summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/asn1
diff options
context:
space:
mode:
authorcvs2svn <admin@example.com>2015-08-02 21:54:22 +0000
committercvs2svn <admin@example.com>2015-08-02 21:54:22 +0000
commit92262c9818409ff436c41f1e51c2cea5b227f152 (patch)
tree5609c82060f75c53af0a7641d9b33a88574876cd /src/lib/libcrypto/asn1
parented40f444ba01bcae1d8540f9c26d79537ab5baf2 (diff)
downloadopenbsd-OPENBSD_5_8_BASE.tar.gz
openbsd-OPENBSD_5_8_BASE.tar.bz2
openbsd-OPENBSD_5_8_BASE.zip
This commit was manufactured by cvs2git to create tag 'OPENBSD_5_8_BASE'.OPENBSD_5_8_BASE
Diffstat (limited to 'src/lib/libcrypto/asn1')
-rw-r--r--src/lib/libcrypto/asn1/a_bitstr.c259
-rw-r--r--src/lib/libcrypto/asn1/a_bool.c115
-rw-r--r--src/lib/libcrypto/asn1/a_bytes.c306
-rw-r--r--src/lib/libcrypto/asn1/a_d2i_fp.c271
-rw-r--r--src/lib/libcrypto/asn1/a_digest.c84
-rw-r--r--src/lib/libcrypto/asn1/a_dup.c118
-rw-r--r--src/lib/libcrypto/asn1/a_enum.c189
-rw-r--r--src/lib/libcrypto/asn1/a_i2d_fp.c158
-rw-r--r--src/lib/libcrypto/asn1/a_int.c463
-rw-r--r--src/lib/libcrypto/asn1/a_mbstr.c453
-rw-r--r--src/lib/libcrypto/asn1/a_object.c405
-rw-r--r--src/lib/libcrypto/asn1/a_octet.c79
-rw-r--r--src/lib/libcrypto/asn1/a_print.c125
-rw-r--r--src/lib/libcrypto/asn1/a_set.c237
-rw-r--r--src/lib/libcrypto/asn1/a_sign.c240
-rw-r--r--src/lib/libcrypto/asn1/a_strex.c646
-rw-r--r--src/lib/libcrypto/asn1/a_strnid.c292
-rw-r--r--src/lib/libcrypto/asn1/a_time.c225
-rw-r--r--src/lib/libcrypto/asn1/a_type.c158
-rw-r--r--src/lib/libcrypto/asn1/a_utf8.c199
-rw-r--r--src/lib/libcrypto/asn1/a_verify.c172
-rw-r--r--src/lib/libcrypto/asn1/ameth_lib.c457
-rw-r--r--src/lib/libcrypto/asn1/asn1.h1355
-rw-r--r--src/lib/libcrypto/asn1/asn1_err.c333
-rw-r--r--src/lib/libcrypto/asn1/asn1_gen.c811
-rw-r--r--src/lib/libcrypto/asn1/asn1_lib.c486
-rw-r--r--src/lib/libcrypto/asn1/asn1_locl.h151
-rw-r--r--src/lib/libcrypto/asn1/asn1_mac.h426
-rw-r--r--src/lib/libcrypto/asn1/asn1_par.c397
-rw-r--r--src/lib/libcrypto/asn1/asn1t.h880
-rw-r--r--src/lib/libcrypto/asn1/asn_mime.c1019
-rw-r--r--src/lib/libcrypto/asn1/asn_moid.c158
-rw-r--r--src/lib/libcrypto/asn1/asn_pack.c217
-rw-r--r--src/lib/libcrypto/asn1/bio_asn1.c496
-rw-r--r--src/lib/libcrypto/asn1/bio_ndef.c243
-rw-r--r--src/lib/libcrypto/asn1/charmap.h15
-rw-r--r--src/lib/libcrypto/asn1/charmap.pl80
-rw-r--r--src/lib/libcrypto/asn1/d2i_pr.c170
-rw-r--r--src/lib/libcrypto/asn1/d2i_pu.c136
-rw-r--r--src/lib/libcrypto/asn1/evp_asn1.c199
-rw-r--r--src/lib/libcrypto/asn1/f_enum.c201
-rw-r--r--src/lib/libcrypto/asn1/f_int.c204
-rw-r--r--src/lib/libcrypto/asn1/f_string.c197
-rw-r--r--src/lib/libcrypto/asn1/i2d_pr.c81
-rw-r--r--src/lib/libcrypto/asn1/i2d_pu.c98
-rw-r--r--src/lib/libcrypto/asn1/n_pkey.c430
-rw-r--r--src/lib/libcrypto/asn1/nsseq.c129
-rw-r--r--src/lib/libcrypto/asn1/p5_pbe.c186
-rw-r--r--src/lib/libcrypto/asn1/p5_pbev2.c374
-rw-r--r--src/lib/libcrypto/asn1/p8_pkey.c200
-rw-r--r--src/lib/libcrypto/asn1/t_bitst.c112
-rw-r--r--src/lib/libcrypto/asn1/t_crl.c140
-rw-r--r--src/lib/libcrypto/asn1/t_pkey.c114
-rw-r--r--src/lib/libcrypto/asn1/t_req.c267
-rw-r--r--src/lib/libcrypto/asn1/t_spki.c112
-rw-r--r--src/lib/libcrypto/asn1/t_x509.c537
-rw-r--r--src/lib/libcrypto/asn1/t_x509a.c118
-rw-r--r--src/lib/libcrypto/asn1/tasn_dec.c1184
-rw-r--r--src/lib/libcrypto/asn1/tasn_enc.c654
-rw-r--r--src/lib/libcrypto/asn1/tasn_fre.c243
-rw-r--r--src/lib/libcrypto/asn1/tasn_new.c374
-rw-r--r--src/lib/libcrypto/asn1/tasn_prn.c596
-rw-r--r--src/lib/libcrypto/asn1/tasn_typ.c799
-rw-r--r--src/lib/libcrypto/asn1/tasn_utl.c281
-rw-r--r--src/lib/libcrypto/asn1/x_algor.c222
-rw-r--r--src/lib/libcrypto/asn1/x_attrib.c198
-rw-r--r--src/lib/libcrypto/asn1/x_bignum.c167
-rw-r--r--src/lib/libcrypto/asn1/x_crl.c687
-rw-r--r--src/lib/libcrypto/asn1/x_exten.c153
-rw-r--r--src/lib/libcrypto/asn1/x_info.c108
-rw-r--r--src/lib/libcrypto/asn1/x_long.c210
-rw-r--r--src/lib/libcrypto/asn1/x_name.c642
-rw-r--r--src/lib/libcrypto/asn1/x_nx509.c113
-rw-r--r--src/lib/libcrypto/asn1/x_pkey.c121
-rw-r--r--src/lib/libcrypto/asn1/x_pubkey.c430
-rw-r--r--src/lib/libcrypto/asn1/x_req.c227
-rw-r--r--src/lib/libcrypto/asn1/x_sig.c110
-rw-r--r--src/lib/libcrypto/asn1/x_spki.c174
-rw-r--r--src/lib/libcrypto/asn1/x_val.c110
-rw-r--r--src/lib/libcrypto/asn1/x_x509.c346
-rw-r--r--src/lib/libcrypto/asn1/x_x509a.c325
81 files changed, 0 insertions, 25197 deletions
diff --git a/src/lib/libcrypto/asn1/a_bitstr.c b/src/lib/libcrypto/asn1/a_bitstr.c
deleted file mode 100644
index c0259ad815..0000000000
--- a/src/lib/libcrypto/asn1/a_bitstr.c
+++ /dev/null
@@ -1,259 +0,0 @@
1/* $OpenBSD: a_bitstr.c,v 1.22 2015/07/29 14:58:34 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61
62#include <openssl/asn1.h>
63#include <openssl/err.h>
64
65int
66ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len)
67{
68 return ASN1_STRING_set(x, d, len);
69}
70
71int
72i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
73{
74 int ret, j, bits, len;
75 unsigned char *p, *d;
76
77 if (a == NULL)
78 return (0);
79
80 len = a->length;
81
82 if (len > 0) {
83 if (a->flags & ASN1_STRING_FLAG_BITS_LEFT) {
84 bits = (int)a->flags & 0x07;
85 } else {
86 for (; len > 0; len--) {
87 if (a->data[len - 1])
88 break;
89 }
90 j = a->data[len - 1];
91 if (j & 0x01)
92 bits = 0;
93 else if (j & 0x02)
94 bits = 1;
95 else if (j & 0x04)
96 bits = 2;
97 else if (j & 0x08)
98 bits = 3;
99 else if (j & 0x10)
100 bits = 4;
101 else if (j & 0x20)
102 bits = 5;
103 else if (j & 0x40)
104 bits = 6;
105 else if (j & 0x80)
106 bits = 7;
107 else
108 bits = 0; /* should not happen */
109 }
110 } else
111 bits = 0;
112
113 ret = 1 + len;
114 if (pp == NULL)
115 return (ret);
116
117 p= *pp;
118
119 *(p++) = (unsigned char)bits;
120 d = a->data;
121 memcpy(p, d, len);
122 p += len;
123 if (len > 0)
124 p[-1]&=(0xff << bits);
125 *pp = p;
126 return (ret);
127}
128
129ASN1_BIT_STRING *
130c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, const unsigned char **pp, long len)
131{
132 ASN1_BIT_STRING *ret = NULL;
133 const unsigned char *p;
134 unsigned char *s;
135 int i;
136
137 if (len < 1) {
138 i = ASN1_R_STRING_TOO_SHORT;
139 goto err;
140 }
141
142 if ((a == NULL) || ((*a) == NULL)) {
143 if ((ret = M_ASN1_BIT_STRING_new()) == NULL)
144 return (NULL);
145 } else
146 ret = (*a);
147
148 p = *pp;
149 i = *(p++);
150 /* We do this to preserve the settings. If we modify
151 * the settings, via the _set_bit function, we will recalculate
152 * on output */
153 ret->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear */
154 ret->flags|=(ASN1_STRING_FLAG_BITS_LEFT|(i&0x07)); /* set */
155
156 if (len-- > 1) /* using one because of the bits left byte */
157 {
158 s = malloc(len);
159 if (s == NULL) {
160 i = ERR_R_MALLOC_FAILURE;
161 goto err;
162 }
163 memcpy(s, p, len);
164 s[len - 1] &= (0xff << i);
165 p += len;
166 } else
167 s = NULL;
168
169 ret->length = (int)len;
170 free(ret->data);
171 ret->data = s;
172 ret->type = V_ASN1_BIT_STRING;
173 if (a != NULL)
174 (*a) = ret;
175 *pp = p;
176 return (ret);
177
178err:
179 ASN1err(ASN1_F_C2I_ASN1_BIT_STRING, i);
180 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
181 M_ASN1_BIT_STRING_free(ret);
182 return (NULL);
183}
184
185/* These next 2 functions from Goetz Babin-Ebell <babinebell@trustcenter.de>
186 */
187int
188ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value)
189{
190 int w, v, iv;
191 unsigned char *c;
192
193 w = n/8;
194 v = 1 << (7 - (n & 0x07));
195 iv = ~v;
196 if (!value)
197 v = 0;
198
199 if (a == NULL)
200 return 0;
201
202 a->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); /* clear, set on write */
203
204 if ((a->length < (w + 1)) || (a->data == NULL)) {
205 if (!value)
206 return(1); /* Don't need to set */
207 c = OPENSSL_realloc_clean(a->data, a->length, w + 1);
208 if (c == NULL) {
209 ASN1err(ASN1_F_ASN1_BIT_STRING_SET_BIT, ERR_R_MALLOC_FAILURE);
210 return 0;
211 }
212 if (w + 1 - a->length > 0)
213 memset(c + a->length, 0, w + 1 - a->length);
214 a->data = c;
215 a->length = w + 1;
216 }
217 a->data[w] = ((a->data[w]) & iv) | v;
218 while ((a->length > 0) && (a->data[a->length - 1] == 0))
219 a->length--;
220
221 return (1);
222}
223
224int
225ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n)
226{
227 int w, v;
228
229 w = n / 8;
230 v = 1 << (7 - (n & 0x07));
231 if ((a == NULL) || (a->length < (w + 1)) || (a->data == NULL))
232 return (0);
233 return ((a->data[w] & v) != 0);
234}
235
236/*
237 * Checks if the given bit string contains only bits specified by
238 * the flags vector. Returns 0 if there is at least one bit set in 'a'
239 * which is not specified in 'flags', 1 otherwise.
240 * 'len' is the length of 'flags'.
241 */
242int
243ASN1_BIT_STRING_check(ASN1_BIT_STRING *a, unsigned char *flags, int flags_len)
244{
245 int i, ok;
246
247 /* Check if there is one bit set at all. */
248 if (!a || !a->data)
249 return 1;
250
251 /* Check each byte of the internal representation of the bit string. */
252 ok = 1;
253 for (i = 0; i < a->length && ok; ++i) {
254 unsigned char mask = i < flags_len ? ~flags[i] : 0xff;
255 /* We are done if there is an unneeded bit set. */
256 ok = (a->data[i] & mask) == 0;
257 }
258 return ok;
259}
diff --git a/src/lib/libcrypto/asn1/a_bool.c b/src/lib/libcrypto/asn1/a_bool.c
deleted file mode 100644
index d5a0c0c8a4..0000000000
--- a/src/lib/libcrypto/asn1/a_bool.c
+++ /dev/null
@@ -1,115 +0,0 @@
1/* $OpenBSD: a_bool.c,v 1.7 2014/07/11 08:44:47 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/asn1t.h>
62#include <openssl/err.h>
63
64int
65i2d_ASN1_BOOLEAN(int a, unsigned char **pp)
66{
67 int r;
68 unsigned char *p;
69
70 r = ASN1_object_size(0, 1, V_ASN1_BOOLEAN);
71 if (pp == NULL)
72 return (r);
73 p = *pp;
74
75 ASN1_put_object(&p, 0, 1, V_ASN1_BOOLEAN, V_ASN1_UNIVERSAL);
76 *(p++) = (unsigned char)a;
77 *pp = p;
78 return (r);
79}
80
81int
82d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length)
83{
84 int ret = -1;
85 const unsigned char *p;
86 long len;
87 int inf, tag, xclass;
88 int i = 0;
89
90 p = *pp;
91 inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
92 if (inf & 0x80) {
93 i = ASN1_R_BAD_OBJECT_HEADER;
94 goto err;
95 }
96
97 if (tag != V_ASN1_BOOLEAN) {
98 i = ASN1_R_EXPECTING_A_BOOLEAN;
99 goto err;
100 }
101
102 if (len != 1) {
103 i = ASN1_R_BOOLEAN_IS_WRONG_LENGTH;
104 goto err;
105 }
106 ret = (int)*(p++);
107 if (a != NULL)
108 (*a) = ret;
109 *pp = p;
110 return (ret);
111
112err:
113 ASN1err(ASN1_F_D2I_ASN1_BOOLEAN, i);
114 return (ret);
115}
diff --git a/src/lib/libcrypto/asn1/a_bytes.c b/src/lib/libcrypto/asn1/a_bytes.c
deleted file mode 100644
index 727ad3ed9b..0000000000
--- a/src/lib/libcrypto/asn1/a_bytes.c
+++ /dev/null
@@ -1,306 +0,0 @@
1/* $OpenBSD: a_bytes.c,v 1.18 2014/07/11 08:44:47 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61
62#include <openssl/asn1.h>
63#include <openssl/buffer.h>
64#include <openssl/err.h>
65
66static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c);
67/* type is a 'bitmap' of acceptable string types.
68 */
69ASN1_STRING *
70d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp,
71 long length, int type)
72{
73 ASN1_STRING *ret = NULL;
74 const unsigned char *p;
75 unsigned char *s;
76 long len;
77 int inf, tag, xclass;
78 int i = 0;
79
80 p = *pp;
81 inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
82 if (inf & 0x80)
83 goto err;
84
85 if (tag >= 32) {
86 i = ASN1_R_TAG_VALUE_TOO_HIGH;
87 goto err;
88 }
89 if (!(ASN1_tag2bit(tag) & type)) {
90 i = ASN1_R_WRONG_TYPE;
91 goto err;
92 }
93
94 /* If a bit-string, exit early */
95 if (tag == V_ASN1_BIT_STRING)
96 return (d2i_ASN1_BIT_STRING(a, pp, length));
97
98 if ((a == NULL) || ((*a) == NULL)) {
99 if ((ret = ASN1_STRING_new()) == NULL)
100 return (NULL);
101 } else
102 ret = (*a);
103
104 if (len != 0) {
105 s = malloc(len + 1);
106 if (s == NULL) {
107 i = ERR_R_MALLOC_FAILURE;
108 goto err;
109 }
110 memcpy(s, p, len);
111 s[len]='\0';
112 p += len;
113 } else
114 s = NULL;
115
116 free(ret->data);
117 ret->length = (int)len;
118 ret->data = s;
119 ret->type = tag;
120 if (a != NULL)
121 (*a) = ret;
122 *pp = p;
123 return (ret);
124
125err:
126 ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES, i);
127 if (a == NULL || *a != ret)
128 ASN1_STRING_free(ret);
129 return (NULL);
130}
131
132int
133i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass)
134{
135 int ret, r, constructed;
136 unsigned char *p;
137
138 if (a == NULL)
139 return (0);
140
141 if (tag == V_ASN1_BIT_STRING)
142 return (i2d_ASN1_BIT_STRING(a, pp));
143
144 ret = a->length;
145 r = ASN1_object_size(0, ret, tag);
146 if (pp == NULL)
147 return (r);
148 p = *pp;
149
150 if ((tag == V_ASN1_SEQUENCE) || (tag == V_ASN1_SET))
151 constructed = 1;
152 else
153 constructed = 0;
154 ASN1_put_object(&p, constructed, ret, tag, xclass);
155 memcpy(p, a->data, a->length);
156 p += a->length;
157 *pp = p;
158 return (r);
159}
160
161ASN1_STRING *
162d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
163 long length, int Ptag, int Pclass)
164{
165 ASN1_STRING *ret = NULL;
166 const unsigned char *p;
167 unsigned char *s;
168 long len;
169 int inf, tag, xclass;
170 int i = 0;
171
172 if ((a == NULL) || ((*a) == NULL)) {
173 if ((ret = ASN1_STRING_new()) == NULL)
174 return (NULL);
175 } else
176 ret = (*a);
177
178 p= *pp;
179 inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
180 if (inf & 0x80) {
181 i = ASN1_R_BAD_OBJECT_HEADER;
182 goto err;
183 }
184
185 if (tag != Ptag) {
186 i = ASN1_R_WRONG_TAG;
187 goto err;
188 }
189
190 if (inf & V_ASN1_CONSTRUCTED) {
191 ASN1_const_CTX c;
192
193 c.pp = pp;
194 c.p = p;
195 c.inf = inf;
196 c.slen = len;
197 c.tag = Ptag;
198 c.xclass = Pclass;
199 c.max = (length == 0) ? 0 : (p + length);
200 if (!asn1_collate_primitive(ret, &c))
201 goto err;
202 else {
203 p = c.p;
204 }
205 } else {
206 if (len != 0) {
207 if ((ret->length < len) || (ret->data == NULL)) {
208 free(ret->data);
209 ret->data = NULL;
210 s = malloc(len + 1);
211 if (s == NULL) {
212 i = ERR_R_MALLOC_FAILURE;
213 goto err;
214 }
215 } else
216 s = ret->data;
217 memcpy(s, p, len);
218 s[len] = '\0';
219 p += len;
220 } else {
221 s = NULL;
222 free(ret->data);
223 }
224
225 ret->length = (int)len;
226 ret->data = s;
227 ret->type = Ptag;
228 }
229
230 if (a != NULL)
231 (*a) = ret;
232 *pp = p;
233 return (ret);
234
235err:
236 if (a == NULL || *a != ret)
237 ASN1_STRING_free(ret);
238 ASN1err(ASN1_F_D2I_ASN1_BYTES, i);
239 return (NULL);
240}
241
242
243/* We are about to parse 0..n d2i_ASN1_bytes objects, we are to collapse
244 * them into the one structure that is then returned */
245/* There have been a few bug fixes for this function from
246 * Paul Keogh <paul.keogh@sse.ie>, many thanks to him */
247static int
248asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c)
249{
250 ASN1_STRING *os = NULL;
251 BUF_MEM b;
252 int num;
253
254 b.length = 0;
255 b.max = 0;
256 b.data = NULL;
257
258 if (a == NULL) {
259 c->error = ERR_R_PASSED_NULL_PARAMETER;
260 goto err;
261 }
262
263 num = 0;
264 for (;;) {
265 if (c->inf & 1) {
266 c->eos = ASN1_const_check_infinite_end(&c->p,
267 (long)(c->max - c->p));
268 if (c->eos)
269 break;
270 } else {
271 if (c->slen <= 0)
272 break;
273 }
274
275 c->q = c->p;
276 if (d2i_ASN1_bytes(&os, &c->p, c->max - c->p, c->tag,
277 c->xclass) == NULL) {
278 c->error = ERR_R_ASN1_LIB;
279 goto err;
280 }
281
282 if (!BUF_MEM_grow_clean(&b, num + os->length)) {
283 c->error = ERR_R_BUF_LIB;
284 goto err;
285 }
286 memcpy(&(b.data[num]), os->data, os->length);
287 if (!(c->inf & 1))
288 c->slen -= (c->p - c->q);
289 num += os->length;
290 }
291
292 if (!asn1_const_Finish(c))
293 goto err;
294
295 a->length = num;
296 free(a->data);
297 a->data = (unsigned char *)b.data;
298 ASN1_STRING_free(os);
299 return (1);
300
301err:
302 ASN1err(ASN1_F_ASN1_COLLATE_PRIMITIVE, c->error);
303 ASN1_STRING_free(os);
304 free(b.data);
305 return (0);
306}
diff --git a/src/lib/libcrypto/asn1/a_d2i_fp.c b/src/lib/libcrypto/asn1/a_d2i_fp.c
deleted file mode 100644
index c0fb0a3802..0000000000
--- a/src/lib/libcrypto/asn1/a_d2i_fp.c
+++ /dev/null
@@ -1,271 +0,0 @@
1/* $OpenBSD: a_d2i_fp.c,v 1.11 2014/07/13 11:10:20 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <limits.h>
60#include <stdio.h>
61
62#include <openssl/asn1.h>
63#include <openssl/buffer.h>
64#include <openssl/err.h>
65
66static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb);
67
68#ifndef NO_OLD_ASN1
69
70void *
71ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x)
72{
73 BIO *b;
74 void *ret;
75
76 if ((b = BIO_new(BIO_s_file())) == NULL) {
77 ASN1err(ASN1_F_ASN1_D2I_FP, ERR_R_BUF_LIB);
78 return (NULL);
79 }
80 BIO_set_fp(b, in, BIO_NOCLOSE);
81 ret = ASN1_d2i_bio(xnew, d2i, b, x);
82 BIO_free(b);
83 return (ret);
84}
85
86void *
87ASN1_d2i_bio(void *(*xnew)(void), d2i_of_void *d2i, BIO *in, void **x)
88{
89 BUF_MEM *b = NULL;
90 const unsigned char *p;
91 void *ret = NULL;
92 int len;
93
94 len = asn1_d2i_read_bio(in, &b);
95 if (len < 0)
96 goto err;
97
98 p = (unsigned char *)b->data;
99 ret = d2i(x, &p, len);
100
101err:
102 if (b != NULL)
103 BUF_MEM_free(b);
104 return (ret);
105}
106
107#endif
108
109void *
110ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x)
111{
112 BUF_MEM *b = NULL;
113 const unsigned char *p;
114 void *ret = NULL;
115 int len;
116
117 len = asn1_d2i_read_bio(in, &b);
118 if (len < 0)
119 goto err;
120
121 p = (const unsigned char *)b->data;
122 ret = ASN1_item_d2i(x, &p, len, it);
123
124err:
125 if (b != NULL)
126 BUF_MEM_free(b);
127 return (ret);
128}
129
130void *
131ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x)
132{
133 BIO *b;
134 char *ret;
135
136 if ((b = BIO_new(BIO_s_file())) == NULL) {
137 ASN1err(ASN1_F_ASN1_ITEM_D2I_FP, ERR_R_BUF_LIB);
138 return (NULL);
139 }
140 BIO_set_fp(b, in, BIO_NOCLOSE);
141 ret = ASN1_item_d2i_bio(it, b, x);
142 BIO_free(b);
143 return (ret);
144}
145
146#define HEADER_SIZE 8
147static int
148asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
149{
150 BUF_MEM *b;
151 unsigned char *p;
152 int i;
153 ASN1_const_CTX c;
154 size_t want = HEADER_SIZE;
155 int eos = 0;
156 size_t off = 0;
157 size_t len = 0;
158
159 b = BUF_MEM_new();
160 if (b == NULL) {
161 ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
162 return -1;
163 }
164
165 ERR_clear_error();
166 for (;;) {
167 if (want >= (len - off)) {
168 want -= (len - off);
169
170 if (len + want < len || !BUF_MEM_grow_clean(b, len + want)) {
171 ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
172 goto err;
173 }
174 i = BIO_read(in, &(b->data[len]), want);
175 if ((i < 0) && ((len - off) == 0)) {
176 ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_NOT_ENOUGH_DATA);
177 goto err;
178 }
179 if (i > 0) {
180 if (len + i < len) {
181 ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
182 goto err;
183 }
184 len += i;
185 }
186 }
187 /* else data already loaded */
188
189 p = (unsigned char *) & (b->data[off]);
190 c.p = p;
191 c.inf = ASN1_get_object(&(c.p), &(c.slen), &(c.tag),
192 &(c.xclass), len - off);
193 if (c.inf & 0x80) {
194 unsigned long e;
195
196 e = ERR_GET_REASON(ERR_peek_error());
197 if (e != ASN1_R_TOO_LONG)
198 goto err;
199 else
200 ERR_clear_error(); /* clear error */
201 }
202 i = c.p - p; /* header length */
203 off += i; /* end of data */
204
205 if (c.inf & 1) {
206 /* no data body so go round again */
207 eos++;
208 if (eos < 0) {
209 ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_HEADER_TOO_LONG);
210 goto err;
211 }
212 want = HEADER_SIZE;
213 } else if (eos && (c.slen == 0) && (c.tag == V_ASN1_EOC)) {
214 /* eos value, so go back and read another header */
215 eos--;
216 if (eos <= 0)
217 break;
218 else
219 want = HEADER_SIZE;
220 } else {
221 /* suck in c.slen bytes of data */
222 want = c.slen;
223 if (want > (len - off)) {
224 want -= (len - off);
225 if (want > INT_MAX /* BIO_read takes an int length */ ||
226 len+want < len) {
227 ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
228 goto err;
229 }
230 if (!BUF_MEM_grow_clean(b, len + want)) {
231 ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE);
232 goto err;
233 }
234 while (want > 0) {
235 i = BIO_read(in, &(b->data[len]), want);
236 if (i <= 0) {
237 ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
238 ASN1_R_NOT_ENOUGH_DATA);
239 goto err;
240 }
241 /* This can't overflow because
242 * |len+want| didn't overflow. */
243 len += i;
244 want -= i;
245 }
246 }
247 if (off + c.slen < off) {
248 ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
249 goto err;
250 }
251 off += c.slen;
252 if (eos <= 0) {
253 break;
254 } else
255 want = HEADER_SIZE;
256 }
257 }
258
259 if (off > INT_MAX) {
260 ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG);
261 goto err;
262 }
263
264 *pb = b;
265 return off;
266
267err:
268 if (b != NULL)
269 BUF_MEM_free(b);
270 return -1;
271}
diff --git a/src/lib/libcrypto/asn1/a_digest.c b/src/lib/libcrypto/asn1/a_digest.c
deleted file mode 100644
index 085a57d811..0000000000
--- a/src/lib/libcrypto/asn1/a_digest.c
+++ /dev/null
@@ -1,84 +0,0 @@
1/* $OpenBSD: a_digest.c,v 1.15 2014/07/11 08:44:47 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <sys/types.h>
60
61#include <stdio.h>
62#include <time.h>
63
64#include <openssl/buffer.h>
65#include <openssl/err.h>
66#include <openssl/evp.h>
67#include <openssl/x509.h>
68
69int
70ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn,
71 unsigned char *md, unsigned int *len)
72{
73 int i;
74 unsigned char *str = NULL;
75
76 i = ASN1_item_i2d(asn, &str, it);
77 if (!str)
78 return (0);
79
80 if (!EVP_Digest(str, i, md, len, type, NULL))
81 return 0;
82 free(str);
83 return (1);
84}
diff --git a/src/lib/libcrypto/asn1/a_dup.c b/src/lib/libcrypto/asn1/a_dup.c
deleted file mode 100644
index 79cd1d4586..0000000000
--- a/src/lib/libcrypto/asn1/a_dup.c
+++ /dev/null
@@ -1,118 +0,0 @@
1/* $OpenBSD: a_dup.c,v 1.13 2014/07/11 08:44:47 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/asn1.h>
62#include <openssl/err.h>
63
64#ifndef NO_OLD_ASN1
65
66void *
67ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x)
68{
69 unsigned char *b, *p;
70 const unsigned char *p2;
71 int i;
72 char *ret;
73
74 if (x == NULL)
75 return (NULL);
76
77 i = i2d(x, NULL);
78 b = malloc(i + 10);
79 if (b == NULL) {
80 ASN1err(ASN1_F_ASN1_DUP, ERR_R_MALLOC_FAILURE);
81 return (NULL);
82 }
83 p = b;
84 i = i2d(x, &p);
85 p2 = b;
86 ret = d2i(NULL, &p2, i);
87 free(b);
88 return (ret);
89}
90
91#endif
92
93/* ASN1_ITEM version of dup: this follows the model above except we don't need
94 * to allocate the buffer. At some point this could be rewritten to directly dup
95 * the underlying structure instead of doing and encode and decode.
