(str, 0))) 662 if (!(atmp->value.object = OBJ_txt2obj(str, 0))) {
697 {
698 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_OBJECT); 663 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_OBJECT);
699 goto bad_str; 664 goto bad_str;
700 } 665 }
701 break; 666 break;
702 667
703 case V_ASN1_UTCTIME: 668 case V_ASN1_UTCTIME:
704 case V_ASN1_GENERALIZEDTIME: 669 case V_ASN1_GENERALIZEDTIME:
705 if (format != ASN1_GEN_FORMAT_ASCII) 670 if (format != ASN1_GEN_FORMAT_ASCII) {
706 {
707 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_TIME_NOT_ASCII_FORMAT); 671 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_TIME_NOT_ASCII_FORMAT);
708 goto bad_form; 672 goto bad_form;
709 } 673 }
710 if (!(atmp->value.asn1_string = ASN1_STRING_new())) 674 if (!(atmp->value.asn1_string = ASN1_STRING_new())) {
711 {
712 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE); 675 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
713 goto bad_str; 676 goto bad_str;
714 } 677 }
715 if (!ASN1_STRING_set(atmp->value.asn1_string, str, -1)) 678 if (!ASN1_STRING_set(atmp->value.asn1_string, str, -1)) {
716 {
717 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE); 679 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
718 goto bad_str; 680 goto bad_str;
719 } 681 }
720 atmp->value.asn1_string->type = utype; 682 atmp->value.asn1_string->type = utype;
721 if (!ASN1_TIME_check(atmp->value.asn1_string)) 683 if (!ASN1_TIME_check(atmp->value.asn1_string)) {
722 {
723 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_TIME_VALUE); 684 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_TIME_VALUE);
724 goto bad_str; 685 goto bad_str;
725 } 686 }
726 687
727 break; 688 break;
728 689
729 case V_ASN1_BMPSTRING: 690 case V_ASN1_BMPSTRING:
730 case V_ASN1_PRINTABLESTRING: 691 case V_ASN1_PRINTABLESTRING:
731 case V_ASN1_IA5STRING: 692 case V_ASN1_IA5STRING:
732 case V_ASN1_T61STRING: 693 case V_ASN1_T61STRING:
733 case V_ASN1_UTF8STRING: 694 case V_ASN1_UTF8STRING:
734 case V_ASN1_VISIBLESTRING: 695 case V_ASN1_VISIBLESTRING:
735 case V_ASN1_UNIVERSALSTRING: 696 case V_ASN1_UNIVERSALSTRING:
736 case V_ASN1_GENERALSTRING: 697 case V_ASN1_GENERALSTRING:
737 case V_ASN1_NUMERICSTRING: 698 case V_ASN1_NUMERICSTRING:
738 699
739 if (format == ASN1_GEN_FORMAT_ASCII) 700 if (format == ASN1_GEN_FORMAT_ASCII)
740 format = MBSTRING_ASC; 701 format = MBSTRING_ASC;
741 else if (format == ASN1_GEN_FORMAT_UTF8) 702 else if (format == ASN1_GEN_FORMAT_UTF8)
742 format = MBSTRING_UTF8; 703 format = MBSTRING_UTF8;
743 else 704 else {
744 {
745 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_FORMAT); 705 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_FORMAT);
746 goto bad_form; 706 goto bad_form;
747 } 707 }
748 708
749 709
750 if (ASN1_mbstring_copy(&atmp->value.asn1_string, (unsigned char *)str, 710 if (ASN1_mbstring_copy(&atmp->value.asn1_string, (unsigned char *)str,
751 -1, format, ASN1_tag2bit(utype)) <= 0) 711 -1, format, ASN1_tag2bit(utype)) <= 0) {
752 {
753 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE); 712 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
754 goto bad_str; 713 goto bad_str;
755 } 714 }
@@ -757,21 +716,18 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
757 716
758 break; 717 break;
759 718
760 case V_ASN1_BIT_STRING: 719 case V_ASN1_BIT_STRING:
761 720
762 case V_ASN1_OCTET_STRING: 721 case V_ASN1_OCTET_STRING:
763 722
764 if (!(atmp->value.asn1_string = ASN1_STRING_new())) 723 if (!(atmp->value.asn1_string = ASN1_STRING_new())) {
765 {
766 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE); 724 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
767 goto bad_form; 725 goto bad_form;
768 } 726 }
769 727
770 if (format == ASN1_GEN_FORMAT_HEX) 728 if (format == ASN1_GEN_FORMAT_HEX) {
771 {
772 729
773 if (!(rdata = string_to_hex((char *)str, &rdlen))) 730 if (!(rdata = string_to_hex((char *)str, &rdlen))) {
774 {
775 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_HEX); 731 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_HEX);
776 goto bad_str; 732 goto bad_str;
777 } 733 }
@@ -783,24 +739,19 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
783 } 739 }
784 else if (format == ASN1_GEN_FORMAT_ASCII) 740 else if (format == ASN1_GEN_FORMAT_ASCII)
785 ASN1_STRING_set(atmp->value.asn1_string, str, -1); 741 ASN1_STRING_set(atmp->value.asn1_string, str, -1);
786 else if ((format == ASN1_GEN_FORMAT_BITLIST) && (utype == V_ASN1_BIT_STRING)) 742 else if ((format == ASN1_GEN_FORMAT_BITLIST) && (utype == V_ASN1_BIT_STRING)) {
787 { 743 if (!CONF_parse_list(str, ',', 1, bitstr_cb, atmp->value.bit_string)) {
788 if (!CONF_parse_list(str, ',', 1, bitstr_cb, atmp->value.bit_string))
789 {
790 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_LIST_ERROR); 744 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_LIST_ERROR);
791 goto bad_str; 745 goto bad_str;
792 } 746 }
793 no_unused = 0; 747 no_unused = 0;
794 748
795 } 749 } else {
796 else
797 {
798 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_BITSTRING_FORMAT); 750 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_BITSTRING_FORMAT);
799 goto bad_form; 751 goto bad_form;
800 } 752 }
801 753
802 if ((utype == V_ASN1_BIT_STRING) && no_unused) 754 if ((utype == V_ASN1_BIT_STRING) && no_unused) {
803 {
804 atmp->value.asn1_string->flags 755 atmp->value.asn1_string->flags
805 &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); 756 &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
806 atmp->value.asn1_string->flags 757 atmp->value.asn1_string->flags
@@ -810,7 +761,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
810 761
811 break; 762 break;
812 763
813 default: 764 default:
814 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_UNSUPPORTED_TYPE); 765 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_UNSUPPORTED_TYPE);
815 goto bad_str; 766 goto bad_str;
816 break; 767 break;
@@ -821,9 +772,9 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
821 return atmp; 772 return atmp;
822 773
823 774
824 bad_str: 775bad_str:
825 ERR_add_error_data(2, "string=", str); 776 ERR_add_error_data(2, "string=", str);
826 bad_form: 777bad_form:
827 778
828 ASN1_TYPE_free(atmp); 779 ASN1_TYPE_free(atmp);
829 return NULL; 780 return NULL;
@@ -839,13 +790,11 @@ static int bitstr_cb(const char *elem, int len, void *bitstr)
839 bitnum = strtoul(elem, &eptr, 10); 790 bitnum = strtoul(elem, &eptr, 10);
840 if (eptr && *eptr && (eptr != elem + len)) 791 if (eptr && *eptr && (eptr != elem + len))
841 return 0; 792 return 0;
842 if (bitnum < 0) 793 if (bitnum < 0) {
843 {
844 ASN1err(ASN1_F_BITSTR_CB, ASN1_R_INVALID_NUMBER); 794 ASN1err(ASN1_F_BITSTR_CB, ASN1_R_INVALID_NUMBER);
845 return 0; 795 return 0;
846 } 796 }
847 if (!ASN1_BIT_STRING_set_bit(bitstr, bitnum, 1)) 797 if (!ASN1_BIT_STRING_set_bit(bitstr, bitnum, 1)) {
848 {
849 ASN1err(ASN1_F_BITSTR_CB, ERR_R_MALLOC_FAILURE); 798 ASN1err(ASN1_F_BITSTR_CB, ERR_R_MALLOC_FAILURE);
850 return 0; 799 return 0;
851 } 800 }
diff --git a/src/lib/libcrypto/asn1/asn1_lib.c b/src/lib/libcrypto/asn1/asn1_lib.c
index 6ec383859f..7693556281 100644
--- a/src/lib/libcrypto/asn1/asn1_lib.c
+++ b/src/lib/libcrypto/asn1/asn1_lib.c
@@ -72,8 +72,7 @@ static int _asn1_check_infinite_end(const unsigned char **p, long len)
72 * things up */ 72 * things up */
73 if (len <= 0) 73 if (len <= 0)
74 return(1); 74 return(1);
75 else if ((len >= 2) && ((*p)[0] == 0) && ((*p)[1] == 0)) 75 else if ((len >= 2) && ((*p)[0] == 0) && ((*p)[1] == 0)) {
76 {
77 (*p)+=2; 76 (*p)+=2;
78 return(1); 77 return(1);
79 } 78 }
@@ -104,13 +103,11 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
104 ret=(*p&V_ASN1_CONSTRUCTED); 103 ret=(*p&V_ASN1_CONSTRUCTED);
105 xclass=(*p&V_ASN1_PRIVATE); 104 xclass=(*p&V_ASN1_PRIVATE);
106 i= *p&V_ASN1_PRIMITIVE_TAG; 105 i= *p&V_ASN1_PRIMITIVE_TAG;
107 if (i == V_ASN1_PRIMITIVE_TAG) 106 if (i == V_ASN1_PRIMITIVE_TAG) { /* high-tag */
108 { /* high-tag */
109 p++; 107 p++;
110 if (--max == 0) goto err; 108 if (--max == 0) goto err;
111 l=0; 109 l=0;
112 while (*p&0x80) 110 while (*p&0x80) {
113 {
114 l<<=7L; 111 l<<=7L;
115 l|= *(p++)&0x7f; 112 l|= *(p++)&0x7f;
116 if (--max == 0) goto err; 113 if (--max == 0) goto err;
@@ -120,9 +117,7 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
120 l|= *(p++)&0x7f; 117 l|= *(p++)&0x7f;
121 tag=(int)l; 118 tag=(int)l;
122 if (--max == 0) goto err; 119 if (--max == 0) goto err;
123 } 120 } else {
124 else
125 {
126 tag=i; 121 tag=i;
127 p++; 122 p++;
128 if (--max == 0) goto err; 123 if (--max == 0) goto err;
@@ -137,8 +132,7 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
137 (int)(omax+ *pp)); 132 (int)(omax+ *pp));
138 133
139#endif 134#endif
140 if (*plength > (omax - (p - *pp))) 135 if (*plength > (omax - (p - *pp))) {
141 {
142 ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG); 136 ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
143 /* Set this so that even if things are not long enough 137 /* Set this so that even if things are not long enough
144 * the values are set correctly */ 138 * the values are set correctly */
@@ -158,23 +152,18 @@ static int asn1_get_length(const unsigned char **pp, int *inf, long *rl, int max
158 unsigned int i; 152 unsigned int i;
159 153
160 if (max-- < 1) return(0); 154 if (max-- < 1) return(0);
161 if (*p == 0x80) 155 if (*p == 0x80) {
162 {
163 *inf=1; 156 *inf=1;
164 ret=0; 157 ret=0;
165 p++; 158 p++;
166 } 159 } else {
167 else
168 {
169 *inf=0; 160 *inf=0;
170 i= *p&0x7f; 161 i= *p&0x7f;
171 if (*(p++) & 0x80) 162 if (*(p++) & 0x80) {
172 {
173 if (i > sizeof(long)) 163 if (i > sizeof(long))
174 return 0; 164 return 0;
175 if (max-- == 0) return(0); 165 if (max-- == 0) return(0);
176 while (i-- > 0) 166 while (i-- > 0) {
177 {
178 ret<<=8L; 167 ret<<=8L;
179 ret|= *(p++); 168 ret|= *(p++);
180 if (max-- == 0) return(0); 169 if (max-- == 0) return(0);
@@ -202,13 +191,11 @@ void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag,
202 i|=(xclass&V_ASN1_PRIVATE); 191 i|=(xclass&V_ASN1_PRIVATE);
203 if (tag < 31) 192 if (tag < 31)
204 *(p++)=i|(tag&V_ASN1_PRIMITIVE_TAG); 193 *(p++)=i|(tag&V_ASN1_PRIMITIVE_TAG);
205 else 194 else {
206 {
207 *(p++)=i|V_ASN1_PRIMITIVE_TAG; 195 *(p++)=i|V_ASN1_PRIMITIVE_TAG;
208 for(i = 0, ttag = tag; ttag > 0; i++) ttag >>=7; 196 for(i = 0, ttag = tag; ttag > 0; i++) ttag >>=7;
209 ttag = i; 197 ttag = i;
210 while(i-- > 0) 198 while(i-- > 0) {
211 {
212 p[i] = tag & 0x7f; 199 p[i] = tag & 0x7f;
213 if(i != (ttag - 1)) p[i] |= 0x80; 200 if(i != (ttag - 1)) p[i] |= 0x80;
214 tag >>= 7; 201 tag >>= 7;
@@ -237,15 +224,13 @@ static void asn1_put_length(unsigned char **pp, int length)
237 int i,l; 224 int i,l;
238 if (length <= 127) 225 if (length <= 127)
239 *(p++)=(unsigned char)length; 226 *(p++)=(unsigned char)length;
240 else 227 else {
241 {
242 l=length; 228 l=length;
243 for (i=0; l > 0; i++) 229 for (i=0; l > 0; i++)
244 l>>=8; 230 l>>=8;
245 *(p++)=i|0x80; 231 *(p++)=i|0x80;
246 l=i; 232 l=i;
247 while (i-- > 0) 233 while (i-- > 0) {
248 {
249 p[i]=length&0xff; 234 p[i]=length&0xff;
250 length>>=8; 235 length>>=8;
251 } 236 }
@@ -260,10 +245,8 @@ int ASN1_object_size(int constructed, int length, int tag)
260 245
261 ret=length; 246 ret=length;
262 ret++; 247 ret++;
263 if (tag >= 31) 248 if (tag >= 31) {
264 { 249 while (tag > 0) {
265 while (tag > 0)
266 {
267 tag>>=7; 250 tag>>=7;
268 ret++; 251 ret++;
269 } 252 }
@@ -271,10 +254,8 @@ int ASN1_object_size(int constructed, int length, int tag)
271 if (constructed == 2) 254 if (constructed == 2)
272 return ret + 3; 255 return ret + 3;
273 ret++; 256 ret++;
274 if (length > 127) 257 if (length > 127) {
275 { 258 while (length > 0) {
276 while (length > 0)
277 {
278 length>>=8; 259 length>>=8;
279 ret++; 260 ret++;
280 } 261 }
@@ -284,17 +265,14 @@ int ASN1_object_size(int constructed, int length, int tag)
284 265
285static int _asn1_Finish(ASN1_const_CTX *c) 266static int _asn1_Finish(ASN1_const_CTX *c)
286{ 267{
287 if ((c->inf == (1|V_ASN1_CONSTRUCTED)) && (!c->eos)) 268 if ((c->inf == (1|V_ASN1_CONSTRUCTED)) && (!c->eos)) {
288 { 269 if (!ASN1_const_check_infinite_end(&c->p,c->slen)) {
289 if (!ASN1_const_check_infinite_end(&c->p,c->slen))
290 {
291 c->error=ERR_R_MISSING_ASN1_EOS; 270 c->error=ERR_R_MISSING_ASN1_EOS;
292 return(0); 271 return(0);
293 } 272 }
294 } 273 }
295 if ( ((c->slen != 0) && !(c->inf & 1)) || 274 if ( ((c->slen != 0) && !(c->inf & 1)) ||
296 ((c->slen < 0) && (c->inf & 1))) 275 ((c->slen < 0) && (c->inf & 1))) {
297 {
298 c->error=ERR_R_ASN1_LENGTH_MISMATCH; 276 c->error=ERR_R_ASN1_LENGTH_MISMATCH;
299 return(0); 277 return(0);
300 } 278 }
@@ -318,19 +296,16 @@ int asn1_GetSequence(ASN1_const_CTX *c, long *length)
318 q=c->p; 296 q=c->p;
319 c->inf=ASN1_get_object(&(c->p),&(c->slen),&(c->tag),&(c->xclass), 297 c->inf=ASN1_get_object(&(c->p),&(c->slen),&(c->tag),&(c->xclass),
320 *length); 298 *length);
321 if (c->inf & 0x80) 299 if (c->inf & 0x80) {
322 {
323 c->error=ERR_R_BAD_GET_ASN1_OBJECT_CALL; 300 c->error=ERR_R_BAD_GET_ASN1_OBJECT_CALL;
324 return(0); 301 return(0);
325 } 302 }
326 if (c->tag != V_ASN1_SEQUENCE) 303 if (c->tag != V_ASN1_SEQUENCE) {
327 {
328 c->error=ERR_R_EXPECTING_AN_ASN1_SEQUENCE; 304 c->error=ERR_R_EXPECTING_AN_ASN1_SEQUENCE;
329 return(0); 305 return(0);
330 } 306 }
331 (*length)-=(c->p-q); 307 (*length)-=(c->p-q);
332 if (c->max && (*length < 0)) 308 if (c->max && (*length < 0)) {
333 {
334 c->error=ERR_R_ASN1_LENGTH_MISMATCH; 309 c->error=ERR_R_ASN1_LENGTH_MISMATCH;
335 return(0); 310 return(0);
336 } 311 }
@@ -359,8 +334,7 @@ ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *str)
359 ret=ASN1_STRING_new(); 334 ret=ASN1_STRING_new();
360 if (!ret) 335 if (!ret)
361 return NULL; 336 return NULL;
362 if (!ASN1_STRING_copy(ret,str)) 337 if (!ASN1_STRING_copy(ret,str)) {
363 {
364 ASN1_STRING_free(ret); 338 ASN1_STRING_free(ret);
365 return NULL; 339 return NULL;
366 } 340 }
@@ -372,31 +346,27 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
372 unsigned char *c; 346 unsigned char *c;
373 const char *data=_data; 347 const char *data=_data;
374 348
375 if (len < 0) 349 if (len < 0) {
376 {
377 if (data == NULL) 350 if (data == NULL)
378 return(0); 351 return(0);
379 else 352 else
380 len=strlen(data); 353 len=strlen(data);
381 } 354 }
382 if ((str->length < len) || (str->data == NULL)) 355 if ((str->length < len) || (str->data == NULL)) {
383 {
384 c=str->data; 356 c=str->data;
385 if (c == NULL) 357 if (c == NULL)
386 str->data=malloc(len+1); 358 str->data=malloc(len+1);
387 else 359 else
388 str->data=realloc(c,len+1); 360 str->data=realloc(c,len+1);
389 361
390 if (str->data == NULL) 362 if (str->data == NULL) {
391 {
392 ASN1err(ASN1_F_ASN1_STRING_SET,ERR_R_MALLOC_FAILURE); 363 ASN1err(ASN1_F_ASN1_STRING_SET,ERR_R_MALLOC_FAILURE);
393 str->data=c; 364 str->data=c;
394 return(0); 365 return(0);
395 } 366 }
396 } 367 }
397 str->length=len; 368 str->length=len;
398 if (data != NULL) 369 if (data != NULL) {
399 {
400 memcpy(str->data,data,len); 370 memcpy(str->data,data,len);
401 /* an allowance for strings :-) */ 371 /* an allowance for strings :-) */
402 str->data[len]='\0'; 372 str->data[len]='\0';
@@ -423,8 +393,7 @@ ASN1_STRING *ASN1_STRING_type_new(int type)
423 ASN1_STRING *ret; 393 ASN1_STRING *ret;
424 394
425 ret=(ASN1_STRING *)malloc(sizeof(ASN1_STRING)); 395 ret=(ASN1_STRING *)malloc(sizeof(ASN1_STRING));
426 if (ret == NULL) 396 if (ret == NULL) {
427 {
428 ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW,ERR_R_MALLOC_FAILURE); 397 ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW,ERR_R_MALLOC_FAILURE);
429 return(NULL); 398 return(NULL);
430 } 399 }
@@ -448,8 +417,7 @@ int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
448 int i; 417 int i;
449 418
450 i=(a->length-b->length); 419 i=(a->length-b->length);
451 if (i == 0) 420 if (i == 0) {
452 {
453 i=memcmp(a->data,b->data,a->length); 421 i=memcmp(a->data,b->data,a->length);
454 if (i == 0) 422 if (i == 0)
455 return(a->type-b->type); 423 return(a->type-b->type);
diff --git a/src/lib/libcrypto/asn1/asn1_par.c b/src/lib/libcrypto/asn1/asn1_par.c
index d68d4a8298..d3d2f52481 100644
--- a/src/lib/libcrypto/asn1/asn1_par.c
+++ b/src/lib/libcrypto/asn1/asn1_par.c
@@ -129,15 +129,13 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offse
129 p= *pp; 129 p= *pp;
130 tot=p+length; 130 tot=p+length;
131 op=p-1; 131 op=p-1;
132 while ((p < tot) && (op < p)) 132 while ((p < tot) && (op < p)) {
133 {
134 op=p; 133 op=p;
135 j=ASN1_get_object(&p,&len,&tag,&xclass,length); 134 j=ASN1_get_object(&p,&len,&tag,&xclass,length);
136#ifdef LINT 135#ifdef LINT
137 j=j; 136 j=j;
138#endif 137#endif
139 if (j & 0x80) 138 if (j & 0x80) {
140 {
141 if (BIO_write(bp,"Error in encoding\n",18) <= 0) 139 if (BIO_write(bp,"Error in encoding\n",18) <= 0)
142 goto end; 140 goto end;
143 ret=0; 141 ret=0;
@@ -149,35 +147,28 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offse
149 if (BIO_printf(bp,"%5ld:",(long)offset+(long)(op- *pp)) 147 if (BIO_printf(bp,"%5ld:",(long)offset+(long)(op- *pp))
150 <= 0) goto end; 148 <= 0) goto end;
151 149
152 if (j != (V_ASN1_CONSTRUCTED | 1)) 150 if (j != (V_ASN1_CONSTRUCTED | 1)) {
153 {
154 if (BIO_printf(bp,"d=%-2d hl=%ld l=%4ld ", 151 if (BIO_printf(bp,"d=%-2d hl=%ld l=%4ld ",
155 depth,(long)hl,len) <= 0) 152 depth,(long)hl,len) <= 0)
156 goto end; 153 goto end;
157 } 154 } else {
158 else
159 {
160 if (BIO_printf(bp,"d=%-2d hl=%ld l=inf ", 155 if (BIO_printf(bp,"d=%-2d hl=%ld l=inf ",
161 depth,(long)hl) <= 0) 156 depth,(long)hl) <= 0)
162 goto end; 157 goto end;
163 } 158 }
164 if (!asn1_print_info(bp,tag,xclass,j,(indent)?depth:0)) 159 if (!asn1_print_info(bp,tag,xclass,j,(indent)?depth:0))
165 goto end; 160 goto end;
166 if (j & V_ASN1_CONSTRUCTED) 161 if (j & V_ASN1_CONSTRUCTED) {
167 {
168 ep=p+len; 162 ep=p+len;
169 if (BIO_write(bp,"\n",1) <= 0) goto end; 163 if (BIO_write(bp,"\n",1) <= 0) goto end;
170 if (len > length) 164 if (len > length) {
171 {
172 BIO_printf(bp, 165 BIO_printf(bp,
173 "length is greater than %ld\n",length); 166 "length is greater than %ld\n",length);
174 ret=0; 167 ret=0;
175 goto end; 168 goto end;
176 } 169 }
177 if ((j == 0x21) && (len == 0)) 170 if ((j == 0x21) && (len == 0)) {
178 { 171 for (;;) {
179 for (;;)
180 {
181 r=asn1_parse2(bp,&p,(long)(tot-p), 172 r=asn1_parse2(bp,&p,(long)(tot-p),
182 offset+(p - *pp),depth+1, 173 offset+(p - *pp),depth+1,
183 indent,dump); 174 indent,dump);
@@ -186,21 +177,16 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offse
186 } 177 }
187 } 178 }
188 else 179 else
189 while (p < ep) 180 while (p < ep) {
190 {
191 r=asn1_parse2(bp,&p,(long)len, 181 r=asn1_parse2(bp,&p,(long)len,
192 offset+(p - *pp),depth+1, 182 offset+(p - *pp),depth+1,
193 indent,dump); 183 indent,dump);
194 if (r == 0) { ret=0; goto end; } 184 if (r == 0) { ret=0; goto end; }
195 } 185 }
196 } 186 } else if (xclass != 0) {
197 else if (xclass != 0)
198 {
199 p+=len; 187 p+=len;
200 if (BIO_write(bp,"\n",1) <= 0) goto end; 188 if (BIO_write(bp,"\n",1) <= 0) goto end;
201 } 189 } else {
202 else
203 {
204 nl=0; 190 nl=0;
205 if ( (tag == V_ASN1_PRINTABLESTRING) || 191 if ( (tag == V_ASN1_PRINTABLESTRING) ||
206 (tag == V_ASN1_T61STRING) || 192 (tag == V_ASN1_T61STRING) ||
@@ -209,95 +195,72 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offse
209 (tag == V_ASN1_NUMERICSTRING) || 195 (tag == V_ASN1_NUMERICSTRING) ||
210 (tag == V_ASN1_UTF8STRING) || 196 (tag == V_ASN1_UTF8STRING) ||
211 (tag == V_ASN1_UTCTIME) || 197 (tag == V_ASN1_UTCTIME) ||
212 (tag == V_ASN1_GENERALIZEDTIME)) 198 (tag == V_ASN1_GENERALIZEDTIME)) {
213 {
214 if (BIO_write(bp,":",1) <= 0) goto end; 199 if (BIO_write(bp,":",1) <= 0) goto end;
215 if ((len > 0) && 200 if ((len > 0) &&
216 BIO_write(bp,(const char *)p,(int)len) 201 BIO_write(bp,(const char *)p,(int)len)
217 != (int)len) 202 != (int)len)
218 goto end; 203 goto end;
219 } 204 } else if (tag == V_ASN1_OBJECT) {
220 else if (tag == V_ASN1_OBJECT)
221 {
222 opp=op; 205 opp=op;
223 if (d2i_ASN1_OBJECT(&o,&opp,len+hl) != NULL) 206 if (d2i_ASN1_OBJECT(&o,&opp,len+hl) != NULL) {
224 {
225 if (BIO_write(bp,":",1) <= 0) goto end; 207 if (BIO_write(bp,":",1) <= 0) goto end;
226 i2a_ASN1_OBJECT(bp,o); 208 i2a_ASN1_OBJECT(bp,o);
227 } 209 } else {
228 else
229 {
230 if (BIO_write(bp,":BAD OBJECT",11) <= 0) 210 if (BIO_write(bp,":BAD OBJECT",11) <= 0)
231 goto end; 211 goto end;
232 } 212 }
233 } 213 } else if (tag == V_ASN1_BOOLEAN) {
234 else if (tag == V_ASN1_BOOLEAN)
235 {
236 int ii; 214 int ii;
237 215
238 opp=op; 216 opp=op;
239 ii=d2i_ASN1_BOOLEAN(NULL,&opp,len+hl); 217 ii=d2i_ASN1_BOOLEAN(NULL,&opp,len+hl);
240 if (ii < 0) 218 if (ii < 0) {
241 {
242 if (BIO_write(bp,"Bad boolean\n",12) <= 0) 219 if (BIO_write(bp,"Bad boolean\n",12) <= 0)
243 goto end; 220 goto end;
244 } 221 }
245 BIO_printf(bp,":%d",ii); 222 BIO_printf(bp,":%d",ii);
246 } 223 } else if (tag == V_ASN1_BMPSTRING) {
247 else if (tag == V_ASN1_BMPSTRING)
248 {
249 /* do the BMP thang */ 224 /* do the BMP thang */
250 } 225 } else if (tag == V_ASN1_OCTET_STRING) {
251 else if (tag == V_ASN1_OCTET_STRING)
252 {
253 int i,printable=1; 226 int i,printable=1;
254 227
255 opp=op; 228 opp=op;
256 os=d2i_ASN1_OCTET_STRING(NULL,&opp,len+hl); 229 os=d2i_ASN1_OCTET_STRING(NULL,&opp,len+hl);
257 if (os != NULL && os->length > 0) 230 if (os != NULL && os->length > 0) {
258 {
259 opp = os->data; 231 opp = os->data;
260 /* testing whether the octet string is 232 /* testing whether the octet string is
261 * printable */ 233 * printable */
262 for (i=0; i<os->length; i++) 234 for (i=0; i<os->length; i++) {
263 {
264 if (( (opp[i] < ' ') && 235 if (( (opp[i] < ' ') &&
265 (opp[i] != '\n') && 236 (opp[i] != '\n') &&
266 (opp[i] != '\r') && 237 (opp[i] != '\r') &&
267 (opp[i] != '\t')) || 238 (opp[i] != '\t')) ||
268 (opp[i] > '~')) 239 (opp[i] > '~')) {
269 {
270 printable=0; 240 printable=0;
271 break; 241 break;
272 } 242 }
273 } 243 }
274 if (printable) 244 if (printable) {
275 /* printable string */ 245 /* printable string */
276 {
277 if (BIO_write(bp,":",1) <= 0) 246 if (BIO_write(bp,":",1) <= 0)
278 goto end; 247 goto end;
279 if (BIO_write(bp,(const char *)opp, 248 if (BIO_write(bp,(const char *)opp,
280 os->length) <= 0) 249 os->length) <= 0)
281 goto end; 250 goto end;
282 } 251 } else if (!dump) {
283 else if (!dump)
284 /* not printable => print octet string 252 /* not printable => print octet string
285 * as hex dump */ 253 * as hex dump */
286 {
287 if (BIO_write(bp,"[HEX DUMP]:",11) <= 0) 254 if (BIO_write(bp,"[HEX DUMP]:",11) <= 0)
288 goto end; 255 goto end;
289 for (i=0; i<os->length; i++) 256 for (i=0; i<os->length; i++) {
290 {
291 if (BIO_printf(bp,"%02X" 257 if (BIO_printf(bp,"%02X"
292 , opp[i]) <= 0) 258 , opp[i]) <= 0)
293 goto end; 259 goto end;
294 } 260 }
295 } 261 } else {
296 else
297 /* print the normal dump */ 262 /* print the normal dump */
298 { 263 if (!nl) {
299 if (!nl)
300 {
301 if (BIO_write(bp,"\n",1) <= 0) 264 if (BIO_write(bp,"\n",1) <= 0)
302 goto end; 265 goto end;
303 } 266 }
@@ -310,80 +273,62 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offse
310 nl=1; 273 nl=1;
311 } 274 }
312 } 275 }
313 if (os != NULL) 276 if (os != NULL) {
314 {
315 M_ASN1_OCTET_STRING_free(os); 277 M_ASN1_OCTET_STRING_free(os);
316 os=NULL; 278 os=NULL;
317 } 279 }
318 } 280 } else if (tag == V_ASN1_INTEGER) {
319 else if (tag == V_ASN1_INTEGER)
320 {
321 ASN1_INTEGER *bs; 281 ASN1_INTEGER *bs;
322 int i; 282 int i;
323 283
324 opp=op; 284 opp=op;
325 bs=d2i_ASN1_INTEGER(NULL,&opp,len+hl); 285 bs=d2i_ASN1_INTEGER(NULL,&opp,len+hl);
326 if (bs != NULL) 286 if (bs != NULL) {
327 {
328 if (BIO_write(bp,":",1) <= 0) goto end; 287 if (BIO_write(bp,":",1) <= 0) goto end;
329 if (bs->type == V_ASN1_NEG_INTEGER) 288 if (bs->type == V_ASN1_NEG_INTEGER)
330 if (BIO_write(bp,"-",1) <= 0) 289 if (BIO_write(bp,"-",1) <= 0)
331 goto end; 290 goto end;
332 for (i=0; i<bs->length; i++) 291 for (i=0; i<bs->length; i++) {
333 {
334 if (BIO_printf(bp,"%02X", 292 if (BIO_printf(bp,"%02X",
335 bs->data[i]) <= 0) 293 bs->data[i]) <= 0)
336 goto end; 294 goto end;
337 } 295 }
338 if (bs->length == 0) 296 if (bs->length == 0) {
339 {
340 if (BIO_write(bp,"00",2) <= 0) 297 if (BIO_write(bp,"00",2) <= 0)
341 goto end; 298 goto end;
342 } 299 }
343 } 300 } else {
344 else
345 {
346 if (BIO_write(bp,"BAD INTEGER",11) <= 0) 301 if (BIO_write(bp,"BAD INTEGER",11) <= 0)
347 goto end; 302 goto end;
348 } 303 }
349 M_ASN1_INTEGER_free(bs); 304 M_ASN1_INTEGER_free(bs);
350 } 305 } else if (tag == V_ASN1_ENUMERATED) {
351 else if (tag == V_ASN1_ENUMERATED)
352 {
353 ASN1_ENUMERATED *bs; 306 ASN1_ENUMERATED *bs;
354 int i; 307 int i;
355 308
356 opp=op; 309 opp=op;
357 bs=d2i_ASN1_ENUMERATED(NULL,&opp,len+hl); 310 bs=d2i_ASN1_ENUMERATED(NULL,&opp,len+hl);
358 if (bs != NULL) 311 if (bs != NULL) {
359 {
360 if (BIO_write(bp,":",1) <= 0) goto end; 312 if (BIO_write(bp,":",1) <= 0) goto end;
361 if (bs->type == V_ASN1_NEG_ENUMERATED) 313 if (bs->type == V_ASN1_NEG_ENUMERATED)
362 if (BIO_write(bp,"-",1) <= 0) 314 if (BIO_write(bp,"-",1) <= 0)
363 goto end; 315 goto end;
364 for (i=0; i<bs->length; i++) 316 for (i=0; i<bs->length; i++) {
365 {
366 if (BIO_printf(bp,"%02X", 317 if (BIO_printf(bp,"%02X",
367 bs->data[i]) <= 0) 318 bs->data[i]) <= 0)
368 goto end; 319 goto end;
369 } 320 }
370 if (bs->length == 0) 321 if (bs->length == 0) {
371 {
372 if (BIO_write(bp,"00",2) <= 0) 322 if (BIO_write(bp,"00",2) <= 0)
373 goto end; 323 goto end;
374 } 324 }
375 } 325 } else {
376 else
377 {
378 if (BIO_write(bp,"BAD ENUMERATED",14) <= 0) 326 if (BIO_write(bp,"BAD ENUMERATED",14) <= 0)
379 goto end; 327 goto end;
380 } 328 }
381 M_ASN1_ENUMERATED_free(bs); 329 M_ASN1_ENUMERATED_free(bs);
382 } 330 } else if (len > 0 && dump) {
383 else if (len > 0 && dump) 331 if (!nl) {
384 {
385 if (!nl)
386 {
387 if (BIO_write(bp,"\n",1) <= 0) 332 if (BIO_write(bp,"\n",1) <= 0)
388 goto end; 333 goto end;
389 } 334 }
@@ -394,13 +339,11 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offse
394 nl=1; 339 nl=1;
395 } 340 }
396 341
397 if (!nl) 342 if (!nl) {
398 {
399 if (BIO_write(bp,"\n",1) <= 0) goto end; 343 if (BIO_write(bp,"\n",1) <= 0) goto end;
400 } 344 }
401 p+=len; 345 p+=len;
402 if ((tag == V_ASN1_EOC) && (xclass == 0)) 346 if ((tag == V_ASN1_EOC) && (xclass == 0)) {
403 {
404 ret=2; /* End of sequence */ 347 ret=2; /* End of sequence */
405 goto end; 348 goto end;
406 } 349 }
@@ -429,7 +372,7 @@ const char *ASN1_tag2str(int tag)
429}; 372};
430 373
431 if((tag == V_ASN1_NEG_INTEGER) || (tag == V_ASN1_NEG_ENUMERATED)) 374 if((tag == V_ASN1_NEG_INTEGER) || (tag == V_ASN1_NEG_ENUMERATED))
432 tag &= ~0x100; 375 tag &= ~0x100;
433 376
434 if(tag < 0 || tag > 30) return "(unknown)"; 377 if(tag < 0 || tag > 30) return "(unknown)";
435 return tag2str[tag]; 378 return tag2str[tag];
diff --git a/src/lib/libcrypto/asn1/asn_mime.c b/src/lib/libcrypto/asn1/asn_mime.c
index 011b97ff92..6cde8fd44e 100644
--- a/src/lib/libcrypto/asn1/asn_mime.c
+++ b/src/lib/libcrypto/asn1/asn_mime.c
@@ -116,20 +116,17 @@ int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
116 const ASN1_ITEM *it) 116 const ASN1_ITEM *it)
117{ 117{
118 /* If streaming create stream BIO and copy all content through it */ 118 /* If streaming create stream BIO and copy all content through it */
119 if (flags & SMIME_STREAM) 119 if (flags & SMIME_STREAM) {
120 {
121 BIO *bio, *tbio; 120 BIO *bio, *tbio;
122 bio = BIO_new_NDEF(out, val, it); 121 bio = BIO_new_NDEF(out, val, it);
123 if (!bio) 122 if (!bio) {
124 {
125 ASN1err(ASN1_F_I2D_ASN1_BIO_STREAM,ERR_R_MALLOC_FAILURE); 123 ASN1err(ASN1_F_I2D_ASN1_BIO_STREAM,ERR_R_MALLOC_FAILURE);
126 return 0; 124 return 0;
127 } 125 }
128 SMIME_crlf_copy(in, bio, flags); 126 SMIME_crlf_copy(in, bio, flags);
129 (void)BIO_flush(bio); 127 (void)BIO_flush(bio);
130 /* Free up successive BIOs until we hit the old output BIO */ 128 /* Free up successive BIOs until we hit the old output BIO */
131 do 129 do {
132 {
133 tbio = BIO_pop(bio); 130 tbio = BIO_pop(bio);
134 BIO_free(bio); 131 BIO_free(bio);
135 bio = tbio; 132 bio = tbio;
@@ -151,8 +148,7 @@ static int B64_write_ASN1(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
151 BIO *b64; 148 BIO *b64;
152 int r; 149 int r;
153 b64 = BIO_new(BIO_f_base64()); 150 b64 = BIO_new(BIO_f_base64());
154 if(!b64) 151 if(!b64) {
155 {
156 ASN1err(ASN1_F_B64_WRITE_ASN1,ERR_R_MALLOC_FAILURE); 152 ASN1err(ASN1_F_B64_WRITE_ASN1,ERR_R_MALLOC_FAILURE);
157 return 0; 153 return 0;
158 } 154 }
@@ -205,20 +201,17 @@ static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs)
205 int i, have_unknown = 0, write_comma, ret = 0, md_nid; 201 int i, have_unknown = 0, write_comma, ret = 0, md_nid;
206 have_unknown = 0; 202 have_unknown = 0;
207 write_comma = 0; 203 write_comma = 0;
208 for (i = 0; i < sk_X509_ALGOR_num(mdalgs); i++) 204 for (i = 0; i < sk_X509_ALGOR_num(mdalgs); i++) {
209 {
210 if (write_comma) 205 if (write_comma)
211 BIO_write(out, ",", 1); 206 BIO_write(out, ",", 1);
212 write_comma = 1; 207 write_comma = 1;
213 md_nid = OBJ_obj2nid(sk_X509_ALGOR_value(mdalgs, i)->algorithm); 208 md_nid = OBJ_obj2nid(sk_X509_ALGOR_value(mdalgs, i)->algorithm);
214 md = EVP_get_digestbynid(md_nid); 209 md = EVP_get_digestbynid(md_nid);
215 if (md && md->md_ctrl) 210 if (md && md->md_ctrl) {
216 {
217 int rv; 211 int rv;
218 char *micstr; 212 char *micstr;
219 rv = md->md_ctrl(NULL, EVP_MD_CTRL_MICALG, 0, &micstr); 213 rv = md->md_ctrl(NULL, EVP_MD_CTRL_MICALG, 0, &micstr);
220 if (rv > 0) 214 if (rv > 0) {
221 {
222 BIO_puts(out, micstr); 215 BIO_puts(out, micstr);
223 free(micstr); 216 free(micstr);
224 continue; 217 continue;
@@ -226,8 +219,7 @@ static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs)
226 if (rv != -2) 219 if (rv != -2)
227 goto err; 220 goto err;
228 } 221 }
229 switch(md_nid) 222 switch(md_nid) {
230 {
231 case NID_sha1: 223 case NID_sha1:
232 BIO_puts(out, "sha1"); 224 BIO_puts(out, "sha1");
233 break; 225 break;
@@ -256,8 +248,7 @@ static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs)
256 default: 248 default:
257 if (have_unknown) 249 if (have_unknown)
258 write_comma = 0; 250 write_comma = 0;
259 else 251 else {
260 {
261 BIO_puts(out, "unknown"); 252 BIO_puts(out, "unknown");
262 have_unknown = 1; 253 have_unknown = 1;
263 } 254 }
@@ -338,17 +329,14 @@ int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
338 329
339 if (ctype_nid == NID_pkcs7_enveloped) 330 if (ctype_nid == NID_pkcs7_enveloped)
340 msg_type = "enveloped-data"; 331 msg_type = "enveloped-data";
341 else if (ctype_nid == NID_pkcs7_signed) 332 else if (ctype_nid == NID_pkcs7_signed) {
342 {
343 if (econt_nid == NID_id_smime_ct_receipt) 333 if (econt_nid == NID_id_smime_ct_receipt)
344 msg_type = "signed-receipt"; 334 msg_type = "signed-receipt";
345 else if (sk_X509_ALGOR_num(mdalgs) >= 0) 335 else if (sk_X509_ALGOR_num(mdalgs) >= 0)
346 msg_type = "signed-data"; 336 msg_type = "signed-data";
347 else 337 else
348 msg_type = "certs-only"; 338 msg_type = "certs-only";
349 } 339 } else if (ctype_nid == NID_id_smime_ct_compressedData) {
350 else if (ctype_nid == NID_id_smime_ct_compressedData)
351 {
352 msg_type = "compressed-data"; 340 msg_type = "compressed-data";
353 cname = "smime.p7z"; 341 cname = "smime.p7z";
354 } 342 }
@@ -382,14 +370,12 @@ static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
382 /* If data is not deteched or resigning then the output BIO is 370 /* If data is not deteched or resigning then the output BIO is
383 * already set up to finalise when it is written through. 371 * already set up to finalise when it is written through.
384 */ 372 */
385 if (!(flags & SMIME_DETACHED) || (flags & PKCS7_REUSE_DIGEST)) 373 if (!(flags & SMIME_DETACHED) || (flags & PKCS7_REUSE_DIGEST)) {
386 {
387 SMIME_crlf_copy(data, out, flags); 374 SMIME_crlf_copy(data, out, flags);
388 return 1; 375 return 1;
389 } 376 }
390 377
391 if (!aux || !aux->asn1_cb) 378 if (!aux || !aux->asn1_cb) {
392 {
393 ASN1err(ASN1_F_ASN1_OUTPUT_DATA, 379 ASN1err(ASN1_F_ASN1_OUTPUT_DATA,
394 ASN1_R_STREAMING_NOT_SUPPORTED); 380 ASN1_R_STREAMING_NOT_SUPPORTED);
395 return 0; 381 return 0;
@@ -413,8 +399,7 @@ static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
413 399
414 /* Now remove any digests prepended to the BIO */ 400 /* Now remove any digests prepended to the BIO */
415 401
416 while (sarg.ndef_bio != out) 402 while (sarg.ndef_bio != out) {
417 {
418 tmpbio = BIO_pop(sarg.ndef_bio); 403 tmpbio = BIO_pop(sarg.ndef_bio);
419 BIO_free(sarg.ndef_bio); 404 BIO_free(sarg.ndef_bio);
420 sarg.ndef_bio = tmpbio; 405 sarg.ndef_bio = tmpbio;
@@ -547,17 +532,13 @@ int SMIME_crlf_copy(BIO *in, BIO *out, int flags)
547 if (!bf) 532 if (!bf)
548 return 0; 533 return 0;
549 out = BIO_push(bf, out); 534 out = BIO_push(bf, out);
550 if(flags & SMIME_BINARY) 535 if(flags & SMIME_BINARY) {
551 {
552 while((len = BIO_read(in, linebuf, MAX_SMLEN)) > 0) 536 while((len = BIO_read(in, linebuf, MAX_SMLEN)) > 0)
553 BIO_write(out, linebuf, len); 537 BIO_write(out, linebuf, len);
554 } 538 } else {
555 else
556 {
557 if(flags & SMIME_TEXT) 539 if(flags & SMIME_TEXT)
558 BIO_printf(out, "Content-Type: text/plain\r\n\r\n"); 540 BIO_printf(out, "Content-Type: text/plain\r\n\r\n");
559 while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0) 541 while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0) {
560 {
561 eol = strip_eol(linebuf, &len); 542 eol = strip_eol(linebuf, &len);
562 if (len) 543 if (len)
563 BIO_write(out, linebuf, len); 544 BIO_write(out, linebuf, len);
@@ -944,8 +925,7 @@ static int strip_eol(char *linebuf, int *plen)
944 char *p, c; 925 char *p, c;
945 int is_eol = 0; 926 int is_eol = 0;
946 p = linebuf + len - 1; 927 p = linebuf + len - 1;
947 for (p = linebuf + len - 1; len > 0; len--, p--) 928 for (p = linebuf + len - 1; len > 0; len--, p--) {
948 {
949 c = *p; 929 c = *p;
950 if (c == '\n') 930 if (c == '\n')
951 is_eol = 1; 931 is_eol = 1;
diff --git a/src/lib/libcrypto/asn1/asn_moid.c b/src/lib/libcrypto/asn1/asn_moid.c
index 7521496d67..0c09a8e934 100644
--- a/src/lib/libcrypto/asn1/asn_moid.c
+++ b/src/lib/libcrypto/asn1/asn_moid.c
@@ -75,16 +75,13 @@ static int oid_module_init(CONF_IMODULE *md, const CONF *cnf)
75 STACK_OF(CONF_VALUE) *sktmp; 75 STACK_OF(CONF_VALUE) *sktmp;
76 CONF_VALUE *oval; 76 CONF_VALUE *oval;
77 oid_section = CONF_imodule_get_value(md); 77 oid_section = CONF_imodule_get_value(md);
78 if(!(sktmp = NCONF_get_section(cnf, oid_section))) 78 if(!(sktmp = NCONF_get_section(cnf, oid_section))) {
79 {
80 ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ERROR_LOADING_SECTION); 79 ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ERROR_LOADING_SECTION);
81 return 0; 80 return 0;
82 } 81 }
83 for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) 82 for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
84 {
85 oval = sk_CONF_VALUE_value(sktmp, i); 83 oval = sk_CONF_VALUE_value(sktmp, i);
86 if(!do_create(oval->value, oval->name)) 84 if(!do_create(oval->value, oval->name)) {
87 {
88 ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ADDING_OBJECT); 85 ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ADDING_OBJECT);
89 return 0; 86 return 0;
90 } 87 }
@@ -114,13 +111,10 @@ static int do_create(char *value, char *name)
114 ASN1_OBJECT *oid; 111 ASN1_OBJECT *oid;
115 char *ln, *ostr, *p, *lntmp; 112 char *ln, *ostr, *p, *lntmp;
116 p = strrchr(value, ','); 113 p = strrchr(value, ',');
117 if (!p) 114 if (!p) {
118 {
119 ln = name; 115 ln = name;
120 ostr = value; 116 ostr = value;
121 } 117 } else {
122 else
123 {
124 ln = NULL; 118 ln = NULL;
125 ostr = p + 1; 119 ostr = p + 1;
126 if (!*ostr) 120 if (!*ostr)
@@ -133,13 +127,11 @@ static int do_create(char *value, char *name)
133 if (nid == NID_undef) 127 if (nid == NID_undef)
134 return 0; 128 return 0;
135 129
136 if (p) 130 if (p) {
137 {
138 ln = value; 131 ln = value;
139 while(isspace((unsigned char)*ln)) ln++; 132 while(isspace((unsigned char)*ln)) ln++;
140 p--; 133 p--;
141 while(isspace((unsigned char)*p)) 134 while(isspace((unsigned char)*p)) {
142 {
143 if (p == ln) 135 if (p == ln)
144 return 0; 136 return 0;
145 p--; 137 p--;
diff --git a/src/lib/libcrypto/asn1/bio_asn1.c b/src/lib/libcrypto/asn1/bio_asn1.c
index a6ad850e46..8ebac02a00 100644
--- a/src/lib/libcrypto/asn1/bio_asn1.c
+++ b/src/lib/libcrypto/asn1/bio_asn1.c
@@ -210,20 +210,18 @@ static int asn1_bio_write(BIO *b, const char *in , int inl)
210 wrlen = 0; 210 wrlen = 0;
211 ret = -1; 211 ret = -1;
212 212
213 for(;;) 213 for(;;) {
214 { 214 switch (ctx->state) {
215 switch (ctx->state)
216 {
217 215
218 /* Setup prefix data, call it */ 216 /* Setup prefix data, call it */
219 case ASN1_STATE_START: 217 case ASN1_STATE_START:
220 if (!asn1_bio_setup_ex(b, ctx, ctx->prefix, 218 if (!asn1_bio_setup_ex(b, ctx, ctx->prefix,
221 ASN1_STATE_PRE_COPY, ASN1_STATE_HEADER)) 219 ASN1_STATE_PRE_COPY, ASN1_STATE_HEADER))
222 return 0; 220 return 0;
223 break; 221 break;
224 222
225 /* Copy any pre data first */ 223 /* Copy any pre data first */
226 case ASN1_STATE_PRE_COPY: 224 case ASN1_STATE_PRE_COPY:
227 225
228 ret = asn1_bio_flush_ex(b, ctx, ctx->prefix_free, 226 ret = asn1_bio_flush_ex(b, ctx, ctx->prefix_free,
229 ASN1_STATE_HEADER); 227 ASN1_STATE_HEADER);
@@ -233,7 +231,7 @@ static int asn1_bio_write(BIO *b, const char *in , int inl)
233 231
234 break; 232 break;
235 233
236 case ASN1_STATE_HEADER: 234 case ASN1_STATE_HEADER:
237 ctx->buflen = 235 ctx->buflen =
238 ASN1_object_size(0, inl, ctx->asn1_tag) - inl; 236 ASN1_object_size(0, inl, ctx->asn1_tag) - inl;
239 OPENSSL_assert(ctx->buflen <= ctx->bufsize); 237 OPENSSL_assert(ctx->buflen <= ctx->bufsize);
@@ -245,7 +243,7 @@ static int asn1_bio_write(BIO *b, const char *in , int inl)
245 243
246 break; 244 break;
247 245
248 case ASN1_STATE_HEADER_COPY: 246 case ASN1_STATE_HEADER_COPY:
249 ret = BIO_write(b->next_bio, 247 ret = BIO_write(b->next_bio,
250 ctx->buf + ctx->bufpos, ctx->buflen); 248 ctx->buf + ctx->bufpos, ctx->buflen);
251 if (ret <= 0) 249 if (ret <= 0)
@@ -254,15 +252,14 @@ static int asn1_bio_write(BIO *b, const char *in , int inl)
254 ctx->buflen -= ret; 252 ctx->buflen -= ret;
255 if (ctx->buflen) 253 if (ctx->buflen)
256 ctx->bufpos += ret; 254 ctx->bufpos += ret;
257 else 255 else {
258 {
259 ctx->bufpos = 0; 256 ctx->bufpos = 0;
260 ctx->state = ASN1_STATE_DATA_COPY; 257 ctx->state = ASN1_STATE_DATA_COPY;
261 } 258 }
262 259
263 break; 260 break;
264 261
265 case ASN1_STATE_DATA_COPY: 262 case ASN1_STATE_DATA_COPY:
266 263
267 if (inl > ctx->copylen) 264 if (inl > ctx->copylen)
268 wrmax = ctx->copylen; 265 wrmax = ctx->copylen;
@@ -306,8 +303,7 @@ static int asn1_bio_flush_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
306 int ret; 303 int ret;
307 if (ctx->ex_len <= 0) 304 if (ctx->ex_len <= 0)
308 return 1; 305 return 1;
309 for(;;) 306 for(;;) {
310 {
311 ret = BIO_write(b->next_bio, ctx->ex_buf + ctx->ex_pos, 307 ret = BIO_write(b->next_bio, ctx->ex_buf + ctx->ex_pos,
312 ctx->ex_len); 308 ctx->ex_len);
313 if (ret <= 0) 309 if (ret <= 0)
@@ -315,8 +311,7 @@ static int asn1_bio_flush_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
315 ctx->ex_len -= ret; 311 ctx->ex_len -= ret;
316 if (ctx->ex_len > 0) 312 if (ctx->ex_len > 0)
317 ctx->ex_pos += ret; 313 ctx->ex_pos += ret;
318 else 314 else {
319 {
320 if(cleanup) 315 if(cleanup)
321 cleanup(b, &ctx->ex_buf, &ctx->ex_len, 316 cleanup(b, &ctx->ex_buf, &ctx->ex_len,
322 &ctx->ex_arg); 317 &ctx->ex_arg);
@@ -333,8 +328,7 @@ static int asn1_bio_setup_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
333 asn1_bio_state_t ex_state, 328 asn1_bio_state_t ex_state,
334 asn1_bio_state_t other_state) 329 asn1_bio_state_t other_state)
335{ 330{
336 if (setup && !setup(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg)) 331 if (setup && !setup(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg)) {
337 {
338 BIO_clear_retry_flags(b); 332 BIO_clear_retry_flags(b);
339 return 0; 333 return 0;
340 } 334 }
@@ -378,55 +372,52 @@ static long asn1_bio_ctrl(BIO *b, int cmd, long arg1, void *arg2)
378 ctx = (BIO_ASN1_BUF_CTX *) b->ptr; 372 ctx = (BIO_ASN1_BUF_CTX *) b->ptr;
379 if (ctx == NULL) 373 if (ctx == NULL)
380 return 0; 374 return 0;
381 switch(cmd) 375 switch(cmd) {
382 {
383 376
384 case BIO_C_SET_PREFIX: 377 case BIO_C_SET_PREFIX:
385 ex_func = arg2; 378 ex_func = arg2;
386 ctx->prefix = ex_func->ex_func; 379 ctx->prefix = ex_func->ex_func;
387 ctx->prefix_free = ex_func->ex_free_func; 380 ctx->prefix_free = ex_func->ex_free_func;
388 break; 381 break;
389 382
390 case BIO_C_GET_PREFIX: 383 case BIO_C_GET_PREFIX:
391 ex_func = arg2; 384 ex_func = arg2;
392 ex_func->ex_func = ctx->prefix; 385 ex_func->ex_func = ctx->prefix;
393 ex_func->ex_free_func = ctx->prefix_free; 386 ex_func->ex_free_func = ctx->prefix_free;
394 break; 387 break;
395 388
396 case BIO_C_SET_SUFFIX: 389 case BIO_C_SET_SUFFIX:
397 ex_func = arg2; 390 ex_func = arg2;
398 ctx->suffix = ex_func->ex_func; 391 ctx->suffix = ex_func->ex_func;
399 ctx->suffix_free = ex_func->ex_free_func; 392 ctx->suffix_free = ex_func->ex_free_func;
400 break; 393 break;
401 394
402 case BIO_C_GET_SUFFIX: 395 case BIO_C_GET_SUFFIX:
403 ex_func = arg2; 396 ex_func = arg2;
404 ex_func->ex_func = ctx->suffix; 397 ex_func->ex_func = ctx->suffix;
405 ex_func->ex_free_func = ctx->suffix_free; 398 ex_func->ex_free_func = ctx->suffix_free;
406 break; 399 break;
407 400
408 case BIO_C_SET_EX_ARG: 401 case BIO_C_SET_EX_ARG:
409 ctx->ex_arg = arg2; 402 ctx->ex_arg = arg2;
410 break; 403 break;
411 404
412 case BIO_C_GET_EX_ARG: 405 case BIO_C_GET_EX_ARG:
413 *(void **)arg2 = ctx->ex_arg; 406 *(void **)arg2 = ctx->ex_arg;
414 break; 407 break;
415 408
416 case BIO_CTRL_FLUSH: 409 case BIO_CTRL_FLUSH:
417 if (!b->next_bio) 410 if (!b->next_bio)
418 return 0; 411 return 0;
419 412
420 /* Call post function if possible */ 413 /* Call post function if possible */
421 if (ctx->state == ASN1_STATE_HEADER) 414 if (ctx->state == ASN1_STATE_HEADER) {
422 {
423 if (!asn1_bio_setup_ex(b, ctx, ctx->suffix, 415 if (!asn1_bio_setup_ex(b, ctx, ctx->suffix,
424 ASN1_STATE_POST_COPY, ASN1_STATE_DONE)) 416 ASN1_STATE_POST_COPY, ASN1_STATE_DONE))
425 return 0; 417 return 0;
426 } 418 }
427 419
428 if (ctx->state == ASN1_STATE_POST_COPY) 420 if (ctx->state == ASN1_STATE_POST_COPY) {
429 {
430 ret = asn1_bio_flush_ex(b, ctx, ctx->suffix_free, 421 ret = asn1_bio_flush_ex(b, ctx, ctx->suffix_free,
431 ASN1_STATE_DONE); 422 ASN1_STATE_DONE);
432 if (ret <= 0) 423 if (ret <= 0)
@@ -435,15 +426,14 @@ static long asn1_bio_ctrl(BIO *b, int cmd, long arg1, void *arg2)
435 426
436 if (ctx->state == ASN1_STATE_DONE) 427 if (ctx->state == ASN1_STATE_DONE)
437 return BIO_ctrl(b->next_bio, cmd, arg1, arg2); 428 return BIO_ctrl(b->next_bio, cmd, arg1, arg2);
438 else 429 else {
439 {
440 BIO_clear_retry_flags(b); 430 BIO_clear_retry_flags(b);
441 return 0; 431 return 0;
442 } 432 }
443 break; 433 break;
444 434
445 435
446 default: 436 default:
447 if (!b->next_bio) 437 if (!b->next_bio)
448 return 0; 438 return 0;
449 return BIO_ctrl(b->next_bio, cmd, arg1, arg2); 439 return BIO_ctrl(b->next_bio, cmd, arg1, arg2);
@@ -468,8 +458,7 @@ static int asn1_bio_get_ex(BIO *b, int cmd,
468 BIO_ASN1_EX_FUNCS extmp; 458 BIO_ASN1_EX_FUNCS extmp;
469 int ret; 459 int ret;
470 ret = BIO_ctrl(b, cmd, 0, &extmp); 460 ret = BIO_ctrl(b, cmd, 0, &extmp);
471 if (ret > 0) 461 if (ret > 0) {
472 {
473 *ex_func = extmp.ex_func; 462 *ex_func = extmp.ex_func;
474 *ex_free_func = extmp.ex_free_func; 463 *ex_free_func = extmp.ex_free_func;
475 } 464 }
diff --git a/src/lib/libcrypto/asn1/bio_ndef.c b/src/lib/libcrypto/asn1/bio_ndef.c
index b8dc80a7b2..595e6471c2 100644
--- a/src/lib/libcrypto/asn1/bio_ndef.c
+++ b/src/lib/libcrypto/asn1/bio_ndef.c
@@ -105,8 +105,7 @@ BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it)
105 const ASN1_AUX *aux = it->funcs; 105 const ASN1_AUX *aux = it->funcs;
106 ASN1_STREAM_ARG sarg; 106 ASN1_STREAM_ARG sarg;
107 107
108 if (!aux || !aux->asn1_cb) 108 if (!aux || !aux->asn1_cb) {
109 {
110 ASN1err(ASN1_F_BIO_NEW_NDEF, ASN1_R_STREAMING_NOT_SUPPORTED); 109 ASN1err(ASN1_F_BIO_NEW_NDEF, ASN1_R_STREAMING_NOT_SUPPORTED);
111 return NULL; 110 return NULL;
112 } 111 }
diff --git a/src/lib/libcrypto/asn1/d2i_pr.c b/src/lib/libcrypto/asn1/d2i_pr.c
index cbbcdae7df..5e6003ca5b 100644
--- a/src/lib/libcrypto/asn1/d2i_pr.c
+++ b/src/lib/libcrypto/asn1/d2i_pr.c
@@ -73,37 +73,29 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
73{ 73{
74 EVP_PKEY *ret; 74 EVP_PKEY *ret;
75 75
76 if ((a == NULL) || (*a == NULL)) 76 if ((a == NULL) || (*a == NULL)) {
77 { 77 if ((ret=EVP_PKEY_new()) == NULL) {
78 if ((ret=EVP_PKEY_new()) == NULL)
79 {
80 ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_EVP_LIB); 78 ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_EVP_LIB);
81 return(NULL); 79 return(NULL);
82 } 80 }
83 } 81 } else {
84 else
85 {
86 ret= *a; 82 ret= *a;
87#ifndef OPENSSL_NO_ENGINE 83#ifndef OPENSSL_NO_ENGINE
88 if (ret->engine) 84 if (ret->engine) {
89 {
90 ENGINE_finish(ret->engine); 85 ENGINE_finish(ret->engine);
91 ret->engine = NULL; 86 ret->engine = NULL;
92 } 87 }
93#endif 88#endif
94 } 89 }
95 90
96 if (!EVP_PKEY_set_type(ret, type)) 91 if (!EVP_PKEY_set_type(ret, type)) {
97 {
98 ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); 92 ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
99 goto err; 93 goto err;
100 } 94 }
101 95
102 if (!ret->ameth->old_priv_decode || 96 if (!ret->ameth->old_priv_decode ||
103 !ret->ameth->old_priv_decode(ret, pp, length)) 97 !ret->ameth->old_priv_decode(ret, pp, length)) {
104 { 98 if (ret->ameth->priv_decode) {
105 if (ret->ameth->priv_decode)
106 {
107 PKCS8_PRIV_KEY_INFO *p8=NULL; 99 PKCS8_PRIV_KEY_INFO *p8=NULL;
108 p8=d2i_PKCS8_PRIV_KEY_INFO(NULL,pp,length); 100 p8=d2i_PKCS8_PRIV_KEY_INFO(NULL,pp,length);
109 if (!p8) goto err; 101 if (!p8) goto err;
@@ -111,9 +103,7 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
111 ret = EVP_PKCS82PKEY(p8); 103 ret = EVP_PKCS82PKEY(p8);
112 PKCS8_PRIV_KEY_INFO_free(p8); 104 PKCS8_PRIV_KEY_INFO_free(p8);
113 105
114 } 106 } else {
115 else
116 {
117 ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB); 107 ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
118 goto err; 108 goto err;
119 } 109 }
@@ -146,25 +136,24 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
146 keytype = EVP_PKEY_DSA; 136 keytype = EVP_PKEY_DSA;
147 else if (sk_ASN1_TYPE_num(inkey) == 4) 137 else if (sk_ASN1_TYPE_num(inkey) == 4)
148 keytype = EVP_PKEY_EC; 138 keytype = EVP_PKEY_EC;
149 else if (sk_ASN1_TYPE_num(inkey) == 3) 139 else if (sk_ASN1_TYPE_num(inkey) == 3) {
150 { /* This seems to be PKCS8, not traditional format */ 140 /* This seems to be PKCS8, not traditional format */
151 PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL,pp,length); 141 PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL,pp,length);
152 EVP_PKEY *ret; 142 EVP_PKEY *ret;
153 143
154 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); 144 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
155 if (!p8) 145 if (!p8) {
156 { 146 ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
157 ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); 147 return NULL;
158 return NULL; 148 }
159 } 149 ret = EVP_PKCS82PKEY(p8);
160 ret = EVP_PKCS82PKEY(p8); 150 PKCS8_PRIV_KEY_INFO_free(p8);
161 PKCS8_PRIV_KEY_INFO_free(p8); 151 if (a) {
162 if (a) { 152 *a = ret;
163 *a = ret;
164 } 153 }
165 return ret; 154 return ret;
166 } 155 } else
167 else keytype = EVP_PKEY_RSA; 156 keytype = EVP_PKEY_RSA;
168 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); 157 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
169 return d2i_PrivateKey(keytype, a, pp, length); 158 return d2i_PrivateKey(keytype, a, pp, length);
170} 159}
diff --git a/src/lib/libcrypto/asn1/d2i_pu.c b/src/lib/libcrypto/asn1/d2i_pu.c
index f04d230d70..ccd03c066f 100644
--- a/src/lib/libcrypto/asn1/d2i_pu.c
+++ b/src/lib/libcrypto/asn1/d2i_pu.c
@@ -77,24 +77,20 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
77{ 77{
78 EVP_PKEY *ret; 78 EVP_PKEY *ret;
79 79
80 if ((a == NULL) || (*a == NULL)) 80 if ((a == NULL) || (*a == NULL)) {
81 { 81 if ((ret=EVP_PKEY_new()) == NULL) {
82 if ((ret=EVP_PKEY_new()) == NULL)
83 {
84 ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_EVP_LIB); 82 ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_EVP_LIB);
85 return(NULL); 83 return(NULL);
86 } 84 }
87 } 85 }
88 else ret= *a; 86 else ret= *a;
89 87
90 if (!EVP_PKEY_set_type(ret, type)) 88 if (!EVP_PKEY_set_type(ret, type)) {
91 {
92 ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_EVP_LIB); 89 ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_EVP_LIB);
93 goto err; 90 goto err;
94 } 91 }
95 92
96 switch (EVP_PKEY_id(ret)) 93 switch (EVP_PKEY_id(ret)) {
97 {
98#ifndef OPENSSL_NO_RSA 94#ifndef OPENSSL_NO_RSA
99 case EVP_PKEY_RSA: 95 case EVP_PKEY_RSA:
100 if ((ret->pkey.rsa=d2i_RSAPublicKey(NULL, 96 if ((ret->pkey.rsa=d2i_RSAPublicKey(NULL,
diff --git a/src/lib/libcrypto/asn1/evp_asn1.c b/src/lib/libcrypto/asn1/evp_asn1.c
index 631924f88e..d4ea675f89 100644
--- a/src/lib/libcrypto/asn1/evp_asn1.c
+++ b/src/lib/libcrypto/asn1/evp_asn1.c
@@ -78,8 +78,7 @@ int ASN1_TYPE_get_octetstring(ASN1_TYPE *a, unsigned char *data,
78 int ret,num; 78 int ret,num;
79 unsigned char *p; 79 unsigned char *p;
80 80
81 if ((a->type != V_ASN1_OCTET_STRING) || (a->value.octet_string == NULL)) 81 if ((a->type != V_ASN1_OCTET_STRING) || (a->value.octet_string == NULL)) {
82 {
83 ASN1err(ASN1_F_ASN1_TYPE_GET_OCTETSTRING,ASN1_R_DATA_IS_WRONG); 82 ASN1err(ASN1_F_ASN1_TYPE_GET_OCTETSTRING,ASN1_R_DATA_IS_WRONG);
84 return(-1); 83 return(-1);
85 } 84 }
@@ -115,8 +114,7 @@ int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data,
115 114
116 if ((osp=ASN1_STRING_new()) == NULL) return(0); 115 if ((osp=ASN1_STRING_new()) == NULL) return(0);
117 /* Grow the 'string' */ 116 /* Grow the 'string' */
118 if (!ASN1_STRING_set(osp,NULL,size)) 117 if (!ASN1_STRING_set(osp,NULL,size)) {
119 {
120 ASN1_STRING_free(osp); 118 ASN1_STRING_free(osp);
121 return(0); 119 return(0);
122 } 120 }
@@ -145,8 +143,7 @@ int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num, unsigned char *data,
145 long length; 143 long length;
146 ASN1_const_CTX c; 144 ASN1_const_CTX c;
147 145
148 if ((a->type != V_ASN1_SEQUENCE) || (a->value.sequence == NULL)) 146 if ((a->type != V_ASN1_SEQUENCE) || (a->value.sequence == NULL)) {
149 {
150 goto err; 147 goto err;
151 } 148 }
152 p=M_ASN1_STRING_data(a->value.sequence); 149 p=M_ASN1_STRING_data(a->value.sequence);
@@ -177,8 +174,7 @@ int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num, unsigned char *data,
177 174
178 if (data != NULL) 175 if (data != NULL)
179 memcpy(data,M_ASN1_STRING_data(os),n); 176 memcpy(data,M_ASN1_STRING_data(os),n);
180 if (0) 177 if (0) {
181 {
182err: 178err:
183 ASN1err(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,ASN1_R_DATA_IS_WRONG); 179 ASN1err(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,ASN1_R_DATA_IS_WRONG);
184 } 180 }
diff --git a/src/lib/libcrypto/asn1/f_enum.c b/src/lib/libcrypto/asn1/f_enum.c
index b6e66ab194..4ccfbddf2a 100644
--- a/src/lib/libcrypto/asn1/f_enum.c
+++ b/src/lib/libcrypto/asn1/f_enum.c
@@ -71,17 +71,12 @@ int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a)
71 71
72 if (a == NULL) return(0); 72 if (a == NULL) return(0);
73 73
74 if (a->length == 0) 74 if (a->length == 0) {
75 {
76 if (BIO_write(bp,"00",2) != 2) goto err; 75 if (BIO_write(bp,"00",2) != 2) goto err;
77 n=2; 76 n=2;
78 } 77 } else {
79 else 78 for (i=0; i<a->length; i++) {
80 { 79 if ((i != 0) && (i%35 == 0)) {
81 for (i=0; i<a->length; i++)
82 {
83 if ((i != 0) && (i%35 == 0))
84 {
85 if (BIO_write(bp,"\\\n",2) != 2) goto err; 80 if (BIO_write(bp,"\\\n",2) != 2) goto err;
86 n+=2; 81 n+=2;
87 } 82 }
@@ -107,8 +102,7 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
107 bs->type=V_ASN1_ENUMERATED; 102 bs->type=V_ASN1_ENUMERATED;
108 103
109 bufsize=BIO_gets(bp,buf,size); 104 bufsize=BIO_gets(bp,buf,size);
110 for (;;) 105 for (;;) {
111 {
112 if (bufsize < 1) goto err_sl; 106 if (bufsize < 1) goto err_sl;
113 i=bufsize; 107 i=bufsize;
114 if (buf[i-1] == '\n') buf[--i]='\0'; 108 if (buf[i-1] == '\n') buf[--i]='\0';
@@ -117,12 +111,10 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
117 if (i == 0) goto err_sl; 111 if (i == 0) goto err_sl;
118 again=(buf[i-1] == '\\'); 112 again=(buf[i-1] == '\\');
119 113
120 for (j=0; j<i; j++) 114 for (j=0; j<i; j++) {
121 {
122 if (!( ((buf[j] >= '0') && (buf[j] <= '9')) || 115 if (!( ((buf[j] >= '0') && (buf[j] <= '9')) ||
123 ((buf[j] >= 'a') && (buf[j] <= 'f')) || 116 ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
124 ((buf[j] >= 'A') && (buf[j] <= 'F')))) 117 ((buf[j] >= 'A') && (buf[j] <= 'F')))) {
125 {
126 i=j; 118 i=j;
127 break; 119 break;
128 } 120 }
@@ -133,33 +125,28 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
133 if (i < 2) goto err_sl; 125 if (i < 2) goto err_sl;
134 126
135 bufp=(unsigned char *)buf; 127 bufp=(unsigned char *)buf;
136 if (first) 128 if (first) {
137 {
138 first=0; 129 first=0;
139 if ((bufp[0] == '0') && (buf[1] == '0')) 130 if ((bufp[0] == '0') && (buf[1] == '0')) {
140 {
141 bufp+=2; 131 bufp+=2;
142 i-=2; 132 i-=2;
143 } 133 }
144 } 134 }
145 k=0; 135 k=0;
146 i-=again; 136 i-=again;
147 if (i%2 != 0) 137 if (i%2 != 0) {
148 {
149 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_ODD_NUMBER_OF_CHARS); 138 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_ODD_NUMBER_OF_CHARS);
150 goto err; 139 goto err;
151 } 140 }
152 i/=2; 141 i/=2;
153 if (num+i > slen) 142 if (num+i > slen) {
154 {
155 if (s == NULL) 143 if (s == NULL)
156 sp=(unsigned char *)malloc( 144 sp=(unsigned char *)malloc(
157 (unsigned int)num+i*2); 145 (unsigned int)num+i*2);
158 else 146 else
159 sp=(unsigned char *)realloc(s, 147 sp=(unsigned char *)realloc(s,
160 (unsigned int)num+i*2); 148 (unsigned int)num+i*2);
161 if (sp == NULL) 149 if (sp == NULL) {
162 {
163 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE); 150 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE);
164 if (s != NULL) free(s); 151 if (s != NULL) free(s);
165 goto err; 152 goto err;
@@ -167,10 +154,8 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
167 s=sp; 154 s=sp;
168 slen=num+i*2; 155 slen=num+i*2;
169 } 156 }
170 for (j=0; j<i; j++,k+=2) 157 for (j=0; j<i; j++,k+=2) {
171 { 158 for (n=0; n<2; n++) {
172 for (n=0; n<2; n++)
173 {
174 m=bufp[k+n]; 159 m=bufp[k+n];
175 if ((m >= '0') && (m <= '9')) 160 if ((m >= '0') && (m <= '9'))
176 m-='0'; 161 m-='0';
@@ -178,8 +163,7 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
178 m=m-'a'+10; 163 m=m-'a'+10;
179 else if ((m >= 'A') && (m <= 'F')) 164 else if ((m >= 'A') && (m <= 'F'))
180 m=m-'A'+10; 165 m=m-'A'+10;
181 else 166 else {
182 {
183 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_NON_HEX_CHARACTERS); 167 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_NON_HEX_CHARACTERS);
184 goto err; 168 goto err;
185 } 169 }
@@ -197,8 +181,7 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
197 bs->data=s; 181 bs->data=s;
198 ret=1; 182 ret=1;
199err: 183err:
200 if (0) 184 if (0) {
201 {
202err_sl: 185err_sl:
203 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_SHORT_LINE); 186 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_SHORT_LINE);
204 } 187 }
diff --git a/src/lib/libcrypto/asn1/f_int.c b/src/lib/libcrypto/asn1/f_int.c
index 66632f2dc4..6cea1f8485 100644
--- a/src/lib/libcrypto/asn1/f_int.c
+++ b/src/lib/libcrypto/asn1/f_int.c
@@ -69,23 +69,17 @@ int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a)
69 69
70 if (a == NULL) return(0); 70 if (a == NULL) return(0);
71 71
72 if (a->type & V_ASN1_NEG) 72 if (a->type & V_ASN1_NEG) {
73 {
74 if (BIO_write(bp, "-", 1) != 1) goto err; 73 if (BIO_write(bp, "-", 1) != 1) goto err;
75 n = 1; 74 n = 1;
76 } 75 }
77 76
78 if (a->length == 0) 77 if (a->length == 0) {
79 {
80 if (BIO_write(bp,"00",2) != 2) goto err; 78 if (BIO_write(bp,"00",2) != 2) goto err;
81 n += 2; 79 n += 2;
82 } 80 } else {
83 else 81 for (i=0; i<a->length; i++) {
84 { 82 if ((i != 0) && (i%35 == 0)) {
85 for (i=0; i<a->length; i++)
86 {
87 if ((i != 0) && (i%35 == 0))
88 {
89 if (BIO_write(bp,"\\\n",2) != 2) goto err; 83 if (BIO_write(bp,"\\\n",2) != 2) goto err;
90 n+=2; 84 n+=2;
91 } 85 }
@@ -111,8 +105,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
111 bs->type=V_ASN1_INTEGER; 105 bs->type=V_ASN1_INTEGER;
112 106
113 bufsize=BIO_gets(bp,buf,size); 107 bufsize=BIO_gets(bp,buf,size);
114 for (;;) 108 for (;;) {
115 {
116 if (bufsize < 1) goto err_sl; 109 if (bufsize < 1) goto err_sl;
117 i=bufsize; 110 i=bufsize;
118 if (buf[i-1] == '\n') buf[--i]='\0'; 111 if (buf[i-1] == '\n') buf[--i]='\0';
@@ -121,12 +114,10 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
121 if (i == 0) goto err_sl; 114 if (i == 0) goto err_sl;
122 again=(buf[i-1] == '\\'); 115 again=(buf[i-1] == '\\');
123 116
124 for (j=0; j<i; j++) 117 for (j=0; j<i; j++) {
125 {
126 if (!( ((buf[j] >= '0') && (buf[j] <= '9')) || 118 if (!( ((buf[j] >= '0') && (buf[j] <= '9')) ||
127 ((buf[j] >= 'a') && (buf[j] <= 'f')) || 119 ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
128 ((buf[j] >= 'A') && (buf[j] <= 'F')))) 120 ((buf[j] >= 'A') && (buf[j] <= 'F')))) {
129 {
130 i=j; 121 i=j;
131 break; 122 break;
132 } 123 }
@@ -137,32 +128,27 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
137 if (i < 2) goto err_sl; 128 if (i < 2) goto err_sl;
138 129
139 bufp=(unsigned char *)buf; 130 bufp=(unsigned char *)buf;
140 if (first) 131 if (first) {
141 {
142 first=0; 132 first=0;
143 if ((bufp[0] == '0') && (buf[1] == '0')) 133 if ((bufp[0] == '0') && (buf[1] == '0')) {
144 {
145 bufp+=2; 134 bufp+=2;
146 i-=2; 135 i-=2;
147 } 136 }
148 } 137 }
149 k=0; 138 k=0;
150 i-=again; 139 i-=again;
151 if (i%2 != 0) 140 if (i%2 != 0) {
152 {
153 ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_ODD_NUMBER_OF_CHARS); 141 ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_ODD_NUMBER_OF_CHARS);
154 goto err; 142 goto err;
155 } 143 }
156 i/=2; 144 i/=2;
157 if (num+i > slen) 145 if (num+i > slen) {
158 {
159 if (s == NULL) 146 if (s == NULL)
160 sp=(unsigned char *)malloc( 147 sp=(unsigned char *)malloc(
161 (unsigned int)num+i*2); 148 (unsigned int)num+i*2);
162 else 149 else
163 sp=OPENSSL_realloc_clean(s,slen,num+i*2); 150 sp=OPENSSL_realloc_clean(s,slen,num+i*2);
164 if (sp == NULL) 151 if (sp == NULL) {
165 {
166 ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE); 152 ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
167 if (s != NULL) free(s); 153 if (s != NULL) free(s);
168 goto err; 154 goto err;
@@ -170,10 +156,8 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
170 s=sp; 156 s=sp;
171 slen=num+i*2; 157 slen=num+i*2;
172 } 158 }
173 for (j=0; j<i; j++,k+=2) 159 for (j=0; j<i; j++,k+=2) {
174 { 160 for (n=0; n<2; n++) {
175 for (n=0; n<2; n++)
176 {
177 m=bufp[k+n]; 161 m=bufp[k+n];
178 if ((m >= '0') && (m <= '9')) 162 if ((m >= '0') && (m <= '9'))
179 m-='0'; 163 m-='0';
@@ -181,8 +165,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
181 m=m-'a'+10; 165 m=m-'a'+10;
182 else if ((m >= 'A') && (m <= 'F')) 166 else if ((m >= 'A') && (m <= 'F'))
183 m=m-'A'+10; 167 m=m-'A'+10;
184 else 168 else {
185 {
186 ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_NON_HEX_CHARACTERS); 169 ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_NON_HEX_CHARACTERS);
187 goto err; 170 goto err;
188 } 171 }
@@ -200,8 +183,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
200 bs->data=s; 183 bs->data=s;
201 ret=1; 184 ret=1;
202err: 185err:
203 if (0) 186 if (0) {
204 {
205err_sl: 187err_sl:
206 ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_SHORT_LINE); 188 ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_SHORT_LINE);
207 } 189 }
diff --git a/src/lib/libcrypto/asn1/f_string.c b/src/lib/libcrypto/asn1/f_string.c
index 7a59fa9f4f..87d7aaa0dd 100644
--- a/src/lib/libcrypto/asn1/f_string.c
+++ b/src/lib/libcrypto/asn1/f_string.c
@@ -69,17 +69,12 @@ int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type)
69 69
70 if (a == NULL) return(0); 70 if (a == NULL) return(0);
71 71
72 if (a->length == 0) 72 if (a->length == 0) {
73 {
74 if (BIO_write(bp,"0",1) != 1) goto err; 73 if (BIO_write(bp,"0",1) != 1) goto err;
75 n=1; 74 n=1;
76 } 75 } else {
77 else 76 for (i=0; i<a->length; i++) {
78 { 77 if ((i != 0) && (i%35 == 0)) {
79 for (i=0; i<a->length; i++)
80 {
81 if ((i != 0) && (i%35 == 0))
82 {
83 if (BIO_write(bp,"\\\n",2) != 2) goto err; 78 if (BIO_write(bp,"\\\n",2) != 2) goto err;
84 n+=2; 79 n+=2;
85 } 80 }
@@ -103,10 +98,8 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
103 int num=0,slen=0,first=1; 98 int num=0,slen=0,first=1;
104 99
105 bufsize=BIO_gets(bp,buf,size); 100 bufsize=BIO_gets(bp,buf,size);
106 for (;;) 101 for (;;) {
107 { 102 if (bufsize < 1) {
108 if (bufsize < 1)
109 {
110 if (first) 103 if (first)
111 break; 104 break;
112 else 105 else
@@ -121,12 +114,10 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
121 if (i == 0) goto err_sl; 114 if (i == 0) goto err_sl;
122 again=(buf[i-1] == '\\'); 115 again=(buf[i-1] == '\\');
123 116
124 for (j=i-1; j>0; j--) 117 for (j=i-1; j>0; j--) {
125 {
126 if (!( ((buf[j] >= '0') && (buf[j] <= '9')) || 118 if (!( ((buf[j] >= '0') && (buf[j] <= '9')) ||
127 ((buf[j] >= 'a') && (buf[j] <= 'f')) || 119 ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
128 ((buf[j] >= 'A') && (buf[j] <= 'F')))) 120 ((buf[j] >= 'A') && (buf[j] <= 'F')))) {
129 {
130 i=j; 121 i=j;
131 break; 122 break;
132 } 123 }
@@ -140,22 +131,19 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
140 131
141 k=0; 132 k=0;
142 i-=again; 133 i-=again;
143 if (i%2 != 0) 134 if (i%2 != 0) {
144 {
145 ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_ODD_NUMBER_OF_CHARS); 135 ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_ODD_NUMBER_OF_CHARS);
146 goto err; 136 goto err;
147 } 137 }
148 i/=2; 138 i/=2;
149 if (num+i > slen) 139 if (num+i > slen) {
150 {
151 if (s == NULL) 140 if (s == NULL)
152 sp=(unsigned char *)malloc( 141 sp=(unsigned char *)malloc(
153 (unsigned int)num+i*2); 142 (unsigned int)num+i*2);
154 else 143 else
155 sp=(unsigned char *)realloc(s, 144 sp=(unsigned char *)realloc(s,
156 (unsigned int)num+i*2); 145 (unsigned int)num+i*2);
157 if (sp == NULL) 146 if (sp == NULL) {
158 {
159 ASN1err(ASN1_F_A2I_ASN1_STRING,ERR_R_MALLOC_FAILURE); 147 ASN1err(ASN1_F_A2I_ASN1_STRING,ERR_R_MALLOC_FAILURE);
160 if (s != NULL) free(s); 148 if (s != NULL) free(s);
161 goto err; 149 goto err;
@@ -163,10 +151,8 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
163 s=sp; 151 s=sp;
164 slen=num+i*2; 152 slen=num+i*2;
165 } 153 }
166 for (j=0; j<i; j++,k+=2) 154 for (j=0; j<i; j++,k+=2) {
167 { 155 for (n=0; n<2; n++) {
168 for (n=0; n<2; n++)
169 {
170 m=bufp[k+n]; 156 m=bufp[k+n];
171 if ((m >= '0') && (m <= '9')) 157 if ((m >= '0') && (m <= '9'))
172 m-='0'; 158 m-='0';
@@ -174,8 +160,7 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
174 m=m-'a'+10; 160 m=m-'a'+10;
175 else if ((m >= 'A') && (m <= 'F')) 161 else if ((m >= 'A') && (m <= 'F'))
176 m=m-'A'+10; 162 m=m-'A'+10;
177 else 163 else {
178 {
179 ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_NON_HEX_CHARACTERS); 164 ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_NON_HEX_CHARACTERS);
180 goto err; 165 goto err;
181 } 166 }
@@ -193,8 +178,7 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
193 bs->data=s; 178 bs->data=s;
194 ret=1; 179 ret=1;
195err: 180err:
196 if (0) 181 if (0) {
197 {
198err_sl: 182err_sl:
199 ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_SHORT_LINE); 183 ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_SHORT_LINE);
200 } 184 }
diff --git a/src/lib/libcrypto/asn1/i2d_pr.c b/src/lib/libcrypto/asn1/i2d_pr.c
index 9332c4d2ec..7175748601 100644
--- a/src/lib/libcrypto/asn1/i2d_pr.c
+++ b/src/lib/libcrypto/asn1/i2d_pr.c
@@ -64,8 +64,7 @@
64 64
65int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp) 65int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
66{ 66{
67 if (a->ameth && a->ameth->old_priv_encode) 67 if (a->ameth && a->ameth->old_priv_encode) {
68 {
69 return a->ameth->old_priv_encode(a, pp); 68 return a->ameth->old_priv_encode(a, pp);
70 } 69 }
71 if (a->ameth && a->ameth->priv_encode) { 70 if (a->ameth && a->ameth->priv_encode) {
diff --git a/src/lib/libcrypto/asn1/i2d_pu.c b/src/lib/libcrypto/asn1/i2d_pu.c
index ed8ec0753b..08b438115d 100644
--- a/src/lib/libcrypto/asn1/i2d_pu.c
+++ b/src/lib/libcrypto/asn1/i2d_pu.c
@@ -73,8 +73,7 @@
73 73
74int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) 74int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp)
75{ 75{
76 switch (a->type) 76 switch (a->type) {
77 {
78#ifndef OPENSSL_NO_RSA 77#ifndef OPENSSL_NO_RSA
79 case EVP_PKEY_RSA: 78 case EVP_PKEY_RSA:
80 return(i2d_RSAPublicKey(a->pkey.rsa,pp)); 79 return(i2d_RSAPublicKey(a->pkey.rsa,pp));
diff --git a/src/lib/libcrypto/asn1/n_pkey.c b/src/lib/libcrypto/asn1/n_pkey.c
index a59640582e..0a378759f9 100644
--- a/src/lib/libcrypto/asn1/n_pkey.c
+++ b/src/lib/libcrypto/asn1/n_pkey.c
@@ -159,8 +159,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp,
159 if ((enckey->enckey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err; 159 if ((enckey->enckey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err;
160 enckey->enckey->algor->parameter->type=V_ASN1_NULL; 160 enckey->enckey->algor->parameter->type=V_ASN1_NULL;
161 161
162 if (pp == NULL) 162 if (pp == NULL) {
163 {
164 olen = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, NULL); 163 olen = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, NULL);
165 NETSCAPE_PKEY_free(pkey); 164 NETSCAPE_PKEY_free(pkey);
166 NETSCAPE_ENCRYPTED_PKEY_free(enckey); 165 NETSCAPE_ENCRYPTED_PKEY_free(enckey);
@@ -169,8 +168,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp,
169 168
170 169
171 /* Since its RC4 encrypted length is actual length */ 170 /* Since its RC4 encrypted length is actual length */
172 if ((zz=(unsigned char *)malloc(rsalen)) == NULL) 171 if ((zz=(unsigned char *)malloc(rsalen)) == NULL) {
173 {
174 ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE); 172 ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE);
175 goto err; 173 goto err;
176 } 174 }
@@ -179,14 +177,12 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp,
179 /* Write out private key encoding */ 177 /* Write out private key encoding */
180 i2d_RSAPrivateKey(a,&zz); 178 i2d_RSAPrivateKey(a,&zz);
181 179
182 if ((zz=malloc(pkeylen)) == NULL) 180 if ((zz=malloc(pkeylen)) == NULL) {
183 {
184 ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE); 181 ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE);
185 goto err; 182 goto err;
186 } 183 }
187 184
188 if (!ASN1_STRING_set(enckey->os, "private-key", -1)) 185 if (!ASN1_STRING_set(enckey->os, "private-key", -1)) {
189 {
190 ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE); 186 ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE);
191 goto err; 187 goto err;
192 } 188 }
@@ -199,8 +195,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp,
199 if (cb == NULL) 195 if (cb == NULL)
200 cb=EVP_read_pw_string; 196 cb=EVP_read_pw_string;
201 i=cb((char *)buf,256,"Enter Private Key password:",1); 197 i=cb((char *)buf,256,"Enter Private Key password:",1);
202 if (i != 0) 198 if (i != 0) {
203 {
204 ASN1err(ASN1_F_I2D_RSA_NET,ASN1_R_BAD_PASSWORD_READ); 199 ASN1err(ASN1_F_I2D_RSA_NET,ASN1_R_BAD_PASSWORD_READ);
205 goto err; 200 goto err;
206 } 201 }
@@ -259,14 +254,12 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
259} 254}
260 255
261 if ((enckey->os->length != 11) || (strncmp("private-key", 256 if ((enckey->os->length != 11) || (strncmp("private-key",
262 (char *)enckey->os->data,11) != 0)) 257 (char *)enckey->os->data,11) != 0)) {
263 {
264 ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_PRIVATE_KEY_HEADER_MISSING); 258 ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_PRIVATE_KEY_HEADER_MISSING);
265 NETSCAPE_ENCRYPTED_PKEY_free(enckey); 259 NETSCAPE_ENCRYPTED_PKEY_free(enckey);
266 return NULL; 260 return NULL;
267 } 261 }
268 if (OBJ_obj2nid(enckey->enckey->algor->algorithm) != NID_rc4) 262 if (OBJ_obj2nid(enckey->enckey->algor->algorithm) != NID_rc4) {
269 {
270 ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM); 263 ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
271 goto err; 264 goto err;
272} 265}
@@ -296,8 +289,7 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
296 EVP_CIPHER_CTX_init(&ctx); 289 EVP_CIPHER_CTX_init(&ctx);
297 290
298 i=cb((char *)buf,256,"Enter Private Key password:",0); 291 i=cb((char *)buf,256,"Enter Private Key password:",0);
299 if (i != 0) 292 if (i != 0) {
300 {
301 ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_BAD_PASSWORD_READ); 293 ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_BAD_PASSWORD_READ);
302 goto err; 294 goto err;
303 } 295 }
@@ -324,15 +316,13 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
324 316
325 zz=os->data; 317 zz=os->data;
326 318
327 if ((pkey=d2i_NETSCAPE_PKEY(NULL,&zz,os->length)) == NULL) 319 if ((pkey=d2i_NETSCAPE_PKEY(NULL,&zz,os->length)) == NULL) {
328 {
329 ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY); 320 ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY);
330 goto err; 321 goto err;
331 } 322 }
332 323
333 zz=pkey->private_key->data; 324 zz=pkey->private_key->data;
334 if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL) 325 if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL) {
335 {
336 ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY); 326 ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY);
337 goto err; 327 goto err;
338 } 328 }
diff --git a/src/lib/libcrypto/asn1/p5_pbe.c b/src/lib/libcrypto/asn1/p5_pbe.c
index f0f23c668d..390305ad38 100644
--- a/src/lib/libcrypto/asn1/p5_pbe.c
+++ b/src/lib/libcrypto/asn1/p5_pbe.c
@@ -82,22 +82,19 @@ int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
82 unsigned char *sstr; 82 unsigned char *sstr;
83 83
84 pbe = PBEPARAM_new(); 84 pbe = PBEPARAM_new();
85 if (!pbe) 85 if (!pbe) {
86 {
87 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); 86 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE);
88 goto err; 87 goto err;
89 } 88 }
90 if(iter <= 0) 89 if(iter <= 0)
91 iter = PKCS5_DEFAULT_ITER; 90 iter = PKCS5_DEFAULT_ITER;
92 if (!ASN1_INTEGER_set(pbe->iter, iter)) 91 if (!ASN1_INTEGER_set(pbe->iter, iter)) {
93 {
94 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); 92 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE);
95 goto err; 93 goto err;
96 } 94 }
97 if (!saltlen) 95 if (!saltlen)
98 saltlen = PKCS5_SALT_LEN; 96 saltlen = PKCS5_SALT_LEN;
99 if (!ASN1_STRING_set(pbe->salt, NULL, saltlen)) 97 if (!ASN1_STRING_set(pbe->salt, NULL, saltlen)) {
100 {
101 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); 98 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE);
102 goto err; 99 goto err;
103 } 100 }
@@ -107,8 +104,7 @@ int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
107 else if (RAND_pseudo_bytes(sstr, saltlen) < 0) 104 else if (RAND_pseudo_bytes(sstr, saltlen) < 0)
108 goto err; 105 goto err;
109 106
110 if(!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) 107 if(!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) {
111 {
112 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); 108 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE);
113 goto err; 109 goto err;
114 } 110 }
@@ -134,8 +130,7 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter,
134{ 130{
135 X509_ALGOR *ret; 131 X509_ALGOR *ret;
136 ret = X509_ALGOR_new(); 132 ret = X509_ALGOR_new();
137 if (!ret) 133 if (!ret) {
138 {
139 ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); 134 ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE);
140 return NULL; 135 return NULL;
141 } 136 }
diff --git a/src/lib/libcrypto/asn1/p5_pbev2.c b/src/lib/libcrypto/asn1/p5_pbev2.c
index 2d80334e01..01563a68fd 100644
--- a/src/lib/libcrypto/asn1/p5_pbev2.c
+++ b/src/lib/libcrypto/asn1/p5_pbev2.c
@@ -114,13 +114,12 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
114 if(!(scheme->parameter = ASN1_TYPE_new())) goto merr; 114 if(!(scheme->parameter = ASN1_TYPE_new())) goto merr;
115 115
116 /* Create random IV */ 116 /* Create random IV */
117 if (EVP_CIPHER_iv_length(cipher)) 117 if (EVP_CIPHER_iv_length(cipher)) {
118 {
119 if (aiv) 118 if (aiv)
120 memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher)); 119 memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
121 else if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0) 120 else if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
122 goto err; 121 goto err;
123 } 122 }
124 123
125 EVP_CIPHER_CTX_init(&ctx); 124 EVP_CIPHER_CTX_init(&ctx);
126 125
@@ -137,11 +136,10 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
137 * An error is OK here: just means use default PRF. 136 * An error is OK here: just means use default PRF.