96 */
97
98void *
99ASN1_item_dup(const ASN1_ITEM *it, void *x)
100{
101 unsigned char *b = NULL;
102 const unsigned char *p;
103 long i;
104 void *ret;
105
106 if (x == NULL)
107 return (NULL);
108
109 i = ASN1_item_i2d(x, &b, it);
110 if (b == NULL) {
111 ASN1err(ASN1_F_ASN1_ITEM_DUP, ERR_R_MALLOC_FAILURE);
112 return (NULL);
113 }
114 p = b;
115 ret = ASN1_item_d2i(NULL, &p, i, it);
116 free(b);
117 return (ret);
118}
diff --git a/src/lib/libcrypto/asn1/a_enum.c b/src/lib/libcrypto/asn1/a_enum.c
deleted file mode 100644
index 3c059266be..0000000000
--- a/src/lib/libcrypto/asn1/a_enum.c
+++ /dev/null
@@ -1,189 +0,0 @@
1/* $OpenBSD: a_enum.c,v 1.16 2014/09/21 12:17:42 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/asn1.h>
62#include <openssl/bn.h>
63#include <openssl/err.h>
64
65/*
66 * Code for ENUMERATED type: identical to INTEGER apart from a different tag.
67 * for comments on encoding see a_int.c
68 */
69
70int
71ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v)
72{
73 int j, k;
74 unsigned int i;
75 unsigned char buf[sizeof(long) + 1];
76 long d;
77
78 a->type = V_ASN1_ENUMERATED;
79 if (a->length < (int)(sizeof(long) + 1)) {
80 free(a->data);
81 a->data = calloc(1, sizeof(long) + 1);
82 }
83 if (a->data == NULL) {
84 ASN1err(ASN1_F_ASN1_ENUMERATED_SET, ERR_R_MALLOC_FAILURE);
85 return (0);
86 }
87 d = v;
88 if (d < 0) {
89 d = -d;
90 a->type = V_ASN1_NEG_ENUMERATED;
91 }
92
93 for (i = 0; i < sizeof(long); i++) {
94 if (d == 0)
95 break;
96 buf[i] = (int)d & 0xff;
97 d >>= 8;
98 }
99 j = 0;
100 for (k = i - 1; k >= 0; k--)
101 a->data[j++] = buf[k];
102 a->length = j;
103 return (1);
104}
105
106long
107ASN1_ENUMERATED_get(ASN1_ENUMERATED *a)
108{
109 int neg = 0, i;
110 long r = 0;
111
112 if (a == NULL)
113 return (0L);
114 i = a->type;
115 if (i == V_ASN1_NEG_ENUMERATED)
116 neg = 1;
117 else if (i != V_ASN1_ENUMERATED)
118 return -1;
119
120 if (a->length > (int)sizeof(long)) {
121 /* hmm... a bit ugly */
122 return -1;
123 }
124 if (a->data == NULL)
125 return 0;
126
127 for (i = 0; i < a->length; i++) {
128 r <<= 8;
129 r |= (unsigned char)a->data[i];
130 }
131 if (neg)
132 r = -r;
133 return (r);
134}
135
136ASN1_ENUMERATED *
137BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai)
138{
139 ASN1_ENUMERATED *ret;
140 int len, j;
141
142 if (ai == NULL)
143 ret = M_ASN1_ENUMERATED_new();
144 else
145 ret = ai;
146 if (ret == NULL) {
147 ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED, ERR_R_NESTED_ASN1_ERROR);
148 goto err;
149 }
150 if (BN_is_negative(bn))
151 ret->type = V_ASN1_NEG_ENUMERATED;
152 else
153 ret->type = V_ASN1_ENUMERATED;
154 j = BN_num_bits(bn);
155 len = ((j == 0) ? 0 : ((j / 8) + 1));
156 if (ret->length < len + 4) {
157 unsigned char *new_data = realloc(ret->data, len + 4);
158 if (!new_data) {
159 ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE);
160 goto err;
161 }
162 ret->data = new_data;
163 }
164 ret->length = BN_bn2bin(bn, ret->data);
165
166 /* Correct zero case */
167 if (!ret->length) {
168 ret->data[0] = 0;
169 ret->length = 1;
170 }
171 return (ret);
172
173err:
174 if (ret != ai)
175 M_ASN1_ENUMERATED_free(ret);
176 return (NULL);
177}
178
179BIGNUM *
180ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn)
181{
182 BIGNUM *ret;
183
184 if ((ret = BN_bin2bn(ai->data, ai->length, bn)) == NULL)
185 ASN1err(ASN1_F_ASN1_ENUMERATED_TO_BN, ASN1_R_BN_LIB);
186 else if (ai->type == V_ASN1_NEG_ENUMERATED)
187 BN_set_negative(ret, 1);
188 return (ret);
189}
diff --git a/src/lib/libcrypto/asn1/a_i2d_fp.c b/src/lib/libcrypto/asn1/a_i2d_fp.c
deleted file mode 100644
index 424068d784..0000000000
--- a/src/lib/libcrypto/asn1/a_i2d_fp.c
+++ /dev/null
@@ -1,158 +0,0 @@
1/* $OpenBSD: a_i2d_fp.c,v 1.14 2014/07/11 08:44:47 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/asn1.h>
62#include <openssl/buffer.h>
63#include <openssl/err.h>
64
65#ifndef NO_OLD_ASN1
66
67int
68ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x)
69{
70 BIO *b;
71 int ret;
72
73 if ((b = BIO_new(BIO_s_file())) == NULL) {
74 ASN1err(ASN1_F_ASN1_I2D_FP, ERR_R_BUF_LIB);
75 return (0);
76 }
77 BIO_set_fp(b, out, BIO_NOCLOSE);
78 ret = ASN1_i2d_bio(i2d, b, x);
79 BIO_free(b);
80 return (ret);
81}
82
83int
84ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x)
85{
86 char *b;
87 unsigned char *p;
88 int i, j = 0, n, ret = 1;
89
90 n = i2d(x, NULL);
91 b = malloc(n);
92 if (b == NULL) {
93 ASN1err(ASN1_F_ASN1_I2D_BIO, ERR_R_MALLOC_FAILURE);
94 return (0);
95 }
96
97 p = (unsigned char *)b;
98 i2d(x, &p);
99
100 for (;;) {
101 i = BIO_write(out, &(b[j]), n);
102 if (i == n)
103 break;
104 if (i <= 0) {
105 ret = 0;
106 break;
107 }
108 j += i;
109 n -= i;
110 }
111 free(b);
112 return (ret);
113}
114
115#endif
116
117int
118ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x)
119{
120 BIO *b;
121 int ret;
122
123 if ((b = BIO_new(BIO_s_file())) == NULL) {
124 ASN1err(ASN1_F_ASN1_ITEM_I2D_FP, ERR_R_BUF_LIB);
125 return (0);
126 }
127 BIO_set_fp(b, out, BIO_NOCLOSE);
128 ret = ASN1_item_i2d_bio(it, b, x);
129 BIO_free(b);
130 return (ret);
131}
132
133int
134ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x)
135{
136 unsigned char *b = NULL;
137 int i, j = 0, n, ret = 1;
138
139 n = ASN1_item_i2d(x, &b, it);
140 if (b == NULL) {
141 ASN1err(ASN1_F_ASN1_ITEM_I2D_BIO, ERR_R_MALLOC_FAILURE);
142 return (0);
143 }
144
145 for (;;) {
146 i = BIO_write(out, &(b[j]), n);
147 if (i == n)
148 break;
149 if (i <= 0) {
150 ret = 0;
151 break;
152 }
153 j += i;
154 n -= i;
155 }
156 free(b);
157 return (ret);
158}
diff --git a/src/lib/libcrypto/asn1/a_int.c b/src/lib/libcrypto/asn1/a_int.c
deleted file mode 100644
index 6a378c0884..0000000000
--- a/src/lib/libcrypto/asn1/a_int.c
+++ /dev/null
@@ -1,463 +0,0 @@
1/* $OpenBSD: a_int.c,v 1.28 2015/07/29 14:58:34 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61
62#include <openssl/asn1.h>
63#include <openssl/bn.h>
64#include <openssl/err.h>
65
66ASN1_INTEGER *
67ASN1_INTEGER_dup(const ASN1_INTEGER *x)
68{
69 return ASN1_STRING_dup(x);
70}
71
72int
73ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y)
74{
75 int neg, ret;
76
77 /* Compare signs */
78 neg = x->type & V_ASN1_NEG;
79 if (neg != (y->type & V_ASN1_NEG)) {
80 if (neg)
81 return -1;
82 else
83 return 1;
84 }
85
86 ret = ASN1_STRING_cmp(x, y);
87
88 if (neg)
89 return -ret;
90 else
91 return ret;
92}
93
94
95/*
96 * This converts an ASN1 INTEGER into its content encoding.
97 * The internal representation is an ASN1_STRING whose data is a big endian
98 * representation of the value, ignoring the sign. The sign is determined by
99 * the type: V_ASN1_INTEGER for positive and V_ASN1_NEG_INTEGER for negative.
100 *
101 * Positive integers are no problem: they are almost the same as the DER
102 * encoding, except if the first byte is >= 0x80 we need to add a zero pad.
103 *
104 * Negative integers are a bit trickier...
105 * The DER representation of negative integers is in 2s complement form.
106 * The internal form is converted by complementing each octet and finally
107 * adding one to the result. This can be done less messily with a little trick.
108 * If the internal form has trailing zeroes then they will become FF by the
109 * complement and 0 by the add one (due to carry) so just copy as many trailing
110 * zeros to the destination as there are in the source. The carry will add one
111 * to the last none zero octet: so complement this octet and add one and finally
112 * complement any left over until you get to the start of the string.
113 *
114 * Padding is a little trickier too. If the first bytes is > 0x80 then we pad
115 * with 0xff. However if the first byte is 0x80 and one of the following bytes
116 * is non-zero we pad with 0xff. The reason for this distinction is that 0x80
117 * followed by optional zeros isn't padded.
118 */
119
120int
121i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
122{
123 int pad = 0, ret, i, neg;
124 unsigned char *p, *n, pb = 0;
125
126 if (a == NULL)
127 return (0);
128 neg = a->type & V_ASN1_NEG;
129 if (a->length == 0)
130 ret = 1;
131 else {
132 ret = a->length;
133 i = a->data[0];
134 if (!neg && (i > 127)) {
135 pad = 1;
136 pb = 0;
137 } else if (neg) {
138 if (i > 128) {
139 pad = 1;
140 pb = 0xFF;
141 } else if (i == 128) {
142 /*
143 * Special case: if any other bytes non zero we pad:
144 * otherwise we don't.
145 */
146 for (i = 1; i < a->length; i++) if (a->data[i]) {
147 pad = 1;
148 pb = 0xFF;
149 break;
150 }
151 }
152 }
153 ret += pad;
154 }
155 if (pp == NULL)
156 return (ret);
157 p= *pp;
158
159 if (pad)
160 *(p++) = pb;
161 if (a->length == 0)
162 *(p++) = 0;
163 else if (!neg)
164 memcpy(p, a->data, a->length);
165 else {
166 /* Begin at the end of the encoding */
167 n = a->data + a->length - 1;
168 p += a->length - 1;
169 i = a->length;
170 /* Copy zeros to destination as long as source is zero */
171 while (!*n) {
172 *(p--) = 0;
173 n--;
174 i--;
175 }
176 /* Complement and increment next octet */
177 *(p--) = ((*(n--)) ^ 0xff) + 1;
178 i--;
179 /* Complement any octets left */
180 for (; i > 0; i--)
181 *(p--) = *(n--) ^ 0xff;
182 }
183
184 *pp += ret;
185 return (ret);
186}
187
188/* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */
189
190ASN1_INTEGER *
191c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, long len)
192{
193 ASN1_INTEGER *ret = NULL;
194 const unsigned char *p, *pend;
195 unsigned char *to, *s;
196 int i;
197
198 if ((a == NULL) || ((*a) == NULL)) {
199 if ((ret = M_ASN1_INTEGER_new()) == NULL)
200 return (NULL);
201 ret->type = V_ASN1_INTEGER;
202 } else
203 ret = (*a);
204
205 p = *pp;
206 pend = p + len;
207
208 /* We must malloc stuff, even for 0 bytes otherwise it
209 * signifies a missing NULL parameter. */
210 s = malloc(len + 1);
211 if (s == NULL) {
212 i = ERR_R_MALLOC_FAILURE;
213 goto err;
214 }
215 to = s;
216 if (!len) {
217 /* Strictly speaking this is an illegal INTEGER but we
218 * tolerate it.
219 */
220 ret->type = V_ASN1_INTEGER;
221 } else if (*p & 0x80) /* a negative number */ {
222 ret->type = V_ASN1_NEG_INTEGER;
223 if ((*p == 0xff) && (len != 1)) {
224 p++;
225 len--;
226 }
227 i = len;
228 p += i - 1;
229 to += i - 1;
230 while((!*p) && i) {
231 *(to--) = 0;
232 i--;
233 p--;
234 }
235 /* Special case: if all zeros then the number will be of
236 * the form FF followed by n zero bytes: this corresponds to
237 * 1 followed by n zero bytes. We've already written n zeros
238 * so we just append an extra one and set the first byte to
239 * a 1. This is treated separately because it is the only case
240 * where the number of bytes is larger than len.
241 */
242 if (!i) {
243 *s = 1;
244 s[len] = 0;
245 len++;
246 } else {
247 *(to--) = (*(p--) ^ 0xff) + 1;
248 i--;
249 for (; i > 0; i--)
250 *(to--) = *(p--) ^ 0xff;
251 }
252 } else {
253 ret->type = V_ASN1_INTEGER;
254 if ((*p == 0) && (len != 1)) {
255 p++;
256 len--;
257 }
258 memcpy(s, p, len);
259 }
260
261 free(ret->data);
262 ret->data = s;
263 ret->length = (int)len;
264 if (a != NULL)
265 (*a) = ret;
266 *pp = pend;
267 return (ret);
268
269err:
270 ASN1err(ASN1_F_C2I_ASN1_INTEGER, i);
271 if (a == NULL || *a != ret)
272 M_ASN1_INTEGER_free(ret);
273 return (NULL);
274}
275
276
277/* This is a version of d2i_ASN1_INTEGER that ignores the sign bit of
278 * ASN1 integers: some broken software can encode a positive INTEGER
279 * with its MSB set as negative (it doesn't add a padding zero).
280 */
281
282ASN1_INTEGER *
283d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, long length)
284{
285 ASN1_INTEGER *ret = NULL;
286 const unsigned char *p;
287 unsigned char *s;
288 long len;
289 int inf, tag, xclass;
290 int i;
291
292 if ((a == NULL) || ((*a) == NULL)) {
293 if ((ret = M_ASN1_INTEGER_new()) == NULL)
294 return (NULL);
295 ret->type = V_ASN1_INTEGER;
296 } else
297 ret = (*a);
298
299 p = *pp;
300 inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
301 if (inf & 0x80) {
302 i = ASN1_R_BAD_OBJECT_HEADER;
303 goto err;
304 }
305
306 if (tag != V_ASN1_INTEGER) {
307 i = ASN1_R_EXPECTING_AN_INTEGER;
308 goto err;
309 }
310
311 /* We must malloc stuff, even for 0 bytes otherwise it
312 * signifies a missing NULL parameter. */
313 s = malloc(len + 1);
314 if (s == NULL) {
315 i = ERR_R_MALLOC_FAILURE;
316 goto err;
317 }
318 ret->type = V_ASN1_INTEGER;
319 if (len) {
320 if ((*p == 0) && (len != 1)) {
321 p++;
322 len--;
323 }
324 memcpy(s, p, len);
325 p += len;
326 }
327
328 free(ret->data);
329 ret->data = s;
330 ret->length = (int)len;
331 if (a != NULL)
332 (*a) = ret;
333 *pp = p;
334 return (ret);
335
336err:
337 ASN1err(ASN1_F_D2I_ASN1_UINTEGER, i);
338 if (a == NULL || *a != ret)
339 M_ASN1_INTEGER_free(ret);
340 return (NULL);
341}
342
343int
344ASN1_INTEGER_set(ASN1_INTEGER *a, long v)
345{
346 int j, k;
347 unsigned int i;
348 unsigned char buf[sizeof(long) + 1];
349 long d;
350
351 a->type = V_ASN1_INTEGER;
352 /* XXX ssl/ssl_asn1.c:i2d_SSL_SESSION() depends upon this bound vae */
353 if (a->length < (int)(sizeof(long) + 1)) {
354 free(a->data);
355 a->data = calloc(1, sizeof(long) + 1);
356 }
357 if (a->data == NULL) {
358 ASN1err(ASN1_F_ASN1_INTEGER_SET, ERR_R_MALLOC_FAILURE);
359 return (0);
360 }
361 d = v;
362 if (d < 0) {
363 d = -d;
364 a->type = V_ASN1_NEG_INTEGER;
365 }
366
367 for (i = 0; i < sizeof(long); i++) {
368 if (d == 0)
369 break;
370 buf[i] = (int)d & 0xff;
371 d >>= 8;
372 }
373 j = 0;
374 for (k = i - 1; k >= 0; k--)
375 a->data[j++] = buf[k];
376 a->length = j;
377 return (1);
378}
379
380long
381ASN1_INTEGER_get(const ASN1_INTEGER *a)
382{
383 int neg = 0, i;
384 long r = 0;
385
386 if (a == NULL)
387 return (0L);
388 i = a->type;
389 if (i == V_ASN1_NEG_INTEGER)
390 neg = 1;
391 else if (i != V_ASN1_INTEGER)
392 return -1;
393
394 if (a->length > (int)sizeof(long)) {
395 /* hmm... a bit ugly, return all ones */
396 return -1;
397 }
398 if (a->data == NULL)
399 return 0;
400
401 for (i = 0; i < a->length; i++) {
402 r <<= 8;
403 r |= (unsigned char)a->data[i];
404 }
405 if (neg)
406 r = -r;
407 return (r);
408}
409
410ASN1_INTEGER *
411BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai)
412{
413 ASN1_INTEGER *ret;
414 int len, j;
415
416 if (ai == NULL)
417 ret = M_ASN1_INTEGER_new();
418 else
419 ret = ai;
420 if (ret == NULL) {
421 ASN1err(ASN1_F_BN_TO_ASN1_INTEGER, ERR_R_NESTED_ASN1_ERROR);
422 goto err;
423 }
424 if (BN_is_negative(bn))
425 ret->type = V_ASN1_NEG_INTEGER;
426 else
427 ret->type = V_ASN1_INTEGER;
428 j = BN_num_bits(bn);
429 len = ((j == 0) ? 0 : ((j / 8) + 1));
430 if (ret->length < len + 4) {
431 unsigned char *new_data = realloc(ret->data, len + 4);
432 if (!new_data) {
433 ASN1err(ASN1_F_BN_TO_ASN1_INTEGER, ERR_R_MALLOC_FAILURE);
434 goto err;
435 }
436 ret->data = new_data;
437 }
438 ret->length = BN_bn2bin(bn, ret->data);
439
440 /* Correct zero case */
441 if (!ret->length) {
442 ret->data[0] = 0;
443 ret->length = 1;
444 }
445 return (ret);
446
447err:
448 if (ret != ai)
449 M_ASN1_INTEGER_free(ret);
450 return (NULL);
451}
452
453BIGNUM *
454ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn)
455{
456 BIGNUM *ret;
457
458 if ((ret = BN_bin2bn(ai->data, ai->length, bn)) == NULL)
459 ASN1err(ASN1_F_ASN1_INTEGER_TO_BN, ASN1_R_BN_LIB);
460 else if (ai->type == V_ASN1_NEG_INTEGER)
461 BN_set_negative(ret, 1);
462 return (ret);
463}
diff --git a/src/lib/libcrypto/asn1/a_mbstr.c b/src/lib/libcrypto/asn1/a_mbstr.c
deleted file mode 100644
index e715fe7348..0000000000
--- a/src/lib/libcrypto/asn1/a_mbstr.c
+++ /dev/null
@@ -1,453 +0,0 @@
1/* $OpenBSD: a_mbstr.c,v 1.22 2015/07/16 02:18:58 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <ctype.h>
60#include <stdio.h>
61#include <string.h>
62
63#include <openssl/asn1.h>
64#include <openssl/err.h>
65
66#include "asn1_locl.h"
67
68static int traverse_string(const unsigned char *p, int len, int inform,
69 int (*rfunc)(unsigned long value, void *in), void *arg);
70static int in_utf8(unsigned long value, void *arg);
71static int out_utf8(unsigned long value, void *arg);
72static int type_str(unsigned long value, void *arg);
73static int cpy_asc(unsigned long value, void *arg);
74static int cpy_bmp(unsigned long value, void *arg);
75static int cpy_univ(unsigned long value, void *arg);
76static int cpy_utf8(unsigned long value, void *arg);
77static int is_printable(unsigned long value);
78
79/* These functions take a string in UTF8, ASCII or multibyte form and
80 * a mask of permissible ASN1 string types. It then works out the minimal
81 * type (using the order Printable < IA5 < T61 < BMP < Universal < UTF8)
82 * and creates a string of the correct type with the supplied data.
83 * Yes this is horrible: it has to be :-(
84 * The 'ncopy' form checks minimum and maximum size limits too.
85 */
86
87int
88ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
89 int inform, unsigned long mask)
90{
91 return ASN1_mbstring_ncopy(out, in, len, inform, mask, 0, 0);
92}
93
94int
95ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
96 int inform, unsigned long mask, long minsize, long maxsize)
97{
98 int str_type;
99 int ret;
100 char free_out;
101 int outform, outlen = 0;
102 ASN1_STRING *dest;
103 unsigned char *p;
104 int nchar;
105 int (*cpyfunc)(unsigned long, void *) = NULL;
106
107 if (len < 0)
108 len = strlen((const char *)in);
109 if (!mask)
110 mask = DIRSTRING_TYPE;
111
112 /* First do a string check and work out the number of characters */
113 switch (inform) {
114 case MBSTRING_BMP:
115 if (len & 1) {
116 ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
117 ASN1_R_INVALID_BMPSTRING_LENGTH);
118 return -1;
119 }
120 nchar = len >> 1;
121 break;
122
123 case MBSTRING_UNIV:
124 if (len & 3) {
125 ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
126 ASN1_R_INVALID_UNIVERSALSTRING_LENGTH);
127 return -1;
128 }
129 nchar = len >> 2;
130 break;
131
132 case MBSTRING_UTF8:
133 nchar = 0;
134 /* This counts the characters and does utf8 syntax checking */
135 ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar);
136 if (ret < 0) {
137 ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
138 ASN1_R_INVALID_UTF8STRING);
139 return -1;
140 }
141 break;
142
143 case MBSTRING_ASC:
144 nchar = len;
145 break;
146
147 default:
148 ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_UNKNOWN_FORMAT);
149 return -1;
150 }
151
152 if ((minsize > 0) && (nchar < minsize)) {
153 ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_SHORT);
154 ERR_asprintf_error_data("minsize=%ld", minsize);
155 return -1;
156 }
157
158 if ((maxsize > 0) && (nchar > maxsize)) {
159 ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_LONG);
160 ERR_asprintf_error_data("maxsize=%ld", maxsize);
161 return -1;
162 }
163
164 /* Now work out minimal type (if any) */
165 if (traverse_string(in, len, inform, type_str, &mask) < 0) {
166 ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_ILLEGAL_CHARACTERS);
167 return -1;
168 }
169
170
171 /* Now work out output format and string type */
172 outform = MBSTRING_ASC;
173 if (mask & B_ASN1_PRINTABLESTRING)
174 str_type = V_ASN1_PRINTABLESTRING;
175 else if (mask & B_ASN1_IA5STRING)
176 str_type = V_ASN1_IA5STRING;
177 else if (mask & B_ASN1_T61STRING)
178 str_type = V_ASN1_T61STRING;
179 else if (mask & B_ASN1_BMPSTRING) {
180 str_type = V_ASN1_BMPSTRING;
181 outform = MBSTRING_BMP;
182 } else if (mask & B_ASN1_UNIVERSALSTRING) {
183 str_type = V_ASN1_UNIVERSALSTRING;
184 outform = MBSTRING_UNIV;
185 } else {
186 str_type = V_ASN1_UTF8STRING;
187 outform = MBSTRING_UTF8;
188 }
189 if (!out)
190 return str_type;
191 if (*out) {
192 free_out = 0;
193 dest = *out;
194 if (dest->data) {
195 dest->length = 0;
196 free(dest->data);
197 dest->data = NULL;
198 }
199 dest->type = str_type;
200 } else {
201 free_out = 1;
202 dest = ASN1_STRING_type_new(str_type);
203 if (!dest) {
204 ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
205 ERR_R_MALLOC_FAILURE);
206 return -1;
207 }
208 *out = dest;
209 }
210 /* If both the same type just copy across */
211 if (inform == outform) {
212 if (!ASN1_STRING_set(dest, in, len)) {
213 ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
214 ERR_R_MALLOC_FAILURE);
215 goto err;
216 }
217 return str_type;
218 }
219
220 /* Work out how much space the destination will need */
221 switch (outform) {
222 case MBSTRING_ASC:
223 outlen = nchar;
224 cpyfunc = cpy_asc;
225 break;
226
227 case MBSTRING_BMP:
228 outlen = nchar << 1;
229 cpyfunc = cpy_bmp;
230 break;
231
232 case MBSTRING_UNIV:
233 outlen = nchar << 2;
234 cpyfunc = cpy_univ;
235 break;
236
237 case MBSTRING_UTF8:
238 outlen = 0;
239 if (traverse_string(in, len, inform, out_utf8, &outlen) < 0) {
240 ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
241 ASN1_R_ILLEGAL_CHARACTERS);
242 goto err;
243 }
244 cpyfunc = cpy_utf8;
245 break;
246 }
247 if (!(p = malloc(outlen + 1))) {
248 ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ERR_R_MALLOC_FAILURE);
249 goto err;
250 }
251 dest->length = outlen;
252 dest->data = p;
253 p[outlen] = 0;
254 traverse_string(in, len, inform, cpyfunc, &p);
255 return str_type;
256
257err:
258 if (free_out) {
259 ASN1_STRING_free(dest);
260 *out = NULL;
261 }
262 return -1;
263}
264
265/* This function traverses a string and passes the value of each character
266 * to an optional function along with a void * argument.