138 */ 137 */
139 if ((prf_nid == -1) && 138 if ((prf_nid == -1) &&
140 EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_PBE_PRF_NID, 0, &prf_nid) <= 0) 139 EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_PBE_PRF_NID, 0, &prf_nid) <= 0) {
141 {
142 ERR_clear_error(); 140 ERR_clear_error();
143 prf_nid = NID_hmacWithSHA1; 141 prf_nid = NID_hmacWithSHA1;
144 } 142 }
145 EVP_CIPHER_CTX_cleanup(&ctx); 143 EVP_CIPHER_CTX_cleanup(&ctx);
146 144
147 /* If its RC2 then we'd better setup the key length */ 145 /* If its RC2 then we'd better setup the key length */
@@ -178,7 +176,7 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
178 176
179 return ret; 177 return ret;
180 178
181 merr: 179merr:
182 ASN1err(ASN1_F_PKCS5_PBE2_SET_IV,ERR_R_MALLOC_FAILURE); 180 ASN1err(ASN1_F_PKCS5_PBE2_SET_IV,ERR_R_MALLOC_FAILURE);
183 181
184 err: 182 err:
@@ -193,13 +191,13 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
193 191
194X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, 192X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
195 unsigned char *salt, int saltlen) 193 unsigned char *salt, int saltlen)
196 { 194{
197 return PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, -1); 195 return PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, -1);
198 } 196}
199 197
200X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, 198X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
201 int prf_nid, int keylen) 199 int prf_nid, int keylen)
202 { 200{
203 X509_ALGOR *keyfunc = NULL; 201 X509_ALGOR *keyfunc = NULL;
204 PBKDF2PARAM *kdf = NULL; 202 PBKDF2PARAM *kdf = NULL;
205 ASN1_OCTET_STRING *osalt = NULL; 203 ASN1_OCTET_STRING *osalt = NULL;
@@ -232,8 +230,7 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
232 230
233 /* If have a key len set it up */ 231 /* If have a key len set it up */
234 232
235 if(keylen > 0) 233 if(keylen > 0) {
236 {
237 if(!(kdf->keylength = M_ASN1_INTEGER_new())) 234 if(!(kdf->keylength = M_ASN1_INTEGER_new()))
238 goto merr; 235 goto merr;
239 if(!ASN1_INTEGER_set (kdf->keylength, keylen)) 236 if(!ASN1_INTEGER_set (kdf->keylength, keylen))
@@ -241,14 +238,13 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
241 } 238 }
242 239
243 /* prf can stay NULL if we are using hmacWithSHA1 */ 240 /* prf can stay NULL if we are using hmacWithSHA1 */
244 if (prf_nid > 0 && prf_nid != NID_hmacWithSHA1) 241 if (prf_nid > 0 && prf_nid != NID_hmacWithSHA1) {
245 {
246 kdf->prf = X509_ALGOR_new(); 242 kdf->prf = X509_ALGOR_new();
247 if (!kdf->prf) 243 if (!kdf->prf)
248 goto merr; 244 goto merr;
249 X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid), 245 X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid),
250 V_ASN1_NULL, NULL); 246 V_ASN1_NULL, NULL);
251 } 247 }
252 248
253 /* Finally setup the keyfunc structure */ 249 /* Finally setup the keyfunc structure */
254 250
@@ -271,10 +267,10 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
271 PBKDF2PARAM_free(kdf); 267 PBKDF2PARAM_free(kdf);
272 return keyfunc; 268 return keyfunc;
273 269
274 merr: 270merr:
275 ASN1err(ASN1_F_PKCS5_PBKDF2_SET,ERR_R_MALLOC_FAILURE); 271 ASN1err(ASN1_F_PKCS5_PBKDF2_SET,ERR_R_MALLOC_FAILURE);
276 PBKDF2PARAM_free(kdf); 272 PBKDF2PARAM_free(kdf);
277 X509_ALGOR_free(keyfunc); 273 X509_ALGOR_free(keyfunc);
278 return NULL; 274 return NULL;
279 } 275}
280 276
diff --git a/src/lib/libcrypto/asn1/p8_pkey.c b/src/lib/libcrypto/asn1/p8_pkey.c
index 9d26cf51ec..c95d7e55a0 100644
--- a/src/lib/libcrypto/asn1/p8_pkey.c
+++ b/src/lib/libcrypto/asn1/p8_pkey.c
@@ -90,13 +90,11 @@ int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
90 unsigned char *penc, int penclen) 90 unsigned char *penc, int penclen)
91{ 91{
92 unsigned char **ppenc = NULL; 92 unsigned char **ppenc = NULL;
93 if (version >= 0) 93 if (version >= 0) {
94 {
95 if (!ASN1_INTEGER_set(priv->version, version)) 94 if (!ASN1_INTEGER_set(priv->version, version))
96 return 0; 95 return 0;
97 } 96 }
98 if (penc) 97 if (penc) {
99 {
100 int pmtype; 98 int pmtype;
101 ASN1_OCTET_STRING *oct; 99 ASN1_OCTET_STRING *oct;
102 oct = ASN1_OCTET_STRING_new(); 100 oct = ASN1_OCTET_STRING_new();
@@ -111,8 +109,7 @@ int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
111 pmtype = V_ASN1_OCTET_STRING; 109 pmtype = V_ASN1_OCTET_STRING;
112 ASN1_TYPE_set(priv->pkey, pmtype, oct); 110 ASN1_TYPE_set(priv->pkey, pmtype, oct);
113 } 111 }
114 if (!X509_ALGOR_set0(priv->pkeyalg, aobj, ptype, pval)) 112 if (!X509_ALGOR_set0(priv->pkeyalg, aobj, ptype, pval)) {
115 {
116 /* If call fails do not swallow 'enc' */ 113 /* If call fails do not swallow 'enc' */
117 if (ppenc) 114 if (ppenc)
118 *ppenc = NULL; 115 *ppenc = NULL;
@@ -128,20 +125,15 @@ int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg,
128{ 125{
129 if (ppkalg) 126 if (ppkalg)
130 *ppkalg = p8->pkeyalg->algorithm; 127 *ppkalg = p8->pkeyalg->algorithm;
131 if(p8->pkey->type == V_ASN1_OCTET_STRING) 128 if(p8->pkey->type == V_ASN1_OCTET_STRING) {
132 {
133 p8->broken = PKCS8_OK; 129 p8->broken = PKCS8_OK;
134 if (pk) 130 if (pk) {
135 {
136 *pk = p8->pkey->value.octet_string->data; 131 *pk = p8->pkey->value.octet_string->data;
137 *ppklen = p8->pkey->value.octet_string->length; 132 *ppklen = p8->pkey->value.octet_string->length;
138 } 133 }
139 } 134 } else if (p8->pkey->type == V_ASN1_SEQUENCE) {
140 else if (p8->pkey->type == V_ASN1_SEQUENCE)
141 {
142 p8->broken = PKCS8_NO_OCTET; 135 p8->broken = PKCS8_NO_OCTET;
143 if (pk) 136 if (pk) {
144 {
145 *pk = p8->pkey->value.sequence->data; 137 *pk = p8->pkey->value.sequence->data;
146 *ppklen = p8->pkey->value.sequence->length; 138 *ppklen = p8->pkey->value.sequence->length;
147 } 139 }
diff --git a/src/lib/libcrypto/asn1/t_crl.c b/src/lib/libcrypto/asn1/t_crl.c
index 1624cc5fcc..c665a26bce 100644
--- a/src/lib/libcrypto/asn1/t_crl.c
+++ b/src/lib/libcrypto/asn1/t_crl.c
@@ -70,8 +70,7 @@ int X509_CRL_print_fp(FILE *fp, X509_CRL *x)
70 BIO *b; 70 BIO *b;
71 int ret; 71 int ret;
72 72
73 if ((b=BIO_new(BIO_s_file())) == NULL) 73 if ((b=BIO_new(BIO_s_file())) == NULL) {
74 {
75 X509err(X509_F_X509_CRL_PRINT_FP,ERR_R_BUF_LIB); 74 X509err(X509_F_X509_CRL_PRINT_FP,ERR_R_BUF_LIB);
76 return(0); 75 return(0);
77 } 76 }
diff --git a/src/lib/libcrypto/asn1/t_pkey.c b/src/lib/libcrypto/asn1/t_pkey.c
index 61f5cd61f1..12674e0125 100644
--- a/src/lib/libcrypto/asn1/t_pkey.c
+++ b/src/lib/libcrypto/asn1/t_pkey.c
@@ -72,21 +72,17 @@ int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
72 neg = (BN_is_negative(num))?"-":""; 72 neg = (BN_is_negative(num))?"-":"";
73 if(!BIO_indent(bp,off,128)) 73 if(!BIO_indent(bp,off,128))
74 return 0; 74 return 0;
75 if (BN_is_zero(num)) 75 if (BN_is_zero(num)) {
76 {
77 if (BIO_printf(bp, "%s 0\n", number) <= 0) 76 if (BIO_printf(bp, "%s 0\n", number) <= 0)
78 return 0; 77 return 0;
79 return 1; 78 return 1;
80 } 79 }
81 80
82 if (BN_num_bytes(num) <= BN_BYTES) 81 if (BN_num_bytes(num) <= BN_BYTES) {
83 {
84 if (BIO_printf(bp,"%s %s%lu (%s0x%lx)\n",number,neg, 82 if (BIO_printf(bp,"%s %s%lu (%s0x%lx)\n",number,neg,
85 (unsigned long)num->d[0],neg,(unsigned long)num->d[0]) 83 (unsigned long)num->d[0],neg,(unsigned long)num->d[0])
86 <= 0) return(0); 84 <= 0) return(0);
87 } 85 } else {
88 else
89 {
90 buf[0]=0; 86 buf[0]=0;
91 if (BIO_printf(bp,"%s%s",number, 87 if (BIO_printf(bp,"%s%s",number,
92 (neg[0] == '-')?" (Negative)":"") <= 0) 88 (neg[0] == '-')?" (Negative)":"") <= 0)
@@ -97,10 +93,8 @@ int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
97 n++; 93 n++;
98 else buf++; 94 else buf++;
99 95
100 for (i=0; i<n; i++) 96 for (i=0; i<n; i++) {
101 { 97 if ((i%15) == 0) {
102 if ((i%15) == 0)
103 {
104 if(BIO_puts(bp,"\n") <= 0 98 if(BIO_puts(bp,"\n") <= 0
105 || !BIO_indent(bp,off+4,128)) 99 || !BIO_indent(bp,off+4,128))
106 return 0; 100 return 0;
diff --git a/src/lib/libcrypto/asn1/t_req.c b/src/lib/libcrypto/asn1/t_req.c
index a863543898..4457f5291e 100644
--- a/src/lib/libcrypto/asn1/t_req.c
+++ b/src/lib/libcrypto/asn1/t_req.c
@@ -76,8 +76,7 @@ int X509_REQ_print_fp(FILE *fp, X509_REQ *x)
76 BIO *b; 76 BIO *b;
77 int ret; 77 int ret;
78 78
79 if ((b=BIO_new(BIO_s_file())) == NULL) 79 if ((b=BIO_new(BIO_s_file())) == NULL) {
80 {
81 X509err(X509_F_X509_REQ_PRINT_FP,ERR_R_BUF_LIB); 80 X509err(X509_F_X509_REQ_PRINT_FP,ERR_R_BUF_LIB);
82 return(0); 81 return(0);
83 } 82 }
@@ -110,17 +109,16 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long
110 109
111 110
112 ri=x->req_info; 111 ri=x->req_info;
113 if(!(cflag & X509_FLAG_NO_HEADER)) 112 if(!(cflag & X509_FLAG_NO_HEADER)) {
114 {
115 if (BIO_write(bp,"Certificate Request:\n",21) <= 0) goto err; 113 if (BIO_write(bp,"Certificate Request:\n",21) <= 0) goto err;
116 if (BIO_write(bp," Data:\n",10) <= 0) goto err; 114 if (BIO_write(bp," Data:\n",10) <= 0) goto err;
117 } 115 }
118 if(!(cflag & X509_FLAG_NO_VERSION)) 116 if(!(cflag & X509_FLAG_NO_VERSION)) {
119 {
120 neg=(ri->version->type == V_ASN1_NEG_INTEGER)?"-":""; 117 neg=(ri->version->type == V_ASN1_NEG_INTEGER)?"-":"";
121 l=0; 118 l=0;
122 for (i=0; i<ri->version->length; i++) 119 for (i=0; i<ri->version->length; i++) {
123 { l<<=8; l+=ri->version->data[i]; } 120 l<<=8; l+=ri->version->data[i];
121 }
124 if(BIO_printf(bp,"%8sVersion: %s%lu (%s0x%lx)\n","",neg,l,neg, 122 if(BIO_printf(bp,"%8sVersion: %s%lu (%s0x%lx)\n","",neg,l,neg,
125 l) <= 0) 123 l) <= 0)
126 goto err; 124 goto err;
@@ -131,8 +129,7 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long
131 if (X509_NAME_print_ex(bp,ri->subject,nmindent, nmflags) < 0) goto err; 129 if (X509_NAME_print_ex(bp,ri->subject,nmindent, nmflags) < 0) goto err;
132 if (BIO_write(bp,"\n",1) <= 0) goto err; 130 if (BIO_write(bp,"\n",1) <= 0) goto err;
133 } 131 }
134 if(!(cflag & X509_FLAG_NO_PUBKEY)) 132 if(!(cflag & X509_FLAG_NO_PUBKEY)) {
135 {
136 if (BIO_write(bp," Subject Public Key Info:\n",33) <= 0) 133 if (BIO_write(bp," Subject Public Key Info:\n",33) <= 0)
137 goto err; 134 goto err;
138 if (BIO_printf(bp,"%12sPublic Key Algorithm: ","") <= 0) 135 if (BIO_printf(bp,"%12sPublic Key Algorithm: ","") <= 0)
@@ -143,34 +140,26 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long
143 goto err; 140 goto err;
144 141
145 pkey=X509_REQ_get_pubkey(x); 142 pkey=X509_REQ_get_pubkey(x);
146 if (pkey == NULL) 143 if (pkey == NULL) {
147 {
148 BIO_printf(bp,"%12sUnable to load Public Key\n",""); 144 BIO_printf(bp,"%12sUnable to load Public Key\n","");
149 ERR_print_errors(bp); 145 ERR_print_errors(bp);
150 } 146 } else {
151 else
152 {
153 EVP_PKEY_print_public(bp, pkey, 16, NULL); 147 EVP_PKEY_print_public(bp, pkey, 16, NULL);
154 EVP_PKEY_free(pkey); 148 EVP_PKEY_free(pkey);
155 } 149 }
156 } 150 }
157 151
158 if(!(cflag & X509_FLAG_NO_ATTRIBUTES)) 152 if(!(cflag & X509_FLAG_NO_ATTRIBUTES)) {
159 {
160 /* may not be */ 153 /* may not be */
161 if(BIO_printf(bp,"%8sAttributes:\n","") <= 0) 154 if(BIO_printf(bp,"%8sAttributes:\n","") <= 0)
162 goto err; 155 goto err;
163 156
164 sk=x->req_info->attributes; 157 sk=x->req_info->attributes;
165 if (sk_X509_ATTRIBUTE_num(sk) == 0) 158 if (sk_X509_ATTRIBUTE_num(sk) == 0) {
166 {
167 if(BIO_printf(bp,"%12sa0:00\n","") <= 0) 159 if(BIO_printf(bp,"%12sa0:00\n","") <= 0)
168 goto err; 160 goto err;
169 } 161 } else {
170 else 162 for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++) {
171 {
172 for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++)
173 {
174 ASN1_TYPE *at; 163 ASN1_TYPE *at;
175 X509_ATTRIBUTE *a; 164 X509_ATTRIBUTE *a;
176 ASN1_BIT_STRING *bs=NULL; 165 ASN1_BIT_STRING *bs=NULL;
@@ -182,16 +171,12 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long
182 continue; 171 continue;
183 if(BIO_printf(bp,"%12s","") <= 0) 172 if(BIO_printf(bp,"%12s","") <= 0)
184 goto err; 173 goto err;
185 if ((j=i2a_ASN1_OBJECT(bp,a->object)) > 0) 174 if ((j=i2a_ASN1_OBJECT(bp,a->object)) > 0) {
186 { 175 if (a->single) {
187 if (a->single)
188 {
189 t=a->value.single; 176 t=a->value.single;
190 type=t->type; 177 type=t->type;
191 bs=t->value.bit_string; 178 bs=t->value.bit_string;
192 } 179 } else {
193 else
194 {
195 ii=0; 180 ii=0;
196 count=sk_ASN1_TYPE_num(a->value.set); 181 count=sk_ASN1_TYPE_num(a->value.set);
197get_next: 182get_next:
@@ -205,29 +190,23 @@ get_next:
205 if (BIO_puts(bp,":") <= 0) goto err; 190 if (BIO_puts(bp,":") <= 0) goto err;
206 if ( (type == V_ASN1_PRINTABLESTRING) || 191 if ( (type == V_ASN1_PRINTABLESTRING) ||
207 (type == V_ASN1_T61STRING) || 192 (type == V_ASN1_T61STRING) ||
208 (type == V_ASN1_IA5STRING)) 193 (type == V_ASN1_IA5STRING)) {
209 {
210 if (BIO_write(bp,(char *)bs->data,bs->length) 194 if (BIO_write(bp,(char *)bs->data,bs->length)
211 != bs->length) 195 != bs->length)
212 goto err; 196 goto err;
213 BIO_puts(bp,"\n"); 197 BIO_puts(bp,"\n");
214 } 198 } else {
215 else
216 {
217 BIO_puts(bp,"unable to print attribute\n"); 199 BIO_puts(bp,"unable to print attribute\n");
218 } 200 }
219 if (++ii < count) goto get_next; 201 if (++ii < count) goto get_next;
220 } 202 }
221 } 203 }
222 } 204 }
223 if(!(cflag & X509_FLAG_NO_EXTENSIONS)) 205 if(!(cflag & X509_FLAG_NO_EXTENSIONS)) {
224 {
225 exts = X509_REQ_get_extensions(x); 206 exts = X509_REQ_get_extensions(x);
226 if(exts) 207 if(exts) {
227 {
228 BIO_printf(bp,"%8sRequested Extensions:\n",""); 208 BIO_printf(bp,"%8sRequested Extensions:\n","");
229 for (i=0; i<sk_X509_EXTENSION_num(exts); i++) 209 for (i=0; i<sk_X509_EXTENSION_num(exts); i++) {
230 {
231 ASN1_OBJECT *obj; 210 ASN1_OBJECT *obj;
232 X509_EXTENSION *ex; 211 X509_EXTENSION *ex;
233 int j; 212 int j;
@@ -238,8 +217,7 @@ get_next:
238 j=X509_EXTENSION_get_critical(ex); 217 j=X509_EXTENSION_get_critical(ex);
239 if (BIO_printf(bp,": %s\n",j?"critical":"") <= 0) 218 if (BIO_printf(bp,": %s\n",j?"critical":"") <= 0)
240 goto err; 219 goto err;
241 if(!X509V3_EXT_print(bp, ex, cflag, 16)) 220 if(!X509V3_EXT_print(bp, ex, cflag, 16)) {
242 {
243 BIO_printf(bp, "%16s", ""); 221 BIO_printf(bp, "%16s", "");
244 M_ASN1_OCTET_STRING_print(bp,ex->value); 222 M_ASN1_OCTET_STRING_print(bp,ex->value);
245 } 223 }
@@ -249,8 +227,7 @@ get_next:
249 } 227 }
250 } 228 }
251 229
252 if(!(cflag & X509_FLAG_NO_SIGDUMP)) 230 if(!(cflag & X509_FLAG_NO_SIGDUMP)) {
253 {
254 if(!X509_signature_print(bp, x->sig_alg, x->signature)) goto err; 231 if(!X509_signature_print(bp, x->sig_alg, x->signature)) goto err;
255 } 232 }
256 233
diff --git a/src/lib/libcrypto/asn1/t_spki.c b/src/lib/libcrypto/asn1/t_spki.c
index 016eb2fc2e..f135754535 100644
--- a/src/lib/libcrypto/asn1/t_spki.c
+++ b/src/lib/libcrypto/asn1/t_spki.c
@@ -81,9 +81,9 @@ int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki)
81 BIO_printf(out," Public Key Algorithm: %s\n", 81 BIO_printf(out," Public Key Algorithm: %s\n",
82 (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)); 82 (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i));
83 pkey = X509_PUBKEY_get(spki->spkac->pubkey); 83 pkey = X509_PUBKEY_get(spki->spkac->pubkey);
84 if(!pkey) BIO_printf(out, " Unable to load public key\n"); 84 if(!pkey)
85 else 85 BIO_printf(out, " Unable to load public key\n");
86 { 86 else {
87 EVP_PKEY_print_public(out, pkey, 4, NULL); 87 EVP_PKEY_print_public(out, pkey, 4, NULL);
88 EVP_PKEY_free(pkey); 88 EVP_PKEY_free(pkey);
89 } 89 }
@@ -96,9 +96,9 @@ int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki)
96 96
97 n=spki->signature->length; 97 n=spki->signature->length;
98 s=(char *)spki->signature->data; 98 s=(char *)spki->signature->data;
99 for (i=0; i<n; i++) 99 for (i=0; i<n; i++) {
100 { 100 if ((i%18) == 0)
101 if ((i%18) == 0) BIO_write(out,"\n ",7); 101 BIO_write(out,"\n ",7);
102 BIO_printf(out,"%02x%s",(unsigned char)s[i], 102 BIO_printf(out,"%02x%s",(unsigned char)s[i],
103 ((i+1) == n)?"":":"); 103 ((i+1) == n)?"":":");
104 } 104 }
diff --git a/src/lib/libcrypto/asn1/t_x509.c b/src/lib/libcrypto/asn1/t_x509.c
index 30d49cc4dd..32f1a4f4b0 100644
--- a/src/lib/libcrypto/asn1/t_x509.c
+++ b/src/lib/libcrypto/asn1/t_x509.c
@@ -85,8 +85,7 @@ int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag, unsigned long cfla
85 BIO *b; 85 BIO *b;
86 int ret; 86 int ret;
87 87
88 if ((b=BIO_new(BIO_s_file())) == NULL) 88 if ((b=BIO_new(BIO_s_file())) == NULL) {
89 {
90 X509err(X509_F_X509_PRINT_EX_FP,ERR_R_BUF_LIB); 89 X509err(X509_F_X509_PRINT_EX_FP,ERR_R_BUF_LIB);
91 return(0); 90 return(0);
92 } 91 }
@@ -122,42 +121,33 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
122 nmindent = 16; 121 nmindent = 16;
123 122
124 ci=x->cert_info; 123 ci=x->cert_info;
125 if(!(cflag & X509_FLAG_NO_HEADER)) 124 if(!(cflag & X509_FLAG_NO_HEADER)) {
126 {
127 if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err; 125 if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err;
128 if (BIO_write(bp," Data:\n",10) <= 0) goto err; 126 if (BIO_write(bp," Data:\n",10) <= 0) goto err;
129 } 127 }
130 if(!(cflag & X509_FLAG_NO_VERSION)) 128 if(!(cflag & X509_FLAG_NO_VERSION)) {
131 {
132 l=X509_get_version(x); 129 l=X509_get_version(x);
133 if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err; 130 if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
134 } 131 }
135 if(!(cflag & X509_FLAG_NO_SERIAL)) 132 if(!(cflag & X509_FLAG_NO_SERIAL)) {
136 {
137 133
138 if (BIO_write(bp," Serial Number:",22) <= 0) goto err; 134 if (BIO_write(bp," Serial Number:",22) <= 0) goto err;
139 135
140 bs=X509_get_serialNumber(x); 136 bs=X509_get_serialNumber(x);
141 if (bs->length <= (int)sizeof(long)) 137 if (bs->length <= (int)sizeof(long)) {
142 {
143 l=ASN1_INTEGER_get(bs); 138 l=ASN1_INTEGER_get(bs);
144 if (bs->type == V_ASN1_NEG_INTEGER) 139 if (bs->type == V_ASN1_NEG_INTEGER) {
145 {
146 l= -l; 140 l= -l;
147 neg="-"; 141 neg="-";
148 } 142 } else
149 else
150 neg=""; 143 neg="";
151 if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0) 144 if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0)
152 goto err; 145 goto err;
153 } 146 } else {
154 else
155 {
156 neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":""; 147 neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":"";
157 if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err; 148 if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err;
158 149
159 for (i=0; i<bs->length; i++) 150 for (i=0; i<bs->length; i++) {
160 {
161 if (BIO_printf(bp,"%02x%c",bs->data[i], 151 if (BIO_printf(bp,"%02x%c",bs->data[i],
162 ((i+1 == bs->length)?'\n':':')) <= 0) 152 ((i+1 == bs->length)?'\n':':')) <= 0)
163 goto err; 153 goto err;
@@ -166,8 +156,7 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
166 156
167 } 157 }
168 158
169 if(!(cflag & X509_FLAG_NO_SIGNAME)) 159 if(!(cflag & X509_FLAG_NO_SIGNAME)) {
170 {
171 if(X509_signature_print(bp, x->sig_alg, NULL) <= 0) 160 if(X509_signature_print(bp, x->sig_alg, NULL) <= 0)
172 goto err; 161 goto err;
173#if 0 162#if 0
@@ -180,14 +169,12 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
180#endif 169#endif
181 } 170 }
182 171
183 if(!(cflag & X509_FLAG_NO_ISSUER)) 172 if(!(cflag & X509_FLAG_NO_ISSUER)) {
184 {
185 if (BIO_printf(bp," Issuer:%c",mlch) <= 0) goto err; 173 if (BIO_printf(bp," Issuer:%c",mlch) <= 0) goto err;
186 if (X509_NAME_print_ex(bp,X509_get_issuer_name(x),nmindent, nmflags) < 0) goto err; 174 if (X509_NAME_print_ex(bp,X509_get_issuer_name(x),nmindent, nmflags) < 0) goto err;
187 if (BIO_write(bp,"\n",1) <= 0) goto err; 175 if (BIO_write(bp,"\n",1) <= 0) goto err;
188 } 176 }
189 if(!(cflag & X509_FLAG_NO_VALIDITY)) 177 if(!(cflag & X509_FLAG_NO_VALIDITY)) {
190 {
191 if (BIO_write(bp," Validity\n",17) <= 0) goto err; 178 if (BIO_write(bp," Validity\n",17) <= 0) goto err;
192 if (BIO_write(bp," Not Before: ",24) <= 0) goto err; 179 if (BIO_write(bp," Not Before: ",24) <= 0) goto err;
193 if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err; 180 if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err;
@@ -195,14 +182,12 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
195 if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err; 182 if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err;
196 if (BIO_write(bp,"\n",1) <= 0) goto err; 183 if (BIO_write(bp,"\n",1) <= 0) goto err;
197 } 184 }
198 if(!(cflag & X509_FLAG_NO_SUBJECT)) 185 if(!(cflag & X509_FLAG_NO_SUBJECT)) {
199 {
200 if (BIO_printf(bp," Subject:%c",mlch) <= 0) goto err; 186 if (BIO_printf(bp," Subject:%c",mlch) <= 0) goto err;
201 if (X509_NAME_print_ex(bp,X509_get_subject_name(x),nmindent, nmflags) < 0) goto err; 187 if (X509_NAME_print_ex(bp,X509_get_subject_name(x),nmindent, nmflags) < 0) goto err;
202 if (BIO_write(bp,"\n",1) <= 0) goto err; 188 if (BIO_write(bp,"\n",1) <= 0) goto err;
203 } 189 }
204 if(!(cflag & X509_FLAG_NO_PUBKEY)) 190 if(!(cflag & X509_FLAG_NO_PUBKEY)) {
205 {
206 if (BIO_write(bp," Subject Public Key Info:\n",33) <= 0) 191 if (BIO_write(bp," Subject Public Key Info:\n",33) <= 0)
207 goto err; 192 goto err;
208 if (BIO_printf(bp,"%12sPublic Key Algorithm: ","") <= 0) 193 if (BIO_printf(bp,"%12sPublic Key Algorithm: ","") <= 0)
@@ -213,13 +198,10 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
213 goto err; 198 goto err;
214 199
215 pkey=X509_get_pubkey(x); 200 pkey=X509_get_pubkey(x);
216 if (pkey == NULL) 201 if (pkey == NULL) {
217 {
218 BIO_printf(bp,"%12sUnable to load Public Key\n",""); 202 BIO_printf(bp,"%12sUnable to load Public Key\n","");
219 ERR_print_errors(bp); 203 ERR_print_errors(bp);
220 } 204 } else {
221 else
222 {
223 EVP_PKEY_print_public(bp, pkey, 16, NULL); 205 EVP_PKEY_print_public(bp, pkey, 16, NULL);
224 EVP_PKEY_free(pkey); 206 EVP_PKEY_free(pkey);
225 } 207 }
@@ -229,12 +211,10 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
229 X509V3_extensions_print(bp, "X509v3 extensions", 211 X509V3_extensions_print(bp, "X509v3 extensions",
230 ci->extensions, cflag, 8); 212 ci->extensions, cflag, 8);
231 213
232 if(!(cflag & X509_FLAG_NO_SIGDUMP)) 214 if(!(cflag & X509_FLAG_NO_SIGDUMP)) {
233 {
234 if(X509_signature_print(bp, x->sig_alg, x->signature) <= 0) goto err; 215 if(X509_signature_print(bp, x->sig_alg, x->signature) <= 0) goto err;
235 } 216 }
236 if(!(cflag & X509_FLAG_NO_AUX)) 217 if(!(cflag & X509_FLAG_NO_AUX)) {
237 {
238 if (!X509_CERT_AUX_print(bp, x->aux, 0)) goto err; 218 if (!X509_CERT_AUX_print(bp, x->aux, 0)) goto err;
239 } 219 }
240 ret=1; 220 ret=1;
@@ -262,8 +242,7 @@ int X509_ocspid_print (BIO *bp, X509 *x)
262 242
263 if (!EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL)) 243 if (!EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL))
264 goto err; 244 goto err;
265 for (i=0; i < SHA_DIGEST_LENGTH; i++) 245 for (i=0; i < SHA_DIGEST_LENGTH; i++) {
266 {
267 if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err; 246 if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err;
268 } 247 }
269 free (der); 248 free (der);
@@ -278,8 +257,7 @@ int X509_ocspid_print (BIO *bp, X509 *x)
278 x->cert_info->key->public_key->length, 257 x->cert_info->key->public_key->length,
279 SHA1md, NULL, EVP_sha1(), NULL)) 258 SHA1md, NULL, EVP_sha1(), NULL))
280 goto err; 259 goto err;
281 for (i=0; i < SHA_DIGEST_LENGTH; i++) 260 for (i=0; i < SHA_DIGEST_LENGTH; i++) {
282 {
283 if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) 261 if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0)
284 goto err; 262 goto err;
285 } 263 }
@@ -298,10 +276,8 @@ int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent)
298 276
299 n=sig->length; 277 n=sig->length;
300 s=sig->data; 278 s=sig->data;
301 for (i=0; i<n; i++) 279 for (i=0; i<n; i++) {
302 { 280 if ((i%18) == 0) {
303 if ((i%18) == 0)
304 {
305 if (BIO_write(bp,"\n",1) <= 0) return 0; 281 if (BIO_write(bp,"\n",1) <= 0) return 0;
306 if (BIO_indent(bp, indent, indent) <= 0) return 0; 282 if (BIO_indent(bp, indent, indent) <= 0) return 0;
307 } 283 }
@@ -320,12 +296,10 @@ int X509_signature_print(BIO *bp, X509_ALGOR *sigalg, ASN1_STRING *sig)
320 if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0) return 0; 296 if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0) return 0;
321 297
322 sig_nid = OBJ_obj2nid(sigalg->algorithm); 298 sig_nid = OBJ_obj2nid(sigalg->algorithm);
323 if (sig_nid != NID_undef) 299 if (sig_nid != NID_undef) {
324 {
325 int pkey_nid, dig_nid; 300 int pkey_nid, dig_nid;
326 const EVP_PKEY_ASN1_METHOD *ameth; 301 const EVP_PKEY_ASN1_METHOD *ameth;
327 if (OBJ_find_sigid_algs(sig_nid, &dig_nid, &pkey_nid)) 302 if (OBJ_find_sigid_algs(sig_nid, &dig_nid, &pkey_nid)) {
328 {
329 ameth = EVP_PKEY_asn1_find(NULL, pkey_nid); 303 ameth = EVP_PKEY_asn1_find(NULL, pkey_nid);
330 if (ameth && ameth->sig_print) 304 if (ameth && ameth->sig_print)
331 return ameth->sig_print(bp, sigalg, sig, 9, 0); 305 return ameth->sig_print(bp, sigalg, sig, 9, 0);
@@ -347,16 +321,14 @@ int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v)
347 if (v == NULL) return(0); 321 if (v == NULL) return(0);
348 n=0; 322 n=0;
349 p=(const char *)v->data; 323 p=(const char *)v->data;
350 for (i=0; i<v->length; i++) 324 for (i=0; i<v->length; i++) {
351 {
352 if ((p[i] > '~') || ((p[i] < ' ') && 325 if ((p[i] > '~') || ((p[i] < ' ') &&
353 (p[i] != '\n') && (p[i] != '\r'))) 326 (p[i] != '\n') && (p[i] != '\r')))
354 buf[n]='.'; 327 buf[n]='.';
355 else 328 else
356 buf[n]=p[i]; 329 buf[n]=p[i];
357 n++; 330 n++;
358 if (n >= 80) 331 if (n >= 80) {
359 {
360 if (BIO_write(bp,buf,n) <= 0) 332 if (BIO_write(bp,buf,n) <= 0)
361 return(0); 333 return(0);
362 n=0; 334 n=0;
@@ -407,12 +379,10 @@ int ASN1_GENERALIZEDTIME_print(BIO *bp, const ASN1_GENERALIZEDTIME *tm)
407 m= (v[10]-'0')*10+(v[11]-'0'); 379 m= (v[10]-'0')*10+(v[11]-'0');
408 if (tm->length >= 14 && 380 if (tm->length >= 14 &&
409 (v[12] >= '0') && (v[12] <= '9') && 381 (v[12] >= '0') && (v[12] <= '9') &&
410 (v[13] >= '0') && (v[13] <= '9')) 382 (v[13] >= '0') && (v[13] <= '9')) {
411 {
412 s= (v[12]-'0')*10+(v[13]-'0'); 383 s= (v[12]-'0')*10+(v[13]-'0');
413 /* Check for fractions of seconds. */ 384 /* Check for fractions of seconds. */
414 if (tm->length >= 15 && v[14] == '.') 385 if (tm->length >= 15 && v[14] == '.') {
415 {
416 int l = tm->length; 386 int l = tm->length;
417 f = &v[14]; /* The decimal point. */ 387 f = &v[14]; /* The decimal point. */
418 f_len = 1; 388 f_len = 1;
@@ -475,29 +445,25 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
475 l=80-2-obase; 445 l=80-2-obase;
476 446
477 b=X509_NAME_oneline(name,NULL,0); 447 b=X509_NAME_oneline(name,NULL,0);
478 if (!*b) 448 if (!*b) {
479 {
480 free(b); 449 free(b);
481 return 1; 450 return 1;
482 } 451 }
483 s=b+1; /* skip the first slash */ 452 s=b+1; /* skip the first slash */
484 453
485 c=s; 454 c=s;
486 for (;;) 455 for (;;) {
487 {
488 if ( ((*s == '/') && 456 if ( ((*s == '/') &&
489 ((s[1] >= 'A') && (s[1] <= 'Z') && ( 457 ((s[1] >= 'A') && (s[1] <= 'Z') && (
490 (s[2] == '=') || 458 (s[2] == '=') ||
491 ((s[2] >= 'A') && (s[2] <= 'Z') && 459 ((s[2] >= 'A') && (s[2] <= 'Z') &&
492 (s[3] == '=')) 460 (s[3] == '='))
493 ))) || 461 ))) ||
494 (*s == '\0')) 462 (*s == '\0')) {
495 {
496 i=s-c; 463 i=s-c;
497 if (BIO_write(bp,c,i) != i) goto err; 464 if (BIO_write(bp,c,i) != i) goto err;
498 c=s+1; /* skip following slash */ 465 c=s+1; /* skip following slash */
499 if (*s != '\0') 466 if (*s != '\0') {
500 {
501 if (BIO_write(bp,", ",2) != 2) goto err; 467 if (BIO_write(bp,", ",2) != 2) goto err;
502 } 468 }
503 l--; 469 l--;
@@ -508,8 +474,7 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
508 } 474 }
509 475
510 ret=1; 476 ret=1;
511 if (0) 477 if (0) {
512 {
513err: 478err:
514 X509err(X509_F_X509_NAME_PRINT,ERR_R_BUF_LIB); 479 X509err(X509_F_X509_NAME_PRINT,ERR_R_BUF_LIB);
515 } 480 }
diff --git a/src/lib/libcrypto/asn1/tasn_dec.c b/src/lib/libcrypto/asn1/tasn_dec.c
index 0df42a4a93..1a06ddc185 100644
--- a/src/lib/libcrypto/asn1/tasn_dec.c
+++ b/src/lib/libcrypto/asn1/tasn_dec.c
@@ -175,19 +175,16 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
175 asn1_cb = aux->asn1_cb; 175 asn1_cb = aux->asn1_cb;
176 else asn1_cb = 0; 176 else asn1_cb = 0;
177 177
178 switch(it->itype) 178 switch(it->itype) {
179 { 179 case ASN1_ITYPE_PRIMITIVE:
180 case ASN1_ITYPE_PRIMITIVE: 180 if (it->templates) {
181 if (it->templates)
182 {
183 /* tagging or OPTIONAL is currently illegal on an item 181 /* tagging or OPTIONAL is currently illegal on an item
184 * template because the flags can't get passed down. 182 * template because the flags can't get passed down.
185 * In practice this isn't a problem: we include the 183 * In practice this isn't a problem: we include the
186 * relevant flags from the item template in the 184 * relevant flags from the item template in the
187 * template itself. 185 * template itself.
188 */ 186 */
189 if ((tag != -1) || opt) 187 if ((tag != -1) || opt) {
190 {
191 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 188 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
192 ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE); 189 ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE);
193 goto err; 190 goto err;
@@ -199,21 +196,19 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
199 tag, aclass, opt, ctx); 196 tag, aclass, opt, ctx);
200 break; 197 break;
201 198
202 case ASN1_ITYPE_MSTRING: 199 case ASN1_ITYPE_MSTRING:
203 p = *in; 200 p = *in;
204 /* Just read in tag and class */ 201 /* Just read in tag and class */
205 ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL, 202 ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL,
206 &p, len, -1, 0, 1, ctx); 203 &p, len, -1, 0, 1, ctx);
207 if (!ret) 204 if (!ret) {
208 {
209 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 205 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
210 ERR_R_NESTED_ASN1_ERROR); 206 ERR_R_NESTED_ASN1_ERROR);
211 goto err; 207 goto err;
212 } 208 }
213 209
214 /* Must be UNIVERSAL class */ 210 /* Must be UNIVERSAL class */
215 if (oclass != V_ASN1_UNIVERSAL) 211 if (oclass != V_ASN1_UNIVERSAL) {
216 {
217 /* If OPTIONAL, assume this is OK */ 212 /* If OPTIONAL, assume this is OK */
218 if (opt) return -1; 213 if (opt) return -1;
219 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 214 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
@@ -221,8 +216,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
221 goto err; 216 goto err;
222 } 217 }
223 /* Check tag matches bit map */ 218 /* Check tag matches bit map */
224 if (!(ASN1_tag2bit(otag) & it->utype)) 219 if (!(ASN1_tag2bit(otag) & it->utype)) {
225 {
226 /* If OPTIONAL, assume this is OK */ 220 /* If OPTIONAL, assume this is OK */
227 if (opt) 221 if (opt)
228 return -1; 222 return -1;
@@ -233,19 +227,18 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
233 return asn1_d2i_ex_primitive(pval, in, len, 227 return asn1_d2i_ex_primitive(pval, in, len,
234 it, otag, 0, 0, ctx); 228 it, otag, 0, 0, ctx);
235 229
236 case ASN1_ITYPE_EXTERN: 230 case ASN1_ITYPE_EXTERN:
237 /* Use new style d2i */ 231 /* Use new style d2i */
238 ef = it->funcs; 232 ef = it->funcs;
239 return ef->asn1_ex_d2i(pval, in, len, 233 return ef->asn1_ex_d2i(pval, in, len,
240 it, tag, aclass, opt, ctx); 234 it, tag, aclass, opt, ctx);
241 235
242 case ASN1_ITYPE_COMPAT: 236 case ASN1_ITYPE_COMPAT:
243 /* we must resort to old style evil hackery */ 237 /* we must resort to old style evil hackery */
244 cf = it->funcs; 238 cf = it->funcs;
245 239
246 /* If OPTIONAL see if it is there */ 240 /* If OPTIONAL see if it is there */
247 if (opt) 241 if (opt) {
248 {
249 int exptag; 242 int exptag;
250 p = *in; 243 p = *in;
251 if (tag == -1) 244 if (tag == -1)
@@ -256,8 +249,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
256 249
257 ret = asn1_check_tlen(NULL, NULL, NULL, NULL, NULL, 250 ret = asn1_check_tlen(NULL, NULL, NULL, NULL, NULL,
258 &p, len, exptag, aclass, 1, ctx); 251 &p, len, exptag, aclass, 1, ctx);
259 if (!ret) 252 if (!ret) {
260 {
261 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 253 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
262 ERR_R_NESTED_ASN1_ERROR); 254 ERR_R_NESTED_ASN1_ERROR);
263 goto err; 255 goto err;
@@ -281,12 +273,10 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
281 * buffer. 273 * buffer.
282 */ 274 */
283 275
284 if (tag != -1) 276 if (tag != -1) {
285 {
286 wp = *(unsigned char **)in; 277 wp = *(unsigned char **)in;
287 imphack = *wp; 278 imphack = *wp;
288 if (p == NULL) 279 if (p == NULL) {
289 {
290 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 280 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
291 ERR_R_NESTED_ASN1_ERROR); 281 ERR_R_NESTED_ASN1_ERROR);
292 goto err; 282 goto err;
@@ -307,21 +297,19 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
307 goto err; 297 goto err;
308 298
309 299
310 case ASN1_ITYPE_CHOICE: 300 case ASN1_ITYPE_CHOICE:
311 if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) 301 if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
312 goto auxerr; 302 goto auxerr;
313 303
314 /* Allocate structure */ 304 /* Allocate structure */
315 if (!*pval && !ASN1_item_ex_new(pval, it)) 305 if (!*pval && !ASN1_item_ex_new(pval, it)) {
316 {
317 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 306 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
318 ERR_R_NESTED_ASN1_ERROR); 307 ERR_R_NESTED_ASN1_ERROR);
319 goto err; 308 goto err;
320 } 309 }
321 /* CHOICE type, try each possibility in turn */ 310 /* CHOICE type, try each possibility in turn */
322 p = *in; 311 p = *in;
323 for (i = 0, tt=it->templates; i < it->tcount; i++, tt++) 312 for (i = 0, tt=it->templates; i < it->tcount; i++, tt++) {
324 {
325 pchptr = asn1_get_field_ptr(pval, tt); 313 pchptr = asn1_get_field_ptr(pval, tt);
326 /* We mark field as OPTIONAL so its absence 314 /* We mark field as OPTIONAL so its absence
327 * can be recognised. 315 * can be recognised.
@@ -341,11 +329,9 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
341 } 329 }
342 330
343 /* Did we fall off the end without reading anything? */ 331 /* Did we fall off the end without reading anything? */
344 if (i == it->tcount) 332 if (i == it->tcount) {
345 {
346 /* If OPTIONAL, this is OK */ 333 /* If OPTIONAL, this is OK */
347 if (opt) 334 if (opt) {
348 {
349 /* Free and zero it */ 335 /* Free and zero it */
350 ASN1_item_ex_free(pval, it); 336 ASN1_item_ex_free(pval, it);
351 return -1; 337 return -1;
@@ -361,44 +347,39 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
361 goto auxerr; 347 goto auxerr;
362 return 1; 348 return 1;
363 349
364 case ASN1_ITYPE_NDEF_SEQUENCE: 350 case ASN1_ITYPE_NDEF_SEQUENCE:
365 case ASN1_ITYPE_SEQUENCE: 351 case ASN1_ITYPE_SEQUENCE:
366 p = *in; 352 p = *in;
367 tmplen = len; 353 tmplen = len;
368 354
369 /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */ 355 /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
370 if (tag == -1) 356 if (tag == -1) {
371 {
372 tag = V_ASN1_SEQUENCE; 357 tag = V_ASN1_SEQUENCE;
373 aclass = V_ASN1_UNIVERSAL; 358 aclass = V_ASN1_UNIVERSAL;
374 } 359 }
375 /* Get SEQUENCE length and update len, p */ 360 /* Get SEQUENCE length and update len, p */
376 ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst, 361 ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst,
377 &p, len, tag, aclass, opt, ctx); 362 &p, len, tag, aclass, opt, ctx);
378 if (!ret) 363 if (!ret) {
379 {
380 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 364 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
381 ERR_R_NESTED_ASN1_ERROR); 365 ERR_R_NESTED_ASN1_ERROR);
382 goto err; 366 goto err;
383 } 367 }
384 else if (ret == -1) 368 else if (ret == -1)
385 return -1; 369 return -1;
386 if (aux && (aux->flags & ASN1_AFLG_BROKEN)) 370 if (aux && (aux->flags & ASN1_AFLG_BROKEN)) {
387 {
388 len = tmplen - (p - *in); 371 len = tmplen - (p - *in);
389 seq_nolen = 1; 372 seq_nolen = 1;
390 } 373 }
391 /* If indefinite we don't do a length check */ 374 /* If indefinite we don't do a length check */
392 else seq_nolen = seq_eoc; 375 else seq_nolen = seq_eoc;
393 if (!cst) 376 if (!cst) {
394 {
395 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 377 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
396 ASN1_R_SEQUENCE_NOT_CONSTRUCTED); 378 ASN1_R_SEQUENCE_NOT_CONSTRUCTED);
397 goto err; 379 goto err;
398 } 380 }
399 381
400 if (!*pval && !ASN1_item_ex_new(pval, it)) 382 if (!*pval && !ASN1_item_ex_new(pval, it)) {
401 {
402 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 383 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
403 ERR_R_NESTED_ASN1_ERROR); 384 ERR_R_NESTED_ASN1_ERROR);
404 goto err; 385 goto err;
@@ -408,8 +389,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
408 goto auxerr; 389 goto auxerr;
409 390
410 /* Get each field entry */ 391 /* Get each field entry */
411 for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) 392 for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
412 {
413 const ASN1_TEMPLATE *seqtt; 393 const ASN1_TEMPLATE *seqtt;
414 ASN1_VALUE **pseqval; 394 ASN1_VALUE **pseqval;
415 seqtt = asn1_do_adb(pval, tt, 1); 395 seqtt = asn1_do_adb(pval, tt, 1);
@@ -420,10 +400,8 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
420 if (!len) 400 if (!len)
421 break; 401 break;
422 q = p; 402 q = p;
423 if (asn1_check_eoc(&p, len)) 403 if (asn1_check_eoc(&p, len)) {
424 { 404 if (!seq_eoc) {
425 if (!seq_eoc)
426 {
427 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 405 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
428 ASN1_R_UNEXPECTED_EOC); 406 ASN1_R_UNEXPECTED_EOC);
429 goto err; 407 goto err;
@@ -447,13 +425,10 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
447 425
448 ret = asn1_template_ex_d2i(pseqval, &p, len, 426 ret = asn1_template_ex_d2i(pseqval, &p, len,
449 seqtt, isopt, ctx); 427 seqtt, isopt, ctx);
450 if (!ret) 428 if (!ret) {
451 {
452 errtt = seqtt; 429 errtt = seqtt;
453 goto err; 430 goto err;
454 } 431 } else if (ret == -1) {
455 else if (ret == -1)
456 {
457 /* OPTIONAL component absent. 432 /* OPTIONAL component absent.
458 * Free and zero the field. 433 * Free and zero the field.
459 */ 434 */
@@ -465,14 +440,12 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
465 } 440 }
466 441
467 /* Check for EOC if expecting one */ 442 /* Check for EOC if expecting one */
468 if (seq_eoc && !asn1_check_eoc(&p, len)) 443 if (seq_eoc && !asn1_check_eoc(&p, len)) {
469 {
470 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MISSING_EOC); 444 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MISSING_EOC);
471 goto err; 445 goto err;
472 } 446 }
473 /* Check all data read */ 447 /* Check all data read */
474 if (!seq_nolen && len) 448 if (!seq_nolen && len) {
475 {
476 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 449 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
477 ASN1_R_SEQUENCE_LENGTH_MISMATCH); 450 ASN1_R_SEQUENCE_LENGTH_MISMATCH);
478 goto err; 451 goto err;
@@ -482,20 +455,16 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
482 * however we may not have read all fields so check all 455 * however we may not have read all fields so check all
483 * remaining are OPTIONAL and clear any that are. 456 * remaining are OPTIONAL and clear any that are.
484 */ 457 */
485 for (; i < it->tcount; tt++, i++) 458 for (; i < it->tcount; tt++, i++) {
486 {
487 const ASN1_TEMPLATE *seqtt; 459 const ASN1_TEMPLATE *seqtt;
488 seqtt = asn1_do_adb(pval, tt, 1); 460 seqtt = asn1_do_adb(pval, tt, 1);
489 if (!seqtt) 461 if (!seqtt)
490 goto err; 462 goto err;
491 if (seqtt->flags & ASN1_TFLG_OPTIONAL) 463 if (seqtt->flags & ASN1_TFLG_OPTIONAL) {
492 {
493 ASN1_VALUE **pseqval; 464 ASN1_VALUE **pseqval;
494 pseqval = asn1_get_field_ptr(pval, seqtt); 465 pseqval = asn1_get_field_ptr(pval, seqtt);
495 ASN1_template_free(pseqval, seqtt); 466 ASN1_template_free(pseqval, seqtt);
496 } 467 } else {
497 else
498 {
499 errtt = seqtt; 468 errtt = seqtt;
500 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 469 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
501 ASN1_R_FIELD_MISSING); 470 ASN1_R_FIELD_MISSING);
@@ -547,8 +516,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val,
547 p = *in; 516 p = *in;
548 517
549 /* Check if EXPLICIT tag expected */ 518 /* Check if EXPLICIT tag expected */
550 if (flags & ASN1_TFLG_EXPTAG) 519 if (flags & ASN1_TFLG_EXPTAG) {
551 {
552 char cst; 520 char cst;
553 /* Need to work out amount of data available to the inner 521 /* Need to work out amount of data available to the inner
554 * content and where it starts: so read in EXPLICIT header to 522 * content and where it starts: so read in EXPLICIT header to
@@ -557,46 +525,37 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val,
557 ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst, 525 ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst,
558 &p, inlen, tt->tag, aclass, opt, ctx); 526 &p, inlen, tt->tag, aclass, opt, ctx);
559 q = p; 527 q = p;
560 if (!ret) 528 if (!ret) {
561 {
562 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, 529 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
563 ERR_R_NESTED_ASN1_ERROR); 530 ERR_R_NESTED_ASN1_ERROR);
564 return 0; 531 return 0;
565 } 532 } else if (ret == -1)
566 else if (ret == -1)
567 return -1; 533 return -1;
568 if (!cst) 534 if (!cst) {
569 {
570 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, 535 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
571 ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED); 536 ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED);
572 return 0; 537 return 0;
573 } 538 }
574 /* We've found the field so it can't be OPTIONAL now */ 539 /* We've found the field so it can't be OPTIONAL now */
575 ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx); 540 ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx);
576 if (!ret) 541 if (!ret) {
577 {
578 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, 542 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
579 ERR_R_NESTED_ASN1_ERROR); 543 ERR_R_NESTED_ASN1_ERROR);
580 return 0; 544 return 0;
581 } 545 }
582 /* We read the field in OK so update length */ 546 /* We read the field in OK so update length */
583 len -= p - q; 547 len -= p - q;
584 if (exp_eoc) 548 if (exp_eoc) {
585 {
586 /* If NDEF we must have an EOC here */ 549 /* If NDEF we must have an EOC here */
587 if (!asn1_check_eoc(&p, len)) 550 if (!asn1_check_eoc(&p, len)) {
588 {
589 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, 551 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
590 ASN1_R_MISSING_EOC); 552 ASN1_R_MISSING_EOC);
591 goto err; 553 goto err;
592 } 554 }
593 } 555 } else {
594 else
595 {
596 /* Otherwise we must hit the EXPLICIT tag end or its 556 /* Otherwise we must hit the EXPLICIT tag end or its
597 * an error */ 557 * an error */
598 if (len) 558 if (len) {
599 {
600 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, 559 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
601 ASN1_R_EXPLICIT_LENGTH_MISMATCH); 560 ASN1_R_EXPLICIT_LENGTH_MISMATCH);
602 goto err; 561 goto err;
@@ -631,19 +590,15 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
631 p = *in; 590 p = *in;
632 q = p; 591 q = p;
633 592
634 if (flags & ASN1_TFLG_SK_MASK) 593 if (flags & ASN1_TFLG_SK_MASK) {
635 {
636 /* SET OF, SEQUENCE OF */ 594 /* SET OF, SEQUENCE OF */
637 int sktag, skaclass; 595 int sktag, skaclass;
638 char sk_eoc; 596 char sk_eoc;
639 /* First work out expected inner tag value */ 597 /* First work out expected inner tag value */
640 if (flags & ASN1_TFLG_IMPTAG) 598 if (flags & ASN1_TFLG_IMPTAG) {
641 {
642 sktag = tt->tag; 599 sktag = tt->tag;
643 skaclass = aclass; 600 skaclass = aclass;
644 } 601 } else {
645 else
646 {
647 skaclass = V_ASN1_UNIVERSAL; 602 skaclass = V_ASN1_UNIVERSAL;
648 if (flags & ASN1_TFLG_SET_OF) 603 if (flags & ASN1_TFLG_SET_OF)
649 sktag = V_ASN1_SET; 604 sktag = V_ASN1_SET;
@@ -653,8 +608,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
653 /* Get the tag */ 608 /* Get the tag */
654 ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL, 609 ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL,
655 &p, len, sktag, skaclass, opt, ctx); 610 &p, len, sktag, skaclass, opt, ctx);
656 if (!ret) 611 if (!ret) {
657 {
658 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, 612 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
659 ERR_R_NESTED_ASN1_ERROR); 613 ERR_R_NESTED_ASN1_ERROR);
660 return 0; 614 return 0;
@@ -663,37 +617,31 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
663 return -1; 617 return -1;
664 if (!*val) 618 if (!*val)
665 *val = (ASN1_VALUE *)sk_new_null(); 619 *val = (ASN1_VALUE *)sk_new_null();
666 else 620 else {
667 {
668 /* We've got a valid STACK: free up any items present */ 621 /* We've got a valid STACK: free up any items present */
669 STACK_OF(ASN1_VALUE) *sktmp 622 STACK_OF(ASN1_VALUE) *sktmp
670 = (STACK_OF(ASN1_VALUE) *)*val; 623 = (STACK_OF(ASN1_VALUE) *)*val;
671 ASN1_VALUE *vtmp; 624 ASN1_VALUE *vtmp;
672 while(sk_ASN1_VALUE_num(sktmp) > 0) 625 while(sk_ASN1_VALUE_num(sktmp) > 0) {
673 {
674 vtmp = sk_ASN1_VALUE_pop(sktmp); 626 vtmp = sk_ASN1_VALUE_pop(sktmp);
675 ASN1_item_ex_free(&vtmp, 627 ASN1_item_ex_free(&vtmp,
676 ASN1_ITEM_ptr(tt->item)); 628 ASN1_ITEM_ptr(tt->item));
677 } 629 }
678 } 630 }
679 631
680 if (!*val) 632 if (!*val) {
681 {
682 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, 633 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
683 ERR_R_MALLOC_FAILURE); 634 ERR_R_MALLOC_FAILURE);
684 goto err; 635 goto err;
685 } 636 }
686 637
687 /* Read as many items as we can */ 638 /* Read as many items as we can */
688 while(len > 0) 639 while(len > 0) {
689 {
690 ASN1_VALUE *skfield; 640 ASN1_VALUE *skfield;
691 q = p; 641 q = p;
692 /* See if EOC found */ 642 /* See if EOC found */
693 if (asn1_check_eoc(&p, len)) 643 if (asn1_check_eoc(&p, len)) {
694 { 644 if (!sk_eoc) {
695 if (!sk_eoc)
696 {
697 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, 645 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
698 ASN1_R_UNEXPECTED_EOC); 646 ASN1_R_UNEXPECTED_EOC);
699 goto err; 647 goto err;
@@ -705,48 +653,39 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
705 skfield = NULL; 653 skfield = NULL;
706 if (!ASN1_item_ex_d2i(&skfield, &p, len, 654 if (!ASN1_item_ex_d2i(&skfield, &p, len,
707 ASN1_ITEM_ptr(tt->item), 655 ASN1_ITEM_ptr(tt->item),
708 -1, 0, 0, ctx)) 656 -1, 0, 0, ctx)) {
709 {
710 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, 657 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
711 ERR_R_NESTED_ASN1_ERROR); 658 ERR_R_NESTED_ASN1_ERROR);
712 goto err; 659 goto err;
713 } 660 }
714 len -= p - q; 661 len -= p - q;
715 if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val, 662 if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val,
716 skfield)) 663 skfield)) {
717 {
718 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, 664 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
719 ERR_R_MALLOC_FAILURE); 665 ERR_R_MALLOC_FAILURE);
720 goto err; 666 goto err;
721 } 667 }
722 } 668 }
723 if (sk_eoc) 669 if (sk_eoc) {
724 {
725 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ASN1_R_MISSING_EOC); 670 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ASN1_R_MISSING_EOC);
726 goto err; 671 goto err;
727 } 672 }
728 } 673 } else if (flags & ASN1_TFLG_IMPTAG) {
729 else if (flags & ASN1_TFLG_IMPTAG)
730 {
731 /* IMPLICIT tagging */ 674 /* IMPLICIT tagging */
732 ret = ASN1_item_ex_d2i(val, &p, len, 675 ret = ASN1_item_ex_d2i(val, &p, len,
733 ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, ctx); 676 ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, ctx);
734 if (!ret) 677 if (!ret) {
735 {
736 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, 678 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
737 ERR_R_NESTED_ASN1_ERROR); 679 ERR_R_NESTED_ASN1_ERROR);
738 goto err; 680 goto err;
739 } 681 }
740 else if (ret == -1) 682 else if (ret == -1)
741 return -1; 683 return -1;
742 } 684 } else {
743 else
744 {
745 /* Nothing special */ 685 /* Nothing special */
746 ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), 686 ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
747 -1, 0, opt, ctx); 687 -1, 0, opt, ctx);
748 if (!ret) 688 if (!ret) {
749 {
750 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, 689 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
751 ERR_R_NESTED_ASN1_ERROR); 690 ERR_R_NESTED_ASN1_ERROR);
752 goto err; 691 goto err;
@@ -775,32 +714,27 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
775 BUF_MEM buf; 714 BUF_MEM buf;
776 const unsigned char *cont = NULL; 715 const unsigned char *cont = NULL;
777 long len; 716 long len;
778 if (!pval) 717 if (!pval) {
779 {
780 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_NULL); 718 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_NULL);
781 return 0; /* Should never happen */ 719 return 0; /* Should never happen */
782 } 720 }
783 721
784 if (it->itype == ASN1_ITYPE_MSTRING) 722 if (it->itype == ASN1_ITYPE_MSTRING) {
785 {
786 utype = tag; 723 utype = tag;
787 tag = -1; 724 tag = -1;
788 } 725 }
789 else 726 else
790 utype = it->utype; 727 utype = it->utype;
791 728
792 if (utype == V_ASN1_ANY) 729 if (utype == V_ASN1_ANY) {
793 {
794 /* If type is ANY need to figure out type from tag */ 730 /* If type is ANY need to figure out type from tag */
795 unsigned char oclass; 731 unsigned char oclass;
796 if (tag >= 0) 732 if (tag >= 0) {
797 {
798 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, 733 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
799 ASN1_R_ILLEGAL_TAGGED_ANY); 734 ASN1_R_ILLEGAL_TAGGED_ANY);
800 return 0; 735 return 0;
801 } 736 }
802 if (opt) 737 if (opt) {
803 {
804 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, 738 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
805 ASN1_R_ILLEGAL_OPTIONAL_ANY); 739 ASN1_R_ILLEGAL_OPTIONAL_ANY);
806 return 0; 740 return 0;
@@ -808,8 +742,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
808 p = *in; 742 p = *in;
809 ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL, 743 ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL,
810 &p, inlen, -1, 0, 0, ctx); 744 &p, inlen, -1, 0, 0, ctx);
811 if (!ret) 745 if (!ret) {
812 {
813 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, 746 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
814 ERR_R_NESTED_ASN1_ERROR); 747 ERR_R_NESTED_ASN1_ERROR);
815 return 0; 748 return 0;
@@ -817,8 +750,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
817 if (oclass != V_ASN1_UNIVERSAL) 750 if (oclass != V_ASN1_UNIVERSAL)
818 utype = V_ASN1_OTHER; 751 utype = V_ASN1_OTHER;
819 } 752 }
820 if (tag == -1) 753 if (tag == -1) {
821 {
822 tag = utype; 754 tag = utype;
823 aclass = V_ASN1_UNIVERSAL; 755 aclass = V_ASN1_UNIVERSAL;
824 } 756 }
@@ -826,8 +758,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
826 /* Check header */ 758 /* Check header */
827 ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst, 759 ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst,
828 &p, inlen, tag, aclass, opt, ctx); 760 &p, inlen, tag, aclass, opt, ctx);
829 if (!ret) 761 if (!ret) {
830 {
831 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR); 762 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR);
832 return 0; 763 return 0;
833 } 764 }
@@ -836,18 +767,15 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
836 ret = 0; 767 ret = 0;
837 /* SEQUENCE, SET and "OTHER" are left in encoded form */ 768 /* SEQUENCE, SET and "OTHER" are left in encoded form */
838 if ((utype == V_ASN1_SEQUENCE) 769 if ((utype == V_ASN1_SEQUENCE)
839 || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) 770 || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) {
840 {
841 /* Clear context cache for type OTHER because the auto clear 771 /* Clear context cache for type OTHER because the auto clear
842 * when we have a exact match wont work 772 * when we have a exact match wont work
843 */ 773 */
844 if (utype == V_ASN1_OTHER) 774 if (utype == V_ASN1_OTHER) {
845 {
846 asn1_tlc_clear(ctx); 775 asn1_tlc_clear(ctx);
847 } 776 }
848 /* SEQUENCE and SET must be constructed */ 777 /* SEQUENCE and SET must be constructed */
849 else if (!cst) 778 else if (!cst) {
850 {
851 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, 779 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
852 ASN1_R_TYPE_NOT_CONSTRUCTED); 780 ASN1_R_TYPE_NOT_CONSTRUCTED);
853 return 0; 781 return 0;
@@ -855,21 +783,16 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
855 783
856 cont = *in; 784 cont = *in;
857 /* If indefinite length constructed find the real end */ 785 /* If indefinite length constructed find the real end */
858 if (inf) 786 if (inf) {
859 {
860 if (!asn1_find_end(&p, plen, inf)) 787 if (!asn1_find_end(&p, plen, inf))
861 goto err; 788 goto err;
862 len = p - cont; 789 len = p - cont;
863 } 790 } else {
864 else
865 {
866 len = p - cont + plen; 791 len = p - cont + plen;
867 p += plen; 792 p += plen;
868 buf.data = NULL; 793 buf.data = NULL;
869 } 794 }
870 } 795 } else if (cst) {
871 else if (cst)
872 {
873 buf.length = 0; 796 buf.length = 0;
874 buf.max = 0; 797 buf.max = 0;
875 buf.data = NULL; 798 buf.data = NULL;
@@ -879,15 +802,13 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
879 * internally irrespective of the type. So instead just check 802 * internally irrespective of the type. So instead just check
880 * for UNIVERSAL class and ignore the tag. 803 * for UNIVERSAL class and ignore the tag.