267 */
268
269static int
270traverse_string(const unsigned char *p, int len, int inform,
271 int (*rfunc)(unsigned long value, void *in), void *arg)
272{
273 unsigned long value;
274 int ret;
275
276 while (len) {
277 switch (inform) {
278 case MBSTRING_ASC:
279 value = *p++;
280 len--;
281 break;
282 case MBSTRING_BMP:
283 value = *p++ << 8;
284 value |= *p++;
285 /* BMP is explictly defined to not support surrogates */
286 if (UNICODE_IS_SURROGATE(value))
287 return -1;
288 len -= 2;
289 break;
290 case MBSTRING_UNIV:
291 value = (unsigned long)*p++ << 24;
292 value |= *p++ << 16;
293 value |= *p++ << 8;
294 value |= *p++;
295 if (value > UNICODE_MAX || UNICODE_IS_SURROGATE(value))
296 return -1;
297 len -= 4;
298 break;
299 default:
300 ret = UTF8_getc(p, len, &value);
301 if (ret < 0)
302 return -1;
303 len -= ret;
304 p += ret;
305 break;
306 }
307 if (rfunc) {
308 ret = rfunc(value, arg);
309 if (ret <= 0)
310 return ret;
311 }
312 }
313 return 1;
314}
315
316/* Various utility functions for traverse_string */
317
318/* Just count number of characters */
319
320static int
321in_utf8(unsigned long value, void *arg)
322{
323 int *nchar;
324
325 nchar = arg;
326 (*nchar)++;
327 return 1;
328}
329
330/* Determine size of output as a UTF8 String */
331
332static int
333out_utf8(unsigned long value, void *arg)
334{
335 int *outlen;
336 int ret;
337
338 outlen = arg;
339 ret = UTF8_putc(NULL, -1, value);
340 if (ret < 0)
341 return ret;
342 *outlen += ret;
343 return 1;
344}
345
346/* Determine the "type" of a string: check each character against a
347 * supplied "mask".
348 */
349
350static int
351type_str(unsigned long value, void *arg)
352{
353 unsigned long types;
354
355 types = *((unsigned long *)arg);
356 if ((types & B_ASN1_PRINTABLESTRING) && !is_printable(value))
357 types &= ~B_ASN1_PRINTABLESTRING;
358 if ((types & B_ASN1_IA5STRING) && (value > 127))
359 types &= ~B_ASN1_IA5STRING;
360 if ((types & B_ASN1_T61STRING) && (value > 0xff))
361 types &= ~B_ASN1_T61STRING;
362 if ((types & B_ASN1_BMPSTRING) && (value > 0xffff))
363 types &= ~B_ASN1_BMPSTRING;
364 if (!types)
365 return -1;
366 *((unsigned long *)arg) = types;
367 return 1;
368}
369
370/* Copy one byte per character ASCII like strings */
371
372static int
373cpy_asc(unsigned long value, void *arg)
374{
375 unsigned char **p, *q;
376
377 p = arg;
378 q = *p;
379 *q = value;
380 (*p)++;
381 return 1;
382}
383
384/* Copy two byte per character BMPStrings */
385
386static int
387cpy_bmp(unsigned long value, void *arg)
388{
389 unsigned char **p, *q;
390
391 p = arg;
392 q = *p;
393 *q++ = (value >> 8) & 0xff;
394 *q = value & 0xff;
395 *p += 2;
396 return 1;
397}
398
399/* Copy four byte per character UniversalStrings */
400
401static int
402cpy_univ(unsigned long value, void *arg)
403{
404 unsigned char **p, *q;
405
406 p = arg;
407 q = *p;
408 *q++ = (value >> 24) & 0xff;
409 *q++ = (value >> 16) & 0xff;
410 *q++ = (value >> 8) & 0xff;
411 *q = value & 0xff;
412 *p += 4;
413 return 1;
414}
415
416/* Copy to a UTF8String */
417
418static int
419cpy_utf8(unsigned long value, void *arg)
420{
421 unsigned char **p;
422
423 int ret;
424 p = arg;
425 /* We already know there is enough room so pass 0xff as the length */
426 ret = UTF8_putc(*p, 0xff, value);
427 *p += ret;
428 return 1;
429}
430
431/* Return 1 if the character is permitted in a PrintableString */
432static int
433is_printable(unsigned long value)
434{
435 int ch;
436
437 if (value > 0x7f)
438 return 0;
439 ch = (int)value;
440
441 /* Note: we can't use 'isalnum' because certain accented
442 * characters may count as alphanumeric in some environments.
443 */
444 if ((ch >= 'a') && (ch <= 'z'))
445 return 1;
446 if ((ch >= 'A') && (ch <= 'Z'))
447 return 1;
448 if ((ch >= '0') && (ch <= '9'))
449 return 1;
450 if ((ch == ' ') || strchr("'()+,-./:=?", ch))
451 return 1;
452 return 0;
453}
diff --git a/src/lib/libcrypto/asn1/a_object.c b/src/lib/libcrypto/asn1/a_object.c
deleted file mode 100644
index 7bcabec034..0000000000
--- a/src/lib/libcrypto/asn1/a_object.c
+++ /dev/null
@@ -1,405 +0,0 @@
1/* $OpenBSD: a_object.c,v 1.24 2015/02/10 08:33:10 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <limits.h>
60#include <stdio.h>
61#include <string.h>
62
63#include <openssl/asn1.h>
64#include <openssl/bn.h>
65#include <openssl/err.h>
66#include <openssl/buffer.h>
67#include <openssl/objects.h>
68
69int
70i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
71{
72 unsigned char *p;
73 int objsize;
74
75 if ((a == NULL) || (a->data == NULL))
76 return (0);
77
78 objsize = ASN1_object_size(0, a->length, V_ASN1_OBJECT);
79 if (pp == NULL)
80 return objsize;
81
82 p = *pp;
83 ASN1_put_object(&p, 0, a->length, V_ASN1_OBJECT, V_ASN1_UNIVERSAL);
84 memcpy(p, a->data, a->length);
85 p += a->length;
86
87 *pp = p;
88 return (objsize);
89}
90
91int
92a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
93{
94 int i, first, len = 0, c, use_bn;
95 char ftmp[24], *tmp = ftmp;
96 int tmpsize = sizeof ftmp;
97 const char *p;
98 unsigned long l;
99 BIGNUM *bl = NULL;
100
101 if (num == 0)
102 return (0);
103 else if (num == -1)
104 num = strlen(buf);
105
106 p = buf;
107 c = *(p++);
108 num--;
109 if ((c >= '0') && (c <= '2')) {
110 first= c-'0';
111 } else {
112 ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_FIRST_NUM_TOO_LARGE);
113 goto err;
114 }
115
116 if (num <= 0) {
117 ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_MISSING_SECOND_NUMBER);
118 goto err;
119 }
120 c = *(p++);
121 num--;
122 for (;;) {
123 if (num <= 0)
124 break;
125 if ((c != '.') && (c != ' ')) {
126 ASN1err(ASN1_F_A2D_ASN1_OBJECT,
127 ASN1_R_INVALID_SEPARATOR);
128 goto err;
129 }
130 l = 0;
131 use_bn = 0;
132 for (;;) {
133 if (num <= 0)
134 break;
135 num--;
136 c = *(p++);
137 if ((c == ' ') || (c == '.'))
138 break;
139 if ((c < '0') || (c > '9')) {
140 ASN1err(ASN1_F_A2D_ASN1_OBJECT,
141 ASN1_R_INVALID_DIGIT);
142 goto err;
143 }
144 if (!use_bn && l >= ((ULONG_MAX - 80) / 10L)) {
145 use_bn = 1;
146 if (!bl)
147 bl = BN_new();
148 if (!bl || !BN_set_word(bl, l))
149 goto err;
150 }
151 if (use_bn) {
152 if (!BN_mul_word(bl, 10L) ||
153 !BN_add_word(bl, c-'0'))
154 goto err;
155 } else
156 l = l * 10L + (long)(c - '0');
157 }
158 if (len == 0) {
159 if ((first < 2) && (l >= 40)) {
160 ASN1err(ASN1_F_A2D_ASN1_OBJECT,
161 ASN1_R_SECOND_NUMBER_TOO_LARGE);
162 goto err;
163 }
164 if (use_bn) {
165 if (!BN_add_word(bl, first * 40))
166 goto err;
167 } else
168 l += (long)first * 40;
169 }
170 i = 0;
171 if (use_bn) {
172 int blsize;
173 blsize = BN_num_bits(bl);
174 blsize = (blsize + 6) / 7;
175 if (blsize > tmpsize) {
176 if (tmp != ftmp)
177 free(tmp);
178 tmpsize = blsize + 32;
179 tmp = malloc(tmpsize);
180 if (!tmp)
181 goto err;
182 }
183 while (blsize--)
184 tmp[i++] = (unsigned char)BN_div_word(bl, 0x80L);
185 } else {
186
187 for (;;) {
188 tmp[i++] = (unsigned char)l & 0x7f;
189 l >>= 7L;
190 if (l == 0L)
191 break;
192 }
193
194 }
195 if (out != NULL) {
196 if (len + i > olen) {
197 ASN1err(ASN1_F_A2D_ASN1_OBJECT,
198 ASN1_R_BUFFER_TOO_SMALL);
199 goto err;
200 }
201 while (--i > 0)
202 out[len++] = tmp[i]|0x80;
203 out[len++] = tmp[0];
204 } else
205 len += i;
206 }
207 if (tmp != ftmp)
208 free(tmp);
209 BN_free(bl);
210 return (len);
211
212err:
213 if (tmp != ftmp)
214 free(tmp);
215 BN_free(bl);
216 return (0);
217}
218
219int
220i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a)
221{
222 return OBJ_obj2txt(buf, buf_len, a, 0);
223}
224
225int
226i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
227{
228 char buf[80], *p = buf;
229 int i;
230
231 if ((a == NULL) || (a->data == NULL))
232 return(BIO_write(bp, "NULL",4));
233 i = i2t_ASN1_OBJECT(buf, sizeof buf, a);
234 if (i > (int)(sizeof(buf) - 1)) {
235 p = malloc(i + 1);
236 if (!p)
237 return -1;
238 i2t_ASN1_OBJECT(p, i + 1, a);
239 }
240 if (i <= 0)
241 return BIO_write(bp, "<INVALID>", 9);
242 BIO_write(bp, p, i);
243 if (p != buf)
244 free(p);
245 return (i);
246}
247
248ASN1_OBJECT *
249d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, long length)
250{
251 const unsigned char *p;
252 long len;
253 int tag, xclass;
254 int inf, i;
255 ASN1_OBJECT *ret = NULL;
256
257 p = *pp;
258 inf = ASN1_get_object(&p, &len, &tag, &xclass, length);
259 if (inf & 0x80) {
260 i = ASN1_R_BAD_OBJECT_HEADER;
261 goto err;
262 }
263
264 if (tag != V_ASN1_OBJECT) {
265 i = ASN1_R_EXPECTING_AN_OBJECT;
266 goto err;
267 }
268 ret = c2i_ASN1_OBJECT(a, &p, len);
269 if (ret)
270 *pp = p;
271 return ret;
272
273err:
274 ASN1err(ASN1_F_D2I_ASN1_OBJECT, i);
275 return (NULL);
276}
277
278ASN1_OBJECT *
279c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, long len)
280{
281 ASN1_OBJECT *ret = NULL;
282 const unsigned char *p;
283 unsigned char *data;
284 int i, length;
285
286 /*
287 * Sanity check OID encoding:
288 * - need at least one content octet
289 * - MSB must be clear in the last octet
290 * - can't have leading 0x80 in subidentifiers, see: X.690 8.19.2
291 */
292 if (len <= 0 || len > INT_MAX || pp == NULL || (p = *pp) == NULL ||
293 p[len - 1] & 0x80) {
294 ASN1err(ASN1_F_C2I_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING);
295 return (NULL);
296 }
297
298 /* Now 0 < len <= INT_MAX, so the cast is safe. */
299 length = (int)len;
300 for (i = 0; i < length; i++, p++) {
301 if (*p == 0x80 && (!i || !(p[-1] & 0x80))) {
302 ASN1err(ASN1_F_C2I_ASN1_OBJECT,
303 ASN1_R_INVALID_OBJECT_ENCODING);
304 return NULL;
305 }
306 }
307
308 /* only the ASN1_OBJECTs from the 'table' will have values
309 * for ->sn or ->ln */
310 if ((a == NULL) || ((*a) == NULL) ||
311 !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC)) {
312 if ((ret = ASN1_OBJECT_new()) == NULL)
313 return (NULL);
314 } else
315 ret = (*a);
316
317 p = *pp;
318 /* detach data from object */
319 data = (unsigned char *)ret->data;
320 ret->data = NULL;
321 /* once detached we can change it */
322 if ((data == NULL) || (ret->length < length)) {
323 ret->length = 0;
324 free(data);
325 data = malloc(length);
326 if (data == NULL) {
327 i = ERR_R_MALLOC_FAILURE;
328 goto err;
329 }
330 ret->flags |= ASN1_OBJECT_FLAG_DYNAMIC_DATA;
331 }
332 memcpy(data, p, length);
333 /* reattach data to object, after which it remains const */
334 ret->data = data;
335 ret->length = length;
336 ret->sn = NULL;
337 ret->ln = NULL;
338 /* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */
339 p += length;
340
341 if (a != NULL)
342 (*a) = ret;
343 *pp = p;
344 return (ret);
345
346err:
347 ASN1err(ASN1_F_C2I_ASN1_OBJECT, i);
348 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
349 ASN1_OBJECT_free(ret);
350 return (NULL);
351}
352
353ASN1_OBJECT *
354ASN1_OBJECT_new(void)
355{
356 ASN1_OBJECT *ret;
357
358 ret = malloc(sizeof(ASN1_OBJECT));
359 if (ret == NULL) {
360 ASN1err(ASN1_F_ASN1_OBJECT_NEW, ERR_R_MALLOC_FAILURE);
361 return (NULL);
362 }
363 ret->length = 0;
364 ret->data = NULL;
365 ret->nid = 0;
366 ret->sn = NULL;
367 ret->ln = NULL;
368 ret->flags = ASN1_OBJECT_FLAG_DYNAMIC;
369 return (ret);
370}
371
372void
373ASN1_OBJECT_free(ASN1_OBJECT *a)
374{
375 if (a == NULL)
376 return;
377 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) {
378 free((void *)a->sn);
379 free((void *)a->ln);
380 a->sn = a->ln = NULL;
381 }
382 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) {
383 free((void *)a->data);
384 a->data = NULL;
385 a->length = 0;
386 }
387 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC)
388 free(a);
389}
390
391ASN1_OBJECT *
392ASN1_OBJECT_create(int nid, unsigned char *data, int len,
393 const char *sn, const char *ln)
394{
395 ASN1_OBJECT o;
396
397 o.sn = sn;
398 o.ln = ln;
399 o.data = data;
400 o.nid = nid;
401 o.length = len;
402 o.flags = ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS |
403 ASN1_OBJECT_FLAG_DYNAMIC_DATA;
404 return (OBJ_dup(&o));
405}
diff --git a/src/lib/libcrypto/asn1/a_octet.c b/src/lib/libcrypto/asn1/a_octet.c
deleted file mode 100644
index d998675d3f..0000000000
--- a/src/lib/libcrypto/asn1/a_octet.c
+++ /dev/null
@@ -1,79 +0,0 @@
1/* $OpenBSD: a_octet.c,v 1.10 2015/07/29 14:58:34 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/asn1.h>
62
63ASN1_OCTET_STRING *
64ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *x)
65{
66 return ASN1_STRING_dup(x);
67}
68
69int
70ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a, const ASN1_OCTET_STRING *b)
71{
72 return ASN1_STRING_cmp(a, b);
73}
74
75int
76ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, const unsigned char *d, int len)
77{
78 return ASN1_STRING_set(x, d, len);
79}
diff --git a/src/lib/libcrypto/asn1/a_print.c b/src/lib/libcrypto/asn1/a_print.c
deleted file mode 100644
index ddcee54c7d..0000000000
--- a/src/lib/libcrypto/asn1/a_print.c
+++ /dev/null
@@ -1,125 +0,0 @@
1/* $OpenBSD: a_print.c,v 1.11 2014/07/11 08:44:47 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/asn1.h>
62
63int
64ASN1_PRINTABLE_type(const unsigned char *s, int len)
65{
66 int c;
67 int ia5 = 0;
68 int t61 = 0;
69
70 if (len <= 0)
71 len = -1;
72 if (s == NULL)
73 return (V_ASN1_PRINTABLESTRING);
74
75 while ((*s) && (len-- != 0)) {
76 c= *(s++);
77 if (!(((c >= 'a') && (c <= 'z')) ||
78 ((c >= 'A') && (c <= 'Z')) ||
79 (c == ' ') ||
80 ((c >= '0') && (c <= '9')) ||
81 (c == ' ') || (c == '\'') ||
82 (c == '(') || (c == ')') ||
83 (c == '+') || (c == ',') ||
84 (c == '-') || (c == '.') ||
85 (c == '/') || (c == ':') ||
86 (c == '=') || (c == '?')))
87 ia5 = 1;
88 if (c & 0x80)
89 t61 = 1;
90 }
91 if (t61)
92 return (V_ASN1_T61STRING);
93 if (ia5)
94 return (V_ASN1_IA5STRING);
95 return (V_ASN1_PRINTABLESTRING);
96}
97
98int
99ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s)
100{
101 int i;
102 unsigned char *p;
103
104 if (s->type != V_ASN1_UNIVERSALSTRING)
105 return (0);
106 if ((s->length % 4) != 0)
107 return (0);
108 p = s->data;
109 for (i = 0; i < s->length; i += 4) {
110 if ((p[0] != '\0') || (p[1] != '\0') || (p[2] != '\0'))
111 break;
112 else
113 p += 4;
114 }
115 if (i < s->length)
116 return (0);
117 p = s->data;
118 for (i = 3; i < s->length; i += 4) {
119 *(p++) = s->data[i];
120 }
121 *(p) = '\0';
122 s->length /= 4;
123 s->type = ASN1_PRINTABLE_type(s->data, s->length);
124 return (1);
125}
diff --git a/src/lib/libcrypto/asn1/a_set.c b/src/lib/libcrypto/asn1/a_set.c
deleted file mode 100644
index 63d55c3714..0000000000
--- a/src/lib/libcrypto/asn1/a_set.c
+++ /dev/null
@@ -1,237 +0,0 @@
1/* $OpenBSD: a_set.c,v 1.17 2015/03/19 14:00:22 tedu Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61
62#include <openssl/asn1_mac.h>
63#include <openssl/err.h>
64
65#ifndef NO_ASN1_OLD
66
67typedef struct {
68 unsigned char *pbData;
69 int cbData;
70} MYBLOB;
71
72/* SetBlobCmp
73 * This function compares two elements of SET_OF block
74 */
75static int
76SetBlobCmp(const void *elem1, const void *elem2)
77{
78 const MYBLOB *b1 = (const MYBLOB *)elem1;
79 const MYBLOB *b2 = (const MYBLOB *)elem2;
80 int r;
81
82 r = memcmp(b1->pbData, b2->pbData,
83 b1->cbData < b2->cbData ? b1->cbData : b2->cbData);
84 if (r != 0)
85 return r;
86 return b1->cbData - b2->cbData;
87}
88
89/* int is_set: if TRUE, then sort the contents (i.e. it isn't a SEQUENCE) */
90int
91i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp, i2d_of_void *i2d,
92 int ex_tag, int ex_class, int is_set)
93{
94 int ret = 0, r;
95 int i;
96 unsigned char *p;
97 unsigned char *pStart, *pTempMem;
98 MYBLOB *rgSetBlob;
99 int totSize;
100
101 if (a == NULL)
102 return 0;
103 for (i = sk_OPENSSL_BLOCK_num(a) - 1; i >= 0; i--)
104 ret += i2d(sk_OPENSSL_BLOCK_value(a, i), NULL);
105 r = ASN1_object_size(1, ret, ex_tag);
106 if (pp == NULL)
107 return r;
108
109 p = *pp;
110 ASN1_put_object(&p, 1, ret, ex_tag, ex_class);
111
112 /* Modified by gp@nsj.co.jp */
113 /* And then again by Ben */
114 /* And again by Steve */
115
116 if (!is_set || (sk_OPENSSL_BLOCK_num(a) < 2)) {
117 for (i = 0; i < sk_OPENSSL_BLOCK_num(a); i++)
118 i2d(sk_OPENSSL_BLOCK_value(a, i), &p);
119
120 *pp = p;
121 return r;
122 }
123
124 pStart = p; /* Catch the beg of Setblobs*/
125 /* In this array we will store the SET blobs */
126 rgSetBlob = reallocarray(NULL, sk_OPENSSL_BLOCK_num(a), sizeof(MYBLOB));
127 if (rgSetBlob == NULL) {
128 ASN1err(ASN1_F_I2D_ASN1_SET, ERR_R_MALLOC_FAILURE);
129 return 0;
130 }
131
132 for (i = 0; i < sk_OPENSSL_BLOCK_num(a); i++) {
133 rgSetBlob[i].pbData = p; /* catch each set encode blob */
134 i2d(sk_OPENSSL_BLOCK_value(a, i), &p);
135 /* Length of this SetBlob */
136 rgSetBlob[i].cbData = p - rgSetBlob[i].pbData;
137 }
138 *pp = p;
139 totSize = p - pStart; /* This is the total size of all set blobs */
140
141 /* Now we have to sort the blobs. I am using a simple algo.
142 * Sort ptrs
143 * Copy to temp-mem
144 * Copy from temp-mem to user-mem
145 */
146 qsort(rgSetBlob, sk_OPENSSL_BLOCK_num(a), sizeof(MYBLOB), SetBlobCmp);
147 if ((pTempMem = malloc(totSize)) == NULL) {
148 free(rgSetBlob);
149 ASN1err(ASN1_F_I2D_ASN1_SET, ERR_R_MALLOC_FAILURE);
150 return 0;
151 }
152
153 /* Copy to temp mem */
154 p = pTempMem;
155 for (i = 0; i < sk_OPENSSL_BLOCK_num(a); ++i) {
156 memcpy(p, rgSetBlob[i].pbData, rgSetBlob[i].cbData);
157 p += rgSetBlob[i].cbData;
158 }
159
160 /* Copy back to user mem*/
161 memcpy(pStart, pTempMem, totSize);
162 free(pTempMem);
163 free(rgSetBlob);
164
165 return r;
166}
167
168STACK_OF(OPENSSL_BLOCK) *
169d2i_ASN1_SET(STACK_OF(OPENSSL_BLOCK) **a, const unsigned char **pp, long length,
170 d2i_of_void *d2i, void (*free_func)(OPENSSL_BLOCK), int ex_tag,
171 int ex_class)
172{
173 ASN1_const_CTX c;
174 STACK_OF(OPENSSL_BLOCK) *ret = NULL;
175
176 if (a == NULL || (*a) == NULL) {
177 if ((ret = sk_OPENSSL_BLOCK_new_null()) == NULL) {
178 ASN1err(ASN1_F_D2I_ASN1_SET, ERR_R_MALLOC_FAILURE);
179 goto err;
180 }
181 } else
182 ret = *a;
183
184 c.p = *pp;
185 c.max = (length == 0) ? 0 : (c.p + length);
186
187 c.inf = ASN1_get_object(&c.p, &c.slen, &c.tag, &c.xclass, c.max - c.p);
188 if (c.inf & 0x80)
189 goto err;
190 if (ex_class != c.xclass) {
191 ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_BAD_CLASS);
192 goto err;
193 }
194 if (ex_tag != c.tag) {
195 ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_BAD_TAG);
196 goto err;
197 }
198 if (c.slen + c.p > c.max) {
199 ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_LENGTH_ERROR);
200 goto err;
201 }
202 /* check for infinite constructed - it can be as long
203 * as the amount of data passed to us */
204 if (c.inf == (V_ASN1_CONSTRUCTED + 1))
205 c.slen = length + *pp - c.p;
206 c.max = c.p + c.slen;
207
208 while (c.p < c.max) {
209 char *s;
210
211 if (M_ASN1_D2I_end_sequence())
212 break;
213 if ((s = d2i(NULL, &c.p, c.slen)) == NULL) {
214 ASN1err(ASN1_F_D2I_ASN1_SET,
215 ASN1_R_ERROR_PARSING_SET_ELEMENT);
216 asn1_add_error(*pp, (int)(c.p - *pp));
217 goto err;
218 }
219 if (!sk_OPENSSL_BLOCK_push(ret, s))
220 goto err;
221 }
222 if (a != NULL)
223 *a = ret;
224 *pp = c.p;
225 return ret;
226
227err:
228 if (a == NULL || *a != ret) {
229 if (free_func != NULL)
230 sk_OPENSSL_BLOCK_pop_free(ret, free_func);
231 else
232 sk_OPENSSL_BLOCK_free(ret);
233 }
234 return NULL;
235}
236
237#endif
diff --git a/src/lib/libcrypto/asn1/a_sign.c b/src/lib/libcrypto/asn1/a_sign.c
deleted file mode 100644
index d9385312a7..0000000000
--- a/src/lib/libcrypto/asn1/a_sign.c
+++ /dev/null
@@ -1,240 +0,0 @@
1/* $OpenBSD: a_sign.c,v 1.20 2015/07/19 18:29:31 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58/* ====================================================================
59 * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
111
112#include <sys/types.h>
113
114#include <stdio.h>
115#include <time.h>
116
117#include <openssl/bn.h>
118#include <openssl/buffer.h>
119#include <openssl/err.h>
120#include <openssl/evp.h>
121#include <openssl/objects.h>
122#include <openssl/x509.h>
123
124#include "asn1_locl.h"
125
126int
127ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
128 ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey, const EVP_MD *type)
129{
130 EVP_MD_CTX ctx;
131 EVP_MD_CTX_init(&ctx);
132 if (!EVP_DigestSignInit(&ctx, NULL, type, NULL, pkey)) {
133 EVP_MD_CTX_cleanup(&ctx);
134 return 0;
135 }
136 return ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, &ctx);
137}
138
139
140int
141ASN1_item_sign_ctx(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
142 ASN1_BIT_STRING *signature, void *asn, EVP_MD_CTX *ctx)
143{
144 const EVP_MD *type;
145 EVP_PKEY *pkey;
146 unsigned char *buf_in = NULL, *buf_out = NULL;
147 size_t inl = 0, outl = 0, outll = 0;
148 int signid, paramtype;
149 int rv;
150
151 type = EVP_MD_CTX_md(ctx);
152 pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx);
153
154 if (!type || !pkey) {
155 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,
156 ASN1_R_CONTEXT_NOT_INITIALISED);
157 return 0;
158 }
159
160 if (pkey->ameth->item_sign) {
161 rv = pkey->ameth->item_sign(ctx, it, asn, algor1, algor2,
162 signature);
163 if (rv == 1)
164 outl = signature->length;
165 /* Return value meanings:
166 * <=0: error.
167 * 1: method does everything.
168 * 2: carry on as normal.