881 */ 804 */
882 if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL, 0)) 805 if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL, 0)) {
883 {
884 free_cont = 1; 806 free_cont = 1;
885 goto err; 807 goto err;
886 } 808 }
887 len = buf.length; 809 len = buf.length;
888 /* Append a final null to string */ 810 /* Append a final null to string */
889 if (!BUF_MEM_grow_clean(&buf, len + 1)) 811 if (!BUF_MEM_grow_clean(&buf, len + 1)) {
890 {
891 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, 812 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
892 ERR_R_MALLOC_FAILURE); 813 ERR_R_MALLOC_FAILURE);
893 return 0; 814 return 0;
@@ -895,9 +816,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
895 buf.data[len] = 0; 816 buf.data[len] = 0;
896 cont = (const unsigned char *)buf.data; 817 cont = (const unsigned char *)buf.data;
897 free_cont = 1; 818 free_cont = 1;
898 } 819 } else {
899 else
900 {
901 cont = p; 820 cont = p;
902 len = plen; 821 len = plen;
903 p += plen; 822 p += plen;
@@ -930,10 +849,8 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
930 if (pf && pf->prim_c2i) 849 if (pf && pf->prim_c2i)
931 return pf->prim_c2i(pval, cont, len, utype, free_cont, it); 850 return pf->prim_c2i(pval, cont, len, utype, free_cont, it);
932 /* If ANY type clear type and set pointer to internal value */ 851 /* If ANY type clear type and set pointer to internal value */
933 if (it->utype == V_ASN1_ANY) 852 if (it->utype == V_ASN1_ANY) {
934 { 853 if (!*pval) {
935 if (!*pval)
936 {
937 typ = ASN1_TYPE_new(); 854 typ = ASN1_TYPE_new();
938 if (typ == NULL) 855 if (typ == NULL)
939 goto err; 856 goto err;
@@ -947,16 +864,14 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
947 opval = pval; 864 opval = pval;
948 pval = &typ->value.asn1_value; 865 pval = &typ->value.asn1_value;
949 } 866 }
950 switch(utype) 867 switch(utype) {
951 { 868 case V_ASN1_OBJECT:
952 case V_ASN1_OBJECT:
953 if (!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len)) 869 if (!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len))
954 goto err; 870 goto err;
955 break; 871 break;
956 872
957 case V_ASN1_NULL: 873 case V_ASN1_NULL:
958 if (len) 874 if (len) {
959 {
960 ASN1err(ASN1_F_ASN1_EX_C2I, 875 ASN1err(ASN1_F_ASN1_EX_C2I,
961 ASN1_R_NULL_IS_WRONG_LENGTH); 876 ASN1_R_NULL_IS_WRONG_LENGTH);
962 goto err; 877 goto err;
@@ -964,30 +879,27 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
964 *pval = (ASN1_VALUE *)1; 879 *pval = (ASN1_VALUE *)1;
965 break; 880 break;
966 881
967 case V_ASN1_BOOLEAN: 882 case V_ASN1_BOOLEAN:
968 if (len != 1) 883 if (len != 1) {
969 {
970 ASN1err(ASN1_F_ASN1_EX_C2I, 884 ASN1err(ASN1_F_ASN1_EX_C2I,
971 ASN1_R_BOOLEAN_IS_WRONG_LENGTH); 885 ASN1_R_BOOLEAN_IS_WRONG_LENGTH);
972 goto err; 886 goto err;
973 } 887 } else {
974 else
975 {
976 ASN1_BOOLEAN *tbool; 888 ASN1_BOOLEAN *tbool;
977 tbool = (ASN1_BOOLEAN *)pval; 889 tbool = (ASN1_BOOLEAN *)pval;
978 *tbool = *cont; 890 *tbool = *cont;
979 } 891 }
980 break; 892 break;
981 893
982 case V_ASN1_BIT_STRING: 894 case V_ASN1_BIT_STRING:
983 if (!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len)) 895 if (!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len))
984 goto err; 896 goto err;
985 break; 897 break;
986 898
987 case V_ASN1_INTEGER: 899 case V_ASN1_INTEGER:
988 case V_ASN1_NEG_INTEGER: 900 case V_ASN1_NEG_INTEGER:
989 case V_ASN1_ENUMERATED: 901 case V_ASN1_ENUMERATED:
990 case V_ASN1_NEG_ENUMERATED: 902 case V_ASN1_NEG_ENUMERATED:
991 tint = (ASN1_INTEGER **)pval; 903 tint = (ASN1_INTEGER **)pval;
992 if (!c2i_ASN1_INTEGER(tint, &cont, len)) 904 if (!c2i_ASN1_INTEGER(tint, &cont, len))
993 goto err; 905 goto err;
@@ -995,66 +907,56 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
995 (*tint)->type = utype | ((*tint)->type & V_ASN1_NEG); 907 (*tint)->type = utype | ((*tint)->type & V_ASN1_NEG);
996 break; 908 break;
997 909
998 case V_ASN1_OCTET_STRING: 910 case V_ASN1_OCTET_STRING:
999 case V_ASN1_NUMERICSTRING: 911 case V_ASN1_NUMERICSTRING:
1000 case V_ASN1_PRINTABLESTRING: 912 case V_ASN1_PRINTABLESTRING:
1001 case V_ASN1_T61STRING: 913 case V_ASN1_T61STRING:
1002 case V_ASN1_VIDEOTEXSTRING: 914 case V_ASN1_VIDEOTEXSTRING:
1003 case V_ASN1_IA5STRING: 915 case V_ASN1_IA5STRING:
1004 case V_ASN1_UTCTIME: 916 case V_ASN1_UTCTIME:
1005 case V_ASN1_GENERALIZEDTIME: 917 case V_ASN1_GENERALIZEDTIME:
1006 case V_ASN1_GRAPHICSTRING: 918 case V_ASN1_GRAPHICSTRING:
1007 case V_ASN1_VISIBLESTRING: 919 case V_ASN1_VISIBLESTRING:
1008 case V_ASN1_GENERALSTRING: 920 case V_ASN1_GENERALSTRING:
1009 case V_ASN1_UNIVERSALSTRING: 921 case V_ASN1_UNIVERSALSTRING:
1010 case V_ASN1_BMPSTRING: 922 case V_ASN1_BMPSTRING:
1011 case V_ASN1_UTF8STRING: 923 case V_ASN1_UTF8STRING:
1012 case V_ASN1_OTHER: 924 case V_ASN1_OTHER:
1013 case V_ASN1_SET: 925 case V_ASN1_SET:
1014 case V_ASN1_SEQUENCE: 926 case V_ASN1_SEQUENCE:
1015 default: 927 default:
1016 if (utype == V_ASN1_BMPSTRING && (len & 1)) 928 if (utype == V_ASN1_BMPSTRING && (len & 1)) {
1017 {
1018 ASN1err(ASN1_F_ASN1_EX_C2I, 929 ASN1err(ASN1_F_ASN1_EX_C2I,
1019 ASN1_R_BMPSTRING_IS_WRONG_LENGTH); 930 ASN1_R_BMPSTRING_IS_WRONG_LENGTH);
1020 goto err; 931 goto err;
1021 } 932 }
1022 if (utype == V_ASN1_UNIVERSALSTRING && (len & 3)) 933 if (utype == V_ASN1_UNIVERSALSTRING && (len & 3)) {
1023 {
1024 ASN1err(ASN1_F_ASN1_EX_C2I, 934 ASN1err(ASN1_F_ASN1_EX_C2I,
1025 ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH); 935 ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH);
1026 goto err; 936 goto err;
1027 } 937 }
1028 /* All based on ASN1_STRING and handled the same */ 938 /* All based on ASN1_STRING and handled the same */
1029 if (!*pval) 939 if (!*pval) {
1030 {
1031 stmp = ASN1_STRING_type_new(utype); 940 stmp = ASN1_STRING_type_new(utype);
1032 if (!stmp) 941 if (!stmp) {
1033 {
1034 ASN1err(ASN1_F_ASN1_EX_C2I, 942 ASN1err(ASN1_F_ASN1_EX_C2I,
1035 ERR_R_MALLOC_FAILURE); 943 ERR_R_MALLOC_FAILURE);
1036 goto err; 944 goto err;
1037 } 945 }
1038 *pval = (ASN1_VALUE *)stmp; 946 *pval = (ASN1_VALUE *)stmp;
1039 } 947 } else {
1040 else
1041 {
1042 stmp = (ASN1_STRING *)*pval; 948 stmp = (ASN1_STRING *)*pval;
1043 stmp->type = utype; 949 stmp->type = utype;
1044 } 950 }
1045 /* If we've already allocated a buffer use it */ 951 /* If we've already allocated a buffer use it */
1046 if (*free_cont) 952 if (*free_cont) {
1047 {
1048 if (stmp->data) 953 if (stmp->data)
1049 free(stmp->data); 954 free(stmp->data);
1050 stmp->data = (unsigned char *)cont; /* UGLY CAST! RL */ 955 stmp->data = (unsigned char *)cont; /* UGLY CAST! RL */
1051 stmp->length = len; 956 stmp->length = len;
1052 *free_cont = 0; 957 *free_cont = 0;
1053 } 958 } else {
1054 else 959 if (!ASN1_STRING_set(stmp, cont, len)) {
1055 {
1056 if (!ASN1_STRING_set(stmp, cont, len))
1057 {
1058 ASN1err(ASN1_F_ASN1_EX_C2I, 960 ASN1err(ASN1_F_ASN1_EX_C2I,
1059 ERR_R_MALLOC_FAILURE); 961 ERR_R_MALLOC_FAILURE);
1060 ASN1_STRING_free(stmp); 962 ASN1_STRING_free(stmp);
@@ -1070,8 +972,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
1070 972
1071 ret = 1; 973 ret = 1;
1072 err: 974 err:
1073 if (!ret) 975 if (!ret) {
1074 {
1075 ASN1_TYPE_free(typ); 976 ASN1_TYPE_free(typ);
1076 if (opval) 977 if (opval)
1077 *opval = NULL; 978 *opval = NULL;
@@ -1092,8 +993,7 @@ static int asn1_find_end(const unsigned char **in, long len, char inf)
1092 long plen; 993 long plen;
1093 const unsigned char *p = *in, *q; 994 const unsigned char *p = *in, *q;
1094 /* If not indefinite length constructed just add length */ 995 /* If not indefinite length constructed just add length */
1095 if (inf == 0) 996 if (inf == 0) {
1096 {
1097 *in += len; 997 *in += len;
1098 return 1; 998 return 1;
1099 } 999 }
@@ -1103,10 +1003,8 @@ static int asn1_find_end(const unsigned char **in, long len, char inf)
1103 * are encountered increment the expected eoc count otherwise just 1003 * are encountered increment the expected eoc count otherwise just
1104 * skip to the end of the data. 1004 * skip to the end of the data.
1105 */ 1005 */
1106 while (len > 0) 1006 while (len > 0) {
1107 { 1007 if(asn1_check_eoc(&p, len)) {
1108 if(asn1_check_eoc(&p, len))
1109 {
1110 expected_eoc--; 1008 expected_eoc--;
1111 if (expected_eoc == 0) 1009 if (expected_eoc == 0)
1112 break; 1010 break;
@@ -1116,8 +1014,7 @@ static int asn1_find_end(const unsigned char **in, long len, char inf)
1116 q = p; 1014 q = p;
1117 /* Just read in a header: only care about the length */ 1015 /* Just read in a header: only care about the length */
1118 if(!asn1_check_tlen(&plen, NULL, NULL, &inf, NULL, &p, len, 1016 if(!asn1_check_tlen(&plen, NULL, NULL, &inf, NULL, &p, len,
1119 -1, 0, 0, NULL)) 1017 -1, 0, 0, NULL)) {
1120 {
1121 ASN1err(ASN1_F_ASN1_FIND_END, ERR_R_NESTED_ASN1_ERROR); 1018 ASN1err(ASN1_F_ASN1_FIND_END, ERR_R_NESTED_ASN1_ERROR);
1122 return 0; 1019 return 0;
1123 } 1020 }
@@ -1127,8 +1024,7 @@ static int asn1_find_end(const unsigned char **in, long len, char inf)
1127 p += plen; 1024 p += plen;
1128 len -= p - q; 1025 len -= p - q;
1129 } 1026 }
1130 if (expected_eoc) 1027 if (expected_eoc) {
1131 {
1132 ASN1err(ASN1_F_ASN1_FIND_END, ASN1_R_MISSING_EOC); 1028 ASN1err(ASN1_F_ASN1_FIND_END, ASN1_R_MISSING_EOC);
1133 return 0; 1029 return 0;
1134 } 1030 }
@@ -1161,21 +1057,17 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
1161 inf &= 1; 1057 inf &= 1;
1162 /* If no buffer and not indefinite length constructed just pass over 1058 /* If no buffer and not indefinite length constructed just pass over
1163 * the encoded data */ 1059 * the encoded data */
1164 if (!buf && !inf) 1060 if (!buf && !inf) {
1165 {
1166 *in += len; 1061 *in += len;
1167 return 1; 1062 return 1;
1168 } 1063 }
1169 while(len > 0) 1064 while(len > 0) {
1170 {
1171 q = p; 1065 q = p;
1172 /* Check for EOC */ 1066 /* Check for EOC */
1173 if (asn1_check_eoc(&p, len)) 1067 if (asn1_check_eoc(&p, len)) {
1174 {
1175 /* EOC is illegal outside indefinite length 1068 /* EOC is illegal outside indefinite length
1176 * constructed form */ 1069 * constructed form */
1177 if (!inf) 1070 if (!inf) {
1178 {
1179 ASN1err(ASN1_F_ASN1_COLLECT, 1071 ASN1err(ASN1_F_ASN1_COLLECT,
1180 ASN1_R_UNEXPECTED_EOC); 1072 ASN1_R_UNEXPECTED_EOC);
1181 return 0; 1073 return 0;
@@ -1185,17 +1077,14 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
1185 } 1077 }
1186 1078
1187 if (!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p, 1079 if (!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p,
1188 len, tag, aclass, 0, NULL)) 1080 len, tag, aclass, 0, NULL)) {
1189 {
1190 ASN1err(ASN1_F_ASN1_COLLECT, ERR_R_NESTED_ASN1_ERROR); 1081 ASN1err(ASN1_F_ASN1_COLLECT, ERR_R_NESTED_ASN1_ERROR);
1191 return 0; 1082 return 0;
1192 } 1083 }
1193 1084
1194 /* If indefinite length constructed update max length */ 1085 /* If indefinite length constructed update max length */
1195 if (cst) 1086 if (cst) {
1196 { 1087 if (depth >= ASN1_MAX_STRING_NEST) {
1197 if (depth >= ASN1_MAX_STRING_NEST)
1198 {
1199 ASN1err(ASN1_F_ASN1_COLLECT, 1088 ASN1err(ASN1_F_ASN1_COLLECT,
1200 ASN1_R_NESTED_ASN1_STRING); 1089 ASN1_R_NESTED_ASN1_STRING);
1201 return 0; 1090 return 0;
@@ -1208,8 +1097,7 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
1208 return 0; 1097 return 0;
1209 len -= p - q; 1098 len -= p - q;
1210 } 1099 }
1211 if (inf) 1100 if (inf) {
1212 {
1213 ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_MISSING_EOC); 1101 ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_MISSING_EOC);
1214 return 0; 1102 return 0;
1215 } 1103 }
@@ -1220,11 +1108,9 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
1220static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen) 1108static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen)
1221{ 1109{
1222 int len; 1110 int len;
1223 if (buf) 1111 if (buf) {
1224 {
1225 len = buf->length; 1112 len = buf->length;
1226 if (!BUF_MEM_grow_clean(buf, len + plen)) 1113 if (!BUF_MEM_grow_clean(buf, len + plen)) {
1227 {
1228 ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE); 1114 ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE);
1229 return 0; 1115 return 0;
1230 } 1116 }
@@ -1241,8 +1127,7 @@ static int asn1_check_eoc(const unsigned char **in, long len)
1241 const unsigned char *p; 1127 const unsigned char *p;
1242 if (len < 2) return 0; 1128 if (len < 2) return 0;
1243 p = *in; 1129 p = *in;
1244 if (!p[0] && !p[1]) 1130 if (!p[0] && !p[1]) {
1245 {
1246 *in += 2; 1131 *in += 2;
1247 return 1; 1132 return 1;
1248 } 1133 }
@@ -1269,19 +1154,15 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
1269 p = *in; 1154 p = *in;
1270 q = p; 1155 q = p;
1271 1156
1272 if (ctx && ctx->valid) 1157 if (ctx && ctx->valid) {
1273 {
1274 i = ctx->ret; 1158 i = ctx->ret;
1275 plen = ctx->plen; 1159 plen = ctx->plen;
1276 pclass = ctx->pclass; 1160 pclass = ctx->pclass;
1277 ptag = ctx->ptag; 1161 ptag = ctx->ptag;
1278 p += ctx->hdrlen; 1162 p += ctx->hdrlen;
1279 } 1163 } else {
1280 else
1281 {
1282 i = ASN1_get_object(&p, &plen, &ptag, &pclass, len); 1164 i = ASN1_get_object(&p, &plen, &ptag, &pclass, len);
1283 if (ctx) 1165 if (ctx) {
1284 {
1285 ctx->ret = i; 1166 ctx->ret = i;
1286 ctx->plen = plen; 1167 ctx->plen = plen;
1287 ctx->pclass = pclass; 1168 ctx->pclass = pclass;
@@ -1291,8 +1172,7 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
1291 /* If definite length, and no error, length + 1172 /* If definite length, and no error, length +
1292 * header can't exceed total amount of data available. 1173 * header can't exceed total amount of data available.
1293 */ 1174 */
1294 if (!(i & 0x81) && ((plen + ctx->hdrlen) > len)) 1175 if (!(i & 0x81) && ((plen + ctx->hdrlen) > len)) {
1295 {
1296 ASN1err(ASN1_F_ASN1_CHECK_TLEN, 1176 ASN1err(ASN1_F_ASN1_CHECK_TLEN,
1297 ASN1_R_TOO_LONG); 1177 ASN1_R_TOO_LONG);
1298 asn1_tlc_clear(ctx); 1178 asn1_tlc_clear(ctx);
@@ -1301,16 +1181,13 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
1301 } 1181 }
1302 } 1182 }
1303 1183
1304 if (i & 0x80) 1184 if (i & 0x80) {
1305 {
1306 ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_BAD_OBJECT_HEADER); 1185 ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_BAD_OBJECT_HEADER);
1307 asn1_tlc_clear(ctx); 1186 asn1_tlc_clear(ctx);
1308 return 0; 1187 return 0;
1309 } 1188 }
1310 if (exptag >= 0) 1189 if (exptag >= 0) {
1311 { 1190 if ((exptag != ptag) || (expclass != pclass)) {
1312 if ((exptag != ptag) || (expclass != pclass))
1313 {
1314 /* If type is OPTIONAL, not an error: 1191 /* If type is OPTIONAL, not an error:
1315 * indicate missing type. 1192 * indicate missing type.
1316 */ 1193 */
diff --git a/src/lib/libcrypto/asn1/tasn_enc.c b/src/lib/libcrypto/asn1/tasn_enc.c
index 230164107d..f7bdd11edf 100644
--- a/src/lib/libcrypto/asn1/tasn_enc.c
+++ b/src/lib/libcrypto/asn1/tasn_enc.c
@@ -103,8 +103,7 @@ int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it)
103static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out, 103static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out,
104 const ASN1_ITEM *it, int flags) 104 const ASN1_ITEM *it, int flags)
105{ 105{
106 if (out && !*out) 106 if (out && !*out) {
107 {
108 unsigned char *p, *buf; 107 unsigned char *p, *buf;
109 int len; 108 int len;
110 len = ASN1_item_ex_i2d(&val, NULL, it, -1, flags); 109 len = ASN1_item_ex_i2d(&val, NULL, it, -1, flags);
@@ -144,25 +143,23 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
144 if (aux && aux->asn1_cb) 143 if (aux && aux->asn1_cb)
145 asn1_cb = aux->asn1_cb; 144 asn1_cb = aux->asn1_cb;
146 145
147 switch(it->itype) 146 switch(it->itype) {
148 {
149 147
150 case ASN1_ITYPE_PRIMITIVE: 148 case ASN1_ITYPE_PRIMITIVE:
151 if (it->templates) 149 if (it->templates)
152 return asn1_template_ex_i2d(pval, out, it->templates, 150 return asn1_template_ex_i2d(pval, out, it->templates,
153 tag, aclass); 151 tag, aclass);
154 return asn1_i2d_ex_primitive(pval, out, it, tag, aclass); 152 return asn1_i2d_ex_primitive(pval, out, it, tag, aclass);
155 break; 153 break;
156 154
157 case ASN1_ITYPE_MSTRING: 155 case ASN1_ITYPE_MSTRING:
158 return asn1_i2d_ex_primitive(pval, out, it, -1, aclass); 156 return asn1_i2d_ex_primitive(pval, out, it, -1, aclass);
159 157
160 case ASN1_ITYPE_CHOICE: 158 case ASN1_ITYPE_CHOICE:
161 if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL)) 159 if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
162 return 0; 160 return 0;
163 i = asn1_get_choice_selector(pval, it); 161 i = asn1_get_choice_selector(pval, it);
164 if ((i >= 0) && (i < it->tcount)) 162 if ((i >= 0) && (i < it->tcount)) {
165 {
166 ASN1_VALUE **pchval; 163 ASN1_VALUE **pchval;
167 const ASN1_TEMPLATE *chtt; 164 const ASN1_TEMPLATE *chtt;
168 chtt = it->templates + i; 165 chtt = it->templates + i;
@@ -175,12 +172,12 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
175 return 0; 172 return 0;
176 break; 173 break;
177 174
178 case ASN1_ITYPE_EXTERN: 175 case ASN1_ITYPE_EXTERN:
179 /* If new style i2d it does all the work */ 176 /* If new style i2d it does all the work */
180 ef = it->funcs; 177 ef = it->funcs;
181 return ef->asn1_ex_i2d(pval, out, it, tag, aclass); 178 return ef->asn1_ex_i2d(pval, out, it, tag, aclass);
182 179
183 case ASN1_ITYPE_COMPAT: 180 case ASN1_ITYPE_COMPAT:
184 /* old style hackery... */ 181 /* old style hackery... */
185 cf = it->funcs; 182 cf = it->funcs;
186 if (out) 183 if (out)
@@ -193,12 +190,12 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
193 *p = aclass | tag | (*p & V_ASN1_CONSTRUCTED); 190 *p = aclass | tag | (*p & V_ASN1_CONSTRUCTED);
194 return i; 191 return i;
195 192
196 case ASN1_ITYPE_NDEF_SEQUENCE: 193 case ASN1_ITYPE_NDEF_SEQUENCE:
197 /* Use indefinite length constructed if requested */ 194 /* Use indefinite length constructed if requested */
198 if (aclass & ASN1_TFLG_NDEF) ndef = 2; 195 if (aclass & ASN1_TFLG_NDEF) ndef = 2;
199 /* fall through */ 196 /* fall through */
200 197
201 case ASN1_ITYPE_SEQUENCE: 198 case ASN1_ITYPE_SEQUENCE:
202 i = asn1_enc_restore(&seqcontlen, out, pval, it); 199 i = asn1_enc_restore(&seqcontlen, out, pval, it);
203 /* An error occurred */ 200 /* An error occurred */
204 if (i < 0) 201 if (i < 0)
@@ -209,8 +206,7 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
209 /* Otherwise carry on */ 206 /* Otherwise carry on */
210 seqcontlen = 0; 207 seqcontlen = 0;
211 /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */ 208 /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
212 if (tag == -1) 209 if (tag == -1) {
213 {
214 tag = V_ASN1_SEQUENCE; 210 tag = V_ASN1_SEQUENCE;
215 /* Retain any other flags in aclass */ 211 /* Retain any other flags in aclass */
216 aclass = (aclass & ~ASN1_TFLG_TAG_CLASS) 212 aclass = (aclass & ~ASN1_TFLG_TAG_CLASS)
@@ -219,8 +215,7 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
219 if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL)) 215 if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
220 return 0; 216 return 0;
221 /* First work out sequence content length */ 217 /* First work out sequence content length */
222 for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) 218 for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
223 {
224 const ASN1_TEMPLATE *seqtt; 219 const ASN1_TEMPLATE *seqtt;
225 ASN1_VALUE **pseqval; 220 ASN1_VALUE **pseqval;
226 seqtt = asn1_do_adb(pval, tt, 1); 221 seqtt = asn1_do_adb(pval, tt, 1);
@@ -237,8 +232,7 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
237 return seqlen; 232 return seqlen;
238 /* Output SEQUENCE header */ 233 /* Output SEQUENCE header */
239 ASN1_put_object(out, ndef, seqcontlen, tag, aclass); 234 ASN1_put_object(out, ndef, seqcontlen, tag, aclass);
240 for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) 235 for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
241 {
242 const ASN1_TEMPLATE *seqtt; 236 const ASN1_TEMPLATE *seqtt;
243 ASN1_VALUE **pseqval; 237 ASN1_VALUE **pseqval;
244 seqtt = asn1_do_adb(pval, tt, 1); 238 seqtt = asn1_do_adb(pval, tt, 1);
@@ -278,8 +272,7 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
278 * the iclass argument may contain some additional flags 272 * the iclass argument may contain some additional flags
279 * which should be noted and passed down to other levels. 273 * which should be noted and passed down to other levels.
280 */ 274 */
281 if (flags & ASN1_TFLG_TAG_MASK) 275 if (flags & ASN1_TFLG_TAG_MASK) {
282 {
283 /* Error if argument and template tagging */ 276 /* Error if argument and template tagging */
284 if (tag != -1) 277 if (tag != -1)
285 /* FIXME: error code here */ 278 /* FIXME: error code here */
@@ -287,15 +280,11 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
287 /* Get tagging from template */ 280 /* Get tagging from template */
288 ttag = tt->tag; 281 ttag = tt->tag;
289 tclass = flags & ASN1_TFLG_TAG_CLASS; 282 tclass = flags & ASN1_TFLG_TAG_CLASS;
290 } 283 } else if (tag != -1) {
291 else if (tag != -1)
292 {
293 /* No template tagging, get from arguments */ 284 /* No template tagging, get from arguments */
294 ttag = tag; 285 ttag = tag;
295 tclass = iclass & ASN1_TFLG_TAG_CLASS; 286 tclass = iclass & ASN1_TFLG_TAG_CLASS;
296 } 287 } else {
297 else
298 {
299 ttag = -1; 288 ttag = -1;
300 tclass = 0; 289 tclass = 0;
301 } 290 }
@@ -314,8 +303,7 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
314 ndef = 2; 303 ndef = 2;
315 else ndef = 1; 304 else ndef = 1;
316 305
317 if (flags & ASN1_TFLG_SK_MASK) 306 if (flags & ASN1_TFLG_SK_MASK) {
318 {
319 /* SET OF, SEQUENCE OF */ 307 /* SET OF, SEQUENCE OF */
320 STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval; 308 STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
321 int isset, sktag, skaclass; 309 int isset, sktag, skaclass;
@@ -325,8 +313,7 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
325 if (!*pval) 313 if (!*pval)
326 return 0; 314 return 0;
327 315
328 if (flags & ASN1_TFLG_SET_OF) 316 if (flags & ASN1_TFLG_SET_OF) {
329 {
330 isset = 1; 317 isset = 1;
331 /* 2 means we reorder */ 318 /* 2 means we reorder */
332 if (flags & ASN1_TFLG_SEQUENCE_OF) 319 if (flags & ASN1_TFLG_SEQUENCE_OF)
@@ -337,13 +324,10 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
337 /* Work out inner tag value: if EXPLICIT 324 /* Work out inner tag value: if EXPLICIT
338 * or no tagging use underlying type. 325 * or no tagging use underlying type.
339 */ 326 */
340 if ((ttag != -1) && !(flags & ASN1_TFLG_EXPTAG)) 327 if ((ttag != -1) && !(flags & ASN1_TFLG_EXPTAG)) {
341 {
342 sktag = ttag; 328 sktag = ttag;
343 skaclass = tclass; 329 skaclass = tclass;
344 } 330 } else {
345 else
346 {
347 skaclass = V_ASN1_UNIVERSAL; 331 skaclass = V_ASN1_UNIVERSAL;
348 if (isset) 332 if (isset)
349 sktag = V_ASN1_SET; 333 sktag = V_ASN1_SET;
@@ -352,8 +336,7 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
352 336
353 /* Determine total length of items */ 337 /* Determine total length of items */
354 skcontlen = 0; 338 skcontlen = 0;
355 for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) 339 for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
356 {
357 skitem = sk_ASN1_VALUE_value(sk, i); 340 skitem = sk_ASN1_VALUE_value(sk, i);
358 skcontlen += ASN1_item_ex_i2d(&skitem, NULL, 341 skcontlen += ASN1_item_ex_i2d(&skitem, NULL,
359 ASN1_ITEM_ptr(tt->item), 342 ASN1_ITEM_ptr(tt->item),
@@ -377,8 +360,7 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
377 /* And the stuff itself */ 360 /* And the stuff itself */
378 asn1_set_seq_out(sk, out, skcontlen, ASN1_ITEM_ptr(tt->item), 361 asn1_set_seq_out(sk, out, skcontlen, ASN1_ITEM_ptr(tt->item),
379 isset, iclass); 362 isset, iclass);
380 if (ndef == 2) 363 if (ndef == 2) {
381 {
382 ASN1_put_eoc(out); 364 ASN1_put_eoc(out);
383 if (flags & ASN1_TFLG_EXPTAG) 365 if (flags & ASN1_TFLG_EXPTAG)
384 ASN1_put_eoc(out); 366 ASN1_put_eoc(out);
@@ -387,8 +369,7 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
387 return ret; 369 return ret;
388 } 370 }
389 371
390 if (flags & ASN1_TFLG_EXPTAG) 372 if (flags & ASN1_TFLG_EXPTAG) {
391 {
392 /* EXPLICIT tagging */ 373 /* EXPLICIT tagging */
393 /* Find length of tagged item */ 374 /* Find length of tagged item */
394 i = ASN1_item_ex_i2d(pval, NULL, ASN1_ITEM_ptr(tt->item), 375 i = ASN1_item_ex_i2d(pval, NULL, ASN1_ITEM_ptr(tt->item),
@@ -397,8 +378,7 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
397 return 0; 378 return 0;
398 /* Find length of EXPLICIT tag */ 379 /* Find length of EXPLICIT tag */
399 ret = ASN1_object_size(ndef, i, ttag); 380 ret = ASN1_object_size(ndef, i, ttag);
400 if (out) 381 if (out) {
401 {
402 /* Output tag and item */ 382 /* Output tag and item */
403 ASN1_put_object(out, ndef, i, ttag, tclass); 383 ASN1_put_object(out, ndef, i, ttag, tclass);
404 ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), 384 ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item),
@@ -449,8 +429,7 @@ static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
449 /* Don't need to sort less than 2 items */ 429 /* Don't need to sort less than 2 items */
450 if (sk_ASN1_VALUE_num(sk) < 2) 430 if (sk_ASN1_VALUE_num(sk) < 2)
451 do_sort = 0; 431 do_sort = 0;
452 else 432 else {
453 {
454 derlst = malloc(sk_ASN1_VALUE_num(sk) 433 derlst = malloc(sk_ASN1_VALUE_num(sk)
455 * sizeof(*derlst)); 434 * sizeof(*derlst));
456 tmpdat = malloc(skcontlen); 435 tmpdat = malloc(skcontlen);
@@ -461,10 +440,8 @@ static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
461 } 440 }
462 } 441 }
463 /* If not sorting just output each item */ 442 /* If not sorting just output each item */
464 if (!do_sort) 443 if (!do_sort) {
465 { 444 for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
466 for (i = 0; i < sk_ASN1_VALUE_num(sk); i++)
467 {
468 skitem = sk_ASN1_VALUE_value(sk, i); 445 skitem = sk_ASN1_VALUE_value(sk, i);
469 ASN1_item_ex_i2d(&skitem, out, item, -1, iclass); 446 ASN1_item_ex_i2d(&skitem, out, item, -1, iclass);
470 } 447 }
@@ -473,8 +450,7 @@ static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
473 p = tmpdat; 450 p = tmpdat;
474 451
475 /* Doing sort: build up a list of each member's DER encoding */ 452 /* Doing sort: build up a list of each member's DER encoding */
476 for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) 453 for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
477 {
478 skitem = sk_ASN1_VALUE_value(sk, i); 454 skitem = sk_ASN1_VALUE_value(sk, i);
479 tder->data = p; 455 tder->data = p;
480 tder->length = ASN1_item_ex_i2d(&skitem, &p, item, -1, iclass); 456 tder->length = ASN1_item_ex_i2d(&skitem, &p, item, -1, iclass);
@@ -485,17 +461,14 @@ static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
485 qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp); 461 qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp);
486 /* Output sorted DER encoding */ 462 /* Output sorted DER encoding */
487 p = *out; 463 p = *out;
488 for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) 464 for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
489 {
490 memcpy(p, tder->data, tder->length); 465 memcpy(p, tder->data, tder->length);
491 p += tder->length; 466 p += tder->length;
492 } 467 }
493 *out = p; 468 *out = p;
494 /* If do_sort is 2 then reorder the STACK */ 469 /* If do_sort is 2 then reorder the STACK */
495 if (do_sort == 2) 470 if (do_sort == 2) {
496 { 471 for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++)
497 for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk);
498 i++, tder++)
499 (void)sk_ASN1_VALUE_set(sk, i, tder->field); 472 (void)sk_ASN1_VALUE_set(sk, i, tder->field);
500 } 473 }
501 free(derlst); 474 free(derlst);
@@ -536,8 +509,7 @@ static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
536 return 0; 509 return 0;
537 510
538 /* -2 return is special meaning use ndef */ 511 /* -2 return is special meaning use ndef */
539 if (len == -2) 512 if (len == -2) {
540 {
541 ndef = 2; 513 ndef = 2;
542 len = 0; 514 len = 0;
543 } 515 }
@@ -546,8 +518,7 @@ static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
546 if (tag == -1) tag = utype; 518 if (tag == -1) tag = utype;
547 519
548 /* Output tag+length followed by content octets */ 520 /* Output tag+length followed by content octets */
549 if (out) 521 if (out) {
550 {
551 if (usetag) 522 if (usetag)
552 ASN1_put_object(out, ndef, len, tag, aclass); 523 ASN1_put_object(out, ndef, len, tag, aclass);
553 asn1_ex_i2c(pval, *out, &utype, it); 524 asn1_ex_i2c(pval, *out, &utype, it);
@@ -580,21 +551,16 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
580 return pf->prim_i2c(pval, cout, putype, it); 551 return pf->prim_i2c(pval, cout, putype, it);
581 552
582 /* Should type be omitted? */ 553 /* Should type be omitted? */
583 if ((it->itype != ASN1_ITYPE_PRIMITIVE) 554 if ((it->itype != ASN1_ITYPE_PRIMITIVE) || (it->utype != V_ASN1_BOOLEAN)) {
584 || (it->utype != V_ASN1_BOOLEAN))
585 {
586 if (!*pval) return -1; 555 if (!*pval) return -1;
587 } 556 }
588 557
589 if (it->itype == ASN1_ITYPE_MSTRING) 558 if (it->itype == ASN1_ITYPE_MSTRING) {
590 {
591 /* If MSTRING type set the underlying type */ 559 /* If MSTRING type set the underlying type */
592 strtmp = (ASN1_STRING *)*pval; 560 strtmp = (ASN1_STRING *)*pval;
593 utype = strtmp->type; 561 utype = strtmp->type;
594 *putype = utype; 562 *putype = utype;
595 } 563 } else if (it->utype == V_ASN1_ANY) {
596 else if (it->utype == V_ASN1_ANY)
597 {
598 /* If ANY set type and pointer to value */ 564 /* If ANY set type and pointer to value */
599 ASN1_TYPE *typ; 565 ASN1_TYPE *typ;
600 typ = (ASN1_TYPE *)*pval; 566 typ = (ASN1_TYPE *)*pval;
@@ -604,25 +570,23 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
604 } 570 }
605 else utype = *putype; 571 else utype = *putype;
606 572
607 switch(utype) 573 switch(utype) {
608 { 574 case V_ASN1_OBJECT:
609 case V_ASN1_OBJECT:
610 otmp = (ASN1_OBJECT *)*pval; 575 otmp = (ASN1_OBJECT *)*pval;
611 cont = otmp->data; 576 cont = otmp->data;
612 len = otmp->length; 577 len = otmp->length;
613 break; 578 break;
614 579
615 case V_ASN1_NULL: 580 case V_ASN1_NULL:
616 cont = NULL; 581 cont = NULL;
617 len = 0; 582 len = 0;
618 break; 583 break;
619 584
620 case V_ASN1_BOOLEAN: 585 case V_ASN1_BOOLEAN:
621 tbool = (ASN1_BOOLEAN *)pval; 586 tbool = (ASN1_BOOLEAN *)pval;
622 if (*tbool == -1) 587 if (*tbool == -1)
623 return -1; 588 return -1;
624 if (it->utype != V_ASN1_ANY) 589 if (it->utype != V_ASN1_ANY) {
625 {
626 /* Default handling if value == size field then omit */ 590 /* Default handling if value == size field then omit */
627 if (*tbool && (it->size > 0)) 591 if (*tbool && (it->size > 0))
628 return -1; 592 return -1;
@@ -634,15 +598,15 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
634 len = 1; 598 len = 1;
635 break; 599 break;
636 600
637 case V_ASN1_BIT_STRING: 601 case V_ASN1_BIT_STRING:
638 return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval, 602 return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval,
639 cout ? &cout : NULL); 603 cout ? &cout : NULL);
640 break; 604 break;
641 605
642 case V_ASN1_INTEGER: 606 case V_ASN1_INTEGER:
643 case V_ASN1_NEG_INTEGER: 607 case V_ASN1_NEG_INTEGER:
644 case V_ASN1_ENUMERATED: 608 case V_ASN1_ENUMERATED:
645 case V_ASN1_NEG_ENUMERATED: 609 case V_ASN1_NEG_ENUMERATED:
646 /* These are all have the same content format 610 /* These are all have the same content format
647 * as ASN1_INTEGER 611 * as ASN1_INTEGER
648 */ 612 */
@@ -650,31 +614,29 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
650 cout ? &cout : NULL); 614 cout ? &cout : NULL);
651 break; 615 break;
652 616
653 case V_ASN1_OCTET_STRING: 617 case V_ASN1_OCTET_STRING:
654 case V_ASN1_NUMERICSTRING: 618 case V_ASN1_NUMERICSTRING:
655 case V_ASN1_PRINTABLESTRING: 619 case V_ASN1_PRINTABLESTRING:
656 case V_ASN1_T61STRING: 620 case V_ASN1_T61STRING:
657 case V_ASN1_VIDEOTEXSTRING: 621 case V_ASN1_VIDEOTEXSTRING:
658 case V_ASN1_IA5STRING: 622 case V_ASN1_IA5STRING:
659 case V_ASN1_UTCTIME: 623 case V_ASN1_UTCTIME:
660 case V_ASN1_GENERALIZEDTIME: 624 case V_ASN1_GENERALIZEDTIME:
661 case V_ASN1_GRAPHICSTRING: 625 case V_ASN1_GRAPHICSTRING:
662 case V_ASN1_VISIBLESTRING: 626 case V_ASN1_VISIBLESTRING:
663 case V_ASN1_GENERALSTRING: 627 case V_ASN1_GENERALSTRING:
664 case V_ASN1_UNIVERSALSTRING: 628 case V_ASN1_UNIVERSALSTRING:
665 case V_ASN1_BMPSTRING: 629 case V_ASN1_BMPSTRING:
666 case V_ASN1_UTF8STRING: 630 case V_ASN1_UTF8STRING:
667 case V_ASN1_SEQUENCE: 631 case V_ASN1_SEQUENCE:
668 case V_ASN1_SET: 632 case V_ASN1_SET:
669 default: 633 default:
670 /* All based on ASN1_STRING and handled the same */ 634 /* All based on ASN1_STRING and handled the same */
671 strtmp = (ASN1_STRING *)*pval; 635 strtmp = (ASN1_STRING *)*pval;
672 /* Special handling for NDEF */ 636 /* Special handling for NDEF */
673 if ((it->size == ASN1_TFLG_NDEF) 637 if ((it->size == ASN1_TFLG_NDEF)
674 && (strtmp->flags & ASN1_STRING_FLAG_NDEF)) 638 && (strtmp->flags & ASN1_STRING_FLAG_NDEF)) {
675 { 639 if (cout) {
676 if (cout)
677 {
678 strtmp->data = cout; 640 strtmp->data = cout;
679 strtmp->length = 0; 641 strtmp->length = 0;
680 } 642 }
diff --git a/src/lib/libcrypto/asn1/tasn_fre.c b/src/lib/libcrypto/asn1/tasn_fre.c
index b321de6615..5211276efe 100644
--- a/src/lib/libcrypto/asn1/tasn_fre.c
+++ b/src/lib/libcrypto/asn1/tasn_fre.c
@@ -93,30 +93,27 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c
93 else 93 else
94 asn1_cb = 0; 94 asn1_cb = 0;
95 95
96 switch(it->itype) 96 switch(it->itype) {
97 {
98 97
99 case ASN1_ITYPE_PRIMITIVE: 98 case ASN1_ITYPE_PRIMITIVE:
100 if (it->templates) 99 if (it->templates)
101 ASN1_template_free(pval, it->templates); 100 ASN1_template_free(pval, it->templates);
102 else 101 else
103 ASN1_primitive_free(pval, it); 102 ASN1_primitive_free(pval, it);
104 break; 103 break;
105 104
106 case ASN1_ITYPE_MSTRING: 105 case ASN1_ITYPE_MSTRING:
107 ASN1_primitive_free(pval, it); 106 ASN1_primitive_free(pval, it);
108 break; 107 break;
109 108
110 case ASN1_ITYPE_CHOICE: 109 case ASN1_ITYPE_CHOICE:
111 if (asn1_cb) 110 if (asn1_cb) {
112 {
113 i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL); 111 i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL);
114 if (i == 2) 112 if (i == 2)
115 return; 113 return;
116 } 114 }
117 i = asn1_get_choice_selector(pval, it); 115 i = asn1_get_choice_selector(pval, it);
118 if ((i >= 0) && (i < it->tcount)) 116 if ((i >= 0) && (i < it->tcount)) {
119 {
120 ASN1_VALUE **pchval; 117 ASN1_VALUE **pchval;
121 tt = it->templates + i; 118 tt = it->templates + i;
122 pchval = asn1_get_field_ptr(pval, tt); 119 pchval = asn1_get_field_ptr(pval, tt);
@@ -124,31 +121,29 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c
124 } 121 }
125 if (asn1_cb) 122 if (asn1_cb)
126 asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL); 123 asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL);
127 if (!combine) 124 if (!combine) {
128 {
129 free(*pval); 125 free(*pval);
130 *pval = NULL; 126 *pval = NULL;
131 } 127 }
132 break; 128 break;
133 129
134 case ASN1_ITYPE_COMPAT: 130 case ASN1_ITYPE_COMPAT:
135 cf = it->funcs; 131 cf = it->funcs;
136 if (cf && cf->asn1_free) 132 if (cf && cf->asn1_free)
137 cf->asn1_free(*pval); 133 cf->asn1_free(*pval);
138 break; 134 break;
139 135
140 case ASN1_ITYPE_EXTERN: 136 case ASN1_ITYPE_EXTERN:
141 ef = it->funcs; 137 ef = it->funcs;
142 if (ef && ef->asn1_ex_free) 138 if (ef && ef->asn1_ex_free)
143 ef->asn1_ex_free(pval, it); 139 ef->asn1_ex_free(pval, it);
144 break; 140 break;
145 141
146 case ASN1_ITYPE_NDEF_SEQUENCE: 142 case ASN1_ITYPE_NDEF_SEQUENCE:
147 case ASN1_ITYPE_SEQUENCE: 143 case ASN1_ITYPE_SEQUENCE:
148 if (asn1_do_lock(pval, -1, it) > 0) 144 if (asn1_do_lock(pval, -1, it) > 0)
149 return; 145 return;
150 if (asn1_cb) 146 if (asn1_cb) {
151 {
152 i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL); 147 i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL);
153 if (i == 2) 148 if (i == 2)
154 return; 149 return;
@@ -160,8 +155,7 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c
160 * free up in reverse order. 155 * free up in reverse order.
161 */ 156 */
162 tt = it->templates + it->tcount - 1; 157 tt = it->templates + it->tcount - 1;
163 for (i = 0; i < it->tcount; tt--, i++) 158 for (i = 0; i < it->tcount; tt--, i++) {
164 {
165 ASN1_VALUE **pseqval; 159 ASN1_VALUE **pseqval;
166 seqtt = asn1_do_adb(pval, tt, 0); 160 seqtt = asn1_do_adb(pval, tt, 0);
167 if (!seqtt) 161 if (!seqtt)
@@ -171,8 +165,7 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c
171 } 165 }
172 if (asn1_cb) 166 if (asn1_cb)
173 asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL); 167 asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL);
174 if (!combine) 168 if (!combine) {
175 {
176 free(*pval); 169 free(*pval);
177 *pval = NULL; 170 *pval = NULL;
178 } 171 }
@@ -183,11 +176,9 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c
183void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) 176void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
184{ 177{
185 int i; 178 int i;
186 if (tt->flags & ASN1_TFLG_SK_MASK) 179 if (tt->flags & ASN1_TFLG_SK_MASK) {
187 {
188 STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval; 180 STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
189 for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) 181 for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
190 {
191 ASN1_VALUE *vtmp; 182 ASN1_VALUE *vtmp;
192 vtmp = sk_ASN1_VALUE_value(sk, i); 183 vtmp = sk_ASN1_VALUE_value(sk, i);
193 asn1_item_combine_free(&vtmp, ASN1_ITEM_ptr(tt->item), 184 asn1_item_combine_free(&vtmp, ASN1_ITEM_ptr(tt->item),
@@ -204,60 +195,52 @@ void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
204void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it) 195void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
205{ 196{
206 int utype; 197 int utype;
207 if (it) 198 if (it) {
208 {
209 const ASN1_PRIMITIVE_FUNCS *pf; 199 const ASN1_PRIMITIVE_FUNCS *pf;
210 pf = it->funcs; 200 pf = it->funcs;
211 if (pf && pf->prim_free) 201 if (pf && pf->prim_free) {
212 {
213 pf->prim_free(pval, it); 202 pf->prim_free(pval, it);
214 return; 203 return;
215 } 204 }
216 } 205 }
217 /* Special case: if 'it' is NULL free contents of ASN1_TYPE */ 206 /* Special case: if 'it' is NULL free contents of ASN1_TYPE */
218 if (!it) 207 if (!it) {
219 {
220 ASN1_TYPE *typ = (ASN1_TYPE *)*pval; 208 ASN1_TYPE *typ = (ASN1_TYPE *)*pval;
221 utype = typ->type; 209 utype = typ->type;
222 pval = &typ->value.asn1_value; 210 pval = &typ->value.asn1_value;
223 if (!*pval) 211 if (!*pval)
224 return; 212 return;
225 } 213 } else if (it->itype == ASN1_ITYPE_MSTRING) {
226 else if (it->itype == ASN1_ITYPE_MSTRING)
227 {
228 utype = -1; 214 utype = -1;
229 if (!*pval) 215 if (!*pval)
230 return; 216 return;
231 } 217 } else {
232 else
233 {
234 utype = it->utype; 218 utype = it->utype;
235 if ((utype != V_ASN1_BOOLEAN) && !*pval) 219 if ((utype != V_ASN1_BOOLEAN) && !*pval)
236 return; 220 return;
237 } 221 }
238 222
239 switch(utype) 223 switch(utype) {
240 { 224 case V_ASN1_OBJECT:
241 case V_ASN1_OBJECT:
242 ASN1_OBJECT_free((ASN1_OBJECT *)*pval); 225 ASN1_OBJECT_free((ASN1_OBJECT *)*pval);
243 break; 226 break;
244 227
245 case V_ASN1_BOOLEAN: 228 case V_ASN1_BOOLEAN:
246 if (it) 229 if (it)
247 *(ASN1_BOOLEAN *)pval = it->size; 230 *(ASN1_BOOLEAN *)pval = it->size;
248 else 231 else
249 *(ASN1_BOOLEAN *)pval = -1; 232 *(ASN1_BOOLEAN *)pval = -1;
250 return; 233 return;
251 234
252 case V_ASN1_NULL: 235 case V_ASN1_NULL:
253 break; 236 break;
254 237
255 case V_ASN1_ANY: 238 case V_ASN1_ANY:
256 ASN1_primitive_free(pval, NULL); 239 ASN1_primitive_free(pval, NULL);
257 free(*pval); 240 free(*pval);
258 break; 241 break;
259 242
260 default: 243 default:
261 ASN1_STRING_free((ASN1_STRING *)*pval); 244 ASN1_STRING_free((ASN1_STRING *)*pval);
262 *pval = NULL; 245 *pval = NULL;
263 break; 246 break;
diff --git a/src/lib/libcrypto/asn1/tasn_new.c b/src/lib/libcrypto/asn1/tasn_new.c
index f5d7c690b8..00aa31dd63 100644
--- a/src/lib/libcrypto/asn1/tasn_new.c
+++ b/src/lib/libcrypto/asn1/tasn_new.c
@@ -107,30 +107,27 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
107 CRYPTO_push_info(it->sname); 107 CRYPTO_push_info(it->sname);
108#endif 108#endif
109 109
110 switch(it->itype) 110 switch(it->itype) {
111 {
112 111
113 case ASN1_ITYPE_EXTERN: 112 case ASN1_ITYPE_EXTERN:
114 ef = it->funcs; 113 ef = it->funcs;
115 if (ef && ef->asn1_ex_new) 114 if (ef && ef->asn1_ex_new) {
116 {
117 if (!ef->asn1_ex_new(pval, it)) 115 if (!ef->asn1_ex_new(pval, it))
118 goto memerr; 116 goto memerr;
119 } 117 }
120 break; 118 break;
121 119
122 case ASN1_ITYPE_COMPAT: 120 case ASN1_ITYPE_COMPAT:
123 cf = it->funcs; 121 cf = it->funcs;
124 if (cf && cf->asn1_new) { 122 if (cf && cf->asn1_new) {
125 *pval = cf->asn1_new(); 123 *pval = cf->asn1_new();
126 if (!*pval) 124 if (!*pval)
127 goto memerr; 125 goto memerr;
128 } 126 }
129 break; 127 break;
130 128
131 case ASN1_ITYPE_PRIMITIVE: 129 case ASN1_ITYPE_PRIMITIVE:
132 if (it->templates) 130 if (it->templates) {
133 {
134 if (!ASN1_template_new(pval, it->templates)) 131 if (!ASN1_template_new(pval, it->templates))
135 goto memerr; 132 goto memerr;
136 } 133 }
@@ -138,19 +135,17 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
138 goto memerr; 135 goto memerr;
139 break; 136 break;
140 137
141 case ASN1_ITYPE_MSTRING: 138 case ASN1_ITYPE_MSTRING:
142 if (!ASN1_primitive_new(pval, it)) 139 if (!ASN1_primitive_new(pval, it))
143 goto memerr; 140 goto memerr;
144 break; 141 break;
145 142
146 case ASN1_ITYPE_CHOICE: 143 case ASN1_ITYPE_CHOICE:
147 if (asn1_cb) 144 if (asn1_cb) {
148 {
149 i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL); 145 i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL);
150 if (!i) 146 if (!i)
151 goto auxerr; 147 goto auxerr;
152 if (i==2) 148 if (i==2) {
153 {
154#ifdef CRYPTO_MDEBUG 149#ifdef CRYPTO_MDEBUG
155 if (it->sname) 150 if (it->sname)
156 CRYPTO_pop_info(); 151 CRYPTO_pop_info();
@@ -158,8 +153,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
158 return 1; 153 return 1;
159 } 154 }
160 } 155 }
161 if (!combine) 156 if (!combine) {
162 {
163 *pval = malloc(it->size); 157 *pval = malloc(it->size);
164 if (!*pval) 158 if (!*pval)
165 goto memerr; 159 goto memerr;
@@ -170,15 +164,13 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
170 goto auxerr; 164 goto auxerr;
171 break; 165 break;
172 166
173 case ASN1_ITYPE_NDEF_SEQUENCE: 167 case ASN1_ITYPE_NDEF_SEQUENCE:
174 case ASN1_ITYPE_SEQUENCE: 168 case ASN1_ITYPE_SEQUENCE:
175 if (asn1_cb) 169 if (asn1_cb) {
176 {
177 i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL); 170 i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL);
178 if (!i) 171 if (!i)
179 goto auxerr; 172 goto auxerr;
180 if (i==2) 173 if (i==2) {
181 {
182#ifdef CRYPTO_MDEBUG 174#ifdef CRYPTO_MDEBUG
183 if (it->sname) 175 if (it->sname)
184 CRYPTO_pop_info(); 176 CRYPTO_pop_info();
@@ -186,8 +178,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
186 return 1; 178 return 1;
187 } 179 }
188 } 180 }
189 if (!combine) 181 if (!combine) {
190 {
191 *pval = malloc(it->size); 182 *pval = malloc(it->size);
192 if (!*pval) 183 if (!*pval)
193 goto memerr; 184 goto memerr;
@@ -195,8 +186,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
195 asn1_do_lock(pval, 0, it); 186 asn1_do_lock(pval, 0, it);
196 asn1_enc_init(pval, it); 187 asn1_enc_init(pval, it);
197 } 188 }
198 for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) 189 for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
199 {
200 pseqval = asn1_get_field_ptr(pval, tt); 190 pseqval = asn1_get_field_ptr(pval, tt);
201 if (!ASN1_template_new(pseqval, tt)) 191 if (!ASN1_template_new(pseqval, tt))
202 goto memerr; 192 goto memerr;
@@ -231,10 +221,9 @@ static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
231{ 221{
232 const ASN1_EXTERN_FUNCS *ef; 222 const ASN1_EXTERN_FUNCS *ef;
233 223
234 switch(it->itype) 224 switch(it->itype) {
235 {
236 225
237 case ASN1_ITYPE_EXTERN: 226 case ASN1_ITYPE_EXTERN:
238 ef = it->funcs; 227 ef = it->funcs;
239 if (ef && ef->asn1_ex_clear) 228 if (ef && ef->asn1_ex_clear)
240 ef->asn1_ex_clear(pval, it); 229 ef->asn1_ex_clear(pval, it);
@@ -242,21 +231,21 @@ static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
242 break; 231 break;
243 232
244 233
245 case ASN1_ITYPE_PRIMITIVE: 234 case ASN1_ITYPE_PRIMITIVE:
246 if (it->templates) 235 if (it->templates)
247 asn1_template_clear(pval, it->templates); 236 asn1_template_clear(pval, it->templates);
248 else 237 else
249 asn1_primitive_clear(pval, it); 238 asn1_primitive_clear(pval, it);
250 break; 239 break;
251 240
252 case ASN1_ITYPE_MSTRING: 241 case ASN1_ITYPE_MSTRING:
253 asn1_primitive_clear(pval, it); 242 asn1_primitive_clear(pval, it);
254 break; 243 break;
255 244
256 case ASN1_ITYPE_COMPAT: 245 case ASN1_ITYPE_COMPAT:
257 case ASN1_ITYPE_CHOICE: 246 case ASN1_ITYPE_CHOICE:
258 case ASN1_ITYPE_SEQUENCE: 247 case ASN1_ITYPE_SEQUENCE:
259 case ASN1_ITYPE_NDEF_SEQUENCE: 248 case ASN1_ITYPE_NDEF_SEQUENCE:
260 *pval = NULL; 249 *pval = NULL;
261 break; 250 break;
262 } 251 }
@@ -267,15 +256,13 @@ int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
267{ 256{
268 const ASN1_ITEM *it = ASN1_ITEM_ptr(tt->item); 257 const ASN1_ITEM *it = ASN1_ITEM_ptr(tt->item);
269 int ret; 258 int ret;
270 if (tt->flags & ASN1_TFLG_OPTIONAL) 259 if (tt->flags & ASN1_TFLG_OPTIONAL) {
271 {
272 asn1_template_clear(pval, tt); 260 asn1_template_clear(pval, tt);
273 return 1; 261 return 1;
274 } 262 }
275 /* If ANY DEFINED BY nothing to do */ 263 /* If ANY DEFINED BY nothing to do */
276 264
277 if (tt->flags & ASN1_TFLG_ADB_MASK) 265 if (tt->flags & ASN1_TFLG_ADB_MASK) {
278 {
279 *pval = NULL; 266 *pval = NULL;
280 return 1; 267 return 1;
281 } 268 }
@@ -284,12 +271,10 @@ int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
284 CRYPTO_push_info(tt->field_name); 271 CRYPTO_push_info(tt->field_name);
285#endif 272#endif
286 /* If SET OF or SEQUENCE OF, its a STACK */ 273 /* If SET OF or SEQUENCE OF, its a STACK */
287 if (tt->flags & ASN1_TFLG_SK_MASK) 274 if (tt->flags & ASN1_TFLG_SK_MASK) {
288 {
289 STACK_OF(ASN1_VALUE) *skval; 275 STACK_OF(ASN1_VALUE) *skval;
290 skval = sk_ASN1_VALUE_new_null(); 276 skval = sk_ASN1_VALUE_new_null();
291 if (!skval) 277 if (!skval) {
292 {
293 ASN1err(ASN1_F_ASN1_TEMPLATE_NEW, ERR_R_MALLOC_FAILURE); 278 ASN1err(ASN1_F_ASN1_TEMPLATE_NEW, ERR_R_MALLOC_FAILURE);
294 ret = 0; 279 ret = 0;
295 goto done; 280 goto done;
@@ -328,8 +313,7 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
328 ASN1_STRING *str; 313 ASN1_STRING *str;
329 int utype; 314 int utype;
330 315
331 if (it && it->funcs) 316 if (it && it->funcs) {
332 {
333 const ASN1_PRIMITIVE_FUNCS *pf = it->funcs; 317 const ASN1_PRIMITIVE_FUNCS *pf = it->funcs;
334 if (pf->prim_new) 318 if (pf->prim_new)
335 return pf->prim_new(pval, it); 319 return pf->prim_new(pval, it);
@@ -339,21 +323,20 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
339 utype = -1; 323 utype = -1;
340 else 324 else
341 utype = it->utype; 325 utype = it->utype;
342 switch(utype) 326 switch(utype) {
343 { 327 case V_ASN1_OBJECT:
344 case V_ASN1_OBJECT:
345 *pval = (ASN1_VALUE *)OBJ_nid2obj(NID_undef); 328 *pval = (ASN1_VALUE *)OBJ_nid2obj(NID_undef);
346 return 1; 329 return 1;
347 330
348 case V_ASN1_BOOLEAN: 331 case V_ASN1_BOOLEAN:
349 *(ASN1_BOOLEAN *)pval = it->size; 332 *(ASN1_BOOLEAN *)pval = it->size;
350 return 1; 333 return 1;
351 334
352 case V_ASN1_NULL: 335 case V_ASN1_NULL:
353 *pval = (ASN1_VALUE *)1; 336 *pval = (ASN1_VALUE *)1;
354 return 1; 337 return 1;
355 338
356 case V_ASN1_ANY: 339 case V_ASN1_ANY:
357 typ = malloc(sizeof(ASN1_TYPE)); 340 typ = malloc(sizeof(ASN1_TYPE));
358 if (!typ) 341 if (!typ)
359 return 0; 342 return 0;
@@ -362,7 +345,7 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
362 *pval = (ASN1_VALUE *)typ; 345 *pval = (ASN1_VALUE *)typ;
363 break; 346 break;
364 347
365 default: 348 default:
366 str = ASN1_STRING_type_new(utype); 349 str = ASN1_STRING_type_new(utype);
367 if (it->itype == ASN1_ITYPE_MSTRING && str) 350 if (it->itype == ASN1_ITYPE_MSTRING && str)
368 str->flags |= ASN1_STRING_FLAG_MSTRING; 351 str->flags |= ASN1_STRING_FLAG_MSTRING;
@@ -377,8 +360,7 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
377static void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) 360static void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
378{ 361{
379 int utype; 362 int utype;
380 if (it && it->funcs) 363 if (it && it->funcs) {
381 {
382 const ASN1_PRIMITIVE_FUNCS *pf = it->funcs; 364 const ASN1_PRIMITIVE_FUNCS *pf = it->funcs;
383 if (pf->prim_clear) 365 if (pf->prim_clear)
384 pf->prim_clear(pval, it); 366 pf->prim_clear(pval, it);
diff --git a/src/lib/libcrypto/asn1/tasn_prn.c b/src/lib/libcrypto/asn1/tasn_prn.c
index f62c085f3b..345daeb0f3 100644
--- a/src/lib/libcrypto/asn1/tasn_prn.c
+++ b/src/lib/libcrypto/asn1/tasn_prn.c
@@ -86,8 +86,7 @@ ASN1_PCTX *ASN1_PCTX_new(void)
86{ 86{
87 ASN1_PCTX *ret; 87 ASN1_PCTX *ret;
88 ret = malloc(sizeof(ASN1_PCTX)); 88 ret = malloc(sizeof(ASN1_PCTX));
89 if (ret == NULL) 89 if (ret == NULL) {
90 {
91 ASN1err(ASN1_F_ASN1_PCTX_NEW, ERR_R_MALLOC_FAILURE); 90 ASN1err(ASN1_F_ASN1_PCTX_NEW, ERR_R_MALLOC_FAILURE);
92 return NULL; 91 return NULL;
93 } 92 }
@@ -199,8 +198,7 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
199 ASN1_aux_cb *asn1_cb; 198 ASN1_aux_cb *asn1_cb;
200 ASN1_PRINT_ARG parg; 199 ASN1_PRINT_ARG parg;
201 int i; 200 int i;
202 if (aux && aux->asn1_cb) 201 if (aux && aux->asn1_cb) {
203 {
204 parg.out = out; 202 parg.out = out;
205 parg.indent = indent; 203 parg.indent = indent;
206 parg.pctx = pctx; 204 parg.pctx = pctx;
@@ -208,10 +206,8 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
208 } 206 }
209 else asn1_cb = 0; 207 else asn1_cb = 0;
210 208
211 if(*fld == NULL) 209 if(*fld == NULL) {
212 { 210 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_ABSENT) {
213 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_ABSENT)
214 {
215 if (!nohdr && !asn1_print_fsname(out, indent, 211 if (!nohdr && !asn1_print_fsname(out, indent,
216 fname, sname, pctx)) 212 fname, sname, pctx))
217 return 0; 213 return 0;
@@ -221,29 +217,26 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
221 return 1; 217 return 1;
222 } 218 }
223 219
224 switch(it->itype) 220 switch(it->itype) {
225 { 221 case ASN1_ITYPE_PRIMITIVE:
226 case ASN1_ITYPE_PRIMITIVE: 222 if(it->templates) {
227 if(it->templates)
228 {
229 if (!asn1_template_print_ctx(out, fld, indent, 223 if (!asn1_template_print_ctx(out, fld, indent,
230 it->templates, pctx)) 224 it->templates, pctx))
231 return 0; 225 return 0;
232 } 226 }
233 /* fall thru */ 227 /* fall thru */
234 case ASN1_ITYPE_MSTRING: 228 case ASN1_ITYPE_MSTRING:
235 if (!asn1_primitive_print(out, fld, it, 229 if (!asn1_primitive_print(out, fld, it,
236 indent, fname, sname,pctx)) 230 indent, fname, sname,pctx))
237 return 0; 231 return 0;
238 break; 232 break;
239 233
240 case ASN1_ITYPE_EXTERN: 234 case ASN1_ITYPE_EXTERN:
241 if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx)) 235 if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
242 return 0; 236 return 0;
243 /* Use new style print routine if possible */ 237 /* Use new style print routine if possible */
244 ef = it->funcs; 238 ef = it->funcs;
245 if (ef && ef->asn1_ex_print) 239 if (ef && ef->asn1_ex_print) {
246 {
247 i = ef->asn1_ex_print(out, fld, indent, "", pctx); 240 i = ef->asn1_ex_print(out, fld, indent, "", pctx);
248 if (!i) 241 if (!i)
249 return 0; 242 return 0;
@@ -256,7 +249,7 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
256 return 0; 249 return 0;
257 break; 250 break;
258 251
259 case ASN1_ITYPE_CHOICE: 252 case ASN1_ITYPE_CHOICE:
260#if 0 253#if 0
261 if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx)) 254 if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
262 return 0; 255 return 0;
@@ -264,8 +257,7 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
264 /* CHOICE type, get selector */ 257 /* CHOICE type, get selector */
265 i = asn1_get_choice_selector(fld, it); 258 i = asn1_get_choice_selector(fld, it);
266 /* This should never happen... */ 259 /* This should never happen... */
267 if((i < 0) || (i >= it->tcount)) 260 if((i < 0) || (i >= it->tcount)) {
268 {
269 if (BIO_printf(out, 261 if (BIO_printf(out,
270 "ERROR: selector [%d] invalid\n", i) <= 0) 262 "ERROR: selector [%d] invalid\n", i) <= 0)
271 return 0; 263 return 0;
@@ -277,26 +269,21 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
277 return 0; 269 return 0;
278 break; 270 break;
279 271
280 case ASN1_ITYPE_SEQUENCE: 272 case ASN1_ITYPE_SEQUENCE:
281 case ASN1_ITYPE_NDEF_SEQUENCE: 273 case ASN1_ITYPE_NDEF_SEQUENCE:
282 if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx)) 274 if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
283 return 0; 275 return 0;
284 if (fname || sname) 276 if (fname || sname) {
285 { 277 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
286 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE)
287 {
288 if (BIO_puts(out, " {\n") <= 0) 278 if (BIO_puts(out, " {\n") <= 0)
289 return 0; 279 return 0;
290 } 280 } else {
291 else
292 {
293 if (BIO_puts(out, "\n") <= 0) 281 if (BIO_puts(out, "\n") <= 0)
294 return 0; 282 return 0;
295 } 283 }
296 } 284 }
297 285
298 if (asn1_cb) 286 if (asn1_cb) {
299 {
300 i = asn1_cb(ASN1_OP_PRINT_PRE, fld, it, &parg); 287 i = asn1_cb(ASN1_OP_PRINT_PRE, fld, it, &parg);
301 if (i == 0) 288 if (i == 0)
302 return 0; 289 return 0;
@@ -305,8 +292,7 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
305 } 292 }
306 293
307 /* Print each field entry */ 294 /* Print each field entry */
308 for(i = 0, tt = it->templates; i < it->tcount; i++, tt++) 295 for(i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
309 {
310 const ASN1_TEMPLATE *seqtt; 296 const ASN1_TEMPLATE *seqtt;
311 seqtt = asn1_do_adb(fld, tt, 1); 297 seqtt = asn1_do_adb(fld, tt, 1);
312 tmpfld = asn1_get_field_ptr(fld, seqtt); 298 tmpfld = asn1_get_field_ptr(fld, seqtt);
@@ -314,14 +300,12 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
314 indent + 2, seqtt, pctx)) 300 indent + 2, seqtt, pctx))
315 return 0; 301 return 0;
316 } 302 }
317 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) 303 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
318 {
319 if (BIO_printf(out, "%*s}\n", indent, "") < 0) 304 if (BIO_printf(out, "%*s}\n", indent, "") < 0)
320 return 0; 305 return 0;
321 } 306 }
322 307
323 if (asn1_cb) 308 if (asn1_cb) {
324 {
325 i = asn1_cb(ASN1_OP_PRINT_POST, fld, it, &parg); 309 i = asn1_cb(ASN1_OP_PRINT_POST, fld, it, &parg);
326 if (i == 0) 310 if (i == 0)
327 return 0; 311 return 0;
@@ -350,17 +334,14 @@ int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
350 fname = NULL; 334 fname = NULL;
351 else 335 else
352 fname = tt->field_name; 336 fname = tt->field_name;
353 if(flags & ASN1_TFLG_SK_MASK) 337 if(flags & ASN1_TFLG_SK_MASK) {
354 {
355 char *tname; 338 char *tname;
356 ASN1_VALUE *skitem; 339 ASN1_VALUE *skitem;
357 STACK_OF(ASN1_VALUE) *stack; 340 STACK_OF(ASN1_VALUE) *stack;
358 341
359 /* SET OF, SEQUENCE OF */ 342 /* SET OF, SEQUENCE OF */
360 if (fname) 343 if (fname) {
361 { 344 if(pctx->flags & ASN1_PCTX_FLAGS_SHOW_SSOF) {
362 if(pctx->flags & ASN1_PCTX_FLAGS_SHOW_SSOF)
363 {
364 if(flags & ASN1_TFLG_SET_OF) 345 if(flags & ASN1_TFLG_SET_OF)
365 tname = "SET"; 346 tname = "SET";
366 else 347 else
@@ -374,8 +355,7 @@ int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
374 return 0; 355 return 0;
375 } 356 }
376 stack = (STACK_OF(ASN1_VALUE) *)*fld; 357 stack = (STACK_OF(ASN1_VALUE) *)*fld;
377 for(i = 0; i < sk_ASN1_VALUE_num(stack); i++) 358 for(i = 0; i < sk_ASN1_VALUE_num(stack); i++) {
378 {
379 if ((i > 0) && (BIO_puts(out, "\n") <= 0)) 359 if ((i > 0) && (BIO_puts(out, "\n") <= 0))
380 return 0; 360 return 0;
381 361
@@ -386,8 +366,7 @@ int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
386 } 366 }
387 if (!i && BIO_printf(out, "%*s<EMPTY>\n", indent + 2, "") <= 0) 367 if (!i && BIO_printf(out, "%*s<EMPTY>\n", indent + 2, "") <= 0)
388 return 0; 368 return 0;
389 if(pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) 369 if(pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
390 {
391 if (BIO_printf(out, "%*s}\n", indent, "") <= 0) 370 if (BIO_printf(out, "%*s}\n", indent, "") <= 0)
392 return 0; 371 return 0;
393 } 372 }
@@ -409,8 +388,7 @@ static int asn1_print_fsname(BIO *out, int indent,
409 return 1; 388 return 1;
410#endif 389#endif
411 390
412 while (indent > nspaces) 391 while (indent > nspaces) {
413 {
414 if (BIO_write(out, spaces, nspaces) != nspaces) 392 if (BIO_write(out, spaces, nspaces) != nspaces)
415 return 0; 393 return 0;
416 indent -= nspaces; 394 indent -= nspaces;
@@ -423,20 +401,15 @@ static int asn1_print_fsname(BIO *out, int indent,
423 fname = NULL; 401 fname = NULL;
424 if (!sname && !fname) 402 if (!sname && !fname)
425 return 1; 403 return 1;
426 if (fname) 404 if (fname) {
427 {
428 if (BIO_puts(out, fname) <= 0) 405 if (BIO_puts(out, fname) <= 0)
429 return 0; 406 return 0;
430 } 407 }
431 if (sname) 408 if (sname) {
432 { 409 if (fname) {
433 if (fname)
434 {
435 if (BIO_printf(out, " (%s)", sname) <= 0) 410 if (BIO_printf(out, " (%s)", sname) <= 0)
436 return 0; 411 return 0;
437 } 412 } else {
438 else
439 {
440 if (BIO_puts(out, sname) <= 0) 413 if (BIO_puts(out, sname) <= 0)
441 return 0; 414 return 0;
442 } 415 }
@@ -450,13 +423,12 @@ static int asn1_print_boolean_ctx(BIO *out, int boolval,
450 const ASN1_PCTX *pctx) 423 const ASN1_PCTX *pctx)
451{ 424{
452 const char *str; 425 const char *str;
453 switch (boolval) 426 switch (boolval) {
454 { 427 case -1:
455 case -1:
456 str = "BOOL ABSENT"; 428 str = "BOOL ABSENT";
457 break; 429 break;
458 430
459 case 0: 431 case 0:
460 str = "FALSE"; 432 str = "FALSE";
461 break; 433 break;
462 434
@@ -501,8 +473,7 @@ static int asn1_print_oid_ctx(BIO *out, const ASN1_OBJECT *oid,
501static int asn1_print_obstring_ctx(BIO *out, ASN1_STRING *str, int indent, 473static int asn1_print_obstring_ctx(BIO *out, ASN1_STRING *str, int indent,
502 const ASN1_PCTX *pctx) 474 const ASN1_PCTX *pctx)
503{ 475{
504 if (str->type == V_ASN1_BIT_STRING) 476 if (str->type == V_ASN1_BIT_STRING) {
505 {
506 if (BIO_printf(out, " (%ld unused bits)\n", 477 if (BIO_printf(out, " (%ld unused bits)\n",
507 str->flags & 0x7) <= 0) 478 str->flags & 0x7) <= 0)
508 return 0; 479 return 0;
@@ -536,8 +507,7 @@ static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
536 utype = str->type & ~V_ASN1_NEG; 507 utype = str->type & ~V_ASN1_NEG;
537 else 508 else
538 utype = it->utype; 509 utype = it->utype;
539 if (utype == V_ASN1_ANY) 510 if (utype == V_ASN1_ANY) {
540 {
541 ASN1_TYPE *atype = (ASN1_TYPE *)*fld; 511 ASN1_TYPE *atype = (ASN1_TYPE *)*fld;
542 utype = atype->type; 512 utype = atype->type;
543 fld = &atype->value.asn1_value; 513 fld = &atype->value.asn1_value;
@@ -546,33 +516,28 @@ static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
546 pname = NULL; 516 pname = NULL;
547 else 517 else
548 pname = ASN1_tag2str(utype); 518 pname = ASN1_tag2str(utype);
549 } 519 } else {
550 else
551 {
552 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_TYPE) 520 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_TYPE)
553 pname = ASN1_tag2str(utype); 521 pname = ASN1_tag2str(utype);
554 else 522 else
555 pname = NULL; 523 pname = NULL;
556 } 524 }
557 525
558 if (utype == V_ASN1_NULL) 526 if (utype == V_ASN1_NULL) {
559 {
560 if (BIO_puts(out, "NULL\n") <= 0) 527 if (BIO_puts(out, "NULL\n") <= 0)
561 return 0; 528 return 0;
562 return 1; 529 return 1;
563 } 530 }
564 531
565 if (pname) 532 if (pname) {
566 {
567 if (BIO_puts(out, pname) <= 0) 533 if (BIO_puts(out, pname) <= 0)
568 return 0; 534 return 0;
569 if (BIO_puts(out, ":") <= 0) 535 if (BIO_puts(out, ":") <= 0)
570 return 0; 536 return 0;
571 } 537 }
572 538
573 switch (utype) 539 switch (utype) {
574 { 540 case V_ASN1_BOOLEAN:
575 case V_ASN1_BOOLEAN:
576 { 541 {
577 int boolval = *(int *)fld; 542 int boolval = *(int *)fld;
578 if (boolval == -1) 543 if (boolval == -1)
@@ -581,32 +546,32 @@ static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
581 } 546 }
582 break; 547 break;
583 548
584 case V_ASN1_INTEGER: 549 case V_ASN1_INTEGER:
585 case V_ASN1_ENUMERATED: 550 case V_ASN1_ENUMERATED:
586 ret = asn1_print_integer_ctx(out, str, pctx); 551 ret = asn1_print_integer_ctx(out, str, pctx);
587 break; 552 break;
588 553
589 case V_ASN1_UTCTIME: 554 case V_ASN1_UTCTIME:
590 ret = ASN1_UTCTIME_print(out, str); 555 ret = ASN1_UTCTIME_print(out, str);
591 break; 556 break;
592 557
593 case V_ASN1_GENERALIZEDTIME: 558 case V_ASN1_GENERALIZEDTIME:
594 ret = ASN1_GENERALIZEDTIME_print(out, str); 559 ret = ASN1_GENERALIZEDTIME_print(out, str);
595 break; 560 break;
596 561
597 case V_ASN1_OBJECT: 562 case V_ASN1_OBJECT:
598 ret = asn1_print_oid_ctx(out, (const ASN1_OBJECT *)*fld, pctx); 563 ret = asn1_print_oid_ctx(out, (const ASN1_OBJECT *)*fld, pctx);
599 break; 564 break;
600 565
601 case V_ASN1_OCTET_STRING: 566 case V_ASN1_OCTET_STRING:
602 case V_ASN1_BIT_STRING: 567 case V_ASN1_BIT_STRING:
603 ret = asn1_print_obstring_ctx(out, str, indent, pctx); 568 ret = asn1_print_obstring_ctx(out, str, indent, pctx);
604 needlf = 0; 569 needlf = 0;
605 break; 570 break;
606 571
607 case V_ASN1_SEQUENCE: 572 case V_ASN1_SEQUENCE:
608 case V_ASN1_SET: 573 case V_ASN1_SET:
609 case V_ASN1_OTHER: 574 case V_ASN1_OTHER:
610 if (BIO_puts(out, "\n") <= 0) 575 if (BIO_puts(out, "\n") <= 0)
611 return 0; 576 return 0;
612 if (ASN1_parse_dump(out, str->data, str->length, 577 if (ASN1_parse_dump(out, str->data, str->length,
@@ -615,7 +580,7 @@ static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
615 needlf = 0; 580 needlf = 0;
616 break; 581 break;
617 582
618 default: 583 default:
619 ret = ASN1_STRING_print_ex(out, str, pctx->str_flags); 584 ret = ASN1_STRING_print_ex(out, str, pctx->str_flags);
620 585
621 } 586 }
diff --git a/src/lib/libcrypto/asn1/tasn_utl.c b/src/lib/libcrypto/asn1/tasn_utl.c
index 37c86c6af8..9715dac931 100644
--- a/src/lib/libcrypto/asn1/tasn_utl.c
+++ b/src/lib/libcrypto/asn1/tasn_utl.c
@@ -109,8 +109,7 @@ int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it)
109 if (!aux || !(aux->flags & ASN1_AFLG_REFCOUNT)) 109 if (!aux || !(aux->flags & ASN1_AFLG_REFCOUNT))
110 return 0; 110 return 0;
111 lck = offset2ptr(*pval, aux->ref_offset); 111 lck = offset2ptr(*pval, aux->ref_offset);
112 if (op == 0) 112 if (op == 0) {
113 {
114 *lck = 1; 113 *lck = 1;
115 return 1; 114 return 1;
116 } 115 }
@@ -133,8 +132,7 @@ void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it)
133{ 132{
134 ASN1_ENCODING *enc; 133 ASN1_ENCODING *enc;
135 enc = asn1_get_enc_ptr(pval, it); 134 enc = asn1_get_enc_ptr(pval, it);
136 if (enc) 135 if (enc) {
137 {
138 enc->enc = NULL; 136 enc->enc = NULL;
139 enc->len = 0; 137 enc->len = 0;
140 enc->modified = 1; 138 enc->modified = 1;
@@ -145,8 +143,7 @@ void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
145{ 143{
146 ASN1_ENCODING *enc; 144 ASN1_ENCODING *enc;
147 enc = asn1_get_enc_ptr(pval, it); 145 enc = asn1_get_enc_ptr(pval, it);
148 if (enc) 146 if (enc) {
149 {
150 if (enc->enc) 147 if (enc->enc)
151 free(enc->enc); 148 free(enc->enc);
152 enc->enc = NULL; 149 enc->enc = NULL;
@@ -182,8 +179,7 @@ int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval,
182 enc = asn1_get_enc_ptr(pval, it); 179 enc = asn1_get_enc_ptr(pval, it);
183 if (!enc || enc->modified) 180 if (!enc || enc->modified)
184 return 0; 181 return 0;
185 if (out) 182 if (out) {
186 {
187 memcpy(*out, enc->enc, enc->len); 183 memcpy(*out, enc->enc, enc->len);
188 *out += enc->len; 184 *out += enc->len;
189 } 185 }
@@ -228,8 +224,7 @@ const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt,
228 sfld = offset2ptr(*pval, adb->offset); 224 sfld = offset2ptr(*pval, adb->offset);
229 225
230 /* Check if NULL */ 226 /* Check if NULL */
231 if (!sfld) 227 if (!sfld) {
232 {
233 if (!adb->null_tt) 228 if (!adb->null_tt)
234 goto err; 229 goto err;
235 return adb->null_tt; 230 return adb->null_tt;
diff --git a/src/lib/libcrypto/asn1/x_algor.c b/src/lib/libcrypto/asn1/x_algor.c
index 6f6fbb112a..7ae473485c 100644
--- a/src/lib/libcrypto/asn1/x_algor.c
+++ b/src/lib/libcrypto/asn1/x_algor.c
@@ -81,25 +81,21 @@ int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval)
81{ 81{
82 if (!alg) 82 if (!alg)
83 return 0; 83 return 0;
84 if (ptype != V_ASN1_UNDEF) 84 if (ptype != V_ASN1_UNDEF) {
85 {
86 if (alg->parameter == NULL) 85 if (alg->parameter == NULL)
87 alg->parameter = ASN1_TYPE_new(); 86 alg->parameter = ASN1_TYPE_new();
88 if (alg->parameter == NULL) 87 if (alg->parameter == NULL)
89 return 0; 88 return 0;
90 } 89 }
91 if (alg) 90 if (alg) {
92 {
93 if (alg->algorithm) 91 if (alg->algorithm)
94 ASN1_OBJECT_free(alg->algorithm); 92 ASN1_OBJECT_free(alg->algorithm);
95 alg->algorithm = aobj; 93 alg->algorithm = aobj;
96 } 94 }
97 if (ptype == 0) 95 if (ptype == 0)
98 return 1; 96 return 1;
99 if (ptype == V_ASN1_UNDEF) 97 if (ptype == V_ASN1_UNDEF) {
100 { 98 if (alg->parameter) {
101 if (alg->parameter)
102 {
103 ASN1_TYPE_free(alg->parameter); 99 ASN1_TYPE_free(alg->parameter);
104 alg->parameter = NULL; 100 alg->parameter = NULL;
105 } 101 }
@@ -114,10 +110,8 @@ void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
114{ 110{
115 if (paobj) 111 if (paobj)
116 *paobj = algor->algorithm; 112 *paobj = algor->algorithm;
117 if (pptype) 113 if (pptype) {
118 { 114 if (algor->parameter == NULL) {
119 if (algor->parameter == NULL)
120 {
121 *pptype = V_ASN1_UNDEF; 115 *pptype = V_ASN1_UNDEF;
122 return; 116 return;
123 } 117 }
diff --git a/src/lib/libcrypto/asn1/x_crl.c b/src/lib/libcrypto/asn1/x_crl.c
index b3a6355795..ea94f026b2 100644
--- a/src/lib/libcrypto/asn1/x_crl.c
+++ b/src/lib/libcrypto/asn1/x_crl.c
@@ -101,10 +101,10 @@ static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
101 /* Just set cmp function here. We don't sort because that 101 /* Just set cmp function here. We don't sort because that
102 * would affect the output of X509_CRL_print(). 102 * would affect the output of X509_CRL_print().