169 * 3: ASN1 method sets algorithm identifiers: just sign.
170 */
171 if (rv <= 0)
172 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_EVP_LIB);
173 if (rv <= 1)
174 goto err;
175 } else
176 rv = 2;
177
178 if (rv == 2) {
179 if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) {
180 if (!pkey->ameth ||
181 !OBJ_find_sigid_by_algs(&signid,
182 EVP_MD_nid(type), pkey->ameth->pkey_id)) {
183 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX,
184 ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED);
185 return 0;
186 }
187 } else
188 signid = type->pkey_type;
189
190 if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL)
191 paramtype = V_ASN1_NULL;
192 else
193 paramtype = V_ASN1_UNDEF;
194
195 if (algor1)
196 X509_ALGOR_set0(algor1,
197 OBJ_nid2obj(signid), paramtype, NULL);
198 if (algor2)
199 X509_ALGOR_set0(algor2,
200 OBJ_nid2obj(signid), paramtype, NULL);
201
202 }
203
204 inl = ASN1_item_i2d(asn, &buf_in, it);
205 outll = outl = EVP_PKEY_size(pkey);
206 buf_out = malloc(outl);
207 if ((buf_in == NULL) || (buf_out == NULL)) {
208 outl = 0;
209 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_MALLOC_FAILURE);
210 goto err;
211 }
212
213 if (!EVP_DigestSignUpdate(ctx, buf_in, inl) ||
214 !EVP_DigestSignFinal(ctx, buf_out, &outl)) {
215 outl = 0;
216 ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_EVP_LIB);
217 goto err;
218 }
219 free(signature->data);
220 signature->data = buf_out;
221 buf_out = NULL;
222 signature->length = outl;
223 /* In the interests of compatibility, I'll make sure that
224 * the bit string has a 'not-used bits' value of 0
225 */
226 signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
227 signature->flags |= ASN1_STRING_FLAG_BITS_LEFT;
228
229err:
230 EVP_MD_CTX_cleanup(ctx);
231 if (buf_in != NULL) {
232 OPENSSL_cleanse((char *)buf_in, inl);
233 free(buf_in);
234 }
235 if (buf_out != NULL) {
236 OPENSSL_cleanse((char *)buf_out, outll);
237 free(buf_out);
238 }
239 return (outl);
240}
diff --git a/src/lib/libcrypto/asn1/a_strex.c b/src/lib/libcrypto/asn1/a_strex.c
deleted file mode 100644
index f60a70d94d..0000000000
--- a/src/lib/libcrypto/asn1/a_strex.c
+++ /dev/null
@@ -1,646 +0,0 @@
1/* $OpenBSD: a_strex.c,v 1.25 2015/02/07 13:19:15 doug Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <string.h>
61
62#include <openssl/asn1.h>
63#include <openssl/crypto.h>
64#include <openssl/x509.h>
65
66#include "asn1_locl.h"
67
68#include "charmap.h"
69
70/* ASN1_STRING_print_ex() and X509_NAME_print_ex().
71 * Enhanced string and name printing routines handling
72 * multibyte characters, RFC2253 and a host of other
73 * options.
74 */
75
76#define CHARTYPE_BS_ESC (ASN1_STRFLGS_ESC_2253 | CHARTYPE_FIRST_ESC_2253 | CHARTYPE_LAST_ESC_2253)
77
78#define ESC_FLAGS (ASN1_STRFLGS_ESC_2253 | \
79 ASN1_STRFLGS_ESC_QUOTE | \
80 ASN1_STRFLGS_ESC_CTRL | \
81 ASN1_STRFLGS_ESC_MSB)
82
83
84/* Three IO functions for sending data to memory, a BIO and
85 * and a FILE pointer.
86 */
87static int
88send_bio_chars(void *arg, const void *buf, int len)
89{
90 if (!arg)
91 return 1;
92 if (BIO_write(arg, buf, len) != len)
93 return 0;
94 return 1;
95}
96
97static int
98send_fp_chars(void *arg, const void *buf, int len)
99{
100 if (!arg)
101 return 1;
102 if (fwrite(buf, 1, (size_t)len, arg) != (size_t)len)
103 return 0;
104 return 1;
105}
106
107typedef int char_io(void *arg, const void *buf, int len);
108
109/* This function handles display of
110 * strings, one character at a time.
111 * It is passed an unsigned long for each
112 * character because it could come from 2 or even
113 * 4 byte forms.
114 */
115
116static int
117do_esc_char(unsigned long c, unsigned char flags, char *do_quotes,
118 char_io *io_ch, void *arg)
119{
120 unsigned char chflgs, chtmp;
121 char tmphex[sizeof(long) * 2 + 3];
122
123 if (c > 0xffffffffL)
124 return -1;
125 if (c > 0xffff) {
126 snprintf(tmphex, sizeof tmphex, "\\W%08lX", c);
127 if (!io_ch(arg, tmphex, 10))
128 return -1;
129 return 10;
130 }
131 if (c > 0xff) {
132 snprintf(tmphex, sizeof tmphex, "\\U%04lX", c);
133 if (!io_ch(arg, tmphex, 6))
134 return -1;
135 return 6;
136 }
137 chtmp = (unsigned char)c;
138 if (chtmp > 0x7f)
139 chflgs = flags & ASN1_STRFLGS_ESC_MSB;
140 else
141 chflgs = char_type[chtmp] & flags;
142 if (chflgs & CHARTYPE_BS_ESC) {
143 /* If we don't escape with quotes, signal we need quotes */
144 if (chflgs & ASN1_STRFLGS_ESC_QUOTE) {
145 if (do_quotes)
146 *do_quotes = 1;
147 if (!io_ch(arg, &chtmp, 1))
148 return -1;
149 return 1;
150 }
151 if (!io_ch(arg, "\\", 1))
152 return -1;
153 if (!io_ch(arg, &chtmp, 1))
154 return -1;
155 return 2;
156 }
157 if (chflgs & (ASN1_STRFLGS_ESC_CTRL|ASN1_STRFLGS_ESC_MSB)) {
158 snprintf(tmphex, sizeof tmphex, "\\%02X", chtmp);
159 if (!io_ch(arg, tmphex, 3))
160 return -1;
161 return 3;
162 }
163 /* If we get this far and do any escaping at all must escape
164 * the escape character itself: backslash.
165 */
166 if (chtmp == '\\' && flags & ESC_FLAGS) {
167 if (!io_ch(arg, "\\\\", 2))
168 return -1;
169 return 2;
170 }
171 if (!io_ch(arg, &chtmp, 1))
172 return -1;
173 return 1;
174}
175
176#define BUF_TYPE_WIDTH_MASK 0x7
177#define BUF_TYPE_CONVUTF8 0x8
178
179/* This function sends each character in a buffer to
180 * do_esc_char(). It interprets the content formats
181 * and converts to or from UTF8 as appropriate.
182 */
183
184static int
185do_buf(unsigned char *buf, int buflen, int type, unsigned char flags,
186 char *quotes, char_io *io_ch, void *arg)
187{
188 int i, outlen, len;
189 unsigned char orflags, *p, *q;
190 unsigned long c;
191
192 p = buf;
193 q = buf + buflen;
194 outlen = 0;
195 while (p != q) {
196 if (p == buf && flags & ASN1_STRFLGS_ESC_2253)
197 orflags = CHARTYPE_FIRST_ESC_2253;
198 else
199 orflags = 0;
200 switch (type & BUF_TYPE_WIDTH_MASK) {
201 case 4:
202 c = ((unsigned long)*p++) << 24;
203 c |= ((unsigned long)*p++) << 16;
204 c |= ((unsigned long)*p++) << 8;
205 c |= *p++;
206 if (c > UNICODE_MAX || UNICODE_IS_SURROGATE(c))
207 return -1;
208 break;
209
210 case 2:
211 c = ((unsigned long)*p++) << 8;
212 c |= *p++;
213 if (UNICODE_IS_SURROGATE(c))
214 return -1;
215 break;
216
217 case 1:
218 c = *p++;
219 break;
220
221 case 0:
222 i = UTF8_getc(p, q - p, &c);
223 if (i < 0)
224 return -1; /* Invalid UTF8String */
225 p += i;
226 break;
227 default:
228 return -1; /* invalid width */
229 }
230 if (p == q && flags & ASN1_STRFLGS_ESC_2253)
231 orflags = CHARTYPE_LAST_ESC_2253;
232 if (type & BUF_TYPE_CONVUTF8) {
233 unsigned char utfbuf[6];
234 int utflen;
235
236 utflen = UTF8_putc(utfbuf, sizeof utfbuf, c);
237 if (utflen < 0)
238 return -1;
239 for (i = 0; i < utflen; i++) {
240 /* We don't need to worry about setting orflags correctly
241 * because if utflen==1 its value will be correct anyway
242 * otherwise each character will be > 0x7f and so the
243 * character will never be escaped on first and last.
244 */
245 len = do_esc_char(utfbuf[i],
246 (unsigned char)(flags | orflags), quotes,
247 io_ch, arg);
248 if (len < 0)
249 return -1;
250 outlen += len;
251 }
252 } else {
253 len = do_esc_char(c, (unsigned char)(flags | orflags),
254 quotes, io_ch, arg);
255 if (len < 0)
256 return -1;
257 outlen += len;
258 }
259 }
260 return outlen;
261}
262
263/* This function hex dumps a buffer of characters */
264
265static int
266do_hex_dump(char_io *io_ch, void *arg, unsigned char *buf, int buflen)
267{
268 static const char hexdig[] = "0123456789ABCDEF";
269 unsigned char *p, *q;
270 char hextmp[2];
271 if (arg) {
272 p = buf;
273 q = buf + buflen;
274 while (p != q) {
275 hextmp[0] = hexdig[*p >> 4];
276 hextmp[1] = hexdig[*p & 0xf];
277 if (!io_ch(arg, hextmp, 2))
278 return -1;
279 p++;
280 }
281 }
282 return buflen << 1;
283}
284
285/* "dump" a string. This is done when the type is unknown,
286 * or the flags request it. We can either dump the content
287 * octets or the entire DER encoding. This uses the RFC2253
288 * #01234 format.
289 */
290
291static int
292do_dump(unsigned long lflags, char_io *io_ch, void *arg, ASN1_STRING *str)
293{
294 /* Placing the ASN1_STRING in a temp ASN1_TYPE allows
295 * the DER encoding to readily obtained
296 */
297 ASN1_TYPE t;
298 unsigned char *der_buf, *p;
299 int outlen, der_len;
300
301 if (!io_ch(arg, "#", 1))
302 return -1;
303 /* If we don't dump DER encoding just dump content octets */
304 if (!(lflags & ASN1_STRFLGS_DUMP_DER)) {
305 outlen = do_hex_dump(io_ch, arg, str->data, str->length);
306 if (outlen < 0)
307 return -1;
308 return outlen + 1;
309 }
310 t.type = str->type;
311 t.value.ptr = (char *)str;
312 der_len = i2d_ASN1_TYPE(&t, NULL);
313 der_buf = malloc(der_len);
314 if (!der_buf)
315 return -1;
316 p = der_buf;
317 i2d_ASN1_TYPE(&t, &p);
318 outlen = do_hex_dump(io_ch, arg, der_buf, der_len);
319 free(der_buf);
320 if (outlen < 0)
321 return -1;
322 return outlen + 1;
323}
324
325/* Lookup table to convert tags to character widths,
326 * 0 = UTF8 encoded, -1 is used for non string types
327 * otherwise it is the number of bytes per character
328 */
329
330static const signed char tag2nbyte[] = {
331 -1, -1, -1, -1, -1, /* 0-4 */
332 -1, -1, -1, -1, -1, /* 5-9 */
333 -1, -1, 0, -1, /* 10-13 */
334 -1, -1, -1, -1, /* 15-17 */
335 -1, 1, 1, /* 18-20 */
336 -1, 1, 1, 1, /* 21-24 */
337 -1, 1, -1, /* 25-27 */
338 4, -1, 2 /* 28-30 */
339};
340
341/* This is the main function, print out an
342 * ASN1_STRING taking note of various escape
343 * and display options. Returns number of
344 * characters written or -1 if an error
345 * occurred.
346 */
347
348static int
349do_print_ex(char_io *io_ch, void *arg, unsigned long lflags, ASN1_STRING *str)
350{
351 int outlen, len;
352 int type;
353 char quotes;
354 unsigned char flags;
355
356 quotes = 0;
357 /* Keep a copy of escape flags */
358 flags = (unsigned char)(lflags & ESC_FLAGS);
359 type = str->type;
360 outlen = 0;
361
362 if (lflags & ASN1_STRFLGS_SHOW_TYPE) {
363 const char *tagname;
364 tagname = ASN1_tag2str(type);
365 outlen += strlen(tagname);
366 if (!io_ch(arg, tagname, outlen) || !io_ch(arg, ":", 1))
367 return -1;
368 outlen++;
369 }
370
371 /* Decide what to do with type, either dump content or display it */
372
373 /* Dump everything */
374 if (lflags & ASN1_STRFLGS_DUMP_ALL)
375 type = -1;
376 /* Ignore the string type */
377 else if (lflags & ASN1_STRFLGS_IGNORE_TYPE)
378 type = 1;
379 else {
380 /* Else determine width based on type */
381 if ((type > 0) && (type < 31))
382 type = tag2nbyte[type];
383 else
384 type = -1;
385 if ((type == -1) && !(lflags & ASN1_STRFLGS_DUMP_UNKNOWN))
386 type = 1;
387 }
388
389 if (type == -1) {
390 len = do_dump(lflags, io_ch, arg, str);
391 if (len < 0)
392 return -1;
393 outlen += len;
394 return outlen;
395 }
396
397 if (lflags & ASN1_STRFLGS_UTF8_CONVERT) {
398 /* Note: if string is UTF8 and we want
399 * to convert to UTF8 then we just interpret
400 * it as 1 byte per character to avoid converting
401 * twice.
402 */
403 if (!type)
404 type = 1;
405 else
406 type |= BUF_TYPE_CONVUTF8;
407 }
408
409 len = do_buf(str->data, str->length, type, flags, &quotes, io_ch, NULL);
410 if (len < 0)
411 return -1;
412 outlen += len;
413 if (quotes)
414 outlen += 2;
415 if (!arg)
416 return outlen;
417 if (quotes && !io_ch(arg, "\"", 1))
418 return -1;
419 if (do_buf(str->data, str->length, type, flags, NULL, io_ch, arg) < 0)
420 return -1;
421 if (quotes && !io_ch(arg, "\"", 1))
422 return -1;
423 return outlen;
424}
425
426/* Used for line indenting: print 'indent' spaces */
427
428static int
429do_indent(char_io *io_ch, void *arg, int indent)
430{
431 int i;
432 for (i = 0; i < indent; i++)
433 if (!io_ch(arg, " ", 1))
434 return 0;
435 return 1;
436}
437
438#define FN_WIDTH_LN 25
439#define FN_WIDTH_SN 10
440
441static int
442do_name_ex(char_io *io_ch, void *arg, X509_NAME *n, int indent,
443 unsigned long flags)
444{
445 int i, prev = -1, orflags, cnt;
446 int fn_opt, fn_nid;
447 ASN1_OBJECT *fn;
448 ASN1_STRING *val;
449 X509_NAME_ENTRY *ent;
450 char objtmp[80];
451 const char *objbuf;
452 int outlen, len;
453 char *sep_dn, *sep_mv, *sep_eq;
454 int sep_dn_len, sep_mv_len, sep_eq_len;
455
456 if (indent < 0)
457 indent = 0;
458 outlen = indent;
459 if (!do_indent(io_ch, arg, indent))
460 return -1;
461
462 switch (flags & XN_FLAG_SEP_MASK) {
463 case XN_FLAG_SEP_MULTILINE:
464 sep_dn = "\n";
465 sep_dn_len = 1;
466 sep_mv = " + ";
467 sep_mv_len = 3;
468 break;
469
470 case XN_FLAG_SEP_COMMA_PLUS:
471 sep_dn = ",";
472 sep_dn_len = 1;
473 sep_mv = "+";
474 sep_mv_len = 1;
475 indent = 0;
476 break;
477
478 case XN_FLAG_SEP_CPLUS_SPC:
479 sep_dn = ", ";
480 sep_dn_len = 2;
481 sep_mv = " + ";
482 sep_mv_len = 3;
483 indent = 0;
484 break;
485
486 case XN_FLAG_SEP_SPLUS_SPC:
487 sep_dn = "; ";
488 sep_dn_len = 2;
489 sep_mv = " + ";
490 sep_mv_len = 3;
491 indent = 0;
492 break;
493
494 default:
495 return -1;
496 }
497
498 if (flags & XN_FLAG_SPC_EQ) {
499 sep_eq = " = ";
500 sep_eq_len = 3;
501 } else {
502 sep_eq = "=";
503 sep_eq_len = 1;
504 }
505
506 fn_opt = flags & XN_FLAG_FN_MASK;
507
508 cnt = X509_NAME_entry_count(n);
509 for (i = 0; i < cnt; i++) {
510 if (flags & XN_FLAG_DN_REV)
511 ent = X509_NAME_get_entry(n, cnt - i - 1);
512 else
513 ent = X509_NAME_get_entry(n, i);
514 if (prev != -1) {
515 if (prev == ent->set) {
516 if (!io_ch(arg, sep_mv, sep_mv_len))
517 return -1;
518 outlen += sep_mv_len;
519 } else {
520 if (!io_ch(arg, sep_dn, sep_dn_len))
521 return -1;
522 outlen += sep_dn_len;
523 if (!do_indent(io_ch, arg, indent))
524 return -1;
525 outlen += indent;
526 }
527 }
528 prev = ent->set;
529 fn = X509_NAME_ENTRY_get_object(ent);
530 val = X509_NAME_ENTRY_get_data(ent);
531 fn_nid = OBJ_obj2nid(fn);
532 if (fn_opt != XN_FLAG_FN_NONE) {
533 int objlen, fld_len;
534 if ((fn_opt == XN_FLAG_FN_OID) ||
535 (fn_nid == NID_undef)) {
536 OBJ_obj2txt(objtmp, sizeof objtmp, fn, 1);
537 fld_len = 0; /* XXX: what should this be? */
538 objbuf = objtmp;
539 } else {
540 if (fn_opt == XN_FLAG_FN_SN) {
541 fld_len = FN_WIDTH_SN;
542 objbuf = OBJ_nid2sn(fn_nid);
543 } else if (fn_opt == XN_FLAG_FN_LN) {
544 fld_len = FN_WIDTH_LN;
545 objbuf = OBJ_nid2ln(fn_nid);
546 } else {
547 fld_len = 0; /* XXX: what should this be? */
548 objbuf = "";
549 }
550 }
551 objlen = strlen(objbuf);
552 if (!io_ch(arg, objbuf, objlen))
553 return -1;
554 if ((objlen < fld_len) && (flags & XN_FLAG_FN_ALIGN)) {
555 if (!do_indent(io_ch, arg, fld_len - objlen))
556 return -1;
557 outlen += fld_len - objlen;
558 }
559 if (!io_ch(arg, sep_eq, sep_eq_len))
560 return -1;
561 outlen += objlen + sep_eq_len;
562 }
563 /* If the field name is unknown then fix up the DER dump
564 * flag. We might want to limit this further so it will
565 * DER dump on anything other than a few 'standard' fields.
566 */
567 if ((fn_nid == NID_undef) &&
568 (flags & XN_FLAG_DUMP_UNKNOWN_FIELDS))
569 orflags = ASN1_STRFLGS_DUMP_ALL;
570 else
571 orflags = 0;
572
573 len = do_print_ex(io_ch, arg, flags | orflags, val);
574 if (len < 0)
575 return -1;
576 outlen += len;
577 }
578 return outlen;
579}
580
581/* Wrappers round the main functions */
582
583int
584X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags)
585{
586 if (flags == XN_FLAG_COMPAT)
587 return X509_NAME_print(out, nm, indent);
588 return do_name_ex(send_bio_chars, out, nm, indent, flags);
589}
590
591int
592X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags)
593{
594 if (flags == XN_FLAG_COMPAT) {
595 BIO *btmp;
596 int ret;
597 btmp = BIO_new_fp(fp, BIO_NOCLOSE);
598 if (!btmp)
599 return -1;
600 ret = X509_NAME_print(btmp, nm, indent);
601 BIO_free(btmp);
602 return ret;
603 }
604 return do_name_ex(send_fp_chars, fp, nm, indent, flags);
605}
606
607int
608ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags)
609{
610 return do_print_ex(send_bio_chars, out, flags, str);
611}
612
613int
614ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags)
615{
616 return do_print_ex(send_fp_chars, fp, flags, str);
617}
618
619/* Utility function: convert any string type to UTF8, returns number of bytes
620 * in output string or a negative error code
621 */
622
623int
624ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in)
625{
626 ASN1_STRING stmp, *str = &stmp;
627 int mbflag, type, ret;
628
629 if (!in)
630 return -1;
631 type = in->type;
632 if ((type < 0) || (type > 30))
633 return -1;
634 mbflag = tag2nbyte[type];
635 if (mbflag == -1)
636 return -1;
637 mbflag |= MBSTRING_FLAG;
638 stmp.data = NULL;
639 stmp.length = 0;
640 ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag,
641 B_ASN1_UTF8STRING);
642 if (ret < 0)
643 return ret;
644 *out = stmp.data;
645 return stmp.length;
646}
diff --git a/src/lib/libcrypto/asn1/a_strnid.c b/src/lib/libcrypto/asn1/a_strnid.c
deleted file mode 100644
index 0744ffb228..0000000000
--- a/src/lib/libcrypto/asn1/a_strnid.c
+++ /dev/null
@@ -1,292 +0,0 @@
1/* $OpenBSD: a_strnid.c,v 1.19 2015/02/10 11:22:21 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <ctype.h>
60#include <stdio.h>
61#include <string.h>
62
63#include <openssl/asn1.h>
64#include <openssl/err.h>
65#include <openssl/objects.h>
66
67static STACK_OF(ASN1_STRING_TABLE) *stable = NULL;
68static void st_free(ASN1_STRING_TABLE *tbl);
69static int sk_table_cmp(const ASN1_STRING_TABLE * const *a,
70 const ASN1_STRING_TABLE * const *b);
71
72
73/* This is the global mask for the mbstring functions: this is use to
74 * mask out certain types (such as BMPString and UTF8String) because
75 * certain software (e.g. Netscape) has problems with them.
76 */
77
78static unsigned long global_mask = B_ASN1_UTF8STRING;
79
80void
81ASN1_STRING_set_default_mask(unsigned long mask)
82{
83 global_mask = mask;
84}
85
86unsigned long
87ASN1_STRING_get_default_mask(void)
88{
89 return global_mask;
90}
91
92/* This function sets the default to various "flavours" of configuration.
93 * based on an ASCII string. Currently this is:
94 * MASK:XXXX : a numerical mask value.
95 * nobmp : Don't use BMPStrings (just Printable, T61).
96 * pkix : PKIX recommendation in RFC2459.
97 * utf8only : only use UTF8Strings (RFC2459 recommendation for 2004).
98 * default: the default value, Printable, T61, BMP.
99 */
100
101int
102ASN1_STRING_set_default_mask_asc(const char *p)
103{
104 unsigned long mask;
105 char *end;
106
107 if (!strncmp(p, "MASK:", 5)) {
108 if (!p[5])
109 return 0;
110 mask = strtoul(p + 5, &end, 0);
111 if (*end)
112 return 0;
113 } else if (!strcmp(p, "nombstr"))
114 mask = ~((unsigned long)(B_ASN1_BMPSTRING|B_ASN1_UTF8STRING));
115 else if (!strcmp(p, "pkix"))
116 mask = ~((unsigned long)B_ASN1_T61STRING);
117 else if (!strcmp(p, "utf8only"))
118 mask = B_ASN1_UTF8STRING;
119 else if (!strcmp(p, "default"))
120 mask = 0xFFFFFFFFL;
121 else
122 return 0;
123 ASN1_STRING_set_default_mask(mask);
124 return 1;
125}
126
127/* The following function generates an ASN1_STRING based on limits in a table.
128 * Frequently the types and length of an ASN1_STRING are restricted by a
129 * corresponding OID. For example certificates and certificate requests.
130 */
131
132ASN1_STRING *
133ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in, int inlen,
134 int inform, int nid)
135{
136 ASN1_STRING_TABLE *tbl;
137 ASN1_STRING *str = NULL;
138 unsigned long mask;
139 int ret;
140 if (!out)
141 out = &str;
142 tbl = ASN1_STRING_TABLE_get(nid);
143 if (tbl) {
144 mask = tbl->mask;
145 if (!(tbl->flags & STABLE_NO_MASK))
146 mask &= global_mask;
147 ret = ASN1_mbstring_ncopy(out, in, inlen, inform, mask,
148 tbl->minsize, tbl->maxsize);
149 } else
150 ret = ASN1_mbstring_copy(out, in, inlen, inform,
151 DIRSTRING_TYPE & global_mask);
152 if (ret <= 0)
153 return NULL;
154 return *out;
155}
156
157/* Now the tables and helper functions for the string table:
158 */
159
160/* size limits: this stuff is taken straight from RFC3280 */
161
162#define ub_name 32768
163#define ub_common_name 64
164#define ub_locality_name 128
165#define ub_state_name 128
166#define ub_organization_name 64
167#define ub_organization_unit_name 64
168#define ub_title 64
169#define ub_email_address 128
170#define ub_serial_number 64
171
172
173/* This table must be kept in NID order */
174
175static const ASN1_STRING_TABLE tbl_standard[] = {
176 {NID_commonName, 1, ub_common_name, DIRSTRING_TYPE, 0},
177 {NID_countryName, 2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
178 {NID_localityName, 1, ub_locality_name, DIRSTRING_TYPE, 0},
179 {NID_stateOrProvinceName, 1, ub_state_name, DIRSTRING_TYPE, 0},
180 {NID_organizationName, 1, ub_organization_name, DIRSTRING_TYPE, 0},
181 {NID_organizationalUnitName, 1, ub_organization_unit_name, DIRSTRING_TYPE, 0},
182 {NID_pkcs9_emailAddress, 1, ub_email_address, B_ASN1_IA5STRING, STABLE_NO_MASK},
183 {NID_pkcs9_unstructuredName, 1, -1, PKCS9STRING_TYPE, 0},
184 {NID_pkcs9_challengePassword, 1, -1, PKCS9STRING_TYPE, 0},
185 {NID_pkcs9_unstructuredAddress, 1, -1, DIRSTRING_TYPE, 0},
186 {NID_givenName, 1, ub_name, DIRSTRING_TYPE, 0},
187 {NID_surname, 1, ub_name, DIRSTRING_TYPE, 0},
188 {NID_initials, 1, ub_name, DIRSTRING_TYPE, 0},
189 {NID_serialNumber, 1, ub_serial_number, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
190 {NID_friendlyName, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK},
191 {NID_name, 1, ub_name, DIRSTRING_TYPE, 0},
192 {NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
193 {NID_domainComponent, 1, -1, B_ASN1_IA5STRING, STABLE_NO_MASK},
194 {NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK}
195};
196
197static int
198sk_table_cmp(const ASN1_STRING_TABLE * const *a,
199 const ASN1_STRING_TABLE * const *b)
200{
201 return (*a)->nid - (*b)->nid;
202}
203
204DECLARE_OBJ_BSEARCH_CMP_FN(ASN1_STRING_TABLE, ASN1_STRING_TABLE, table);
205
206static int
207table_cmp(const ASN1_STRING_TABLE *a, const ASN1_STRING_TABLE *b)
208{
209 return a->nid - b->nid;
210}
211
212IMPLEMENT_OBJ_BSEARCH_CMP_FN(ASN1_STRING_TABLE, ASN1_STRING_TABLE, table);
213
214ASN1_STRING_TABLE *
215ASN1_STRING_TABLE_get(int nid)
216{
217 int idx;
218 ASN1_STRING_TABLE *ttmp;
219 ASN1_STRING_TABLE fnd;
220
221 fnd.nid = nid;
222 ttmp = OBJ_bsearch_table(&fnd, tbl_standard,
223 sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE));
224 if (ttmp)
225 return ttmp;
226 if (!stable)
227 return NULL;
228 idx = sk_ASN1_STRING_TABLE_find(stable, &fnd);
229 if (idx < 0)
230 return NULL;
231 return sk_ASN1_STRING_TABLE_value(stable, idx);
232}
233
234int
235ASN1_STRING_TABLE_add(int nid, long minsize, long maxsize, unsigned long mask,
236 unsigned long flags)
237{
238 ASN1_STRING_TABLE *tmp;
239 char new_nid = 0;
240
241 flags &= ~STABLE_FLAGS_MALLOC;
242 if (!stable)
243 stable = sk_ASN1_STRING_TABLE_new(sk_table_cmp);
244 if (!stable) {
245 ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD, ERR_R_MALLOC_FAILURE);
246 return 0;
247 }
248 if (!(tmp = ASN1_STRING_TABLE_get(nid))) {
249 tmp = malloc(sizeof(ASN1_STRING_TABLE));
250 if (!tmp) {
251 ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD,
252 ERR_R_MALLOC_FAILURE);
253 return 0;
254 }
255 tmp->flags = flags | STABLE_FLAGS_MALLOC;
256 tmp->nid = nid;
257 new_nid = 1;
258 } else tmp->flags = (tmp->flags & STABLE_FLAGS_MALLOC) | flags;
259 if (minsize != -1)
260 tmp->minsize = minsize;
261 if (maxsize != -1)
262 tmp->maxsize = maxsize;
263 tmp->mask = mask;
264 if (new_nid) {
265 if (sk_ASN1_STRING_TABLE_push(stable, tmp) == 0) {
266 free(tmp);
267 ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD,
268 ERR_R_MALLOC_FAILURE);
269 return 0;
270 }
271 }
272 return 1;
273}
274
275void
276ASN1_STRING_TABLE_cleanup(void)
277{
278 STACK_OF(ASN1_STRING_TABLE) *tmp;
279
280 tmp = stable;
281 if (!tmp)
282 return;
283 stable = NULL;
284 sk_ASN1_STRING_TABLE_pop_free(tmp, st_free);
285}
286
287static void
288st_free(ASN1_STRING_TABLE *tbl)
289{
290 if (tbl->flags & STABLE_FLAGS_MALLOC)
291 free(tbl);
292}
diff --git a/src/lib/libcrypto/asn1/a_time.c b/src/lib/libcrypto/asn1/a_time.c
deleted file mode 100644
index f51a8b1fbe..0000000000
--- a/src/lib/libcrypto/asn1/a_time.c
+++ /dev/null
@@ -1,225 +0,0 @@
1/* $OpenBSD: a_time.c,v 1.24 2015/07/24 13:49:58 jsing Exp $ */
2/* ====================================================================
3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * licensing@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* This is an implementation of the ASN1 Time structure which is:
57 * Time ::= CHOICE {
58 * utcTime UTCTime,
59 * generalTime GeneralizedTime }
60 * written by Steve Henson.