103 */ 103 */
104 case ASN1_OP_D2I_POST: 104 case ASN1_OP_D2I_POST:
105 (void)sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_cmp); 105 (void)sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_cmp);
106 break; 106 break;
107} 107 }
108 return 1; 108 return 1;
109} 109}
110 110
@@ -133,8 +133,7 @@ static int crl_set_issuers(X509_CRL *crl)
133 revoked = X509_CRL_get_REVOKED(crl); 133 revoked = X509_CRL_get_REVOKED(crl);
134 134
135 gens = NULL; 135 gens = NULL;
136 for (i = 0; i < sk_X509_REVOKED_num(revoked); i++) 136 for (i = 0; i < sk_X509_REVOKED_num(revoked); i++) {
137 {
138 X509_REVOKED *rev = sk_X509_REVOKED_value(revoked, i); 137 X509_REVOKED *rev = sk_X509_REVOKED_value(revoked, i);
139 STACK_OF(X509_EXTENSION) *exts; 138 STACK_OF(X509_EXTENSION) *exts;
140 ASN1_ENUMERATED *reason; 139 ASN1_ENUMERATED *reason;
@@ -142,17 +141,14 @@ static int crl_set_issuers(X509_CRL *crl)
142 gtmp = X509_REVOKED_get_ext_d2i(rev, 141 gtmp = X509_REVOKED_get_ext_d2i(rev,
143 NID_certificate_issuer, 142 NID_certificate_issuer,
144 &j, NULL); 143 &j, NULL);
145 if (!gtmp && (j != -1)) 144 if (!gtmp && (j != -1)) {
146 {
147 crl->flags |= EXFLAG_INVALID; 145 crl->flags |= EXFLAG_INVALID;
148 return 1; 146 return 1;
149 } 147 }
150 148
151 if (gtmp) 149 if (gtmp) {
152 {
153 gens = gtmp; 150 gens = gtmp;
154 if (!crl->issuers) 151 if (!crl->issuers) {
155 {
156 crl->issuers = sk_GENERAL_NAMES_new_null(); 152 crl->issuers = sk_GENERAL_NAMES_new_null();
157 if (!crl->issuers) 153 if (!crl->issuers)
158 return 0; 154 return 0;
@@ -164,29 +160,24 @@ static int crl_set_issuers(X509_CRL *crl)
164 160
165 reason = X509_REVOKED_get_ext_d2i(rev, NID_crl_reason, 161 reason = X509_REVOKED_get_ext_d2i(rev, NID_crl_reason,
166 &j, NULL); 162 &j, NULL);
167 if (!reason && (j != -1)) 163 if (!reason && (j != -1)) {
168 {
169 crl->flags |= EXFLAG_INVALID; 164 crl->flags |= EXFLAG_INVALID;
170 return 1; 165 return 1;
171 } 166 }
172 167
173 if (reason) 168 if (reason) {
174 {
175 rev->reason = ASN1_ENUMERATED_get(reason); 169 rev->reason = ASN1_ENUMERATED_get(reason);
176 ASN1_ENUMERATED_free(reason); 170 ASN1_ENUMERATED_free(reason);
177 } 171 } else
178 else
179 rev->reason = CRL_REASON_NONE; 172 rev->reason = CRL_REASON_NONE;
180 173
181 /* Check for critical CRL entry extensions */ 174 /* Check for critical CRL entry extensions */
182 175
183 exts = rev->extensions; 176 exts = rev->extensions;
184 177
185 for (j = 0; j < sk_X509_EXTENSION_num(exts); j++) 178 for (j = 0; j < sk_X509_EXTENSION_num(exts); j++) {
186 {
187 ext = sk_X509_EXTENSION_value(exts, j); 179 ext = sk_X509_EXTENSION_value(exts, j);
188 if (ext->critical > 0) 180 if (ext->critical > 0) {
189 {
190 if (OBJ_obj2nid(ext->object) == 181 if (OBJ_obj2nid(ext->object) ==
191 NID_certificate_issuer) 182 NID_certificate_issuer)
192 continue; 183 continue;
@@ -213,9 +204,8 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
213 X509_EXTENSION *ext; 204 X509_EXTENSION *ext;
214 int idx; 205 int idx;
215 206
216 switch(operation) 207 switch(operation) {
217 { 208 case ASN1_OP_NEW_POST:
218 case ASN1_OP_NEW_POST:
219 crl->idp = NULL; 209 crl->idp = NULL;
220 crl->akid = NULL; 210 crl->akid = NULL;
221 crl->flags = 0; 211 crl->flags = 0;
@@ -228,7 +218,7 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
228 crl->base_crl_number = NULL; 218 crl->base_crl_number = NULL;
229 break; 219 break;
230 220
231 case ASN1_OP_D2I_POST: 221 case ASN1_OP_D2I_POST:
232#ifndef OPENSSL_NO_SHA 222#ifndef OPENSSL_NO_SHA
233 X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL); 223 X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL);
234#endif 224#endif
@@ -259,15 +249,13 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
259 249
260 exts = crl->crl->extensions; 250 exts = crl->crl->extensions;
261 251
262 for (idx = 0; idx < sk_X509_EXTENSION_num(exts); idx++) 252 for (idx = 0; idx < sk_X509_EXTENSION_num(exts); idx++) {
263 {
264 int nid; 253 int nid;
265 ext = sk_X509_EXTENSION_value(exts, idx); 254 ext = sk_X509_EXTENSION_value(exts, idx);
266 nid = OBJ_obj2nid(ext->object); 255 nid = OBJ_obj2nid(ext->object);
267 if (nid == NID_freshest_crl) 256 if (nid == NID_freshest_crl)
268 crl->flags |= EXFLAG_FRESHEST; 257 crl->flags |= EXFLAG_FRESHEST;
269 if (ext->critical > 0) 258 if (ext->critical > 0) {
270 {
271 /* We handle IDP and deltas */ 259 /* We handle IDP and deltas */
272 if ((nid == NID_issuing_distribution_point) 260 if ((nid == NID_issuing_distribution_point)
273 || (nid == NID_delta_crl)) 261 || (nid == NID_delta_crl))
@@ -281,16 +269,14 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
281 if (!crl_set_issuers(crl)) 269 if (!crl_set_issuers(crl))
282 return 0; 270 return 0;
283 271
284 if (crl->meth->crl_init) 272 if (crl->meth->crl_init) {
285 {
286 if (crl->meth->crl_init(crl) == 0) 273 if (crl->meth->crl_init(crl) == 0)
287 return 0; 274 return 0;
288 } 275 }
289 break; 276 break;
290 277
291 case ASN1_OP_FREE_POST: 278 case ASN1_OP_FREE_POST:
292 if (crl->meth->crl_free) 279 if (crl->meth->crl_free) {
293 {
294 if (!crl->meth->crl_free(crl)) 280 if (!crl->meth->crl_free(crl))
295 return 0; 281 return 0;
296 } 282 }
@@ -313,18 +299,15 @@ static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp)
313 int idp_only = 0; 299 int idp_only = 0;
314 /* Set various flags according to IDP */ 300 /* Set various flags according to IDP */
315 crl->idp_flags |= IDP_PRESENT; 301 crl->idp_flags |= IDP_PRESENT;
316 if (idp->onlyuser > 0) 302 if (idp->onlyuser > 0) {
317 {
318 idp_only++; 303 idp_only++;
319 crl->idp_flags |= IDP_ONLYUSER; 304 crl->idp_flags |= IDP_ONLYUSER;
320 } 305 }
321 if (idp->onlyCA > 0) 306 if (idp->onlyCA > 0) {
322 {
323 idp_only++; 307 idp_only++;
324 crl->idp_flags |= IDP_ONLYCA; 308 crl->idp_flags |= IDP_ONLYCA;
325 } 309 }
326 if (idp->onlyattr > 0) 310 if (idp->onlyattr > 0) {
327 {
328 idp_only++; 311 idp_only++;
329 crl->idp_flags |= IDP_ONLYATTR; 312 crl->idp_flags |= IDP_ONLYATTR;
330 } 313 }
@@ -335,8 +318,7 @@ static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp)
335 if (idp->indirectCRL > 0) 318 if (idp->indirectCRL > 0)
336 crl->idp_flags |= IDP_INDIRECT; 319 crl->idp_flags |= IDP_INDIRECT;
337 320
338 if (idp->onlysomereasons) 321 if (idp->onlysomereasons) {
339 {
340 crl->idp_flags |= IDP_REASONS; 322 crl->idp_flags |= IDP_REASONS;
341 if (idp->onlysomereasons->length > 0) 323 if (idp->onlysomereasons->length > 0)
342 crl->idp_reasons = idp->onlysomereasons->data[0]; 324 crl->idp_reasons = idp->onlysomereasons->data[0];
@@ -417,8 +399,7 @@ static int crl_revoked_issuer_match(X509_CRL *crl, X509_NAME *nm,
417{ 399{
418 int i; 400 int i;
419 401
420 if (!rev->issuer) 402 if (!rev->issuer) {
421 {
422 if (!nm) 403 if (!nm)
423 return 1; 404 return 1;
424 if (!X509_NAME_cmp(nm, X509_CRL_get_issuer(crl))) 405 if (!X509_NAME_cmp(nm, X509_CRL_get_issuer(crl)))
@@ -429,8 +410,7 @@ static int crl_revoked_issuer_match(X509_CRL *crl, X509_NAME *nm,
429 if (!nm) 410 if (!nm)
430 nm = X509_CRL_get_issuer(crl); 411 nm = X509_CRL_get_issuer(crl);
431 412
432 for (i = 0; i < sk_GENERAL_NAME_num(rev->issuer); i++) 413 for (i = 0; i < sk_GENERAL_NAME_num(rev->issuer); i++) {
433 {
434 GENERAL_NAME *gen = sk_GENERAL_NAME_value(rev->issuer, i); 414 GENERAL_NAME *gen = sk_GENERAL_NAME_value(rev->issuer, i);
435 if (gen->type != GEN_DIRNAME) 415 if (gen->type != GEN_DIRNAME)
436 continue; 416 continue;
@@ -450,8 +430,7 @@ static int def_crl_lookup(X509_CRL *crl,
450 /* Sort revoked into serial number order if not already sorted. 430 /* Sort revoked into serial number order if not already sorted.
451 * Do this under a lock to avoid race condition. 431 * Do this under a lock to avoid race condition.
452 */ 432 */
453 if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked)) 433 if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked)) {
454 {
455 CRYPTO_w_lock(CRYPTO_LOCK_X509_CRL); 434 CRYPTO_w_lock(CRYPTO_LOCK_X509_CRL);
456 sk_X509_REVOKED_sort(crl->crl->revoked); 435 sk_X509_REVOKED_sort(crl->crl->revoked);
457 CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL); 436 CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL);
@@ -460,13 +439,11 @@ static int def_crl_lookup(X509_CRL *crl,
460 if(idx < 0) 439 if(idx < 0)
461 return 0; 440 return 0;
462 /* Need to look for matching name */ 441 /* Need to look for matching name */
463 for(;idx < sk_X509_REVOKED_num(crl->crl->revoked); idx++) 442 for(;idx < sk_X509_REVOKED_num(crl->crl->revoked); idx++) {
464 {
465 rev = sk_X509_REVOKED_value(crl->crl->revoked, idx); 443 rev = sk_X509_REVOKED_value(crl->crl->revoked, idx);
466 if (ASN1_INTEGER_cmp(rev->serialNumber, serial)) 444 if (ASN1_INTEGER_cmp(rev->serialNumber, serial))
467 return 0; 445 return 0;
468 if (crl_revoked_issuer_match(crl, issuer, rev)) 446 if (crl_revoked_issuer_match(crl, issuer, rev)) {
469 {
470 if (ret) 447 if (ret)
471 *ret = rev; 448 *ret = rev;
472 if (rev->reason == CRL_REASON_REMOVE_FROM_CRL) 449 if (rev->reason == CRL_REASON_REMOVE_FROM_CRL)
diff --git a/src/lib/libcrypto/asn1/x_info.c b/src/lib/libcrypto/asn1/x_info.c
index c1b6058d58..07ce15dbd7 100644
--- a/src/lib/libcrypto/asn1/x_info.c
+++ b/src/lib/libcrypto/asn1/x_info.c
@@ -67,8 +67,7 @@ X509_INFO *X509_INFO_new(void)
67 X509_INFO *ret=NULL; 67 X509_INFO *ret=NULL;
68 68
69 ret=(X509_INFO *)malloc(sizeof(X509_INFO)); 69 ret=(X509_INFO *)malloc(sizeof(X509_INFO));
70 if (ret == NULL) 70 if (ret == NULL) {
71 {
72 ASN1err(ASN1_F_X509_INFO_NEW,ERR_R_MALLOC_FAILURE); 71 ASN1err(ASN1_F_X509_INFO_NEW,ERR_R_MALLOC_FAILURE);
73 return(NULL); 72 return(NULL);
74 } 73 }
diff --git a/src/lib/libcrypto/asn1/x_name.c b/src/lib/libcrypto/asn1/x_name.c
index dfd4363aa0..d10ac5acd1 100644
--- a/src/lib/libcrypto/asn1/x_name.c
+++ b/src/lib/libcrypto/asn1/x_name.c
@@ -145,8 +145,7 @@ static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it)
145 145
146 memerr: 146 memerr:
147 ASN1err(ASN1_F_X509_NAME_EX_NEW, ERR_R_MALLOC_FAILURE); 147 ASN1err(ASN1_F_X509_NAME_EX_NEW, ERR_R_MALLOC_FAILURE);
148 if (ret) 148 if (ret) {
149 {
150 if (ret->entries) 149 if (ret->entries)
151 sk_X509_NAME_ENTRY_free(ret->entries); 150 sk_X509_NAME_ENTRY_free(ret->entries);
152 free(ret); 151 free(ret);
@@ -242,14 +241,14 @@ static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_IT
242} 241}
243 242
244static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne) 243static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne)
245 { 244{
246 sk_X509_NAME_ENTRY_free(ne); 245 sk_X509_NAME_ENTRY_free(ne);
247 } 246}
248 247
249static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne) 248static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne)
250 { 249{
251 sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free); 250 sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free);
252 } 251}
253 252
254static int x509_name_encode(X509_NAME *a) 253static int x509_name_encode(X509_NAME *a)
255{ 254{
@@ -295,12 +294,12 @@ static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval,
295 int indent, 294 int indent,
296 const char *fname, 295 const char *fname,
297 const ASN1_PCTX *pctx) 296 const ASN1_PCTX *pctx)
298 { 297{
299 if (X509_NAME_print_ex(out, (X509_NAME *)*pval, 298 if (X509_NAME_print_ex(out, (X509_NAME *)*pval,
300 indent, pctx->nm_flags) <= 0) 299 indent, pctx->nm_flags) <= 0)
301 return 0; 300 return 0;
302 return 2; 301 return 2;
303 } 302}
304 303
305/* This function generates the canonical encoding of the Name structure. 304/* This function generates the canonical encoding of the Name structure.
306 * In it all strings are converted to UTF8, leading, trailing and 305 * In it all strings are converted to UTF8, leading, trailing and
@@ -316,39 +315,35 @@ static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval,
316 */ 315 */
317 316
318static int x509_name_canon(X509_NAME *a) 317static int x509_name_canon(X509_NAME *a)
319 { 318{
320 unsigned char *p; 319 unsigned char *p;
321 STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname = NULL; 320 STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname = NULL;
322 STACK_OF(X509_NAME_ENTRY) *entries = NULL; 321 STACK_OF(X509_NAME_ENTRY) *entries = NULL;
323 X509_NAME_ENTRY *entry, *tmpentry = NULL; 322 X509_NAME_ENTRY *entry, *tmpentry = NULL;
324 int i, set = -1, ret = 0; 323 int i, set = -1, ret = 0;
325 324
326 if (a->canon_enc) 325 if (a->canon_enc) {
327 {
328 free(a->canon_enc); 326 free(a->canon_enc);
329 a->canon_enc = NULL; 327 a->canon_enc = NULL;
330 } 328 }
331 /* Special case: empty X509_NAME => null encoding */ 329 /* Special case: empty X509_NAME => null encoding */
332 if (sk_X509_NAME_ENTRY_num(a->entries) == 0) 330 if (sk_X509_NAME_ENTRY_num(a->entries) == 0) {
333 {
334 a->canon_enclen = 0; 331 a->canon_enclen = 0;
335 return 1; 332 return 1;
336 } 333 }
337 intname = sk_STACK_OF_X509_NAME_ENTRY_new_null(); 334 intname = sk_STACK_OF_X509_NAME_ENTRY_new_null();
338 if(!intname) 335 if(!intname)
339 goto err; 336 goto err;
340 for(i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) 337 for(i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
341 {
342 entry = sk_X509_NAME_ENTRY_value(a->entries, i); 338 entry = sk_X509_NAME_ENTRY_value(a->entries, i);
343 if(entry->set != set) 339 if(entry->set != set) {
344 {
345 entries = sk_X509_NAME_ENTRY_new_null(); 340 entries = sk_X509_NAME_ENTRY_new_null();
346 if(!entries) 341 if(!entries)
347 goto err; 342 goto err;
348 if(!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries)) 343 if(!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries))
349 goto err; 344 goto err;
350 set = entry->set; 345 set = entry->set;
351 } 346 }
352 tmpentry = X509_NAME_ENTRY_new(); 347 tmpentry = X509_NAME_ENTRY_new();
353 tmpentry->object = OBJ_dup(entry->object); 348 tmpentry->object = OBJ_dup(entry->object);
354 if (!asn1_string_canon(tmpentry->value, entry->value)) 349 if (!asn1_string_canon(tmpentry->value, entry->value))
@@ -356,7 +351,7 @@ static int x509_name_canon(X509_NAME *a)
356 if(!sk_X509_NAME_ENTRY_push(entries, tmpentry)) 351 if(!sk_X509_NAME_ENTRY_push(entries, tmpentry))
357 goto err; 352 goto err;
358 tmpentry = NULL; 353 tmpentry = NULL;
359 } 354 }
360 355
361 /* Finally generate encoding */ 356 /* Finally generate encoding */
362 357
@@ -381,7 +376,7 @@ static int x509_name_canon(X509_NAME *a)
381 sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname, 376 sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname,
382 local_sk_X509_NAME_ENTRY_pop_free); 377 local_sk_X509_NAME_ENTRY_pop_free);
383 return ret; 378 return ret;
384 } 379}
385 380
386/* Bitmap of all the types of string that will be canonicalized. */ 381/* Bitmap of all the types of string that will be canonicalized. */
387 382
@@ -392,17 +387,16 @@ static int x509_name_canon(X509_NAME *a)
392 387
393 388
394static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in) 389static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in)
395 { 390{
396 unsigned char *to, *from; 391 unsigned char *to, *from;
397 int len, i; 392 int len, i;
398 393
399 /* If type not in bitmask just copy string across */ 394 /* If type not in bitmask just copy string across */
400 if (!(ASN1_tag2bit(in->type) & ASN1_MASK_CANON)) 395 if (!(ASN1_tag2bit(in->type) & ASN1_MASK_CANON)) {
401 {
402 if (!ASN1_STRING_copy(out, in)) 396 if (!ASN1_STRING_copy(out, in))
403 return 0; 397 return 0;
404 return 1; 398 return 1;
405 } 399 }
406 400
407 out->type = V_ASN1_UTF8STRING; 401 out->type = V_ASN1_UTF8STRING;
408 out->length = ASN1_STRING_to_UTF8(&out->data, in); 402 out->length = ASN1_STRING_to_UTF8(&out->data, in);
@@ -421,99 +415,87 @@ static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in)
421 */ 415 */
422 416
423 /* Ignore leading spaces */ 417 /* Ignore leading spaces */
424 while((len > 0) && !(*from & 0x80) && isspace(*from)) 418 while((len > 0) && !(*from & 0x80) && isspace(*from)) {
425 {
426 from++; 419 from++;
427 len--; 420 len--;
428 } 421 }
429 422
430 to = from + len - 1; 423 to = from + len - 1;
431 424
432 /* Ignore trailing spaces */ 425 /* Ignore trailing spaces */
433 while ((len > 0) && !(*to & 0x80) && isspace(*to)) 426 while ((len > 0) && !(*to & 0x80) && isspace(*to)) {
434 {
435 to--; 427 to--;
436 len--; 428 len--;
437 } 429 }
438 430
439 to = out->data; 431 to = out->data;
440 432
441 i = 0; 433 i = 0;
442 while(i < len) 434 while(i < len) {
443 {
444 /* If MSB set just copy across */ 435 /* If MSB set just copy across */
445 if (*from & 0x80) 436 if (*from & 0x80) {
446 {
447 *to++ = *from++; 437 *to++ = *from++;
448 i++; 438 i++;
449 } 439 }
450 /* Collapse multiple spaces */ 440 /* Collapse multiple spaces */
451 else if (isspace(*from)) 441 else if (isspace(*from)) {
452 {
453 /* Copy one space across */ 442 /* Copy one space across */
454 *to++ = ' '; 443 *to++ = ' ';
455 /* Ignore subsequent spaces. Note: don't need to 444 /* Ignore subsequent spaces. Note: don't need to
456 * check len here because we know the last 445 * check len here because we know the last
457 * character is a non-space so we can't overflow. 446 * character is a non-space so we can't overflow.
458 */ 447 */
459 do 448 do {
460 {
461 from++; 449 from++;
462 i++; 450 i++;
463 } 451 } while(!(*from & 0x80) && isspace(*from));
464 while(!(*from & 0x80) && isspace(*from)); 452 } else {
465 }
466 else
467 {
468 *to++ = tolower(*from); 453 *to++ = tolower(*from);
469 from++; 454 from++;
470 i++; 455 i++;
471 }
472 } 456 }
457 }
473 458
474 out->length = to - out->data; 459 out->length = to - out->data;
475 460
476 return 1; 461 return 1;
477 462
478 } 463}
479 464
480static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) *_intname, 465static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) *_intname,
481 unsigned char **in) 466 unsigned char **in)
482 { 467{
483 int i, len, ltmp; 468 int i, len, ltmp;
484 ASN1_VALUE *v; 469 ASN1_VALUE *v;
485 STACK_OF(ASN1_VALUE) *intname = (STACK_OF(ASN1_VALUE) *)_intname; 470 STACK_OF(ASN1_VALUE) *intname = (STACK_OF(ASN1_VALUE) *)_intname;
486 471
487 len = 0; 472 len = 0;
488 for (i = 0; i < sk_ASN1_VALUE_num(intname); i++) 473 for (i = 0; i < sk_ASN1_VALUE_num(intname); i++) {
489 {
490 v = sk_ASN1_VALUE_value(intname, i); 474 v = sk_ASN1_VALUE_value(intname, i);
491 ltmp = ASN1_item_ex_i2d(&v, in, 475 ltmp = ASN1_item_ex_i2d(&v, in,
492 ASN1_ITEM_rptr(X509_NAME_ENTRIES), -1, -1); 476 ASN1_ITEM_rptr(X509_NAME_ENTRIES), -1, -1);
493 if (ltmp < 0) 477 if (ltmp < 0)
494 return ltmp; 478 return ltmp;
495 len += ltmp; 479 len += ltmp;
496 }
497 return len;
498 } 480 }
481 return len;
482}
499 483
500int X509_NAME_set(X509_NAME **xn, X509_NAME *name) 484int X509_NAME_set(X509_NAME **xn, X509_NAME *name)
501 { 485{
502 X509_NAME *in; 486 X509_NAME *in;
503 487
504 if (!xn || !name) return(0); 488 if (!xn || !name) return(0);
505 489
506 if (*xn != name) 490 if (*xn != name) {
507 {
508 in=X509_NAME_dup(name); 491 in=X509_NAME_dup(name);
509 if (in != NULL) 492 if (in != NULL) {
510 {
511 X509_NAME_free(*xn); 493 X509_NAME_free(*xn);
512 *xn=in; 494 *xn=in;
513 }
514 } 495 }
515 return(*xn != NULL);
516 } 496 }
497 return(*xn != NULL);
498}
517 499
518IMPLEMENT_STACK_OF(X509_NAME_ENTRY) 500IMPLEMENT_STACK_OF(X509_NAME_ENTRY)
519IMPLEMENT_ASN1_SET_OF(X509_NAME_ENTRY) 501IMPLEMENT_ASN1_SET_OF(X509_NAME_ENTRY)
diff --git a/src/lib/libcrypto/asn1/x_pkey.c b/src/lib/libcrypto/asn1/x_pkey.c
index 37d2d93968..eac134a1ee 100644
--- a/src/lib/libcrypto/asn1/x_pkey.c
+++ b/src/lib/libcrypto/asn1/x_pkey.c
@@ -81,17 +81,14 @@ X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, const unsigned char **pp, long length)
81 81
82 ret->cipher.cipher=EVP_get_cipherbyname( 82 ret->cipher.cipher=EVP_get_cipherbyname(
83 OBJ_nid2ln(OBJ_obj2nid(ret->enc_algor->algorithm))); 83 OBJ_nid2ln(OBJ_obj2nid(ret->enc_algor->algorithm)));
84 if (ret->cipher.cipher == NULL) 84 if (ret->cipher.cipher == NULL) {
85 {
86 c.error=ASN1_R_UNSUPPORTED_CIPHER; 85 c.error=ASN1_R_UNSUPPORTED_CIPHER;
87 c.line=__LINE__; 86 c.line=__LINE__;
88 goto err; 87 goto err;
89 } 88 }
90 if (ret->enc_algor->parameter->type == V_ASN1_OCTET_STRING) 89 if (ret->enc_algor->parameter->type == V_ASN1_OCTET_STRING) {
91 {
92 i=ret->enc_algor->parameter->value.octet_string->length; 90 i=ret->enc_algor->parameter->value.octet_string->length;
93 if (i > EVP_MAX_IV_LENGTH) 91 if (i > EVP_MAX_IV_LENGTH) {
94 {
95 c.error=ASN1_R_IV_TOO_LARGE; 92 c.error=ASN1_R_IV_TOO_LARGE;
96 c.line=__LINE__; 93 c.line=__LINE__;
97 goto err; 94 goto err;
diff --git a/src/lib/libcrypto/asn1/x_pubkey.c b/src/lib/libcrypto/asn1/x_pubkey.c
index 454d50f24c..1d6ab6580a 100644
--- a/src/lib/libcrypto/asn1/x_pubkey.c
+++ b/src/lib/libcrypto/asn1/x_pubkey.c
@@ -72,8 +72,7 @@
72static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, 72static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
73 void *exarg) 73 void *exarg)
74{ 74{
75 if (operation == ASN1_OP_FREE_POST) 75 if (operation == ASN1_OP_FREE_POST) {
76 {
77 X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval; 76 X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
78 EVP_PKEY_free(pubkey->pkey); 77 EVP_PKEY_free(pubkey->pkey);
79 } 78 }
@@ -95,26 +94,19 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
95 94
96 if ((pk=X509_PUBKEY_new()) == NULL) goto error; 95 if ((pk=X509_PUBKEY_new()) == NULL) goto error;
97 96
98 if (pkey->ameth) 97 if (pkey->ameth) {
99 { 98 if (pkey->ameth->pub_encode) {
100 if (pkey->ameth->pub_encode) 99 if (!pkey->ameth->pub_encode(pk, pkey)) {
101 {
102 if (!pkey->ameth->pub_encode(pk, pkey))
103 {
104 X509err(X509_F_X509_PUBKEY_SET, 100 X509err(X509_F_X509_PUBKEY_SET,
105 X509_R_PUBLIC_KEY_ENCODE_ERROR); 101 X509_R_PUBLIC_KEY_ENCODE_ERROR);
106 goto error; 102 goto error;
107 } 103 }
108 } 104 } else {
109 else
110 {
111 X509err(X509_F_X509_PUBKEY_SET, 105 X509err(X509_F_X509_PUBKEY_SET,
112 X509_R_METHOD_NOT_SUPPORTED); 106 X509_R_METHOD_NOT_SUPPORTED);
113 goto error; 107 goto error;
114 } 108 }
115 } 109 } else {
116 else
117 {
118 X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM); 110 X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM);
119 goto error; 111 goto error;
120 } 112 }
@@ -136,51 +128,41 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
136 128
137 if (key == NULL) goto error; 129 if (key == NULL) goto error;
138 130
139 if (key->pkey != NULL) 131 if (key->pkey != NULL) {
140 {
141 CRYPTO_add(&key->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY); 132 CRYPTO_add(&key->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
142 return key->pkey; 133 return key->pkey;
143 } 134 }
144 135
145 if (key->public_key == NULL) goto error; 136 if (key->public_key == NULL) goto error;
146 137
147 if ((ret = EVP_PKEY_new()) == NULL) 138 if ((ret = EVP_PKEY_new()) == NULL) {
148 {
149 X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE); 139 X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
150 goto error; 140 goto error;
151 } 141 }
152 142
153 if (!EVP_PKEY_set_type(ret, OBJ_obj2nid(key->algor->algorithm))) 143 if (!EVP_PKEY_set_type(ret, OBJ_obj2nid(key->algor->algorithm))) {
154 {
155 X509err(X509_F_X509_PUBKEY_GET,X509_R_UNSUPPORTED_ALGORITHM); 144 X509err(X509_F_X509_PUBKEY_GET,X509_R_UNSUPPORTED_ALGORITHM);
156 goto error; 145 goto error;
157 } 146 }
158 147
159 if (ret->ameth->pub_decode) 148 if (ret->ameth->pub_decode) {
160 { 149 if (!ret->ameth->pub_decode(ret, key)) {
161 if (!ret->ameth->pub_decode(ret, key))
162 {
163 X509err(X509_F_X509_PUBKEY_GET, 150 X509err(X509_F_X509_PUBKEY_GET,
164 X509_R_PUBLIC_KEY_DECODE_ERROR); 151 X509_R_PUBLIC_KEY_DECODE_ERROR);
165 goto error; 152 goto error;
166 } 153 }
167 } 154 } else {
168 else
169 {
170 X509err(X509_F_X509_PUBKEY_GET, X509_R_METHOD_NOT_SUPPORTED); 155 X509err(X509_F_X509_PUBKEY_GET, X509_R_METHOD_NOT_SUPPORTED);
171 goto error; 156 goto error;
172 } 157 }
173 158
174 /* Check to see if another thread set key->pkey first */ 159 /* Check to see if another thread set key->pkey first */
175 CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY); 160 CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
176 if (key->pkey) 161 if (key->pkey) {
177 {
178 CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); 162 CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
179 EVP_PKEY_free(ret); 163 EVP_PKEY_free(ret);
180 ret = key->pkey; 164 ret = key->pkey;
181 } 165 } else {
182 else
183 {
184 key->pkey = ret; 166 key->pkey = ret;
185 CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); 167 CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
186 } 168 }
@@ -208,8 +190,7 @@ EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp,
208 pktmp = X509_PUBKEY_get(xpk); 190 pktmp = X509_PUBKEY_get(xpk);
209 X509_PUBKEY_free(xpk); 191 X509_PUBKEY_free(xpk);
210 if(!pktmp) return NULL; 192 if(!pktmp) return NULL;
211 if(a) 193 if(a) {
212 {
213 EVP_PKEY_free(*a); 194 EVP_PKEY_free(*a);
214 *a = pktmp; 195 *a = pktmp;
215 } 196 }
@@ -244,8 +225,7 @@ RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp,
244 EVP_PKEY_free(pkey); 225 EVP_PKEY_free(pkey);
245 if (!key) return NULL; 226 if (!key) return NULL;
246 *pp = q; 227 *pp = q;
247 if (a) 228 if (a) {
248 {
249 RSA_free(*a); 229 RSA_free(*a);
250 *a = key; 230 *a = key;
251 } 231 }
@@ -258,8 +238,7 @@ int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp)
258 int ret; 238 int ret;
259 if (!a) return 0; 239 if (!a) return 0;
260 pktmp = EVP_PKEY_new(); 240 pktmp = EVP_PKEY_new();
261 if (!pktmp) 241 if (!pktmp) {
262 {
263 ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE); 242 ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE);
264 return 0; 243 return 0;
265 } 244 }
@@ -284,8 +263,7 @@ DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp,
284 EVP_PKEY_free(pkey); 263 EVP_PKEY_free(pkey);
285 if (!key) return NULL; 264 if (!key) return NULL;
286 *pp = q; 265 *pp = q;
287 if (a) 266 if (a) {
288 {
289 DSA_free(*a); 267 DSA_free(*a);
290 *a = key; 268 *a = key;
291 } 269 }
@@ -298,8 +276,7 @@ int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
298 int ret; 276 int ret;
299 if(!a) return 0; 277 if(!a) return 0;
300 pktmp = EVP_PKEY_new(); 278 pktmp = EVP_PKEY_new();
301 if(!pktmp) 279 if(!pktmp) {
302 {
303 ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE); 280 ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE);
304 return 0; 281 return 0;
305 } 282 }
@@ -323,8 +300,7 @@ EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length)
323 EVP_PKEY_free(pkey); 300 EVP_PKEY_free(pkey);
324 if (!key) return(NULL); 301 if (!key) return(NULL);
325 *pp = q; 302 *pp = q;
326 if (a) 303 if (a) {
327 {
328 EC_KEY_free(*a); 304 EC_KEY_free(*a);
329 *a = key; 305 *a = key;
330 } 306 }
@@ -336,8 +312,7 @@ int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp)
336 EVP_PKEY *pktmp; 312 EVP_PKEY *pktmp;
337 int ret; 313 int ret;
338 if (!a) return(0); 314 if (!a) return(0);
339 if ((pktmp = EVP_PKEY_new()) == NULL) 315 if ((pktmp = EVP_PKEY_new()) == NULL) {
340 {
341 ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE); 316 ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE);
342 return(0); 317 return(0);
343 } 318 }
@@ -354,8 +329,7 @@ int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
354{ 329{
355 if (!X509_ALGOR_set0(pub->algor, aobj, ptype, pval)) 330 if (!X509_ALGOR_set0(pub->algor, aobj, ptype, pval))
356 return 0; 331 return 0;
357 if (penc) 332 if (penc) {
358 {
359 if (pub->public_key->data) 333 if (pub->public_key->data)
360 free(pub->public_key->data); 334 free(pub->public_key->data);
361 pub->public_key->data = penc; 335 pub->public_key->data = penc;
@@ -374,8 +348,7 @@ int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
374{ 348{
375 if (ppkalg) 349 if (ppkalg)
376 *ppkalg = pub->algor->algorithm; 350 *ppkalg = pub->algor->algorithm;
377 if (pk) 351 if (pk) {
378 {
379 *pk = pub->public_key->data; 352 *pk = pub->public_key->data;
380 *ppklen = pub->public_key->length; 353 *ppklen = pub->public_key->length;
381 } 354 }
diff --git a/src/lib/libcrypto/asn1/x_x509.c b/src/lib/libcrypto/asn1/x_x509.c
index ff8bd77024..20448a8e3b 100644
--- a/src/lib/libcrypto/asn1/x_x509.c
+++ b/src/lib/libcrypto/asn1/x_x509.c
@@ -88,7 +88,7 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
88 88
89 switch(operation) { 89 switch(operation) {
90 90
91 case ASN1_OP_NEW_POST: 91 case ASN1_OP_NEW_POST:
92 ret->valid=0; 92 ret->valid=0;
93 ret->name = NULL; 93 ret->name = NULL;
94 ret->ex_flags = 0; 94 ret->ex_flags = 0;
@@ -104,12 +104,12 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
104 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data); 104 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
105 break; 105 break;
106 106
107 case ASN1_OP_D2I_POST: 107 case ASN1_OP_D2I_POST:
108 if (ret->name != NULL) free(ret->name); 108 if (ret->name != NULL) free(ret->name);
109 ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0); 109 ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0);
110 break; 110 break;
111 111
112 case ASN1_OP_FREE_POST: 112 case ASN1_OP_FREE_POST:
113 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data); 113 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
114 X509_CERT_AUX_free(ret->aux); 114 X509_CERT_AUX_free(ret->aux);
115 ASN1_OCTET_STRING_free(ret->skid); 115 ASN1_OCTET_STRING_free(ret->skid);
diff --git a/src/lib/libcrypto/asn1/x_x509a.c b/src/lib/libcrypto/asn1/x_x509a.c
index 9449f517be..287d780830 100644
--- a/src/lib/libcrypto/asn1/x_x509a.c
+++ b/src/lib/libcrypto/asn1/x_x509a.c
@@ -91,8 +91,7 @@ static X509_CERT_AUX *aux_get(X509 *x)
91int X509_alias_set1(X509 *x, unsigned char *name, int len) 91int X509_alias_set1(X509 *x, unsigned char *name, int len)
92{ 92{
93 X509_CERT_AUX *aux; 93 X509_CERT_AUX *aux;
94 if (!name) 94 if (!name) {
95 {
96 if (!x || !x->aux || !x->aux->alias) 95 if (!x || !x->aux || !x->aux->alias)
97 return 1; 96 return 1;
98 ASN1_UTF8STRING_free(x->aux->alias); 97 ASN1_UTF8STRING_free(x->aux->alias);
@@ -107,8 +106,7 @@ int X509_alias_set1(X509 *x, unsigned char *name, int len)
107int X509_keyid_set1(X509 *x, unsigned char *id, int len) 106int X509_keyid_set1(X509 *x, unsigned char *id, int len)
108{ 107{
109 X509_CERT_AUX *aux; 108 X509_CERT_AUX *aux;
110 if (!id) 109 if (!id) {
111 {
112 if (!x || !x->aux || !x->aux->keyid) 110 if (!x || !x->aux || !x->aux->keyid)
113 return 1; 111 return 1;
114 ASN1_OCTET_STRING_free(x->aux->keyid); 112 ASN1_OCTET_STRING_free(x->aux->keyid);
diff --git a/src/lib/libssl/src/crypto/asn1/a_dup.c b/src/lib/libssl/src/crypto/asn1/a_dup.c
index 4482a89337..409bdcf2d1 100644
--- a/src/lib/libssl/src/crypto/asn1/a_dup.c
+++ b/src/lib/libssl/src/crypto/asn1/a_dup.c
@@ -69,13 +69,14 @@ void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x)
69 int i; 69 int i;
70 char *ret; 70 char *ret;
71 71
72 if (x == NULL) return(NULL); 72 if (x == NULL)
73 return(NULL);
73 74
74 i=i2d(x,NULL); 75 i=i2d(x,NULL);
75 b=malloc(i+10); 76 b=malloc(i+10);
76 if (b == NULL) 77 if (b == NULL) {
77 { 78 ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE);
78 ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); 79 return(NULL);
79 } 80 }
80 p= b; 81 p= b;
81 i=i2d(x,&p); 82 i=i2d(x,&p);
@@ -99,12 +100,13 @@ void *ASN1_item_dup(const ASN1_ITEM *it, void *x)
99 long i; 100 long i;
100 void *ret; 101 void *ret;
101 102
102 if (x == NULL) return(NULL); 103 if (x == NULL)
104 return(NULL);
103 105
104 i=ASN1_item_i2d(x,&b,it); 106 i=ASN1_item_i2d(x,&b,it);
105 if (b == NULL) 107 if (b == NULL) {
106 { 108 ASN1err(ASN1_F_ASN1_ITEM_DUP,ERR_R_MALLOC_FAILURE);
107 ASN1err(ASN1_F_ASN1_ITEM_DUP,ERR_R_MALLOC_FAILURE); return(NULL); 109 return(NULL);
108 } 110 }
109 p= b; 111 p= b;
110 ret=ASN1_item_d2i(NULL,&p,i, it); 112 ret=ASN1_item_d2i(NULL,&p,i, it);
diff --git a/src/lib/libssl/src/crypto/asn1/a_enum.c b/src/lib/libssl/src/crypto/asn1/a_enum.c
index 77c7c2cd88..70cea0aad2 100644
--- a/src/lib/libssl/src/crypto/asn1/a_enum.c
+++ b/src/lib/libssl/src/crypto/asn1/a_enum.c
@@ -74,27 +74,23 @@ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v)
74 long d; 74 long d;
75 75
76 a->type=V_ASN1_ENUMERATED; 76 a->type=V_ASN1_ENUMERATED;
77 if (a->length < (int)(sizeof(long)+1)) 77 if (a->length < (int)(sizeof(long)+1)) {
78 {
79 if (a->data != NULL) 78 if (a->data != NULL)
80 free(a->data); 79 free(a->data);
81 if ((a->data=(unsigned char *)malloc(sizeof(long)+1)) != NULL) 80 if ((a->data=(unsigned char *)malloc(sizeof(long)+1)) != NULL)
82 memset((char *)a->data,0,sizeof(long)+1); 81 memset((char *)a->data,0,sizeof(long)+1);
83 } 82 }
84 if (a->data == NULL) 83 if (a->data == NULL) {
85 {
86 ASN1err(ASN1_F_ASN1_ENUMERATED_SET,ERR_R_MALLOC_FAILURE); 84 ASN1err(ASN1_F_ASN1_ENUMERATED_SET,ERR_R_MALLOC_FAILURE);
87 return(0); 85 return(0);
88 } 86 }
89 d=v; 87 d=v;
90 if (d < 0) 88 if (d < 0) {
91 {
92 d= -d; 89 d= -d;
93 a->type=V_ASN1_NEG_ENUMERATED; 90 a->type=V_ASN1_NEG_ENUMERATED;
94 } 91 }
95 92
96 for (i=0; i<sizeof(long); i++) 93 for (i=0; i<sizeof(long); i++) {
97 {
98 if (d == 0) break; 94 if (d == 0) break;
99 buf[i]=(int)d&0xff; 95 buf[i]=(int)d&0xff;
100 d>>=8; 96 d>>=8;
@@ -118,16 +114,14 @@ long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a)
118 else if (i != V_ASN1_ENUMERATED) 114 else if (i != V_ASN1_ENUMERATED)
119 return -1; 115 return -1;
120 116
121 if (a->length > (int)sizeof(long)) 117 if (a->length > (int)sizeof(long)) {
122 {
123 /* hmm... a bit ugly */ 118 /* hmm... a bit ugly */
124 return(0xffffffffL); 119 return(0xffffffffL);
125 } 120 }
126 if (a->data == NULL) 121 if (a->data == NULL)
127 return 0; 122 return 0;
128 123
129 for (i=0; i<a->length; i++) 124 for (i=0; i<a->length; i++) {
130 {
131 r<<=8; 125 r<<=8;
132 r|=(unsigned char)a->data[i]; 126 r|=(unsigned char)a->data[i];
133 } 127 }
@@ -144,8 +138,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai)
144 ret=M_ASN1_ENUMERATED_new(); 138 ret=M_ASN1_ENUMERATED_new();
145 else 139 else
146 ret=ai; 140 ret=ai;
147 if (ret == NULL) 141 if (ret == NULL) {
148 {
149 ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED,ERR_R_NESTED_ASN1_ERROR); 142 ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED,ERR_R_NESTED_ASN1_ERROR);
150 goto err; 143 goto err;
151 } 144 }
@@ -153,8 +146,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai)
153 else ret->type=V_ASN1_ENUMERATED; 146 else ret->type=V_ASN1_ENUMERATED;
154 j=BN_num_bits(bn); 147 j=BN_num_bits(bn);
155 len=((j == 0)?0:((j/8)+1)); 148 len=((j == 0)?0:((j/8)+1));
156 if (ret->length < len+4) 149 if (ret->length < len+4) {
157 {
158 unsigned char *new_data=realloc(ret->data, len+4); 150 unsigned char *new_data=realloc(ret->data, len+4);
159 if (!new_data) 151 if (!new_data)
160 { 152 {
diff --git a/src/lib/libssl/src/crypto/asn1/a_gentm.c b/src/lib/libssl/src/crypto/asn1/a_gentm.c
index 54016dc8e7..2ef6e6bc22 100644
--- a/src/lib/libssl/src/crypto/asn1/a_gentm.c
+++ b/src/lib/libssl/src/crypto/asn1/a_gentm.c
@@ -116,8 +116,7 @@ int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d)
116 * field so make first two fields 00 to 99 116 * field so make first two fields 00 to 99
117 */ 117 */
118 if (l < 13) goto err; 118 if (l < 13) goto err;
119 for (i=0; i<7; i++) 119 for (i=0; i<7; i++) {
120 {
121 if ((i == 6) && ((a[o] == 'Z') || 120 if ((i == 6) && ((a[o] == 'Z') ||
122 (a[o] == '+') || (a[o] == '-'))) 121 (a[o] == '+') || (a[o] == '-')))
123 { i++; break; } 122 { i++; break; }
@@ -146,12 +145,10 @@ int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d)
146 145
147 if (a[o] == 'Z') 146 if (a[o] == 'Z')
148 o++; 147 o++;
149 else if ((a[o] == '+') || (a[o] == '-')) 148 else if ((a[o] == '+') || (a[o] == '-')) {
150 {
151 o++; 149 o++;
152 if (o+4 > l) goto err; 150 if (o+4 > l) goto err;
153 for (i=7; i<9; i++) 151 for (i=7; i<9; i++) {
154 {
155 if ((a[o] < '0') || (a[o] > '9')) goto err; 152 if ((a[o] < '0') || (a[o] > '9')) goto err;
156 n= a[o]-'0'; 153 n= a[o]-'0';
157 o++; 154 o++;
@@ -160,9 +157,7 @@ int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d)
160 if ((n < min[i]) || (n > max[i])) goto err; 157 if ((n < min[i]) || (n > max[i])) goto err;
161 o++; 158 o++;
162 } 159 }
163 } 160 } else {
164 else
165 {
166 /* Missing time zone information. */ 161 /* Missing time zone information. */
167 goto err; 162 goto err;
168 } 163 }
@@ -178,10 +173,8 @@ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str)
178 t.type=V_ASN1_GENERALIZEDTIME; 173 t.type=V_ASN1_GENERALIZEDTIME;
179 t.length=strlen(str); 174 t.length=strlen(str);
180 t.data=(unsigned char *)str; 175 t.data=(unsigned char *)str;
181 if (ASN1_GENERALIZEDTIME_check(&t)) 176 if (ASN1_GENERALIZEDTIME_check(&t)) {
182 { 177 if (s != NULL) {
183 if (s != NULL)
184 {
185 if (!ASN1_STRING_set((ASN1_STRING *)s, 178 if (!ASN1_STRING_set((ASN1_STRING *)s,
186 (unsigned char *)str,t.length)) 179 (unsigned char *)str,t.length))
187 return 0; 180 return 0;
@@ -216,18 +209,15 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
216 if (ts == NULL) 209 if (ts == NULL)
217 return(NULL); 210 return(NULL);
218 211
219 if (offset_day || offset_sec) 212 if (offset_day || offset_sec) {
220 {
221 if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec)) 213 if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
222 return NULL; 214 return NULL;
223 } 215 }
224 216
225 p=(char *)s->data; 217 p=(char *)s->data;
226 if ((p == NULL) || ((size_t)s->length < len)) 218 if ((p == NULL) || ((size_t)s->length < len)) {
227 {
228 p=malloc(len); 219 p=malloc(len);
229 if (p == NULL) 220 if (p == NULL) {
230 {
231 ASN1err(ASN1_F_ASN1_GENERALIZEDTIME_ADJ, 221 ASN1err(ASN1_F_ASN1_GENERALIZEDTIME_ADJ,
232 ERR_R_MALLOC_FAILURE); 222 ERR_R_MALLOC_FAILURE);
233 return(NULL); 223 return(NULL);
diff --git a/src/lib/libssl/src/crypto/asn1/a_i2d_fp.c b/src/lib/libssl/src/crypto/asn1/a_i2d_fp.c
index 52bedb3f73..93e6d8351b 100644
--- a/src/lib/libssl/src/crypto/asn1/a_i2d_fp.c
+++ b/src/lib/libssl/src/crypto/asn1/a_i2d_fp.c
@@ -69,8 +69,7 @@ int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x)
69 BIO *b; 69 BIO *b;
70 int ret; 70 int ret;
71 71
72 if ((b=BIO_new(BIO_s_file())) == NULL) 72 if ((b=BIO_new(BIO_s_file())) == NULL) {
73 {
74 ASN1err(ASN1_F_ASN1_I2D_FP,ERR_R_BUF_LIB); 73 ASN1err(ASN1_F_ASN1_I2D_FP,ERR_R_BUF_LIB);
75 return(0); 74 return(0);
76 } 75 }
@@ -89,8 +88,7 @@ int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x)
89 88
90 n=i2d(x,NULL); 89 n=i2d(x,NULL);
91 b=(char *)malloc(n); 90 b=(char *)malloc(n);
92 if (b == NULL) 91 if (b == NULL) {
93 {
94 ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE); 92 ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE);
95 return(0); 93 return(0);
96 } 94 }
@@ -98,12 +96,10 @@ int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x)
98 p=(unsigned char *)b; 96 p=(unsigned char *)b;
99 i2d(x,&p); 97 i2d(x,&p);
100 98
101 for (;;) 99 for (;;) {
102 {
103 i=BIO_write(out,&(b[j]),n); 100 i=BIO_write(out,&(b[j]),n);
104 if (i == n) break; 101 if (i == n) break;
105 if (i <= 0) 102 if (i <= 0) {
106 {
107 ret=0; 103 ret=0;
108 break; 104 break;
109 } 105 }
@@ -122,8 +118,7 @@ int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x)
122 BIO *b; 118 BIO *b;
123 int ret; 119 int ret;
124 120
125 if ((b=BIO_new(BIO_s_file())) == NULL) 121 if ((b=BIO_new(BIO_s_file())) == NULL) {
126 {
127 ASN1err(ASN1_F_ASN1_ITEM_I2D_FP,ERR_R_BUF_LIB); 122 ASN1err(ASN1_F_ASN1_ITEM_I2D_FP,ERR_R_BUF_LIB);
128 return(0); 123 return(0);
129 } 124 }
@@ -140,18 +135,15 @@ int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x)
140 int i,j=0,n,ret=1; 135 int i,j=0,n,ret=1;
141 136
142 n = ASN1_item_i2d(x, &b, it); 137 n = ASN1_item_i2d(x, &b, it);
143 if (b == NULL) 138 if (b == NULL) {
144 {
145 ASN1err(ASN1_F_ASN1_ITEM_I2D_BIO,ERR_R_MALLOC_FAILURE); 139 ASN1err(ASN1_F_ASN1_ITEM_I2D_BIO,ERR_R_MALLOC_FAILURE);
146 return(0); 140 return(0);
147 } 141 }
148 142
149 for (;;) 143 for (;;) {
150 {
151 i=BIO_write(out,&(b[j]),n); 144 i=BIO_write(out,&(b[j]),n);
152 if (i == n) break; 145 if (i == n) break;
153 if (i <= 0) 146 if (i <= 0) {
154 {
155 ret=0; 147 ret=0;
156 break; 148 break;
157 } 149 }
diff --git a/src/lib/libssl/src/crypto/asn1/a_int.c b/src/lib/libssl/src/crypto/asn1/a_int.c
index f41d462ffe..cc2b985fa1 100644
--- a/src/lib/libssl/src/crypto/asn1/a_int.c
+++ b/src/lib/libssl/src/crypto/asn1/a_int.c
@@ -69,8 +69,7 @@ int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y)
69 int neg, ret; 69 int neg, ret;
70 /* Compare signs */ 70 /* Compare signs */
71 neg = x->type & V_ASN1_NEG; 71 neg = x->type & V_ASN1_NEG;
72 if (neg != (y->type & V_ASN1_NEG)) 72 if (neg != (y->type & V_ASN1_NEG)) {
73 {
74 if (neg) 73 if (neg)
75 return -1; 74 return -1;
76 else 75 else
@@ -120,8 +119,7 @@ int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
120 neg=a->type & V_ASN1_NEG; 119 neg=a->type & V_ASN1_NEG;
121 if (a->length == 0) 120 if (a->length == 0)
122 ret=1; 121 ret=1;
123 else 122 else {
124 {
125 ret=a->length; 123 ret=a->length;
126 i=a->data[0]; 124 i=a->data[0];
127 if (!neg && (i > 127)) { 125 if (!neg && (i > 127)) {
@@ -183,8 +181,7 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
183 unsigned char *to,*s; 181 unsigned char *to,*s;
184 int i; 182 int i;
185 183
186 if ((a == NULL) || ((*a) == NULL)) 184 if ((a == NULL) || ((*a) == NULL)) {
187 {
188 if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL); 185 if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL);
189 ret->type=V_ASN1_INTEGER; 186 ret->type=V_ASN1_INTEGER;
190 } 187 }
@@ -197,8 +194,7 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
197 /* We must malloc stuff, even for 0 bytes otherwise it 194 /* We must malloc stuff, even for 0 bytes otherwise it
198 * signifies a missing NULL parameter. */ 195 * signifies a missing NULL parameter. */
199 s=(unsigned char *)malloc((int)len+1); 196 s=(unsigned char *)malloc((int)len+1);
200 if (s == NULL) 197 if (s == NULL) {
201 {
202 i=ERR_R_MALLOC_FAILURE; 198 i=ERR_R_MALLOC_FAILURE;
203 goto err; 199 goto err;
204 } 200 }
@@ -208,13 +204,12 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
208 * tolerate it. 204 * tolerate it.
209 */ 205 */
210 ret->type=V_ASN1_INTEGER; 206 ret->type=V_ASN1_INTEGER;
211} else if (*p & 0x80) /* a negative number */ 207 } else if (*p & 0x80) /* a negative number */ {
212 {
213 ret->type=V_ASN1_NEG_INTEGER; 208 ret->type=V_ASN1_NEG_INTEGER;
214 if ((*p == 0xff) && (len != 1)) { 209 if ((*p == 0xff) && (len != 1)) {
215 p++; 210 p++;
216 len--; 211 len--;
217 } 212 }
218 i = len; 213 i = len;
219 p += i - 1; 214 p += i - 1;
220 to += i - 1; 215 to += i - 1;
@@ -222,7 +217,7 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
222 *(to--) = 0; 217 *(to--) = 0;
223 i--; 218 i--;
224 p--; 219 p--;
225 } 220 }
226 /* Special case: if all zeros then the number will be of 221 /* Special case: if all zeros then the number will be of
227 * the form FF followed by n zero bytes: this corresponds to 222 * the form FF followed by n zero bytes: this corresponds to
228 * 1 followed by n zero bytes. We've already written n zeros 223 * 1 followed by n zero bytes. We've already written n zeros
@@ -234,20 +229,19 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
234 *s = 1; 229 *s = 1;
235 s[len] = 0; 230 s[len] = 0;
236 len++; 231 len++;
237 } else { 232 } else {
238 *(to--) = (*(p--) ^ 0xff) + 1; 233 *(to--) = (*(p--) ^ 0xff) + 1;
239 i--; 234 i--;
240 for(;i > 0; i--) *(to--) = *(p--) ^ 0xff; 235 for(;i > 0; i--) *(to--) = *(p--) ^ 0xff;
241 } 236 }
242} else { 237 } else {
243 ret->type=V_ASN1_INTEGER; 238 ret->type=V_ASN1_INTEGER;
244 if ((*p == 0) && (len != 1)) 239 if ((*p == 0) && (len != 1)) {
245 {
246 p++; 240 p++;
247 len--; 241 len--;
248 } 242 }
249 memcpy(s,p,(int)len); 243 memcpy(s,p,(int)len);
250} 244 }
251 245
252 if (ret->data != NULL) free(ret->data); 246 if (ret->data != NULL) free(ret->data);
253 ret->data=s; 247 ret->data=s;
@@ -278,24 +272,20 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
278 int inf,tag,xclass; 272 int inf,tag,xclass;
279 int i; 273 int i;
280 274
281 if ((a == NULL) || ((*a) == NULL)) 275 if ((a == NULL) || ((*a) == NULL)) {
282 {
283 if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL); 276 if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL);
284 ret->type=V_ASN1_INTEGER; 277 ret->type=V_ASN1_INTEGER;
285 } 278 } else
286 else
287 ret=(*a); 279 ret=(*a);
288 280
289 p= *pp; 281 p= *pp;
290 inf=ASN1_get_object(&p,&len,&tag,&xclass,length); 282 inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
291 if (inf & 0x80) 283 if (inf & 0x80) {
292 {
293 i=ASN1_R_BAD_OBJECT_HEADER; 284 i=ASN1_R_BAD_OBJECT_HEADER;
294 goto err; 285 goto err;
295 } 286 }
296 287
297 if (tag != V_ASN1_INTEGER) 288 if (tag != V_ASN1_INTEGER) {
298 {
299 i=ASN1_R_EXPECTING_AN_INTEGER; 289 i=ASN1_R_EXPECTING_AN_INTEGER;
300 goto err; 290 goto err;
301 } 291 }
@@ -303,21 +293,19 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
303 /* We must malloc stuff, even for 0 bytes otherwise it 293 /* We must malloc stuff, even for 0 bytes otherwise it
304 * signifies a missing NULL parameter. */ 294 * signifies a missing NULL parameter. */
305 s=(unsigned char *)malloc((int)len+1); 295 s=(unsigned char *)malloc((int)len+1);
306 if (s == NULL) 296 if (s == NULL) {
307 {
308 i=ERR_R_MALLOC_FAILURE; 297 i=ERR_R_MALLOC_FAILURE;
309 goto err; 298 goto err;
310 } 299 }
311 ret->type=V_ASN1_INTEGER; 300 ret->type=V_ASN1_INTEGER;
312 if(len) { 301 if(len) {
313 if ((*p == 0) && (len != 1)) 302 if ((*p == 0) && (len != 1)) {
314 {
315 p++; 303 p++;
316 len--; 304 len--;
317 } 305 }
318 memcpy(s,p,(int)len); 306 memcpy(s,p,(int)len);
319 p+=len; 307 p+=len;
320} 308 }
321 309
322 if (ret->data != NULL) free(ret->data); 310 if (ret->data != NULL) free(ret->data);
323 ret->data=s; 311 ret->data=s;
@@ -340,27 +328,23 @@ int ASN1_INTEGER_set(ASN1_INTEGER *a, long v)
340 long d; 328 long d;
341 329
342 a->type=V_ASN1_INTEGER; 330 a->type=V_ASN1_INTEGER;
343 if (a->length < (int)(sizeof(long)+1)) 331 if (a->length < (int)(sizeof(long)+1)) {
344 {
345 if (a->data != NULL) 332 if (a->data != NULL)
346 free(a->data); 333 free(a->data);
347 if ((a->data=(unsigned char *)malloc(sizeof(long)+1)) != NULL) 334 if ((a->data=(unsigned char *)malloc(sizeof(long)+1)) != NULL)
348 memset((char *)a->data,0,sizeof(long)+1); 335 memset((char *)a->data,0,sizeof(long)+1);
349 } 336 }
350 if (a->data == NULL) 337 if (a->data == NULL) {
351 {
352 ASN1err(ASN1_F_ASN1_INTEGER_SET,ERR_R_MALLOC_FAILURE); 338 ASN1err(ASN1_F_ASN1_INTEGER_SET,ERR_R_MALLOC_FAILURE);
353 return(0); 339 return(0);
354 } 340 }
355 d=v; 341 d=v;
356 if (d < 0) 342 if (d < 0) {
357 {
358 d= -d; 343 d= -d;
359 a->type=V_ASN1_NEG_INTEGER; 344 a->type=V_ASN1_NEG_INTEGER;
360 } 345 }
361 346
362 for (i=0; i<sizeof(long); i++) 347 for (i=0; i<sizeof(long); i++) {
363 {
364 if (d == 0) break; 348 if (d == 0) break;
365 buf[i]=(int)d&0xff; 349 buf[i]=(int)d&0xff;
366 d>>=8; 350 d>>=8;
@@ -384,16 +368,14 @@ long ASN1_INTEGER_get(const ASN1_INTEGER *a)
384 else if (i != V_ASN1_INTEGER) 368 else if (i != V_ASN1_INTEGER)
385 return -1; 369 return -1;
386 370
387 if (a->length > (int)sizeof(long)) 371 if (a->length > (int)sizeof(long)) {
388 {
389 /* hmm... a bit ugly, return all ones */ 372 /* hmm... a bit ugly, return all ones */
390 return -1; 373 return -1;
391 } 374 }
392 if (a->data == NULL) 375 if (a->data == NULL)
393 return 0; 376 return 0;
394 377
395 for (i=0; i<a->length; i++) 378 for (i=0; i<a->length; i++) {
396 {
397 r<<=8; 379 r<<=8;
398 r|=(unsigned char)a->data[i]; 380 r|=(unsigned char)a->data[i];
399 } 381 }
@@ -410,8 +392,7 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai)
410 ret=M_ASN1_INTEGER_new(); 392 ret=M_ASN1_INTEGER_new();
411 else 393 else
412 ret=ai; 394 ret=ai;
413 if (ret == NULL) 395 if (ret == NULL) {
414 {
415 ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_NESTED_ASN1_ERROR); 396 ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_NESTED_ASN1_ERROR);
416 goto err; 397 goto err;
417 } 398 }
@@ -420,11 +401,9 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai)
420 else ret->type=V_ASN1_INTEGER; 401 else ret->type=V_ASN1_INTEGER;
421 j=BN_num_bits(bn); 402 j=BN_num_bits(bn);
422 len=((j == 0)?0:((j/8)+1)); 403 len=((j == 0)?0:((j/8)+1));
423 if (ret->length < len+4) 404 if (ret->length < len+4) {
424 {
425 unsigned char *new_data=realloc(ret->data, len+4); 405 unsigned char *new_data=realloc(ret->data, len+4);
426 if (!new_data) 406 if (!new_data) {
427 {
428 ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE); 407 ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
429 goto err; 408 goto err;
430 } 409 }
@@ -432,8 +411,7 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai)
432 } 411 }
433 ret->length=BN_bn2bin(bn,ret->data); 412 ret->length=BN_bn2bin(bn,ret->data);
434 /* Correct zero case */ 413 /* Correct zero case */
435 if(!ret->length) 414 if(!ret->length) {
436 {
437 ret->data[0] = 0; 415 ret->data[0] = 0;
438 ret->length = 1; 416 ret->length = 1;
439 } 417 }
diff --git a/src/lib/libssl/src/crypto/asn1/a_object.c b/src/lib/libssl/src/crypto/asn1/a_object.c
index 7e9eeaa2e1..e73b1223de 100644
--- a/src/lib/libssl/src/crypto/asn1/a_object.c
+++ b/src/lib/libssl/src/crypto/asn1/a_object.c
@@ -100,55 +100,45 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
100 p=buf; 100 p=buf;
101 c= *(p++); 101 c= *(p++);
102 num--; 102 num--;
103 if ((c >= '0') && (c <= '2')) 103 if ((c >= '0') && (c <= '2')) {
104 {
105 first= c-'0'; 104 first= c-'0';
106 } 105 } else {
107 else
108 {
109 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_FIRST_NUM_TOO_LARGE); 106 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_FIRST_NUM_TOO_LARGE);
110 goto err; 107 goto err;
111 } 108 }
112 109
113 if (num <= 0) 110 if (num <= 0) {
114 {
115 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_MISSING_SECOND_NUMBER); 111 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_MISSING_SECOND_NUMBER);
116 goto err; 112 goto err;
117 } 113 }
118 c= *(p++); 114 c= *(p++);
119 num--; 115 num--;
120 for (;;) 116 for (;;) {
121 {
122 if (num <= 0) break; 117 if (num <= 0) break;
123 if ((c != '.') && (c != ' ')) 118 if ((c != '.') && (c != ' ')) {
124 {
125 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_SEPARATOR); 119 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_SEPARATOR);
126 goto err; 120 goto err;
127 } 121 }
128 l=0; 122 l=0;
129 use_bn = 0; 123 use_bn = 0;
130 for (;;) 124 for (;;) {
131 {
132 if (num <= 0) break; 125 if (num <= 0) break;
133 num--; 126 num--;
134 c= *(p++); 127 c= *(p++);
135 if ((c == ' ') || (c == '.')) 128 if ((c == ' ') || (c == '.'))
136 break; 129 break;
137 if ((c < '0') || (c > '9')) 130 if ((c < '0') || (c > '9')) {
138 {
139 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT); 131 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT);
140 goto err; 132 goto err;
141 } 133 }
142 if (!use_bn && l >= ((ULONG_MAX - 80) / 10L)) 134 if (!use_bn && l >= ((ULONG_MAX - 80) / 10L)) {
143 {
144 use_bn = 1; 135 use_bn = 1;
145 if (!bl) 136 if (!bl)
146 bl = BN_new(); 137 bl = BN_new();
147 if (!bl || !BN_set_word(bl, l)) 138 if (!bl || !BN_set_word(bl, l))
148 goto err; 139 goto err;
149 } 140 }
150 if (use_bn) 141 if (use_bn) {
151 {
152 if (!BN_mul_word(bl, 10L) 142 if (!BN_mul_word(bl, 10L)
153 || !BN_add_word(bl, c-'0')) 143 || !BN_add_word(bl, c-'0'))
154 goto err; 144 goto err;
@@ -156,15 +146,12 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
156 else 146 else
157 l=l*10L+(long)(c-'0'); 147 l=l*10L+(long)(c-'0');
158 } 148 }
159 if (len == 0) 149 if (len == 0) {
160 { 150 if ((first < 2) && (l >= 40)) {
161 if ((first < 2) && (l >= 40))
162 {
163 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_SECOND_NUMBER_TOO_LARGE); 151 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_SECOND_NUMBER_TOO_LARGE);
164 goto err; 152 goto err;
165 } 153 }
166 if (use_bn) 154 if (use_bn) {
167 {
168 if (!BN_add_word(bl, first * 40)) 155 if (!BN_add_word(bl, first * 40))
169 goto err; 156 goto err;
170 } 157 }
@@ -172,13 +159,11 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
172 l+=(long)first*40; 159 l+=(long)first*40;
173 } 160 }
174 i=0; 161 i=0;
175 if (use_bn) 162 if (use_bn) {
176 {
177 int blsize; 163 int blsize;
178 blsize = BN_num_bits(bl); 164 blsize = BN_num_bits(bl);
179 blsize = (blsize + 6)/7; 165 blsize = (blsize + 6)/7;
180 if (blsize > tmpsize) 166 if (blsize > tmpsize) {
181 {
182 if (tmp != ftmp) 167 if (tmp != ftmp)
183 free(tmp); 168 free(tmp);
184 tmpsize = blsize + 32; 169 tmpsize = blsize + 32;
@@ -188,22 +173,17 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
188 } 173 }
189 while(blsize--) 174 while(blsize--)
190 tmp[i++] = (unsigned char)BN_div_word(bl, 0x80L); 175 tmp[i++] = (unsigned char)BN_div_word(bl, 0x80L);
191 } 176 } else {
192 else
193 {
194 177
195 for (;;) 178 for (;;) {
196 {
197 tmp[i++]=(unsigned char)l&0x7f; 179 tmp[i++]=(unsigned char)l&0x7f;
198 l>>=7L; 180 l>>=7L;
199 if (l == 0L) break; 181 if (l == 0L) break;
200 } 182 }
201 183
202 } 184 }
203 if (out != NULL) 185 if (out != NULL) {
204 { 186 if (len+i > olen) {
205 if (len+i > olen)
206 {
207 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_BUFFER_TOO_SMALL); 187 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_BUFFER_TOO_SMALL);
208 goto err; 188 goto err;
209 } 189 }
@@ -240,8 +220,7 @@ int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
240 if ((a == NULL) || (a->data == NULL)) 220 if ((a == NULL) || (a->data == NULL))
241 return(BIO_write(bp,"NULL",4)); 221 return(BIO_write(bp,"NULL",4));
242 i=i2t_ASN1_OBJECT(buf,sizeof buf,a); 222 i=i2t_ASN1_OBJECT(buf,sizeof buf,a);
243 if (i > (int)(sizeof(buf) - 1)) 223 if (i > (int)(sizeof(buf) - 1)) {
244 {
245 p = malloc(i + 1); 224 p = malloc(i + 1);
246 if (!p) 225 if (!p)
247 return -1; 226 return -1;
@@ -265,14 +244,12 @@ ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
265 ASN1_OBJECT *ret = NULL; 244 ASN1_OBJECT *ret = NULL;
266 p= *pp; 245 p= *pp;
267 inf=ASN1_get_object(&p,&len,&tag,&xclass,length); 246 inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
268 if (inf & 0x80) 247 if (inf & 0x80) {
269 {
270 i=ASN1_R_BAD_OBJECT_HEADER; 248 i=ASN1_R_BAD_OBJECT_HEADER;
271 goto err; 249 goto err;
272 } 250 }
273 251
274 if (tag != V_ASN1_OBJECT) 252 if (tag != V_ASN1_OBJECT) {
275 {
276 i=ASN1_R_EXPECTING_AN_OBJECT; 253 i=ASN1_R_EXPECTING_AN_OBJECT;
277 goto err; 254 goto err;
278 } 255 }
@@ -293,10 +270,8 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
293 /* Sanity check OID encoding: can't have leading 0x80 in 270 /* Sanity check OID encoding: can't have leading 0x80 in
294 * subidentifiers, see: X.690 8.19.2 271 * subidentifiers, see: X.690 8.19.2
295 */ 272 */
296 for (i = 0, p = *pp; i < len; i++, p++) 273 for (i = 0, p = *pp; i < len; i++, p++) {
297 { 274 if (*p == 0x80 && (!i || !(p[-1] & 0x80))) {
298 if (*p == 0x80 && (!i || !(p[-1] & 0x80)))
299 {
300 ASN1err(ASN1_F_C2I_ASN1_OBJECT,ASN1_R_INVALID_OBJECT_ENCODING); 275 ASN1err(ASN1_F_C2I_ASN1_OBJECT,ASN1_R_INVALID_OBJECT_ENCODING);
301 return NULL; 276 return NULL;
302 } 277 }
@@ -305,8 +280,7 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
305 /* only the ASN1_OBJECTs from the 'table' will have values 280 /* only the ASN1_OBJECTs from the 'table' will have values
306 * for ->sn or ->ln */ 281 * for ->sn or ->ln */
307 if ((a == NULL) || ((*a) == NULL) || 282 if ((a == NULL) || ((*a) == NULL) ||
308 !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC)) 283 !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC)) {
309 {
310 if ((ret=ASN1_OBJECT_new()) == NULL) return(NULL); 284 if ((ret=ASN1_OBJECT_new()) == NULL) return(NULL);
311 } 285 }
312 else ret=(*a); 286 else ret=(*a);
@@ -316,13 +290,11 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
316 data = (unsigned char *)ret->data; 290 data = (unsigned char *)ret->data;
317 ret->data = NULL; 291 ret->data = NULL;
318 /* once detached we can change it */ 292 /* once detached we can change it */
319 if ((data == NULL) || (ret->length < len)) 293 if ((data == NULL) || (ret->length < len)) {
320 {
321 ret->length=0; 294 ret->length=0;
322 if (data != NULL) free(data); 295 if (data != NULL) free(data);
323 data=(unsigned char *)malloc(len ? (int)len : 1); 296 data=(unsigned char *)malloc(len ? (int)len : 1);
324 if (data == NULL) 297 if (data == NULL) { i=ERR_R_MALLOC_FAILURE; goto err; }
325 { i=ERR_R_MALLOC_FAILURE; goto err; }
326 ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA; 298 ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA;
327 } 299 }
328 memcpy(data,p,(int)len); 300 memcpy(data,p,(int)len);
@@ -349,8 +321,7 @@ ASN1_OBJECT *ASN1_OBJECT_new(void)
349 ASN1_OBJECT *ret; 321 ASN1_OBJECT *ret;
350 322
351 ret=(ASN1_OBJECT *)malloc(sizeof(ASN1_OBJECT)); 323 ret=(ASN1_OBJECT *)malloc(sizeof(ASN1_OBJECT));
352 if (ret == NULL) 324 if (ret == NULL) {
353 {
354 ASN1err(ASN1_F_ASN1_OBJECT_NEW,ERR_R_MALLOC_FAILURE); 325 ASN1err(ASN1_F_ASN1_OBJECT_NEW,ERR_R_MALLOC_FAILURE);
355 return(NULL); 326 return(NULL);
356 } 327 }
@@ -366,16 +337,14 @@ ASN1_OBJECT *ASN1_OBJECT_new(void)
366void ASN1_OBJECT_free(ASN1_OBJECT *a) 337void ASN1_OBJECT_free(ASN1_OBJECT *a)
367{ 338{
368 if (a == NULL) return; 339 if (a == NULL) return;
369 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) 340 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) {
370 {
371#ifndef CONST_STRICT /* disable purely for compile-time strict const checking. Doing this on a "real" compile will cause memory leaks */ 341#ifndef CONST_STRICT /* disable purely for compile-time strict const checking. Doing this on a "real" compile will cause memory leaks */
372 if (a->sn != NULL) free((void *)a->sn); 342 if (a->sn != NULL) free((void *)a->sn);
373 if (a->ln != NULL) free((void *)a->ln); 343 if (a->ln != NULL) free((void *)a->ln);
374#endif 344#endif
375 a->sn=a->ln=NULL; 345 a->sn=a->ln=NULL;
376 } 346 }
377 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) 347 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) {
378 {
379 if (a->data != NULL) free((void *)a->data); 348 if (a->data != NULL) free((void *)a->data);
380 a->data=NULL; 349 a->data=NULL;
381 a->length=0; 350 a->length=0;
diff --git a/src/lib/libssl/src/crypto/asn1/a_print.c b/src/lib/libssl/src/crypto/asn1/a_print.c
index cfd0452f13..9e421dba66 100644
--- a/src/lib/libssl/src/crypto/asn1/a_print.c
+++ b/src/lib/libssl/src/crypto/asn1/a_print.c
@@ -69,8 +69,7 @@ int ASN1_PRINTABLE_type(const unsigned char *s, int len)
69 if (len <= 0) len= -1; 69 if (len <= 0) len= -1;
70 if (s == NULL) return(V_ASN1_PRINTABLESTRING); 70 if (s == NULL) return(V_ASN1_PRINTABLESTRING);
71 71
72 while ((*s) && (len-- != 0)) 72 while ((*s) && (len-- != 0)) {
73 {
74 c= *(s++); 73 c= *(s++);
75 if (!( ((c >= 'a') && (c <= 'z')) || 74 if (!( ((c >= 'a') && (c <= 'z')) ||
76 ((c >= 'A') && (c <= 'Z')) || 75 ((c >= 'A') && (c <= 'Z')) ||
@@ -99,8 +98,7 @@ int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s)
99 if (s->type != V_ASN1_UNIVERSALSTRING) return(0); 98 if (s->type != V_ASN1_UNIVERSALSTRING) return(0);
100 if ((s->length%4) != 0) return(0); 99 if ((s->length%4) != 0) return(0);
101 p=s->data; 100 p=s->data;
102 for (i=0; i<s->length; i+=4) 101 for (i=0; i<s->length; i+=4) {
103 {
104 if ((p[0] != '\0') || (p[1] != '\0') || (p[2] != '\0')) 102 if ((p[0] != '\0') || (p[1] != '\0') || (p[2] != '\0'))
105 break; 103 break;
106 else 104 else
@@ -108,8 +106,7 @@ int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s)
108 } 106 }
109 if (i < s->length) return(0); 107 if (i < s->length) return(0);
110 p=s->data; 108 p=s->data;
111 for (i=3; i<s->length; i+=4) 109 for (i=3; i<s->length; i+=4) {
112 {
113 *(p++)=s->data[i]; 110 *(p++)=s->data[i];
114 } 111 }
115 *(p)='\0'; 112 *(p)='\0';
diff --git a/src/lib/libssl/src/crypto/asn1/a_sign.c b/src/lib/libssl/src/crypto/asn1/a_sign.c
index 349422fe9a..046f3b4a99 100644
--- a/src/lib/libssl/src/crypto/asn1/a_sign.c
+++ b/src/lib/libssl/src/crypto/asn1/a_sign.c
@@ -131,8 +131,7 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
131{ 131{
132 EVP_MD_CTX ctx; 132 EVP_MD_CTX ctx;
133 EVP_MD_CTX_init(&ctx); 133 EVP_MD_CTX_init(&ctx);
134 if (!EVP_DigestSignInit(&ctx, NULL, type, NULL, pkey)) 134 if (!EVP_DigestSignInit(&ctx, NULL, type, NULL, pkey)) {
135 {
136 EVP_MD_CTX_cleanup(&ctx); 135 EVP_MD_CTX_cleanup(&ctx);
137 return 0; 136 return 0;
138 } 137 }
@@ -154,14 +153,12 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
154 type = EVP_MD_CTX_md(ctx); 153 type = EVP_MD_CTX_md(ctx);
155 pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx); 154 pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx);
156 155
157 if (!type || !pkey) 156 if (!type || !pkey) {
158 {
159 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED); 157 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED);
160 return 0; 158 return 0;
161 } 159 }
162 160
163 if (pkey->ameth->item_sign) 161 if (pkey->ameth->item_sign) {
164 {
165 rv = pkey->ameth->item_sign(ctx, it, asn, algor1, algor2, 162 rv = pkey->ameth->item_sign(ctx, it, asn, algor1, algor2,
166 signature); 163 signature);
167 if (rv == 1) 164 if (rv == 1)
@@ -180,15 +177,12 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
180 else 177 else
181 rv = 2; 178 rv = 2;
182 179
183 if (rv == 2) 180 if (rv == 2) {
184 { 181 if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
185 if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE)
186 {
187 if (!pkey->ameth || 182 if (!pkey->ameth ||
188 !OBJ_find_sigid_by_algs(&signid, 183 !OBJ_find_sigid_by_algs(&signid,
189 EVP_MD_nid(type), 184 EVP_MD_nid(type),
190 pkey->ameth->pkey_id)) 185 pkey->ameth->pkey_id)) {
191 {
192 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, 186 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,
193 ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); 187 ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
194 return 0; 188 return 0;
@@ -212,16 +206,14 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
212 inl=ASN1_item_i2d(asn,&buf_in, it); 206 inl=ASN1_item_i2d(asn,&buf_in, it);
213 outll=outl=EVP_PKEY_size(pkey); 207 outll=outl=EVP_PKEY_size(pkey);
214 buf_out=malloc((unsigned int)outl); 208 buf_out=malloc((unsigned int)outl);
215 if ((buf_in == NULL) || (buf_out == NULL)) 209 if ((buf_in == NULL) || (buf_out == NULL)) {
216 {
217 outl=0; 210 outl=0;
218 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,ERR_R_MALLOC_FAILURE); 211 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,ERR_R_MALLOC_FAILURE);
219 goto err; 212 goto err;
220 } 213 }
221 214
222 if (!EVP_DigestSignUpdate(ctx, buf_in, inl) 215 if (!EVP_DigestSignUpdate(ctx, buf_in, inl)
223 || !EVP_DigestSignFinal(ctx, buf_out, &outl)) 216 || !EVP_DigestSignFinal(ctx, buf_out, &outl)) {
224 {
225 outl=0; 217 outl=0;
226 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,ERR_R_EVP_LIB); 218 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,ERR_R_EVP_LIB);
227 goto err; 219 goto err;
@@ -237,9 +229,11 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it,
237 signature->flags|=ASN1_STRING_FLAG_BITS_LEFT; 229 signature->flags|=ASN1_STRING_FLAG_BITS_LEFT;
238err: 230err:
239 EVP_MD_CTX_cleanup(ctx); 231 EVP_MD_CTX_cleanup(ctx);
240 if (buf_in != NULL) 232 if (buf_in != NULL) {
241 { OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); free(buf_in); } 233 OPENSSL_cleanse((char *)buf_in,(unsigned int)inl); free(buf_in);
242 if (buf_out != NULL) 234 }
243 { OPENSSL_cleanse((char *)buf_out,outll); free(buf_out); } 235 if (buf_out != NULL) {
236 OPENSSL_cleanse((char *)buf_out,outll); free(buf_out);
237 }
244 return(outl); 238 return(outl);
245} 239}
diff --git a/src/lib/libssl/src/crypto/asn1/a_strex.c b/src/lib/libssl/src/crypto/asn1/a_strex.c
index 65f95532a3..7dc531a2d8 100644
--- a/src/lib/libssl/src/crypto/asn1/a_strex.c
+++ b/src/lib/libssl/src/crypto/asn1/a_strex.c
@@ -405,8 +405,7 @@ static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n,
405 if(indent < 0) indent = 0; 405 if(indent < 0) indent = 0;
406 outlen = indent; 406 outlen = indent;
407 if(!do_indent(io_ch, arg, indent)) return -1; 407 if(!do_indent(io_ch, arg, indent)) return -1;
408 switch (flags & XN_FLAG_SEP_MASK) 408 switch (flags & XN_FLAG_SEP_MASK) {
409 {
410 case XN_FLAG_SEP_MULTILINE: 409 case XN_FLAG_SEP_MULTILINE:
411 sep_dn = "\n"; 410 sep_dn = "\n";
412 sep_dn_len = 1; 411 sep_dn_len = 1;
@@ -526,8 +525,7 @@ int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags)
526#ifndef OPENSSL_NO_FP_API 525#ifndef OPENSSL_NO_FP_API
527int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags) 526int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags)
528{ 527{
529 if(flags == XN_FLAG_COMPAT) 528 if(flags == XN_FLAG_COMPAT) {
530 {
531 BIO *btmp; 529 BIO *btmp;
532 int ret; 530 int ret;
533 btmp = BIO_new_fp(fp, BIO_NOCLOSE); 531 btmp = BIO_new_fp(fp, BIO_NOCLOSE);
diff --git a/src/lib/libssl/src/crypto/asn1/a_strnid.c b/src/lib/libssl/src/crypto/asn1/a_strnid.c
index 74bc7b316c..6c59dcc8ec 100644
--- a/src/lib/libssl/src/crypto/asn1/a_strnid.c
+++ b/src/lib/libssl/src/crypto/asn1/a_strnid.c
@@ -264,26 +264,24 @@ main()
264 int i, last_nid = -1; 264 int i, last_nid = -1;
265 265
266 for (tmp = tbl_standard, i = 0; 266 for (tmp = tbl_standard, i = 0;
267 i < sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE); i++, tmp++) 267 i < sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE); i++, tmp++) {
268 { 268 if (tmp->nid < last_nid) {
269 if (tmp->nid < last_nid) 269 last_nid = 0;
270 { 270 break;
271 last_nid = 0;
272 break;
273 }
274 last_nid = tmp->nid;
275 } 271 }
272 last_nid = tmp->nid;
273 }
276 274
277 if (last_nid != 0) 275 if (last_nid != 0) {
278 {
279 printf("Table order OK\n"); 276 printf("Table order OK\n");
280 exit(0); 277 exit(0);
281 } 278 }
282 279
283 for (tmp = tbl_standard, i = 0; 280 for (tmp = tbl_standard, i = 0;
284 i < sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE); i++, tmp++) 281 i < sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE); i++, tmp++) {
285 printf("Index %d, NID %d, Name=%s\n", i, tmp->nid, 282 printf("Index %d, NID %d, Name=%s\n", i, tmp->nid,
286 OBJ_nid2ln(tmp->nid)); 283 OBJ_nid2ln(tmp->nid));
284 }
287 285
288} 286}
289 287
diff --git a/src/lib/libssl/src/crypto/asn1/a_time.c b/src/lib/libssl/src/crypto/asn1/a_time.c
index 3461660b5f..13fd324517 100644
--- a/src/lib/libssl/src/crypto/asn1/a_time.c
+++ b/src/lib/libssl/src/crypto/asn1/a_time.c
@@ -95,13 +95,11 @@ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t,
95 struct tm data; 95 struct tm data;
96 96
97 ts=OPENSSL_gmtime(&t,&data); 97 ts=OPENSSL_gmtime(&t,&data);
98 if (ts == NULL) 98 if (ts == NULL) {
99 {
100 ASN1err(ASN1_F_ASN1_TIME_ADJ, ASN1_R_ERROR_GETTING_TIME); 99 ASN1err(ASN1_F_ASN1_TIME_ADJ, ASN1_R_ERROR_GETTING_TIME);
101 return NULL; 100 return NULL;
102 } 101 }
103 if (offset_day || offset_sec) 102 if (offset_day || offset_sec) {
104 {
105 if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec)) 103 if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
106 return NULL; 104 return NULL;
107 } 105 }
@@ -128,8 +126,7 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZE
128 126
129 if (!ASN1_TIME_check(t)) return NULL; 127 if (!ASN1_TIME_check(t)) return NULL;
130 128
131 if (!out || !*out) 129 if (!out || !*out) {
132 {
133 if (!(ret = ASN1_GENERALIZEDTIME_new ())) 130 if (!(ret = ASN1_GENERALIZEDTIME_new ()))
134 return NULL; 131 return NULL;
135 if (out) *out = ret; 132 if (out) *out = ret;
@@ -137,8 +134,7 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZE
137 else ret = *out; 134 else ret = *out;
138 135
139 /* If already GeneralizedTime just copy across */ 136 /* If already GeneralizedTime just copy across */
140 if (t->type == V_ASN1_GENERALIZEDTIME) 137 if (t->type == V_ASN1_GENERALIZEDTIME) {
141 {
142 if(!ASN1_STRING_set(ret, t->data, t->length)) 138 if(!ASN1_STRING_set(ret, t->data, t->length))
143 return NULL; 139 return NULL;
144 return ret; 140 return ret;
@@ -169,8 +165,7 @@ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str)
169 165
170 t.type = V_ASN1_UTCTIME; 166 t.type = V_ASN1_UTCTIME;
171 167
172 if (!ASN1_TIME_check(&t)) 168 if (!ASN1_TIME_check(&t)) {
173 {
174 t.type = V_ASN1_GENERALIZEDTIME; 169 t.type = V_ASN1_GENERALIZEDTIME;
175 if (!ASN1_TIME_check(&t)) 170 if (!ASN1_TIME_check(&t))
176 return 0; 171 return 0;
diff --git a/src/lib/libssl/src/crypto/asn1/a_type.c b/src/lib/libssl/src/crypto/asn1/a_type.c
index c790d74d60..dd746e925e 100644
--- a/src/lib/libssl/src/crypto/asn1/a_type.c
+++ b/src/lib/libssl/src/crypto/asn1/a_type.c
@@ -71,8 +71,7 @@ int ASN1_TYPE_get(ASN1_TYPE *a)
71 71
72void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value) 72void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
73{ 73{
74 if (a->value.ptr != NULL) 74 if (a->value.ptr != NULL) {
75 {
76 ASN1_TYPE **tmp_a = &a; 75 ASN1_TYPE **tmp_a = &a;
77 ASN1_primitive_free((ASN1_VALUE **)tmp_a, NULL); 76 ASN1_primitive_free((ASN1_VALUE **)tmp_a, NULL);
78 } 77 }
@@ -85,21 +84,16 @@ void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
85 84
86int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value) 85int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value)
87{ 86{
88 if (!value || (type == V_ASN1_BOOLEAN)) 87 if (!value || (type == V_ASN1_BOOLEAN)) {
89 {
90 void *p = (void *)value; 88 void *p = (void *)value;
91 ASN1_TYPE_set(a, type, p); 89 ASN1_TYPE_set(a, type, p);
92 } 90 } else if (type == V_ASN1_OBJECT) {
93 else if (type == V_ASN1_OBJECT)
94 {
95 ASN1_OBJECT *odup; 91 ASN1_OBJECT *odup;
96 odup = OBJ_dup(value); 92 odup = OBJ_dup(value);
97 if (!odup) 93 if (!odup)
98 return 0; 94 return 0;
99 ASN1_TYPE_set(a, type, odup); 95 ASN1_TYPE_set(a, type, odup);
100 } 96 } else {
101 else
102 {
103 ASN1_STRING *sdup; 97 ASN1_STRING *sdup;
104 sdup = ASN1_STRING_dup(value); 98 sdup = ASN1_STRING_dup(value);
105 if (!sdup) 99 if (!sdup)
@@ -119,8 +113,7 @@ int ASN1_TYPE_cmp(ASN1_TYPE *a, ASN1_TYPE *b)
119 113
120 if (!a || !b || a->type != b->type) return -1; 114 if (!a || !b || a->type != b->type) return -1;
121 115
122 switch (a->type) 116 switch (a->type) {
123 {
124 case V_ASN1_OBJECT: 117 case V_ASN1_OBJECT:
125 result = OBJ_cmp(a->value.object, b->value.object); 118 result = OBJ_cmp(a->value.object, b->value.object);
126 break; 119 break;
diff --git a/src/lib/libssl/src/crypto/asn1/a_utctm.c b/src/lib/libssl/src/crypto/asn1/a_utctm.c
index e75f2ecbb6..d8135d0457 100644
--- a/src/lib/libssl/src/crypto/asn1/a_utctm.c
+++ b/src/lib/libssl/src/crypto/asn1/a_utctm.c
@@ -77,13 +77,11 @@ ASN1_UTCTIME *d2i_ASN1_UTCTIME(ASN1_UTCTIME **a, unsigned char **pp,
77 77
78 ret=(ASN1_UTCTIME *)d2i_ASN1_bytes((ASN1_STRING **)a,pp,length, 78 ret=(ASN1_UTCTIME *)d2i_ASN1_bytes((ASN1_STRING **)a,pp,length,
79 V_ASN1_UTCTIME,V_ASN1_UNIVERSAL); 79 V_ASN1_UTCTIME,V_ASN1_UNIVERSAL);
80 if (ret == NULL) 80 if (ret == NULL) {
81 {
82 ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ERR_R_NESTED_ASN1_ERROR); 81 ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ERR_R_NESTED_ASN1_ERROR);
83 return(NULL); 82 return(NULL);
84 } 83 }
85 if (!ASN1_UTCTIME_check(ret)) 84 if (!ASN1_UTCTIME_check(ret)) {
86 {
87 ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_INVALID_TIME_FORMAT); 85 ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_INVALID_TIME_FORMAT);
88 goto err; 86 goto err;
89 } 87 }
@@ -110,11 +108,12 @@ int ASN1_UTCTIME_check(ASN1_UTCTIME *d)
110 o=0; 108 o=0;
111 109
112 if (l < 11) goto err; 110 if (l < 11) goto err;
113 for (i=0; i<6; i++) 111 for (i=0; i<6; i++) {
114 {
115 if ((i == 5) && ((a[o] == 'Z') || 112 if ((i == 5) && ((a[o] == 'Z') ||
116 (a[o] == '+') || (a[o] == '-'))) 113 (a[o] == '+') || (a[o] == '-'))) {
117 { i++; break; } 114 i++;
115 break;
116 }
118 if ((a[o] < '0') || (a[o] > '9')) goto err; 117 if ((a[o] < '0') || (a[o] > '9')) goto err;
119 n= a[o]-'0'; 118 n= a[o]-'0';
120 if (++o > l) goto err; 119 if (++o > l) goto err;
@@ -127,12 +126,10 @@ int ASN1_UTCTIME_check(ASN1_UTCTIME *d)
127 } 126 }
128 if (a[o] == 'Z') 127 if (a[o] == 'Z')
129 o++; 128 o++;
130 else if ((a[o] == '+') || (a[o] == '-')) 129 else if ((a[o] == '+') || (a[o] == '-')) {
131 {
132 o++; 130 o++;
133 if (o+4 > l) goto err; 131 if (o+4 > l) goto err;
134 for (i=6; i<8; i++) 132 for (i=6; i<8; i++) {
135 {
136 if ((a[o] < '0') || (a[o] > '9')) goto err; 133 if ((a[o] < '0') || (a[o] > '9')) goto err;
137 n= a[o]-'0'; 134 n= a[o]-'0';
138 o++; 135 o++;
@@ -154,18 +151,15 @@ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str)
154 t.type=V_ASN1_UTCTIME; 151 t.type=V_ASN1_UTCTIME;
155 t.length=strlen(str); 152 t.length=strlen(str);
156 t.data=(unsigned char *)str; 153 t.data=(unsigned char *)str;
157 if (ASN1_UTCTIME_check(&t)) 154 if (ASN1_UTCTIME_check(&t)) {
158 { 155 if (s != NULL) {
159 if (s != NULL)
160 {
161 if (!ASN1_STRING_set((ASN1_STRING *)s, 156 if (!ASN1_STRING_set((ASN1_STRING *)s,
162 (unsigned char *)str,t.length)) 157 (unsigned char *)str,t.length))
163 return 0; 158 return 0;
164 s->type = V_ASN1_UTCTIME; 159 s->type = V_ASN1_UTCTIME;
165 } 160 }
166 return(1); 161 return(1);
167 } 162 } else
168 else
169 return(0); 163 return(0);
170} 164}
171 165
@@ -191,8 +185,7 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
191 if (ts == NULL) 185 if (ts == NULL)
192 return(NULL); 186 return(NULL);
193 187
194 if (offset_day || offset_sec) 188 if (offset_day || offset_sec) {
195 {
196 if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec)) 189 if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
197 return NULL; 190 return NULL;
198 } 191 }
@@ -201,11 +194,9 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
201 return NULL; 194 return NULL;
202 195
203 p=(char *)s->data; 196 p=(char *)s->data;
204 if ((p == NULL) || ((size_t)s->length < len)) 197 if ((p == NULL) || ((size_t)s->length < len)) {
205 {
206 p=malloc(len); 198 p=malloc(len);
207 if (p == NULL) 199 if (p == NULL) {
208 {
209 ASN1err(ASN1_F_ASN1_UTCTIME_ADJ,ERR_R_MALLOC_FAILURE); 200 ASN1err(ASN1_F_ASN1_UTCTIME_ADJ,ERR_R_MALLOC_FAILURE);
210 return(NULL); 201 return(NULL);
211 } 202 }
@@ -233,8 +224,7 @@ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
233 224
234 if (s->data[12] == 'Z') 225 if (s->data[12] == 'Z')
235 offset=0; 226 offset=0;
236 else 227 else {
237 {
238 offset = g2(s->data+13)*60+g2(s->data+15); 228 offset = g2(s->data+13)*60+g2(s->data+15);
239 if (s->data[12] == '-') 229 if (s->data[12] == '-')
240 offset = -offset; 230 offset = -offset;
@@ -280,8 +270,7 @@ time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s)
280 tm.tm_sec=g2(s->data+10); 270 tm.tm_sec=g2(s->data+10);
281 if(s->data[12] == 'Z') 271 if(s->data[12] == 'Z')
282 offset=0; 272 offset=0;
283 else 273 else {
284 {
285 offset=g2(s->data+13)*60+g2(s->data+15); 274 offset=g2(s->data+13)*60+g2(s->data+15);
286 if(s->data[12] == '-') 275 if(s->data[12] == '-')
287 offset= -offset; 276 offset= -offset;
diff --git a/src/lib/libssl/src/crypto/asn1/a_verify.c b/src/lib/libssl/src/crypto/asn1/a_verify.c
index 59c5b876b5..8df0b038d1 100644
--- a/src/lib/libssl/src/crypto/asn1/a_verify.c
+++ b/src/lib/libssl/src/crypto/asn1/a_verify.c
@@ -81,8 +81,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
81 81
82 int mdnid, pknid; 82 int mdnid, pknid;
83 83
84 if (!pkey) 84 if (!pkey) {
85 {
86 ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_PASSED_NULL_PARAMETER); 85 ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_PASSED_NULL_PARAMETER);
87 return -1; 86 return -1;
88 } 87 }
@@ -90,15 +89,12 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
90 EVP_MD_CTX_init(&ctx); 89 EVP_MD_CTX_init(&ctx);
91 90
92 /* Convert signature OID into digest and public key OIDs */ 91 /* Convert signature OID into digest and public key OIDs */
93 if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) 92 if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) {
94 {
95 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); 93 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
96 goto err; 94 goto err;
97 } 95 }
98 if (mdnid == NID_undef) 96 if (mdnid == NID_undef) {
99 { 97 if (!pkey->ameth || !pkey->ameth->item_verify) {
100 if (!pkey->ameth || !pkey->ameth->item_verify)
101 {
102 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); 98 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
103 goto err; 99 goto err;
104 } 100 }
@@ -111,26 +107,21 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
111 if (ret != 2) 107 if (ret != 2)
112 goto err; 108 goto err;
113 ret = -1; 109 ret = -1;
114 } 110 } else {
115 else
116 {
117 const EVP_MD *type; 111 const EVP_MD *type;
118 type=EVP_get_digestbynid(mdnid); 112 type=EVP_get_digestbynid(mdnid);
119 if (type == NULL) 113 if (type == NULL) {
120 {
121 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); 114 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
122 goto err; 115 goto err;
123 } 116 }
124 117
125 /* Check public key OID matches public key type */ 118 /* Check public key OID matches public key type */
126 if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) 119 if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) {
127 {
128 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_WRONG_PUBLIC_KEY_TYPE); 120 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_WRONG_PUBLIC_KEY_TYPE);
129 goto err; 121 goto err;
130 } 122 }
131 123
132 if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)) 124 if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)) {
133 {
134 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); 125 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB);
135 ret=0; 126 ret=0;
136 goto err; 127 goto err;
@@ -140,14 +131,12 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
140 131
141 inl = ASN1_item_i2d(asn, &buf_in, it); 132 inl = ASN1_item_i2d(asn, &buf_in, it);
142 133
143 if (buf_in == NULL) 134 if (buf_in == NULL) {
144 {
145 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_MALLOC_FAILURE); 135 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_MALLOC_FAILURE);
146 goto err; 136 goto err;
147 } 137 }
148 138
149 if (!EVP_DigestVerifyUpdate(&ctx,buf_in,inl)) 139 if (!EVP_DigestVerifyUpdate(&ctx,buf_in,inl)) {
150 {
151 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); 140 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB);
152 ret=0; 141 ret=0;
153 goto err; 142 goto err;
@@ -157,8 +146,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
157 free(buf_in); 146 free(buf_in);
158 147
159 if (EVP_DigestVerifyFinal(&ctx,signature->data, 148 if (EVP_DigestVerifyFinal(&ctx,signature->data,
160 (size_t)signature->length) <= 0) 149 (size_t)signature->length) <= 0) {
161 {
162 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); 150 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB);
163 ret=0; 151 ret=0;
164 goto err; 152 goto err;
diff --git a/src/lib/libssl/src/crypto/asn1/ameth_lib.c b/src/lib/libssl/src/crypto/asn1/ameth_lib.c
index 8f96e00c93..bbaf6b4dfb 100644
--- a/src/lib/libssl/src/crypto/asn1/ameth_lib.c
+++ b/src/lib/libssl/src/crypto/asn1/ameth_lib.c
@@ -150,8 +150,7 @@ static const EVP_PKEY_ASN1_METHOD *pkey_asn1_find(int type)
150 EVP_PKEY_ASN1_METHOD tmp; 150 EVP_PKEY_ASN1_METHOD tmp;
151 const EVP_PKEY_ASN1_METHOD *t = &tmp, **ret; 151 const EVP_PKEY_ASN1_METHOD *t = &tmp, **ret;
152 tmp.pkey_id = type; 152 tmp.pkey_id = type;
153 if (app_methods) 153 if (app_methods) {
154 {
155 int idx; 154 int idx;
156 idx = sk_EVP_PKEY_ASN1_METHOD_find(app_methods, &tmp); 155 idx = sk_EVP_PKEY_ASN1_METHOD_find(app_methods, &tmp);
157 if (idx >= 0) 156 if (idx >= 0)
@@ -175,21 +174,18 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find(ENGINE **pe, int type)
175{ 174{
176 const EVP_PKEY_ASN1_METHOD *t; 175 const EVP_PKEY_ASN1_METHOD *t;
177 176
178 for (;;) 177 for (;;) {
179 {
180 t = pkey_asn1_find(type); 178 t = pkey_asn1_find(type);
181 if (!t || !(t->pkey_flags & ASN1_PKEY_ALIAS)) 179 if (!t || !(t->pkey_flags & ASN1_PKEY_ALIAS))
182 break; 180 break;
183 type = t->pkey_base_id; 181 type = t->pkey_base_id;
184 } 182 }
185 if (pe) 183 if (pe) {
186 {
187#ifndef OPENSSL_NO_ENGINE 184#ifndef OPENSSL_NO_ENGINE
188 ENGINE *e; 185 ENGINE *e;
189 /* type will contain the final unaliased type */ 186 /* type will contain the final unaliased type */
190 e = ENGINE_get_pkey_asn1_meth_engine(type); 187 e = ENGINE_get_pkey_asn1_meth_engine(type);
191 if (e) 188 if (e) {
192 {
193 *pe = e; 189 *pe = e;
194 return ENGINE_get_pkey_asn1_meth(e, type); 190 return ENGINE_get_pkey_asn1_meth(e, type);
195 } 191 }
@@ -206,13 +202,11 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
206 const EVP_PKEY_ASN1_METHOD *ameth; 202 const EVP_PKEY_ASN1_METHOD *ameth;
207 if (len == -1) 203 if (len == -1)
208 len = strlen(str); 204 len = strlen(str);
209 if (pe) 205 if (pe) {
210 {
211#ifndef OPENSSL_NO_ENGINE 206#ifndef OPENSSL_NO_ENGINE
212 ENGINE *e; 207 ENGINE *e;
213 ameth = ENGINE_pkey_asn1_find_str(&e, str, len); 208 ameth = ENGINE_pkey_asn1_find_str(&e, str, len);
214 if (ameth) 209 if (ameth) {
215 {
216 /* Convert structural into 210 /* Convert structural into
217 * functional reference 211 * functional reference
218 */ 212 */
@@ -225,8 +219,7 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
225#endif 219#endif
226 *pe = NULL; 220 *pe = NULL;
227 } 221 }
228 for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) 222 for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) {
229 {
230 ameth = EVP_PKEY_asn1_get0(i); 223 ameth = EVP_PKEY_asn1_get0(i);
231 if (ameth->pkey_flags & ASN1_PKEY_ALIAS) 224 if (ameth->pkey_flags & ASN1_PKEY_ALIAS)
232 continue; 225 continue;
@@ -239,8 +232,7 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe,
239 232
240int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth) 233int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth)
241{ 234{
242 if (app_methods == NULL) 235 if (app_methods == NULL) {
243 {
244 app_methods = sk_EVP_PKEY_ASN1_METHOD_new(ameth_cmp); 236 app_methods = sk_EVP_PKEY_ASN1_METHOD_new(ameth_cmp);
245 if (!app_methods) 237 if (!app_methods)
246 return 0; 238 return 0;
@@ -299,8 +291,7 @@ EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags,
299 ameth->pkey_base_id = id; 291 ameth->pkey_base_id = id;
300 ameth->pkey_flags = flags | ASN1_PKEY_DYNAMIC; 292 ameth->pkey_flags = flags | ASN1_PKEY_DYNAMIC;
301 293
302 if (info) 294 if (info) {
303 {
304 ameth->info = BUF_strdup(info); 295 ameth->info = BUF_strdup(info);
305 if (!ameth->info) 296 if (!ameth->info)
306 goto err; 297 goto err;
@@ -308,8 +299,7 @@ EVP_PKEY_ASN1_METHOD* EVP_PKEY_asn1_new(int id, int flags,
308 else 299 else
309 ameth->info = NULL; 300 ameth->info = NULL;
310 301
311 if (pem_str) 302 if (pem_str) {
312 {
313 ameth->pem_str = BUF_strdup(pem_str); 303 ameth->pem_str = BUF_strdup(pem_str);
314 if (!ameth->pem_str) 304 if (!ameth->pem_str)
315 goto err; 305 goto err;
@@ -390,8 +380,7 @@ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst,
390 380
391void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth) 381void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth)
392{ 382{
393 if (ameth && (ameth->pkey_flags & ASN1_PKEY_DYNAMIC)) 383 if (ameth && (ameth->pkey_flags & ASN1_PKEY_DYNAMIC)) {
394 {
395 if (ameth->pem_str) 384 if (ameth->pem_str)
396 free(ameth->pem_str); 385 free(ameth->pem_str);
397 if (ameth->info) 386 if (ameth->info)
diff --git a/src/lib/libssl/src/crypto/asn1/asn1_err.c b/src/lib/libssl/src/crypto/asn1/asn1_err.c
index 582f613744..c229c4b4db 100644
--- a/src/lib/libssl/src/crypto/asn1/asn1_err.c
+++ b/src/lib/libssl/src/crypto/asn1/asn1_err.c
@@ -323,8 +323,7 @@ void ERR_load_ASN1_strings(void)
323{ 323{
324#ifndef OPENSSL_NO_ERR 324#ifndef OPENSSL_NO_ERR
325 325
326 if (ERR_func_error_string(ASN1_str_functs[0].error) == NULL) 326 if (ERR_func_error_string(ASN1_str_functs[0].error) == NULL) {
327 {
328 ERR_load_strings(0,ASN1_str_functs); 327 ERR_load_strings(0,ASN1_str_functs);
329 ERR_load_strings(0,ASN1_str_reasons); 328 ERR_load_strings(0,ASN1_str_reasons);
330 } 329 }
diff --git a/src/lib/libssl/src/crypto/asn1/asn1_gen.c b/src/lib/libssl/src/crypto/asn1/asn1_gen.c
index f78aac7148..314df379f9 100644
--- a/src/lib/libssl/src/crypto/asn1/asn1_gen.c
+++ b/src/lib/libssl/src/crypto/asn1/asn1_gen.c
@@ -156,10 +156,8 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)
156 if (CONF_parse_list(str, ',', 1, asn1_cb, &asn1_tags) != 0) 156 if (CONF_parse_list(str, ',', 1, asn1_cb, &asn1_tags) != 0)
157 return NULL; 157 return NULL;
158 158
159 if ((asn1_tags.utype == V_ASN1_SEQUENCE) || (asn1_tags.utype == V_ASN1_SET)) 159 if ((asn1_tags.utype == V_ASN1_SEQUENCE) || (asn1_tags.utype == V_ASN1_SET)) {
160 { 160 if (!cnf) {
161 if (!cnf)
162 {
163 ASN1err(ASN1_F_ASN1_GENERATE_V3, ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG); 161 ASN1err(ASN1_F_ASN1_GENERATE_V3, ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG);
164 return NULL; 162 return NULL;
165 } 163 }
@@ -183,8 +181,7 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)
183 cpy_start = orig_der; 181 cpy_start = orig_der;
184 182
185 /* Do we need IMPLICIT tagging? */ 183 /* Do we need IMPLICIT tagging? */
186 if (asn1_tags.imp_tag != -1) 184 if (asn1_tags.imp_tag != -1) {
187 {
188 /* If IMPLICIT we will replace the underlying tag */ 185 /* If IMPLICIT we will replace the underlying tag */
189 /* Skip existing tag+len */ 186 /* Skip existing tag+len */
190 r = ASN1_get_object(&cpy_start, &hdr_len, &hdr_tag, &hdr_class, cpy_len); 187 r = ASN1_get_object(&cpy_start, &hdr_len, &hdr_tag, &hdr_class, cpy_len);
@@ -196,8 +193,7 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)
196 * original length and constructed flag should be 193 * original length and constructed flag should be
197 * consistent. 194 * consistent.
198 */ 195 */
199 if (r & 0x1) 196 if (r & 0x1) {
200 {
201 /* Indefinite length constructed */ 197 /* Indefinite length constructed */
202 hdr_constructed = 2; 198 hdr_constructed = 2;
203 hdr_len = 0; 199 hdr_len = 0;
@@ -215,8 +211,7 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)
215 211
216 /* Work out length in any EXPLICIT, starting from end */ 212 /* Work out length in any EXPLICIT, starting from end */
217 213
218 for(i = 0, etmp = asn1_tags.exp_list + asn1_tags.exp_count - 1; i < asn1_tags.exp_count; i++, etmp--) 214 for(i = 0, etmp = asn1_tags.exp_list + asn1_tags.exp_count - 1; i < asn1_tags.exp_count; i++, etmp--) {
219 {
220 /* Content length: number of content octets + any padding */ 215 /* Content length: number of content octets + any padding */
221 len += etmp->exp_pad; 216 len += etmp->exp_pad;
222 etmp->exp_len = len; 217 etmp->exp_len = len;
@@ -236,8 +231,7 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)
236 231
237 /* Output explicit tags first */ 232 /* Output explicit tags first */
238 233
239 for (i = 0, etmp = asn1_tags.exp_list; i < asn1_tags.exp_count; i++, etmp++) 234 for (i = 0, etmp = asn1_tags.exp_list; i < asn1_tags.exp_count; i++, etmp++) {
240 {
241 ASN1_put_object(&p, etmp->exp_constructed, etmp->exp_len, 235 ASN1_put_object(&p, etmp->exp_constructed, etmp->exp_len,
242 etmp->exp_tag, etmp->exp_class); 236 etmp->exp_tag, etmp->exp_class);
243 if (etmp->exp_pad) 237 if (etmp->exp_pad)
@@ -246,8 +240,7 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf)
246 240
247 /* If IMPLICIT, output tag */ 241 /* If IMPLICIT, output tag */
248 242
249 if (asn1_tags.imp_tag != -1) 243 if (asn1_tags.imp_tag != -1) {
250 {
251 if (asn1_tags.imp_class == V_ASN1_UNIVERSAL 244 if (asn1_tags.imp_class == V_ASN1_UNIVERSAL
252 && (asn1_tags.imp_tag == V_ASN1_SEQUENCE 245 && (asn1_tags.imp_tag == V_ASN1_SEQUENCE
253 || asn1_tags.imp_tag == V_ASN1_SET) ) 246 || asn1_tags.imp_tag == V_ASN1_SET) )
@@ -284,11 +277,9 @@ static int asn1_cb(const char *elem, int len, void *bitstr)
284 277
285 int tmp_tag, tmp_class; 278 int tmp_tag, tmp_class;
286 279
287 for(i = 0, p = elem; i < len; p++, i++) 280 for(i = 0, p = elem; i < len; p++, i++) {
288 {
289 /* Look for the ':' in name value pairs */ 281 /* Look for the ':' in name value pairs */
290 if (*p == ':') 282 if (*p == ':') {
291 {
292 vstart = p + 1; 283 vstart = p + 1;
293 vlen = len - (vstart - elem); 284 vlen = len - (vstart - elem);
294 len = p - elem; 285 len = p - elem;
@@ -298,34 +289,29 @@ static int asn1_cb(const char *elem, int len, void *bitstr)
298 289
299 utype = asn1_str2tag(elem, len); 290 utype = asn1_str2tag(elem, len);
300 291
301 if (utype == -1) 292 if (utype == -1) {
302 {
303 ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKNOWN_TAG); 293 ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKNOWN_TAG);
304 ERR_add_error_data(2, "tag=", elem); 294 ERR_add_error_data(2, "tag=", elem);
305 return -1; 295 return -1;
306 } 296 }
307 297
308 /* If this is not a modifier mark end of string and exit */ 298 /* If this is not a modifier mark end of string and exit */
309 if (!(utype & ASN1_GEN_FLAG)) 299 if (!(utype & ASN1_GEN_FLAG)) {
310 {
311 arg->utype = utype; 300 arg->utype = utype;
312 arg->str = vstart; 301 arg->str = vstart;
313 /* If no value and not end of string, error */ 302 /* If no value and not end of string, error */
314 if (!vstart && elem[len]) 303 if (!vstart && elem[len]) {
315 {
316 ASN1err(ASN1_F_ASN1_CB, ASN1_R_MISSING_VALUE); 304 ASN1err(ASN1_F_ASN1_CB, ASN1_R_MISSING_VALUE);
317 return -1; 305 return -1;
318 } 306 }
319 return 0; 307 return 0;
320 } 308 }
321 309
322 switch(utype) 310 switch(utype) {
323 {
324 311
325 case ASN1_GEN_FLAG_IMP: 312 case ASN1_GEN_FLAG_IMP:
326 /* Check for illegal multiple IMPLICIT tagging */ 313 /* Check for illegal multiple IMPLICIT tagging */
327 if (arg->imp_tag != -1) 314 if (arg->imp_tag != -1) {
328 {
329 ASN1err(ASN1_F_ASN1_CB, ASN1_R_ILLEGAL_NESTED_TAGGING); 315 ASN1err(ASN1_F_ASN1_CB, ASN1_R_ILLEGAL_NESTED_TAGGING);
330 return -1; 316 return -1;
331 } 317 }
@@ -333,7 +319,7 @@ static int asn1_cb(const char *elem, int len, void *bitstr)
333 return -1; 319 return -1;
334 break; 320 break;
335 321
336 case ASN1_GEN_FLAG_EXP: 322 case ASN1_GEN_FLAG_EXP:
337 323
338 if (!parse_tagging(vstart, vlen, &tmp_tag, &tmp_class)) 324 if (!parse_tagging(vstart, vlen, &tmp_tag, &tmp_class))
339 return -1; 325 return -1;
@@ -341,27 +327,27 @@ static int asn1_cb(const char *elem, int len, void *bitstr)
341 return -1; 327 return -1;
342 break; 328 break;
343 329
344 case ASN1_GEN_FLAG_SEQWRAP: 330 case ASN1_GEN_FLAG_SEQWRAP:
345 if (!append_exp(arg, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, 1, 0, 1)) 331 if (!append_exp(arg, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, 1, 0, 1))
346 return -1; 332 return -1;
347 break; 333 break;
348 334
349 case ASN1_GEN_FLAG_SETWRAP: 335 case ASN1_GEN_FLAG_SETWRAP:
350 if (!append_exp(arg, V_ASN1_SET, V_ASN1_UNIVERSAL, 1, 0, 1)) 336 if (!append_exp(arg, V_ASN1_SET, V_ASN1_UNIVERSAL, 1, 0, 1))
351 return -1; 337 return -1;
352 break; 338 break;
353 339
354 case ASN1_GEN_FLAG_BITWRAP: 340 case ASN1_GEN_FLAG_BITWRAP:
355 if (!append_exp(arg, V_ASN1_BIT_STRING, V_ASN1_UNIVERSAL, 0, 1, 1)) 341 if (!append_exp(arg, V_ASN1_BIT_STRING, V_ASN1_UNIVERSAL, 0, 1, 1))
356 return -1; 342 return -1;
357 break; 343 break;
358 344
359 case ASN1_GEN_FLAG_OCTWRAP: 345 case ASN1_GEN_FLAG_OCTWRAP:
360 if (!append_exp(arg, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL, 0, 0, 1)) 346 if (!append_exp(arg, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL, 0, 0, 1))
361 return -1; 347 return -1;
362 break; 348 break;
363 349
364 case ASN1_GEN_FLAG_FORMAT: 350 case ASN1_GEN_FLAG_FORMAT:
365 if (!strncmp(vstart, "ASCII", 5)) 351 if (!strncmp(vstart, "ASCII", 5))
366 arg->format = ASN1_GEN_FORMAT_ASCII; 352 arg->format = ASN1_GEN_FORMAT_ASCII;
367 else if (!strncmp(vstart, "UTF8", 4)) 353 else if (!strncmp(vstart, "UTF8", 4))
@@ -370,8 +356,7 @@ static int asn1_cb(const char *elem, int len, void *bitstr)
370 arg->format = ASN1_GEN_FORMAT_HEX; 356 arg->format = ASN1_GEN_FORMAT_HEX;
371 else if (!strncmp(vstart, "BITLIST", 7)) 357 else if (!strncmp(vstart, "BITLIST", 7))
372 arg->format = ASN1_GEN_FORMAT_BITLIST; 358 arg->format = ASN1_GEN_FORMAT_BITLIST;
373 else 359 else {
374 {
375 ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKOWN_FORMAT); 360 ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKOWN_FORMAT);
376 return -1; 361 return -1;
377 } 362 }
@@ -394,8 +379,7 @@ static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass)
394 /* Check we haven't gone past max length: should be impossible */ 379 /* Check we haven't gone past max length: should be impossible */
395 if (eptr && *eptr && (eptr > vstart + vlen)) 380 if (eptr && *eptr && (eptr > vstart + vlen))
396 return 0; 381 return 0;
397 if (tag_num < 0) 382 if (tag_num < 0) {
398 {
399 ASN1err(ASN1_F_PARSE_TAGGING, ASN1_R_INVALID_NUMBER); 383 ASN1err(ASN1_F_PARSE_TAGGING, ASN1_R_INVALID_NUMBER);
400 return 0; 384 return 0;
401 } 385 }
@@ -405,24 +389,22 @@ static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass)
405 vlen -= eptr - vstart; 389 vlen -= eptr - vstart;
406 else 390 else
407 vlen = 0; 391 vlen = 0;
408 if (vlen) 392 if (vlen) {
409 { 393 switch (*eptr) {
410 switch (*eptr)
411 {
412 394
413 case 'U': 395 case 'U':
414 *pclass = V_ASN1_UNIVERSAL; 396 *pclass = V_ASN1_UNIVERSAL;
415 break; 397 break;
416 398
417 case 'A': 399 case 'A':
418 *pclass = V_ASN1_APPLICATION; 400 *pclass = V_ASN1_APPLICATION;
419 break; 401 break;
420 402
421 case 'P': 403 case 'P':
422 *pclass = V_ASN1_PRIVATE; 404 *pclass = V_ASN1_PRIVATE;
423 break; 405 break;
424 406
425 case 'C': 407 case 'C':
426 *pclass = V_ASN1_CONTEXT_SPECIFIC; 408 *pclass = V_ASN1_CONTEXT_SPECIFIC;
427 break; 409 break;
428 410
@@ -456,15 +438,13 @@ static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf)
456 sk = sk_ASN1_TYPE_new_null(); 438 sk = sk_ASN1_TYPE_new_null();
457 if (!sk) 439 if (!sk)
458 goto bad; 440 goto bad;
459 if (section) 441 if (section) {
460 {
461 if (!cnf) 442 if (!cnf)
462 goto bad; 443 goto bad;
463 sect = X509V3_get_section(cnf, (char *)section); 444 sect = X509V3_get_section(cnf, (char *)section);
464 if (!sect) 445 if (!sect)
465 goto bad; 446 goto bad;
466 for (i = 0; i < sk_CONF_VALUE_num(sect); i++) 447 for (i = 0; i < sk_CONF_VALUE_num(sect); i++) {
467 {
468 ASN1_TYPE *typ = ASN1_generate_v3(sk_CONF_VALUE_value(sect, i)->value, cnf); 448 ASN1_TYPE *typ = ASN1_generate_v3(sk_CONF_VALUE_value(sect, i)->value, cnf);
469 if (!typ) 449 if (!typ)
470 goto bad; 450 goto bad;
@@ -513,14 +493,12 @@ static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class, int exp_cons
513{ 493{
514 tag_exp_type *exp_tmp; 494 tag_exp_type *exp_tmp;
515 /* Can only have IMPLICIT if permitted */ 495 /* Can only have IMPLICIT if permitted */
516 if ((arg->imp_tag != -1) && !imp_ok) 496 if ((arg->imp_tag != -1) && !imp_ok) {
517 {
518 ASN1err(ASN1_F_APPEND_EXP, ASN1_R_ILLEGAL_IMPLICIT_TAG); 497 ASN1err(ASN1_F_APPEND_EXP, ASN1_R_ILLEGAL_IMPLICIT_TAG);
519 return 0; 498 return 0;
520 } 499 }
521 500
522 if (arg->exp_count == ASN1_FLAG_EXP_MAX) 501 if (arg->exp_count == ASN1_FLAG_EXP_MAX) {
523 {
524 ASN1err(ASN1_F_APPEND_EXP, ASN1_R_DEPTH_EXCEEDED); 502 ASN1err(ASN1_F_APPEND_EXP, ASN1_R_DEPTH_EXCEEDED);
525 return 0; 503 return 0;
526 } 504 }
@@ -530,15 +508,12 @@ static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class, int exp_cons
530 /* If IMPLICIT set tag to implicit value then 508 /* If IMPLICIT set tag to implicit value then
531 * reset implicit tag since it has been used. 509 * reset implicit tag since it has been used.
532 */ 510 */
533 if (arg->imp_tag != -1) 511 if (arg->imp_tag != -1) {
534 {
535 exp_tmp->exp_tag = arg->imp_tag; 512 exp_tmp->exp_tag = arg->imp_tag;
536 exp_tmp->exp_class = arg->imp_class; 513 exp_tmp->exp_class = arg->imp_class;
537 arg->imp_tag = -1; 514 arg->imp_tag = -1;
538 arg->imp_class = -1; 515 arg->imp_class = -1;
539 } 516 } else {
540 else
541 {
542 exp_tmp->exp_tag = exp_tag; 517 exp_tmp->exp_tag = exp_tag;
543 exp_tmp->exp_class = exp_class; 518 exp_tmp->exp_class = exp_class;
544 } 519 }
@@ -617,8 +592,7 @@ static int asn1_str2tag(const char *tagstr, int len)
617 len = strlen(tagstr); 592 len = strlen(tagstr);
618 593
619 tntmp = tnst; 594 tntmp = tnst;
620 for (i = 0; i < sizeof(tnst) / sizeof(struct tag_name_st); i++, tntmp++) 595 for (i = 0; i < sizeof(tnst) / sizeof(struct tag_name_st); i++, tntmp++) {
621 {
622 if ((len == tntmp->len) && !strncmp(tntmp->strnam, tagstr, len)) 596 if ((len == tntmp->len) && !strncmp(tntmp->strnam, tagstr, len))
623 return tntmp->tag; 597 return tntmp->tag;
624 } 598 }
@@ -637,8 +611,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
637 611
638 int no_unused = 1; 612 int no_unused = 1;
639 613
640 if (!(atmp = ASN1_TYPE_new())) 614 if (!(atmp = ASN1_TYPE_new())) {
641 {
642 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE); 615 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
643 return NULL; 616 return NULL;
644 } 617 }
@@ -646,110 +619,96 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
646 if (!str) 619 if (!str)
647 str = ""; 620 str = "";
648 621
649 switch(utype) 622 switch(utype) {
650 {
651 623
652 case V_ASN1_NULL: 624 case V_ASN1_NULL:
653 if (str && *str) 625 if (str && *str) {
654 {
655 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_NULL_VALUE); 626 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_NULL_VALUE);
656 goto bad_form; 627 goto bad_form;
657 } 628 }
658 break; 629 break;
659 630
660 case V_ASN1_BOOLEAN: 631 case V_ASN1_BOOLEAN:
661 if (format != ASN1_GEN_FORMAT_ASCII) 632 if (format != ASN1_GEN_FORMAT_ASCII) {
662 {
663 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_NOT_ASCII_FORMAT); 633 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_NOT_ASCII_FORMAT);
664 goto bad_form; 634 goto bad_form;
665 } 635 }
666 vtmp.name = NULL; 636 vtmp.name = NULL;
667 vtmp.section = NULL; 637 vtmp.section = NULL;
668 vtmp.value = (char *)str; 638 vtmp.value = (char *)str;
669 if (!X509V3_get_value_bool(&vtmp, &atmp->value.boolean)) 639 if (!X509V3_get_value_bool(&vtmp, &atmp->value.boolean)) {
670 {
671 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_BOOLEAN); 640 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_BOOLEAN);
672 goto bad_str; 641 goto bad_str;
673 } 642 }
674 break; 643 break;
675 644
676 case V_ASN1_INTEGER: 645 case V_ASN1_INTEGER:
677 case V_ASN1_ENUMERATED: 646 case V_ASN1_ENUMERATED:
678 if (format != ASN1_GEN_FORMAT_ASCII) 647 if (format != ASN1_GEN_FORMAT_ASCII) {
679 {
680 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_INTEGER_NOT_ASCII_FORMAT); 648 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_INTEGER_NOT_ASCII_FORMAT);
681 goto bad_form; 649 goto bad_form;
682 } 650 }
683 if (!(atmp->value.integer = s2i_ASN1_INTEGER(NULL, (char *)str))) 651 if (!(atmp->value.integer = s2i_ASN1_INTEGER(NULL, (char *)str))) {
684 {
685 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_INTEGER); 652 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_INTEGER);
686 goto bad_str; 653 goto bad_str;
687 } 654 }
688 break; 655 break;
689 656
690 case V_ASN1_OBJECT: 657 case V_ASN1_OBJECT:
691 if (format != ASN1_GEN_FORMAT_ASCII) 658 if (format != ASN1_GEN_FORMAT_ASCII) {
692 {
693 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_OBJECT_NOT_ASCII_FORMAT); 659 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_OBJECT_NOT_ASCII_FORMAT);
694 goto bad_form; 660 goto bad_form;
695 } 661 }
696 if (!(atmp->value.object = OBJ_txt2obj(str, 0))) 662 if (!(atmp->value.object = OBJ_txt2obj(str, 0))) {
697 {
698 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_OBJECT); 663 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_OBJECT);
699 goto bad_str; 664 goto bad_str;
700 } 665 }
701 break; 666 break;
702 667
703 case V_ASN1_UTCTIME: 668 case V_ASN1_UTCTIME:
704 case V_ASN1_GENERALIZEDTIME: 669 case V_ASN1_GENERALIZEDTIME:
705 if (format != ASN1_GEN_FORMAT_ASCII) 670 if (format != ASN1_GEN_FORMAT_ASCII) {
706 {
707 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_TIME_NOT_ASCII_FORMAT); 671 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_TIME_NOT_ASCII_FORMAT);
708 goto bad_form; 672 goto bad_form;
709 } 673 }
710 if (!(atmp->value.asn1_string = ASN1_STRING_new())) 674 if (!(atmp->value.asn1_string = ASN1_STRING_new())) {
711 {
712 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE); 675 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
713 goto bad_str; 676 goto bad_str;
714 } 677 }
715 if (!ASN1_STRING_set(atmp->value.asn1_string, str, -1)) 678 if (!ASN1_STRING_set(atmp->value.asn1_string, str, -1)) {
716 {
717 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE); 679 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
718 goto bad_str; 680 goto bad_str;
719 } 681 }
720 atmp->value.asn1_string->type = utype; 682 atmp->value.asn1_string->type = utype;
721 if (!ASN1_TIME_check(atmp->value.asn1_string)) 683 if (!ASN1_TIME_check(atmp->value.asn1_string)) {
722 {
723 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_TIME_VALUE); 684 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_TIME_VALUE);
724 goto bad_str; 685 goto bad_str;
725 } 686 }
726 687
727 break; 688 break;
728 689
729 case V_ASN1_BMPSTRING: 690 case V_ASN1_BMPSTRING:
730 case V_ASN1_PRINTABLESTRING: 691 case V_ASN1_PRINTABLESTRING:
731 case V_ASN1_IA5STRING: 692 case V_ASN1_IA5STRING:
732 case V_ASN1_T61STRING: 693 case V_ASN1_T61STRING:
733 case V_ASN1_UTF8STRING: 694 case V_ASN1_UTF8STRING:
734 case V_ASN1_VISIBLESTRING: 695 case V_ASN1_VISIBLESTRING:
735 case V_ASN1_UNIVERSALSTRING: 696 case V_ASN1_UNIVERSALSTRING:
736 case V_ASN1_GENERALSTRING: 697 case V_ASN1_GENERALSTRING:
737 case V_ASN1_NUMERICSTRING: 698 case V_ASN1_NUMERICSTRING:
738 699
739 if (format == ASN1_GEN_FORMAT_ASCII) 700 if (format == ASN1_GEN_FORMAT_ASCII)
740 format = MBSTRING_ASC; 701 format = MBSTRING_ASC;
741 else if (format == ASN1_GEN_FORMAT_UTF8) 702 else if (format == ASN1_GEN_FORMAT_UTF8)
742 format = MBSTRING_UTF8; 703 format = MBSTRING_UTF8;
743 else 704 else {
744 {
745 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_FORMAT); 705 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_FORMAT);
746 goto bad_form; 706 goto bad_form;
747 } 707 }
748 708
749 709
750 if (ASN1_mbstring_copy(&atmp->value.asn1_string, (unsigned char *)str, 710 if (ASN1_mbstring_copy(&atmp->value.asn1_string, (unsigned char *)str,
751 -1, format, ASN1_tag2bit(utype)) <= 0) 711 -1, format, ASN1_tag2bit(utype)) <= 0) {
752 {
753 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE); 712 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
754 goto bad_str; 713 goto bad_str;
755 } 714 }
@@ -757,21 +716,18 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
757 716
758 break; 717 break;
759 718
760 case V_ASN1_BIT_STRING: 719 case V_ASN1_BIT_STRING:
761 720
762 case V_ASN1_OCTET_STRING: 721 case V_ASN1_OCTET_STRING:
763 722
764 if (!(atmp->value.asn1_string = ASN1_STRING_new())) 723 if (!(atmp->value.asn1_string = ASN1_STRING_new())) {
765 {
766 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE); 724 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
767 goto bad_form; 725 goto bad_form;
768 } 726 }
769 727
770 if (format == ASN1_GEN_FORMAT_HEX) 728 if (format == ASN1_GEN_FORMAT_HEX) {
771 {
772 729
773 if (!(rdata = string_to_hex((char *)str, &rdlen))) 730 if (!(rdata = string_to_hex((char *)str, &rdlen))) {
774 {
775 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_HEX); 731 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_HEX);
776 goto bad_str; 732 goto bad_str;
777 } 733 }
@@ -783,24 +739,19 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
783 } 739 }
784 else if (format == ASN1_GEN_FORMAT_ASCII) 740 else if (format == ASN1_GEN_FORMAT_ASCII)
785 ASN1_STRING_set(atmp->value.asn1_string, str, -1); 741 ASN1_STRING_set(atmp->value.asn1_string, str, -1);
786 else if ((format == ASN1_GEN_FORMAT_BITLIST) && (utype == V_ASN1_BIT_STRING)) 742 else if ((format == ASN1_GEN_FORMAT_BITLIST) && (utype == V_ASN1_BIT_STRING)) {
787 { 743 if (!CONF_parse_list(str, ',', 1, bitstr_cb, atmp->value.bit_string)) {
788 if (!CONF_parse_list(str, ',', 1, bitstr_cb, atmp->value.bit_string))
789 {
790 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_LIST_ERROR); 744 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_LIST_ERROR);
791 goto bad_str; 745 goto bad_str;
792 } 746 }
793 no_unused = 0; 747 no_unused = 0;
794 748
795 } 749 } else {
796 else
797 {
798 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_BITSTRING_FORMAT); 750 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_BITSTRING_FORMAT);
799 goto bad_form; 751 goto bad_form;
800 } 752 }
801 753
802 if ((utype == V_ASN1_BIT_STRING) && no_unused) 754 if ((utype == V_ASN1_BIT_STRING) && no_unused) {
803 {
804 atmp->value.asn1_string->flags 755 atmp->value.asn1_string->flags
805 &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); 756 &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
806 atmp->value.asn1_string->flags 757 atmp->value.asn1_string->flags
@@ -810,7 +761,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
810 761
811 break; 762 break;
812 763
813 default: 764 default:
814 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_UNSUPPORTED_TYPE); 765 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_UNSUPPORTED_TYPE);
815 goto bad_str; 766 goto bad_str;
816 break; 767 break;
@@ -821,9 +772,9 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype)
821 return atmp; 772 return atmp;
822 773
823 774
824 bad_str: 775bad_str:
825 ERR_add_error_data(2, "string=", str); 776 ERR_add_error_data(2, "string=", str);
826 bad_form: 777bad_form:
827 778
828 ASN1_TYPE_free(atmp); 779 ASN1_TYPE_free(atmp);
829 return NULL; 780 return NULL;
@@ -839,13 +790,11 @@ static int bitstr_cb(const char *elem, int len, void *bitstr)
839 bitnum = strtoul(elem, &eptr, 10); 790 bitnum = strtoul(elem, &eptr, 10);
840 if (eptr && *eptr && (eptr != elem + len)) 791 if (eptr && *eptr && (eptr != elem + len))
841 return 0; 792 return 0;
842 if (bitnum < 0) 793 if (bitnum < 0) {
843 {
844 ASN1err(ASN1_F_BITSTR_CB, ASN1_R_INVALID_NUMBER); 794 ASN1err(ASN1_F_BITSTR_CB, ASN1_R_INVALID_NUMBER);
845 return 0; 795 return 0;
846 } 796 }
847 if (!ASN1_BIT_STRING_set_bit(bitstr, bitnum, 1)) 797 if (!ASN1_BIT_STRING_set_bit(bitstr, bitnum, 1)) {
848 {
849 ASN1err(ASN1_F_BITSTR_CB, ERR_R_MALLOC_FAILURE); 798 ASN1err(ASN1_F_BITSTR_CB, ERR_R_MALLOC_FAILURE);
850 return 0; 799 return 0;
851 } 800 }
diff --git a/src/lib/libssl/src/crypto/asn1/asn1_lib.c b/src/lib/libssl/src/crypto/asn1/asn1_lib.c
index 6ec383859f..7693556281 100644
--- a/src/lib/libssl/src/crypto/asn1/asn1_lib.c
+++ b/src/lib/libssl/src/crypto/asn1/asn1_lib.c
@@ -72,8 +72,7 @@ static int _asn1_check_infinite_end(const unsigned char **p, long len)
72 * things up */ 72 * things up */
73 if (len <= 0) 73 if (len <= 0)
74 return(1); 74 return(1);
75 else if ((len >= 2) && ((*p)[0] == 0) && ((*p)[1] == 0)) 75 else if ((len >= 2) && ((*p)[0] == 0) && ((*p)[1] == 0)) {
76 {
77 (*p)+=2; 76 (*p)+=2;
78 return(1); 77 return(1);
79 } 78 }
@@ -104,13 +103,11 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
104 ret=(*p&V_ASN1_CONSTRUCTED); 103 ret=(*p&V_ASN1_CONSTRUCTED);
105 xclass=(*p&V_ASN1_PRIVATE); 104 xclass=(*p&V_ASN1_PRIVATE);
106 i= *p&V_ASN1_PRIMITIVE_TAG; 105 i= *p&V_ASN1_PRIMITIVE_TAG;
107 if (i == V_ASN1_PRIMITIVE_TAG) 106 if (i == V_ASN1_PRIMITIVE_TAG) { /* high-tag */
108 { /* high-tag */
109 p++; 107 p++;
110 if (--max == 0) goto err; 108 if (--max == 0) goto err;
111 l=0; 109 l=0;
112 while (*p&0x80) 110 while (*p&0x80) {
113 {
114 l<<=7L; 111 l<<=7L;
115 l|= *(p++)&0x7f; 112 l|= *(p++)&0x7f;
116 if (--max == 0) goto err; 113 if (--max == 0) goto err;
@@ -120,9 +117,7 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
120 l|= *(p++)&0x7f; 117 l|= *(p++)&0x7f;
121 tag=(int)l; 118 tag=(int)l;
122 if (--max == 0) goto err; 119 if (--max == 0) goto err;
123 } 120 } else {
124 else
125 {
126 tag=i; 121 tag=i;
127 p++; 122 p++;
128 if (--max == 0) goto err; 123 if (--max == 0) goto err;
@@ -137,8 +132,7 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
137 (int)(omax+ *pp)); 132 (int)(omax+ *pp));
138 133
139#endif 134#endif
140 if (*plength > (omax - (p - *pp))) 135 if (*plength > (omax - (p - *pp))) {
141 {
142 ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG); 136 ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
143 /* Set this so that even if things are not long enough 137 /* Set this so that even if things are not long enough
144 * the values are set correctly */ 138 * the values are set correctly */
@@ -158,23 +152,18 @@ static int asn1_get_length(const unsigned char **pp, int *inf, long *rl, int max
158 unsigned int i; 152 unsigned int i;
159 153
160 if (max-- < 1) return(0); 154 if (max-- < 1) return(0);
161 if (*p == 0x80) 155 if (*p == 0x80) {
162 {
163 *inf=1; 156 *inf=1;
164 ret=0; 157 ret=0;
165 p++; 158 p++;
166 } 159 } else {
167 else
168 {
169 *inf=0; 160 *inf=0;
170 i= *p&0x7f; 161 i= *p&0x7f;
171 if (*(p++) & 0x80) 162 if (*(p++) & 0x80) {
172 {
173 if (i > sizeof(long)) 163 if (i > sizeof(long))
174 return 0; 164 return 0;
175 if (max-- == 0) return(0); 165 if (max-- == 0) return(0);
176 while (i-- > 0) 166 while (i-- > 0) {
177 {
178 ret<<=8L; 167 ret<<=8L;
179 ret|= *(p++); 168 ret|= *(p++);
180 if (max-- == 0) return(0); 169 if (max-- == 0) return(0);
@@ -202,13 +191,11 @@ void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag,
202 i|=(xclass&V_ASN1_PRIVATE); 191 i|=(xclass&V_ASN1_PRIVATE);
203 if (tag < 31) 192 if (tag < 31)
204 *(p++)=i|(tag&V_ASN1_PRIMITIVE_TAG); 193 *(p++)=i|(tag&V_ASN1_PRIMITIVE_TAG);
205 else 194 else {
206 {
207 *(p++)=i|V_ASN1_PRIMITIVE_TAG; 195 *(p++)=i|V_ASN1_PRIMITIVE_TAG;
208 for(i = 0, ttag = tag; ttag > 0; i++) ttag >>=7; 196 for(i = 0, ttag = tag; ttag > 0; i++) ttag >>=7;
209 ttag = i; 197 ttag = i;
210 while(i-- > 0) 198 while(i-- > 0) {
211 {
212 p[i] = tag & 0x7f; 199 p[i] = tag & 0x7f;
213 if(i != (ttag - 1)) p[i] |= 0x80; 200 if(i != (ttag - 1)) p[i] |= 0x80;
214 tag >>= 7; 201 tag >>= 7;
@@ -237,15 +224,13 @@ static void asn1_put_length(unsigned char **pp, int length)
237 int i,l; 224 int i,l;
238 if (length <= 127) 225 if (length <= 127)
239 *(p++)=(unsigned char)length; 226 *(p++)=(unsigned char)length;
240 else 227 else {
241 {
242 l=length; 228 l=length;
243 for (i=0; l > 0; i++) 229 for (i=0; l > 0; i++)
244 l>>=8; 230 l>>=8;
245 *(p++)=i|0x80; 231 *(p++)=i|0x80;
246 l=i; 232 l=i;
247 while (i-- > 0) 233 while (i-- > 0) {
248 {
249 p[i]=length&0xff; 234 p[i]=length&0xff;
250 length>>=8; 235 length>>=8;
251 } 236 }
@@ -260,10 +245,8 @@ int ASN1_object_size(int constructed, int length, int tag)
260 245
261 ret=length; 246 ret=length;
262 ret++; 247 ret++;
263 if (tag >= 31) 248 if (tag >= 31) {
264 { 249 while (tag > 0) {
265 while (tag > 0)
266 {
267 tag>>=7; 250 tag>>=7;
268 ret++; 251 ret++;
269 } 252 }
@@ -271,10 +254,8 @@ int ASN1_object_size(int constructed, int length, int tag)
271 if (constructed == 2) 254 if (constructed == 2)
272 return ret + 3; 255 return ret + 3;
273 ret++; 256 ret++;
274 if (length > 127) 257 if (length > 127) {
275 { 258 while (length > 0) {
276 while (length > 0)
277 {
278 length>>=8; 259 length>>=8;
279 ret++; 260 ret++;
280 } 261 }
@@ -284,17 +265,14 @@ int ASN1_object_size(int constructed, int length, int tag)
284 265
285static int _asn1_Finish(ASN1_const_CTX *c) 266static int _asn1_Finish(ASN1_const_CTX *c)
286{ 267{
287 if ((c->inf == (1|V_ASN1_CONSTRUCTED)) && (!c->eos)) 268 if ((c->inf == (1|V_ASN1_CONSTRUCTED)) && (!c->eos)) {
288 { 269 if (!ASN1_const_check_infinite_end(&c->p,c->slen)) {
289 if (!ASN1_const_check_infinite_end(&c->p,c->slen))
290 {
291 c->error=ERR_R_MISSING_ASN1_EOS; 270 c->error=ERR_R_MISSING_ASN1_EOS;
292 return(0); 271 return(0);
293 } 272 }
294 } 273 }
295 if ( ((c->slen != 0) && !(c->inf & 1)) || 274 if ( ((c->slen != 0) && !(c->inf & 1)) ||
296 ((c->slen < 0) && (c->inf & 1))) 275 ((c->slen < 0) && (c->inf & 1))) {
297 {
298 c->error=ERR_R_ASN1_LENGTH_MISMATCH; 276 c->error=ERR_R_ASN1_LENGTH_MISMATCH;
299 return(0); 277 return(0);
300 } 278 }
@@ -318,19 +296,16 @@ int asn1_GetSequence(ASN1_const_CTX *c, long *length)
318 q=c->p; 296 q=c->p;
319 c->inf=ASN1_get_object(&(c->p),&(c->slen),&(c->tag),&(c->xclass), 297 c->inf=ASN1_get_object(&(c->p),&(c->slen),&(c->tag),&(c->xclass),
320 *length); 298 *length);
321 if (c->inf & 0x80) 299 if (c->inf & 0x80) {
322 {
323 c->error=ERR_R_BAD_GET_ASN1_OBJECT_CALL; 300 c->error=ERR_R_BAD_GET_ASN1_OBJECT_CALL;
324 return(0); 301 return(0);
325 } 302 }
326 if (c->tag != V_ASN1_SEQUENCE) 303 if (c->tag != V_ASN1_SEQUENCE) {
327 {
328 c->error=ERR_R_EXPECTING_AN_ASN1_SEQUENCE; 304 c->error=ERR_R_EXPECTING_AN_ASN1_SEQUENCE;
329 return(0); 305 return(0);
330 } 306 }
331 (*length)-=(c->p-q); 307 (*length)-=(c->p-q);
332 if (c->max && (*length < 0)) 308 if (c->max && (*length < 0)) {
333 {
334 c->error=ERR_R_ASN1_LENGTH_MISMATCH; 309 c->error=ERR_R_ASN1_LENGTH_MISMATCH;
335 return(0); 310 return(0);
336 } 311 }
@@ -359,8 +334,7 @@ ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *str)
359 ret=ASN1_STRING_new(); 334 ret=ASN1_STRING_new();
360 if (!ret) 335 if (!ret)
361 return NULL; 336 return NULL;
362 if (!ASN1_STRING_copy(ret,str)) 337 if (!ASN1_STRING_copy(ret,str)) {
363 {
364 ASN1_STRING_free(ret); 338 ASN1_STRING_free(ret);
365 return NULL; 339 return NULL;
366 } 340 }
@@ -372,31 +346,27 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
372 unsigned char *c; 346 unsigned char *c;
373 const char *data=_data; 347 const char *data=_data;
374 348
375 if (len < 0) 349 if (len < 0) {
376 {
377 if (data == NULL) 350 if (data == NULL)
378 return(0); 351 return(0);
379 else 352 else
380 len=strlen(data); 353 len=strlen(data);
381 } 354 }
382 if ((str->length < len) || (str->data == NULL)) 355 if ((str->length < len) || (str->data == NULL)) {
383 {
384 c=str->data; 356 c=str->data;
385 if (c == NULL) 357 if (c == NULL)
386 str->data=malloc(len+1); 358 str->data=malloc(len+1);
387 else 359 else
388 str->data=realloc(c,len+1); 360 str->data=realloc(c,len+1);
389 361
390 if (str->data == NULL) 362 if (str->data == NULL) {
391 {
392 ASN1err(ASN1_F_ASN1_STRING_SET,ERR_R_MALLOC_FAILURE); 363 ASN1err(ASN1_F_ASN1_STRING_SET,ERR_R_MALLOC_FAILURE);
393 str->data=c; 364 str->data=c;
394 return(0); 365 return(0);
395 } 366 }
396 } 367 }
397 str->length=len; 368 str->length=len;
398 if (data != NULL) 369 if (data != NULL) {
399 {
400 memcpy(str->data,data,len); 370 memcpy(str->data,data,len);
401 /* an allowance for strings :-) */ 371 /* an allowance for strings :-) */
402 str->data[len]='\0'; 372 str->data[len]='\0';
@@ -423,8 +393,7 @@ ASN1_STRING *ASN1_STRING_type_new(int type)
423 ASN1_STRING *ret; 393 ASN1_STRING *ret;
424 394
425 ret=(ASN1_STRING *)malloc(sizeof(ASN1_STRING)); 395 ret=(ASN1_STRING *)malloc(sizeof(ASN1_STRING));
426 if (ret == NULL) 396 if (ret == NULL) {
427 {
428 ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW,ERR_R_MALLOC_FAILURE); 397 ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW,ERR_R_MALLOC_FAILURE);
429 return(NULL); 398 return(NULL);
430 } 399 }
@@ -448,8 +417,7 @@ int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
448 int i; 417 int i;
449 418
450 i=(a->length-b->length); 419 i=(a->length-b->length);
451 if (i == 0) 420 if (i == 0) {
452 {
453 i=memcmp(a->data,b->data,a->length); 421 i=memcmp(a->data,b->data,a->length);
454 if (i == 0) 422 if (i == 0)
455 return(a->type-b->type); 423 return(a->type-b->type);
diff --git a/src/lib/libssl/src/crypto/asn1/asn1_par.c b/src/lib/libssl/src/crypto/asn1/asn1_par.c
index d68d4a8298..d3d2f52481 100644
--- a/src/lib/libssl/src/crypto/asn1/asn1_par.c
+++ b/src/lib/libssl/src/crypto/asn1/asn1_par.c
@@ -129,15 +129,13 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offse
129 p= *pp; 129 p= *pp;
130 tot=p+length; 130 tot=p+length;
131 op=p-1; 131 op=p-1;
132 while ((p < tot) && (op < p)) 132 while ((p < tot) && (op < p)) {
133 {
134 op=p; 133 op=p;
135 j=ASN1_get_object(&p,&len,&tag,&xclass,length); 134 j=ASN1_get_object(&p,&len,&tag,&xclass,length);
136#ifdef LINT 135#ifdef LINT
137 j=j; 136 j=j;
138#endif 137#endif
139 if (j & 0x80) 138 if (j & 0x80) {
140 {
141 if (BIO_write(bp,"Error in encoding\n",18) <= 0) 139 if (BIO_write(bp,"Error in encoding\n",18) <= 0)
142 goto end; 140 goto end;
143 ret=0; 141 ret=0;
@@ -149,35 +147,28 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offse
149 if (BIO_printf(bp,"%5ld:",(long)offset+(long)(op- *pp)) 147 if (BIO_printf(bp,"%5ld:",(long)offset+(long)(op- *pp))
150 <= 0) goto end; 148 <= 0) goto end;
151 149
152 if (j != (V_ASN1_CONSTRUCTED | 1)) 150 if (j != (V_ASN1_CONSTRUCTED | 1)) {
153 {
154 if (BIO_printf(bp,"d=%-2d hl=%ld l=%4ld ", 151 if (BIO_printf(bp,"d=%-2d hl=%ld l=%4ld ",
155 depth,(long)hl,len) <= 0) 152 depth,(long)hl,len) <= 0)
156 goto end; 153 goto end;
157 } 154 } else {
158 else
159 {
160 if (BIO_printf(bp,"d=%-2d hl=%ld l=inf ", 155 if (BIO_printf(bp,"d=%-2d hl=%ld l=inf ",
161 depth,(long)hl) <= 0) 156 depth,(long)hl) <= 0)
162 goto end; 157 goto end;
163 } 158 }
164 if (!asn1_print_info(bp,tag,xclass,j,(indent)?depth:0)) 159 if (!asn1_print_info(bp,tag,xclass,j,(indent)?depth:0))
165 goto end; 160 goto end;
166 if (j & V_ASN1_CONSTRUCTED) 161 if (j & V_ASN1_CONSTRUCTED) {
167 {
168 ep=p+len; 162 ep=p+len;
169 if (BIO_write(bp,"\n",1) <= 0) goto end; 163 if (BIO_write(bp,"\n",1) <= 0) goto end;
170 if (len > length) 164 if (len > length) {
171 {
172 BIO_printf(bp, 165 BIO_printf(bp,
173 "length is greater than %ld\n",length); 166 "length is greater than %ld\n",length);
174 ret=0; 167 ret=0;
175 goto end; 168 goto end;
176 } 169 }
177 if ((j == 0x21) && (len == 0)) 170 if ((j == 0x21) && (len == 0)) {
178 { 171 for (;;) {
179 for (;;)
180 {
181 r=asn1_parse2(bp,&p,(long)(tot-p), 172 r=asn1_parse2(bp,&p,(long)(tot-p),
182 offset+(p - *pp),depth+1, 173 offset+(p - *pp),depth+1,
183 indent,dump); 174 indent,dump);
@@ -186,21 +177,16 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offse
186 } 177 }
187 } 178 }
188 else 179 else
189 while (p < ep) 180 while (p < ep) {
190 {
191 r=asn1_parse2(bp,&p,(long)len, 181 r=asn1_parse2(bp,&p,(long)len,
192 offset+(p - *pp),depth+1, 182 offset+(p - *pp),depth+1,
193 indent,dump); 183 indent,dump);
194 if (r == 0) { ret=0; goto end; } 184 if (r == 0) { ret=0; goto end; }
195 } 185 }
196 } 186 } else if (xclass != 0) {
197 else if (xclass != 0)
198 {
199 p+=len; 187 p+=len;
200 if (BIO_write(bp,"\n",1) <= 0) goto end; 188 if (BIO_write(bp,"\n",1) <= 0) goto end;
201 } 189 } else {
202 else
203 {
204 nl=0; 190 nl=0;
205 if ( (tag == V_ASN1_PRINTABLESTRING) || 191 if ( (tag == V_ASN1_PRINTABLESTRING) ||
206 (tag == V_ASN1_T61STRING) || 192 (tag == V_ASN1_T61STRING) ||
@@ -209,95 +195,72 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offse
209 (tag == V_ASN1_NUMERICSTRING) || 195 (tag == V_ASN1_NUMERICSTRING) ||
210 (tag == V_ASN1_UTF8STRING) || 196 (tag == V_ASN1_UTF8STRING) ||
211 (tag == V_ASN1_UTCTIME) || 197 (tag == V_ASN1_UTCTIME) ||
212 (tag == V_ASN1_GENERALIZEDTIME)) 198 (tag == V_ASN1_GENERALIZEDTIME)) {
213 {
214 if (BIO_write(bp,":",1) <= 0) goto end; 199 if (BIO_write(bp,":",1) <= 0) goto end;
215 if ((len > 0) && 200 if ((len > 0) &&
216 BIO_write(bp,(const char *)p,(int)len) 201 BIO_write(bp,(const char *)p,(int)len)
217 != (int)len) 202 != (int)len)
218 goto end; 203 goto end;
219 } 204 } else if (tag == V_ASN1_OBJECT) {
220 else if (tag == V_ASN1_OBJECT)
221 {
222 opp=op; 205 opp=op;
223 if (d2i_ASN1_OBJECT(&o,&opp,len+hl) != NULL) 206 if (d2i_ASN1_OBJECT(&o,&opp,len+hl) != NULL) {
224 {
225 if (BIO_write(bp,":",1) <= 0) goto end; 207 if (BIO_write(bp,":",1) <= 0) goto end;
226 i2a_ASN1_OBJECT(bp,o); 208 i2a_ASN1_OBJECT(bp,o);
227 } 209 } else {
228 else
229 {
230 if (BIO_write(bp,":BAD OBJECT",11) <= 0) 210 if (BIO_write(bp,":BAD OBJECT",11) <= 0)
231 goto end; 211 goto end;
232 } 212 }
233 } 213 } else if (tag == V_ASN1_BOOLEAN) {
234 else if (tag == V_ASN1_BOOLEAN)
235 {
236 int ii; 214 int ii;
237 215
238 opp=op; 216 opp=op;
239 ii=d2i_ASN1_BOOLEAN(NULL,&opp,len+hl); 217 ii=d2i_ASN1_BOOLEAN(NULL,&opp,len+hl);
240 if (ii < 0) 218 if (ii < 0) {
241 {
242 if (BIO_write(bp,"Bad boolean\n",12) <= 0) 219 if (BIO_write(bp,"Bad boolean\n",12) <= 0)
243 goto end; 220 goto end;
244 } 221 }
245 BIO_printf(bp,":%d",ii); 222 BIO_printf(bp,":%d",ii);
246 } 223 } else if (tag == V_ASN1_BMPSTRING) {
247 else if (tag == V_ASN1_BMPSTRING)
248 {
249 /* do the BMP thang */ 224 /* do the BMP thang */
250 } 225 } else if (tag == V_ASN1_OCTET_STRING) {
251 else if (tag == V_ASN1_OCTET_STRING)
252 {
253 int i,printable=1; 226 int i,printable=1;
254 227
255 opp=op; 228 opp=op;
256 os=d2i_ASN1_OCTET_STRING(NULL,&opp,len+hl); 229 os=d2i_ASN1_OCTET_STRING(NULL,&opp,len+hl);
257 if (os != NULL && os->length > 0) 230 if (os != NULL && os->length > 0) {
258 {
259 opp = os->data; 231 opp = os->data;
260 /* testing whether the octet string is 232 /* testing whether the octet string is
261 * printable */ 233 * printable */
262 for (i=0; i<os->length; i++) 234 for (i=0; i<os->length; i++) {
263 {
264 if (( (opp[i] < ' ') && 235 if (( (opp[i] < ' ') &&
265 (opp[i] != '\n') && 236 (opp[i] != '\n') &&
266 (opp[i] != '\r') && 237 (opp[i] != '\r') &&
267 (opp[i] != '\t')) || 238 (opp[i] != '\t')) ||
268 (opp[i] > '~')) 239 (opp[i] > '~')) {
269 {
270 printable=0; 240 printable=0;
271 break; 241 break;
272 } 242 }
273 } 243 }
274 if (printable) 244 if (printable) {
275 /* printable string */ 245 /* printable string */
276 {
277 if (BIO_write(bp,":",1) <= 0) 246 if (BIO_write(bp,":",1) <= 0)
278 goto end; 247 goto end;
279 if (BIO_write(bp,(const char *)opp, 248 if (BIO_write(bp,(const char *)opp,
280 os->length) <= 0) 249 os->length) <= 0)
281 goto end; 250 goto end;
282 } 251 } else if (!dump) {
283 else if (!dump)
284 /* not printable => print octet string 252 /* not printable => print octet string
285 * as hex dump */ 253 * as hex dump */
286 {
287 if (BIO_write(bp,"[HEX DUMP]:",11) <= 0) 254 if (BIO_write(bp,"[HEX DUMP]:",11) <= 0)
288 goto end; 255 goto end;
289 for (i=0; i<os->length; i++) 256 for (i=0; i<os->length; i++) {
290 {
291 if (BIO_printf(bp,"%02X" 257 if (BIO_printf(bp,"%02X"
292 , opp[i]) <= 0) 258 , opp[i]) <= 0)
293 goto end; 259 goto end;
294 } 260 }
295 } 261 } else {
296 else
297 /* print the normal dump */ 262 /* print the normal dump */
298 { 263 if (!nl) {
299 if (!nl)
300 {
301 if (BIO_write(bp,"\n",1) <= 0) 264 if (BIO_write(bp,"\n",1) <= 0)
302 goto end; 265 goto end;
303 } 266 }
@@ -310,80 +273,62 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offse
310 nl=1; 273 nl=1;
311 } 274 }
312 } 275 }
313 if (os != NULL) 276 if (os != NULL) {
314 {
315 M_ASN1_OCTET_STRING_free(os); 277 M_ASN1_OCTET_STRING_free(os);
316 os=NULL; 278 os=NULL;
317 } 279 }
318 } 280 } else if (tag == V_ASN1_INTEGER) {
319 else if (tag == V_ASN1_INTEGER)
320 {
321 ASN1_INTEGER *bs; 281 ASN1_INTEGER *bs;
322 int i; 282 int i;
323 283
324 opp=op; 284 opp=op;
325 bs=d2i_ASN1_INTEGER(NULL,&opp,len+hl); 285 bs=d2i_ASN1_INTEGER(NULL,&opp,len+hl);
326 if (bs != NULL) 286 if (bs != NULL) {
327 {
328 if (BIO_write(bp,":",1) <= 0) goto end; 287 if (BIO_write(bp,":",1) <= 0) goto end;
329 if (bs->type == V_ASN1_NEG_INTEGER) 288 if (bs->type == V_ASN1_NEG_INTEGER)
330 if (BIO_write(bp,"-",1) <= 0) 289 if (BIO_write(bp,"-",1) <= 0)
331 goto end; 290 goto end;
332 for (i=0; i<bs->length; i++) 291 for (i=0; i<bs->length; i++) {
333 {
334 if (BIO_printf(bp,"%02X", 292 if (BIO_printf(bp,"%02X",
335 bs->data[i]) <= 0) 293 bs->data[i]) <= 0)
336 goto end; 294 goto end;
337 } 295 }
338 if (bs->length == 0) 296 if (bs->length == 0) {
339 {
340 if (BIO_write(bp,"00",2) <= 0) 297 if (BIO_write(bp,"00",2) <= 0)
341 goto end; 298 goto end;
342 } 299 }
343 } 300 } else {
344 else
345 {
346 if (BIO_write(bp,"BAD INTEGER",11) <= 0) 301 if (BIO_write(bp,"BAD INTEGER",11) <= 0)
347 goto end; 302 goto end;
348 } 303 }
349 M_ASN1_INTEGER_free(bs); 304 M_ASN1_INTEGER_free(bs);
350 } 305 } else if (tag == V_ASN1_ENUMERATED) {
351 else if (tag == V_ASN1_ENUMERATED)
352 {
353 ASN1_ENUMERATED *bs; 306 ASN1_ENUMERATED *bs;
354 int i; 307 int i;
355 308
356 opp=op; 309 opp=op;
357 bs=d2i_ASN1_ENUMERATED(NULL,&opp,len+hl); 310 bs=d2i_ASN1_ENUMERATED(NULL,&opp,len+hl);
358 if (bs != NULL) 311 if (bs != NULL) {
359 {
360 if (BIO_write(bp,":",1) <= 0) goto end; 312 if (BIO_write(bp,":",1) <= 0) goto end;
361 if (bs->type == V_ASN1_NEG_ENUMERATED) 313 if (bs->type == V_ASN1_NEG_ENUMERATED)
362 if (BIO_write(bp,"-",1) <= 0) 314 if (BIO_write(bp,"-",1) <= 0)
363 goto end; 315 goto end;
364 for (i=0; i<bs->length; i++) 316 for (i=0; i<bs->length; i++) {
365 {
366 if (BIO_printf(bp,"%02X", 317 if (BIO_printf(bp,"%02X",
367 bs->data[i]) <= 0) 318 bs->data[i]) <= 0)
368 goto end; 319 goto end;
369 } 320 }
370 if (bs->length == 0) 321 if (bs->length == 0) {
371 {
372 if (BIO_write(bp,"00",2) <= 0) 322 if (BIO_write(bp,"00",2) <= 0)
373 goto end; 323 goto end;
374 } 324 }
375 } 325 } else {
376 else
377 {
378 if (BIO_write(bp,"BAD ENUMERATED",14) <= 0) 326 if (BIO_write(bp,"BAD ENUMERATED",14) <= 0)
379 goto end; 327 goto end;
380 } 328 }
381 M_ASN1_ENUMERATED_free(bs); 329 M_ASN1_ENUMERATED_free(bs);
382 } 330 } else if (len > 0 && dump) {
383 else if (len > 0 && dump) 331 if (!nl) {
384 {
385 if (!nl)
386 {
387 if (BIO_write(bp,"\n",1) <= 0) 332 if (BIO_write(bp,"\n",1) <= 0)
388 goto end; 333 goto end;
389 } 334 }
@@ -394,13 +339,11 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offse
394 nl=1; 339 nl=1;
395 } 340 }
396 341
397 if (!nl) 342 if (!nl) {
398 {
399 if (BIO_write(bp,"\n",1) <= 0) goto end; 343 if (BIO_write(bp,"\n",1) <= 0) goto end;
400 } 344 }
401 p+=len; 345 p+=len;
402 if ((tag == V_ASN1_EOC) && (xclass == 0)) 346 if ((tag == V_ASN1_EOC) && (xclass == 0)) {
403 {
404 ret=2; /* End of sequence */ 347 ret=2; /* End of sequence */
405 goto end; 348 goto end;
406 } 349 }
@@ -429,7 +372,7 @@ const char *ASN1_tag2str(int tag)
429}; 372};
430 373
431 if((tag == V_ASN1_NEG_INTEGER) || (tag == V_ASN1_NEG_ENUMERATED)) 374 if((tag == V_ASN1_NEG_INTEGER) || (tag == V_ASN1_NEG_ENUMERATED))
432 tag &= ~0x100; 375 tag &= ~0x100;
433 376
434 if(tag < 0 || tag > 30) return "(unknown)"; 377 if(tag < 0 || tag > 30) return "(unknown)";
435 return tag2str[tag]; 378 return tag2str[tag];
diff --git a/src/lib/libssl/src/crypto/asn1/asn_mime.c b/src/lib/libssl/src/crypto/asn1/asn_mime.c
index 011b97ff92..6cde8fd44e 100644
--- a/src/lib/libssl/src/crypto/asn1/asn_mime.c
+++ b/src/lib/libssl/src/crypto/asn1/asn_mime.c
@@ -116,20 +116,17 @@ int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
116 const ASN1_ITEM *it) 116 const ASN1_ITEM *it)
117{ 117{
118 /* If streaming create stream BIO and copy all content through it */ 118 /* If streaming create stream BIO and copy all content through it */
119 if (flags & SMIME_STREAM) 119 if (flags & SMIME_STREAM) {
120 {
121 BIO *bio, *tbio; 120 BIO *bio, *tbio;
122 bio = BIO_new_NDEF(out, val, it); 121 bio = BIO_new_NDEF(out, val, it);
123 if (!bio) 122 if (!bio) {
124 {
125 ASN1err(ASN1_F_I2D_ASN1_BIO_STREAM,ERR_R_MALLOC_FAILURE); 123 ASN1err(ASN1_F_I2D_ASN1_BIO_STREAM,ERR_R_MALLOC_FAILURE);
126 return 0; 124 return 0;
127 } 125 }
128 SMIME_crlf_copy(in, bio, flags); 126 SMIME_crlf_copy(in, bio, flags);
129 (void)BIO_flush(bio); 127 (void)BIO_flush(bio);
130 /* Free up successive BIOs until we hit the old output BIO */ 128 /* Free up successive BIOs until we hit the old output BIO */
131 do 129 do {
132 {
133 tbio = BIO_pop(bio); 130 tbio = BIO_pop(bio);
134 BIO_free(bio); 131 BIO_free(bio);
135 bio = tbio; 132 bio = tbio;
@@ -151,8 +148,7 @@ static int B64_write_ASN1(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
151 BIO *b64; 148 BIO *b64;
152 int r; 149 int r;
153 b64 = BIO_new(BIO_f_base64()); 150 b64 = BIO_new(BIO_f_base64());
154 if(!b64) 151 if(!b64) {
155 {
156 ASN1err(ASN1_F_B64_WRITE_ASN1,ERR_R_MALLOC_FAILURE); 152 ASN1err(ASN1_F_B64_WRITE_ASN1,ERR_R_MALLOC_FAILURE);
157 return 0; 153 return 0;
158 } 154 }
@@ -205,20 +201,17 @@ static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs)
205 int i, have_unknown = 0, write_comma, ret = 0, md_nid; 201 int i, have_unknown = 0, write_comma, ret = 0, md_nid;
206 have_unknown = 0; 202 have_unknown = 0;
207 write_comma = 0; 203 write_comma = 0;
208 for (i = 0; i < sk_X509_ALGOR_num(mdalgs); i++) 204 for (i = 0; i < sk_X509_ALGOR_num(mdalgs); i++) {
209 {
210 if (write_comma) 205 if (write_comma)
211 BIO_write(out, ",", 1); 206 BIO_write(out, ",", 1);
212 write_comma = 1; 207 write_comma = 1;
213 md_nid = OBJ_obj2nid(sk_X509_ALGOR_value(mdalgs, i)->algorithm); 208 md_nid = OBJ_obj2nid(sk_X509_ALGOR_value(mdalgs, i)->algorithm);
214 md = EVP_get_digestbynid(md_nid); 209 md = EVP_get_digestbynid(md_nid);
215 if (md && md->md_ctrl) 210 if (md && md->md_ctrl) {
216 {
217 int rv; 211 int rv;
218 char *micstr; 212 char *micstr;
219 rv = md->md_ctrl(NULL, EVP_MD_CTRL_MICALG, 0, &micstr); 213 rv = md->md_ctrl(NULL, EVP_MD_CTRL_MICALG, 0, &micstr);
220 if (rv > 0) 214 if (rv > 0) {
221 {
222 BIO_puts(out, micstr); 215 BIO_puts(out, micstr);
223 free(micstr); 216 free(micstr);
224 continue; 217 continue;
@@ -226,8 +219,7 @@ static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs)
226 if (rv != -2) 219 if (rv != -2)
227 goto err; 220 goto err;
228 } 221 }
229 switch(md_nid) 222 switch(md_nid) {
230 {
231 case NID_sha1: 223 case NID_sha1:
232 BIO_puts(out, "sha1"); 224 BIO_puts(out, "sha1");
233 break; 225 break;
@@ -256,8 +248,7 @@ static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs)
256 default: 248 default:
257 if (have_unknown) 249 if (have_unknown)
258 write_comma = 0; 250 write_comma = 0;
259 else 251 else {
260 {
261 BIO_puts(out, "unknown"); 252 BIO_puts(out, "unknown");
262 have_unknown = 1; 253 have_unknown = 1;
263 } 254 }
@@ -338,17 +329,14 @@ int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
338 329
339 if (ctype_nid == NID_pkcs7_enveloped) 330 if (ctype_nid == NID_pkcs7_enveloped)
340 msg_type = "enveloped-data"; 331 msg_type = "enveloped-data";
341 else if (ctype_nid == NID_pkcs7_signed) 332 else if (ctype_nid == NID_pkcs7_signed) {
342 {
343 if (econt_nid == NID_id_smime_ct_receipt) 333 if (econt_nid == NID_id_smime_ct_receipt)
344 msg_type = "signed-receipt"; 334 msg_type = "signed-receipt";
345 else if (sk_X509_ALGOR_num(mdalgs) >= 0) 335 else if (sk_X509_ALGOR_num(mdalgs) >= 0)
346 msg_type = "signed-data"; 336 msg_type = "signed-data";
347 else 337 else
348 msg_type = "certs-only"; 338 msg_type = "certs-only";
349 } 339 } else if (ctype_nid == NID_id_smime_ct_compressedData) {
350 else if (ctype_nid == NID_id_smime_ct_compressedData)
351 {
352 msg_type = "compressed-data"; 340 msg_type = "compressed-data";
353 cname = "smime.p7z"; 341 cname = "smime.p7z";
354 } 342 }
@@ -382,14 +370,12 @@ static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
382 /* If data is not deteched or resigning then the output BIO is 370 /* If data is not deteched or resigning then the output BIO is
383 * already set up to finalise when it is written through. 371 * already set up to finalise when it is written through.