61 */
62
63#include <stdio.h>
64#include <string.h>
65#include <time.h>
66
67#include <openssl/asn1t.h>
68#include <openssl/err.h>
69
70#include "o_time.h"
71
72
73const ASN1_ITEM ASN1_TIME_it = {
74 .itype = ASN1_ITYPE_MSTRING,
75 .utype = B_ASN1_TIME,
76 .templates = NULL,
77 .tcount = 0,
78 .funcs = NULL,
79 .size = sizeof(ASN1_STRING),
80 .sname = "ASN1_TIME",
81};
82
83
84ASN1_TIME *
85d2i_ASN1_TIME(ASN1_TIME **a, const unsigned char **in, long len)
86{
87 return (ASN1_TIME *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
88 &ASN1_TIME_it);
89}
90
91int
92i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **out)
93{
94 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_TIME_it);
95}
96
97ASN1_TIME *
98ASN1_TIME_new(void)
99{
100 return (ASN1_TIME *)ASN1_item_new(&ASN1_TIME_it);
101}
102
103void
104ASN1_TIME_free(ASN1_TIME *a)
105{
106 ASN1_item_free((ASN1_VALUE *)a, &ASN1_TIME_it);
107}
108
109ASN1_TIME *
110ASN1_TIME_set(ASN1_TIME *s, time_t t)
111{
112 return ASN1_TIME_adj(s, t, 0, 0);
113}
114
115ASN1_TIME *
116ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day, long offset_sec)
117{
118 struct tm *ts;
119 struct tm data;
120
121 ts = gmtime_r(&t, &data);
122 if (ts == NULL) {
123 ASN1err(ASN1_F_ASN1_TIME_ADJ, ASN1_R_ERROR_GETTING_TIME);
124 return NULL;
125 }
126 if (offset_day || offset_sec) {
127 if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
128 return NULL;
129 }
130 if ((ts->tm_year >= 50) && (ts->tm_year < 150))
131 return ASN1_UTCTIME_adj(s, t, offset_day, offset_sec);
132 return ASN1_GENERALIZEDTIME_adj(s, t, offset_day, offset_sec);
133}
134
135int
136ASN1_TIME_check(ASN1_TIME *t)
137{
138 if (t->type == V_ASN1_GENERALIZEDTIME)
139 return ASN1_GENERALIZEDTIME_check(t);
140 else if (t->type == V_ASN1_UTCTIME)
141 return ASN1_UTCTIME_check(t);
142 return 0;
143}
144
145/* Convert an ASN1_TIME structure to GeneralizedTime */
146static ASN1_GENERALIZEDTIME *
147ASN1_TIME_to_generalizedtime_internal(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out)
148{
149 ASN1_GENERALIZEDTIME *ret;
150 char *str;
151 int newlen;
152 int i;
153
154 if (!ASN1_TIME_check(t))
155 return NULL;
156
157 ret = *out;
158
159 /* If already GeneralizedTime just copy across */
160 if (t->type == V_ASN1_GENERALIZEDTIME) {
161 if (!ASN1_STRING_set(ret, t->data, t->length))
162 return NULL;
163 return ret;
164 }
165
166 /* grow the string */
167 if (!ASN1_STRING_set(ret, NULL, t->length + 2))
168 return NULL;
169 /* ASN1_STRING_set() allocated 'len + 1' bytes. */
170 newlen = t->length + 2 + 1;
171 str = (char *)ret->data;
172 /* XXX ASN1_TIME is not Y2050 compatible */
173 i = snprintf(str, newlen, "%s%s", (t->data[0] >= '5') ? "19" : "20",
174 (char *) t->data);
175 if (i == -1 || i >= newlen) {
176 M_ASN1_GENERALIZEDTIME_free(ret);
177 *out = NULL;
178 return NULL;
179 }
180 return ret;
181}
182
183ASN1_GENERALIZEDTIME *
184ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out)
185{
186 ASN1_GENERALIZEDTIME *tmp = NULL, *ret;
187
188 if (!out || !*out) {
189 if (!(tmp = ASN1_GENERALIZEDTIME_new()))
190 return NULL;
191 if (out != NULL)
192 *out = tmp;
193 else
194 out = &tmp;
195 }
196
197 ret = ASN1_TIME_to_generalizedtime_internal(t, out);
198 if (ret == NULL && tmp != NULL)
199 ASN1_GENERALIZEDTIME_free(tmp);
200
201 return ret;
202}
203
204int
205ASN1_TIME_set_string(ASN1_TIME *s, const char *str)
206{
207 ASN1_TIME t;
208
209 t.length = strlen(str);
210 t.data = (unsigned char *)str;
211 t.flags = 0;
212
213 t.type = V_ASN1_UTCTIME;
214
215 if (!ASN1_TIME_check(&t)) {
216 t.type = V_ASN1_GENERALIZEDTIME;
217 if (!ASN1_TIME_check(&t))
218 return 0;
219 }
220
221 if (s && !ASN1_STRING_copy((ASN1_STRING *)s, (ASN1_STRING *)&t))
222 return 0;
223
224 return 1;
225}
diff --git a/src/lib/libcrypto/asn1/a_type.c b/src/lib/libcrypto/asn1/a_type.c
deleted file mode 100644
index 38b3c65beb..0000000000
--- a/src/lib/libcrypto/asn1/a_type.c
+++ /dev/null
@@ -1,158 +0,0 @@
1/* $OpenBSD: a_type.c,v 1.16 2015/03/19 14:00:22 tedu Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/asn1t.h>
62#include <openssl/objects.h>
63
64int
65ASN1_TYPE_get(ASN1_TYPE *a)
66{
67 if ((a->value.ptr != NULL) || (a->type == V_ASN1_NULL))
68 return (a->type);
69 else
70 return (0);
71}
72
73void
74ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
75{
76 if (a->value.ptr != NULL) {
77 ASN1_TYPE **tmp_a = &a;
78 ASN1_primitive_free((ASN1_VALUE **)tmp_a, NULL);
79 }
80 a->type = type;
81 if (type == V_ASN1_BOOLEAN)
82 a->value.boolean = value ? 0xff : 0;
83 else
84 a->value.ptr = value;
85}
86
87int
88ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value)
89{
90 if (!value || (type == V_ASN1_BOOLEAN)) {
91 void *p = (void *)value;
92 ASN1_TYPE_set(a, type, p);
93 } else if (type == V_ASN1_OBJECT) {
94 ASN1_OBJECT *odup;
95 odup = OBJ_dup(value);
96 if (!odup)
97 return 0;
98 ASN1_TYPE_set(a, type, odup);
99 } else {
100 ASN1_STRING *sdup;
101 sdup = ASN1_STRING_dup(value);
102 if (!sdup)
103 return 0;
104 ASN1_TYPE_set(a, type, sdup);
105 }
106 return 1;
107}
108
109/* Returns 0 if they are equal, != 0 otherwise. */
110int
111ASN1_TYPE_cmp(ASN1_TYPE *a, ASN1_TYPE *b)
112{
113 int result = -1;
114
115 if (!a || !b || a->type != b->type)
116 return -1;
117
118 switch (a->type) {
119 case V_ASN1_OBJECT:
120 result = OBJ_cmp(a->value.object, b->value.object);
121 break;
122 case V_ASN1_BOOLEAN:
123 result = a->value.boolean - b->value.boolean;
124 break;
125 case V_ASN1_NULL:
126 result = 0; /* They do not have content. */
127 break;
128
129 case V_ASN1_INTEGER:
130 case V_ASN1_NEG_INTEGER:
131 case V_ASN1_ENUMERATED:
132 case V_ASN1_NEG_ENUMERATED:
133 case V_ASN1_BIT_STRING:
134 case V_ASN1_OCTET_STRING:
135 case V_ASN1_SEQUENCE:
136 case V_ASN1_SET:
137 case V_ASN1_NUMERICSTRING:
138 case V_ASN1_PRINTABLESTRING:
139 case V_ASN1_T61STRING:
140 case V_ASN1_VIDEOTEXSTRING:
141 case V_ASN1_IA5STRING:
142 case V_ASN1_UTCTIME:
143 case V_ASN1_GENERALIZEDTIME:
144 case V_ASN1_GRAPHICSTRING:
145 case V_ASN1_VISIBLESTRING:
146 case V_ASN1_GENERALSTRING:
147 case V_ASN1_UNIVERSALSTRING:
148 case V_ASN1_BMPSTRING:
149 case V_ASN1_UTF8STRING:
150 case V_ASN1_OTHER:
151 default:
152 result = ASN1_STRING_cmp((ASN1_STRING *)a->value.ptr,
153 (ASN1_STRING *)b->value.ptr);
154 break;
155 }
156
157 return result;
158}
diff --git a/src/lib/libcrypto/asn1/a_utf8.c b/src/lib/libcrypto/asn1/a_utf8.c
deleted file mode 100644
index 113a3a2e36..0000000000
--- a/src/lib/libcrypto/asn1/a_utf8.c
+++ /dev/null
@@ -1,199 +0,0 @@
1/* $OpenBSD: a_utf8.c,v 1.8 2014/07/11 08:44:47 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/asn1.h>
62
63#include "asn1_locl.h"
64
65/* UTF8 utilities */
66
67/*
68 * This parses a UTF8 string one character at a time. It is passed a pointer
69 * to the string and the length of the string. It sets 'value' to the value of
70 * the current character. It returns the number of characters read or a
71 * negative error code:
72 * -1 = string too short
73 * -2 = illegal character
74 * -3 = subsequent characters not of the form 10xxxxxx
75 * -4 = character encoded incorrectly (not minimal length).
76 */
77
78int
79UTF8_getc(const unsigned char *str, int len, unsigned long *val)
80{
81 const unsigned char *p;
82 unsigned long value;
83 int ret;
84 if (len <= 0)
85 return 0;
86 p = str;
87
88 /* Check syntax and work out the encoded value (if correct) */
89 if ((*p & 0x80) == 0) {
90 value = *p++ & 0x7f;
91 ret = 1;
92 } else if ((*p & 0xe0) == 0xc0) {
93 if (*p < 0xc2)
94 return -2;
95 if (len < 2)
96 return -1;
97 if ((p[1] & 0xc0) != 0x80)
98 return -3;
99 value = (*p++ & 0x1f) << 6;
100 value |= *p++ & 0x3f;
101 if (value < 0x80)
102 return -4;
103 ret = 2;
104 } else if ((*p & 0xf0) == 0xe0) {
105 if (len < 3)
106 return -1;
107 if (((p[1] & 0xc0) != 0x80) ||
108 ((p[2] & 0xc0) != 0x80))
109 return -3;
110 value = (*p++ & 0xf) << 12;
111 value |= (*p++ & 0x3f) << 6;
112 value |= *p++ & 0x3f;
113 if (value < 0x800)
114 return -4;
115 /* surrogate pair code points are not valid */
116 if (value >= 0xd800 && value < 0xe000)
117 return -2;
118 ret = 3;
119 } else if ((*p & 0xf8) == 0xf0 && (*p < 0xf5)) {
120 if (len < 4)
121 return -1;
122 if (((p[1] & 0xc0) != 0x80) ||
123 ((p[2] & 0xc0) != 0x80) ||
124 ((p[3] & 0xc0) != 0x80))
125 return -3;
126 value = ((unsigned long)(*p++ & 0x7)) << 18;
127 value |= (*p++ & 0x3f) << 12;
128 value |= (*p++ & 0x3f) << 6;
129 value |= *p++ & 0x3f;
130 if (value < 0x10000)
131 return -4;
132 if (value > UNICODE_MAX)
133 return -2;
134 ret = 4;
135 } else
136 return -2;
137 *val = value;
138 return ret;
139}
140
141/* This takes a Unicode code point 'value' and writes its UTF-8 encoded form
142 * in 'str' where 'str' is a buffer of at least length 'len'. If 'str'
143 * is NULL, then nothing is written and just the return code is determined.
144
145 * Returns less than zero on error:
146 * -1 if 'str' is not NULL and 'len' is too small
147 * -2 if 'value' is an invalid character (surrogate or out-of-range)
148 *
149 * Otherwise, returns the number of bytes in 'value's encoded form
150 * (i.e., the number of bytes written to 'str' when it's not NULL).
151 *
152 * It will need at most 4 characters.
153 */
154
155int
156UTF8_putc(unsigned char *str, int len, unsigned long value)
157{
158 if (value < 0x80) {
159 if (str != NULL) {
160 if (len < 1)
161 return -1;
162 str[0] = (unsigned char)value;
163 }
164 return 1;
165 }
166 if (value < 0x800) {
167 if (str != NULL) {
168 if (len < 2)
169 return -1;
170 str[0] = (unsigned char)(((value >> 6) & 0x1f) | 0xc0);
171 str[1] = (unsigned char)((value & 0x3f) | 0x80);
172 }
173 return 2;
174 }
175 if (value < 0x10000) {
176 if (UNICODE_IS_SURROGATE(value))
177 return -2;
178 if (str != NULL) {
179 if (len < 3)
180 return -1;
181 str[0] = (unsigned char)(((value >> 12) & 0xf) | 0xe0);
182 str[1] = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
183 str[2] = (unsigned char)((value & 0x3f) | 0x80);
184 }
185 return 3;
186 }
187 if (value <= UNICODE_MAX) {
188 if (str != NULL) {
189 if (len < 4)
190 return -1;
191 str[0] = (unsigned char)(((value >> 18) & 0x7) | 0xf0);
192 str[1] = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
193 str[2] = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
194 str[3] = (unsigned char)((value & 0x3f) | 0x80);
195 }
196 return 4;
197 }
198 return -2;
199}
diff --git a/src/lib/libcrypto/asn1/a_verify.c b/src/lib/libcrypto/asn1/a_verify.c
deleted file mode 100644
index 3fc79b78f6..0000000000
--- a/src/lib/libcrypto/asn1/a_verify.c
+++ /dev/null
@@ -1,172 +0,0 @@
1/* $OpenBSD: a_verify.c,v 1.21 2015/01/28 04:14:31 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <sys/types.h>
60
61#include <stdio.h>
62#include <time.h>
63
64#include <openssl/bn.h>
65#include <openssl/buffer.h>
66#include <openssl/err.h>
67#include <openssl/evp.h>
68#include <openssl/objects.h>
69#include <openssl/x509.h>
70
71#include "asn1_locl.h"
72
73int
74ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
75 ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey)
76{
77 EVP_MD_CTX ctx;
78 unsigned char *buf_in = NULL;
79 int ret = -1, inl;
80
81 int mdnid, pknid;
82
83 if (!pkey) {
84 ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_PASSED_NULL_PARAMETER);
85 return -1;
86 }
87
88 if (signature->type == V_ASN1_BIT_STRING && signature->flags & 0x7)
89 {
90 ASN1err(ASN1_F_ASN1_VERIFY,
91 ASN1_R_INVALID_BIT_STRING_BITS_LEFT);
92 return -1;
93 }
94
95 EVP_MD_CTX_init(&ctx);
96
97 /* Convert signature OID into digest and public key OIDs */
98 if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) {
99 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
100 ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
101 goto err;
102 }
103 if (mdnid == NID_undef) {
104 if (!pkey->ameth || !pkey->ameth->item_verify) {
105 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
106 ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
107 goto err;
108 }
109 ret = pkey->ameth->item_verify(&ctx, it, asn, a,
110 signature, pkey);
111 /* Return value of 2 means carry on, anything else means we
112 * exit straight away: either a fatal error of the underlying
113 * verification routine handles all verification.
114 */
115 if (ret != 2)
116 goto err;
117 ret = -1;
118 } else {
119 const EVP_MD *type;
120 type = EVP_get_digestbynid(mdnid);
121 if (type == NULL) {
122 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
123 ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
124 goto err;
125 }
126
127 /* Check public key OID matches public key type */
128 if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) {
129 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
130 ASN1_R_WRONG_PUBLIC_KEY_TYPE);
131 goto err;
132 }
133
134 if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)) {
135 ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
136 ret = 0;
137 goto err;
138 }
139
140 }
141
142 inl = ASN1_item_i2d(asn, &buf_in, it);
143
144 if (buf_in == NULL) {
145 ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_MALLOC_FAILURE);
146 goto err;
147 }
148
149 if (!EVP_DigestVerifyUpdate(&ctx, buf_in, inl)) {
150 ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
151 ret = 0;
152 goto err;
153 }
154
155 OPENSSL_cleanse(buf_in, (unsigned int)inl);
156 free(buf_in);
157
158 if (EVP_DigestVerifyFinal(&ctx, signature->data,
159 (size_t)signature->length) <= 0) {
160 ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
161 ret = 0;
162 goto err;
163 }
164 /* we don't need to zero the 'ctx' because we just checked
165 * public information */
166 /* memset(&ctx,0,sizeof(ctx)); */
167 ret = 1;
168
169err:
170 EVP_MD_CTX_cleanup(&ctx);
171 return (ret);
172}
diff --git a/src/lib/libcrypto/asn1/ameth_lib.c b/src/lib/libcrypto/asn1/ameth_lib.c
deleted file mode 100644
index 168321618c..0000000000
--- a/src/lib/libcrypto/asn1/ameth_lib.c
+++ /dev/null
@@ -1,457 +0,0 @@
1/* $OpenBSD: ameth_lib.c,v 1.15 2014/11/09 19:17:13 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006.
4 */
5/* ====================================================================
6 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <string.h>
61
62#include <openssl/opensslconf.h>
63
64#include <openssl/asn1t.h>
65#include <openssl/x509.h>
66
67#ifndef OPENSSL_NO_ENGINE
68#include <openssl/engine.h>
69#endif
70
71#include "asn1_locl.h"
72
73extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[];
74extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[];
75extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth;
76extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth;
77extern const EVP_PKEY_ASN1_METHOD gostr01_asn1_meths[];
78extern const EVP_PKEY_ASN1_METHOD gostimit_asn1_meth;
79extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth;
80extern const EVP_PKEY_ASN1_METHOD cmac_asn1_meth;
81
82/* Keep this sorted in type order !! */
83static const EVP_PKEY_ASN1_METHOD *standard_methods[] = {
84#ifndef OPENSSL_NO_RSA
85 &rsa_asn1_meths[0],
86 &rsa_asn1_meths[1],
87#endif
88#ifndef OPENSSL_NO_DH
89 &dh_asn1_meth,
90#endif
91#ifndef OPENSSL_NO_DSA
92 &dsa_asn1_meths[0],
93 &dsa_asn1_meths[1],
94 &dsa_asn1_meths[2],
95 &dsa_asn1_meths[3],
96 &dsa_asn1_meths[4],
97#endif
98#ifndef OPENSSL_NO_EC
99 &eckey_asn1_meth,
100#endif
101#ifndef OPENSSL_NO_GOST
102 &gostr01_asn1_meths[0],
103 &gostimit_asn1_meth,
104#endif
105 &hmac_asn1_meth,
106 &cmac_asn1_meth,
107#ifndef OPENSSL_NO_GOST
108 &gostr01_asn1_meths[1],
109 &gostr01_asn1_meths[2],
110#endif
111};
112
113typedef int sk_cmp_fn_type(const char * const *a, const char * const *b);
114DECLARE_STACK_OF(EVP_PKEY_ASN1_METHOD)
115static STACK_OF(EVP_PKEY_ASN1_METHOD) *app_methods = NULL;
116
117DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_ASN1_METHOD *,
118 const EVP_PKEY_ASN1_METHOD *, ameth);
119
120static int
121ameth_cmp(const EVP_PKEY_ASN1_METHOD * const *a,
122 const EVP_PKEY_ASN1_METHOD * const *b)
123{
124 return ((*a)->pkey_id - (*b)->pkey_id);
125}
126
127IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_ASN1_METHOD *,
128 const EVP_PKEY_ASN1_METHOD *, ameth);
129
130int
131EVP_PKEY_asn1_get_count(void)
132{
133 int num = sizeof(standard_methods) / sizeof(EVP_PKEY_ASN1_METHOD *);
134 if (app_methods)
135 num += sk_EVP_PKEY_ASN1_METHOD_num(app_methods);
136 return num;
137}
138
139const EVP_PKEY_ASN1_METHOD *
140EVP_PKEY_asn1_get0(int idx)
141{
142 int num = sizeof(standard_methods) / sizeof(EVP_PKEY_ASN1_METHOD *);
143 if (idx < 0)
144 return NULL;
145 if (idx < num)
146 return standard_methods[idx];
147 idx -= num;
148 return sk_EVP_PKEY_ASN1_METHOD_value(app_methods, idx);
149}
150
151static const EVP_PKEY_ASN1_METHOD *
152pkey_asn1_find(int type)
153{
154 EVP_PKEY_ASN1_METHOD tmp;
155 const EVP_PKEY_ASN1_METHOD *t = &tmp, **ret;
156 tmp.pkey_id = type;
157 if (app_methods) {
158 int idx;
159 idx = sk_EVP_PKEY_ASN1_METHOD_find(app_methods, &tmp);
160 if (idx >= 0)
161 return sk_EVP_PKEY_ASN1_METHOD_value(app_methods, idx);
162 }
163 ret = OBJ_bsearch_ameth(&t, standard_methods,
164 sizeof(standard_methods) / sizeof(EVP_PKEY_ASN1_METHOD *));
165 if (!ret || !*ret)
166 return NULL;
167 return *ret;
168}
169
170/* Find an implementation of an ASN1 algorithm. If 'pe' is not NULL
171 * also search through engines and set *pe to a functional reference
172 * to the engine implementing 'type' or NULL if no engine implements
173 * it.