384 */ 372 */
385 if (!(flags & SMIME_DETACHED) || (flags & PKCS7_REUSE_DIGEST)) 373 if (!(flags & SMIME_DETACHED) || (flags & PKCS7_REUSE_DIGEST)) {
386 {
387 SMIME_crlf_copy(data, out, flags); 374 SMIME_crlf_copy(data, out, flags);
388 return 1; 375 return 1;
389 } 376 }
390 377
391 if (!aux || !aux->asn1_cb) 378 if (!aux || !aux->asn1_cb) {
392 {
393 ASN1err(ASN1_F_ASN1_OUTPUT_DATA, 379 ASN1err(ASN1_F_ASN1_OUTPUT_DATA,
394 ASN1_R_STREAMING_NOT_SUPPORTED); 380 ASN1_R_STREAMING_NOT_SUPPORTED);
395 return 0; 381 return 0;
@@ -413,8 +399,7 @@ static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
413 399
414 /* Now remove any digests prepended to the BIO */ 400 /* Now remove any digests prepended to the BIO */
415 401
416 while (sarg.ndef_bio != out) 402 while (sarg.ndef_bio != out) {
417 {
418 tmpbio = BIO_pop(sarg.ndef_bio); 403 tmpbio = BIO_pop(sarg.ndef_bio);
419 BIO_free(sarg.ndef_bio); 404 BIO_free(sarg.ndef_bio);
420 sarg.ndef_bio = tmpbio; 405 sarg.ndef_bio = tmpbio;
@@ -547,17 +532,13 @@ int SMIME_crlf_copy(BIO *in, BIO *out, int flags)
547 if (!bf) 532 if (!bf)
548 return 0; 533 return 0;
549 out = BIO_push(bf, out); 534 out = BIO_push(bf, out);
550 if(flags & SMIME_BINARY) 535 if(flags & SMIME_BINARY) {
551 {
552 while((len = BIO_read(in, linebuf, MAX_SMLEN)) > 0) 536 while((len = BIO_read(in, linebuf, MAX_SMLEN)) > 0)
553 BIO_write(out, linebuf, len); 537 BIO_write(out, linebuf, len);
554 } 538 } else {
555 else
556 {
557 if(flags & SMIME_TEXT) 539 if(flags & SMIME_TEXT)
558 BIO_printf(out, "Content-Type: text/plain\r\n\r\n"); 540 BIO_printf(out, "Content-Type: text/plain\r\n\r\n");
559 while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0) 541 while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0) {
560 {
561 eol = strip_eol(linebuf, &len); 542 eol = strip_eol(linebuf, &len);
562 if (len) 543 if (len)
563 BIO_write(out, linebuf, len); 544 BIO_write(out, linebuf, len);
@@ -944,8 +925,7 @@ static int strip_eol(char *linebuf, int *plen)
944 char *p, c; 925 char *p, c;
945 int is_eol = 0; 926 int is_eol = 0;
946 p = linebuf + len - 1; 927 p = linebuf + len - 1;
947 for (p = linebuf + len - 1; len > 0; len--, p--) 928 for (p = linebuf + len - 1; len > 0; len--, p--) {
948 {
949 c = *p; 929 c = *p;
950 if (c == '\n') 930 if (c == '\n')
951 is_eol = 1; 931 is_eol = 1;
diff --git a/src/lib/libssl/src/crypto/asn1/asn_moid.c b/src/lib/libssl/src/crypto/asn1/asn_moid.c
index 7521496d67..0c09a8e934 100644
--- a/src/lib/libssl/src/crypto/asn1/asn_moid.c
+++ b/src/lib/libssl/src/crypto/asn1/asn_moid.c
@@ -75,16 +75,13 @@ static int oid_module_init(CONF_IMODULE *md, const CONF *cnf)
75 STACK_OF(CONF_VALUE) *sktmp; 75 STACK_OF(CONF_VALUE) *sktmp;
76 CONF_VALUE *oval; 76 CONF_VALUE *oval;
77 oid_section = CONF_imodule_get_value(md); 77 oid_section = CONF_imodule_get_value(md);
78 if(!(sktmp = NCONF_get_section(cnf, oid_section))) 78 if(!(sktmp = NCONF_get_section(cnf, oid_section))) {
79 {
80 ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ERROR_LOADING_SECTION); 79 ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ERROR_LOADING_SECTION);
81 return 0; 80 return 0;
82 } 81 }
83 for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) 82 for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
84 {
85 oval = sk_CONF_VALUE_value(sktmp, i); 83 oval = sk_CONF_VALUE_value(sktmp, i);
86 if(!do_create(oval->value, oval->name)) 84 if(!do_create(oval->value, oval->name)) {
87 {
88 ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ADDING_OBJECT); 85 ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ADDING_OBJECT);
89 return 0; 86 return 0;
90 } 87 }
@@ -114,13 +111,10 @@ static int do_create(char *value, char *name)
114 ASN1_OBJECT *oid; 111 ASN1_OBJECT *oid;
115 char *ln, *ostr, *p, *lntmp; 112 char *ln, *ostr, *p, *lntmp;
116 p = strrchr(value, ','); 113 p = strrchr(value, ',');
117 if (!p) 114 if (!p) {
118 {
119 ln = name; 115 ln = name;
120 ostr = value; 116 ostr = value;
121 } 117 } else {
122 else
123 {
124 ln = NULL; 118 ln = NULL;
125 ostr = p + 1; 119 ostr = p + 1;
126 if (!*ostr) 120 if (!*ostr)
@@ -133,13 +127,11 @@ static int do_create(char *value, char *name)
133 if (nid == NID_undef) 127 if (nid == NID_undef)
134 return 0; 128 return 0;
135 129
136 if (p) 130 if (p) {
137 {
138 ln = value; 131 ln = value;
139 while(isspace((unsigned char)*ln)) ln++; 132 while(isspace((unsigned char)*ln)) ln++;
140 p--; 133 p--;
141 while(isspace((unsigned char)*p)) 134 while(isspace((unsigned char)*p)) {
142 {
143 if (p == ln) 135 if (p == ln)
144 return 0; 136 return 0;
145 p--; 137 p--;
diff --git a/src/lib/libssl/src/crypto/asn1/bio_asn1.c b/src/lib/libssl/src/crypto/asn1/bio_asn1.c
index a6ad850e46..8ebac02a00 100644
--- a/src/lib/libssl/src/crypto/asn1/bio_asn1.c
+++ b/src/lib/libssl/src/crypto/asn1/bio_asn1.c
@@ -210,20 +210,18 @@ static int asn1_bio_write(BIO *b, const char *in , int inl)
210 wrlen = 0; 210 wrlen = 0;
211 ret = -1; 211 ret = -1;
212 212
213 for(;;) 213 for(;;) {
214 { 214 switch (ctx->state) {
215 switch (ctx->state)
216 {
217 215
218 /* Setup prefix data, call it */ 216 /* Setup prefix data, call it */
219 case ASN1_STATE_START: 217 case ASN1_STATE_START:
220 if (!asn1_bio_setup_ex(b, ctx, ctx->prefix, 218 if (!asn1_bio_setup_ex(b, ctx, ctx->prefix,
221 ASN1_STATE_PRE_COPY, ASN1_STATE_HEADER)) 219 ASN1_STATE_PRE_COPY, ASN1_STATE_HEADER))
222 return 0; 220 return 0;
223 break; 221 break;
224 222
225 /* Copy any pre data first */ 223 /* Copy any pre data first */
226 case ASN1_STATE_PRE_COPY: 224 case ASN1_STATE_PRE_COPY:
227 225
228 ret = asn1_bio_flush_ex(b, ctx, ctx->prefix_free, 226 ret = asn1_bio_flush_ex(b, ctx, ctx->prefix_free,
229 ASN1_STATE_HEADER); 227 ASN1_STATE_HEADER);
@@ -233,7 +231,7 @@ static int asn1_bio_write(BIO *b, const char *in , int inl)
233 231
234 break; 232 break;
235 233
236 case ASN1_STATE_HEADER: 234 case ASN1_STATE_HEADER:
237 ctx->buflen = 235 ctx->buflen =
238 ASN1_object_size(0, inl, ctx->asn1_tag) - inl; 236 ASN1_object_size(0, inl, ctx->asn1_tag) - inl;
239 OPENSSL_assert(ctx->buflen <= ctx->bufsize); 237 OPENSSL_assert(ctx->buflen <= ctx->bufsize);
@@ -245,7 +243,7 @@ static int asn1_bio_write(BIO *b, const char *in , int inl)
245 243
246 break; 244 break;
247 245
248 case ASN1_STATE_HEADER_COPY: 246 case ASN1_STATE_HEADER_COPY:
249 ret = BIO_write(b->next_bio, 247 ret = BIO_write(b->next_bio,
250 ctx->buf + ctx->bufpos, ctx->buflen); 248 ctx->buf + ctx->bufpos, ctx->buflen);
251 if (ret <= 0) 249 if (ret <= 0)
@@ -254,15 +252,14 @@ static int asn1_bio_write(BIO *b, const char *in , int inl)
254 ctx->buflen -= ret; 252 ctx->buflen -= ret;
255 if (ctx->buflen) 253 if (ctx->buflen)
256 ctx->bufpos += ret; 254 ctx->bufpos += ret;
257 else 255 else {
258 {
259 ctx->bufpos = 0; 256 ctx->bufpos = 0;
260 ctx->state = ASN1_STATE_DATA_COPY; 257 ctx->state = ASN1_STATE_DATA_COPY;
261 } 258 }
262 259
263 break; 260 break;
264 261
265 case ASN1_STATE_DATA_COPY: 262 case ASN1_STATE_DATA_COPY:
266 263
267 if (inl > ctx->copylen) 264 if (inl > ctx->copylen)
268 wrmax = ctx->copylen; 265 wrmax = ctx->copylen;
@@ -306,8 +303,7 @@ static int asn1_bio_flush_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
306 int ret; 303 int ret;
307 if (ctx->ex_len <= 0) 304 if (ctx->ex_len <= 0)
308 return 1; 305 return 1;
309 for(;;) 306 for(;;) {
310 {
311 ret = BIO_write(b->next_bio, ctx->ex_buf + ctx->ex_pos, 307 ret = BIO_write(b->next_bio, ctx->ex_buf + ctx->ex_pos,
312 ctx->ex_len); 308 ctx->ex_len);
313 if (ret <= 0) 309 if (ret <= 0)
@@ -315,8 +311,7 @@ static int asn1_bio_flush_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
315 ctx->ex_len -= ret; 311 ctx->ex_len -= ret;
316 if (ctx->ex_len > 0) 312 if (ctx->ex_len > 0)
317 ctx->ex_pos += ret; 313 ctx->ex_pos += ret;
318 else 314 else {
319 {
320 if(cleanup) 315 if(cleanup)
321 cleanup(b, &ctx->ex_buf, &ctx->ex_len, 316 cleanup(b, &ctx->ex_buf, &ctx->ex_len,
322 &ctx->ex_arg); 317 &ctx->ex_arg);
@@ -333,8 +328,7 @@ static int asn1_bio_setup_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
333 asn1_bio_state_t ex_state, 328 asn1_bio_state_t ex_state,
334 asn1_bio_state_t other_state) 329 asn1_bio_state_t other_state)
335{ 330{
336 if (setup && !setup(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg)) 331 if (setup && !setup(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg)) {
337 {
338 BIO_clear_retry_flags(b); 332 BIO_clear_retry_flags(b);
339 return 0; 333 return 0;
340 } 334 }
@@ -378,55 +372,52 @@ static long asn1_bio_ctrl(BIO *b, int cmd, long arg1, void *arg2)
378 ctx = (BIO_ASN1_BUF_CTX *) b->ptr; 372 ctx = (BIO_ASN1_BUF_CTX *) b->ptr;
379 if (ctx == NULL) 373 if (ctx == NULL)
380 return 0; 374 return 0;
381 switch(cmd) 375 switch(cmd) {
382 {
383 376
384 case BIO_C_SET_PREFIX: 377 case BIO_C_SET_PREFIX:
385 ex_func = arg2; 378 ex_func = arg2;
386 ctx->prefix = ex_func->ex_func; 379 ctx->prefix = ex_func->ex_func;
387 ctx->prefix_free = ex_func->ex_free_func; 380 ctx->prefix_free = ex_func->ex_free_func;
388 break; 381 break;
389 382
390 case BIO_C_GET_PREFIX: 383 case BIO_C_GET_PREFIX:
391 ex_func = arg2; 384 ex_func = arg2;
392 ex_func->ex_func = ctx->prefix; 385 ex_func->ex_func = ctx->prefix;
393 ex_func->ex_free_func = ctx->prefix_free; 386 ex_func->ex_free_func = ctx->prefix_free;
394 break; 387 break;
395 388
396 case BIO_C_SET_SUFFIX: 389 case BIO_C_SET_SUFFIX:
397 ex_func = arg2; 390 ex_func = arg2;
398 ctx->suffix = ex_func->ex_func; 391 ctx->suffix = ex_func->ex_func;
399 ctx->suffix_free = ex_func->ex_free_func; 392 ctx->suffix_free = ex_func->ex_free_func;
400 break; 393 break;
401 394
402 case BIO_C_GET_SUFFIX: 395 case BIO_C_GET_SUFFIX:
403 ex_func = arg2; 396 ex_func = arg2;
404 ex_func->ex_func = ctx->suffix; 397 ex_func->ex_func = ctx->suffix;
405 ex_func->ex_free_func = ctx->suffix_free; 398 ex_func->ex_free_func = ctx->suffix_free;
406 break; 399 break;
407 400
408 case BIO_C_SET_EX_ARG: 401 case BIO_C_SET_EX_ARG:
409 ctx->ex_arg = arg2; 402 ctx->ex_arg = arg2;
410 break; 403 break;
411 404
412 case BIO_C_GET_EX_ARG: 405 case BIO_C_GET_EX_ARG:
413 *(void **)arg2 = ctx->ex_arg; 406 *(void **)arg2 = ctx->ex_arg;
414 break; 407 break;
415 408
416 case BIO_CTRL_FLUSH: 409 case BIO_CTRL_FLUSH:
417 if (!b->next_bio) 410 if (!b->next_bio)
418 return 0; 411 return 0;
419 412
420 /* Call post function if possible */ 413 /* Call post function if possible */
421 if (ctx->state == ASN1_STATE_HEADER) 414 if (ctx->state == ASN1_STATE_HEADER) {
422 {
423 if (!asn1_bio_setup_ex(b, ctx, ctx->suffix, 415 if (!asn1_bio_setup_ex(b, ctx, ctx->suffix,
424 ASN1_STATE_POST_COPY, ASN1_STATE_DONE)) 416 ASN1_STATE_POST_COPY, ASN1_STATE_DONE))
425 return 0; 417 return 0;
426 } 418 }
427 419
428 if (ctx->state == ASN1_STATE_POST_COPY) 420 if (ctx->state == ASN1_STATE_POST_COPY) {
429 {
430 ret = asn1_bio_flush_ex(b, ctx, ctx->suffix_free, 421 ret = asn1_bio_flush_ex(b, ctx, ctx->suffix_free,
431 ASN1_STATE_DONE); 422 ASN1_STATE_DONE);
432 if (ret <= 0) 423 if (ret <= 0)
@@ -435,15 +426,14 @@ static long asn1_bio_ctrl(BIO *b, int cmd, long arg1, void *arg2)
435 426
436 if (ctx->state == ASN1_STATE_DONE) 427 if (ctx->state == ASN1_STATE_DONE)
437 return BIO_ctrl(b->next_bio, cmd, arg1, arg2); 428 return BIO_ctrl(b->next_bio, cmd, arg1, arg2);
438 else 429 else {
439 {
440 BIO_clear_retry_flags(b); 430 BIO_clear_retry_flags(b);
441 return 0; 431 return 0;
442 } 432 }
443 break; 433 break;
444 434
445 435
446 default: 436 default:
447 if (!b->next_bio) 437 if (!b->next_bio)
448 return 0; 438 return 0;
449 return BIO_ctrl(b->next_bio, cmd, arg1, arg2); 439 return BIO_ctrl(b->next_bio, cmd, arg1, arg2);
@@ -468,8 +458,7 @@ static int asn1_bio_get_ex(BIO *b, int cmd,
468 BIO_ASN1_EX_FUNCS extmp; 458 BIO_ASN1_EX_FUNCS extmp;
469 int ret; 459 int ret;
470 ret = BIO_ctrl(b, cmd, 0, &extmp); 460 ret = BIO_ctrl(b, cmd, 0, &extmp);
471 if (ret > 0) 461 if (ret > 0) {
472 {
473 *ex_func = extmp.ex_func; 462 *ex_func = extmp.ex_func;
474 *ex_free_func = extmp.ex_free_func; 463 *ex_free_func = extmp.ex_free_func;
475 } 464 }
diff --git a/src/lib/libssl/src/crypto/asn1/bio_ndef.c b/src/lib/libssl/src/crypto/asn1/bio_ndef.c
index b8dc80a7b2..595e6471c2 100644
--- a/src/lib/libssl/src/crypto/asn1/bio_ndef.c
+++ b/src/lib/libssl/src/crypto/asn1/bio_ndef.c
@@ -105,8 +105,7 @@ BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it)
105 const ASN1_AUX *aux = it->funcs; 105 const ASN1_AUX *aux = it->funcs;
106 ASN1_STREAM_ARG sarg; 106 ASN1_STREAM_ARG sarg;
107 107
108 if (!aux || !aux->asn1_cb) 108 if (!aux || !aux->asn1_cb) {
109 {
110 ASN1err(ASN1_F_BIO_NEW_NDEF, ASN1_R_STREAMING_NOT_SUPPORTED); 109 ASN1err(ASN1_F_BIO_NEW_NDEF, ASN1_R_STREAMING_NOT_SUPPORTED);
111 return NULL; 110 return NULL;
112 } 111 }
diff --git a/src/lib/libssl/src/crypto/asn1/d2i_pr.c b/src/lib/libssl/src/crypto/asn1/d2i_pr.c
index cbbcdae7df..5e6003ca5b 100644
--- a/src/lib/libssl/src/crypto/asn1/d2i_pr.c
+++ b/src/lib/libssl/src/crypto/asn1/d2i_pr.c
@@ -73,37 +73,29 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
73{ 73{
74 EVP_PKEY *ret; 74 EVP_PKEY *ret;
75 75
76 if ((a == NULL) || (*a == NULL)) 76 if ((a == NULL) || (*a == NULL)) {
77 { 77 if ((ret=EVP_PKEY_new()) == NULL) {
78 if ((ret=EVP_PKEY_new()) == NULL)
79 {
80 ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_EVP_LIB); 78 ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_EVP_LIB);
81 return(NULL); 79 return(NULL);
82 } 80 }
83 } 81 } else {
84 else
85 {
86 ret= *a; 82 ret= *a;
87#ifndef OPENSSL_NO_ENGINE 83#ifndef OPENSSL_NO_ENGINE
88 if (ret->engine) 84 if (ret->engine) {
89 {
90 ENGINE_finish(ret->engine); 85 ENGINE_finish(ret->engine);
91 ret->engine = NULL; 86 ret->engine = NULL;
92 } 87 }
93#endif 88#endif
94 } 89 }
95 90
96 if (!EVP_PKEY_set_type(ret, type)) 91 if (!EVP_PKEY_set_type(ret, type)) {
97 {
98 ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); 92 ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
99 goto err; 93 goto err;
100 } 94 }
101 95
102 if (!ret->ameth->old_priv_decode || 96 if (!ret->ameth->old_priv_decode ||
103 !ret->ameth->old_priv_decode(ret, pp, length)) 97 !ret->ameth->old_priv_decode(ret, pp, length)) {
104 { 98 if (ret->ameth->priv_decode) {
105 if (ret->ameth->priv_decode)
106 {
107 PKCS8_PRIV_KEY_INFO *p8=NULL; 99 PKCS8_PRIV_KEY_INFO *p8=NULL;
108 p8=d2i_PKCS8_PRIV_KEY_INFO(NULL,pp,length); 100 p8=d2i_PKCS8_PRIV_KEY_INFO(NULL,pp,length);
109 if (!p8) goto err; 101 if (!p8) goto err;
@@ -111,9 +103,7 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
111 ret = EVP_PKCS82PKEY(p8); 103 ret = EVP_PKCS82PKEY(p8);
112 PKCS8_PRIV_KEY_INFO_free(p8); 104 PKCS8_PRIV_KEY_INFO_free(p8);
113 105
114 } 106 } else {
115 else
116 {
117 ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB); 107 ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
118 goto err; 108 goto err;
119 } 109 }
@@ -146,25 +136,24 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
146 keytype = EVP_PKEY_DSA; 136 keytype = EVP_PKEY_DSA;
147 else if (sk_ASN1_TYPE_num(inkey) == 4) 137 else if (sk_ASN1_TYPE_num(inkey) == 4)
148 keytype = EVP_PKEY_EC; 138 keytype = EVP_PKEY_EC;
149 else if (sk_ASN1_TYPE_num(inkey) == 3) 139 else if (sk_ASN1_TYPE_num(inkey) == 3) {
150 { /* This seems to be PKCS8, not traditional format */ 140 /* This seems to be PKCS8, not traditional format */
151 PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL,pp,length); 141 PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL,pp,length);
152 EVP_PKEY *ret; 142 EVP_PKEY *ret;
153 143
154 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); 144 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
155 if (!p8) 145 if (!p8) {
156 { 146 ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
157 ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); 147 return NULL;
158 return NULL; 148 }
159 } 149 ret = EVP_PKCS82PKEY(p8);
160 ret = EVP_PKCS82PKEY(p8); 150 PKCS8_PRIV_KEY_INFO_free(p8);
161 PKCS8_PRIV_KEY_INFO_free(p8); 151 if (a) {
162 if (a) { 152 *a = ret;
163 *a = ret;
164 } 153 }
165 return ret; 154 return ret;
166 } 155 } else
167 else keytype = EVP_PKEY_RSA; 156 keytype = EVP_PKEY_RSA;
168 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); 157 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
169 return d2i_PrivateKey(keytype, a, pp, length); 158 return d2i_PrivateKey(keytype, a, pp, length);
170} 159}
diff --git a/src/lib/libssl/src/crypto/asn1/d2i_pu.c b/src/lib/libssl/src/crypto/asn1/d2i_pu.c
index f04d230d70..ccd03c066f 100644
--- a/src/lib/libssl/src/crypto/asn1/d2i_pu.c
+++ b/src/lib/libssl/src/crypto/asn1/d2i_pu.c
@@ -77,24 +77,20 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
77{ 77{
78 EVP_PKEY *ret; 78 EVP_PKEY *ret;
79 79
80 if ((a == NULL) || (*a == NULL)) 80 if ((a == NULL) || (*a == NULL)) {
81 { 81 if ((ret=EVP_PKEY_new()) == NULL) {
82 if ((ret=EVP_PKEY_new()) == NULL)
83 {
84 ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_EVP_LIB); 82 ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_EVP_LIB);
85 return(NULL); 83 return(NULL);
86 } 84 }
87 } 85 }
88 else ret= *a; 86 else ret= *a;
89 87
90 if (!EVP_PKEY_set_type(ret, type)) 88 if (!EVP_PKEY_set_type(ret, type)) {
91 {
92 ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_EVP_LIB); 89 ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_EVP_LIB);
93 goto err; 90 goto err;
94 } 91 }
95 92
96 switch (EVP_PKEY_id(ret)) 93 switch (EVP_PKEY_id(ret)) {
97 {
98#ifndef OPENSSL_NO_RSA 94#ifndef OPENSSL_NO_RSA
99 case EVP_PKEY_RSA: 95 case EVP_PKEY_RSA:
100 if ((ret->pkey.rsa=d2i_RSAPublicKey(NULL, 96 if ((ret->pkey.rsa=d2i_RSAPublicKey(NULL,
diff --git a/src/lib/libssl/src/crypto/asn1/evp_asn1.c b/src/lib/libssl/src/crypto/asn1/evp_asn1.c
index 631924f88e..d4ea675f89 100644
--- a/src/lib/libssl/src/crypto/asn1/evp_asn1.c
+++ b/src/lib/libssl/src/crypto/asn1/evp_asn1.c
@@ -78,8 +78,7 @@ int ASN1_TYPE_get_octetstring(ASN1_TYPE *a, unsigned char *data,
78 int ret,num; 78 int ret,num;
79 unsigned char *p; 79 unsigned char *p;
80 80
81 if ((a->type != V_ASN1_OCTET_STRING) || (a->value.octet_string == NULL)) 81 if ((a->type != V_ASN1_OCTET_STRING) || (a->value.octet_string == NULL)) {
82 {
83 ASN1err(ASN1_F_ASN1_TYPE_GET_OCTETSTRING,ASN1_R_DATA_IS_WRONG); 82 ASN1err(ASN1_F_ASN1_TYPE_GET_OCTETSTRING,ASN1_R_DATA_IS_WRONG);
84 return(-1); 83 return(-1);
85 } 84 }
@@ -115,8 +114,7 @@ int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data,
115 114
116 if ((osp=ASN1_STRING_new()) == NULL) return(0); 115 if ((osp=ASN1_STRING_new()) == NULL) return(0);
117 /* Grow the 'string' */ 116 /* Grow the 'string' */
118 if (!ASN1_STRING_set(osp,NULL,size)) 117 if (!ASN1_STRING_set(osp,NULL,size)) {
119 {
120 ASN1_STRING_free(osp); 118 ASN1_STRING_free(osp);
121 return(0); 119 return(0);
122 } 120 }
@@ -145,8 +143,7 @@ int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num, unsigned char *data,
145 long length; 143 long length;
146 ASN1_const_CTX c; 144 ASN1_const_CTX c;
147 145
148 if ((a->type != V_ASN1_SEQUENCE) || (a->value.sequence == NULL)) 146 if ((a->type != V_ASN1_SEQUENCE) || (a->value.sequence == NULL)) {
149 {
150 goto err; 147 goto err;
151 } 148 }
152 p=M_ASN1_STRING_data(a->value.sequence); 149 p=M_ASN1_STRING_data(a->value.sequence);
@@ -177,8 +174,7 @@ int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num, unsigned char *data,
177 174
178 if (data != NULL) 175 if (data != NULL)
179 memcpy(data,M_ASN1_STRING_data(os),n); 176 memcpy(data,M_ASN1_STRING_data(os),n);
180 if (0) 177 if (0) {
181 {
182err: 178err:
183 ASN1err(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,ASN1_R_DATA_IS_WRONG); 179 ASN1err(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,ASN1_R_DATA_IS_WRONG);
184 } 180 }
diff --git a/src/lib/libssl/src/crypto/asn1/f_enum.c b/src/lib/libssl/src/crypto/asn1/f_enum.c
index b6e66ab194..4ccfbddf2a 100644
--- a/src/lib/libssl/src/crypto/asn1/f_enum.c
+++ b/src/lib/libssl/src/crypto/asn1/f_enum.c
@@ -71,17 +71,12 @@ int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a)
71 71
72 if (a == NULL) return(0); 72 if (a == NULL) return(0);
73 73
74 if (a->length == 0) 74 if (a->length == 0) {
75 {
76 if (BIO_write(bp,"00",2) != 2) goto err; 75 if (BIO_write(bp,"00",2) != 2) goto err;
77 n=2; 76 n=2;
78 } 77 } else {
79 else 78 for (i=0; i<a->length; i++) {
80 { 79 if ((i != 0) && (i%35 == 0)) {
81 for (i=0; i<a->length; i++)
82 {
83 if ((i != 0) && (i%35 == 0))
84 {
85 if (BIO_write(bp,"\\\n",2) != 2) goto err; 80 if (BIO_write(bp,"\\\n",2) != 2) goto err;
86 n+=2; 81 n+=2;
87 } 82 }
@@ -107,8 +102,7 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
107 bs->type=V_ASN1_ENUMERATED; 102 bs->type=V_ASN1_ENUMERATED;
108 103
109 bufsize=BIO_gets(bp,buf,size); 104 bufsize=BIO_gets(bp,buf,size);
110 for (;;) 105 for (;;) {
111 {
112 if (bufsize < 1) goto err_sl; 106 if (bufsize < 1) goto err_sl;
113 i=bufsize; 107 i=bufsize;
114 if (buf[i-1] == '\n') buf[--i]='\0'; 108 if (buf[i-1] == '\n') buf[--i]='\0';
@@ -117,12 +111,10 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
117 if (i == 0) goto err_sl; 111 if (i == 0) goto err_sl;
118 again=(buf[i-1] == '\\'); 112 again=(buf[i-1] == '\\');
119 113
120 for (j=0; j<i; j++) 114 for (j=0; j<i; j++) {
121 {
122 if (!( ((buf[j] >= '0') && (buf[j] <= '9')) || 115 if (!( ((buf[j] >= '0') && (buf[j] <= '9')) ||
123 ((buf[j] >= 'a') && (buf[j] <= 'f')) || 116 ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
124 ((buf[j] >= 'A') && (buf[j] <= 'F')))) 117 ((buf[j] >= 'A') && (buf[j] <= 'F')))) {
125 {
126 i=j; 118 i=j;
127 break; 119 break;
128 } 120 }
@@ -133,33 +125,28 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
133 if (i < 2) goto err_sl; 125 if (i < 2) goto err_sl;
134 126
135 bufp=(unsigned char *)buf; 127 bufp=(unsigned char *)buf;
136 if (first) 128 if (first) {
137 {
138 first=0; 129 first=0;
139 if ((bufp[0] == '0') && (buf[1] == '0')) 130 if ((bufp[0] == '0') && (buf[1] == '0')) {
140 {
141 bufp+=2; 131 bufp+=2;
142 i-=2; 132 i-=2;
143 } 133 }
144 } 134 }
145 k=0; 135 k=0;
146 i-=again; 136 i-=again;
147 if (i%2 != 0) 137 if (i%2 != 0) {
148 {
149 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_ODD_NUMBER_OF_CHARS); 138 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_ODD_NUMBER_OF_CHARS);
150 goto err; 139 goto err;
151 } 140 }
152 i/=2; 141 i/=2;
153 if (num+i > slen) 142 if (num+i > slen) {
154 {
155 if (s == NULL) 143 if (s == NULL)
156 sp=(unsigned char *)malloc( 144 sp=(unsigned char *)malloc(
157 (unsigned int)num+i*2); 145 (unsigned int)num+i*2);
158 else 146 else
159 sp=(unsigned char *)realloc(s, 147 sp=(unsigned char *)realloc(s,
160 (unsigned int)num+i*2); 148 (unsigned int)num+i*2);
161 if (sp == NULL) 149 if (sp == NULL) {
162 {
163 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE); 150 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE);
164 if (s != NULL) free(s); 151 if (s != NULL) free(s);
165 goto err; 152 goto err;
@@ -167,10 +154,8 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
167 s=sp; 154 s=sp;
168 slen=num+i*2; 155 slen=num+i*2;
169 } 156 }
170 for (j=0; j<i; j++,k+=2) 157 for (j=0; j<i; j++,k+=2) {
171 { 158 for (n=0; n<2; n++) {
172 for (n=0; n<2; n++)
173 {
174 m=bufp[k+n]; 159 m=bufp[k+n];
175 if ((m >= '0') && (m <= '9')) 160 if ((m >= '0') && (m <= '9'))
176 m-='0'; 161 m-='0';
@@ -178,8 +163,7 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
178 m=m-'a'+10; 163 m=m-'a'+10;
179 else if ((m >= 'A') && (m <= 'F')) 164 else if ((m >= 'A') && (m <= 'F'))
180 m=m-'A'+10; 165 m=m-'A'+10;
181 else 166 else {
182 {
183 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_NON_HEX_CHARACTERS); 167 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_NON_HEX_CHARACTERS);
184 goto err; 168 goto err;
185 } 169 }
@@ -197,8 +181,7 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
197 bs->data=s; 181 bs->data=s;
198 ret=1; 182 ret=1;
199err: 183err:
200 if (0) 184 if (0) {
201 {
202err_sl: 185err_sl:
203 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_SHORT_LINE); 186 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ASN1_R_SHORT_LINE);
204 } 187 }
diff --git a/src/lib/libssl/src/crypto/asn1/f_int.c b/src/lib/libssl/src/crypto/asn1/f_int.c
index 66632f2dc4..6cea1f8485 100644
--- a/src/lib/libssl/src/crypto/asn1/f_int.c
+++ b/src/lib/libssl/src/crypto/asn1/f_int.c
@@ -69,23 +69,17 @@ int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a)
69 69
70 if (a == NULL) return(0); 70 if (a == NULL) return(0);
71 71
72 if (a->type & V_ASN1_NEG) 72 if (a->type & V_ASN1_NEG) {
73 {
74 if (BIO_write(bp, "-", 1) != 1) goto err; 73 if (BIO_write(bp, "-", 1) != 1) goto err;
75 n = 1; 74 n = 1;
76 } 75 }
77 76
78 if (a->length == 0) 77 if (a->length == 0) {
79 {
80 if (BIO_write(bp,"00",2) != 2) goto err; 78 if (BIO_write(bp,"00",2) != 2) goto err;
81 n += 2; 79 n += 2;
82 } 80 } else {
83 else 81 for (i=0; i<a->length; i++) {
84 { 82 if ((i != 0) && (i%35 == 0)) {
85 for (i=0; i<a->length; i++)
86 {
87 if ((i != 0) && (i%35 == 0))
88 {
89 if (BIO_write(bp,"\\\n",2) != 2) goto err; 83 if (BIO_write(bp,"\\\n",2) != 2) goto err;
90 n+=2; 84 n+=2;
91 } 85 }
@@ -111,8 +105,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
111 bs->type=V_ASN1_INTEGER; 105 bs->type=V_ASN1_INTEGER;
112 106
113 bufsize=BIO_gets(bp,buf,size); 107 bufsize=BIO_gets(bp,buf,size);
114 for (;;) 108 for (;;) {
115 {
116 if (bufsize < 1) goto err_sl; 109 if (bufsize < 1) goto err_sl;
117 i=bufsize; 110 i=bufsize;
118 if (buf[i-1] == '\n') buf[--i]='\0'; 111 if (buf[i-1] == '\n') buf[--i]='\0';
@@ -121,12 +114,10 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
121 if (i == 0) goto err_sl; 114 if (i == 0) goto err_sl;
122 again=(buf[i-1] == '\\'); 115 again=(buf[i-1] == '\\');
123 116
124 for (j=0; j<i; j++) 117 for (j=0; j<i; j++) {
125 {
126 if (!( ((buf[j] >= '0') && (buf[j] <= '9')) || 118 if (!( ((buf[j] >= '0') && (buf[j] <= '9')) ||
127 ((buf[j] >= 'a') && (buf[j] <= 'f')) || 119 ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
128 ((buf[j] >= 'A') && (buf[j] <= 'F')))) 120 ((buf[j] >= 'A') && (buf[j] <= 'F')))) {
129 {
130 i=j; 121 i=j;
131 break; 122 break;
132 } 123 }
@@ -137,32 +128,27 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
137 if (i < 2) goto err_sl; 128 if (i < 2) goto err_sl;
138 129
139 bufp=(unsigned char *)buf; 130 bufp=(unsigned char *)buf;
140 if (first) 131 if (first) {
141 {
142 first=0; 132 first=0;
143 if ((bufp[0] == '0') && (buf[1] == '0')) 133 if ((bufp[0] == '0') && (buf[1] == '0')) {
144 {
145 bufp+=2; 134 bufp+=2;
146 i-=2; 135 i-=2;
147 } 136 }
148 } 137 }
149 k=0; 138 k=0;
150 i-=again; 139 i-=again;
151 if (i%2 != 0) 140 if (i%2 != 0) {
152 {
153 ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_ODD_NUMBER_OF_CHARS); 141 ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_ODD_NUMBER_OF_CHARS);
154 goto err; 142 goto err;
155 } 143 }
156 i/=2; 144 i/=2;
157 if (num+i > slen) 145 if (num+i > slen) {
158 {
159 if (s == NULL) 146 if (s == NULL)
160 sp=(unsigned char *)malloc( 147 sp=(unsigned char *)malloc(
161 (unsigned int)num+i*2); 148 (unsigned int)num+i*2);
162 else 149 else
163 sp=OPENSSL_realloc_clean(s,slen,num+i*2); 150 sp=OPENSSL_realloc_clean(s,slen,num+i*2);
164 if (sp == NULL) 151 if (sp == NULL) {
165 {
166 ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE); 152 ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
167 if (s != NULL) free(s); 153 if (s != NULL) free(s);
168 goto err; 154 goto err;
@@ -170,10 +156,8 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
170 s=sp; 156 s=sp;
171 slen=num+i*2; 157 slen=num+i*2;
172 } 158 }
173 for (j=0; j<i; j++,k+=2) 159 for (j=0; j<i; j++,k+=2) {
174 { 160 for (n=0; n<2; n++) {
175 for (n=0; n<2; n++)
176 {
177 m=bufp[k+n]; 161 m=bufp[k+n];
178 if ((m >= '0') && (m <= '9')) 162 if ((m >= '0') && (m <= '9'))
179 m-='0'; 163 m-='0';
@@ -181,8 +165,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
181 m=m-'a'+10; 165 m=m-'a'+10;
182 else if ((m >= 'A') && (m <= 'F')) 166 else if ((m >= 'A') && (m <= 'F'))
183 m=m-'A'+10; 167 m=m-'A'+10;
184 else 168 else {
185 {
186 ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_NON_HEX_CHARACTERS); 169 ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_NON_HEX_CHARACTERS);
187 goto err; 170 goto err;
188 } 171 }
@@ -200,8 +183,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
200 bs->data=s; 183 bs->data=s;
201 ret=1; 184 ret=1;
202err: 185err:
203 if (0) 186 if (0) {
204 {
205err_sl: 187err_sl:
206 ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_SHORT_LINE); 188 ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_SHORT_LINE);
207 } 189 }
diff --git a/src/lib/libssl/src/crypto/asn1/f_string.c b/src/lib/libssl/src/crypto/asn1/f_string.c
index 7a59fa9f4f..87d7aaa0dd 100644
--- a/src/lib/libssl/src/crypto/asn1/f_string.c
+++ b/src/lib/libssl/src/crypto/asn1/f_string.c
@@ -69,17 +69,12 @@ int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type)
69 69
70 if (a == NULL) return(0); 70 if (a == NULL) return(0);
71 71
72 if (a->length == 0) 72 if (a->length == 0) {
73 {
74 if (BIO_write(bp,"0",1) != 1) goto err; 73 if (BIO_write(bp,"0",1) != 1) goto err;
75 n=1; 74 n=1;
76 } 75 } else {
77 else 76 for (i=0; i<a->length; i++) {
78 { 77 if ((i != 0) && (i%35 == 0)) {
79 for (i=0; i<a->length; i++)
80 {
81 if ((i != 0) && (i%35 == 0))
82 {
83 if (BIO_write(bp,"\\\n",2) != 2) goto err; 78 if (BIO_write(bp,"\\\n",2) != 2) goto err;
84 n+=2; 79 n+=2;
85 } 80 }
@@ -103,10 +98,8 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
103 int num=0,slen=0,first=1; 98 int num=0,slen=0,first=1;
104 99
105 bufsize=BIO_gets(bp,buf,size); 100 bufsize=BIO_gets(bp,buf,size);
106 for (;;) 101 for (;;) {
107 { 102 if (bufsize < 1) {
108 if (bufsize < 1)
109 {
110 if (first) 103 if (first)
111 break; 104 break;
112 else 105 else
@@ -121,12 +114,10 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
121 if (i == 0) goto err_sl; 114 if (i == 0) goto err_sl;
122 again=(buf[i-1] == '\\'); 115 again=(buf[i-1] == '\\');
123 116
124 for (j=i-1; j>0; j--) 117 for (j=i-1; j>0; j--) {
125 {
126 if (!( ((buf[j] >= '0') && (buf[j] <= '9')) || 118 if (!( ((buf[j] >= '0') && (buf[j] <= '9')) ||
127 ((buf[j] >= 'a') && (buf[j] <= 'f')) || 119 ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
128 ((buf[j] >= 'A') && (buf[j] <= 'F')))) 120 ((buf[j] >= 'A') && (buf[j] <= 'F')))) {
129 {
130 i=j; 121 i=j;
131 break; 122 break;
132 } 123 }
@@ -140,22 +131,19 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
140 131
141 k=0; 132 k=0;
142 i-=again; 133 i-=again;
143 if (i%2 != 0) 134 if (i%2 != 0) {
144 {
145 ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_ODD_NUMBER_OF_CHARS); 135 ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_ODD_NUMBER_OF_CHARS);
146 goto err; 136 goto err;
147 } 137 }
148 i/=2; 138 i/=2;
149 if (num+i > slen) 139 if (num+i > slen) {
150 {
151 if (s == NULL) 140 if (s == NULL)
152 sp=(unsigned char *)malloc( 141 sp=(unsigned char *)malloc(
153 (unsigned int)num+i*2); 142 (unsigned int)num+i*2);
154 else 143 else
155 sp=(unsigned char *)realloc(s, 144 sp=(unsigned char *)realloc(s,
156 (unsigned int)num+i*2); 145 (unsigned int)num+i*2);
157 if (sp == NULL) 146 if (sp == NULL) {
158 {
159 ASN1err(ASN1_F_A2I_ASN1_STRING,ERR_R_MALLOC_FAILURE); 147 ASN1err(ASN1_F_A2I_ASN1_STRING,ERR_R_MALLOC_FAILURE);
160 if (s != NULL) free(s); 148 if (s != NULL) free(s);
161 goto err; 149 goto err;
@@ -163,10 +151,8 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
163 s=sp; 151 s=sp;
164 slen=num+i*2; 152 slen=num+i*2;
165 } 153 }
166 for (j=0; j<i; j++,k+=2) 154 for (j=0; j<i; j++,k+=2) {
167 { 155 for (n=0; n<2; n++) {
168 for (n=0; n<2; n++)
169 {
170 m=bufp[k+n]; 156 m=bufp[k+n];
171 if ((m >= '0') && (m <= '9')) 157 if ((m >= '0') && (m <= '9'))
172 m-='0'; 158 m-='0';
@@ -174,8 +160,7 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
174 m=m-'a'+10; 160 m=m-'a'+10;
175 else if ((m >= 'A') && (m <= 'F')) 161 else if ((m >= 'A') && (m <= 'F'))
176 m=m-'A'+10; 162 m=m-'A'+10;
177 else 163 else {
178 {
179 ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_NON_HEX_CHARACTERS); 164 ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_NON_HEX_CHARACTERS);
180 goto err; 165 goto err;
181 } 166 }
@@ -193,8 +178,7 @@ int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
193 bs->data=s; 178 bs->data=s;
194 ret=1; 179 ret=1;
195err: 180err:
196 if (0) 181 if (0) {
197 {
198err_sl: 182err_sl:
199 ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_SHORT_LINE); 183 ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_SHORT_LINE);
200 } 184 }
diff --git a/src/lib/libssl/src/crypto/asn1/i2d_pr.c b/src/lib/libssl/src/crypto/asn1/i2d_pr.c
index 9332c4d2ec..7175748601 100644
--- a/src/lib/libssl/src/crypto/asn1/i2d_pr.c
+++ b/src/lib/libssl/src/crypto/asn1/i2d_pr.c
@@ -64,8 +64,7 @@
64 64
65int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp) 65int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
66{ 66{
67 if (a->ameth && a->ameth->old_priv_encode) 67 if (a->ameth && a->ameth->old_priv_encode) {
68 {
69 return a->ameth->old_priv_encode(a, pp); 68 return a->ameth->old_priv_encode(a, pp);
70 } 69 }
71 if (a->ameth && a->ameth->priv_encode) { 70 if (a->ameth && a->ameth->priv_encode) {
diff --git a/src/lib/libssl/src/crypto/asn1/i2d_pu.c b/src/lib/libssl/src/crypto/asn1/i2d_pu.c
index ed8ec0753b..08b438115d 100644
--- a/src/lib/libssl/src/crypto/asn1/i2d_pu.c
+++ b/src/lib/libssl/src/crypto/asn1/i2d_pu.c
@@ -73,8 +73,7 @@
73 73
74int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) 74int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp)
75{ 75{
76 switch (a->type) 76 switch (a->type) {
77 {
78#ifndef OPENSSL_NO_RSA 77#ifndef OPENSSL_NO_RSA
79 case EVP_PKEY_RSA: 78 case EVP_PKEY_RSA:
80 return(i2d_RSAPublicKey(a->pkey.rsa,pp)); 79 return(i2d_RSAPublicKey(a->pkey.rsa,pp));
diff --git a/src/lib/libssl/src/crypto/asn1/n_pkey.c b/src/lib/libssl/src/crypto/asn1/n_pkey.c
index a59640582e..0a378759f9 100644
--- a/src/lib/libssl/src/crypto/asn1/n_pkey.c
+++ b/src/lib/libssl/src/crypto/asn1/n_pkey.c
@@ -159,8 +159,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp,
159 if ((enckey->enckey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err; 159 if ((enckey->enckey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err;
160 enckey->enckey->algor->parameter->type=V_ASN1_NULL; 160 enckey->enckey->algor->parameter->type=V_ASN1_NULL;
161 161
162 if (pp == NULL) 162 if (pp == NULL) {
163 {
164 olen = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, NULL); 163 olen = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, NULL);
165 NETSCAPE_PKEY_free(pkey); 164 NETSCAPE_PKEY_free(pkey);
166 NETSCAPE_ENCRYPTED_PKEY_free(enckey); 165 NETSCAPE_ENCRYPTED_PKEY_free(enckey);
@@ -169,8 +168,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp,
169 168
170 169
171 /* Since its RC4 encrypted length is actual length */ 170 /* Since its RC4 encrypted length is actual length */
172 if ((zz=(unsigned char *)malloc(rsalen)) == NULL) 171 if ((zz=(unsigned char *)malloc(rsalen)) == NULL) {
173 {
174 ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE); 172 ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE);
175 goto err; 173 goto err;
176 } 174 }
@@ -179,14 +177,12 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp,
179 /* Write out private key encoding */ 177 /* Write out private key encoding */
180 i2d_RSAPrivateKey(a,&zz); 178 i2d_RSAPrivateKey(a,&zz);
181 179
182 if ((zz=malloc(pkeylen)) == NULL) 180 if ((zz=malloc(pkeylen)) == NULL) {
183 {
184 ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE); 181 ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE);
185 goto err; 182 goto err;
186 } 183 }
187 184
188 if (!ASN1_STRING_set(enckey->os, "private-key", -1)) 185 if (!ASN1_STRING_set(enckey->os, "private-key", -1)) {
189 {
190 ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE); 186 ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE);
191 goto err; 187 goto err;
192 } 188 }
@@ -199,8 +195,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp,
199 if (cb == NULL) 195 if (cb == NULL)
200 cb=EVP_read_pw_string; 196 cb=EVP_read_pw_string;
201 i=cb((char *)buf,256,"Enter Private Key password:",1); 197 i=cb((char *)buf,256,"Enter Private Key password:",1);
202 if (i != 0) 198 if (i != 0) {
203 {
204 ASN1err(ASN1_F_I2D_RSA_NET,ASN1_R_BAD_PASSWORD_READ); 199 ASN1err(ASN1_F_I2D_RSA_NET,ASN1_R_BAD_PASSWORD_READ);
205 goto err; 200 goto err;
206 } 201 }
@@ -259,14 +254,12 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
259} 254}
260 255
261 if ((enckey->os->length != 11) || (strncmp("private-key", 256 if ((enckey->os->length != 11) || (strncmp("private-key",
262 (char *)enckey->os->data,11) != 0)) 257 (char *)enckey->os->data,11) != 0)) {
263 {
264 ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_PRIVATE_KEY_HEADER_MISSING); 258 ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_PRIVATE_KEY_HEADER_MISSING);
265 NETSCAPE_ENCRYPTED_PKEY_free(enckey); 259 NETSCAPE_ENCRYPTED_PKEY_free(enckey);
266 return NULL; 260 return NULL;
267 } 261 }
268 if (OBJ_obj2nid(enckey->enckey->algor->algorithm) != NID_rc4) 262 if (OBJ_obj2nid(enckey->enckey->algor->algorithm) != NID_rc4) {
269 {
270 ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM); 263 ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
271 goto err; 264 goto err;
272} 265}
@@ -296,8 +289,7 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
296 EVP_CIPHER_CTX_init(&ctx); 289 EVP_CIPHER_CTX_init(&ctx);
297 290
298 i=cb((char *)buf,256,"Enter Private Key password:",0); 291 i=cb((char *)buf,256,"Enter Private Key password:",0);
299 if (i != 0) 292 if (i != 0) {
300 {
301 ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_BAD_PASSWORD_READ); 293 ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_BAD_PASSWORD_READ);
302 goto err; 294 goto err;
303 } 295 }
@@ -324,15 +316,13 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
324 316
325 zz=os->data; 317 zz=os->data;
326 318
327 if ((pkey=d2i_NETSCAPE_PKEY(NULL,&zz,os->length)) == NULL) 319 if ((pkey=d2i_NETSCAPE_PKEY(NULL,&zz,os->length)) == NULL) {
328 {
329 ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY); 320 ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY);
330 goto err; 321 goto err;
331 } 322 }
332 323
333 zz=pkey->private_key->data; 324 zz=pkey->private_key->data;
334 if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL) 325 if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL) {
335 {
336 ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY); 326 ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY);
337 goto err; 327 goto err;
338 } 328 }
diff --git a/src/lib/libssl/src/crypto/asn1/p5_pbe.c b/src/lib/libssl/src/crypto/asn1/p5_pbe.c
index f0f23c668d..390305ad38 100644
--- a/src/lib/libssl/src/crypto/asn1/p5_pbe.c
+++ b/src/lib/libssl/src/crypto/asn1/p5_pbe.c
@@ -82,22 +82,19 @@ int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
82 unsigned char *sstr; 82 unsigned char *sstr;
83 83
84 pbe = PBEPARAM_new(); 84 pbe = PBEPARAM_new();
85 if (!pbe) 85 if (!pbe) {
86 {
87 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); 86 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE);
88 goto err; 87 goto err;
89 } 88 }
90 if(iter <= 0) 89 if(iter <= 0)
91 iter = PKCS5_DEFAULT_ITER; 90 iter = PKCS5_DEFAULT_ITER;
92 if (!ASN1_INTEGER_set(pbe->iter, iter)) 91 if (!ASN1_INTEGER_set(pbe->iter, iter)) {
93 {
94 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); 92 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE);
95 goto err; 93 goto err;
96 } 94 }
97 if (!saltlen) 95 if (!saltlen)
98 saltlen = PKCS5_SALT_LEN; 96 saltlen = PKCS5_SALT_LEN;
99 if (!ASN1_STRING_set(pbe->salt, NULL, saltlen)) 97 if (!ASN1_STRING_set(pbe->salt, NULL, saltlen)) {
100 {
101 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); 98 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE);
102 goto err; 99 goto err;
103 } 100 }
@@ -107,8 +104,7 @@ int PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
107 else if (RAND_pseudo_bytes(sstr, saltlen) < 0) 104 else if (RAND_pseudo_bytes(sstr, saltlen) < 0)
108 goto err; 105 goto err;
109 106
110 if(!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) 107 if(!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) {
111 {
112 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE); 108 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR,ERR_R_MALLOC_FAILURE);
113 goto err; 109 goto err;
114 } 110 }
@@ -134,8 +130,7 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter,
134{ 130{
135 X509_ALGOR *ret; 131 X509_ALGOR *ret;
136 ret = X509_ALGOR_new(); 132 ret = X509_ALGOR_new();
137 if (!ret) 133 if (!ret) {
138 {
139 ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE); 134 ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE);
140 return NULL; 135 return NULL;
141 } 136 }
diff --git a/src/lib/libssl/src/crypto/asn1/p5_pbev2.c b/src/lib/libssl/src/crypto/asn1/p5_pbev2.c
index 2d80334e01..01563a68fd 100644
--- a/src/lib/libssl/src/crypto/asn1/p5_pbev2.c
+++ b/src/lib/libssl/src/crypto/asn1/p5_pbev2.c
@@ -114,13 +114,12 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
114 if(!(scheme->parameter = ASN1_TYPE_new())) goto merr; 114 if(!(scheme->parameter = ASN1_TYPE_new())) goto merr;
115 115
116 /* Create random IV */ 116 /* Create random IV */
117 if (EVP_CIPHER_iv_length(cipher)) 117 if (EVP_CIPHER_iv_length(cipher)) {
118 {
119 if (aiv) 118 if (aiv)
120 memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher)); 119 memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
121 else if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0) 120 else if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
122 goto err; 121 goto err;
123 } 122 }
124 123
125 EVP_CIPHER_CTX_init(&ctx); 124 EVP_CIPHER_CTX_init(&ctx);
126 125
@@ -137,11 +136,10 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
137 * An error is OK here: just means use default PRF. 136 * An error is OK here: just means use default PRF.
138 */ 137 */
139 if ((prf_nid == -1) && 138 if ((prf_nid == -1) &&
140 EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_PBE_PRF_NID, 0, &prf_nid) <= 0) 139 EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_PBE_PRF_NID, 0, &prf_nid) <= 0) {
141 {
142 ERR_clear_error(); 140 ERR_clear_error();
143 prf_nid = NID_hmacWithSHA1; 141 prf_nid = NID_hmacWithSHA1;
144 } 142 }
145 EVP_CIPHER_CTX_cleanup(&ctx); 143 EVP_CIPHER_CTX_cleanup(&ctx);
146 144
147 /* If its RC2 then we'd better setup the key length */ 145 /* If its RC2 then we'd better setup the key length */
@@ -178,7 +176,7 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
178 176
179 return ret; 177 return ret;
180 178
181 merr: 179merr:
182 ASN1err(ASN1_F_PKCS5_PBE2_SET_IV,ERR_R_MALLOC_FAILURE); 180 ASN1err(ASN1_F_PKCS5_PBE2_SET_IV,ERR_R_MALLOC_FAILURE);
183 181
184 err: 182 err:
@@ -193,13 +191,13 @@ X509_ALGOR *PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter,
193 191
194X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, 192X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
195 unsigned char *salt, int saltlen) 193 unsigned char *salt, int saltlen)
196 { 194{
197 return PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, -1); 195 return PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, -1);
198 } 196}
199 197
200X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, 198X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
201 int prf_nid, int keylen) 199 int prf_nid, int keylen)
202 { 200{
203 X509_ALGOR *keyfunc = NULL; 201 X509_ALGOR *keyfunc = NULL;
204 PBKDF2PARAM *kdf = NULL; 202 PBKDF2PARAM *kdf = NULL;
205 ASN1_OCTET_STRING *osalt = NULL; 203 ASN1_OCTET_STRING *osalt = NULL;
@@ -232,8 +230,7 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
232 230
233 /* If have a key len set it up */ 231 /* If have a key len set it up */
234 232
235 if(keylen > 0) 233 if(keylen > 0) {
236 {
237 if(!(kdf->keylength = M_ASN1_INTEGER_new())) 234 if(!(kdf->keylength = M_ASN1_INTEGER_new()))
238 goto merr; 235 goto merr;
239 if(!ASN1_INTEGER_set (kdf->keylength, keylen)) 236 if(!ASN1_INTEGER_set (kdf->keylength, keylen))
@@ -241,14 +238,13 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
241 } 238 }
242 239
243 /* prf can stay NULL if we are using hmacWithSHA1 */ 240 /* prf can stay NULL if we are using hmacWithSHA1 */
244 if (prf_nid > 0 && prf_nid != NID_hmacWithSHA1) 241 if (prf_nid > 0 && prf_nid != NID_hmacWithSHA1) {
245 {
246 kdf->prf = X509_ALGOR_new(); 242 kdf->prf = X509_ALGOR_new();
247 if (!kdf->prf) 243 if (!kdf->prf)
248 goto merr; 244 goto merr;
249 X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid), 245 X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid),
250 V_ASN1_NULL, NULL); 246 V_ASN1_NULL, NULL);
251 } 247 }
252 248
253 /* Finally setup the keyfunc structure */ 249 /* Finally setup the keyfunc structure */
254 250
@@ -271,10 +267,10 @@ X509_ALGOR *PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen,
271 PBKDF2PARAM_free(kdf); 267 PBKDF2PARAM_free(kdf);
272 return keyfunc; 268 return keyfunc;
273 269
274 merr: 270merr:
275 ASN1err(ASN1_F_PKCS5_PBKDF2_SET,ERR_R_MALLOC_FAILURE); 271 ASN1err(ASN1_F_PKCS5_PBKDF2_SET,ERR_R_MALLOC_FAILURE);
276 PBKDF2PARAM_free(kdf); 272 PBKDF2PARAM_free(kdf);
277 X509_ALGOR_free(keyfunc); 273 X509_ALGOR_free(keyfunc);
278 return NULL; 274 return NULL;
279 } 275}
280 276
diff --git a/src/lib/libssl/src/crypto/asn1/p8_pkey.c b/src/lib/libssl/src/crypto/asn1/p8_pkey.c
index 9d26cf51ec..c95d7e55a0 100644
--- a/src/lib/libssl/src/crypto/asn1/p8_pkey.c
+++ b/src/lib/libssl/src/crypto/asn1/p8_pkey.c
@@ -90,13 +90,11 @@ int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
90 unsigned char *penc, int penclen) 90 unsigned char *penc, int penclen)
91{ 91{
92 unsigned char **ppenc = NULL; 92 unsigned char **ppenc = NULL;
93 if (version >= 0) 93 if (version >= 0) {
94 {
95 if (!ASN1_INTEGER_set(priv->version, version)) 94 if (!ASN1_INTEGER_set(priv->version, version))
96 return 0; 95 return 0;
97 } 96 }
98 if (penc) 97 if (penc) {
99 {
100 int pmtype; 98 int pmtype;
101 ASN1_OCTET_STRING *oct; 99 ASN1_OCTET_STRING *oct;
102 oct = ASN1_OCTET_STRING_new(); 100 oct = ASN1_OCTET_STRING_new();
@@ -111,8 +109,7 @@ int PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj,
111 pmtype = V_ASN1_OCTET_STRING; 109 pmtype = V_ASN1_OCTET_STRING;
112 ASN1_TYPE_set(priv->pkey, pmtype, oct); 110 ASN1_TYPE_set(priv->pkey, pmtype, oct);
113 } 111 }
114 if (!X509_ALGOR_set0(priv->pkeyalg, aobj, ptype, pval)) 112 if (!X509_ALGOR_set0(priv->pkeyalg, aobj, ptype, pval)) {
115 {
116 /* If call fails do not swallow 'enc' */ 113 /* If call fails do not swallow 'enc' */
117 if (ppenc) 114 if (ppenc)
118 *ppenc = NULL; 115 *ppenc = NULL;
@@ -128,20 +125,15 @@ int PKCS8_pkey_get0(ASN1_OBJECT **ppkalg,
128{ 125{
129 if (ppkalg) 126 if (ppkalg)
130 *ppkalg = p8->pkeyalg->algorithm; 127 *ppkalg = p8->pkeyalg->algorithm;
131 if(p8->pkey->type == V_ASN1_OCTET_STRING) 128 if(p8->pkey->type == V_ASN1_OCTET_STRING) {
132 {
133 p8->broken = PKCS8_OK; 129 p8->broken = PKCS8_OK;
134 if (pk) 130 if (pk) {
135 {
136 *pk = p8->pkey->value.octet_string->data; 131 *pk = p8->pkey->value.octet_string->data;
137 *ppklen = p8->pkey->value.octet_string->length; 132 *ppklen = p8->pkey->value.octet_string->length;
138 } 133 }
139 } 134 } else if (p8->pkey->type == V_ASN1_SEQUENCE) {
140 else if (p8->pkey->type == V_ASN1_SEQUENCE)
141 {
142 p8->broken = PKCS8_NO_OCTET; 135 p8->broken = PKCS8_NO_OCTET;
143 if (pk) 136 if (pk) {
144 {
145 *pk = p8->pkey->value.sequence->data; 137 *pk = p8->pkey->value.sequence->data;
146 *ppklen = p8->pkey->value.sequence->length; 138 *ppklen = p8->pkey->value.sequence->length;
147 } 139 }
diff --git a/src/lib/libssl/src/crypto/asn1/t_crl.c b/src/lib/libssl/src/crypto/asn1/t_crl.c
index 1624cc5fcc..c665a26bce 100644
--- a/src/lib/libssl/src/crypto/asn1/t_crl.c
+++ b/src/lib/libssl/src/crypto/asn1/t_crl.c
@@ -70,8 +70,7 @@ int X509_CRL_print_fp(FILE *fp, X509_CRL *x)
70 BIO *b; 70 BIO *b;
71 int ret; 71 int ret;
72 72
73 if ((b=BIO_new(BIO_s_file())) == NULL) 73 if ((b=BIO_new(BIO_s_file())) == NULL) {
74 {
75 X509err(X509_F_X509_CRL_PRINT_FP,ERR_R_BUF_LIB); 74 X509err(X509_F_X509_CRL_PRINT_FP,ERR_R_BUF_LIB);
76 return(0); 75 return(0);
77 } 76 }
diff --git a/src/lib/libssl/src/crypto/asn1/t_pkey.c b/src/lib/libssl/src/crypto/asn1/t_pkey.c
index 61f5cd61f1..12674e0125 100644
--- a/src/lib/libssl/src/crypto/asn1/t_pkey.c
+++ b/src/lib/libssl/src/crypto/asn1/t_pkey.c
@@ -72,21 +72,17 @@ int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
72 neg = (BN_is_negative(num))?"-":""; 72 neg = (BN_is_negative(num))?"-":"";
73 if(!BIO_indent(bp,off,128)) 73 if(!BIO_indent(bp,off,128))
74 return 0; 74 return 0;
75 if (BN_is_zero(num)) 75 if (BN_is_zero(num)) {
76 {
77 if (BIO_printf(bp, "%s 0\n", number) <= 0) 76 if (BIO_printf(bp, "%s 0\n", number) <= 0)
78 return 0; 77 return 0;
79 return 1; 78 return 1;
80 } 79 }
81 80
82 if (BN_num_bytes(num) <= BN_BYTES) 81 if (BN_num_bytes(num) <= BN_BYTES) {
83 {
84 if (BIO_printf(bp,"%s %s%lu (%s0x%lx)\n",number,neg, 82 if (BIO_printf(bp,"%s %s%lu (%s0x%lx)\n",number,neg,
85 (unsigned long)num->d[0],neg,(unsigned long)num->d[0]) 83 (unsigned long)num->d[0],neg,(unsigned long)num->d[0])
86 <= 0) return(0); 84 <= 0) return(0);
87 } 85 } else {
88 else
89 {
90 buf[0]=0; 86 buf[0]=0;
91 if (BIO_printf(bp,"%s%s",number, 87 if (BIO_printf(bp,"%s%s",number,
92 (neg[0] == '-')?" (Negative)":"") <= 0) 88 (neg[0] == '-')?" (Negative)":"") <= 0)
@@ -97,10 +93,8 @@ int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
97 n++; 93 n++;
98 else buf++; 94 else buf++;
99 95
100 for (i=0; i<n; i++) 96 for (i=0; i<n; i++) {
101 { 97 if ((i%15) == 0) {
102 if ((i%15) == 0)
103 {
104 if(BIO_puts(bp,"\n") <= 0 98 if(BIO_puts(bp,"\n") <= 0
105 || !BIO_indent(bp,off+4,128)) 99 || !BIO_indent(bp,off+4,128))
106 return 0; 100 return 0;
diff --git a/src/lib/libssl/src/crypto/asn1/t_req.c b/src/lib/libssl/src/crypto/asn1/t_req.c
index a863543898..4457f5291e 100644
--- a/src/lib/libssl/src/crypto/asn1/t_req.c
+++ b/src/lib/libssl/src/crypto/asn1/t_req.c
@@ -76,8 +76,7 @@ int X509_REQ_print_fp(FILE *fp, X509_REQ *x)
76 BIO *b; 76 BIO *b;
77 int ret; 77 int ret;
78 78
79 if ((b=BIO_new(BIO_s_file())) == NULL) 79 if ((b=BIO_new(BIO_s_file())) == NULL) {
80 {
81 X509err(X509_F_X509_REQ_PRINT_FP,ERR_R_BUF_LIB); 80 X509err(X509_F_X509_REQ_PRINT_FP,ERR_R_BUF_LIB);
82 return(0); 81 return(0);
83 } 82 }
@@ -110,17 +109,16 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long
110 109
111 110
112 ri=x->req_info; 111 ri=x->req_info;
113 if(!(cflag & X509_FLAG_NO_HEADER)) 112 if(!(cflag & X509_FLAG_NO_HEADER)) {
114 {
115 if (BIO_write(bp,"Certificate Request:\n",21) <= 0) goto err; 113 if (BIO_write(bp,"Certificate Request:\n",21) <= 0) goto err;
116 if (BIO_write(bp," Data:\n",10) <= 0) goto err; 114 if (BIO_write(bp," Data:\n",10) <= 0) goto err;
117 } 115 }
118 if(!(cflag & X509_FLAG_NO_VERSION)) 116 if(!(cflag & X509_FLAG_NO_VERSION)) {
119 {
120 neg=(ri->version->type == V_ASN1_NEG_INTEGER)?"-":""; 117 neg=(ri->version->type == V_ASN1_NEG_INTEGER)?"-":"";
121 l=0; 118 l=0;
122 for (i=0; i<ri->version->length; i++) 119 for (i=0; i<ri->version->length; i++) {
123 { l<<=8; l+=ri->version->data[i]; } 120 l<<=8; l+=ri->version->data[i];
121 }
124 if(BIO_printf(bp,"%8sVersion: %s%lu (%s0x%lx)\n","",neg,l,neg, 122 if(BIO_printf(bp,"%8sVersion: %s%lu (%s0x%lx)\n","",neg,l,neg,
125 l) <= 0) 123 l) <= 0)
126 goto err; 124 goto err;
@@ -131,8 +129,7 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long
131 if (X509_NAME_print_ex(bp,ri->subject,nmindent, nmflags) < 0) goto err; 129 if (X509_NAME_print_ex(bp,ri->subject,nmindent, nmflags) < 0) goto err;
132 if (BIO_write(bp,"\n",1) <= 0) goto err; 130 if (BIO_write(bp,"\n",1) <= 0) goto err;
133 } 131 }
134 if(!(cflag & X509_FLAG_NO_PUBKEY)) 132 if(!(cflag & X509_FLAG_NO_PUBKEY)) {
135 {
136 if (BIO_write(bp," Subject Public Key Info:\n",33) <= 0) 133 if (BIO_write(bp," Subject Public Key Info:\n",33) <= 0)
137 goto err; 134 goto err;
138 if (BIO_printf(bp,"%12sPublic Key Algorithm: ","") <= 0) 135 if (BIO_printf(bp,"%12sPublic Key Algorithm: ","") <= 0)
@@ -143,34 +140,26 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long
143 goto err; 140 goto err;
144 141
145 pkey=X509_REQ_get_pubkey(x); 142 pkey=X509_REQ_get_pubkey(x);
146 if (pkey == NULL) 143 if (pkey == NULL) {
147 {
148 BIO_printf(bp,"%12sUnable to load Public Key\n",""); 144 BIO_printf(bp,"%12sUnable to load Public Key\n","");
149 ERR_print_errors(bp); 145 ERR_print_errors(bp);
150 } 146 } else {
151 else
152 {
153 EVP_PKEY_print_public(bp, pkey, 16, NULL); 147 EVP_PKEY_print_public(bp, pkey, 16, NULL);
154 EVP_PKEY_free(pkey); 148 EVP_PKEY_free(pkey);
155 } 149 }
156 } 150 }
157 151
158 if(!(cflag & X509_FLAG_NO_ATTRIBUTES)) 152 if(!(cflag & X509_FLAG_NO_ATTRIBUTES)) {
159 {
160 /* may not be */ 153 /* may not be */
161 if(BIO_printf(bp,"%8sAttributes:\n","") <= 0) 154 if(BIO_printf(bp,"%8sAttributes:\n","") <= 0)
162 goto err; 155 goto err;
163 156
164 sk=x->req_info->attributes; 157 sk=x->req_info->attributes;
165 if (sk_X509_ATTRIBUTE_num(sk) == 0) 158 if (sk_X509_ATTRIBUTE_num(sk) == 0) {
166 {
167 if(BIO_printf(bp,"%12sa0:00\n","") <= 0) 159 if(BIO_printf(bp,"%12sa0:00\n","") <= 0)
168 goto err; 160 goto err;
169 } 161 } else {
170 else 162 for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++) {
171 {
172 for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++)
173 {
174 ASN1_TYPE *at; 163 ASN1_TYPE *at;
175 X509_ATTRIBUTE *a; 164 X509_ATTRIBUTE *a;
176 ASN1_BIT_STRING *bs=NULL; 165 ASN1_BIT_STRING *bs=NULL;
@@ -182,16 +171,12 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long
182 continue; 171 continue;
183 if(BIO_printf(bp,"%12s","") <= 0) 172 if(BIO_printf(bp,"%12s","") <= 0)
184 goto err; 173 goto err;
185 if ((j=i2a_ASN1_OBJECT(bp,a->object)) > 0) 174 if ((j=i2a_ASN1_OBJECT(bp,a->object)) > 0) {
186 { 175 if (a->single) {
187 if (a->single)
188 {
189 t=a->value.single; 176 t=a->value.single;
190 type=t->type; 177 type=t->type;
191 bs=t->value.bit_string; 178 bs=t->value.bit_string;
192 } 179 } else {
193 else
194 {
195 ii=0; 180 ii=0;
196 count=sk_ASN1_TYPE_num(a->value.set); 181 count=sk_ASN1_TYPE_num(a->value.set);
197get_next: 182get_next:
@@ -205,29 +190,23 @@ get_next:
205 if (BIO_puts(bp,":") <= 0) goto err; 190 if (BIO_puts(bp,":") <= 0) goto err;
206 if ( (type == V_ASN1_PRINTABLESTRING) || 191 if ( (type == V_ASN1_PRINTABLESTRING) ||
207 (type == V_ASN1_T61STRING) || 192 (type == V_ASN1_T61STRING) ||
208 (type == V_ASN1_IA5STRING)) 193 (type == V_ASN1_IA5STRING)) {
209 {
210 if (BIO_write(bp,(char *)bs->data,bs->length) 194 if (BIO_write(bp,(char *)bs->data,bs->length)
211 != bs->length) 195 != bs->length)
212 goto err; 196 goto err;
213 BIO_puts(bp,"\n"); 197 BIO_puts(bp,"\n");
214 } 198 } else {
215 else
216 {
217 BIO_puts(bp,"unable to print attribute\n"); 199 BIO_puts(bp,"unable to print attribute\n");
218 } 200 }
219 if (++ii < count) goto get_next; 201 if (++ii < count) goto get_next;
220 } 202 }
221 } 203 }
222 } 204 }
223 if(!(cflag & X509_FLAG_NO_EXTENSIONS)) 205 if(!(cflag & X509_FLAG_NO_EXTENSIONS)) {
224 {
225 exts = X509_REQ_get_extensions(x); 206 exts = X509_REQ_get_extensions(x);
226 if(exts) 207 if(exts) {
227 {
228 BIO_printf(bp,"%8sRequested Extensions:\n",""); 208 BIO_printf(bp,"%8sRequested Extensions:\n","");
229 for (i=0; i<sk_X509_EXTENSION_num(exts); i++) 209 for (i=0; i<sk_X509_EXTENSION_num(exts); i++) {
230 {
231 ASN1_OBJECT *obj; 210 ASN1_OBJECT *obj;
232 X509_EXTENSION *ex; 211 X509_EXTENSION *ex;
233 int j; 212 int j;
@@ -238,8 +217,7 @@ get_next:
238 j=X509_EXTENSION_get_critical(ex); 217 j=X509_EXTENSION_get_critical(ex);
239 if (BIO_printf(bp,": %s\n",j?"critical":"") <= 0) 218 if (BIO_printf(bp,": %s\n",j?"critical":"") <= 0)
240 goto err; 219 goto err;
241 if(!X509V3_EXT_print(bp, ex, cflag, 16)) 220 if(!X509V3_EXT_print(bp, ex, cflag, 16)) {
242 {
243 BIO_printf(bp, "%16s", ""); 221 BIO_printf(bp, "%16s", "");
244 M_ASN1_OCTET_STRING_print(bp,ex->value); 222 M_ASN1_OCTET_STRING_print(bp,ex->value);
245 } 223 }
@@ -249,8 +227,7 @@ get_next:
249 } 227 }
250 } 228 }
251 229
252 if(!(cflag & X509_FLAG_NO_SIGDUMP)) 230 if(!(cflag & X509_FLAG_NO_SIGDUMP)) {
253 {
254 if(!X509_signature_print(bp, x->sig_alg, x->signature)) goto err; 231 if(!X509_signature_print(bp, x->sig_alg, x->signature)) goto err;
255 } 232 }
256 233
diff --git a/src/lib/libssl/src/crypto/asn1/t_spki.c b/src/lib/libssl/src/crypto/asn1/t_spki.c
index 016eb2fc2e..f135754535 100644
--- a/src/lib/libssl/src/crypto/asn1/t_spki.c
+++ b/src/lib/libssl/src/crypto/asn1/t_spki.c
@@ -81,9 +81,9 @@ int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki)
81 BIO_printf(out," Public Key Algorithm: %s\n", 81 BIO_printf(out," Public Key Algorithm: %s\n",
82 (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)); 82 (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i));
83 pkey = X509_PUBKEY_get(spki->spkac->pubkey); 83 pkey = X509_PUBKEY_get(spki->spkac->pubkey);
84 if(!pkey) BIO_printf(out, " Unable to load public key\n"); 84 if(!pkey)
85 else 85 BIO_printf(out, " Unable to load public key\n");
86 { 86 else {
87 EVP_PKEY_print_public(out, pkey, 4, NULL); 87 EVP_PKEY_print_public(out, pkey, 4, NULL);
88 EVP_PKEY_free(pkey); 88 EVP_PKEY_free(pkey);
89 } 89 }
@@ -96,9 +96,9 @@ int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki)
96 96
97 n=spki->signature->length; 97 n=spki->signature->length;
98 s=(char *)spki->signature->data; 98 s=(char *)spki->signature->data;
99 for (i=0; i<n; i++) 99 for (i=0; i<n; i++) {
100 { 100 if ((i%18) == 0)
101 if ((i%18) == 0) BIO_write(out,"\n ",7); 101 BIO_write(out,"\n ",7);
102 BIO_printf(out,"%02x%s",(unsigned char)s[i], 102 BIO_printf(out,"%02x%s",(unsigned char)s[i],
103 ((i+1) == n)?"":":"); 103 ((i+1) == n)?"":":");
104 } 104 }
diff --git a/src/lib/libssl/src/crypto/asn1/t_x509.c b/src/lib/libssl/src/crypto/asn1/t_x509.c
index 30d49cc4dd..32f1a4f4b0 100644
--- a/src/lib/libssl/src/crypto/asn1/t_x509.c
+++ b/src/lib/libssl/src/crypto/asn1/t_x509.c
@@ -85,8 +85,7 @@ int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag, unsigned long cfla
85 BIO *b; 85 BIO *b;
86 int ret; 86 int ret;
87 87
88 if ((b=BIO_new(BIO_s_file())) == NULL) 88 if ((b=BIO_new(BIO_s_file())) == NULL) {
89 {
90 X509err(X509_F_X509_PRINT_EX_FP,ERR_R_BUF_LIB); 89 X509err(X509_F_X509_PRINT_EX_FP,ERR_R_BUF_LIB);
91 return(0); 90 return(0);
92 } 91 }
@@ -122,42 +121,33 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
122 nmindent = 16; 121 nmindent = 16;
123 122
124 ci=x->cert_info; 123 ci=x->cert_info;
125 if(!(cflag & X509_FLAG_NO_HEADER)) 124 if(!(cflag & X509_FLAG_NO_HEADER)) {
126 {
127 if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err; 125 if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err;
128 if (BIO_write(bp," Data:\n",10) <= 0) goto err; 126 if (BIO_write(bp," Data:\n",10) <= 0) goto err;
129 } 127 }
130 if(!(cflag & X509_FLAG_NO_VERSION)) 128 if(!(cflag & X509_FLAG_NO_VERSION)) {
131 {
132 l=X509_get_version(x); 129 l=X509_get_version(x);
133 if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err; 130 if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
134 } 131 }
135 if(!(cflag & X509_FLAG_NO_SERIAL)) 132 if(!(cflag & X509_FLAG_NO_SERIAL)) {
136 {
137 133
138 if (BIO_write(bp," Serial Number:",22) <= 0) goto err; 134 if (BIO_write(bp," Serial Number:",22) <= 0) goto err;
139 135
140 bs=X509_get_serialNumber(x); 136 bs=X509_get_serialNumber(x);
141 if (bs->length <= (int)sizeof(long)) 137 if (bs->length <= (int)sizeof(long)) {
142 {
143 l=ASN1_INTEGER_get(bs); 138 l=ASN1_INTEGER_get(bs);
144 if (bs->type == V_ASN1_NEG_INTEGER) 139 if (bs->type == V_ASN1_NEG_INTEGER) {
145 {
146 l= -l; 140 l= -l;
147 neg="-"; 141 neg="-";
148 } 142 } else
149 else
150 neg=""; 143 neg="";
151 if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0) 144 if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0)
152 goto err; 145 goto err;
153 } 146 } else {
154 else
155 {
156 neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":""; 147 neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":"";
157 if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err; 148 if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err;
158 149
159 for (i=0; i<bs->length; i++) 150 for (i=0; i<bs->length; i++) {
160 {
161 if (BIO_printf(bp,"%02x%c",bs->data[i], 151 if (BIO_printf(bp,"%02x%c",bs->data[i],
162 ((i+1 == bs->length)?'\n':':')) <= 0) 152 ((i+1 == bs->length)?'\n':':')) <= 0)
163 goto err; 153 goto err;
@@ -166,8 +156,7 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
166 156
167 } 157 }
168 158
169 if(!(cflag & X509_FLAG_NO_SIGNAME)) 159 if(!(cflag & X509_FLAG_NO_SIGNAME)) {
170 {
171 if(X509_signature_print(bp, x->sig_alg, NULL) <= 0) 160 if(X509_signature_print(bp, x->sig_alg, NULL) <= 0)
172 goto err; 161 goto err;
173#if 0 162#if 0
@@ -180,14 +169,12 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
180#endif 169#endif
181 } 170 }
182 171
183 if(!(cflag & X509_FLAG_NO_ISSUER)) 172 if(!(cflag & X509_FLAG_NO_ISSUER)) {
184 {
185 if (BIO_printf(bp," Issuer:%c",mlch) <= 0) goto err; 173 if (BIO_printf(bp," Issuer:%c",mlch) <= 0) goto err;
186 if (X509_NAME_print_ex(bp,X509_get_issuer_name(x),nmindent, nmflags) < 0) goto err; 174 if (X509_NAME_print_ex(bp,X509_get_issuer_name(x),nmindent, nmflags) < 0) goto err;
187 if (BIO_write(bp,"\n",1) <= 0) goto err; 175 if (BIO_write(bp,"\n",1) <= 0) goto err;
188 } 176 }
189 if(!(cflag & X509_FLAG_NO_VALIDITY)) 177 if(!(cflag & X509_FLAG_NO_VALIDITY)) {
190 {
191 if (BIO_write(bp," Validity\n",17) <= 0) goto err; 178 if (BIO_write(bp," Validity\n",17) <= 0) goto err;
192 if (BIO_write(bp," Not Before: ",24) <= 0) goto err; 179 if (BIO_write(bp," Not Before: ",24) <= 0) goto err;
193 if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err; 180 if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err;
@@ -195,14 +182,12 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
195 if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err; 182 if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err;
196 if (BIO_write(bp,"\n",1) <= 0) goto err; 183 if (BIO_write(bp,"\n",1) <= 0) goto err;
197 } 184 }
198 if(!(cflag & X509_FLAG_NO_SUBJECT)) 185 if(!(cflag & X509_FLAG_NO_SUBJECT)) {
199 {
200 if (BIO_printf(bp," Subject:%c",mlch) <= 0) goto err; 186 if (BIO_printf(bp," Subject:%c",mlch) <= 0) goto err;
201 if (X509_NAME_print_ex(bp,X509_get_subject_name(x),nmindent, nmflags) < 0) goto err; 187 if (X509_NAME_print_ex(bp,X509_get_subject_name(x),nmindent, nmflags) < 0) goto err;
202 if (BIO_write(bp,"\n",1) <= 0) goto err; 188 if (BIO_write(bp,"\n",1) <= 0) goto err;
203 } 189 }
204 if(!(cflag & X509_FLAG_NO_PUBKEY)) 190 if(!(cflag & X509_FLAG_NO_PUBKEY)) {
205 {
206 if (BIO_write(bp," Subject Public Key Info:\n",33) <= 0) 191 if (BIO_write(bp," Subject Public Key Info:\n",33) <= 0)
207 goto err; 192 goto err;
208 if (BIO_printf(bp,"%12sPublic Key Algorithm: ","") <= 0) 193 if (BIO_printf(bp,"%12sPublic Key Algorithm: ","") <= 0)
@@ -213,13 +198,10 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
213 goto err; 198 goto err;
214 199
215 pkey=X509_get_pubkey(x); 200 pkey=X509_get_pubkey(x);
216 if (pkey == NULL) 201 if (pkey == NULL) {
217 {
218 BIO_printf(bp,"%12sUnable to load Public Key\n",""); 202 BIO_printf(bp,"%12sUnable to load Public Key\n","");
219 ERR_print_errors(bp); 203 ERR_print_errors(bp);
220 } 204 } else {
221 else
222 {
223 EVP_PKEY_print_public(bp, pkey, 16, NULL); 205 EVP_PKEY_print_public(bp, pkey, 16, NULL);
224 EVP_PKEY_free(pkey); 206 EVP_PKEY_free(pkey);
225 } 207 }
@@ -229,12 +211,10 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
229 X509V3_extensions_print(bp, "X509v3 extensions", 211 X509V3_extensions_print(bp, "X509v3 extensions",
230 ci->extensions, cflag, 8); 212 ci->extensions, cflag, 8);
231 213
232 if(!(cflag & X509_FLAG_NO_SIGDUMP)) 214 if(!(cflag & X509_FLAG_NO_SIGDUMP)) {
233 {
234 if(X509_signature_print(bp, x->sig_alg, x->signature) <= 0) goto err; 215 if(X509_signature_print(bp, x->sig_alg, x->signature) <= 0) goto err;
235 } 216 }
236 if(!(cflag & X509_FLAG_NO_AUX)) 217 if(!(cflag & X509_FLAG_NO_AUX)) {
237 {
238 if (!X509_CERT_AUX_print(bp, x->aux, 0)) goto err; 218 if (!X509_CERT_AUX_print(bp, x->aux, 0)) goto err;
239 } 219 }
240 ret=1; 220 ret=1;
@@ -262,8 +242,7 @@ int X509_ocspid_print (BIO *bp, X509 *x)
262 242
263 if (!EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL)) 243 if (!EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL))
264 goto err; 244 goto err;
265 for (i=0; i < SHA_DIGEST_LENGTH; i++) 245 for (i=0; i < SHA_DIGEST_LENGTH; i++) {
266 {
267 if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err; 246 if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err;
268 } 247 }
269 free (der); 248 free (der);
@@ -278,8 +257,7 @@ int X509_ocspid_print (BIO *bp, X509 *x)
278 x->cert_info->key->public_key->length, 257 x->cert_info->key->public_key->length,
279 SHA1md, NULL, EVP_sha1(), NULL)) 258 SHA1md, NULL, EVP_sha1(), NULL))
280 goto err; 259 goto err;
281 for (i=0; i < SHA_DIGEST_LENGTH; i++) 260 for (i=0; i < SHA_DIGEST_LENGTH; i++) {
282 {
283 if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) 261 if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0)
284 goto err; 262 goto err;
285 } 263 }
@@ -298,10 +276,8 @@ int X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent)
298 276
299 n=sig->length; 277 n=sig->length;
300 s=sig->data; 278 s=sig->data;
301 for (i=0; i<n; i++) 279 for (i=0; i<n; i++) {
302 { 280 if ((i%18) == 0) {
303 if ((i%18) == 0)
304 {
305 if (BIO_write(bp,"\n",1) <= 0) return 0; 281 if (BIO_write(bp,"\n",1) <= 0) return 0;
306 if (BIO_indent(bp, indent, indent) <= 0) return 0; 282 if (BIO_indent(bp, indent, indent) <= 0) return 0;
307 } 283 }
@@ -320,12 +296,10 @@ int X509_signature_print(BIO *bp, X509_ALGOR *sigalg, ASN1_STRING *sig)
320 if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0) return 0; 296 if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0) return 0;
321 297
322 sig_nid = OBJ_obj2nid(sigalg->algorithm); 298 sig_nid = OBJ_obj2nid(sigalg->algorithm);
323 if (sig_nid != NID_undef) 299 if (sig_nid != NID_undef) {
324 {
325 int pkey_nid, dig_nid; 300 int pkey_nid, dig_nid;
326 const EVP_PKEY_ASN1_METHOD *ameth; 301 const EVP_PKEY_ASN1_METHOD *ameth;
327 if (OBJ_find_sigid_algs(sig_nid, &dig_nid, &pkey_nid)) 302 if (OBJ_find_sigid_algs(sig_nid, &dig_nid, &pkey_nid)) {
328 {
329 ameth = EVP_PKEY_asn1_find(NULL, pkey_nid); 303 ameth = EVP_PKEY_asn1_find(NULL, pkey_nid);
330 if (ameth && ameth->sig_print) 304 if (ameth && ameth->sig_print)
331 return ameth->sig_print(bp, sigalg, sig, 9, 0); 305 return ameth->sig_print(bp, sigalg, sig, 9, 0);
@@ -347,16 +321,14 @@ int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v)
347 if (v == NULL) return(0); 321 if (v == NULL) return(0);
348 n=0; 322 n=0;
349 p=(const char *)v->data; 323 p=(const char *)v->data;
350 for (i=0; i<v->length; i++) 324 for (i=0; i<v->length; i++) {
351 {
352 if ((p[i] > '~') || ((p[i] < ' ') && 325 if ((p[i] > '~') || ((p[i] < ' ') &&
353 (p[i] != '\n') && (p[i] != '\r'))) 326 (p[i] != '\n') && (p[i] != '\r')))
354 buf[n]='.'; 327 buf[n]='.';
355 else 328 else
356 buf[n]=p[i]; 329 buf[n]=p[i];
357 n++; 330 n++;
358 if (n >= 80) 331 if (n >= 80) {
359 {
360 if (BIO_write(bp,buf,n) <= 0) 332 if (BIO_write(bp,buf,n) <= 0)
361 return(0); 333 return(0);
362 n=0; 334 n=0;
@@ -407,12 +379,10 @@ int ASN1_GENERALIZEDTIME_print(BIO *bp, const ASN1_GENERALIZEDTIME *tm)
407 m= (v[10]-'0')*10+(v[11]-'0'); 379 m= (v[10]-'0')*10+(v[11]-'0');
408 if (tm->length >= 14 && 380 if (tm->length >= 14 &&
409 (v[12] >= '0') && (v[12] <= '9') && 381 (v[12] >= '0') && (v[12] <= '9') &&
410 (v[13] >= '0') && (v[13] <= '9')) 382 (v[13] >= '0') && (v[13] <= '9')) {
411 {
412 s= (v[12]-'0')*10+(v[13]-'0'); 383 s= (v[12]-'0')*10+(v[13]-'0');
413 /* Check for fractions of seconds. */ 384 /* Check for fractions of seconds. */
414 if (tm->length >= 15 && v[14] == '.') 385 if (tm->length >= 15 && v[14] == '.') {
415 {
416 int l = tm->length; 386 int l = tm->length;
417 f = &v[14]; /* The decimal point. */ 387 f = &v[14]; /* The decimal point. */
418 f_len = 1; 388 f_len = 1;
@@ -475,29 +445,25 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
475 l=80-2-obase; 445 l=80-2-obase;
476 446
477 b=X509_NAME_oneline(name,NULL,0); 447 b=X509_NAME_oneline(name,NULL,0);
478 if (!*b) 448 if (!*b) {
479 {
480 free(b); 449 free(b);
481 return 1; 450 return 1;
482 } 451 }
483 s=b+1; /* skip the first slash */ 452 s=b+1; /* skip the first slash */
484 453
485 c=s; 454 c=s;
486 for (;;) 455 for (;;) {
487 {
488 if ( ((*s == '/') && 456 if ( ((*s == '/') &&
489 ((s[1] >= 'A') && (s[1] <= 'Z') && ( 457 ((s[1] >= 'A') && (s[1] <= 'Z') && (
490 (s[2] == '=') || 458 (s[2] == '=') ||
491 ((s[2] >= 'A') && (s[2] <= 'Z') && 459 ((s[2] >= 'A') && (s[2] <= 'Z') &&
492 (s[3] == '=')) 460 (s[3] == '='))
493 ))) || 461 ))) ||
494 (*s == '\0')) 462 (*s == '\0')) {
495 {
496 i=s-c; 463 i=s-c;
497 if (BIO_write(bp,c,i) != i) goto err; 464 if (BIO_write(bp,c,i) != i) goto err;
498 c=s+1; /* skip following slash */ 465 c=s+1; /* skip following slash */
499 if (*s != '\0') 466 if (*s != '\0') {
500 {
501 if (BIO_write(bp,", ",2) != 2) goto err; 467 if (BIO_write(bp,", ",2) != 2) goto err;
502 } 468 }
503 l--; 469 l--;
@@ -508,8 +474,7 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
508 } 474 }
509 475
510 ret=1; 476 ret=1;
511 if (0) 477 if (0) {
512 {
513err: 478err:
514 X509err(X509_F_X509_NAME_PRINT,ERR_R_BUF_LIB); 479 X509err(X509_F_X509_NAME_PRINT,ERR_R_BUF_LIB);
515 } 480 }
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_dec.c b/src/lib/libssl/src/crypto/asn1/tasn_dec.c
index 0df42a4a93..1a06ddc185 100644
--- a/src/lib/libssl/src/crypto/asn1/tasn_dec.c
+++ b/src/lib/libssl/src/crypto/asn1/tasn_dec.c
@@ -175,19 +175,16 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
175 asn1_cb = aux->asn1_cb; 175 asn1_cb = aux->asn1_cb;
176 else asn1_cb = 0; 176 else asn1_cb = 0;
177 177
178 switch(it->itype) 178 switch(it->itype) {
179 { 179 case ASN1_ITYPE_PRIMITIVE:
180 case ASN1_ITYPE_PRIMITIVE: 180 if (it->templates) {
181 if (it->templates)
182 {
183 /* tagging or OPTIONAL is currently illegal on an item 181 /* tagging or OPTIONAL is currently illegal on an item
184 * template because the flags can't get passed down. 182 * template because the flags can't get passed down.