174 */
175
176const EVP_PKEY_ASN1_METHOD *
177EVP_PKEY_asn1_find(ENGINE **pe, int type)
178{
179 const EVP_PKEY_ASN1_METHOD *t;
180
181 for (;;) {
182 t = pkey_asn1_find(type);
183 if (!t || !(t->pkey_flags & ASN1_PKEY_ALIAS))
184 break;
185 type = t->pkey_base_id;
186 }
187 if (pe) {
188#ifndef OPENSSL_NO_ENGINE
189 ENGINE *e;
190 /* type will contain the final unaliased type */
191 e = ENGINE_get_pkey_asn1_meth_engine(type);
192 if (e) {
193 *pe = e;
194 return ENGINE_get_pkey_asn1_meth(e, type);
195 }
196#endif
197 *pe = NULL;
198 }
199 return t;
200}
201
202const EVP_PKEY_ASN1_METHOD *
203EVP_PKEY_asn1_find_str(ENGINE **pe, const char *str, int len)
204{
205 int i;
206 const EVP_PKEY_ASN1_METHOD *ameth;
207 if (len == -1)
208 len = strlen(str);
209 if (pe) {
210#ifndef OPENSSL_NO_ENGINE
211 ENGINE *e;
212 ameth = ENGINE_pkey_asn1_find_str(&e, str, len);
213 if (ameth) {
214 /* Convert structural into
215 * functional reference
216 */
217 if (!ENGINE_init(e))
218 ameth = NULL;
219 ENGINE_free(e);
220 *pe = e;
221 return ameth;
222 }
223#endif
224 *pe = NULL;
225 }
226 for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) {
227 ameth = EVP_PKEY_asn1_get0(i);
228 if (ameth->pkey_flags & ASN1_PKEY_ALIAS)
229 continue;
230 if (((int)strlen(ameth->pem_str) == len) &&
231 !strncasecmp(ameth->pem_str, str, len))
232 return ameth;
233 }
234 return NULL;
235}
236
237int
238EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth)
239{
240 if (app_methods == NULL) {
241 app_methods = sk_EVP_PKEY_ASN1_METHOD_new(ameth_cmp);
242 if (!app_methods)
243 return 0;
244 }
245 if (!sk_EVP_PKEY_ASN1_METHOD_push(app_methods, ameth))
246 return 0;
247 sk_EVP_PKEY_ASN1_METHOD_sort(app_methods);
248 return 1;
249}
250
251int
252EVP_PKEY_asn1_add_alias(int to, int from)
253{
254 EVP_PKEY_ASN1_METHOD *ameth;
255
256 ameth = EVP_PKEY_asn1_new(from, ASN1_PKEY_ALIAS, NULL, NULL);
257 if (!ameth)
258 return 0;
259 ameth->pkey_base_id = to;
260 if (!EVP_PKEY_asn1_add0(ameth)) {
261 EVP_PKEY_asn1_free(ameth);
262 return 0;
263 }
264 return 1;
265}
266
267int
268EVP_PKEY_asn1_get0_info(int *ppkey_id, int *ppkey_base_id, int *ppkey_flags,
269 const char **pinfo, const char **ppem_str,
270 const EVP_PKEY_ASN1_METHOD *ameth)
271{
272 if (!ameth)
273 return 0;
274 if (ppkey_id)
275 *ppkey_id = ameth->pkey_id;
276 if (ppkey_base_id)
277 *ppkey_base_id = ameth->pkey_base_id;
278 if (ppkey_flags)
279 *ppkey_flags = ameth->pkey_flags;
280 if (pinfo)
281 *pinfo = ameth->info;
282 if (ppem_str)
283 *ppem_str = ameth->pem_str;
284 return 1;
285}
286
287const EVP_PKEY_ASN1_METHOD*
288EVP_PKEY_get0_asn1(EVP_PKEY *pkey)
289{
290 return pkey->ameth;
291}
292
293EVP_PKEY_ASN1_METHOD*
294EVP_PKEY_asn1_new(int id, int flags, const char *pem_str, const char *info)
295{
296 EVP_PKEY_ASN1_METHOD *ameth;
297
298 ameth = calloc(1, sizeof(EVP_PKEY_ASN1_METHOD));
299 if (!ameth)
300 return NULL;
301
302 ameth->pkey_id = id;
303 ameth->pkey_base_id = id;
304 ameth->pkey_flags = flags | ASN1_PKEY_DYNAMIC;
305
306 if (info) {
307 ameth->info = strdup(info);
308 if (!ameth->info)
309 goto err;
310 } else
311 ameth->info = NULL;
312
313 if (pem_str) {
314 ameth->pem_str = strdup(pem_str);
315 if (!ameth->pem_str)
316 goto err;
317 } else
318 ameth->pem_str = NULL;
319
320 ameth->pub_decode = 0;
321 ameth->pub_encode = 0;
322 ameth->pub_cmp = 0;
323 ameth->pub_print = 0;
324
325 ameth->priv_decode = 0;
326 ameth->priv_encode = 0;
327 ameth->priv_print = 0;
328
329 ameth->old_priv_encode = 0;
330 ameth->old_priv_decode = 0;
331
332 ameth->item_verify = 0;
333 ameth->item_sign = 0;
334
335 ameth->pkey_size = 0;
336 ameth->pkey_bits = 0;
337
338 ameth->param_decode = 0;
339 ameth->param_encode = 0;
340 ameth->param_missing = 0;
341 ameth->param_copy = 0;
342 ameth->param_cmp = 0;
343 ameth->param_print = 0;
344
345 ameth->pkey_free = 0;
346 ameth->pkey_ctrl = 0;
347
348 return ameth;
349
350err:
351 EVP_PKEY_asn1_free(ameth);
352 return NULL;
353}
354
355void
356EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst, const EVP_PKEY_ASN1_METHOD *src)
357{
358 dst->pub_decode = src->pub_decode;
359 dst->pub_encode = src->pub_encode;
360 dst->pub_cmp = src->pub_cmp;
361 dst->pub_print = src->pub_print;
362
363 dst->priv_decode = src->priv_decode;
364 dst->priv_encode = src->priv_encode;
365 dst->priv_print = src->priv_print;
366
367 dst->old_priv_encode = src->old_priv_encode;
368 dst->old_priv_decode = src->old_priv_decode;
369
370 dst->pkey_size = src->pkey_size;
371 dst->pkey_bits = src->pkey_bits;
372
373 dst->param_decode = src->param_decode;
374 dst->param_encode = src->param_encode;
375 dst->param_missing = src->param_missing;
376 dst->param_copy = src->param_copy;
377 dst->param_cmp = src->param_cmp;
378 dst->param_print = src->param_print;
379
380 dst->pkey_free = src->pkey_free;
381 dst->pkey_ctrl = src->pkey_ctrl;
382
383 dst->item_sign = src->item_sign;
384 dst->item_verify = src->item_verify;
385}
386
387void
388EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth)
389{
390 if (ameth && (ameth->pkey_flags & ASN1_PKEY_DYNAMIC)) {
391 free(ameth->pem_str);
392 free(ameth->info);
393 free(ameth);
394 }
395}
396
397void
398EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth,
399 int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub),
400 int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk),
401 int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
402 int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent,
403 ASN1_PCTX *pctx),
404 int (*pkey_size)(const EVP_PKEY *pk),
405 int (*pkey_bits)(const EVP_PKEY *pk))
406{
407 ameth->pub_decode = pub_decode;
408 ameth->pub_encode = pub_encode;
409 ameth->pub_cmp = pub_cmp;
410 ameth->pub_print = pub_print;
411 ameth->pkey_size = pkey_size;
412 ameth->pkey_bits = pkey_bits;
413}
414
415void
416EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth,
417 int (*priv_decode)(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf),
418 int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk),
419 int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent,
420 ASN1_PCTX *pctx))
421{
422 ameth->priv_decode = priv_decode;
423 ameth->priv_encode = priv_encode;
424 ameth->priv_print = priv_print;
425}
426
427void
428EVP_PKEY_asn1_set_param(EVP_PKEY_ASN1_METHOD *ameth,
429 int (*param_decode)(EVP_PKEY *pkey, const unsigned char **pder, int derlen),
430 int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder),
431 int (*param_missing)(const EVP_PKEY *pk),
432 int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from),
433 int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b),
434 int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent,
435 ASN1_PCTX *pctx))
436{
437 ameth->param_decode = param_decode;
438 ameth->param_encode = param_encode;
439 ameth->param_missing = param_missing;
440 ameth->param_copy = param_copy;
441 ameth->param_cmp = param_cmp;
442 ameth->param_print = param_print;
443}
444
445void
446EVP_PKEY_asn1_set_free(EVP_PKEY_ASN1_METHOD *ameth,
447 void (*pkey_free)(EVP_PKEY *pkey))
448{
449 ameth->pkey_free = pkey_free;
450}
451
452void
453EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth,
454 int (*pkey_ctrl)(EVP_PKEY *pkey, int op, long arg1, void *arg2))
455{
456 ameth->pkey_ctrl = pkey_ctrl;
457}
diff --git a/src/lib/libcrypto/asn1/asn1.h b/src/lib/libcrypto/asn1/asn1.h
deleted file mode 100644
index 5ec89db3f0..0000000000
--- a/src/lib/libcrypto/asn1/asn1.h
+++ /dev/null
@@ -1,1355 +0,0 @@
1/* $OpenBSD: asn1.h,v 1.29 2015/01/28 04:14:31 beck Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_ASN1_H
60#define HEADER_ASN1_H
61
62#include <time.h>
63
64#include <openssl/opensslconf.h>
65
66#ifndef OPENSSL_NO_BIO
67#include <openssl/bio.h>
68#endif
69#include <openssl/stack.h>
70#include <openssl/safestack.h>
71
72#include <openssl/ossl_typ.h>
73#ifndef OPENSSL_NO_DEPRECATED
74#include <openssl/bn.h>
75#endif
76
77#ifdef __cplusplus
78extern "C" {
79#endif
80
81#define V_ASN1_UNIVERSAL 0x00
82#define V_ASN1_APPLICATION 0x40
83#define V_ASN1_CONTEXT_SPECIFIC 0x80
84#define V_ASN1_PRIVATE 0xc0
85
86#define V_ASN1_CONSTRUCTED 0x20
87#define V_ASN1_PRIMITIVE_TAG 0x1f
88#define V_ASN1_PRIMATIVE_TAG 0x1f
89
90#define V_ASN1_APP_CHOOSE -2 /* let the recipient choose */
91#define V_ASN1_OTHER -3 /* used in ASN1_TYPE */
92#define V_ASN1_ANY -4 /* used in ASN1 template code */
93
94#define V_ASN1_NEG 0x100 /* negative flag */
95
96#define V_ASN1_UNDEF -1
97#define V_ASN1_EOC 0
98#define V_ASN1_BOOLEAN 1 /**/
99#define V_ASN1_INTEGER 2
100#define V_ASN1_NEG_INTEGER (2 | V_ASN1_NEG)
101#define V_ASN1_BIT_STRING 3
102#define V_ASN1_OCTET_STRING 4
103#define V_ASN1_NULL 5
104#define V_ASN1_OBJECT 6
105#define V_ASN1_OBJECT_DESCRIPTOR 7
106#define V_ASN1_EXTERNAL 8
107#define V_ASN1_REAL 9
108#define V_ASN1_ENUMERATED 10
109#define V_ASN1_NEG_ENUMERATED (10 | V_ASN1_NEG)
110#define V_ASN1_UTF8STRING 12
111#define V_ASN1_SEQUENCE 16
112#define V_ASN1_SET 17
113#define V_ASN1_NUMERICSTRING 18 /**/
114#define V_ASN1_PRINTABLESTRING 19
115#define V_ASN1_T61STRING 20
116#define V_ASN1_TELETEXSTRING 20 /* alias */
117#define V_ASN1_VIDEOTEXSTRING 21 /**/
118#define V_ASN1_IA5STRING 22
119#define V_ASN1_UTCTIME 23
120#define V_ASN1_GENERALIZEDTIME 24 /**/
121#define V_ASN1_GRAPHICSTRING 25 /**/
122#define V_ASN1_ISO64STRING 26 /**/
123#define V_ASN1_VISIBLESTRING 26 /* alias */
124#define V_ASN1_GENERALSTRING 27 /**/
125#define V_ASN1_UNIVERSALSTRING 28 /**/
126#define V_ASN1_BMPSTRING 30
127
128/* For use with d2i_ASN1_type_bytes() */
129#define B_ASN1_NUMERICSTRING 0x0001
130#define B_ASN1_PRINTABLESTRING 0x0002
131#define B_ASN1_T61STRING 0x0004
132#define B_ASN1_TELETEXSTRING 0x0004
133#define B_ASN1_VIDEOTEXSTRING 0x0008
134#define B_ASN1_IA5STRING 0x0010
135#define B_ASN1_GRAPHICSTRING 0x0020
136#define B_ASN1_ISO64STRING 0x0040
137#define B_ASN1_VISIBLESTRING 0x0040
138#define B_ASN1_GENERALSTRING 0x0080
139#define B_ASN1_UNIVERSALSTRING 0x0100
140#define B_ASN1_OCTET_STRING 0x0200
141#define B_ASN1_BIT_STRING 0x0400
142#define B_ASN1_BMPSTRING 0x0800
143#define B_ASN1_UNKNOWN 0x1000
144#define B_ASN1_UTF8STRING 0x2000
145#define B_ASN1_UTCTIME 0x4000
146#define B_ASN1_GENERALIZEDTIME 0x8000
147#define B_ASN1_SEQUENCE 0x10000
148
149/* For use with ASN1_mbstring_copy() */
150#define MBSTRING_FLAG 0x1000
151#define MBSTRING_UTF8 (MBSTRING_FLAG)
152#define MBSTRING_ASC (MBSTRING_FLAG|1)
153#define MBSTRING_BMP (MBSTRING_FLAG|2)
154#define MBSTRING_UNIV (MBSTRING_FLAG|4)
155
156#define SMIME_OLDMIME 0x400
157#define SMIME_CRLFEOL 0x800
158#define SMIME_STREAM 0x1000
159
160struct X509_algor_st;
161DECLARE_STACK_OF(X509_ALGOR)
162
163#define DECLARE_ASN1_SET_OF(type) /* filled in by mkstack.pl */
164#define IMPLEMENT_ASN1_SET_OF(type) /* nothing, no longer needed */
165
166/* We MUST make sure that, except for constness, asn1_ctx_st and
167 asn1_const_ctx are exactly the same. Fortunately, as soon as
168 the old ASN1 parsing macros are gone, we can throw this away
169 as well... */
170typedef struct asn1_ctx_st {
171 unsigned char *p;/* work char pointer */
172 int eos; /* end of sequence read for indefinite encoding */
173 int error; /* error code to use when returning an error */
174 int inf; /* constructed if 0x20, indefinite is 0x21 */
175 int tag; /* tag from last 'get object' */
176 int xclass; /* class from last 'get object' */
177 long slen; /* length of last 'get object' */
178 unsigned char *max; /* largest value of p allowed */
179 unsigned char *q;/* temporary variable */
180 unsigned char **pp;/* variable */
181 int line; /* used in error processing */
182} ASN1_CTX;
183
184typedef struct asn1_const_ctx_st {
185 const unsigned char *p;/* work char pointer */
186 int eos; /* end of sequence read for indefinite encoding */
187 int error; /* error code to use when returning an error */
188 int inf; /* constructed if 0x20, indefinite is 0x21 */
189 int tag; /* tag from last 'get object' */
190 int xclass; /* class from last 'get object' */
191 long slen; /* length of last 'get object' */
192 const unsigned char *max; /* largest value of p allowed */
193 const unsigned char *q;/* temporary variable */
194 const unsigned char **pp;/* variable */
195 int line; /* used in error processing */
196} ASN1_const_CTX;
197
198/* These are used internally in the ASN1_OBJECT to keep track of
199 * whether the names and data need to be free()ed */
200#define ASN1_OBJECT_FLAG_DYNAMIC 0x01 /* internal use */
201#define ASN1_OBJECT_FLAG_CRITICAL 0x02 /* critical x509v3 object id */
202#define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04 /* internal use */
203#define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08 /* internal use */
204typedef struct asn1_object_st {
205 const char *sn, *ln;
206 int nid;
207 int length;
208 const unsigned char *data; /* data remains const after init */
209 int flags; /* Should we free this one */
210} ASN1_OBJECT;
211
212#define ASN1_STRING_FLAG_BITS_LEFT 0x08 /* Set if 0x07 has bits left value */
213/* This indicates that the ASN1_STRING is not a real value but just a place
214 * holder for the location where indefinite length constructed data should
215 * be inserted in the memory buffer
216 */
217#define ASN1_STRING_FLAG_NDEF 0x010
218
219/* This flag is used by the CMS code to indicate that a string is not
220 * complete and is a place holder for content when it had all been
221 * accessed. The flag will be reset when content has been written to it.
222 */
223
224#define ASN1_STRING_FLAG_CONT 0x020
225/* This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING
226 * type.
227 */
228#define ASN1_STRING_FLAG_MSTRING 0x040
229/* This is the base type that holds just about everything :-) */
230struct asn1_string_st {
231 int length;
232 int type;
233 unsigned char *data;
234 /* The value of the following field depends on the type being
235 * held. It is mostly being used for BIT_STRING so if the
236 * input data has a non-zero 'unused bits' value, it will be
237 * handled correctly */
238 long flags;
239};
240
241/* ASN1_ENCODING structure: this is used to save the received
242 * encoding of an ASN1 type. This is useful to get round
243 * problems with invalid encodings which can break signatures.
244 */
245
246typedef struct ASN1_ENCODING_st {
247 unsigned char *enc; /* DER encoding */
248 long len; /* Length of encoding */
249 int modified; /* set to 1 if 'enc' is invalid */
250} ASN1_ENCODING;
251
252/* Used with ASN1 LONG type: if a long is set to this it is omitted */
253#define ASN1_LONG_UNDEF 0x7fffffffL
254
255#define STABLE_FLAGS_MALLOC 0x01
256#define STABLE_NO_MASK 0x02
257#define DIRSTRING_TYPE \
258 (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_BMPSTRING|B_ASN1_UTF8STRING)
259#define PKCS9STRING_TYPE (DIRSTRING_TYPE|B_ASN1_IA5STRING)
260
261typedef struct asn1_string_table_st {
262 int nid;
263 long minsize;
264 long maxsize;
265 unsigned long mask;
266 unsigned long flags;
267} ASN1_STRING_TABLE;
268
269DECLARE_STACK_OF(ASN1_STRING_TABLE)
270
271/* size limits: this stuff is taken straight from RFC2459 */
272
273#define ub_name 32768
274#define ub_common_name 64
275#define ub_locality_name 128
276#define ub_state_name 128
277#define ub_organization_name 64
278#define ub_organization_unit_name 64
279#define ub_title 64
280#define ub_email_address 128
281
282/* Declarations for template structures: for full definitions
283 * see asn1t.h
284 */
285typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE;
286typedef struct ASN1_TLC_st ASN1_TLC;
287/* This is just an opaque pointer */
288typedef struct ASN1_VALUE_st ASN1_VALUE;
289
290/* Declare ASN1 functions: the implement macro in in asn1t.h */
291
292#define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type)
293
294#define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \
295 DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, type)
296
297#define DECLARE_ASN1_FUNCTIONS_name(type, name) \
298 DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
299 DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name)
300
301#define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \
302 DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
303 DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name)
304
305#define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \
306 type *d2i_##name(type **a, const unsigned char **in, long len); \
307 int i2d_##name(type *a, unsigned char **out); \
308 DECLARE_ASN1_ITEM(itname)
309
310#define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \
311 type *d2i_##name(type **a, const unsigned char **in, long len); \
312 int i2d_##name(const type *a, unsigned char **out); \
313 DECLARE_ASN1_ITEM(name)
314
315#define DECLARE_ASN1_NDEF_FUNCTION(name) \
316 int i2d_##name##_NDEF(name *a, unsigned char **out);
317
318#define DECLARE_ASN1_FUNCTIONS_const(name) \
319 DECLARE_ASN1_ALLOC_FUNCTIONS(name) \
320 DECLARE_ASN1_ENCODE_FUNCTIONS_const(name, name)
321
322#define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
323 type *name##_new(void); \
324 void name##_free(type *a);
325
326#define DECLARE_ASN1_PRINT_FUNCTION(stname) \
327 DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname)
328
329#define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \
330 int fname##_print_ctx(BIO *out, stname *x, int indent, \
331 const ASN1_PCTX *pctx);
332
333#define D2I_OF(type) type *(*)(type **,const unsigned char **,long)
334#define I2D_OF(type) int (*)(type *,unsigned char **)
335#define I2D_OF_const(type) int (*)(const type *,unsigned char **)
336
337#define CHECKED_D2I_OF(type, d2i) \
338 ((d2i_of_void*) (1 ? d2i : ((D2I_OF(type))0)))
339#define CHECKED_I2D_OF(type, i2d) \
340 ((i2d_of_void*) (1 ? i2d : ((I2D_OF(type))0)))
341#define CHECKED_NEW_OF(type, xnew) \
342 ((void *(*)(void)) (1 ? xnew : ((type *(*)(void))0)))
343#define CHECKED_PTR_OF(type, p) \
344 ((void*) (1 ? p : (type*)0))
345#define CHECKED_PPTR_OF(type, p) \
346 ((void**) (1 ? p : (type**)0))
347
348#define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long)
349#define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **)
350#define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type)
351
352TYPEDEF_D2I2D_OF(void);
353
354/* The following macros and typedefs allow an ASN1_ITEM
355 * to be embedded in a structure and referenced. Since
356 * the ASN1_ITEM pointers need to be globally accessible
357 * (possibly from shared libraries) they may exist in
358 * different forms. On platforms that support it the
359 * ASN1_ITEM structure itself will be globally exported.
360 * Other platforms will export a function that returns
361 * an ASN1_ITEM pointer.
362 *
363 * To handle both cases transparently the macros below
364 * should be used instead of hard coding an ASN1_ITEM
365 * pointer in a structure.
366 *
367 * The structure will look like this:
368 *
369 * typedef struct SOMETHING_st {
370 * ...
371 * ASN1_ITEM_EXP *iptr;
372 * ...
373 * } SOMETHING;
374 *
375 * It would be initialised as e.g.:
376 *
377 * SOMETHING somevar = {...,ASN1_ITEM_ref(X509),...};
378 *
379 * and the actual pointer extracted with:
380 *
381 * const ASN1_ITEM *it = ASN1_ITEM_ptr(somevar.iptr);
382 *
383 * Finally an ASN1_ITEM pointer can be extracted from an
384 * appropriate reference with: ASN1_ITEM_rptr(X509). This
385 * would be used when a function takes an ASN1_ITEM * argument.
386 *
387 */
388
389
390/* ASN1_ITEM pointer exported type */
391typedef const ASN1_ITEM ASN1_ITEM_EXP;
392
393/* Macro to obtain ASN1_ITEM pointer from exported type */
394#define ASN1_ITEM_ptr(iptr) (iptr)
395
396/* Macro to include ASN1_ITEM pointer from base type */
397#define ASN1_ITEM_ref(iptr) (&(iptr##_it))
398
399#define ASN1_ITEM_rptr(ref) (&(ref##_it))
400
401#define DECLARE_ASN1_ITEM(name) \
402 extern const ASN1_ITEM name##_it;
403
404
405/* Parameters used by ASN1_STRING_print_ex() */
406
407/* These determine which characters to escape:
408 * RFC2253 special characters, control characters and
409 * MSB set characters
410 */
411
412#define ASN1_STRFLGS_ESC_2253 1
413#define ASN1_STRFLGS_ESC_CTRL 2
414#define ASN1_STRFLGS_ESC_MSB 4
415
416
417/* This flag determines how we do escaping: normally
418 * RC2253 backslash only, set this to use backslash and
419 * quote.
420 */
421
422#define ASN1_STRFLGS_ESC_QUOTE 8
423
424
425/* These three flags are internal use only. */
426
427/* Character is a valid PrintableString character */
428#define CHARTYPE_PRINTABLESTRING 0x10
429/* Character needs escaping if it is the first character */
430#define CHARTYPE_FIRST_ESC_2253 0x20
431/* Character needs escaping if it is the last character */
432#define CHARTYPE_LAST_ESC_2253 0x40
433
434/* NB the internal flags are safely reused below by flags
435 * handled at the top level.
436 */
437
438/* If this is set we convert all character strings
439 * to UTF8 first
440 */
441
442#define ASN1_STRFLGS_UTF8_CONVERT 0x10
443
444/* If this is set we don't attempt to interpret content:
445 * just assume all strings are 1 byte per character. This
446 * will produce some pretty odd looking output!
447 */
448
449#define ASN1_STRFLGS_IGNORE_TYPE 0x20
450
451/* If this is set we include the string type in the output */
452#define ASN1_STRFLGS_SHOW_TYPE 0x40
453
454/* This determines which strings to display and which to
455 * 'dump' (hex dump of content octets or DER encoding). We can
456 * only dump non character strings or everything. If we
457 * don't dump 'unknown' they are interpreted as character
458 * strings with 1 octet per character and are subject to
459 * the usual escaping options.
460 */
461
462#define ASN1_STRFLGS_DUMP_ALL 0x80
463#define ASN1_STRFLGS_DUMP_UNKNOWN 0x100
464
465/* These determine what 'dumping' does, we can dump the
466 * content octets or the DER encoding: both use the
467 * RFC2253 #NNNNN notation.
468 */
469
470#define ASN1_STRFLGS_DUMP_DER 0x200
471
472/* All the string flags consistent with RFC2253,
473 * escaping control characters isn't essential in
474 * RFC2253 but it is advisable anyway.