185 * In practice this isn't a problem: we include the 183 * In practice this isn't a problem: we include the
186 * relevant flags from the item template in the 184 * relevant flags from the item template in the
187 * template itself. 185 * template itself.
188 */ 186 */
189 if ((tag != -1) || opt) 187 if ((tag != -1) || opt) {
190 {
191 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 188 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
192 ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE); 189 ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE);
193 goto err; 190 goto err;
@@ -199,21 +196,19 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
199 tag, aclass, opt, ctx); 196 tag, aclass, opt, ctx);
200 break; 197 break;
201 198
202 case ASN1_ITYPE_MSTRING: 199 case ASN1_ITYPE_MSTRING:
203 p = *in; 200 p = *in;
204 /* Just read in tag and class */ 201 /* Just read in tag and class */
205 ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL, 202 ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL,
206 &p, len, -1, 0, 1, ctx); 203 &p, len, -1, 0, 1, ctx);
207 if (!ret) 204 if (!ret) {
208 {
209 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 205 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
210 ERR_R_NESTED_ASN1_ERROR); 206 ERR_R_NESTED_ASN1_ERROR);
211 goto err; 207 goto err;
212 } 208 }
213 209
214 /* Must be UNIVERSAL class */ 210 /* Must be UNIVERSAL class */
215 if (oclass != V_ASN1_UNIVERSAL) 211 if (oclass != V_ASN1_UNIVERSAL) {
216 {
217 /* If OPTIONAL, assume this is OK */ 212 /* If OPTIONAL, assume this is OK */
218 if (opt) return -1; 213 if (opt) return -1;
219 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 214 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
@@ -221,8 +216,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
221 goto err; 216 goto err;
222 } 217 }
223 /* Check tag matches bit map */ 218 /* Check tag matches bit map */
224 if (!(ASN1_tag2bit(otag) & it->utype)) 219 if (!(ASN1_tag2bit(otag) & it->utype)) {
225 {
226 /* If OPTIONAL, assume this is OK */ 220 /* If OPTIONAL, assume this is OK */
227 if (opt) 221 if (opt)
228 return -1; 222 return -1;
@@ -233,19 +227,18 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
233 return asn1_d2i_ex_primitive(pval, in, len, 227 return asn1_d2i_ex_primitive(pval, in, len,
234 it, otag, 0, 0, ctx); 228 it, otag, 0, 0, ctx);
235 229
236 case ASN1_ITYPE_EXTERN: 230 case ASN1_ITYPE_EXTERN:
237 /* Use new style d2i */ 231 /* Use new style d2i */
238 ef = it->funcs; 232 ef = it->funcs;
239 return ef->asn1_ex_d2i(pval, in, len, 233 return ef->asn1_ex_d2i(pval, in, len,
240 it, tag, aclass, opt, ctx); 234 it, tag, aclass, opt, ctx);
241 235
242 case ASN1_ITYPE_COMPAT: 236 case ASN1_ITYPE_COMPAT:
243 /* we must resort to old style evil hackery */ 237 /* we must resort to old style evil hackery */
244 cf = it->funcs; 238 cf = it->funcs;
245 239
246 /* If OPTIONAL see if it is there */ 240 /* If OPTIONAL see if it is there */
247 if (opt) 241 if (opt) {
248 {
249 int exptag; 242 int exptag;
250 p = *in; 243 p = *in;
251 if (tag == -1) 244 if (tag == -1)
@@ -256,8 +249,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
256 249
257 ret = asn1_check_tlen(NULL, NULL, NULL, NULL, NULL, 250 ret = asn1_check_tlen(NULL, NULL, NULL, NULL, NULL,
258 &p, len, exptag, aclass, 1, ctx); 251 &p, len, exptag, aclass, 1, ctx);
259 if (!ret) 252 if (!ret) {
260 {
261 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 253 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
262 ERR_R_NESTED_ASN1_ERROR); 254 ERR_R_NESTED_ASN1_ERROR);
263 goto err; 255 goto err;
@@ -281,12 +273,10 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
281 * buffer. 273 * buffer.
282 */ 274 */
283 275
284 if (tag != -1) 276 if (tag != -1) {
285 {
286 wp = *(unsigned char **)in; 277 wp = *(unsigned char **)in;
287 imphack = *wp; 278 imphack = *wp;
288 if (p == NULL) 279 if (p == NULL) {
289 {
290 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 280 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
291 ERR_R_NESTED_ASN1_ERROR); 281 ERR_R_NESTED_ASN1_ERROR);
292 goto err; 282 goto err;
@@ -307,21 +297,19 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
307 goto err; 297 goto err;
308 298
309 299
310 case ASN1_ITYPE_CHOICE: 300 case ASN1_ITYPE_CHOICE:
311 if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL)) 301 if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
312 goto auxerr; 302 goto auxerr;
313 303
314 /* Allocate structure */ 304 /* Allocate structure */
315 if (!*pval && !ASN1_item_ex_new(pval, it)) 305 if (!*pval && !ASN1_item_ex_new(pval, it)) {
316 {
317 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 306 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
318 ERR_R_NESTED_ASN1_ERROR); 307 ERR_R_NESTED_ASN1_ERROR);
319 goto err; 308 goto err;
320 } 309 }
321 /* CHOICE type, try each possibility in turn */ 310 /* CHOICE type, try each possibility in turn */
322 p = *in; 311 p = *in;
323 for (i = 0, tt=it->templates; i < it->tcount; i++, tt++) 312 for (i = 0, tt=it->templates; i < it->tcount; i++, tt++) {
324 {
325 pchptr = asn1_get_field_ptr(pval, tt); 313 pchptr = asn1_get_field_ptr(pval, tt);
326 /* We mark field as OPTIONAL so its absence 314 /* We mark field as OPTIONAL so its absence
327 * can be recognised. 315 * can be recognised.
@@ -341,11 +329,9 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
341 } 329 }
342 330
343 /* Did we fall off the end without reading anything? */ 331 /* Did we fall off the end without reading anything? */
344 if (i == it->tcount) 332 if (i == it->tcount) {
345 {
346 /* If OPTIONAL, this is OK */ 333 /* If OPTIONAL, this is OK */
347 if (opt) 334 if (opt) {
348 {
349 /* Free and zero it */ 335 /* Free and zero it */
350 ASN1_item_ex_free(pval, it); 336 ASN1_item_ex_free(pval, it);
351 return -1; 337 return -1;
@@ -361,44 +347,39 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
361 goto auxerr; 347 goto auxerr;
362 return 1; 348 return 1;
363 349
364 case ASN1_ITYPE_NDEF_SEQUENCE: 350 case ASN1_ITYPE_NDEF_SEQUENCE:
365 case ASN1_ITYPE_SEQUENCE: 351 case ASN1_ITYPE_SEQUENCE:
366 p = *in; 352 p = *in;
367 tmplen = len; 353 tmplen = len;
368 354
369 /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */ 355 /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
370 if (tag == -1) 356 if (tag == -1) {
371 {
372 tag = V_ASN1_SEQUENCE; 357 tag = V_ASN1_SEQUENCE;
373 aclass = V_ASN1_UNIVERSAL; 358 aclass = V_ASN1_UNIVERSAL;
374 } 359 }
375 /* Get SEQUENCE length and update len, p */ 360 /* Get SEQUENCE length and update len, p */
376 ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst, 361 ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst,
377 &p, len, tag, aclass, opt, ctx); 362 &p, len, tag, aclass, opt, ctx);
378 if (!ret) 363 if (!ret) {
379 {
380 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 364 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
381 ERR_R_NESTED_ASN1_ERROR); 365 ERR_R_NESTED_ASN1_ERROR);
382 goto err; 366 goto err;
383 } 367 }
384 else if (ret == -1) 368 else if (ret == -1)
385 return -1; 369 return -1;
386 if (aux && (aux->flags & ASN1_AFLG_BROKEN)) 370 if (aux && (aux->flags & ASN1_AFLG_BROKEN)) {
387 {
388 len = tmplen - (p - *in); 371 len = tmplen - (p - *in);
389 seq_nolen = 1; 372 seq_nolen = 1;
390 } 373 }
391 /* If indefinite we don't do a length check */ 374 /* If indefinite we don't do a length check */
392 else seq_nolen = seq_eoc; 375 else seq_nolen = seq_eoc;
393 if (!cst) 376 if (!cst) {
394 {
395 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 377 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
396 ASN1_R_SEQUENCE_NOT_CONSTRUCTED); 378 ASN1_R_SEQUENCE_NOT_CONSTRUCTED);
397 goto err; 379 goto err;
398 } 380 }
399 381
400 if (!*pval && !ASN1_item_ex_new(pval, it)) 382 if (!*pval && !ASN1_item_ex_new(pval, it)) {
401 {
402 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 383 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
403 ERR_R_NESTED_ASN1_ERROR); 384 ERR_R_NESTED_ASN1_ERROR);
404 goto err; 385 goto err;
@@ -408,8 +389,7 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
408 goto auxerr; 389 goto auxerr;
409 390
410 /* Get each field entry */ 391 /* Get each field entry */
411 for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) 392 for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
412 {
413 const ASN1_TEMPLATE *seqtt; 393 const ASN1_TEMPLATE *seqtt;
414 ASN1_VALUE **pseqval; 394 ASN1_VALUE **pseqval;
415 seqtt = asn1_do_adb(pval, tt, 1); 395 seqtt = asn1_do_adb(pval, tt, 1);
@@ -420,10 +400,8 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
420 if (!len) 400 if (!len)
421 break; 401 break;
422 q = p; 402 q = p;
423 if (asn1_check_eoc(&p, len)) 403 if (asn1_check_eoc(&p, len)) {
424 { 404 if (!seq_eoc) {
425 if (!seq_eoc)
426 {
427 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 405 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
428 ASN1_R_UNEXPECTED_EOC); 406 ASN1_R_UNEXPECTED_EOC);
429 goto err; 407 goto err;
@@ -447,13 +425,10 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
447 425
448 ret = asn1_template_ex_d2i(pseqval, &p, len, 426 ret = asn1_template_ex_d2i(pseqval, &p, len,
449 seqtt, isopt, ctx); 427 seqtt, isopt, ctx);
450 if (!ret) 428 if (!ret) {
451 {
452 errtt = seqtt; 429 errtt = seqtt;
453 goto err; 430 goto err;
454 } 431 } else if (ret == -1) {
455 else if (ret == -1)
456 {
457 /* OPTIONAL component absent. 432 /* OPTIONAL component absent.
458 * Free and zero the field. 433 * Free and zero the field.
459 */ 434 */
@@ -465,14 +440,12 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
465 } 440 }
466 441
467 /* Check for EOC if expecting one */ 442 /* Check for EOC if expecting one */
468 if (seq_eoc && !asn1_check_eoc(&p, len)) 443 if (seq_eoc && !asn1_check_eoc(&p, len)) {
469 {
470 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MISSING_EOC); 444 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MISSING_EOC);
471 goto err; 445 goto err;
472 } 446 }
473 /* Check all data read */ 447 /* Check all data read */
474 if (!seq_nolen && len) 448 if (!seq_nolen && len) {
475 {
476 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 449 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
477 ASN1_R_SEQUENCE_LENGTH_MISMATCH); 450 ASN1_R_SEQUENCE_LENGTH_MISMATCH);
478 goto err; 451 goto err;
@@ -482,20 +455,16 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
482 * however we may not have read all fields so check all 455 * however we may not have read all fields so check all
483 * remaining are OPTIONAL and clear any that are. 456 * remaining are OPTIONAL and clear any that are.
484 */ 457 */
485 for (; i < it->tcount; tt++, i++) 458 for (; i < it->tcount; tt++, i++) {
486 {
487 const ASN1_TEMPLATE *seqtt; 459 const ASN1_TEMPLATE *seqtt;
488 seqtt = asn1_do_adb(pval, tt, 1); 460 seqtt = asn1_do_adb(pval, tt, 1);
489 if (!seqtt) 461 if (!seqtt)
490 goto err; 462 goto err;
491 if (seqtt->flags & ASN1_TFLG_OPTIONAL) 463 if (seqtt->flags & ASN1_TFLG_OPTIONAL) {
492 {
493 ASN1_VALUE **pseqval; 464 ASN1_VALUE **pseqval;
494 pseqval = asn1_get_field_ptr(pval, seqtt); 465 pseqval = asn1_get_field_ptr(pval, seqtt);
495 ASN1_template_free(pseqval, seqtt); 466 ASN1_template_free(pseqval, seqtt);
496 } 467 } else {
497 else
498 {
499 errtt = seqtt; 468 errtt = seqtt;
500 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, 469 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
501 ASN1_R_FIELD_MISSING); 470 ASN1_R_FIELD_MISSING);
@@ -547,8 +516,7 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val,
547 p = *in; 516 p = *in;
548 517
549 /* Check if EXPLICIT tag expected */ 518 /* Check if EXPLICIT tag expected */
550 if (flags & ASN1_TFLG_EXPTAG) 519 if (flags & ASN1_TFLG_EXPTAG) {
551 {
552 char cst; 520 char cst;
553 /* Need to work out amount of data available to the inner 521 /* Need to work out amount of data available to the inner
554 * content and where it starts: so read in EXPLICIT header to 522 * content and where it starts: so read in EXPLICIT header to
@@ -557,46 +525,37 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val,
557 ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst, 525 ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst,
558 &p, inlen, tt->tag, aclass, opt, ctx); 526 &p, inlen, tt->tag, aclass, opt, ctx);
559 q = p; 527 q = p;
560 if (!ret) 528 if (!ret) {
561 {
562 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, 529 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
563 ERR_R_NESTED_ASN1_ERROR); 530 ERR_R_NESTED_ASN1_ERROR);
564 return 0; 531 return 0;
565 } 532 } else if (ret == -1)
566 else if (ret == -1)
567 return -1; 533 return -1;
568 if (!cst) 534 if (!cst) {
569 {
570 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, 535 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
571 ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED); 536 ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED);
572 return 0; 537 return 0;
573 } 538 }
574 /* We've found the field so it can't be OPTIONAL now */ 539 /* We've found the field so it can't be OPTIONAL now */
575 ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx); 540 ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx);
576 if (!ret) 541 if (!ret) {
577 {
578 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, 542 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
579 ERR_R_NESTED_ASN1_ERROR); 543 ERR_R_NESTED_ASN1_ERROR);
580 return 0; 544 return 0;
581 } 545 }
582 /* We read the field in OK so update length */ 546 /* We read the field in OK so update length */
583 len -= p - q; 547 len -= p - q;
584 if (exp_eoc) 548 if (exp_eoc) {
585 {
586 /* If NDEF we must have an EOC here */ 549 /* If NDEF we must have an EOC here */
587 if (!asn1_check_eoc(&p, len)) 550 if (!asn1_check_eoc(&p, len)) {
588 {
589 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, 551 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
590 ASN1_R_MISSING_EOC); 552 ASN1_R_MISSING_EOC);
591 goto err; 553 goto err;
592 } 554 }
593 } 555 } else {
594 else
595 {
596 /* Otherwise we must hit the EXPLICIT tag end or its 556 /* Otherwise we must hit the EXPLICIT tag end or its
597 * an error */ 557 * an error */
598 if (len) 558 if (len) {
599 {
600 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, 559 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
601 ASN1_R_EXPLICIT_LENGTH_MISMATCH); 560 ASN1_R_EXPLICIT_LENGTH_MISMATCH);
602 goto err; 561 goto err;
@@ -631,19 +590,15 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
631 p = *in; 590 p = *in;
632 q = p; 591 q = p;
633 592
634 if (flags & ASN1_TFLG_SK_MASK) 593 if (flags & ASN1_TFLG_SK_MASK) {
635 {
636 /* SET OF, SEQUENCE OF */ 594 /* SET OF, SEQUENCE OF */
637 int sktag, skaclass; 595 int sktag, skaclass;
638 char sk_eoc; 596 char sk_eoc;
639 /* First work out expected inner tag value */ 597 /* First work out expected inner tag value */
640 if (flags & ASN1_TFLG_IMPTAG) 598 if (flags & ASN1_TFLG_IMPTAG) {
641 {
642 sktag = tt->tag; 599 sktag = tt->tag;
643 skaclass = aclass; 600 skaclass = aclass;
644 } 601 } else {
645 else
646 {
647 skaclass = V_ASN1_UNIVERSAL; 602 skaclass = V_ASN1_UNIVERSAL;
648 if (flags & ASN1_TFLG_SET_OF) 603 if (flags & ASN1_TFLG_SET_OF)
649 sktag = V_ASN1_SET; 604 sktag = V_ASN1_SET;
@@ -653,8 +608,7 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
653 /* Get the tag */ 608 /* Get the tag */
654 ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL, 609 ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL,
655 &p, len, sktag, skaclass, opt, ctx); 610 &p, len, sktag, skaclass, opt, ctx);
656 if (!ret) 611 if (!ret) {
657 {
658 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, 612 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
659 ERR_R_NESTED_ASN1_ERROR); 613 ERR_R_NESTED_ASN1_ERROR);
660 return 0; 614 return 0;
@@ -663,37 +617,31 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
663 return -1; 617 return -1;
664 if (!*val) 618 if (!*val)
665 *val = (ASN1_VALUE *)sk_new_null(); 619 *val = (ASN1_VALUE *)sk_new_null();
666 else 620 else {
667 {
668 /* We've got a valid STACK: free up any items present */ 621 /* We've got a valid STACK: free up any items present */
669 STACK_OF(ASN1_VALUE) *sktmp 622 STACK_OF(ASN1_VALUE) *sktmp
670 = (STACK_OF(ASN1_VALUE) *)*val; 623 = (STACK_OF(ASN1_VALUE) *)*val;
671 ASN1_VALUE *vtmp; 624 ASN1_VALUE *vtmp;
672 while(sk_ASN1_VALUE_num(sktmp) > 0) 625 while(sk_ASN1_VALUE_num(sktmp) > 0) {
673 {
674 vtmp = sk_ASN1_VALUE_pop(sktmp); 626 vtmp = sk_ASN1_VALUE_pop(sktmp);
675 ASN1_item_ex_free(&vtmp, 627 ASN1_item_ex_free(&vtmp,
676 ASN1_ITEM_ptr(tt->item)); 628 ASN1_ITEM_ptr(tt->item));
677 } 629 }
678 } 630 }
679 631
680 if (!*val) 632 if (!*val) {
681 {
682 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, 633 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
683 ERR_R_MALLOC_FAILURE); 634 ERR_R_MALLOC_FAILURE);
684 goto err; 635 goto err;
685 } 636 }
686 637
687 /* Read as many items as we can */ 638 /* Read as many items as we can */
688 while(len > 0) 639 while(len > 0) {
689 {
690 ASN1_VALUE *skfield; 640 ASN1_VALUE *skfield;
691 q = p; 641 q = p;
692 /* See if EOC found */ 642 /* See if EOC found */
693 if (asn1_check_eoc(&p, len)) 643 if (asn1_check_eoc(&p, len)) {
694 { 644 if (!sk_eoc) {
695 if (!sk_eoc)
696 {
697 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, 645 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
698 ASN1_R_UNEXPECTED_EOC); 646 ASN1_R_UNEXPECTED_EOC);
699 goto err; 647 goto err;
@@ -705,48 +653,39 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val,
705 skfield = NULL; 653 skfield = NULL;
706 if (!ASN1_item_ex_d2i(&skfield, &p, len, 654 if (!ASN1_item_ex_d2i(&skfield, &p, len,
707 ASN1_ITEM_ptr(tt->item), 655 ASN1_ITEM_ptr(tt->item),
708 -1, 0, 0, ctx)) 656 -1, 0, 0, ctx)) {
709 {
710 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, 657 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
711 ERR_R_NESTED_ASN1_ERROR); 658 ERR_R_NESTED_ASN1_ERROR);
712 goto err; 659 goto err;
713 } 660 }
714 len -= p - q; 661 len -= p - q;
715 if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val, 662 if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val,
716 skfield)) 663 skfield)) {
717 {
718 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, 664 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
719 ERR_R_MALLOC_FAILURE); 665 ERR_R_MALLOC_FAILURE);
720 goto err; 666 goto err;
721 } 667 }
722 } 668 }
723 if (sk_eoc) 669 if (sk_eoc) {
724 {
725 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ASN1_R_MISSING_EOC); 670 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ASN1_R_MISSING_EOC);
726 goto err; 671 goto err;
727 } 672 }
728 } 673 } else if (flags & ASN1_TFLG_IMPTAG) {
729 else if (flags & ASN1_TFLG_IMPTAG)
730 {
731 /* IMPLICIT tagging */ 674 /* IMPLICIT tagging */
732 ret = ASN1_item_ex_d2i(val, &p, len, 675 ret = ASN1_item_ex_d2i(val, &p, len,
733 ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, ctx); 676 ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, ctx);
734 if (!ret) 677 if (!ret) {
735 {
736 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, 678 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
737 ERR_R_NESTED_ASN1_ERROR); 679 ERR_R_NESTED_ASN1_ERROR);
738 goto err; 680 goto err;
739 } 681 }
740 else if (ret == -1) 682 else if (ret == -1)
741 return -1; 683 return -1;
742 } 684 } else {
743 else
744 {
745 /* Nothing special */ 685 /* Nothing special */
746 ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), 686 ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
747 -1, 0, opt, ctx); 687 -1, 0, opt, ctx);
748 if (!ret) 688 if (!ret) {
749 {
750 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, 689 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
751 ERR_R_NESTED_ASN1_ERROR); 690 ERR_R_NESTED_ASN1_ERROR);
752 goto err; 691 goto err;
@@ -775,32 +714,27 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
775 BUF_MEM buf; 714 BUF_MEM buf;
776 const unsigned char *cont = NULL; 715 const unsigned char *cont = NULL;
777 long len; 716 long len;
778 if (!pval) 717 if (!pval) {
779 {
780 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_NULL); 718 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_NULL);
781 return 0; /* Should never happen */ 719 return 0; /* Should never happen */
782 } 720 }
783 721
784 if (it->itype == ASN1_ITYPE_MSTRING) 722 if (it->itype == ASN1_ITYPE_MSTRING) {
785 {
786 utype = tag; 723 utype = tag;
787 tag = -1; 724 tag = -1;
788 } 725 }
789 else 726 else
790 utype = it->utype; 727 utype = it->utype;
791 728
792 if (utype == V_ASN1_ANY) 729 if (utype == V_ASN1_ANY) {
793 {
794 /* If type is ANY need to figure out type from tag */ 730 /* If type is ANY need to figure out type from tag */
795 unsigned char oclass; 731 unsigned char oclass;
796 if (tag >= 0) 732 if (tag >= 0) {
797 {
798 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, 733 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
799 ASN1_R_ILLEGAL_TAGGED_ANY); 734 ASN1_R_ILLEGAL_TAGGED_ANY);
800 return 0; 735 return 0;
801 } 736 }
802 if (opt) 737 if (opt) {
803 {
804 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, 738 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
805 ASN1_R_ILLEGAL_OPTIONAL_ANY); 739 ASN1_R_ILLEGAL_OPTIONAL_ANY);
806 return 0; 740 return 0;
@@ -808,8 +742,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
808 p = *in; 742 p = *in;
809 ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL, 743 ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL,
810 &p, inlen, -1, 0, 0, ctx); 744 &p, inlen, -1, 0, 0, ctx);
811 if (!ret) 745 if (!ret) {
812 {
813 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, 746 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
814 ERR_R_NESTED_ASN1_ERROR); 747 ERR_R_NESTED_ASN1_ERROR);
815 return 0; 748 return 0;
@@ -817,8 +750,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
817 if (oclass != V_ASN1_UNIVERSAL) 750 if (oclass != V_ASN1_UNIVERSAL)
818 utype = V_ASN1_OTHER; 751 utype = V_ASN1_OTHER;
819 } 752 }
820 if (tag == -1) 753 if (tag == -1) {
821 {
822 tag = utype; 754 tag = utype;
823 aclass = V_ASN1_UNIVERSAL; 755 aclass = V_ASN1_UNIVERSAL;
824 } 756 }
@@ -826,8 +758,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
826 /* Check header */ 758 /* Check header */
827 ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst, 759 ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst,
828 &p, inlen, tag, aclass, opt, ctx); 760 &p, inlen, tag, aclass, opt, ctx);
829 if (!ret) 761 if (!ret) {
830 {
831 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR); 762 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR);
832 return 0; 763 return 0;
833 } 764 }
@@ -836,18 +767,15 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
836 ret = 0; 767 ret = 0;
837 /* SEQUENCE, SET and "OTHER" are left in encoded form */ 768 /* SEQUENCE, SET and "OTHER" are left in encoded form */
838 if ((utype == V_ASN1_SEQUENCE) 769 if ((utype == V_ASN1_SEQUENCE)
839 || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) 770 || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) {
840 {
841 /* Clear context cache for type OTHER because the auto clear 771 /* Clear context cache for type OTHER because the auto clear
842 * when we have a exact match wont work 772 * when we have a exact match wont work
843 */ 773 */
844 if (utype == V_ASN1_OTHER) 774 if (utype == V_ASN1_OTHER) {
845 {
846 asn1_tlc_clear(ctx); 775 asn1_tlc_clear(ctx);
847 } 776 }
848 /* SEQUENCE and SET must be constructed */ 777 /* SEQUENCE and SET must be constructed */
849 else if (!cst) 778 else if (!cst) {
850 {
851 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, 779 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
852 ASN1_R_TYPE_NOT_CONSTRUCTED); 780 ASN1_R_TYPE_NOT_CONSTRUCTED);
853 return 0; 781 return 0;
@@ -855,21 +783,16 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
855 783
856 cont = *in; 784 cont = *in;
857 /* If indefinite length constructed find the real end */ 785 /* If indefinite length constructed find the real end */
858 if (inf) 786 if (inf) {
859 {
860 if (!asn1_find_end(&p, plen, inf)) 787 if (!asn1_find_end(&p, plen, inf))
861 goto err; 788 goto err;
862 len = p - cont; 789 len = p - cont;
863 } 790 } else {
864 else
865 {
866 len = p - cont + plen; 791 len = p - cont + plen;
867 p += plen; 792 p += plen;
868 buf.data = NULL; 793 buf.data = NULL;
869 } 794 }
870 } 795 } else if (cst) {
871 else if (cst)
872 {
873 buf.length = 0; 796 buf.length = 0;
874 buf.max = 0; 797 buf.max = 0;
875 buf.data = NULL; 798 buf.data = NULL;
@@ -879,15 +802,13 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
879 * internally irrespective of the type. So instead just check 802 * internally irrespective of the type. So instead just check
880 * for UNIVERSAL class and ignore the tag. 803 * for UNIVERSAL class and ignore the tag.
881 */ 804 */
882 if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL, 0)) 805 if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL, 0)) {
883 {
884 free_cont = 1; 806 free_cont = 1;
885 goto err; 807 goto err;
886 } 808 }
887 len = buf.length; 809 len = buf.length;
888 /* Append a final null to string */ 810 /* Append a final null to string */
889 if (!BUF_MEM_grow_clean(&buf, len + 1)) 811 if (!BUF_MEM_grow_clean(&buf, len + 1)) {
890 {
891 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, 812 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
892 ERR_R_MALLOC_FAILURE); 813 ERR_R_MALLOC_FAILURE);
893 return 0; 814 return 0;
@@ -895,9 +816,7 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
895 buf.data[len] = 0; 816 buf.data[len] = 0;
896 cont = (const unsigned char *)buf.data; 817 cont = (const unsigned char *)buf.data;
897 free_cont = 1; 818 free_cont = 1;
898 } 819 } else {
899 else
900 {
901 cont = p; 820 cont = p;
902 len = plen; 821 len = plen;
903 p += plen; 822 p += plen;
@@ -930,10 +849,8 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
930 if (pf && pf->prim_c2i) 849 if (pf && pf->prim_c2i)
931 return pf->prim_c2i(pval, cont, len, utype, free_cont, it); 850 return pf->prim_c2i(pval, cont, len, utype, free_cont, it);
932 /* If ANY type clear type and set pointer to internal value */ 851 /* If ANY type clear type and set pointer to internal value */
933 if (it->utype == V_ASN1_ANY) 852 if (it->utype == V_ASN1_ANY) {
934 { 853 if (!*pval) {
935 if (!*pval)
936 {
937 typ = ASN1_TYPE_new(); 854 typ = ASN1_TYPE_new();
938 if (typ == NULL) 855 if (typ == NULL)
939 goto err; 856 goto err;
@@ -947,16 +864,14 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
947 opval = pval; 864 opval = pval;
948 pval = &typ->value.asn1_value; 865 pval = &typ->value.asn1_value;
949 } 866 }
950 switch(utype) 867 switch(utype) {
951 { 868 case V_ASN1_OBJECT:
952 case V_ASN1_OBJECT:
953 if (!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len)) 869 if (!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len))
954 goto err; 870 goto err;
955 break; 871 break;
956 872
957 case V_ASN1_NULL: 873 case V_ASN1_NULL:
958 if (len) 874 if (len) {
959 {
960 ASN1err(ASN1_F_ASN1_EX_C2I, 875 ASN1err(ASN1_F_ASN1_EX_C2I,
961 ASN1_R_NULL_IS_WRONG_LENGTH); 876 ASN1_R_NULL_IS_WRONG_LENGTH);
962 goto err; 877 goto err;
@@ -964,30 +879,27 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
964 *pval = (ASN1_VALUE *)1; 879 *pval = (ASN1_VALUE *)1;
965 break; 880 break;
966 881
967 case V_ASN1_BOOLEAN: 882 case V_ASN1_BOOLEAN:
968 if (len != 1) 883 if (len != 1) {
969 {
970 ASN1err(ASN1_F_ASN1_EX_C2I, 884 ASN1err(ASN1_F_ASN1_EX_C2I,
971 ASN1_R_BOOLEAN_IS_WRONG_LENGTH); 885 ASN1_R_BOOLEAN_IS_WRONG_LENGTH);
972 goto err; 886 goto err;
973 } 887 } else {
974 else
975 {
976 ASN1_BOOLEAN *tbool; 888 ASN1_BOOLEAN *tbool;
977 tbool = (ASN1_BOOLEAN *)pval; 889 tbool = (ASN1_BOOLEAN *)pval;
978 *tbool = *cont; 890 *tbool = *cont;
979 } 891 }
980 break; 892 break;
981 893
982 case V_ASN1_BIT_STRING: 894 case V_ASN1_BIT_STRING:
983 if (!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len)) 895 if (!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len))
984 goto err; 896 goto err;
985 break; 897 break;
986 898
987 case V_ASN1_INTEGER: 899 case V_ASN1_INTEGER:
988 case V_ASN1_NEG_INTEGER: 900 case V_ASN1_NEG_INTEGER:
989 case V_ASN1_ENUMERATED: 901 case V_ASN1_ENUMERATED:
990 case V_ASN1_NEG_ENUMERATED: 902 case V_ASN1_NEG_ENUMERATED:
991 tint = (ASN1_INTEGER **)pval; 903 tint = (ASN1_INTEGER **)pval;
992 if (!c2i_ASN1_INTEGER(tint, &cont, len)) 904 if (!c2i_ASN1_INTEGER(tint, &cont, len))
993 goto err; 905 goto err;
@@ -995,66 +907,56 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
995 (*tint)->type = utype | ((*tint)->type & V_ASN1_NEG); 907 (*tint)->type = utype | ((*tint)->type & V_ASN1_NEG);
996 break; 908 break;
997 909
998 case V_ASN1_OCTET_STRING: 910 case V_ASN1_OCTET_STRING:
999 case V_ASN1_NUMERICSTRING: 911 case V_ASN1_NUMERICSTRING:
1000 case V_ASN1_PRINTABLESTRING: 912 case V_ASN1_PRINTABLESTRING:
1001 case V_ASN1_T61STRING: 913 case V_ASN1_T61STRING:
1002 case V_ASN1_VIDEOTEXSTRING: 914 case V_ASN1_VIDEOTEXSTRING:
1003 case V_ASN1_IA5STRING: 915 case V_ASN1_IA5STRING:
1004 case V_ASN1_UTCTIME: 916 case V_ASN1_UTCTIME:
1005 case V_ASN1_GENERALIZEDTIME: 917 case V_ASN1_GENERALIZEDTIME:
1006 case V_ASN1_GRAPHICSTRING: 918 case V_ASN1_GRAPHICSTRING:
1007 case V_ASN1_VISIBLESTRING: 919 case V_ASN1_VISIBLESTRING:
1008 case V_ASN1_GENERALSTRING: 920 case V_ASN1_GENERALSTRING:
1009 case V_ASN1_UNIVERSALSTRING: 921 case V_ASN1_UNIVERSALSTRING:
1010 case V_ASN1_BMPSTRING: 922 case V_ASN1_BMPSTRING:
1011 case V_ASN1_UTF8STRING: 923 case V_ASN1_UTF8STRING:
1012 case V_ASN1_OTHER: 924 case V_ASN1_OTHER:
1013 case V_ASN1_SET: 925 case V_ASN1_SET:
1014 case V_ASN1_SEQUENCE: 926 case V_ASN1_SEQUENCE:
1015 default: 927 default:
1016 if (utype == V_ASN1_BMPSTRING && (len & 1)) 928 if (utype == V_ASN1_BMPSTRING && (len & 1)) {
1017 {
1018 ASN1err(ASN1_F_ASN1_EX_C2I, 929 ASN1err(ASN1_F_ASN1_EX_C2I,
1019 ASN1_R_BMPSTRING_IS_WRONG_LENGTH); 930 ASN1_R_BMPSTRING_IS_WRONG_LENGTH);
1020 goto err; 931 goto err;
1021 } 932 }
1022 if (utype == V_ASN1_UNIVERSALSTRING && (len & 3)) 933 if (utype == V_ASN1_UNIVERSALSTRING && (len & 3)) {
1023 {
1024 ASN1err(ASN1_F_ASN1_EX_C2I, 934 ASN1err(ASN1_F_ASN1_EX_C2I,
1025 ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH); 935 ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH);
1026 goto err; 936 goto err;
1027 } 937 }
1028 /* All based on ASN1_STRING and handled the same */ 938 /* All based on ASN1_STRING and handled the same */
1029 if (!*pval) 939 if (!*pval) {
1030 {
1031 stmp = ASN1_STRING_type_new(utype); 940 stmp = ASN1_STRING_type_new(utype);
1032 if (!stmp) 941 if (!stmp) {
1033 {
1034 ASN1err(ASN1_F_ASN1_EX_C2I, 942 ASN1err(ASN1_F_ASN1_EX_C2I,
1035 ERR_R_MALLOC_FAILURE); 943 ERR_R_MALLOC_FAILURE);
1036 goto err; 944 goto err;
1037 } 945 }
1038 *pval = (ASN1_VALUE *)stmp; 946 *pval = (ASN1_VALUE *)stmp;
1039 } 947 } else {
1040 else
1041 {
1042 stmp = (ASN1_STRING *)*pval; 948 stmp = (ASN1_STRING *)*pval;
1043 stmp->type = utype; 949 stmp->type = utype;
1044 } 950 }
1045 /* If we've already allocated a buffer use it */ 951 /* If we've already allocated a buffer use it */
1046 if (*free_cont) 952 if (*free_cont) {
1047 {
1048 if (stmp->data) 953 if (stmp->data)
1049 free(stmp->data); 954 free(stmp->data);
1050 stmp->data = (unsigned char *)cont; /* UGLY CAST! RL */ 955 stmp->data = (unsigned char *)cont; /* UGLY CAST! RL */
1051 stmp->length = len; 956 stmp->length = len;
1052 *free_cont = 0; 957 *free_cont = 0;
1053 } 958 } else {
1054 else 959 if (!ASN1_STRING_set(stmp, cont, len)) {
1055 {
1056 if (!ASN1_STRING_set(stmp, cont, len))
1057 {
1058 ASN1err(ASN1_F_ASN1_EX_C2I, 960 ASN1err(ASN1_F_ASN1_EX_C2I,
1059 ERR_R_MALLOC_FAILURE); 961 ERR_R_MALLOC_FAILURE);
1060 ASN1_STRING_free(stmp); 962 ASN1_STRING_free(stmp);
@@ -1070,8 +972,7 @@ int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
1070 972
1071 ret = 1; 973 ret = 1;
1072 err: 974 err:
1073 if (!ret) 975 if (!ret) {
1074 {
1075 ASN1_TYPE_free(typ); 976 ASN1_TYPE_free(typ);
1076 if (opval) 977 if (opval)
1077 *opval = NULL; 978 *opval = NULL;
@@ -1092,8 +993,7 @@ static int asn1_find_end(const unsigned char **in, long len, char inf)
1092 long plen; 993 long plen;
1093 const unsigned char *p = *in, *q; 994 const unsigned char *p = *in, *q;
1094 /* If not indefinite length constructed just add length */ 995 /* If not indefinite length constructed just add length */
1095 if (inf == 0) 996 if (inf == 0) {
1096 {
1097 *in += len; 997 *in += len;
1098 return 1; 998 return 1;
1099 } 999 }
@@ -1103,10 +1003,8 @@ static int asn1_find_end(const unsigned char **in, long len, char inf)
1103 * are encountered increment the expected eoc count otherwise just 1003 * are encountered increment the expected eoc count otherwise just
1104 * skip to the end of the data. 1004 * skip to the end of the data.
1105 */ 1005 */
1106 while (len > 0) 1006 while (len > 0) {
1107 { 1007 if(asn1_check_eoc(&p, len)) {
1108 if(asn1_check_eoc(&p, len))
1109 {
1110 expected_eoc--; 1008 expected_eoc--;
1111 if (expected_eoc == 0) 1009 if (expected_eoc == 0)
1112 break; 1010 break;
@@ -1116,8 +1014,7 @@ static int asn1_find_end(const unsigned char **in, long len, char inf)
1116 q = p; 1014 q = p;
1117 /* Just read in a header: only care about the length */ 1015 /* Just read in a header: only care about the length */
1118 if(!asn1_check_tlen(&plen, NULL, NULL, &inf, NULL, &p, len, 1016 if(!asn1_check_tlen(&plen, NULL, NULL, &inf, NULL, &p, len,
1119 -1, 0, 0, NULL)) 1017 -1, 0, 0, NULL)) {
1120 {
1121 ASN1err(ASN1_F_ASN1_FIND_END, ERR_R_NESTED_ASN1_ERROR); 1018 ASN1err(ASN1_F_ASN1_FIND_END, ERR_R_NESTED_ASN1_ERROR);
1122 return 0; 1019 return 0;
1123 } 1020 }
@@ -1127,8 +1024,7 @@ static int asn1_find_end(const unsigned char **in, long len, char inf)
1127 p += plen; 1024 p += plen;
1128 len -= p - q; 1025 len -= p - q;
1129 } 1026 }
1130 if (expected_eoc) 1027 if (expected_eoc) {
1131 {
1132 ASN1err(ASN1_F_ASN1_FIND_END, ASN1_R_MISSING_EOC); 1028 ASN1err(ASN1_F_ASN1_FIND_END, ASN1_R_MISSING_EOC);
1133 return 0; 1029 return 0;
1134 } 1030 }
@@ -1161,21 +1057,17 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
1161 inf &= 1; 1057 inf &= 1;
1162 /* If no buffer and not indefinite length constructed just pass over 1058 /* If no buffer and not indefinite length constructed just pass over
1163 * the encoded data */ 1059 * the encoded data */
1164 if (!buf && !inf) 1060 if (!buf && !inf) {
1165 {
1166 *in += len; 1061 *in += len;
1167 return 1; 1062 return 1;
1168 } 1063 }
1169 while(len > 0) 1064 while(len > 0) {
1170 {
1171 q = p; 1065 q = p;
1172 /* Check for EOC */ 1066 /* Check for EOC */
1173 if (asn1_check_eoc(&p, len)) 1067 if (asn1_check_eoc(&p, len)) {
1174 {
1175 /* EOC is illegal outside indefinite length 1068 /* EOC is illegal outside indefinite length
1176 * constructed form */ 1069 * constructed form */
1177 if (!inf) 1070 if (!inf) {
1178 {
1179 ASN1err(ASN1_F_ASN1_COLLECT, 1071 ASN1err(ASN1_F_ASN1_COLLECT,
1180 ASN1_R_UNEXPECTED_EOC); 1072 ASN1_R_UNEXPECTED_EOC);
1181 return 0; 1073 return 0;
@@ -1185,17 +1077,14 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
1185 } 1077 }
1186 1078
1187 if (!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p, 1079 if (!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p,
1188 len, tag, aclass, 0, NULL)) 1080 len, tag, aclass, 0, NULL)) {
1189 {
1190 ASN1err(ASN1_F_ASN1_COLLECT, ERR_R_NESTED_ASN1_ERROR); 1081 ASN1err(ASN1_F_ASN1_COLLECT, ERR_R_NESTED_ASN1_ERROR);
1191 return 0; 1082 return 0;
1192 } 1083 }
1193 1084
1194 /* If indefinite length constructed update max length */ 1085 /* If indefinite length constructed update max length */
1195 if (cst) 1086 if (cst) {
1196 { 1087 if (depth >= ASN1_MAX_STRING_NEST) {
1197 if (depth >= ASN1_MAX_STRING_NEST)
1198 {
1199 ASN1err(ASN1_F_ASN1_COLLECT, 1088 ASN1err(ASN1_F_ASN1_COLLECT,
1200 ASN1_R_NESTED_ASN1_STRING); 1089 ASN1_R_NESTED_ASN1_STRING);
1201 return 0; 1090 return 0;
@@ -1208,8 +1097,7 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
1208 return 0; 1097 return 0;
1209 len -= p - q; 1098 len -= p - q;
1210 } 1099 }
1211 if (inf) 1100 if (inf) {
1212 {
1213 ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_MISSING_EOC); 1101 ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_MISSING_EOC);
1214 return 0; 1102 return 0;
1215 } 1103 }
@@ -1220,11 +1108,9 @@ static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
1220static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen) 1108static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen)
1221{ 1109{
1222 int len; 1110 int len;
1223 if (buf) 1111 if (buf) {
1224 {
1225 len = buf->length; 1112 len = buf->length;
1226 if (!BUF_MEM_grow_clean(buf, len + plen)) 1113 if (!BUF_MEM_grow_clean(buf, len + plen)) {
1227 {
1228 ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE); 1114 ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE);
1229 return 0; 1115 return 0;
1230 } 1116 }
@@ -1241,8 +1127,7 @@ static int asn1_check_eoc(const unsigned char **in, long len)
1241 const unsigned char *p; 1127 const unsigned char *p;
1242 if (len < 2) return 0; 1128 if (len < 2) return 0;
1243 p = *in; 1129 p = *in;
1244 if (!p[0] && !p[1]) 1130 if (!p[0] && !p[1]) {
1245 {
1246 *in += 2; 1131 *in += 2;
1247 return 1; 1132 return 1;
1248 } 1133 }
@@ -1269,19 +1154,15 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
1269 p = *in; 1154 p = *in;
1270 q = p; 1155 q = p;
1271 1156
1272 if (ctx && ctx->valid) 1157 if (ctx && ctx->valid) {
1273 {
1274 i = ctx->ret; 1158 i = ctx->ret;
1275 plen = ctx->plen; 1159 plen = ctx->plen;
1276 pclass = ctx->pclass; 1160 pclass = ctx->pclass;
1277 ptag = ctx->ptag; 1161 ptag = ctx->ptag;
1278 p += ctx->hdrlen; 1162 p += ctx->hdrlen;
1279 } 1163 } else {
1280 else
1281 {
1282 i = ASN1_get_object(&p, &plen, &ptag, &pclass, len); 1164 i = ASN1_get_object(&p, &plen, &ptag, &pclass, len);
1283 if (ctx) 1165 if (ctx) {
1284 {
1285 ctx->ret = i; 1166 ctx->ret = i;
1286 ctx->plen = plen; 1167 ctx->plen = plen;
1287 ctx->pclass = pclass; 1168 ctx->pclass = pclass;
@@ -1291,8 +1172,7 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
1291 /* If definite length, and no error, length + 1172 /* If definite length, and no error, length +
1292 * header can't exceed total amount of data available. 1173 * header can't exceed total amount of data available.
1293 */ 1174 */
1294 if (!(i & 0x81) && ((plen + ctx->hdrlen) > len)) 1175 if (!(i & 0x81) && ((plen + ctx->hdrlen) > len)) {
1295 {
1296 ASN1err(ASN1_F_ASN1_CHECK_TLEN, 1176 ASN1err(ASN1_F_ASN1_CHECK_TLEN,
1297 ASN1_R_TOO_LONG); 1177 ASN1_R_TOO_LONG);
1298 asn1_tlc_clear(ctx); 1178 asn1_tlc_clear(ctx);
@@ -1301,16 +1181,13 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
1301 } 1181 }
1302 } 1182 }
1303 1183
1304 if (i & 0x80) 1184 if (i & 0x80) {
1305 {
1306 ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_BAD_OBJECT_HEADER); 1185 ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_BAD_OBJECT_HEADER);
1307 asn1_tlc_clear(ctx); 1186 asn1_tlc_clear(ctx);
1308 return 0; 1187 return 0;
1309 } 1188 }
1310 if (exptag >= 0) 1189 if (exptag >= 0) {
1311 { 1190 if ((exptag != ptag) || (expclass != pclass)) {
1312 if ((exptag != ptag) || (expclass != pclass))
1313 {
1314 /* If type is OPTIONAL, not an error: 1191 /* If type is OPTIONAL, not an error:
1315 * indicate missing type. 1192 * indicate missing type.
1316 */ 1193 */
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_enc.c b/src/lib/libssl/src/crypto/asn1/tasn_enc.c
index 230164107d..f7bdd11edf 100644
--- a/src/lib/libssl/src/crypto/asn1/tasn_enc.c
+++ b/src/lib/libssl/src/crypto/asn1/tasn_enc.c
@@ -103,8 +103,7 @@ int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it)
103static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out, 103static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out,
104 const ASN1_ITEM *it, int flags) 104 const ASN1_ITEM *it, int flags)
105{ 105{
106 if (out && !*out) 106 if (out && !*out) {
107 {
108 unsigned char *p, *buf; 107 unsigned char *p, *buf;
109 int len; 108 int len;
110 len = ASN1_item_ex_i2d(&val, NULL, it, -1, flags); 109 len = ASN1_item_ex_i2d(&val, NULL, it, -1, flags);
@@ -144,25 +143,23 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
144 if (aux && aux->asn1_cb) 143 if (aux && aux->asn1_cb)
145 asn1_cb = aux->asn1_cb; 144 asn1_cb = aux->asn1_cb;
146 145
147 switch(it->itype) 146 switch(it->itype) {
148 {
149 147
150 case ASN1_ITYPE_PRIMITIVE: 148 case ASN1_ITYPE_PRIMITIVE:
151 if (it->templates) 149 if (it->templates)
152 return asn1_template_ex_i2d(pval, out, it->templates, 150 return asn1_template_ex_i2d(pval, out, it->templates,
153 tag, aclass); 151 tag, aclass);
154 return asn1_i2d_ex_primitive(pval, out, it, tag, aclass); 152 return asn1_i2d_ex_primitive(pval, out, it, tag, aclass);
155 break; 153 break;
156 154
157 case ASN1_ITYPE_MSTRING: 155 case ASN1_ITYPE_MSTRING:
158 return asn1_i2d_ex_primitive(pval, out, it, -1, aclass); 156 return asn1_i2d_ex_primitive(pval, out, it, -1, aclass);
159 157
160 case ASN1_ITYPE_CHOICE: 158 case ASN1_ITYPE_CHOICE:
161 if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL)) 159 if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
162 return 0; 160 return 0;
163 i = asn1_get_choice_selector(pval, it); 161 i = asn1_get_choice_selector(pval, it);
164 if ((i >= 0) && (i < it->tcount)) 162 if ((i >= 0) && (i < it->tcount)) {
165 {
166 ASN1_VALUE **pchval; 163 ASN1_VALUE **pchval;
167 const ASN1_TEMPLATE *chtt; 164 const ASN1_TEMPLATE *chtt;
168 chtt = it->templates + i; 165 chtt = it->templates + i;
@@ -175,12 +172,12 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
175 return 0; 172 return 0;
176 break; 173 break;
177 174
178 case ASN1_ITYPE_EXTERN: 175 case ASN1_ITYPE_EXTERN:
179 /* If new style i2d it does all the work */ 176 /* If new style i2d it does all the work */
180 ef = it->funcs; 177 ef = it->funcs;
181 return ef->asn1_ex_i2d(pval, out, it, tag, aclass); 178 return ef->asn1_ex_i2d(pval, out, it, tag, aclass);
182 179
183 case ASN1_ITYPE_COMPAT: 180 case ASN1_ITYPE_COMPAT:
184 /* old style hackery... */ 181 /* old style hackery... */
185 cf = it->funcs; 182 cf = it->funcs;
186 if (out) 183 if (out)
@@ -193,12 +190,12 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
193 *p = aclass | tag | (*p & V_ASN1_CONSTRUCTED); 190 *p = aclass | tag | (*p & V_ASN1_CONSTRUCTED);
194 return i; 191 return i;
195 192
196 case ASN1_ITYPE_NDEF_SEQUENCE: 193 case ASN1_ITYPE_NDEF_SEQUENCE:
197 /* Use indefinite length constructed if requested */ 194 /* Use indefinite length constructed if requested */
198 if (aclass & ASN1_TFLG_NDEF) ndef = 2; 195 if (aclass & ASN1_TFLG_NDEF) ndef = 2;
199 /* fall through */ 196 /* fall through */
200 197
201 case ASN1_ITYPE_SEQUENCE: 198 case ASN1_ITYPE_SEQUENCE:
202 i = asn1_enc_restore(&seqcontlen, out, pval, it); 199 i = asn1_enc_restore(&seqcontlen, out, pval, it);
203 /* An error occurred */ 200 /* An error occurred */
204 if (i < 0) 201 if (i < 0)
@@ -209,8 +206,7 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
209 /* Otherwise carry on */ 206 /* Otherwise carry on */
210 seqcontlen = 0; 207 seqcontlen = 0;
211 /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */ 208 /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
212 if (tag == -1) 209 if (tag == -1) {
213 {
214 tag = V_ASN1_SEQUENCE; 210 tag = V_ASN1_SEQUENCE;
215 /* Retain any other flags in aclass */ 211 /* Retain any other flags in aclass */
216 aclass = (aclass & ~ASN1_TFLG_TAG_CLASS) 212 aclass = (aclass & ~ASN1_TFLG_TAG_CLASS)
@@ -219,8 +215,7 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
219 if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL)) 215 if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
220 return 0; 216 return 0;
221 /* First work out sequence content length */ 217 /* First work out sequence content length */
222 for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) 218 for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
223 {
224 const ASN1_TEMPLATE *seqtt; 219 const ASN1_TEMPLATE *seqtt;
225 ASN1_VALUE **pseqval; 220 ASN1_VALUE **pseqval;
226 seqtt = asn1_do_adb(pval, tt, 1); 221 seqtt = asn1_do_adb(pval, tt, 1);
@@ -237,8 +232,7 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
237 return seqlen; 232 return seqlen;
238 /* Output SEQUENCE header */ 233 /* Output SEQUENCE header */
239 ASN1_put_object(out, ndef, seqcontlen, tag, aclass); 234 ASN1_put_object(out, ndef, seqcontlen, tag, aclass);
240 for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) 235 for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
241 {
242 const ASN1_TEMPLATE *seqtt; 236 const ASN1_TEMPLATE *seqtt;
243 ASN1_VALUE **pseqval; 237 ASN1_VALUE **pseqval;
244 seqtt = asn1_do_adb(pval, tt, 1); 238 seqtt = asn1_do_adb(pval, tt, 1);
@@ -278,8 +272,7 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
278 * the iclass argument may contain some additional flags 272 * the iclass argument may contain some additional flags
279 * which should be noted and passed down to other levels. 273 * which should be noted and passed down to other levels.
280 */ 274 */
281 if (flags & ASN1_TFLG_TAG_MASK) 275 if (flags & ASN1_TFLG_TAG_MASK) {
282 {
283 /* Error if argument and template tagging */ 276 /* Error if argument and template tagging */
284 if (tag != -1) 277 if (tag != -1)
285 /* FIXME: error code here */ 278 /* FIXME: error code here */
@@ -287,15 +280,11 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
287 /* Get tagging from template */ 280 /* Get tagging from template */
288 ttag = tt->tag; 281 ttag = tt->tag;
289 tclass = flags & ASN1_TFLG_TAG_CLASS; 282 tclass = flags & ASN1_TFLG_TAG_CLASS;
290 } 283 } else if (tag != -1) {
291 else if (tag != -1)
292 {
293 /* No template tagging, get from arguments */ 284 /* No template tagging, get from arguments */
294 ttag = tag; 285 ttag = tag;
295 tclass = iclass & ASN1_TFLG_TAG_CLASS; 286 tclass = iclass & ASN1_TFLG_TAG_CLASS;
296 } 287 } else {
297 else
298 {
299 ttag = -1; 288 ttag = -1;
300 tclass = 0; 289 tclass = 0;
301 } 290 }
@@ -314,8 +303,7 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
314 ndef = 2; 303 ndef = 2;
315 else ndef = 1; 304 else ndef = 1;
316 305
317 if (flags & ASN1_TFLG_SK_MASK) 306 if (flags & ASN1_TFLG_SK_MASK) {
318 {
319 /* SET OF, SEQUENCE OF */ 307 /* SET OF, SEQUENCE OF */
320 STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval; 308 STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
321 int isset, sktag, skaclass; 309 int isset, sktag, skaclass;
@@ -325,8 +313,7 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
325 if (!*pval) 313 if (!*pval)
326 return 0; 314 return 0;
327 315
328 if (flags & ASN1_TFLG_SET_OF) 316 if (flags & ASN1_TFLG_SET_OF) {
329 {
330 isset = 1; 317 isset = 1;
331 /* 2 means we reorder */ 318 /* 2 means we reorder */
332 if (flags & ASN1_TFLG_SEQUENCE_OF) 319 if (flags & ASN1_TFLG_SEQUENCE_OF)
@@ -337,13 +324,10 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
337 /* Work out inner tag value: if EXPLICIT 324 /* Work out inner tag value: if EXPLICIT
338 * or no tagging use underlying type. 325 * or no tagging use underlying type.
339 */ 326 */
340 if ((ttag != -1) && !(flags & ASN1_TFLG_EXPTAG)) 327 if ((ttag != -1) && !(flags & ASN1_TFLG_EXPTAG)) {
341 {
342 sktag = ttag; 328 sktag = ttag;
343 skaclass = tclass; 329 skaclass = tclass;
344 } 330 } else {
345 else
346 {
347 skaclass = V_ASN1_UNIVERSAL; 331 skaclass = V_ASN1_UNIVERSAL;
348 if (isset) 332 if (isset)
349 sktag = V_ASN1_SET; 333 sktag = V_ASN1_SET;
@@ -352,8 +336,7 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
352 336
353 /* Determine total length of items */ 337 /* Determine total length of items */
354 skcontlen = 0; 338 skcontlen = 0;
355 for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) 339 for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
356 {
357 skitem = sk_ASN1_VALUE_value(sk, i); 340 skitem = sk_ASN1_VALUE_value(sk, i);
358 skcontlen += ASN1_item_ex_i2d(&skitem, NULL, 341 skcontlen += ASN1_item_ex_i2d(&skitem, NULL,
359 ASN1_ITEM_ptr(tt->item), 342 ASN1_ITEM_ptr(tt->item),
@@ -377,8 +360,7 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
377 /* And the stuff itself */ 360 /* And the stuff itself */
378 asn1_set_seq_out(sk, out, skcontlen, ASN1_ITEM_ptr(tt->item), 361 asn1_set_seq_out(sk, out, skcontlen, ASN1_ITEM_ptr(tt->item),
379 isset, iclass); 362 isset, iclass);
380 if (ndef == 2) 363 if (ndef == 2) {
381 {
382 ASN1_put_eoc(out); 364 ASN1_put_eoc(out);
383 if (flags & ASN1_TFLG_EXPTAG) 365 if (flags & ASN1_TFLG_EXPTAG)
384 ASN1_put_eoc(out); 366 ASN1_put_eoc(out);
@@ -387,8 +369,7 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
387 return ret; 369 return ret;
388 } 370 }
389 371
390 if (flags & ASN1_TFLG_EXPTAG) 372 if (flags & ASN1_TFLG_EXPTAG) {
391 {
392 /* EXPLICIT tagging */ 373 /* EXPLICIT tagging */
393 /* Find length of tagged item */ 374 /* Find length of tagged item */
394 i = ASN1_item_ex_i2d(pval, NULL, ASN1_ITEM_ptr(tt->item), 375 i = ASN1_item_ex_i2d(pval, NULL, ASN1_ITEM_ptr(tt->item),
@@ -397,8 +378,7 @@ static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
397 return 0; 378 return 0;
398 /* Find length of EXPLICIT tag */ 379 /* Find length of EXPLICIT tag */
399 ret = ASN1_object_size(ndef, i, ttag); 380 ret = ASN1_object_size(ndef, i, ttag);
400 if (out) 381 if (out) {
401 {
402 /* Output tag and item */ 382 /* Output tag and item */
403 ASN1_put_object(out, ndef, i, ttag, tclass); 383 ASN1_put_object(out, ndef, i, ttag, tclass);
404 ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), 384 ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item),
@@ -449,8 +429,7 @@ static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
449 /* Don't need to sort less than 2 items */ 429 /* Don't need to sort less than 2 items */
450 if (sk_ASN1_VALUE_num(sk) < 2) 430 if (sk_ASN1_VALUE_num(sk) < 2)
451 do_sort = 0; 431 do_sort = 0;
452 else 432 else {
453 {
454 derlst = malloc(sk_ASN1_VALUE_num(sk) 433 derlst = malloc(sk_ASN1_VALUE_num(sk)
455 * sizeof(*derlst)); 434 * sizeof(*derlst));
456 tmpdat = malloc(skcontlen); 435 tmpdat = malloc(skcontlen);
@@ -461,10 +440,8 @@ static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
461 } 440 }
462 } 441 }
463 /* If not sorting just output each item */ 442 /* If not sorting just output each item */
464 if (!do_sort) 443 if (!do_sort) {
465 { 444 for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
466 for (i = 0; i < sk_ASN1_VALUE_num(sk); i++)
467 {
468 skitem = sk_ASN1_VALUE_value(sk, i); 445 skitem = sk_ASN1_VALUE_value(sk, i);
469 ASN1_item_ex_i2d(&skitem, out, item, -1, iclass); 446 ASN1_item_ex_i2d(&skitem, out, item, -1, iclass);
470 } 447 }
@@ -473,8 +450,7 @@ static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
473 p = tmpdat; 450 p = tmpdat;
474 451
475 /* Doing sort: build up a list of each member's DER encoding */ 452 /* Doing sort: build up a list of each member's DER encoding */
476 for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) 453 for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
477 {
478 skitem = sk_ASN1_VALUE_value(sk, i); 454 skitem = sk_ASN1_VALUE_value(sk, i);
479 tder->data = p; 455 tder->data = p;
480 tder->length = ASN1_item_ex_i2d(&skitem, &p, item, -1, iclass); 456 tder->length = ASN1_item_ex_i2d(&skitem, &p, item, -1, iclass);
@@ -485,17 +461,14 @@ static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
485 qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp); 461 qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp);
486 /* Output sorted DER encoding */ 462 /* Output sorted DER encoding */
487 p = *out; 463 p = *out;
488 for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) 464 for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
489 {
490 memcpy(p, tder->data, tder->length); 465 memcpy(p, tder->data, tder->length);
491 p += tder->length; 466 p += tder->length;
492 } 467 }
493 *out = p; 468 *out = p;
494 /* If do_sort is 2 then reorder the STACK */ 469 /* If do_sort is 2 then reorder the STACK */
495 if (do_sort == 2) 470 if (do_sort == 2) {
496 { 471 for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++)
497 for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk);
498 i++, tder++)
499 (void)sk_ASN1_VALUE_set(sk, i, tder->field); 472 (void)sk_ASN1_VALUE_set(sk, i, tder->field);
500 } 473 }
501 free(derlst); 474 free(derlst);
@@ -536,8 +509,7 @@ static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
536 return 0; 509 return 0;
537 510
538 /* -2 return is special meaning use ndef */ 511 /* -2 return is special meaning use ndef */
539 if (len == -2) 512 if (len == -2) {
540 {
541 ndef = 2; 513 ndef = 2;
542 len = 0; 514 len = 0;
543 } 515 }
@@ -546,8 +518,7 @@ static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
546 if (tag == -1) tag = utype; 518 if (tag == -1) tag = utype;
547 519
548 /* Output tag+length followed by content octets */ 520 /* Output tag+length followed by content octets */
549 if (out) 521 if (out) {
550 {
551 if (usetag) 522 if (usetag)
552 ASN1_put_object(out, ndef, len, tag, aclass); 523 ASN1_put_object(out, ndef, len, tag, aclass);
553 asn1_ex_i2c(pval, *out, &utype, it); 524 asn1_ex_i2c(pval, *out, &utype, it);
@@ -580,21 +551,16 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
580 return pf->prim_i2c(pval, cout, putype, it); 551 return pf->prim_i2c(pval, cout, putype, it);
581 552
582 /* Should type be omitted? */ 553 /* Should type be omitted? */
583 if ((it->itype != ASN1_ITYPE_PRIMITIVE) 554 if ((it->itype != ASN1_ITYPE_PRIMITIVE) || (it->utype != V_ASN1_BOOLEAN)) {
584 || (it->utype != V_ASN1_BOOLEAN))
585 {
586 if (!*pval) return -1; 555 if (!*pval) return -1;
587 } 556 }
588 557
589 if (it->itype == ASN1_ITYPE_MSTRING) 558 if (it->itype == ASN1_ITYPE_MSTRING) {
590 {
591 /* If MSTRING type set the underlying type */ 559 /* If MSTRING type set the underlying type */
592 strtmp = (ASN1_STRING *)*pval; 560 strtmp = (ASN1_STRING *)*pval;
593 utype = strtmp->type; 561 utype = strtmp->type;
594 *putype = utype; 562 *putype = utype;
595 } 563 } else if (it->utype == V_ASN1_ANY) {
596 else if (it->utype == V_ASN1_ANY)
597 {
598 /* If ANY set type and pointer to value */ 564 /* If ANY set type and pointer to value */
599 ASN1_TYPE *typ; 565 ASN1_TYPE *typ;
600 typ = (ASN1_TYPE *)*pval; 566 typ = (ASN1_TYPE *)*pval;
@@ -604,25 +570,23 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
604 } 570 }
605 else utype = *putype; 571 else utype = *putype;
606 572
607 switch(utype) 573 switch(utype) {
608 { 574 case V_ASN1_OBJECT:
609 case V_ASN1_OBJECT:
610 otmp = (ASN1_OBJECT *)*pval; 575 otmp = (ASN1_OBJECT *)*pval;
611 cont = otmp->data; 576 cont = otmp->data;
612 len = otmp->length; 577 len = otmp->length;
613 break; 578 break;
614 579
615 case V_ASN1_NULL: 580 case V_ASN1_NULL:
616 cont = NULL; 581 cont = NULL;
617 len = 0; 582 len = 0;
618 break; 583 break;
619 584
620 case V_ASN1_BOOLEAN: 585 case V_ASN1_BOOLEAN:
621 tbool = (ASN1_BOOLEAN *)pval; 586 tbool = (ASN1_BOOLEAN *)pval;
622 if (*tbool == -1) 587 if (*tbool == -1)
623 return -1; 588 return -1;
624 if (it->utype != V_ASN1_ANY) 589 if (it->utype != V_ASN1_ANY) {
625 {
626 /* Default handling if value == size field then omit */ 590 /* Default handling if value == size field then omit */
627 if (*tbool && (it->size > 0)) 591 if (*tbool && (it->size > 0))
628 return -1; 592 return -1;
@@ -634,15 +598,15 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
634 len = 1; 598 len = 1;
635 break; 599 break;
636 600
637 case V_ASN1_BIT_STRING: 601 case V_ASN1_BIT_STRING:
638 return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval, 602 return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval,
639 cout ? &cout : NULL); 603 cout ? &cout : NULL);
640 break; 604 break;
641 605
642 case V_ASN1_INTEGER: 606 case V_ASN1_INTEGER:
643 case V_ASN1_NEG_INTEGER: 607 case V_ASN1_NEG_INTEGER:
644 case V_ASN1_ENUMERATED: 608 case V_ASN1_ENUMERATED:
645 case V_ASN1_NEG_ENUMERATED: 609 case V_ASN1_NEG_ENUMERATED:
646 /* These are all have the same content format 610 /* These are all have the same content format
647 * as ASN1_INTEGER 611 * as ASN1_INTEGER
648 */ 612 */
@@ -650,31 +614,29 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
650 cout ? &cout : NULL); 614 cout ? &cout : NULL);
651 break; 615 break;
652 616
653 case V_ASN1_OCTET_STRING: 617 case V_ASN1_OCTET_STRING:
654 case V_ASN1_NUMERICSTRING: 618 case V_ASN1_NUMERICSTRING:
655 case V_ASN1_PRINTABLESTRING: 619 case V_ASN1_PRINTABLESTRING:
656 case V_ASN1_T61STRING: 620 case V_ASN1_T61STRING:
657 case V_ASN1_VIDEOTEXSTRING: 621 case V_ASN1_VIDEOTEXSTRING:
658 case V_ASN1_IA5STRING: 622 case V_ASN1_IA5STRING:
659 case V_ASN1_UTCTIME: 623 case V_ASN1_UTCTIME:
660 case V_ASN1_GENERALIZEDTIME: 624 case V_ASN1_GENERALIZEDTIME:
661 case V_ASN1_GRAPHICSTRING: 625 case V_ASN1_GRAPHICSTRING:
662 case V_ASN1_VISIBLESTRING: 626 case V_ASN1_VISIBLESTRING:
663 case V_ASN1_GENERALSTRING: 627 case V_ASN1_GENERALSTRING:
664 case V_ASN1_UNIVERSALSTRING: 628 case V_ASN1_UNIVERSALSTRING:
665 case V_ASN1_BMPSTRING: 629 case V_ASN1_BMPSTRING:
666 case V_ASN1_UTF8STRING: 630 case V_ASN1_UTF8STRING:
667 case V_ASN1_SEQUENCE: 631 case V_ASN1_SEQUENCE:
668 case V_ASN1_SET: 632 case V_ASN1_SET:
669 default: 633 default:
670 /* All based on ASN1_STRING and handled the same */ 634 /* All based on ASN1_STRING and handled the same */
671 strtmp = (ASN1_STRING *)*pval; 635 strtmp = (ASN1_STRING *)*pval;
672 /* Special handling for NDEF */ 636 /* Special handling for NDEF */
673 if ((it->size == ASN1_TFLG_NDEF) 637 if ((it->size == ASN1_TFLG_NDEF)
674 && (strtmp->flags & ASN1_STRING_FLAG_NDEF)) 638 && (strtmp->flags & ASN1_STRING_FLAG_NDEF)) {
675 { 639 if (cout) {
676 if (cout)
677 {
678 strtmp->data = cout; 640 strtmp->data = cout;
679 strtmp->length = 0; 641 strtmp->length = 0;
680 } 642 }
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_fre.c b/src/lib/libssl/src/crypto/asn1/tasn_fre.c
index b321de6615..5211276efe 100644
--- a/src/lib/libssl/src/crypto/asn1/tasn_fre.c
+++ b/src/lib/libssl/src/crypto/asn1/tasn_fre.c
@@ -93,30 +93,27 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c
93 else 93 else
94 asn1_cb = 0; 94 asn1_cb = 0;
95 95
96 switch(it->itype) 96 switch(it->itype) {
97 {
98 97
99 case ASN1_ITYPE_PRIMITIVE: 98 case ASN1_ITYPE_PRIMITIVE:
100 if (it->templates) 99 if (it->templates)
101 ASN1_template_free(pval, it->templates); 100 ASN1_template_free(pval, it->templates);
102 else 101 else
103 ASN1_primitive_free(pval, it); 102 ASN1_primitive_free(pval, it);
104 break; 103 break;
105 104
106 case ASN1_ITYPE_MSTRING: 105 case ASN1_ITYPE_MSTRING:
107 ASN1_primitive_free(pval, it); 106 ASN1_primitive_free(pval, it);
108 break; 107 break;
109 108
110 case ASN1_ITYPE_CHOICE: 109 case ASN1_ITYPE_CHOICE:
111 if (asn1_cb) 110 if (asn1_cb) {
112 {
113 i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL); 111 i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL);
114 if (i == 2) 112 if (i == 2)
115 return; 113 return;
116 } 114 }
117 i = asn1_get_choice_selector(pval, it); 115 i = asn1_get_choice_selector(pval, it);
118 if ((i >= 0) && (i < it->tcount)) 116 if ((i >= 0) && (i < it->tcount)) {
119 {
120 ASN1_VALUE **pchval; 117 ASN1_VALUE **pchval;
121 tt = it->templates + i; 118 tt = it->templates + i;
122 pchval = asn1_get_field_ptr(pval, tt); 119 pchval = asn1_get_field_ptr(pval, tt);
@@ -124,31 +121,29 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c
124 } 121 }
125 if (asn1_cb) 122 if (asn1_cb)
126 asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL); 123 asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL);
127 if (!combine) 124 if (!combine) {
128 {
129 free(*pval); 125 free(*pval);
130 *pval = NULL; 126 *pval = NULL;
131 } 127 }
132 break; 128 break;
133 129
134 case ASN1_ITYPE_COMPAT: 130 case ASN1_ITYPE_COMPAT:
135 cf = it->funcs; 131 cf = it->funcs;
136 if (cf && cf->asn1_free) 132 if (cf && cf->asn1_free)
137 cf->asn1_free(*pval); 133 cf->asn1_free(*pval);
138 break; 134 break;
139 135
140 case ASN1_ITYPE_EXTERN: 136 case ASN1_ITYPE_EXTERN:
141 ef = it->funcs; 137 ef = it->funcs;
142 if (ef && ef->asn1_ex_free) 138 if (ef && ef->asn1_ex_free)
143 ef->asn1_ex_free(pval, it); 139 ef->asn1_ex_free(pval, it);
144 break; 140 break;
145 141
146 case ASN1_ITYPE_NDEF_SEQUENCE: 142 case ASN1_ITYPE_NDEF_SEQUENCE:
147 case ASN1_ITYPE_SEQUENCE: 143 case ASN1_ITYPE_SEQUENCE:
148 if (asn1_do_lock(pval, -1, it) > 0) 144 if (asn1_do_lock(pval, -1, it) > 0)
149 return; 145 return;
150 if (asn1_cb) 146 if (asn1_cb) {
151 {
152 i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL); 147 i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL);
153 if (i == 2) 148 if (i == 2)
154 return; 149 return;
@@ -160,8 +155,7 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c
160 * free up in reverse order. 155 * free up in reverse order.