475 */
476
477#define ASN1_STRFLGS_RFC2253 (ASN1_STRFLGS_ESC_2253 | \
478 ASN1_STRFLGS_ESC_CTRL | \
479 ASN1_STRFLGS_ESC_MSB | \
480 ASN1_STRFLGS_UTF8_CONVERT | \
481 ASN1_STRFLGS_DUMP_UNKNOWN | \
482 ASN1_STRFLGS_DUMP_DER)
483
484DECLARE_STACK_OF(ASN1_INTEGER)
485DECLARE_ASN1_SET_OF(ASN1_INTEGER)
486
487DECLARE_STACK_OF(ASN1_GENERALSTRING)
488
489typedef struct asn1_type_st {
490 int type;
491 union {
492 char *ptr;
493 ASN1_BOOLEAN boolean;
494 ASN1_STRING * asn1_string;
495 ASN1_OBJECT * object;
496 ASN1_INTEGER * integer;
497 ASN1_ENUMERATED * enumerated;
498 ASN1_BIT_STRING * bit_string;
499 ASN1_OCTET_STRING * octet_string;
500 ASN1_PRINTABLESTRING * printablestring;
501 ASN1_T61STRING * t61string;
502 ASN1_IA5STRING * ia5string;
503 ASN1_GENERALSTRING * generalstring;
504 ASN1_BMPSTRING * bmpstring;
505 ASN1_UNIVERSALSTRING * universalstring;
506 ASN1_UTCTIME * utctime;
507 ASN1_GENERALIZEDTIME * generalizedtime;
508 ASN1_VISIBLESTRING * visiblestring;
509 ASN1_UTF8STRING * utf8string;
510 /* set and sequence are left complete and still
511 * contain the set or sequence bytes */
512 ASN1_STRING * set;
513 ASN1_STRING * sequence;
514 ASN1_VALUE * asn1_value;
515 } value;
516} ASN1_TYPE;
517
518DECLARE_STACK_OF(ASN1_TYPE)
519DECLARE_ASN1_SET_OF(ASN1_TYPE)
520
521typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY;
522
523DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY)
524DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SET_ANY)
525
526typedef struct NETSCAPE_X509_st {
527 ASN1_OCTET_STRING *header;
528 X509 *cert;
529} NETSCAPE_X509;
530
531/* This is used to contain a list of bit names */
532typedef struct BIT_STRING_BITNAME_st {
533 int bitnum;
534 const char *lname;
535 const char *sname;
536} BIT_STRING_BITNAME;
537
538
539#define M_ASN1_STRING_length(x) ((x)->length)
540#define M_ASN1_STRING_length_set(x, n) ((x)->length = (n))
541#define M_ASN1_STRING_type(x) ((x)->type)
542#define M_ASN1_STRING_data(x) ((x)->data)
543
544/* Macros for string operations */
545#define M_ASN1_BIT_STRING_new() (ASN1_BIT_STRING *)\
546 ASN1_STRING_type_new(V_ASN1_BIT_STRING)
547#define M_ASN1_BIT_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
548#define M_ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\
549 ASN1_STRING_dup((const ASN1_STRING *)a)
550#define M_ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\
551 (const ASN1_STRING *)a,(const ASN1_STRING *)b)
552#define M_ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
553
554#define M_ASN1_INTEGER_new() (ASN1_INTEGER *)\
555 ASN1_STRING_type_new(V_ASN1_INTEGER)
556#define M_ASN1_INTEGER_free(a) ASN1_STRING_free((ASN1_STRING *)a)
557#define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)\
558 ASN1_STRING_dup((const ASN1_STRING *)a)
559#define M_ASN1_INTEGER_cmp(a,b) ASN1_STRING_cmp(\
560 (const ASN1_STRING *)a,(const ASN1_STRING *)b)
561
562#define M_ASN1_ENUMERATED_new() (ASN1_ENUMERATED *)\
563 ASN1_STRING_type_new(V_ASN1_ENUMERATED)
564#define M_ASN1_ENUMERATED_free(a) ASN1_STRING_free((ASN1_STRING *)a)
565#define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)\
566 ASN1_STRING_dup((const ASN1_STRING *)a)
567#define M_ASN1_ENUMERATED_cmp(a,b) ASN1_STRING_cmp(\
568 (const ASN1_STRING *)a,(const ASN1_STRING *)b)
569
570#define M_ASN1_OCTET_STRING_new() (ASN1_OCTET_STRING *)\
571 ASN1_STRING_type_new(V_ASN1_OCTET_STRING)
572#define M_ASN1_OCTET_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
573#define M_ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\
574 ASN1_STRING_dup((const ASN1_STRING *)a)
575#define M_ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\
576 (const ASN1_STRING *)a,(const ASN1_STRING *)b)
577#define M_ASN1_OCTET_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
578#define M_ASN1_OCTET_STRING_print(a,b) ASN1_STRING_print(a,(ASN1_STRING *)b)
579#define M_i2d_ASN1_OCTET_STRING(a,pp) \
580 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_OCTET_STRING,\
581 V_ASN1_UNIVERSAL)
582
583#define B_ASN1_TIME \
584 B_ASN1_UTCTIME | \
585 B_ASN1_GENERALIZEDTIME
586
587#define B_ASN1_PRINTABLE \
588 B_ASN1_NUMERICSTRING| \
589 B_ASN1_PRINTABLESTRING| \
590 B_ASN1_T61STRING| \
591 B_ASN1_IA5STRING| \
592 B_ASN1_BIT_STRING| \
593 B_ASN1_UNIVERSALSTRING|\
594 B_ASN1_BMPSTRING|\
595 B_ASN1_UTF8STRING|\
596 B_ASN1_SEQUENCE|\
597 B_ASN1_UNKNOWN
598
599#define B_ASN1_DIRECTORYSTRING \
600 B_ASN1_PRINTABLESTRING| \
601 B_ASN1_TELETEXSTRING|\
602 B_ASN1_BMPSTRING|\
603 B_ASN1_UNIVERSALSTRING|\
604 B_ASN1_UTF8STRING
605
606#define B_ASN1_DISPLAYTEXT \
607 B_ASN1_IA5STRING| \
608 B_ASN1_VISIBLESTRING| \
609 B_ASN1_BMPSTRING|\
610 B_ASN1_UTF8STRING
611
612#define M_ASN1_PRINTABLE_new() ASN1_STRING_type_new(V_ASN1_T61STRING)
613#define M_ASN1_PRINTABLE_free(a) ASN1_STRING_free((ASN1_STRING *)a)
614#define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
615 pp,a->type,V_ASN1_UNIVERSAL)
616#define M_d2i_ASN1_PRINTABLE(a,pp,l) \
617 d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
618 B_ASN1_PRINTABLE)
619
620#define M_DIRECTORYSTRING_new() ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
621#define M_DIRECTORYSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
622#define M_i2d_DIRECTORYSTRING(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
623 pp,a->type,V_ASN1_UNIVERSAL)
624#define M_d2i_DIRECTORYSTRING(a,pp,l) \
625 d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
626 B_ASN1_DIRECTORYSTRING)
627
628#define M_DISPLAYTEXT_new() ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
629#define M_DISPLAYTEXT_free(a) ASN1_STRING_free((ASN1_STRING *)a)
630#define M_i2d_DISPLAYTEXT(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
631 pp,a->type,V_ASN1_UNIVERSAL)
632#define M_d2i_DISPLAYTEXT(a,pp,l) \
633 d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
634 B_ASN1_DISPLAYTEXT)
635
636#define M_ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING *)\
637 ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
638#define M_ASN1_PRINTABLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
639#define M_i2d_ASN1_PRINTABLESTRING(a,pp) \
640 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_PRINTABLESTRING,\
641 V_ASN1_UNIVERSAL)
642#define M_d2i_ASN1_PRINTABLESTRING(a,pp,l) \
643 (ASN1_PRINTABLESTRING *)d2i_ASN1_type_bytes\
644 ((ASN1_STRING **)a,pp,l,B_ASN1_PRINTABLESTRING)
645
646#define M_ASN1_T61STRING_new() (ASN1_T61STRING *)\
647 ASN1_STRING_type_new(V_ASN1_T61STRING)
648#define M_ASN1_T61STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
649#define M_i2d_ASN1_T61STRING(a,pp) \
650 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_T61STRING,\
651 V_ASN1_UNIVERSAL)
652#define M_d2i_ASN1_T61STRING(a,pp,l) \
653 (ASN1_T61STRING *)d2i_ASN1_type_bytes\
654 ((ASN1_STRING **)a,pp,l,B_ASN1_T61STRING)
655
656#define M_ASN1_IA5STRING_new() (ASN1_IA5STRING *)\
657 ASN1_STRING_type_new(V_ASN1_IA5STRING)
658#define M_ASN1_IA5STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
659#define M_ASN1_IA5STRING_dup(a) \
660 (ASN1_IA5STRING *)ASN1_STRING_dup((const ASN1_STRING *)a)
661#define M_i2d_ASN1_IA5STRING(a,pp) \
662 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\
663 V_ASN1_UNIVERSAL)
664#define M_d2i_ASN1_IA5STRING(a,pp,l) \
665 (ASN1_IA5STRING *)d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l,\
666 B_ASN1_IA5STRING)
667
668#define M_ASN1_UTCTIME_new() (ASN1_UTCTIME *)\
669 ASN1_STRING_type_new(V_ASN1_UTCTIME)
670#define M_ASN1_UTCTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
671#define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)\
672 ASN1_STRING_dup((const ASN1_STRING *)a)
673
674#define M_ASN1_GENERALIZEDTIME_new() (ASN1_GENERALIZEDTIME *)\
675 ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME)
676#define M_ASN1_GENERALIZEDTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
677#define M_ASN1_GENERALIZEDTIME_dup(a) (ASN1_GENERALIZEDTIME *)ASN1_STRING_dup(\
678 (const ASN1_STRING *)a)
679
680#define M_ASN1_TIME_new() (ASN1_TIME *)\
681 ASN1_STRING_type_new(V_ASN1_UTCTIME)
682#define M_ASN1_TIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
683#define M_ASN1_TIME_dup(a) (ASN1_TIME *)\
684 ASN1_STRING_dup((const ASN1_STRING *)a)
685
686#define M_ASN1_GENERALSTRING_new() (ASN1_GENERALSTRING *)\
687 ASN1_STRING_type_new(V_ASN1_GENERALSTRING)
688#define M_ASN1_GENERALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
689#define M_i2d_ASN1_GENERALSTRING(a,pp) \
690 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_GENERALSTRING,\
691 V_ASN1_UNIVERSAL)
692#define M_d2i_ASN1_GENERALSTRING(a,pp,l) \
693 (ASN1_GENERALSTRING *)d2i_ASN1_type_bytes\
694 ((ASN1_STRING **)a,pp,l,B_ASN1_GENERALSTRING)
695
696#define M_ASN1_UNIVERSALSTRING_new() (ASN1_UNIVERSALSTRING *)\
697 ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING)
698#define M_ASN1_UNIVERSALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
699#define M_i2d_ASN1_UNIVERSALSTRING(a,pp) \
700 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UNIVERSALSTRING,\
701 V_ASN1_UNIVERSAL)
702#define M_d2i_ASN1_UNIVERSALSTRING(a,pp,l) \
703 (ASN1_UNIVERSALSTRING *)d2i_ASN1_type_bytes\
704 ((ASN1_STRING **)a,pp,l,B_ASN1_UNIVERSALSTRING)
705
706#define M_ASN1_BMPSTRING_new() (ASN1_BMPSTRING *)\
707 ASN1_STRING_type_new(V_ASN1_BMPSTRING)
708#define M_ASN1_BMPSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
709#define M_i2d_ASN1_BMPSTRING(a,pp) \
710 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_BMPSTRING,\
711 V_ASN1_UNIVERSAL)
712#define M_d2i_ASN1_BMPSTRING(a,pp,l) \
713 (ASN1_BMPSTRING *)d2i_ASN1_type_bytes\
714 ((ASN1_STRING **)a,pp,l,B_ASN1_BMPSTRING)
715
716#define M_ASN1_VISIBLESTRING_new() (ASN1_VISIBLESTRING *)\
717 ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
718#define M_ASN1_VISIBLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
719#define M_i2d_ASN1_VISIBLESTRING(a,pp) \
720 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_VISIBLESTRING,\
721 V_ASN1_UNIVERSAL)
722#define M_d2i_ASN1_VISIBLESTRING(a,pp,l) \
723 (ASN1_VISIBLESTRING *)d2i_ASN1_type_bytes\
724 ((ASN1_STRING **)a,pp,l,B_ASN1_VISIBLESTRING)
725
726#define M_ASN1_UTF8STRING_new() (ASN1_UTF8STRING *)\
727 ASN1_STRING_type_new(V_ASN1_UTF8STRING)
728#define M_ASN1_UTF8STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
729#define M_i2d_ASN1_UTF8STRING(a,pp) \
730 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UTF8STRING,\
731 V_ASN1_UNIVERSAL)
732#define M_d2i_ASN1_UTF8STRING(a,pp,l) \
733 (ASN1_UTF8STRING *)d2i_ASN1_type_bytes\
734 ((ASN1_STRING **)a,pp,l,B_ASN1_UTF8STRING)
735
736/* for the is_set parameter to i2d_ASN1_SET */
737#define IS_SEQUENCE 0
738#define IS_SET 1
739
740DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
741
742int ASN1_TYPE_get(ASN1_TYPE *a);
743void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
744int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
745int ASN1_TYPE_cmp(ASN1_TYPE *a, ASN1_TYPE *b);
746
747ASN1_OBJECT *ASN1_OBJECT_new(void );
748void ASN1_OBJECT_free(ASN1_OBJECT *a);
749int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp);
750ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
751 long length);
752ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
753 long length);
754
755DECLARE_ASN1_ITEM(ASN1_OBJECT)
756
757DECLARE_STACK_OF(ASN1_OBJECT)
758DECLARE_ASN1_SET_OF(ASN1_OBJECT)
759
760ASN1_STRING *ASN1_STRING_new(void);
761void ASN1_STRING_free(ASN1_STRING *a);
762int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str);
763ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *a);
764ASN1_STRING *ASN1_STRING_type_new(int type );
765int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b);
766 /* Since this is used to store all sorts of things, via macros, for now, make
767 its data void * */
768int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
769void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len);
770int ASN1_STRING_length(const ASN1_STRING *x);
771void ASN1_STRING_length_set(ASN1_STRING *x, int n);
772int ASN1_STRING_type(ASN1_STRING *x);
773unsigned char * ASN1_STRING_data(ASN1_STRING *x);
774
775DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING)
776int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp);
777ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
778 const unsigned char **pp, long length);
779int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, int length );
780int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value);
781int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n);
782int ASN1_BIT_STRING_check(ASN1_BIT_STRING *a,
783 unsigned char *flags, int flags_len);
784
785#ifndef OPENSSL_NO_BIO
786int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
787 BIT_STRING_BITNAME *tbl, int indent);
788#endif
789int ASN1_BIT_STRING_num_asc(char *name, BIT_STRING_BITNAME *tbl);
790int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value,
791 BIT_STRING_BITNAME *tbl);
792
793int i2d_ASN1_BOOLEAN(int a, unsigned char **pp);
794int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length);
795
796DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER)
797int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp);
798ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
799 long length);
800ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
801 long length);
802ASN1_INTEGER * ASN1_INTEGER_dup(const ASN1_INTEGER *x);
803int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y);
804
805DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED)
806
807int ASN1_UTCTIME_check(ASN1_UTCTIME *a);
808ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t);
809ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
810 int offset_day, long offset_sec);
811int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
812int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
813
814int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a);
815ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,
816 time_t t);
817ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s,
818 time_t t, int offset_day, long offset_sec);
819int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str);
820
821DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
822ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *a);
823int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a,
824 const ASN1_OCTET_STRING *b);
825int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data,
826 int len);
827
828DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
829DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
830DECLARE_ASN1_FUNCTIONS(ASN1_UTF8STRING)
831DECLARE_ASN1_FUNCTIONS(ASN1_NULL)
832DECLARE_ASN1_FUNCTIONS(ASN1_BMPSTRING)
833
834DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE)
835
836DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING)
837DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT)
838DECLARE_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING)
839DECLARE_ASN1_FUNCTIONS(ASN1_T61STRING)
840DECLARE_ASN1_FUNCTIONS(ASN1_IA5STRING)
841DECLARE_ASN1_FUNCTIONS(ASN1_GENERALSTRING)
842DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME)
843DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
844DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
845
846DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF)
847
848ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t);
849ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day,
850 long offset_sec);
851int ASN1_TIME_check(ASN1_TIME *t);
852ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t,
853 ASN1_GENERALIZEDTIME **out);
854int ASN1_TIME_set_string(ASN1_TIME *s, const char *str);
855
856int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp,
857 i2d_of_void *i2d, int ex_tag, int ex_class, int is_set);
858STACK_OF(OPENSSL_BLOCK) *d2i_ASN1_SET(STACK_OF(OPENSSL_BLOCK) **a,
859 const unsigned char **pp, long length, d2i_of_void *d2i,
860 void (*free_func)(OPENSSL_BLOCK), int ex_tag, int ex_class);
861
862#ifndef OPENSSL_NO_BIO
863int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
864int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size);
865int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a);
866int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size);
867int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a);
868int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size);
869int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type);
870#endif
871int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a);
872
873int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num);
874ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
875 const char *sn, const char *ln);
876
877int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
878long ASN1_INTEGER_get(const ASN1_INTEGER *a);
879ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai);
880BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn);
881
882int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
883long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a);
884ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
885BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn);
886
887/* General */
888/* given a string, return the correct type, max is the maximum length */
889int ASN1_PRINTABLE_type(const unsigned char *s, int max);
890
891int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass);
892ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
893 long length, int Ptag, int Pclass);
894unsigned long ASN1_tag2bit(int tag);
895/* type is one or more of the B_ASN1_ values. */
896ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp,
897 long length, int type);
898
899/* PARSING */
900int asn1_Finish(ASN1_CTX *c);
901int asn1_const_Finish(ASN1_const_CTX *c);
902
903/* SPECIALS */
904int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
905 int *pclass, long omax);
906int ASN1_check_infinite_end(unsigned char **p, long len);
907int ASN1_const_check_infinite_end(const unsigned char **p, long len);
908void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag,
909 int xclass);
910int ASN1_put_eoc(unsigned char **pp);
911int ASN1_object_size(int constructed, int length, int tag);
912
913/* Used to implement other functions */
914void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x);
915
916#define ASN1_dup_of(type,i2d,d2i,x) \
917 ((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \
918 CHECKED_D2I_OF(type, d2i), \
919 CHECKED_PTR_OF(type, x)))
920
921#define ASN1_dup_of_const(type,i2d,d2i,x) \
922 ((type*)ASN1_dup(CHECKED_I2D_OF(const type, i2d), \
923 CHECKED_D2I_OF(type, d2i), \
924 CHECKED_PTR_OF(const type, x)))
925
926void *ASN1_item_dup(const ASN1_ITEM *it, void *x);
927
928/* ASN1 alloc/free macros for when a type is only used internally */
929
930#define M_ASN1_new_of(type) (type *)ASN1_item_new(ASN1_ITEM_rptr(type))
931#define M_ASN1_free_of(x, type) \
932 ASN1_item_free(CHECKED_PTR_OF(type, x), ASN1_ITEM_rptr(type))
933
934void *ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x);
935
936#define ASN1_d2i_fp_of(type,xnew,d2i,in,x) \
937 ((type*)ASN1_d2i_fp(CHECKED_NEW_OF(type, xnew), \
938 CHECKED_D2I_OF(type, d2i), \
939 in, \
940 CHECKED_PPTR_OF(type, x)))
941
942void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x);
943int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x);
944
945#define ASN1_i2d_fp_of(type,i2d,out,x) \
946 (ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \
947 out, \
948 CHECKED_PTR_OF(type, x)))
949
950#define ASN1_i2d_fp_of_const(type,i2d,out,x) \
951 (ASN1_i2d_fp(CHECKED_I2D_OF(const type, i2d), \
952 out, \
953 CHECKED_PTR_OF(const type, x)))
954
955int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x);
956int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags);
957
958int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in);
959
960#ifndef OPENSSL_NO_BIO
961void *ASN1_d2i_bio(void *(*xnew)(void), d2i_of_void *d2i, BIO *in, void **x);
962
963#define ASN1_d2i_bio_of(type,xnew,d2i,in,x) \
964 ((type*)ASN1_d2i_bio( CHECKED_NEW_OF(type, xnew), \
965 CHECKED_D2I_OF(type, d2i), \
966 in, \
967 CHECKED_PPTR_OF(type, x)))
968
969void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x);
970int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x);
971
972#define ASN1_i2d_bio_of(type,i2d,out,x) \
973 (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \
974 out, \
975 CHECKED_PTR_OF(type, x)))
976
977#define ASN1_i2d_bio_of_const(type,i2d,out,x) \
978 (ASN1_i2d_bio(CHECKED_I2D_OF(const type, i2d), \
979 out, \
980 CHECKED_PTR_OF(const type, x)))
981
982int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x);
983int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a);
984int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a);
985int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a);
986int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v);
987int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags);
988int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
989 unsigned char *buf, int off);
990int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent);
991int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent, int dump);
992#endif
993const char *ASN1_tag2str(int tag);
994
995/* Used to load and write netscape format cert */
996
997DECLARE_ASN1_FUNCTIONS(NETSCAPE_X509)
998
999int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
1000
1001int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len);
1002int ASN1_TYPE_get_octetstring(ASN1_TYPE *a, unsigned char *data, int max_len);
1003int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data,
1004 int len);
1005int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num, unsigned char *data,
1006 int max_len);
1007
1008STACK_OF(OPENSSL_BLOCK) *ASN1_seq_unpack(const unsigned char *buf, int len,
1009 d2i_of_void *d2i, void (*free_func)(OPENSSL_BLOCK));
1010unsigned char *ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d,
1011 unsigned char **buf, int *len );
1012void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i);
1013void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it);
1014ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d,
1015 ASN1_OCTET_STRING **oct);
1016
1017ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it,
1018 ASN1_OCTET_STRING **oct);
1019
1020void ASN1_STRING_set_default_mask(unsigned long mask);
1021int ASN1_STRING_set_default_mask_asc(const char *p);
1022unsigned long ASN1_STRING_get_default_mask(void);
1023int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
1024 int inform, unsigned long mask);
1025int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
1026 int inform, unsigned long mask, long minsize, long maxsize);
1027
1028ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,
1029 const unsigned char *in, int inlen, int inform, int nid);
1030ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid);
1031int ASN1_STRING_TABLE_add(int, long, long, unsigned long, unsigned long);
1032void ASN1_STRING_TABLE_cleanup(void);
1033
1034/* ASN1 template functions */
1035
1036/* Old API compatible functions */
1037ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it);
1038void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it);
1039ASN1_VALUE * ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in,
1040 long len, const ASN1_ITEM *it);
1041int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
1042int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
1043
1044void ASN1_add_oid_module(void);
1045
1046ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf);
1047ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf);
1048
1049/* ASN1 Print flags */
1050
1051/* Indicate missing OPTIONAL fields */
1052#define ASN1_PCTX_FLAGS_SHOW_ABSENT 0x001
1053/* Mark start and end of SEQUENCE */
1054#define ASN1_PCTX_FLAGS_SHOW_SEQUENCE 0x002
1055/* Mark start and end of SEQUENCE/SET OF */
1056#define ASN1_PCTX_FLAGS_SHOW_SSOF 0x004
1057/* Show the ASN1 type of primitives */
1058#define ASN1_PCTX_FLAGS_SHOW_TYPE 0x008
1059/* Don't show ASN1 type of ANY */
1060#define ASN1_PCTX_FLAGS_NO_ANY_TYPE 0x010
1061/* Don't show ASN1 type of MSTRINGs */
1062#define ASN1_PCTX_FLAGS_NO_MSTRING_TYPE 0x020
1063/* Don't show field names in SEQUENCE */
1064#define ASN1_PCTX_FLAGS_NO_FIELD_NAME 0x040
1065/* Show structure names of each SEQUENCE field */
1066#define ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME 0x080
1067/* Don't show structure name even at top level */
1068#define ASN1_PCTX_FLAGS_NO_STRUCT_NAME 0x100
1069
1070int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent,
1071 const ASN1_ITEM *it, const ASN1_PCTX *pctx);
1072ASN1_PCTX *ASN1_PCTX_new(void);
1073void ASN1_PCTX_free(ASN1_PCTX *p);
1074unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p);
1075void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags);
1076unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p);
1077void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags);
1078unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p);
1079void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags);
1080unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p);
1081void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags);
1082unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p);
1083void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags);
1084
1085BIO_METHOD *BIO_f_asn1(void);
1086
1087BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it);
1088
1089int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
1090 const ASN1_ITEM *it);
1091int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
1092 const char *hdr, const ASN1_ITEM *it);
1093int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
1094 int ctype_nid, int econt_nid, STACK_OF(X509_ALGOR) *mdalgs,
1095 const ASN1_ITEM *it);
1096ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it);
1097int SMIME_crlf_copy(BIO *in, BIO *out, int flags);
1098int SMIME_text(BIO *in, BIO *out);
1099
1100/* BEGIN ERROR CODES */
1101/* The following lines are auto generated by the script mkerr.pl. Any changes
1102 * made after this point may be overwritten when the script is next run.