161 */ 156 */
162 tt = it->templates + it->tcount - 1; 157 tt = it->templates + it->tcount - 1;
163 for (i = 0; i < it->tcount; tt--, i++) 158 for (i = 0; i < it->tcount; tt--, i++) {
164 {
165 ASN1_VALUE **pseqval; 159 ASN1_VALUE **pseqval;
166 seqtt = asn1_do_adb(pval, tt, 0); 160 seqtt = asn1_do_adb(pval, tt, 0);
167 if (!seqtt) 161 if (!seqtt)
@@ -171,8 +165,7 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c
171 } 165 }
172 if (asn1_cb) 166 if (asn1_cb)
173 asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL); 167 asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL);
174 if (!combine) 168 if (!combine) {
175 {
176 free(*pval); 169 free(*pval);
177 *pval = NULL; 170 *pval = NULL;
178 } 171 }
@@ -183,11 +176,9 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c
183void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) 176void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
184{ 177{
185 int i; 178 int i;
186 if (tt->flags & ASN1_TFLG_SK_MASK) 179 if (tt->flags & ASN1_TFLG_SK_MASK) {
187 {
188 STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval; 180 STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
189 for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) 181 for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
190 {
191 ASN1_VALUE *vtmp; 182 ASN1_VALUE *vtmp;
192 vtmp = sk_ASN1_VALUE_value(sk, i); 183 vtmp = sk_ASN1_VALUE_value(sk, i);
193 asn1_item_combine_free(&vtmp, ASN1_ITEM_ptr(tt->item), 184 asn1_item_combine_free(&vtmp, ASN1_ITEM_ptr(tt->item),
@@ -204,60 +195,52 @@ void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
204void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it) 195void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
205{ 196{
206 int utype; 197 int utype;
207 if (it) 198 if (it) {
208 {
209 const ASN1_PRIMITIVE_FUNCS *pf; 199 const ASN1_PRIMITIVE_FUNCS *pf;
210 pf = it->funcs; 200 pf = it->funcs;
211 if (pf && pf->prim_free) 201 if (pf && pf->prim_free) {
212 {
213 pf->prim_free(pval, it); 202 pf->prim_free(pval, it);
214 return; 203 return;
215 } 204 }
216 } 205 }
217 /* Special case: if 'it' is NULL free contents of ASN1_TYPE */ 206 /* Special case: if 'it' is NULL free contents of ASN1_TYPE */
218 if (!it) 207 if (!it) {
219 {
220 ASN1_TYPE *typ = (ASN1_TYPE *)*pval; 208 ASN1_TYPE *typ = (ASN1_TYPE *)*pval;
221 utype = typ->type; 209 utype = typ->type;
222 pval = &typ->value.asn1_value; 210 pval = &typ->value.asn1_value;
223 if (!*pval) 211 if (!*pval)
224 return; 212 return;
225 } 213 } else if (it->itype == ASN1_ITYPE_MSTRING) {
226 else if (it->itype == ASN1_ITYPE_MSTRING)
227 {
228 utype = -1; 214 utype = -1;
229 if (!*pval) 215 if (!*pval)
230 return; 216 return;
231 } 217 } else {
232 else
233 {
234 utype = it->utype; 218 utype = it->utype;
235 if ((utype != V_ASN1_BOOLEAN) && !*pval) 219 if ((utype != V_ASN1_BOOLEAN) && !*pval)
236 return; 220 return;
237 } 221 }
238 222
239 switch(utype) 223 switch(utype) {
240 { 224 case V_ASN1_OBJECT:
241 case V_ASN1_OBJECT:
242 ASN1_OBJECT_free((ASN1_OBJECT *)*pval); 225 ASN1_OBJECT_free((ASN1_OBJECT *)*pval);
243 break; 226 break;
244 227
245 case V_ASN1_BOOLEAN: 228 case V_ASN1_BOOLEAN:
246 if (it) 229 if (it)
247 *(ASN1_BOOLEAN *)pval = it->size; 230 *(ASN1_BOOLEAN *)pval = it->size;
248 else 231 else
249 *(ASN1_BOOLEAN *)pval = -1; 232 *(ASN1_BOOLEAN *)pval = -1;
250 return; 233 return;
251 234
252 case V_ASN1_NULL: 235 case V_ASN1_NULL:
253 break; 236 break;
254 237
255 case V_ASN1_ANY: 238 case V_ASN1_ANY:
256 ASN1_primitive_free(pval, NULL); 239 ASN1_primitive_free(pval, NULL);
257 free(*pval); 240 free(*pval);
258 break; 241 break;
259 242
260 default: 243 default:
261 ASN1_STRING_free((ASN1_STRING *)*pval); 244 ASN1_STRING_free((ASN1_STRING *)*pval);
262 *pval = NULL; 245 *pval = NULL;
263 break; 246 break;
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_new.c b/src/lib/libssl/src/crypto/asn1/tasn_new.c
index f5d7c690b8..00aa31dd63 100644
--- a/src/lib/libssl/src/crypto/asn1/tasn_new.c
+++ b/src/lib/libssl/src/crypto/asn1/tasn_new.c
@@ -107,30 +107,27 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
107 CRYPTO_push_info(it->sname); 107 CRYPTO_push_info(it->sname);
108#endif 108#endif
109 109
110 switch(it->itype) 110 switch(it->itype) {
111 {
112 111
113 case ASN1_ITYPE_EXTERN: 112 case ASN1_ITYPE_EXTERN:
114 ef = it->funcs; 113 ef = it->funcs;
115 if (ef && ef->asn1_ex_new) 114 if (ef && ef->asn1_ex_new) {
116 {
117 if (!ef->asn1_ex_new(pval, it)) 115 if (!ef->asn1_ex_new(pval, it))
118 goto memerr; 116 goto memerr;
119 } 117 }
120 break; 118 break;
121 119
122 case ASN1_ITYPE_COMPAT: 120 case ASN1_ITYPE_COMPAT:
123 cf = it->funcs; 121 cf = it->funcs;
124 if (cf && cf->asn1_new) { 122 if (cf && cf->asn1_new) {
125 *pval = cf->asn1_new(); 123 *pval = cf->asn1_new();
126 if (!*pval) 124 if (!*pval)
127 goto memerr; 125 goto memerr;
128 } 126 }
129 break; 127 break;
130 128
131 case ASN1_ITYPE_PRIMITIVE: 129 case ASN1_ITYPE_PRIMITIVE:
132 if (it->templates) 130 if (it->templates) {
133 {
134 if (!ASN1_template_new(pval, it->templates)) 131 if (!ASN1_template_new(pval, it->templates))
135 goto memerr; 132 goto memerr;
136 } 133 }
@@ -138,19 +135,17 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
138 goto memerr; 135 goto memerr;
139 break; 136 break;
140 137
141 case ASN1_ITYPE_MSTRING: 138 case ASN1_ITYPE_MSTRING:
142 if (!ASN1_primitive_new(pval, it)) 139 if (!ASN1_primitive_new(pval, it))
143 goto memerr; 140 goto memerr;
144 break; 141 break;
145 142
146 case ASN1_ITYPE_CHOICE: 143 case ASN1_ITYPE_CHOICE:
147 if (asn1_cb) 144 if (asn1_cb) {
148 {
149 i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL); 145 i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL);
150 if (!i) 146 if (!i)
151 goto auxerr; 147 goto auxerr;
152 if (i==2) 148 if (i==2) {
153 {
154#ifdef CRYPTO_MDEBUG 149#ifdef CRYPTO_MDEBUG
155 if (it->sname) 150 if (it->sname)
156 CRYPTO_pop_info(); 151 CRYPTO_pop_info();
@@ -158,8 +153,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
158 return 1; 153 return 1;
159 } 154 }
160 } 155 }
161 if (!combine) 156 if (!combine) {
162 {
163 *pval = malloc(it->size); 157 *pval = malloc(it->size);
164 if (!*pval) 158 if (!*pval)
165 goto memerr; 159 goto memerr;
@@ -170,15 +164,13 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
170 goto auxerr; 164 goto auxerr;
171 break; 165 break;
172 166
173 case ASN1_ITYPE_NDEF_SEQUENCE: 167 case ASN1_ITYPE_NDEF_SEQUENCE:
174 case ASN1_ITYPE_SEQUENCE: 168 case ASN1_ITYPE_SEQUENCE:
175 if (asn1_cb) 169 if (asn1_cb) {
176 {
177 i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL); 170 i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL);
178 if (!i) 171 if (!i)
179 goto auxerr; 172 goto auxerr;
180 if (i==2) 173 if (i==2) {
181 {
182#ifdef CRYPTO_MDEBUG 174#ifdef CRYPTO_MDEBUG
183 if (it->sname) 175 if (it->sname)
184 CRYPTO_pop_info(); 176 CRYPTO_pop_info();
@@ -186,8 +178,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
186 return 1; 178 return 1;
187 } 179 }
188 } 180 }
189 if (!combine) 181 if (!combine) {
190 {
191 *pval = malloc(it->size); 182 *pval = malloc(it->size);
192 if (!*pval) 183 if (!*pval)
193 goto memerr; 184 goto memerr;
@@ -195,8 +186,7 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
195 asn1_do_lock(pval, 0, it); 186 asn1_do_lock(pval, 0, it);
196 asn1_enc_init(pval, it); 187 asn1_enc_init(pval, it);
197 } 188 }
198 for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) 189 for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
199 {
200 pseqval = asn1_get_field_ptr(pval, tt); 190 pseqval = asn1_get_field_ptr(pval, tt);
201 if (!ASN1_template_new(pseqval, tt)) 191 if (!ASN1_template_new(pseqval, tt))
202 goto memerr; 192 goto memerr;
@@ -231,10 +221,9 @@ static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
231{ 221{
232 const ASN1_EXTERN_FUNCS *ef; 222 const ASN1_EXTERN_FUNCS *ef;
233 223
234 switch(it->itype) 224 switch(it->itype) {
235 {
236 225
237 case ASN1_ITYPE_EXTERN: 226 case ASN1_ITYPE_EXTERN:
238 ef = it->funcs; 227 ef = it->funcs;
239 if (ef && ef->asn1_ex_clear) 228 if (ef && ef->asn1_ex_clear)
240 ef->asn1_ex_clear(pval, it); 229 ef->asn1_ex_clear(pval, it);
@@ -242,21 +231,21 @@ static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
242 break; 231 break;
243 232
244 233
245 case ASN1_ITYPE_PRIMITIVE: 234 case ASN1_ITYPE_PRIMITIVE:
246 if (it->templates) 235 if (it->templates)
247 asn1_template_clear(pval, it->templates); 236 asn1_template_clear(pval, it->templates);
248 else 237 else
249 asn1_primitive_clear(pval, it); 238 asn1_primitive_clear(pval, it);
250 break; 239 break;
251 240
252 case ASN1_ITYPE_MSTRING: 241 case ASN1_ITYPE_MSTRING:
253 asn1_primitive_clear(pval, it); 242 asn1_primitive_clear(pval, it);
254 break; 243 break;
255 244
256 case ASN1_ITYPE_COMPAT: 245 case ASN1_ITYPE_COMPAT:
257 case ASN1_ITYPE_CHOICE: 246 case ASN1_ITYPE_CHOICE:
258 case ASN1_ITYPE_SEQUENCE: 247 case ASN1_ITYPE_SEQUENCE:
259 case ASN1_ITYPE_NDEF_SEQUENCE: 248 case ASN1_ITYPE_NDEF_SEQUENCE:
260 *pval = NULL; 249 *pval = NULL;
261 break; 250 break;
262 } 251 }
@@ -267,15 +256,13 @@ int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
267{ 256{
268 const ASN1_ITEM *it = ASN1_ITEM_ptr(tt->item); 257 const ASN1_ITEM *it = ASN1_ITEM_ptr(tt->item);
269 int ret; 258 int ret;
270 if (tt->flags & ASN1_TFLG_OPTIONAL) 259 if (tt->flags & ASN1_TFLG_OPTIONAL) {
271 {
272 asn1_template_clear(pval, tt); 260 asn1_template_clear(pval, tt);
273 return 1; 261 return 1;
274 } 262 }
275 /* If ANY DEFINED BY nothing to do */ 263 /* If ANY DEFINED BY nothing to do */
276 264
277 if (tt->flags & ASN1_TFLG_ADB_MASK) 265 if (tt->flags & ASN1_TFLG_ADB_MASK) {
278 {
279 *pval = NULL; 266 *pval = NULL;
280 return 1; 267 return 1;
281 } 268 }
@@ -284,12 +271,10 @@ int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
284 CRYPTO_push_info(tt->field_name); 271 CRYPTO_push_info(tt->field_name);
285#endif 272#endif
286 /* If SET OF or SEQUENCE OF, its a STACK */ 273 /* If SET OF or SEQUENCE OF, its a STACK */
287 if (tt->flags & ASN1_TFLG_SK_MASK) 274 if (tt->flags & ASN1_TFLG_SK_MASK) {
288 {
289 STACK_OF(ASN1_VALUE) *skval; 275 STACK_OF(ASN1_VALUE) *skval;
290 skval = sk_ASN1_VALUE_new_null(); 276 skval = sk_ASN1_VALUE_new_null();
291 if (!skval) 277 if (!skval) {
292 {
293 ASN1err(ASN1_F_ASN1_TEMPLATE_NEW, ERR_R_MALLOC_FAILURE); 278 ASN1err(ASN1_F_ASN1_TEMPLATE_NEW, ERR_R_MALLOC_FAILURE);
294 ret = 0; 279 ret = 0;
295 goto done; 280 goto done;
@@ -328,8 +313,7 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
328 ASN1_STRING *str; 313 ASN1_STRING *str;
329 int utype; 314 int utype;
330 315
331 if (it && it->funcs) 316 if (it && it->funcs) {
332 {
333 const ASN1_PRIMITIVE_FUNCS *pf = it->funcs; 317 const ASN1_PRIMITIVE_FUNCS *pf = it->funcs;
334 if (pf->prim_new) 318 if (pf->prim_new)
335 return pf->prim_new(pval, it); 319 return pf->prim_new(pval, it);
@@ -339,21 +323,20 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
339 utype = -1; 323 utype = -1;
340 else 324 else
341 utype = it->utype; 325 utype = it->utype;
342 switch(utype) 326 switch(utype) {
343 { 327 case V_ASN1_OBJECT:
344 case V_ASN1_OBJECT:
345 *pval = (ASN1_VALUE *)OBJ_nid2obj(NID_undef); 328 *pval = (ASN1_VALUE *)OBJ_nid2obj(NID_undef);
346 return 1; 329 return 1;
347 330
348 case V_ASN1_BOOLEAN: 331 case V_ASN1_BOOLEAN:
349 *(ASN1_BOOLEAN *)pval = it->size; 332 *(ASN1_BOOLEAN *)pval = it->size;
350 return 1; 333 return 1;
351 334
352 case V_ASN1_NULL: 335 case V_ASN1_NULL:
353 *pval = (ASN1_VALUE *)1; 336 *pval = (ASN1_VALUE *)1;
354 return 1; 337 return 1;
355 338
356 case V_ASN1_ANY: 339 case V_ASN1_ANY:
357 typ = malloc(sizeof(ASN1_TYPE)); 340 typ = malloc(sizeof(ASN1_TYPE));
358 if (!typ) 341 if (!typ)
359 return 0; 342 return 0;
@@ -362,7 +345,7 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
362 *pval = (ASN1_VALUE *)typ; 345 *pval = (ASN1_VALUE *)typ;
363 break; 346 break;
364 347
365 default: 348 default:
366 str = ASN1_STRING_type_new(utype); 349 str = ASN1_STRING_type_new(utype);
367 if (it->itype == ASN1_ITYPE_MSTRING && str) 350 if (it->itype == ASN1_ITYPE_MSTRING && str)
368 str->flags |= ASN1_STRING_FLAG_MSTRING; 351 str->flags |= ASN1_STRING_FLAG_MSTRING;
@@ -377,8 +360,7 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
377static void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) 360static void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
378{ 361{
379 int utype; 362 int utype;
380 if (it && it->funcs) 363 if (it && it->funcs) {
381 {
382 const ASN1_PRIMITIVE_FUNCS *pf = it->funcs; 364 const ASN1_PRIMITIVE_FUNCS *pf = it->funcs;
383 if (pf->prim_clear) 365 if (pf->prim_clear)
384 pf->prim_clear(pval, it); 366 pf->prim_clear(pval, it);
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_prn.c b/src/lib/libssl/src/crypto/asn1/tasn_prn.c
index f62c085f3b..345daeb0f3 100644
--- a/src/lib/libssl/src/crypto/asn1/tasn_prn.c
+++ b/src/lib/libssl/src/crypto/asn1/tasn_prn.c
@@ -86,8 +86,7 @@ ASN1_PCTX *ASN1_PCTX_new(void)
86{ 86{
87 ASN1_PCTX *ret; 87 ASN1_PCTX *ret;
88 ret = malloc(sizeof(ASN1_PCTX)); 88 ret = malloc(sizeof(ASN1_PCTX));
89 if (ret == NULL) 89 if (ret == NULL) {
90 {
91 ASN1err(ASN1_F_ASN1_PCTX_NEW, ERR_R_MALLOC_FAILURE); 90 ASN1err(ASN1_F_ASN1_PCTX_NEW, ERR_R_MALLOC_FAILURE);
92 return NULL; 91 return NULL;
93 } 92 }
@@ -199,8 +198,7 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
199 ASN1_aux_cb *asn1_cb; 198 ASN1_aux_cb *asn1_cb;
200 ASN1_PRINT_ARG parg; 199 ASN1_PRINT_ARG parg;
201 int i; 200 int i;
202 if (aux && aux->asn1_cb) 201 if (aux && aux->asn1_cb) {
203 {
204 parg.out = out; 202 parg.out = out;
205 parg.indent = indent; 203 parg.indent = indent;
206 parg.pctx = pctx; 204 parg.pctx = pctx;
@@ -208,10 +206,8 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
208 } 206 }
209 else asn1_cb = 0; 207 else asn1_cb = 0;
210 208
211 if(*fld == NULL) 209 if(*fld == NULL) {
212 { 210 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_ABSENT) {
213 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_ABSENT)
214 {
215 if (!nohdr && !asn1_print_fsname(out, indent, 211 if (!nohdr && !asn1_print_fsname(out, indent,
216 fname, sname, pctx)) 212 fname, sname, pctx))
217 return 0; 213 return 0;
@@ -221,29 +217,26 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
221 return 1; 217 return 1;
222 } 218 }
223 219
224 switch(it->itype) 220 switch(it->itype) {
225 { 221 case ASN1_ITYPE_PRIMITIVE:
226 case ASN1_ITYPE_PRIMITIVE: 222 if(it->templates) {
227 if(it->templates)
228 {
229 if (!asn1_template_print_ctx(out, fld, indent, 223 if (!asn1_template_print_ctx(out, fld, indent,
230 it->templates, pctx)) 224 it->templates, pctx))
231 return 0; 225 return 0;
232 } 226 }
233 /* fall thru */ 227 /* fall thru */
234 case ASN1_ITYPE_MSTRING: 228 case ASN1_ITYPE_MSTRING:
235 if (!asn1_primitive_print(out, fld, it, 229 if (!asn1_primitive_print(out, fld, it,
236 indent, fname, sname,pctx)) 230 indent, fname, sname,pctx))
237 return 0; 231 return 0;
238 break; 232 break;
239 233
240 case ASN1_ITYPE_EXTERN: 234 case ASN1_ITYPE_EXTERN:
241 if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx)) 235 if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
242 return 0; 236 return 0;
243 /* Use new style print routine if possible */ 237 /* Use new style print routine if possible */
244 ef = it->funcs; 238 ef = it->funcs;
245 if (ef && ef->asn1_ex_print) 239 if (ef && ef->asn1_ex_print) {
246 {
247 i = ef->asn1_ex_print(out, fld, indent, "", pctx); 240 i = ef->asn1_ex_print(out, fld, indent, "", pctx);
248 if (!i) 241 if (!i)
249 return 0; 242 return 0;
@@ -256,7 +249,7 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
256 return 0; 249 return 0;
257 break; 250 break;
258 251
259 case ASN1_ITYPE_CHOICE: 252 case ASN1_ITYPE_CHOICE:
260#if 0 253#if 0
261 if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx)) 254 if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
262 return 0; 255 return 0;
@@ -264,8 +257,7 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
264 /* CHOICE type, get selector */ 257 /* CHOICE type, get selector */
265 i = asn1_get_choice_selector(fld, it); 258 i = asn1_get_choice_selector(fld, it);
266 /* This should never happen... */ 259 /* This should never happen... */
267 if((i < 0) || (i >= it->tcount)) 260 if((i < 0) || (i >= it->tcount)) {
268 {
269 if (BIO_printf(out, 261 if (BIO_printf(out,
270 "ERROR: selector [%d] invalid\n", i) <= 0) 262 "ERROR: selector [%d] invalid\n", i) <= 0)
271 return 0; 263 return 0;
@@ -277,26 +269,21 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
277 return 0; 269 return 0;
278 break; 270 break;
279 271
280 case ASN1_ITYPE_SEQUENCE: 272 case ASN1_ITYPE_SEQUENCE:
281 case ASN1_ITYPE_NDEF_SEQUENCE: 273 case ASN1_ITYPE_NDEF_SEQUENCE:
282 if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx)) 274 if (!nohdr && !asn1_print_fsname(out, indent, fname, sname, pctx))
283 return 0; 275 return 0;
284 if (fname || sname) 276 if (fname || sname) {
285 { 277 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
286 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE)
287 {
288 if (BIO_puts(out, " {\n") <= 0) 278 if (BIO_puts(out, " {\n") <= 0)
289 return 0; 279 return 0;
290 } 280 } else {
291 else
292 {
293 if (BIO_puts(out, "\n") <= 0) 281 if (BIO_puts(out, "\n") <= 0)
294 return 0; 282 return 0;
295 } 283 }
296 } 284 }
297 285
298 if (asn1_cb) 286 if (asn1_cb) {
299 {
300 i = asn1_cb(ASN1_OP_PRINT_PRE, fld, it, &parg); 287 i = asn1_cb(ASN1_OP_PRINT_PRE, fld, it, &parg);
301 if (i == 0) 288 if (i == 0)
302 return 0; 289 return 0;
@@ -305,8 +292,7 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
305 } 292 }
306 293
307 /* Print each field entry */ 294 /* Print each field entry */
308 for(i = 0, tt = it->templates; i < it->tcount; i++, tt++) 295 for(i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
309 {
310 const ASN1_TEMPLATE *seqtt; 296 const ASN1_TEMPLATE *seqtt;
311 seqtt = asn1_do_adb(fld, tt, 1); 297 seqtt = asn1_do_adb(fld, tt, 1);
312 tmpfld = asn1_get_field_ptr(fld, seqtt); 298 tmpfld = asn1_get_field_ptr(fld, seqtt);
@@ -314,14 +300,12 @@ static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
314 indent + 2, seqtt, pctx)) 300 indent + 2, seqtt, pctx))
315 return 0; 301 return 0;
316 } 302 }
317 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) 303 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
318 {
319 if (BIO_printf(out, "%*s}\n", indent, "") < 0) 304 if (BIO_printf(out, "%*s}\n", indent, "") < 0)
320 return 0; 305 return 0;
321 } 306 }
322 307
323 if (asn1_cb) 308 if (asn1_cb) {
324 {
325 i = asn1_cb(ASN1_OP_PRINT_POST, fld, it, &parg); 309 i = asn1_cb(ASN1_OP_PRINT_POST, fld, it, &parg);
326 if (i == 0) 310 if (i == 0)
327 return 0; 311 return 0;
@@ -350,17 +334,14 @@ int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
350 fname = NULL; 334 fname = NULL;
351 else 335 else
352 fname = tt->field_name; 336 fname = tt->field_name;
353 if(flags & ASN1_TFLG_SK_MASK) 337 if(flags & ASN1_TFLG_SK_MASK) {
354 {
355 char *tname; 338 char *tname;
356 ASN1_VALUE *skitem; 339 ASN1_VALUE *skitem;
357 STACK_OF(ASN1_VALUE) *stack; 340 STACK_OF(ASN1_VALUE) *stack;
358 341
359 /* SET OF, SEQUENCE OF */ 342 /* SET OF, SEQUENCE OF */
360 if (fname) 343 if (fname) {
361 { 344 if(pctx->flags & ASN1_PCTX_FLAGS_SHOW_SSOF) {
362 if(pctx->flags & ASN1_PCTX_FLAGS_SHOW_SSOF)
363 {
364 if(flags & ASN1_TFLG_SET_OF) 345 if(flags & ASN1_TFLG_SET_OF)
365 tname = "SET"; 346 tname = "SET";
366 else 347 else
@@ -374,8 +355,7 @@ int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
374 return 0; 355 return 0;
375 } 356 }
376 stack = (STACK_OF(ASN1_VALUE) *)*fld; 357 stack = (STACK_OF(ASN1_VALUE) *)*fld;
377 for(i = 0; i < sk_ASN1_VALUE_num(stack); i++) 358 for(i = 0; i < sk_ASN1_VALUE_num(stack); i++) {
378 {
379 if ((i > 0) && (BIO_puts(out, "\n") <= 0)) 359 if ((i > 0) && (BIO_puts(out, "\n") <= 0))
380 return 0; 360 return 0;
381 361
@@ -386,8 +366,7 @@ int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
386 } 366 }
387 if (!i && BIO_printf(out, "%*s<EMPTY>\n", indent + 2, "") <= 0) 367 if (!i && BIO_printf(out, "%*s<EMPTY>\n", indent + 2, "") <= 0)
388 return 0; 368 return 0;
389 if(pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) 369 if(pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
390 {
391 if (BIO_printf(out, "%*s}\n", indent, "") <= 0) 370 if (BIO_printf(out, "%*s}\n", indent, "") <= 0)
392 return 0; 371 return 0;
393 } 372 }
@@ -409,8 +388,7 @@ static int asn1_print_fsname(BIO *out, int indent,
409 return 1; 388 return 1;
410#endif 389#endif
411 390
412 while (indent > nspaces) 391 while (indent > nspaces) {
413 {
414 if (BIO_write(out, spaces, nspaces) != nspaces) 392 if (BIO_write(out, spaces, nspaces) != nspaces)
415 return 0; 393 return 0;
416 indent -= nspaces; 394 indent -= nspaces;
@@ -423,20 +401,15 @@ static int asn1_print_fsname(BIO *out, int indent,
423 fname = NULL; 401 fname = NULL;
424 if (!sname && !fname) 402 if (!sname && !fname)
425 return 1; 403 return 1;
426 if (fname) 404 if (fname) {
427 {
428 if (BIO_puts(out, fname) <= 0) 405 if (BIO_puts(out, fname) <= 0)
429 return 0; 406 return 0;
430 } 407 }
431 if (sname) 408 if (sname) {
432 { 409 if (fname) {
433 if (fname)
434 {
435 if (BIO_printf(out, " (%s)", sname) <= 0) 410 if (BIO_printf(out, " (%s)", sname) <= 0)
436 return 0; 411 return 0;
437 } 412 } else {
438 else
439 {
440 if (BIO_puts(out, sname) <= 0) 413 if (BIO_puts(out, sname) <= 0)
441 return 0; 414 return 0;
442 } 415 }
@@ -450,13 +423,12 @@ static int asn1_print_boolean_ctx(BIO *out, int boolval,
450 const ASN1_PCTX *pctx) 423 const ASN1_PCTX *pctx)
451{ 424{
452 const char *str; 425 const char *str;
453 switch (boolval) 426 switch (boolval) {
454 { 427 case -1:
455 case -1:
456 str = "BOOL ABSENT"; 428 str = "BOOL ABSENT";
457 break; 429 break;
458 430
459 case 0: 431 case 0:
460 str = "FALSE"; 432 str = "FALSE";
461 break; 433 break;
462 434
@@ -501,8 +473,7 @@ static int asn1_print_oid_ctx(BIO *out, const ASN1_OBJECT *oid,
501static int asn1_print_obstring_ctx(BIO *out, ASN1_STRING *str, int indent, 473static int asn1_print_obstring_ctx(BIO *out, ASN1_STRING *str, int indent,
502 const ASN1_PCTX *pctx) 474 const ASN1_PCTX *pctx)
503{ 475{
504 if (str->type == V_ASN1_BIT_STRING) 476 if (str->type == V_ASN1_BIT_STRING) {
505 {
506 if (BIO_printf(out, " (%ld unused bits)\n", 477 if (BIO_printf(out, " (%ld unused bits)\n",
507 str->flags & 0x7) <= 0) 478 str->flags & 0x7) <= 0)
508 return 0; 479 return 0;
@@ -536,8 +507,7 @@ static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
536 utype = str->type & ~V_ASN1_NEG; 507 utype = str->type & ~V_ASN1_NEG;
537 else 508 else
538 utype = it->utype; 509 utype = it->utype;
539 if (utype == V_ASN1_ANY) 510 if (utype == V_ASN1_ANY) {
540 {
541 ASN1_TYPE *atype = (ASN1_TYPE *)*fld; 511 ASN1_TYPE *atype = (ASN1_TYPE *)*fld;
542 utype = atype->type; 512 utype = atype->type;
543 fld = &atype->value.asn1_value; 513 fld = &atype->value.asn1_value;
@@ -546,33 +516,28 @@ static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
546 pname = NULL; 516 pname = NULL;
547 else 517 else
548 pname = ASN1_tag2str(utype); 518 pname = ASN1_tag2str(utype);
549 } 519 } else {
550 else
551 {
552 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_TYPE) 520 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_TYPE)
553 pname = ASN1_tag2str(utype); 521 pname = ASN1_tag2str(utype);
554 else 522 else
555 pname = NULL; 523 pname = NULL;
556 } 524 }
557 525
558 if (utype == V_ASN1_NULL) 526 if (utype == V_ASN1_NULL) {
559 {
560 if (BIO_puts(out, "NULL\n") <= 0) 527 if (BIO_puts(out, "NULL\n") <= 0)
561 return 0; 528 return 0;
562 return 1; 529 return 1;
563 } 530 }
564 531
565 if (pname) 532 if (pname) {
566 {
567 if (BIO_puts(out, pname) <= 0) 533 if (BIO_puts(out, pname) <= 0)
568 return 0; 534 return 0;
569 if (BIO_puts(out, ":") <= 0) 535 if (BIO_puts(out, ":") <= 0)
570 return 0; 536 return 0;
571 } 537 }
572 538
573 switch (utype) 539 switch (utype) {
574 { 540 case V_ASN1_BOOLEAN:
575 case V_ASN1_BOOLEAN:
576 { 541 {
577 int boolval = *(int *)fld; 542 int boolval = *(int *)fld;
578 if (boolval == -1) 543 if (boolval == -1)
@@ -581,32 +546,32 @@ static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
581 } 546 }
582 break; 547 break;
583 548
584 case V_ASN1_INTEGER: 549 case V_ASN1_INTEGER:
585 case V_ASN1_ENUMERATED: 550 case V_ASN1_ENUMERATED:
586 ret = asn1_print_integer_ctx(out, str, pctx); 551 ret = asn1_print_integer_ctx(out, str, pctx);
587 break; 552 break;
588 553
589 case V_ASN1_UTCTIME: 554 case V_ASN1_UTCTIME:
590 ret = ASN1_UTCTIME_print(out, str); 555 ret = ASN1_UTCTIME_print(out, str);
591 break; 556 break;
592 557
593 case V_ASN1_GENERALIZEDTIME: 558 case V_ASN1_GENERALIZEDTIME:
594 ret = ASN1_GENERALIZEDTIME_print(out, str); 559 ret = ASN1_GENERALIZEDTIME_print(out, str);
595 break; 560 break;
596 561
597 case V_ASN1_OBJECT: 562 case V_ASN1_OBJECT:
598 ret = asn1_print_oid_ctx(out, (const ASN1_OBJECT *)*fld, pctx); 563 ret = asn1_print_oid_ctx(out, (const ASN1_OBJECT *)*fld, pctx);
599 break; 564 break;
600 565
601 case V_ASN1_OCTET_STRING: 566 case V_ASN1_OCTET_STRING:
602 case V_ASN1_BIT_STRING: 567 case V_ASN1_BIT_STRING:
603 ret = asn1_print_obstring_ctx(out, str, indent, pctx); 568 ret = asn1_print_obstring_ctx(out, str, indent, pctx);
604 needlf = 0; 569 needlf = 0;
605 break; 570 break;
606 571
607 case V_ASN1_SEQUENCE: 572 case V_ASN1_SEQUENCE:
608 case V_ASN1_SET: 573 case V_ASN1_SET:
609 case V_ASN1_OTHER: 574 case V_ASN1_OTHER:
610 if (BIO_puts(out, "\n") <= 0) 575 if (BIO_puts(out, "\n") <= 0)
611 return 0; 576 return 0;
612 if (ASN1_parse_dump(out, str->data, str->length, 577 if (ASN1_parse_dump(out, str->data, str->length,
@@ -615,7 +580,7 @@ static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
615 needlf = 0; 580 needlf = 0;
616 break; 581 break;
617 582
618 default: 583 default:
619 ret = ASN1_STRING_print_ex(out, str, pctx->str_flags); 584 ret = ASN1_STRING_print_ex(out, str, pctx->str_flags);
620 585
621 } 586 }
diff --git a/src/lib/libssl/src/crypto/asn1/tasn_utl.c b/src/lib/libssl/src/crypto/asn1/tasn_utl.c
index 37c86c6af8..9715dac931 100644
--- a/src/lib/libssl/src/crypto/asn1/tasn_utl.c
+++ b/src/lib/libssl/src/crypto/asn1/tasn_utl.c
@@ -109,8 +109,7 @@ int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it)
109 if (!aux || !(aux->flags & ASN1_AFLG_REFCOUNT)) 109 if (!aux || !(aux->flags & ASN1_AFLG_REFCOUNT))
110 return 0; 110 return 0;
111 lck = offset2ptr(*pval, aux->ref_offset); 111 lck = offset2ptr(*pval, aux->ref_offset);
112 if (op == 0) 112 if (op == 0) {
113 {
114 *lck = 1; 113 *lck = 1;
115 return 1; 114 return 1;
116 } 115 }
@@ -133,8 +132,7 @@ void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it)
133{ 132{
134 ASN1_ENCODING *enc; 133 ASN1_ENCODING *enc;
135 enc = asn1_get_enc_ptr(pval, it); 134 enc = asn1_get_enc_ptr(pval, it);
136 if (enc) 135 if (enc) {
137 {
138 enc->enc = NULL; 136 enc->enc = NULL;
139 enc->len = 0; 137 enc->len = 0;
140 enc->modified = 1; 138 enc->modified = 1;
@@ -145,8 +143,7 @@ void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
145{ 143{
146 ASN1_ENCODING *enc; 144 ASN1_ENCODING *enc;
147 enc = asn1_get_enc_ptr(pval, it); 145 enc = asn1_get_enc_ptr(pval, it);
148 if (enc) 146 if (enc) {
149 {
150 if (enc->enc) 147 if (enc->enc)
151 free(enc->enc); 148 free(enc->enc);
152 enc->enc = NULL; 149 enc->enc = NULL;
@@ -182,8 +179,7 @@ int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval,
182 enc = asn1_get_enc_ptr(pval, it); 179 enc = asn1_get_enc_ptr(pval, it);
183 if (!enc || enc->modified) 180 if (!enc || enc->modified)
184 return 0; 181 return 0;
185 if (out) 182 if (out) {
186 {
187 memcpy(*out, enc->enc, enc->len); 183 memcpy(*out, enc->enc, enc->len);
188 *out += enc->len; 184 *out += enc->len;
189 } 185 }
@@ -228,8 +224,7 @@ const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt,
228 sfld = offset2ptr(*pval, adb->offset); 224 sfld = offset2ptr(*pval, adb->offset);
229 225
230 /* Check if NULL */ 226 /* Check if NULL */
231 if (!sfld) 227 if (!sfld) {
232 {
233 if (!adb->null_tt) 228 if (!adb->null_tt)
234 goto err; 229 goto err;
235 return adb->null_tt; 230 return adb->null_tt;
diff --git a/src/lib/libssl/src/crypto/asn1/x_algor.c b/src/lib/libssl/src/crypto/asn1/x_algor.c
index 6f6fbb112a..7ae473485c 100644
--- a/src/lib/libssl/src/crypto/asn1/x_algor.c
+++ b/src/lib/libssl/src/crypto/asn1/x_algor.c
@@ -81,25 +81,21 @@ int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval)
81{ 81{
82 if (!alg) 82 if (!alg)
83 return 0; 83 return 0;
84 if (ptype != V_ASN1_UNDEF) 84 if (ptype != V_ASN1_UNDEF) {
85 {
86 if (alg->parameter == NULL) 85 if (alg->parameter == NULL)
87 alg->parameter = ASN1_TYPE_new(); 86 alg->parameter = ASN1_TYPE_new();
88 if (alg->parameter == NULL) 87 if (alg->parameter == NULL)
89 return 0; 88 return 0;
90 } 89 }
91 if (alg) 90 if (alg) {
92 {
93 if (alg->algorithm) 91 if (alg->algorithm)
94 ASN1_OBJECT_free(alg->algorithm); 92 ASN1_OBJECT_free(alg->algorithm);
95 alg->algorithm = aobj; 93 alg->algorithm = aobj;
96 } 94 }
97 if (ptype == 0) 95 if (ptype == 0)
98 return 1; 96 return 1;
99 if (ptype == V_ASN1_UNDEF) 97 if (ptype == V_ASN1_UNDEF) {
100 { 98 if (alg->parameter) {
101 if (alg->parameter)
102 {
103 ASN1_TYPE_free(alg->parameter); 99 ASN1_TYPE_free(alg->parameter);
104 alg->parameter = NULL; 100 alg->parameter = NULL;
105 } 101 }
@@ -114,10 +110,8 @@ void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
114{ 110{
115 if (paobj) 111 if (paobj)
116 *paobj = algor->algorithm; 112 *paobj = algor->algorithm;
117 if (pptype) 113 if (pptype) {
118 { 114 if (algor->parameter == NULL) {
119 if (algor->parameter == NULL)
120 {
121 *pptype = V_ASN1_UNDEF; 115 *pptype = V_ASN1_UNDEF;
122 return; 116 return;
123 } 117 }
diff --git a/src/lib/libssl/src/crypto/asn1/x_crl.c b/src/lib/libssl/src/crypto/asn1/x_crl.c
index b3a6355795..ea94f026b2 100644
--- a/src/lib/libssl/src/crypto/asn1/x_crl.c
+++ b/src/lib/libssl/src/crypto/asn1/x_crl.c
@@ -101,10 +101,10 @@ static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
101 /* Just set cmp function here. We don't sort because that 101 /* Just set cmp function here. We don't sort because that
102 * would affect the output of X509_CRL_print(). 102 * would affect the output of X509_CRL_print().
103 */ 103 */
104 case ASN1_OP_D2I_POST: 104 case ASN1_OP_D2I_POST:
105 (void)sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_cmp); 105 (void)sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_cmp);
106 break; 106 break;
107} 107 }
108 return 1; 108 return 1;
109} 109}
110 110
@@ -133,8 +133,7 @@ static int crl_set_issuers(X509_CRL *crl)
133 revoked = X509_CRL_get_REVOKED(crl); 133 revoked = X509_CRL_get_REVOKED(crl);
134 134
135 gens = NULL; 135 gens = NULL;
136 for (i = 0; i < sk_X509_REVOKED_num(revoked); i++) 136 for (i = 0; i < sk_X509_REVOKED_num(revoked); i++) {
137 {
138 X509_REVOKED *rev = sk_X509_REVOKED_value(revoked, i); 137 X509_REVOKED *rev = sk_X509_REVOKED_value(revoked, i);
139 STACK_OF(X509_EXTENSION) *exts; 138 STACK_OF(X509_EXTENSION) *exts;
140 ASN1_ENUMERATED *reason; 139 ASN1_ENUMERATED *reason;
@@ -142,17 +141,14 @@ static int crl_set_issuers(X509_CRL *crl)
142 gtmp = X509_REVOKED_get_ext_d2i(rev, 141 gtmp = X509_REVOKED_get_ext_d2i(rev,
143 NID_certificate_issuer, 142 NID_certificate_issuer,
144 &j, NULL); 143 &j, NULL);
145 if (!gtmp && (j != -1)) 144 if (!gtmp && (j != -1)) {
146 {
147 crl->flags |= EXFLAG_INVALID; 145 crl->flags |= EXFLAG_INVALID;
148 return 1; 146 return 1;
149 } 147 }
150 148
151 if (gtmp) 149 if (gtmp) {
152 {
153 gens = gtmp; 150 gens = gtmp;
154 if (!crl->issuers) 151 if (!crl->issuers) {
155 {
156 crl->issuers = sk_GENERAL_NAMES_new_null(); 152 crl->issuers = sk_GENERAL_NAMES_new_null();
157 if (!crl->issuers) 153 if (!crl->issuers)
158 return 0; 154 return 0;
@@ -164,29 +160,24 @@ static int crl_set_issuers(X509_CRL *crl)
164 160
165 reason = X509_REVOKED_get_ext_d2i(rev, NID_crl_reason, 161 reason = X509_REVOKED_get_ext_d2i(rev, NID_crl_reason,
166 &j, NULL); 162 &j, NULL);
167 if (!reason && (j != -1)) 163 if (!reason && (j != -1)) {
168 {
169 crl->flags |= EXFLAG_INVALID; 164 crl->flags |= EXFLAG_INVALID;
170 return 1; 165 return 1;
171 } 166 }
172 167
173 if (reason) 168 if (reason) {
174 {
175 rev->reason = ASN1_ENUMERATED_get(reason); 169 rev->reason = ASN1_ENUMERATED_get(reason);
176 ASN1_ENUMERATED_free(reason); 170 ASN1_ENUMERATED_free(reason);
177 } 171 } else
178 else
179 rev->reason = CRL_REASON_NONE; 172 rev->reason = CRL_REASON_NONE;
180 173
181 /* Check for critical CRL entry extensions */ 174 /* Check for critical CRL entry extensions */
182 175
183 exts = rev->extensions; 176 exts = rev->extensions;
184 177
185 for (j = 0; j < sk_X509_EXTENSION_num(exts); j++) 178 for (j = 0; j < sk_X509_EXTENSION_num(exts); j++) {
186 {
187 ext = sk_X509_EXTENSION_value(exts, j); 179 ext = sk_X509_EXTENSION_value(exts, j);
188 if (ext->critical > 0) 180 if (ext->critical > 0) {
189 {
190 if (OBJ_obj2nid(ext->object) == 181 if (OBJ_obj2nid(ext->object) ==
191 NID_certificate_issuer) 182 NID_certificate_issuer)
192 continue; 183 continue;
@@ -213,9 +204,8 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
213 X509_EXTENSION *ext; 204 X509_EXTENSION *ext;
214 int idx; 205 int idx;
215 206
216 switch(operation) 207 switch(operation) {
217 { 208 case ASN1_OP_NEW_POST:
218 case ASN1_OP_NEW_POST:
219 crl->idp = NULL; 209 crl->idp = NULL;
220 crl->akid = NULL; 210 crl->akid = NULL;
221 crl->flags = 0; 211 crl->flags = 0;
@@ -228,7 +218,7 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
228 crl->base_crl_number = NULL; 218 crl->base_crl_number = NULL;
229 break; 219 break;
230 220
231 case ASN1_OP_D2I_POST: 221 case ASN1_OP_D2I_POST:
232#ifndef OPENSSL_NO_SHA 222#ifndef OPENSSL_NO_SHA
233 X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL); 223 X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL);
234#endif 224#endif
@@ -259,15 +249,13 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
259 249
260 exts = crl->crl->extensions; 250 exts = crl->crl->extensions;
261 251
262 for (idx = 0; idx < sk_X509_EXTENSION_num(exts); idx++) 252 for (idx = 0; idx < sk_X509_EXTENSION_num(exts); idx++) {
263 {
264 int nid; 253 int nid;
265 ext = sk_X509_EXTENSION_value(exts, idx); 254 ext = sk_X509_EXTENSION_value(exts, idx);
266 nid = OBJ_obj2nid(ext->object); 255 nid = OBJ_obj2nid(ext->object);
267 if (nid == NID_freshest_crl) 256 if (nid == NID_freshest_crl)
268 crl->flags |= EXFLAG_FRESHEST; 257 crl->flags |= EXFLAG_FRESHEST;
269 if (ext->critical > 0) 258 if (ext->critical > 0) {
270 {
271 /* We handle IDP and deltas */ 259 /* We handle IDP and deltas */
272 if ((nid == NID_issuing_distribution_point) 260 if ((nid == NID_issuing_distribution_point)
273 || (nid == NID_delta_crl)) 261 || (nid == NID_delta_crl))
@@ -281,16 +269,14 @@ static int crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
281 if (!crl_set_issuers(crl)) 269 if (!crl_set_issuers(crl))
282 return 0; 270 return 0;
283 271
284 if (crl->meth->crl_init) 272 if (crl->meth->crl_init) {
285 {
286 if (crl->meth->crl_init(crl) == 0) 273 if (crl->meth->crl_init(crl) == 0)
287 return 0; 274 return 0;
288 } 275 }
289 break; 276 break;
290 277
291 case ASN1_OP_FREE_POST: 278 case ASN1_OP_FREE_POST:
292 if (crl->meth->crl_free) 279 if (crl->meth->crl_free) {
293 {
294 if (!crl->meth->crl_free(crl)) 280 if (!crl->meth->crl_free(crl))
295 return 0; 281 return 0;
296 } 282 }
@@ -313,18 +299,15 @@ static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp)
313 int idp_only = 0; 299 int idp_only = 0;
314 /* Set various flags according to IDP */ 300 /* Set various flags according to IDP */
315 crl->idp_flags |= IDP_PRESENT; 301 crl->idp_flags |= IDP_PRESENT;
316 if (idp->onlyuser > 0) 302 if (idp->onlyuser > 0) {
317 {
318 idp_only++; 303 idp_only++;
319 crl->idp_flags |= IDP_ONLYUSER; 304 crl->idp_flags |= IDP_ONLYUSER;
320 } 305 }
321 if (idp->onlyCA > 0) 306 if (idp->onlyCA > 0) {
322 {
323 idp_only++; 307 idp_only++;
324 crl->idp_flags |= IDP_ONLYCA; 308 crl->idp_flags |= IDP_ONLYCA;
325 } 309 }
326 if (idp->onlyattr > 0) 310 if (idp->onlyattr > 0) {
327 {
328 idp_only++; 311 idp_only++;
329 crl->idp_flags |= IDP_ONLYATTR; 312 crl->idp_flags |= IDP_ONLYATTR;
330 } 313 }
@@ -335,8 +318,7 @@ static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp)
335 if (idp->indirectCRL > 0) 318 if (idp->indirectCRL > 0)
336 crl->idp_flags |= IDP_INDIRECT; 319 crl->idp_flags |= IDP_INDIRECT;
337 320
338 if (idp->onlysomereasons) 321 if (idp->onlysomereasons) {
339 {
340 crl->idp_flags |= IDP_REASONS; 322 crl->idp_flags |= IDP_REASONS;
341 if (idp->onlysomereasons->length > 0) 323 if (idp->onlysomereasons->length > 0)
342 crl->idp_reasons = idp->onlysomereasons->data[0]; 324 crl->idp_reasons = idp->onlysomereasons->data[0];
@@ -417,8 +399,7 @@ static int crl_revoked_issuer_match(X509_CRL *crl, X509_NAME *nm,
417{ 399{
418 int i; 400 int i;
419 401
420 if (!rev->issuer) 402 if (!rev->issuer) {
421 {
422 if (!nm) 403 if (!nm)
423 return 1; 404 return 1;
424 if (!X509_NAME_cmp(nm, X509_CRL_get_issuer(crl))) 405 if (!X509_NAME_cmp(nm, X509_CRL_get_issuer(crl)))
@@ -429,8 +410,7 @@ static int crl_revoked_issuer_match(X509_CRL *crl, X509_NAME *nm,
429 if (!nm) 410 if (!nm)
430 nm = X509_CRL_get_issuer(crl); 411 nm = X509_CRL_get_issuer(crl);
431 412
432 for (i = 0; i < sk_GENERAL_NAME_num(rev->issuer); i++) 413 for (i = 0; i < sk_GENERAL_NAME_num(rev->issuer); i++) {
433 {
434 GENERAL_NAME *gen = sk_GENERAL_NAME_value(rev->issuer, i); 414 GENERAL_NAME *gen = sk_GENERAL_NAME_value(rev->issuer, i);
435 if (gen->type != GEN_DIRNAME) 415 if (gen->type != GEN_DIRNAME)
436 continue; 416 continue;
@@ -450,8 +430,7 @@ static int def_crl_lookup(X509_CRL *crl,
450 /* Sort revoked into serial number order if not already sorted. 430 /* Sort revoked into serial number order if not already sorted.
451 * Do this under a lock to avoid race condition. 431 * Do this under a lock to avoid race condition.
452 */ 432 */
453 if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked)) 433 if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked)) {
454 {
455 CRYPTO_w_lock(CRYPTO_LOCK_X509_CRL); 434 CRYPTO_w_lock(CRYPTO_LOCK_X509_CRL);
456 sk_X509_REVOKED_sort(crl->crl->revoked); 435 sk_X509_REVOKED_sort(crl->crl->revoked);
457 CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL); 436 CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL);
@@ -460,13 +439,11 @@ static int def_crl_lookup(X509_CRL *crl,
460 if(idx < 0) 439 if(idx < 0)
461 return 0; 440 return 0;
462 /* Need to look for matching name */ 441 /* Need to look for matching name */
463 for(;idx < sk_X509_REVOKED_num(crl->crl->revoked); idx++) 442 for(;idx < sk_X509_REVOKED_num(crl->crl->revoked); idx++) {
464 {
465 rev = sk_X509_REVOKED_value(crl->crl->revoked, idx); 443 rev = sk_X509_REVOKED_value(crl->crl->revoked, idx);
466 if (ASN1_INTEGER_cmp(rev->serialNumber, serial)) 444 if (ASN1_INTEGER_cmp(rev->serialNumber, serial))
467 return 0; 445 return 0;
468 if (crl_revoked_issuer_match(crl, issuer, rev)) 446 if (crl_revoked_issuer_match(crl, issuer, rev)) {
469 {
470 if (ret) 447 if (ret)
471 *ret = rev; 448 *ret = rev;
472 if (rev->reason == CRL_REASON_REMOVE_FROM_CRL) 449 if (rev->reason == CRL_REASON_REMOVE_FROM_CRL)
diff --git a/src/lib/libssl/src/crypto/asn1/x_info.c b/src/lib/libssl/src/crypto/asn1/x_info.c
index c1b6058d58..07ce15dbd7 100644
--- a/src/lib/libssl/src/crypto/asn1/x_info.c
+++ b/src/lib/libssl/src/crypto/asn1/x_info.c
@@ -67,8 +67,7 @@ X509_INFO *X509_INFO_new(void)
67 X509_INFO *ret=NULL; 67 X509_INFO *ret=NULL;
68 68
69 ret=(X509_INFO *)malloc(sizeof(X509_INFO)); 69 ret=(X509_INFO *)malloc(sizeof(X509_INFO));
70 if (ret == NULL) 70 if (ret == NULL) {
71 {
72 ASN1err(ASN1_F_X509_INFO_NEW,ERR_R_MALLOC_FAILURE); 71 ASN1err(ASN1_F_X509_INFO_NEW,ERR_R_MALLOC_FAILURE);
73 return(NULL); 72 return(NULL);
74 } 73 }
diff --git a/src/lib/libssl/src/crypto/asn1/x_name.c b/src/lib/libssl/src/crypto/asn1/x_name.c
index dfd4363aa0..d10ac5acd1 100644
--- a/src/lib/libssl/src/crypto/asn1/x_name.c
+++ b/src/lib/libssl/src/crypto/asn1/x_name.c
@@ -145,8 +145,7 @@ static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it)
145 145
146 memerr: 146 memerr:
147 ASN1err(ASN1_F_X509_NAME_EX_NEW, ERR_R_MALLOC_FAILURE); 147 ASN1err(ASN1_F_X509_NAME_EX_NEW, ERR_R_MALLOC_FAILURE);
148 if (ret) 148 if (ret) {
149 {
150 if (ret->entries) 149 if (ret->entries)
151 sk_X509_NAME_ENTRY_free(ret->entries); 150 sk_X509_NAME_ENTRY_free(ret->entries);
152 free(ret); 151 free(ret);
@@ -242,14 +241,14 @@ static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_IT
242} 241}
243 242
244static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne) 243static void local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne)
245 { 244{
246 sk_X509_NAME_ENTRY_free(ne); 245 sk_X509_NAME_ENTRY_free(ne);
247 } 246}
248 247
249static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne) 248static void local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne)
250 { 249{
251 sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free); 250 sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free);
252 } 251}
253 252
254static int x509_name_encode(X509_NAME *a) 253static int x509_name_encode(X509_NAME *a)
255{ 254{
@@ -295,12 +294,12 @@ static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval,
295 int indent, 294 int indent,
296 const char *fname, 295 const char *fname,
297 const ASN1_PCTX *pctx) 296 const ASN1_PCTX *pctx)
298 { 297{
299 if (X509_NAME_print_ex(out, (X509_NAME *)*pval, 298 if (X509_NAME_print_ex(out, (X509_NAME *)*pval,
300 indent, pctx->nm_flags) <= 0) 299 indent, pctx->nm_flags) <= 0)
301 return 0; 300 return 0;
302 return 2; 301 return 2;
303 } 302}
304 303
305/* This function generates the canonical encoding of the Name structure. 304/* This function generates the canonical encoding of the Name structure.
306 * In it all strings are converted to UTF8, leading, trailing and 305 * In it all strings are converted to UTF8, leading, trailing and
@@ -316,39 +315,35 @@ static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval,
316 */ 315 */
317 316
318static int x509_name_canon(X509_NAME *a) 317static int x509_name_canon(X509_NAME *a)
319 { 318{
320 unsigned char *p; 319 unsigned char *p;
321 STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname = NULL; 320 STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname = NULL;
322 STACK_OF(X509_NAME_ENTRY) *entries = NULL; 321 STACK_OF(X509_NAME_ENTRY) *entries = NULL;
323 X509_NAME_ENTRY *entry, *tmpentry = NULL; 322 X509_NAME_ENTRY *entry, *tmpentry = NULL;
324 int i, set = -1, ret = 0; 323 int i, set = -1, ret = 0;
325 324
326 if (a->canon_enc) 325 if (a->canon_enc) {
327 {
328 free(a->canon_enc); 326 free(a->canon_enc);
329 a->canon_enc = NULL; 327 a->canon_enc = NULL;
330 } 328 }
331 /* Special case: empty X509_NAME => null encoding */ 329 /* Special case: empty X509_NAME => null encoding */
332 if (sk_X509_NAME_ENTRY_num(a->entries) == 0) 330 if (sk_X509_NAME_ENTRY_num(a->entries) == 0) {
333 {
334 a->canon_enclen = 0; 331 a->canon_enclen = 0;
335 return 1; 332 return 1;
336 } 333 }
337 intname = sk_STACK_OF_X509_NAME_ENTRY_new_null(); 334 intname = sk_STACK_OF_X509_NAME_ENTRY_new_null();
338 if(!intname) 335 if(!intname)
339 goto err; 336 goto err;
340 for(i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) 337 for(i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
341 {
342 entry = sk_X509_NAME_ENTRY_value(a->entries, i); 338 entry = sk_X509_NAME_ENTRY_value(a->entries, i);
343 if(entry->set != set) 339 if(entry->set != set) {
344 {
345 entries = sk_X509_NAME_ENTRY_new_null(); 340 entries = sk_X509_NAME_ENTRY_new_null();
346 if(!entries) 341 if(!entries)
347 goto err; 342 goto err;
348 if(!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries)) 343 if(!sk_STACK_OF_X509_NAME_ENTRY_push(intname, entries))
349 goto err; 344 goto err;
350 set = entry->set; 345 set = entry->set;
351 } 346 }
352 tmpentry = X509_NAME_ENTRY_new(); 347 tmpentry = X509_NAME_ENTRY_new();
353 tmpentry->object = OBJ_dup(entry->object); 348 tmpentry->object = OBJ_dup(entry->object);
354 if (!asn1_string_canon(tmpentry->value, entry->value)) 349 if (!asn1_string_canon(tmpentry->value, entry->value))
@@ -356,7 +351,7 @@ static int x509_name_canon(X509_NAME *a)
356 if(!sk_X509_NAME_ENTRY_push(entries, tmpentry)) 351 if(!sk_X509_NAME_ENTRY_push(entries, tmpentry))
357 goto err; 352 goto err;
358 tmpentry = NULL; 353 tmpentry = NULL;
359 } 354 }
360 355
361 /* Finally generate encoding */ 356 /* Finally generate encoding */
362 357
@@ -381,7 +376,7 @@ static int x509_name_canon(X509_NAME *a)
381 sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname, 376 sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname,
382 local_sk_X509_NAME_ENTRY_pop_free); 377 local_sk_X509_NAME_ENTRY_pop_free);
383 return ret; 378 return ret;
384 } 379}
385 380
386/* Bitmap of all the types of string that will be canonicalized. */ 381/* Bitmap of all the types of string that will be canonicalized. */
387 382
@@ -392,17 +387,16 @@ static int x509_name_canon(X509_NAME *a)
392 387
393 388
394static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in) 389static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in)
395 { 390{
396 unsigned char *to, *from; 391 unsigned char *to, *from;
397 int len, i; 392 int len, i;
398 393
399 /* If type not in bitmask just copy string across */ 394 /* If type not in bitmask just copy string across */
400 if (!(ASN1_tag2bit(in->type) & ASN1_MASK_CANON)) 395 if (!(ASN1_tag2bit(in->type) & ASN1_MASK_CANON)) {
401 {
402 if (!ASN1_STRING_copy(out, in)) 396 if (!ASN1_STRING_copy(out, in))
403 return 0; 397 return 0;
404 return 1; 398 return 1;
405 } 399 }
406 400
407 out->type = V_ASN1_UTF8STRING; 401 out->type = V_ASN1_UTF8STRING;
408 out->length = ASN1_STRING_to_UTF8(&out->data, in); 402 out->length = ASN1_STRING_to_UTF8(&out->data, in);
@@ -421,99 +415,87 @@ static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in)
421 */ 415 */
422 416
423 /* Ignore leading spaces */ 417 /* Ignore leading spaces */
424 while((len > 0) && !(*from & 0x80) && isspace(*from)) 418 while((len > 0) && !(*from & 0x80) && isspace(*from)) {
425 {
426 from++; 419 from++;
427 len--; 420 len--;
428 } 421 }
429 422
430 to = from + len - 1; 423 to = from + len - 1;
431 424
432 /* Ignore trailing spaces */ 425 /* Ignore trailing spaces */
433 while ((len > 0) && !(*to & 0x80) && isspace(*to)) 426 while ((len > 0) && !(*to & 0x80) && isspace(*to)) {
434 {
435 to--; 427 to--;
436 len--; 428 len--;
437 } 429 }
438 430
439 to = out->data; 431 to = out->data;
440 432
441 i = 0; 433 i = 0;
442 while(i < len) 434 while(i < len) {
443 {
444 /* If MSB set just copy across */ 435 /* If MSB set just copy across */
445 if (*from & 0x80) 436 if (*from & 0x80) {
446 {
447 *to++ = *from++; 437 *to++ = *from++;
448 i++; 438 i++;
449 } 439 }
450 /* Collapse multiple spaces */ 440 /* Collapse multiple spaces */
451 else if (isspace(*from)) 441 else if (isspace(*from)) {
452 {
453 /* Copy one space across */ 442 /* Copy one space across */
454 *to++ = ' '; 443 *to++ = ' ';
455 /* Ignore subsequent spaces. Note: don't need to 444 /* Ignore subsequent spaces. Note: don't need to
456 * check len here because we know the last 445 * check len here because we know the last
457 * character is a non-space so we can't overflow. 446 * character is a non-space so we can't overflow.
458 */ 447 */
459 do 448 do {
460 {
461 from++; 449 from++;
462 i++; 450 i++;
463 } 451 } while(!(*from & 0x80) && isspace(*from));
464 while(!(*from & 0x80) && isspace(*from)); 452 } else {
465 }
466 else
467 {
468 *to++ = tolower(*from); 453 *to++ = tolower(*from);
469 from++; 454 from++;
470 i++; 455 i++;
471 }
472 } 456 }
457 }
473 458
474 out->length = to - out->data; 459 out->length = to - out->data;
475 460
476 return 1; 461 return 1;
477 462
478 } 463}
479 464
480static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) *_intname, 465static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) *_intname,
481 unsigned char **in) 466 unsigned char **in)
482 { 467{
483 int i, len, ltmp; 468 int i, len, ltmp;
484 ASN1_VALUE *v; 469 ASN1_VALUE *v;
485 STACK_OF(ASN1_VALUE) *intname = (STACK_OF(ASN1_VALUE) *)_intname; 470 STACK_OF(ASN1_VALUE) *intname = (STACK_OF(ASN1_VALUE) *)_intname;
486 471
487 len = 0; 472 len = 0;
488 for (i = 0; i < sk_ASN1_VALUE_num(intname); i++) 473 for (i = 0; i < sk_ASN1_VALUE_num(intname); i++) {
489 {
490 v = sk_ASN1_VALUE_value(intname, i); 474 v = sk_ASN1_VALUE_value(intname, i);
491 ltmp = ASN1_item_ex_i2d(&v, in, 475 ltmp = ASN1_item_ex_i2d(&v, in,
492 ASN1_ITEM_rptr(X509_NAME_ENTRIES), -1, -1); 476 ASN1_ITEM_rptr(X509_NAME_ENTRIES), -1, -1);
493 if (ltmp < 0) 477 if (ltmp < 0)
494 return ltmp; 478 return ltmp;
495 len += ltmp; 479 len += ltmp;
496 }
497 return len;
498 } 480 }
481 return len;
482}
499 483
500int X509_NAME_set(X509_NAME **xn, X509_NAME *name) 484int X509_NAME_set(X509_NAME **xn, X509_NAME *name)
501 { 485{
502 X509_NAME *in; 486 X509_NAME *in;
503 487
504 if (!xn || !name) return(0); 488 if (!xn || !name) return(0);
505 489
506 if (*xn != name) 490 if (*xn != name) {
507 {
508 in=X509_NAME_dup(name); 491 in=X509_NAME_dup(name);
509 if (in != NULL) 492 if (in != NULL) {
510 {
511 X509_NAME_free(*xn); 493 X509_NAME_free(*xn);
512 *xn=in; 494 *xn=in;
513 }
514 } 495 }
515 return(*xn != NULL);
516 } 496 }
497 return(*xn != NULL);
498}
517 499
518IMPLEMENT_STACK_OF(X509_NAME_ENTRY) 500IMPLEMENT_STACK_OF(X509_NAME_ENTRY)
519IMPLEMENT_ASN1_SET_OF(X509_NAME_ENTRY) 501IMPLEMENT_ASN1_SET_OF(X509_NAME_ENTRY)
diff --git a/src/lib/libssl/src/crypto/asn1/x_pkey.c b/src/lib/libssl/src/crypto/asn1/x_pkey.c
index 37d2d93968..eac134a1ee 100644
--- a/src/lib/libssl/src/crypto/asn1/x_pkey.c
+++ b/src/lib/libssl/src/crypto/asn1/x_pkey.c
@@ -81,17 +81,14 @@ X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, const unsigned char **pp, long length)
81 81
82 ret->cipher.cipher=EVP_get_cipherbyname( 82 ret->cipher.cipher=EVP_get_cipherbyname(
83 OBJ_nid2ln(OBJ_obj2nid(ret->enc_algor->algorithm))); 83 OBJ_nid2ln(OBJ_obj2nid(ret->enc_algor->algorithm)));
84 if (ret->cipher.cipher == NULL) 84 if (ret->cipher.cipher == NULL) {
85 {
86 c.error=ASN1_R_UNSUPPORTED_CIPHER; 85 c.error=ASN1_R_UNSUPPORTED_CIPHER;
87 c.line=__LINE__; 86 c.line=__LINE__;
88 goto err; 87 goto err;
89 } 88 }
90 if (ret->enc_algor->parameter->type == V_ASN1_OCTET_STRING) 89 if (ret->enc_algor->parameter->type == V_ASN1_OCTET_STRING) {
91 {
92 i=ret->enc_algor->parameter->value.octet_string->length; 90 i=ret->enc_algor->parameter->value.octet_string->length;
93 if (i > EVP_MAX_IV_LENGTH) 91 if (i > EVP_MAX_IV_LENGTH) {
94 {
95 c.error=ASN1_R_IV_TOO_LARGE; 92 c.error=ASN1_R_IV_TOO_LARGE;
96 c.line=__LINE__; 93 c.line=__LINE__;
97 goto err; 94 goto err;
diff --git a/src/lib/libssl/src/crypto/asn1/x_pubkey.c b/src/lib/libssl/src/crypto/asn1/x_pubkey.c
index 454d50f24c..1d6ab6580a 100644
--- a/src/lib/libssl/src/crypto/asn1/x_pubkey.c
+++ b/src/lib/libssl/src/crypto/asn1/x_pubkey.c
@@ -72,8 +72,7 @@
72static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, 72static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
73 void *exarg) 73 void *exarg)
74{ 74{
75 if (operation == ASN1_OP_FREE_POST) 75 if (operation == ASN1_OP_FREE_POST) {
76 {
77 X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval; 76 X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
78 EVP_PKEY_free(pubkey->pkey); 77 EVP_PKEY_free(pubkey->pkey);
79 } 78 }
@@ -95,26 +94,19 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
95 94
96 if ((pk=X509_PUBKEY_new()) == NULL) goto error; 95 if ((pk=X509_PUBKEY_new()) == NULL) goto error;
97 96
98 if (pkey->ameth) 97 if (pkey->ameth) {
99 { 98 if (pkey->ameth->pub_encode) {
100 if (pkey->ameth->pub_encode) 99 if (!pkey->ameth->pub_encode(pk, pkey)) {
101 {
102 if (!pkey->ameth->pub_encode(pk, pkey))
103 {
104 X509err(X509_F_X509_PUBKEY_SET, 100 X509err(X509_F_X509_PUBKEY_SET,
105 X509_R_PUBLIC_KEY_ENCODE_ERROR); 101 X509_R_PUBLIC_KEY_ENCODE_ERROR);
106 goto error; 102 goto error;
107 } 103 }
108 } 104 } else {
109 else
110 {
111 X509err(X509_F_X509_PUBKEY_SET, 105 X509err(X509_F_X509_PUBKEY_SET,
112 X509_R_METHOD_NOT_SUPPORTED); 106 X509_R_METHOD_NOT_SUPPORTED);
113 goto error; 107 goto error;
114 } 108 }
115 } 109 } else {
116 else
117 {
118 X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM); 110 X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM);
119 goto error; 111 goto error;
120 } 112 }
@@ -136,51 +128,41 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
136 128
137 if (key == NULL) goto error; 129 if (key == NULL) goto error;
138 130
139 if (key->pkey != NULL) 131 if (key->pkey != NULL) {
140 {
141 CRYPTO_add(&key->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY); 132 CRYPTO_add(&key->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
142 return key->pkey; 133 return key->pkey;
143 } 134 }
144 135
145 if (key->public_key == NULL) goto error; 136 if (key->public_key == NULL) goto error;
146 137
147 if ((ret = EVP_PKEY_new()) == NULL) 138 if ((ret = EVP_PKEY_new()) == NULL) {
148 {
149 X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE); 139 X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
150 goto error; 140 goto error;
151 } 141 }
152 142
153 if (!EVP_PKEY_set_type(ret, OBJ_obj2nid(key->algor->algorithm))) 143 if (!EVP_PKEY_set_type(ret, OBJ_obj2nid(key->algor->algorithm))) {
154 {
155 X509err(X509_F_X509_PUBKEY_GET,X509_R_UNSUPPORTED_ALGORITHM); 144 X509err(X509_F_X509_PUBKEY_GET,X509_R_UNSUPPORTED_ALGORITHM);
156 goto error; 145 goto error;
157 } 146 }
158 147
159 if (ret->ameth->pub_decode) 148 if (ret->ameth->pub_decode) {
160 { 149 if (!ret->ameth->pub_decode(ret, key)) {
161 if (!ret->ameth->pub_decode(ret, key))
162 {
163 X509err(X509_F_X509_PUBKEY_GET, 150 X509err(X509_F_X509_PUBKEY_GET,
164 X509_R_PUBLIC_KEY_DECODE_ERROR); 151 X509_R_PUBLIC_KEY_DECODE_ERROR);
165 goto error; 152 goto error;
166 } 153 }
167 } 154 } else {
168 else
169 {
170 X509err(X509_F_X509_PUBKEY_GET, X509_R_METHOD_NOT_SUPPORTED); 155 X509err(X509_F_X509_PUBKEY_GET, X509_R_METHOD_NOT_SUPPORTED);
171 goto error; 156 goto error;
172 } 157 }
173 158
174 /* Check to see if another thread set key->pkey first */ 159 /* Check to see if another thread set key->pkey first */
175 CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY); 160 CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
176 if (key->pkey) 161 if (key->pkey) {
177 {
178 CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); 162 CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
179 EVP_PKEY_free(ret); 163 EVP_PKEY_free(ret);
180 ret = key->pkey; 164 ret = key->pkey;
181 } 165 } else {
182 else
183 {
184 key->pkey = ret; 166 key->pkey = ret;
185 CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY); 167 CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
186 } 168 }
@@ -208,8 +190,7 @@ EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp,
208 pktmp = X509_PUBKEY_get(xpk); 190 pktmp = X509_PUBKEY_get(xpk);
209 X509_PUBKEY_free(xpk); 191 X509_PUBKEY_free(xpk);
210 if(!pktmp) return NULL; 192 if(!pktmp) return NULL;
211 if(a) 193 if(a) {
212 {
213 EVP_PKEY_free(*a); 194 EVP_PKEY_free(*a);
214 *a = pktmp; 195 *a = pktmp;
215 } 196 }
@@ -244,8 +225,7 @@ RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp,
244 EVP_PKEY_free(pkey); 225 EVP_PKEY_free(pkey);
245 if (!key) return NULL; 226 if (!key) return NULL;
246 *pp = q; 227 *pp = q;
247 if (a) 228 if (a) {
248 {
249 RSA_free(*a); 229 RSA_free(*a);
250 *a = key; 230 *a = key;
251 } 231 }
@@ -258,8 +238,7 @@ int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp)
258 int ret; 238 int ret;
259 if (!a) return 0; 239 if (!a) return 0;
260 pktmp = EVP_PKEY_new(); 240 pktmp = EVP_PKEY_new();
261 if (!pktmp) 241 if (!pktmp) {
262 {
263 ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE); 242 ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE);
264 return 0; 243 return 0;
265 } 244 }
@@ -284,8 +263,7 @@ DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp,
284 EVP_PKEY_free(pkey); 263 EVP_PKEY_free(pkey);
285 if (!key) return NULL; 264 if (!key) return NULL;
286 *pp = q; 265 *pp = q;
287 if (a) 266 if (a) {
288 {
289 DSA_free(*a); 267 DSA_free(*a);
290 *a = key; 268 *a = key;
291 } 269 }
@@ -298,8 +276,7 @@ int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
298 int ret; 276 int ret;
299 if(!a) return 0; 277 if(!a) return 0;
300 pktmp = EVP_PKEY_new(); 278 pktmp = EVP_PKEY_new();
301 if(!pktmp) 279 if(!pktmp) {
302 {
303 ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE); 280 ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE);
304 return 0; 281 return 0;
305 } 282 }
@@ -323,8 +300,7 @@ EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length)
323 EVP_PKEY_free(pkey); 300 EVP_PKEY_free(pkey);
324 if (!key) return(NULL); 301 if (!key) return(NULL);
325 *pp = q; 302 *pp = q;
326 if (a) 303 if (a) {
327 {
328 EC_KEY_free(*a); 304 EC_KEY_free(*a);
329 *a = key; 305 *a = key;
330 } 306 }
@@ -336,8 +312,7 @@ int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp)
336 EVP_PKEY *pktmp; 312 EVP_PKEY *pktmp;
337 int ret; 313 int ret;
338 if (!a) return(0); 314 if (!a) return(0);
339 if ((pktmp = EVP_PKEY_new()) == NULL) 315 if ((pktmp = EVP_PKEY_new()) == NULL) {
340 {
341 ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE); 316 ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE);
342 return(0); 317 return(0);
343 } 318 }
@@ -354,8 +329,7 @@ int X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj,
354{ 329{
355 if (!X509_ALGOR_set0(pub->algor, aobj, ptype, pval)) 330 if (!X509_ALGOR_set0(pub->algor, aobj, ptype, pval))
356 return 0; 331 return 0;
357 if (penc) 332 if (penc) {
358 {
359 if (pub->public_key->data) 333 if (pub->public_key->data)
360 free(pub->public_key->data); 334 free(pub->public_key->data);
361 pub->public_key->data = penc; 335 pub->public_key->data = penc;
@@ -374,8 +348,7 @@ int X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg,
374{ 348{
375 if (ppkalg) 349 if (ppkalg)
376 *ppkalg = pub->algor->algorithm; 350 *ppkalg = pub->algor->algorithm;
377 if (pk) 351 if (pk) {
378 {
379 *pk = pub->public_key->data; 352 *pk = pub->public_key->data;
380 *ppklen = pub->public_key->length; 353 *ppklen = pub->public_key->length;
381 } 354 }
diff --git a/src/lib/libssl/src/crypto/asn1/x_x509.c b/src/lib/libssl/src/crypto/asn1/x_x509.c
index ff8bd77024..20448a8e3b 100644
--- a/src/lib/libssl/src/crypto/asn1/x_x509.c
+++ b/src/lib/libssl/src/crypto/asn1/x_x509.c
@@ -88,7 +88,7 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
88 88
89 switch(operation) { 89 switch(operation) {
90 90
91 case ASN1_OP_NEW_POST: 91 case ASN1_OP_NEW_POST:
92 ret->valid=0; 92 ret->valid=0;
93 ret->name = NULL; 93 ret->name = NULL;
94 ret->ex_flags = 0; 94 ret->ex_flags = 0;
@@ -104,12 +104,12 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it,
104 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data); 104 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
105 break; 105 break;
106 106
107 case ASN1_OP_D2I_POST: 107 case ASN1_OP_D2I_POST:
108 if (ret->name != NULL) free(ret->name); 108 if (ret->name != NULL) free(ret->name);
109 ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0); 109 ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0);
110 break; 110 break;
111 111
112 case ASN1_OP_FREE_POST: 112 case ASN1_OP_FREE_POST:
113 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data); 113 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
114 X509_CERT_AUX_free(ret->aux); 114 X509_CERT_AUX_free(ret->aux);
115 ASN1_OCTET_STRING_free(ret->skid); 115 ASN1_OCTET_STRING_free(ret->skid);
diff --git a/src/lib/libssl/src/crypto/asn1/x_x509a.c b/src/lib/libssl/src/crypto/asn1/x_x509a.c
index 9449f517be..287d780830 100644
--- a/src/lib/libssl/src/crypto/asn1/x_x509a.c
+++ b/src/lib/libssl/src/crypto/asn1/x_x509a.c
@@ -91,8 +91,7 @@ static X509_CERT_AUX *aux_get(X509 *x)
91int X509_alias_set1(X509 *x, unsigned char *name, int len) 91int X509_alias_set1(X509 *x, unsigned char *name, int len)
92{ 92{
93 X509_CERT_AUX *aux; 93 X509_CERT_AUX *aux;
94 if (!name) 94 if (!name) {
95 {
96 if (!x || !x->aux || !x->aux->alias) 95 if (!x || !x->aux || !x->aux->alias)
97 return 1; 96 return 1;
98 ASN1_UTF8STRING_free(x->aux->alias); 97 ASN1_UTF8STRING_free(x->aux->alias);
@@ -107,8 +106,7 @@ int X509_alias_set1(X509 *x, unsigned char *name, int len)
107int X509_keyid_set1(X509 *x, unsigned char *id, int len) 106int X509_keyid_set1(X509 *x, unsigned char *id, int len)
108{ 107{
109 X509_CERT_AUX *aux; 108 X509_CERT_AUX *aux;
110 if (!id) 109 if (!id) {
111 {
112 if (!x || !x->aux || !x->aux->keyid) 110 if (!x || !x->aux || !x->aux->keyid)
113 return 1; 111 return 1;
114 ASN1_OCTET_STRING_free(x->aux->keyid); 112 ASN1_OCTET_STRING_free(x->aux->keyid);
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-20 06:46:11 +0000