1103 */
1104void ERR_load_ASN1_strings(void);
1105
1106/* Error codes for the ASN1 functions. */
1107
1108/* Function codes. */
1109#define ASN1_F_A2D_ASN1_OBJECT 100
1110#define ASN1_F_A2I_ASN1_ENUMERATED 101
1111#define ASN1_F_A2I_ASN1_INTEGER 102
1112#define ASN1_F_A2I_ASN1_STRING 103
1113#define ASN1_F_APPEND_EXP 176
1114#define ASN1_F_ASN1_BIT_STRING_SET_BIT 183
1115#define ASN1_F_ASN1_CB 177
1116#define ASN1_F_ASN1_CHECK_TLEN 104
1117#define ASN1_F_ASN1_COLLATE_PRIMITIVE 105
1118#define ASN1_F_ASN1_COLLECT 106
1119#define ASN1_F_ASN1_D2I_EX_PRIMITIVE 108
1120#define ASN1_F_ASN1_D2I_FP 109
1121#define ASN1_F_ASN1_D2I_READ_BIO 107
1122#define ASN1_F_ASN1_DIGEST 184
1123#define ASN1_F_ASN1_DO_ADB 110
1124#define ASN1_F_ASN1_DUP 111
1125#define ASN1_F_ASN1_ENUMERATED_SET 112
1126#define ASN1_F_ASN1_ENUMERATED_TO_BN 113
1127#define ASN1_F_ASN1_EX_C2I 204
1128#define ASN1_F_ASN1_FIND_END 190
1129#define ASN1_F_ASN1_GENERALIZEDTIME_ADJ 216
1130#define ASN1_F_ASN1_GENERALIZEDTIME_SET 185
1131#define ASN1_F_ASN1_GENERATE_V3 178
1132#define ASN1_F_ASN1_GET_OBJECT 114
1133#define ASN1_F_ASN1_HEADER_NEW 115
1134#define ASN1_F_ASN1_I2D_BIO 116
1135#define ASN1_F_ASN1_I2D_FP 117
1136#define ASN1_F_ASN1_INTEGER_SET 118
1137#define ASN1_F_ASN1_INTEGER_TO_BN 119
1138#define ASN1_F_ASN1_ITEM_D2I_FP 206
1139#define ASN1_F_ASN1_ITEM_DUP 191
1140#define ASN1_F_ASN1_ITEM_EX_COMBINE_NEW 121
1141#define ASN1_F_ASN1_ITEM_EX_D2I 120
1142#define ASN1_F_ASN1_ITEM_I2D_BIO 192
1143#define ASN1_F_ASN1_ITEM_I2D_FP 193
1144#define ASN1_F_ASN1_ITEM_PACK 198
1145#define ASN1_F_ASN1_ITEM_SIGN 195
1146#define ASN1_F_ASN1_ITEM_SIGN_CTX 220
1147#define ASN1_F_ASN1_ITEM_UNPACK 199
1148#define ASN1_F_ASN1_ITEM_VERIFY 197
1149#define ASN1_F_ASN1_MBSTRING_NCOPY 122
1150#define ASN1_F_ASN1_OBJECT_NEW 123
1151#define ASN1_F_ASN1_OUTPUT_DATA 214
1152#define ASN1_F_ASN1_PACK_STRING 124
1153#define ASN1_F_ASN1_PCTX_NEW 205
1154#define ASN1_F_ASN1_PKCS5_PBE_SET 125
1155#define ASN1_F_ASN1_SEQ_PACK 126
1156#define ASN1_F_ASN1_SEQ_UNPACK 127
1157#define ASN1_F_ASN1_SIGN 128
1158#define ASN1_F_ASN1_STR2TYPE 179
1159#define ASN1_F_ASN1_STRING_SET 186
1160#define ASN1_F_ASN1_STRING_TABLE_ADD 129
1161#define ASN1_F_ASN1_STRING_TYPE_NEW 130
1162#define ASN1_F_ASN1_TEMPLATE_EX_D2I 132
1163#define ASN1_F_ASN1_TEMPLATE_NEW 133
1164#define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I 131
1165#define ASN1_F_ASN1_TIME_ADJ 217
1166#define ASN1_F_ASN1_TIME_SET 175
1167#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134
1168#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135
1169#define ASN1_F_ASN1_UNPACK_STRING 136
1170#define ASN1_F_ASN1_UTCTIME_ADJ 218
1171#define ASN1_F_ASN1_UTCTIME_SET 187
1172#define ASN1_F_ASN1_VERIFY 137
1173#define ASN1_F_B64_READ_ASN1 209
1174#define ASN1_F_B64_WRITE_ASN1 210
1175#define ASN1_F_BIO_NEW_NDEF 208
1176#define ASN1_F_BITSTR_CB 180
1177#define ASN1_F_BN_TO_ASN1_ENUMERATED 138
1178#define ASN1_F_BN_TO_ASN1_INTEGER 139
1179#define ASN1_F_C2I_ASN1_BIT_STRING 189
1180#define ASN1_F_C2I_ASN1_INTEGER 194
1181#define ASN1_F_C2I_ASN1_OBJECT 196
1182#define ASN1_F_COLLECT_DATA 140
1183#define ASN1_F_D2I_ASN1_BIT_STRING 141
1184#define ASN1_F_D2I_ASN1_BOOLEAN 142
1185#define ASN1_F_D2I_ASN1_BYTES 143
1186#define ASN1_F_D2I_ASN1_GENERALIZEDTIME 144
1187#define ASN1_F_D2I_ASN1_HEADER 145
1188#define ASN1_F_D2I_ASN1_INTEGER 146
1189#define ASN1_F_D2I_ASN1_OBJECT 147
1190#define ASN1_F_D2I_ASN1_SET 148
1191#define ASN1_F_D2I_ASN1_TYPE_BYTES 149
1192#define ASN1_F_D2I_ASN1_UINTEGER 150
1193#define ASN1_F_D2I_ASN1_UTCTIME 151
1194#define ASN1_F_D2I_AUTOPRIVATEKEY 207
1195#define ASN1_F_D2I_NETSCAPE_RSA 152
1196#define ASN1_F_D2I_NETSCAPE_RSA_2 153
1197#define ASN1_F_D2I_PRIVATEKEY 154
1198#define ASN1_F_D2I_PUBLICKEY 155
1199#define ASN1_F_D2I_RSA_NET 200
1200#define ASN1_F_D2I_RSA_NET_2 201
1201#define ASN1_F_D2I_X509 156
1202#define ASN1_F_D2I_X509_CINF 157
1203#define ASN1_F_D2I_X509_PKEY 159
1204#define ASN1_F_I2D_ASN1_BIO_STREAM 211
1205#define ASN1_F_I2D_ASN1_SET 188
1206#define ASN1_F_I2D_ASN1_TIME 160
1207#define ASN1_F_I2D_DSA_PUBKEY 161
1208#define ASN1_F_I2D_EC_PUBKEY 181
1209#define ASN1_F_I2D_PRIVATEKEY 163
1210#define ASN1_F_I2D_PUBLICKEY 164
1211#define ASN1_F_I2D_RSA_NET 162
1212#define ASN1_F_I2D_RSA_PUBKEY 165
1213#define ASN1_F_LONG_C2I 166
1214#define ASN1_F_OID_MODULE_INIT 174
1215#define ASN1_F_PARSE_TAGGING 182
1216#define ASN1_F_PKCS5_PBE2_SET_IV 167
1217#define ASN1_F_PKCS5_PBE_SET 202
1218#define ASN1_F_PKCS5_PBE_SET0_ALGOR 215
1219#define ASN1_F_PKCS5_PBKDF2_SET 219
1220#define ASN1_F_SMIME_READ_ASN1 212
1221#define ASN1_F_SMIME_TEXT 213
1222#define ASN1_F_X509_CINF_NEW 168
1223#define ASN1_F_X509_CRL_ADD0_REVOKED 169
1224#define ASN1_F_X509_INFO_NEW 170
1225#define ASN1_F_X509_NAME_ENCODE 203
1226#define ASN1_F_X509_NAME_EX_D2I 158
1227#define ASN1_F_X509_NAME_EX_NEW 171
1228#define ASN1_F_X509_NEW 172
1229#define ASN1_F_X509_PKEY_NEW 173
1230
1231/* Reason codes. */
1232#define ASN1_R_ADDING_OBJECT 171
1233#define ASN1_R_ASN1_PARSE_ERROR 203
1234#define ASN1_R_ASN1_SIG_PARSE_ERROR 204
1235#define ASN1_R_AUX_ERROR 100
1236#define ASN1_R_BAD_CLASS 101
1237#define ASN1_R_BAD_OBJECT_HEADER 102
1238#define ASN1_R_BAD_PASSWORD_READ 103
1239#define ASN1_R_BAD_TAG 104
1240#define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 214
1241#define ASN1_R_BN_LIB 105
1242#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106
1243#define ASN1_R_BUFFER_TOO_SMALL 107
1244#define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 108
1245#define ASN1_R_CONTEXT_NOT_INITIALISED 217
1246#define ASN1_R_DATA_IS_WRONG 109
1247#define ASN1_R_DECODE_ERROR 110
1248#define ASN1_R_DECODING_ERROR 111
1249#define ASN1_R_DEPTH_EXCEEDED 174
1250#define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED 198
1251#define ASN1_R_ENCODE_ERROR 112
1252#define ASN1_R_ERROR_GETTING_TIME 173
1253#define ASN1_R_ERROR_LOADING_SECTION 172
1254#define ASN1_R_ERROR_PARSING_SET_ELEMENT 113
1255#define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 114
1256#define ASN1_R_EXPECTING_AN_INTEGER 115
1257#define ASN1_R_EXPECTING_AN_OBJECT 116
1258#define ASN1_R_EXPECTING_A_BOOLEAN 117
1259#define ASN1_R_EXPECTING_A_TIME 118
1260#define ASN1_R_EXPLICIT_LENGTH_MISMATCH 119
1261#define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED 120
1262#define ASN1_R_FIELD_MISSING 121
1263#define ASN1_R_FIRST_NUM_TOO_LARGE 122
1264#define ASN1_R_HEADER_TOO_LONG 123
1265#define ASN1_R_ILLEGAL_BITSTRING_FORMAT 175
1266#define ASN1_R_ILLEGAL_BOOLEAN 176
1267#define ASN1_R_ILLEGAL_CHARACTERS 124
1268#define ASN1_R_ILLEGAL_FORMAT 177
1269#define ASN1_R_ILLEGAL_HEX 178
1270#define ASN1_R_ILLEGAL_IMPLICIT_TAG 179
1271#define ASN1_R_ILLEGAL_INTEGER 180
1272#define ASN1_R_ILLEGAL_NESTED_TAGGING 181
1273#define ASN1_R_ILLEGAL_NULL 125
1274#define ASN1_R_ILLEGAL_NULL_VALUE 182
1275#define ASN1_R_ILLEGAL_OBJECT 183
1276#define ASN1_R_ILLEGAL_OPTIONAL_ANY 126
1277#define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE 170
1278#define ASN1_R_ILLEGAL_TAGGED_ANY 127
1279#define ASN1_R_ILLEGAL_TIME_VALUE 184
1280#define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185
1281#define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128
1282#define ASN1_R_INVALID_BIT_STRING_BITS_LEFT 220
1283#define ASN1_R_INVALID_BMPSTRING_LENGTH 129
1284#define ASN1_R_INVALID_DIGIT 130
1285#define ASN1_R_INVALID_MIME_TYPE 205
1286#define ASN1_R_INVALID_MODIFIER 186
1287#define ASN1_R_INVALID_NUMBER 187
1288#define ASN1_R_INVALID_OBJECT_ENCODING 216
1289#define ASN1_R_INVALID_SEPARATOR 131
1290#define ASN1_R_INVALID_TIME_FORMAT 132
1291#define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133
1292#define ASN1_R_INVALID_UTF8STRING 134
1293#define ASN1_R_IV_TOO_LARGE 135
1294#define ASN1_R_LENGTH_ERROR 136
1295#define ASN1_R_LIST_ERROR 188
1296#define ASN1_R_MIME_NO_CONTENT_TYPE 206
1297#define ASN1_R_MIME_PARSE_ERROR 207
1298#define ASN1_R_MIME_SIG_PARSE_ERROR 208
1299#define ASN1_R_MISSING_EOC 137
1300#define ASN1_R_MISSING_SECOND_NUMBER 138
1301#define ASN1_R_MISSING_VALUE 189
1302#define ASN1_R_MSTRING_NOT_UNIVERSAL 139
1303#define ASN1_R_MSTRING_WRONG_TAG 140
1304#define ASN1_R_NESTED_ASN1_STRING 197
1305#define ASN1_R_NON_HEX_CHARACTERS 141
1306#define ASN1_R_NOT_ASCII_FORMAT 190
1307#define ASN1_R_NOT_ENOUGH_DATA 142
1308#define ASN1_R_NO_CONTENT_TYPE 209
1309#define ASN1_R_NO_DEFAULT_DIGEST 201
1310#define ASN1_R_NO_MATCHING_CHOICE_TYPE 143
1311#define ASN1_R_NO_MULTIPART_BODY_FAILURE 210
1312#define ASN1_R_NO_MULTIPART_BOUNDARY 211
1313#define ASN1_R_NO_SIG_CONTENT_TYPE 212
1314#define ASN1_R_NULL_IS_WRONG_LENGTH 144
1315#define ASN1_R_OBJECT_NOT_ASCII_FORMAT 191
1316#define ASN1_R_ODD_NUMBER_OF_CHARS 145
1317#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 146
1318#define ASN1_R_SECOND_NUMBER_TOO_LARGE 147
1319#define ASN1_R_SEQUENCE_LENGTH_MISMATCH 148
1320#define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149
1321#define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG 192
1322#define ASN1_R_SHORT_LINE 150
1323#define ASN1_R_SIG_INVALID_MIME_TYPE 213
1324#define ASN1_R_STREAMING_NOT_SUPPORTED 202
1325#define ASN1_R_STRING_TOO_LONG 151
1326#define ASN1_R_STRING_TOO_SHORT 152
1327#define ASN1_R_TAG_VALUE_TOO_HIGH 153
1328#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154
1329#define ASN1_R_TIME_NOT_ASCII_FORMAT 193
1330#define ASN1_R_TOO_LONG 155
1331#define ASN1_R_TYPE_NOT_CONSTRUCTED 156
1332#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157
1333#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 158
1334#define ASN1_R_UNEXPECTED_EOC 159
1335#define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 215
1336#define ASN1_R_UNKNOWN_FORMAT 160
1337#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161
1338#define ASN1_R_UNKNOWN_OBJECT_TYPE 162
1339#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163
1340#define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM 199
1341#define ASN1_R_UNKNOWN_TAG 194
1342#define ASN1_R_UNKOWN_FORMAT 195
1343#define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164
1344#define ASN1_R_UNSUPPORTED_CIPHER 165
1345#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 166
1346#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167
1347#define ASN1_R_UNSUPPORTED_TYPE 196
1348#define ASN1_R_WRONG_PUBLIC_KEY_TYPE 200
1349#define ASN1_R_WRONG_TAG 168
1350#define ASN1_R_WRONG_TYPE 169
1351
1352#ifdef __cplusplus
1353}
1354#endif
1355#endif
diff --git a/src/lib/libcrypto/asn1/asn1_err.c b/src/lib/libcrypto/asn1/asn1_err.c
deleted file mode 100644
index 8fd5cf6765..0000000000
--- a/src/lib/libcrypto/asn1/asn1_err.c
+++ /dev/null
@@ -1,333 +0,0 @@
1/* $OpenBSD: asn1_err.c,v 1.19 2015/02/15 14:35:30 miod Exp $ */
2/* ====================================================================
3 * Copyright (c) 1999-2011 The OpenSSL Project. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in
14 * the documentation and/or other materials provided with the
15 * distribution.
16 *
17 * 3. All advertising materials mentioning features or use of this
18 * software must display the following acknowledgment:
19 * "This product includes software developed by the OpenSSL Project
20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
21 *
22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23 * endorse or promote products derived from this software without
24 * prior written permission. For written permission, please contact
25 * openssl-core@OpenSSL.org.
26 *
27 * 5. Products derived from this software may not be called "OpenSSL"
28 * nor may "OpenSSL" appear in their names without prior written
29 * permission of the OpenSSL Project.
30 *
31 * 6. Redistributions of any form whatsoever must retain the following
32 * acknowledgment:
33 * "This product includes software developed by the OpenSSL Project
34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
35 *
36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
61#include <stdio.h>
62
63#include <openssl/opensslconf.h>
64
65#include <openssl/err.h>
66#include <openssl/asn1.h>
67
68/* BEGIN ERROR CODES */
69#ifndef OPENSSL_NO_ERR
70
71#define ERR_FUNC(func) ERR_PACK(ERR_LIB_ASN1,func,0)
72#define ERR_REASON(reason) ERR_PACK(ERR_LIB_ASN1,0,reason)
73
74static ERR_STRING_DATA ASN1_str_functs[] = {
75 {ERR_FUNC(ASN1_F_A2D_ASN1_OBJECT), "a2d_ASN1_OBJECT"},
76 {ERR_FUNC(ASN1_F_A2I_ASN1_ENUMERATED), "a2i_ASN1_ENUMERATED"},
77 {ERR_FUNC(ASN1_F_A2I_ASN1_INTEGER), "a2i_ASN1_INTEGER"},
78 {ERR_FUNC(ASN1_F_A2I_ASN1_STRING), "a2i_ASN1_STRING"},
79 {ERR_FUNC(ASN1_F_APPEND_EXP), "APPEND_EXP"},
80 {ERR_FUNC(ASN1_F_ASN1_BIT_STRING_SET_BIT), "ASN1_BIT_STRING_set_bit"},
81 {ERR_FUNC(ASN1_F_ASN1_CB), "ASN1_CB"},
82 {ERR_FUNC(ASN1_F_ASN1_CHECK_TLEN), "ASN1_CHECK_TLEN"},
83 {ERR_FUNC(ASN1_F_ASN1_COLLATE_PRIMITIVE), "ASN1_COLLATE_PRIMITIVE"},
84 {ERR_FUNC(ASN1_F_ASN1_COLLECT), "ASN1_COLLECT"},
85 {ERR_FUNC(ASN1_F_ASN1_D2I_EX_PRIMITIVE), "ASN1_D2I_EX_PRIMITIVE"},
86 {ERR_FUNC(ASN1_F_ASN1_D2I_FP), "ASN1_d2i_fp"},
87 {ERR_FUNC(ASN1_F_ASN1_D2I_READ_BIO), "ASN1_D2I_READ_BIO"},
88 {ERR_FUNC(ASN1_F_ASN1_DIGEST), "ASN1_digest"},
89 {ERR_FUNC(ASN1_F_ASN1_DO_ADB), "ASN1_DO_ADB"},
90 {ERR_FUNC(ASN1_F_ASN1_DUP), "ASN1_dup"},
91 {ERR_FUNC(ASN1_F_ASN1_ENUMERATED_SET), "ASN1_ENUMERATED_set"},
92 {ERR_FUNC(ASN1_F_ASN1_ENUMERATED_TO_BN), "ASN1_ENUMERATED_to_BN"},
93 {ERR_FUNC(ASN1_F_ASN1_EX_C2I), "ASN1_EX_C2I"},
94 {ERR_FUNC(ASN1_F_ASN1_FIND_END), "ASN1_FIND_END"},
95 {ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_ADJ), "ASN1_GENERALIZEDTIME_adj"},
96 {ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_SET), "ASN1_GENERALIZEDTIME_set"},
97 {ERR_FUNC(ASN1_F_ASN1_GENERATE_V3), "ASN1_generate_v3"},
98 {ERR_FUNC(ASN1_F_ASN1_GET_OBJECT), "ASN1_get_object"},
99 {ERR_FUNC(ASN1_F_ASN1_HEADER_NEW), "ASN1_HEADER_NEW"},
100 {ERR_FUNC(ASN1_F_ASN1_I2D_BIO), "ASN1_i2d_bio"},
101 {ERR_FUNC(ASN1_F_ASN1_I2D_FP), "ASN1_i2d_fp"},
102 {ERR_FUNC(ASN1_F_ASN1_INTEGER_SET), "ASN1_INTEGER_set"},
103 {ERR_FUNC(ASN1_F_ASN1_INTEGER_TO_BN), "ASN1_INTEGER_to_BN"},
104 {ERR_FUNC(ASN1_F_ASN1_ITEM_D2I_FP), "ASN1_item_d2i_fp"},
105 {ERR_FUNC(ASN1_F_ASN1_ITEM_DUP), "ASN1_item_dup"},
106 {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW), "ASN1_ITEM_EX_COMBINE_NEW"},
107 {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_D2I), "ASN1_ITEM_EX_D2I"},
108 {ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_BIO), "ASN1_item_i2d_bio"},
109 {ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_FP), "ASN1_item_i2d_fp"},
110 {ERR_FUNC(ASN1_F_ASN1_ITEM_PACK), "ASN1_item_pack"},
111 {ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN), "ASN1_item_sign"},
112 {ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN_CTX), "ASN1_item_sign_ctx"},
113 {ERR_FUNC(ASN1_F_ASN1_ITEM_UNPACK), "ASN1_item_unpack"},
114 {ERR_FUNC(ASN1_F_ASN1_ITEM_VERIFY), "ASN1_item_verify"},
115 {ERR_FUNC(ASN1_F_ASN1_MBSTRING_NCOPY), "ASN1_mbstring_ncopy"},
116 {ERR_FUNC(ASN1_F_ASN1_OBJECT_NEW), "ASN1_OBJECT_new"},
117 {ERR_FUNC(ASN1_F_ASN1_OUTPUT_DATA), "ASN1_OUTPUT_DATA"},
118 {ERR_FUNC(ASN1_F_ASN1_PACK_STRING), "ASN1_pack_string"},
119 {ERR_FUNC(ASN1_F_ASN1_PCTX_NEW), "ASN1_PCTX_new"},
120 {ERR_FUNC(ASN1_F_ASN1_PKCS5_PBE_SET), "ASN1_PKCS5_PBE_SET"},
121 {ERR_FUNC(ASN1_F_ASN1_SEQ_PACK), "ASN1_seq_pack"},
122 {ERR_FUNC(ASN1_F_ASN1_SEQ_UNPACK), "ASN1_seq_unpack"},
123 {ERR_FUNC(ASN1_F_ASN1_SIGN), "ASN1_sign"},
124 {ERR_FUNC(ASN1_F_ASN1_STR2TYPE), "ASN1_STR2TYPE"},
125 {ERR_FUNC(ASN1_F_ASN1_STRING_SET), "ASN1_STRING_set"},
126 {ERR_FUNC(ASN1_F_ASN1_STRING_TABLE_ADD), "ASN1_STRING_TABLE_add"},
127 {ERR_FUNC(ASN1_F_ASN1_STRING_TYPE_NEW), "ASN1_STRING_type_new"},
128 {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_EX_D2I), "ASN1_TEMPLATE_EX_D2I"},
129 {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NEW), "ASN1_TEMPLATE_NEW"},
130 {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I), "ASN1_TEMPLATE_NOEXP_D2I"},
131 {ERR_FUNC(ASN1_F_ASN1_TIME_ADJ), "ASN1_TIME_adj"},
132 {ERR_FUNC(ASN1_F_ASN1_TIME_SET), "ASN1_TIME_set"},
133 {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING), "ASN1_TYPE_get_int_octetstring"},
134 {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_OCTETSTRING), "ASN1_TYPE_get_octetstring"},
135 {ERR_FUNC(ASN1_F_ASN1_UNPACK_STRING), "ASN1_unpack_string"},
136 {ERR_FUNC(ASN1_F_ASN1_UTCTIME_ADJ), "ASN1_UTCTIME_adj"},
137 {ERR_FUNC(ASN1_F_ASN1_UTCTIME_SET), "ASN1_UTCTIME_set"},
138 {ERR_FUNC(ASN1_F_ASN1_VERIFY), "ASN1_verify"},
139 {ERR_FUNC(ASN1_F_B64_READ_ASN1), "B64_READ_ASN1"},
140 {ERR_FUNC(ASN1_F_B64_WRITE_ASN1), "B64_WRITE_ASN1"},
141 {ERR_FUNC(ASN1_F_BIO_NEW_NDEF), "BIO_new_NDEF"},
142 {ERR_FUNC(ASN1_F_BITSTR_CB), "BITSTR_CB"},
143 {ERR_FUNC(ASN1_F_BN_TO_ASN1_ENUMERATED), "BN_to_ASN1_ENUMERATED"},
144 {ERR_FUNC(ASN1_F_BN_TO_ASN1_INTEGER), "BN_to_ASN1_INTEGER"},
145 {ERR_FUNC(ASN1_F_C2I_ASN1_BIT_STRING), "c2i_ASN1_BIT_STRING"},
146 {ERR_FUNC(ASN1_F_C2I_ASN1_INTEGER), "c2i_ASN1_INTEGER"},
147 {ERR_FUNC(ASN1_F_C2I_ASN1_OBJECT), "c2i_ASN1_OBJECT"},
148 {ERR_FUNC(ASN1_F_COLLECT_DATA), "COLLECT_DATA"},
149 {ERR_FUNC(ASN1_F_D2I_ASN1_BIT_STRING), "D2I_ASN1_BIT_STRING"},
150 {ERR_FUNC(ASN1_F_D2I_ASN1_BOOLEAN), "d2i_ASN1_BOOLEAN"},
151 {ERR_FUNC(ASN1_F_D2I_ASN1_BYTES), "d2i_ASN1_bytes"},
152 {ERR_FUNC(ASN1_F_D2I_ASN1_GENERALIZEDTIME), "D2I_ASN1_GENERALIZEDTIME"},
153 {ERR_FUNC(ASN1_F_D2I_ASN1_HEADER), "D2I_ASN1_HEADER"},
154 {ERR_FUNC(ASN1_F_D2I_ASN1_INTEGER), "D2I_ASN1_INTEGER"},
155 {ERR_FUNC(ASN1_F_D2I_ASN1_OBJECT), "d2i_ASN1_OBJECT"},
156 {ERR_FUNC(ASN1_F_D2I_ASN1_SET), "d2i_ASN1_SET"},
157 {ERR_FUNC(ASN1_F_D2I_ASN1_TYPE_BYTES), "d2i_ASN1_type_bytes"},
158 {ERR_FUNC(ASN1_F_D2I_ASN1_UINTEGER), "d2i_ASN1_UINTEGER"},
159 {ERR_FUNC(ASN1_F_D2I_ASN1_UTCTIME), "D2I_ASN1_UTCTIME"},
160 {ERR_FUNC(ASN1_F_D2I_AUTOPRIVATEKEY), "d2i_AutoPrivateKey"},
161 {ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA), "d2i_Netscape_RSA"},
162 {ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA_2), "D2I_NETSCAPE_RSA_2"},
163 {ERR_FUNC(ASN1_F_D2I_PRIVATEKEY), "d2i_PrivateKey"},
164 {ERR_FUNC(ASN1_F_D2I_PUBLICKEY), "d2i_PublicKey"},
165 {ERR_FUNC(ASN1_F_D2I_RSA_NET), "d2i_RSA_NET"},
166 {ERR_FUNC(ASN1_F_D2I_RSA_NET_2), "D2I_RSA_NET_2"},
167 {ERR_FUNC(ASN1_F_D2I_X509), "D2I_X509"},
168 {ERR_FUNC(ASN1_F_D2I_X509_CINF), "D2I_X509_CINF"},
169 {ERR_FUNC(ASN1_F_D2I_X509_PKEY), "d2i_X509_PKEY"},
170 {ERR_FUNC(ASN1_F_I2D_ASN1_BIO_STREAM), "i2d_ASN1_bio_stream"},
171 {ERR_FUNC(ASN1_F_I2D_ASN1_SET), "i2d_ASN1_SET"},
172 {ERR_FUNC(ASN1_F_I2D_ASN1_TIME), "I2D_ASN1_TIME"},
173 {ERR_FUNC(ASN1_F_I2D_DSA_PUBKEY), "i2d_DSA_PUBKEY"},
174 {ERR_FUNC(ASN1_F_I2D_EC_PUBKEY), "i2d_EC_PUBKEY"},
175 {ERR_FUNC(ASN1_F_I2D_PRIVATEKEY), "i2d_PrivateKey"},
176 {ERR_FUNC(ASN1_F_I2D_PUBLICKEY), "i2d_PublicKey"},
177 {ERR_FUNC(ASN1_F_I2D_RSA_NET), "i2d_RSA_NET"},
178 {ERR_FUNC(ASN1_F_I2D_RSA_PUBKEY), "i2d_RSA_PUBKEY"},
179 {ERR_FUNC(ASN1_F_LONG_C2I), "LONG_C2I"},
180 {ERR_FUNC(ASN1_F_OID_MODULE_INIT), "OID_MODULE_INIT"},
181 {ERR_FUNC(ASN1_F_PARSE_TAGGING), "PARSE_TAGGING"},
182 {ERR_FUNC(ASN1_F_PKCS5_PBE2_SET_IV), "PKCS5_pbe2_set_iv"},
183 {ERR_FUNC(ASN1_F_PKCS5_PBE_SET), "PKCS5_pbe_set"},
184 {ERR_FUNC(ASN1_F_PKCS5_PBE_SET0_ALGOR), "PKCS5_pbe_set0_algor"},
185 {ERR_FUNC(ASN1_F_PKCS5_PBKDF2_SET), "PKCS5_pbkdf2_set"},
186 {ERR_FUNC(ASN1_F_SMIME_READ_ASN1), "SMIME_read_ASN1"},
187 {ERR_FUNC(ASN1_F_SMIME_TEXT), "SMIME_text"},
188 {ERR_FUNC(ASN1_F_X509_CINF_NEW), "X509_CINF_NEW"},
189 {ERR_FUNC(ASN1_F_X509_CRL_ADD0_REVOKED), "X509_CRL_add0_revoked"},
190 {ERR_FUNC(ASN1_F_X509_INFO_NEW), "X509_INFO_new"},
191 {ERR_FUNC(ASN1_F_X509_NAME_ENCODE), "X509_NAME_ENCODE"},
192 {ERR_FUNC(ASN1_F_X509_NAME_EX_D2I), "X509_NAME_EX_D2I"},
193 {ERR_FUNC(ASN1_F_X509_NAME_EX_NEW), "X509_NAME_EX_NEW"},
194 {ERR_FUNC(ASN1_F_X509_NEW), "X509_NEW"},
195 {ERR_FUNC(ASN1_F_X509_PKEY_NEW), "X509_PKEY_new"},
196 {0, NULL}
197};
198
199static ERR_STRING_DATA ASN1_str_reasons[] = {
200 {ERR_REASON(ASN1_R_ADDING_OBJECT) , "adding object"},
201 {ERR_REASON(ASN1_R_ASN1_PARSE_ERROR) , "asn1 parse error"},
202 {ERR_REASON(ASN1_R_ASN1_SIG_PARSE_ERROR) , "asn1 sig parse error"},
203 {ERR_REASON(ASN1_R_AUX_ERROR) , "aux error"},
204 {ERR_REASON(ASN1_R_BAD_CLASS) , "bad class"},
205 {ERR_REASON(ASN1_R_BAD_OBJECT_HEADER) , "bad object header"},
206 {ERR_REASON(ASN1_R_BAD_PASSWORD_READ) , "bad password read"},
207 {ERR_REASON(ASN1_R_BAD_TAG) , "bad tag"},
208 {ERR_REASON(ASN1_R_BMPSTRING_IS_WRONG_LENGTH), "bmpstring is wrong length"},
209 {ERR_REASON(ASN1_R_BN_LIB) , "bn lib"},
210 {ERR_REASON(ASN1_R_BOOLEAN_IS_WRONG_LENGTH), "boolean is wrong length"},
211 {ERR_REASON(ASN1_R_BUFFER_TOO_SMALL) , "buffer too small"},
212 {ERR_REASON(ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER), "cipher has no object identifier"},
213 {ERR_REASON(ASN1_R_CONTEXT_NOT_INITIALISED), "context not initialised"},
214 {ERR_REASON(ASN1_R_DATA_IS_WRONG) , "data is wrong"},
215 {ERR_REASON(ASN1_R_DECODE_ERROR) , "decode error"},
216 {ERR_REASON(ASN1_R_DECODING_ERROR) , "decoding error"},
217 {ERR_REASON(ASN1_R_DEPTH_EXCEEDED) , "depth exceeded"},
218 {ERR_REASON(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED), "digest and key type not supported"},
219 {ERR_REASON(ASN1_R_ENCODE_ERROR) , "encode error"},
220 {ERR_REASON(ASN1_R_ERROR_GETTING_TIME) , "error getting time"},
221 {ERR_REASON(ASN1_R_ERROR_LOADING_SECTION), "error loading section"},
222 {ERR_REASON(ASN1_R_ERROR_PARSING_SET_ELEMENT), "error parsing set element"},
223 {ERR_REASON(ASN1_R_ERROR_SETTING_CIPHER_PARAMS), "error setting cipher params"},
224 {ERR_REASON(ASN1_R_EXPECTING_AN_INTEGER) , "expecting an integer"},
225 {ERR_REASON(ASN1_R_EXPECTING_AN_OBJECT) , "expecting an object"},
226 {ERR_REASON(ASN1_R_EXPECTING_A_BOOLEAN) , "expecting a boolean"},
227 {ERR_REASON(ASN1_R_EXPECTING_A_TIME) , "expecting a time"},
228 {ERR_REASON(ASN1_R_EXPLICIT_LENGTH_MISMATCH), "explicit length mismatch"},
229 {ERR_REASON(ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED), "explicit tag not constructed"},
230 {ERR_REASON(ASN1_R_FIELD_MISSING) , "field missing"},
231 {ERR_REASON(ASN1_R_FIRST_NUM_TOO_LARGE) , "first num too large"},
232 {ERR_REASON(ASN1_R_HEADER_TOO_LONG) , "header too long"},
233 {ERR_REASON(ASN1_R_ILLEGAL_BITSTRING_FORMAT), "illegal bitstring format"},
234 {ERR_REASON(ASN1_R_ILLEGAL_BOOLEAN) , "illegal boolean"},
235 {ERR_REASON(ASN1_R_ILLEGAL_CHARACTERS) , "illegal characters"},
236 {ERR_REASON(ASN1_R_ILLEGAL_FORMAT) , "illegal format"},
237 {ERR_REASON(ASN1_R_ILLEGAL_HEX) , "illegal hex"},
238 {ERR_REASON(ASN1_R_ILLEGAL_IMPLICIT_TAG) , "illegal implicit tag"},
239 {ERR_REASON(ASN1_R_ILLEGAL_INTEGER) , "illegal integer"},
240 {ERR_REASON(ASN1_R_ILLEGAL_NESTED_TAGGING), "illegal nested tagging"},
241 {ERR_REASON(ASN1_R_ILLEGAL_NULL) , "illegal null"},
242 {ERR_REASON(ASN1_R_ILLEGAL_NULL_VALUE) , "illegal null value"},
243 {ERR_REASON(ASN1_R_ILLEGAL_OBJECT) , "illegal object"},
244 {ERR_REASON(ASN1_R_ILLEGAL_OPTIONAL_ANY) , "illegal optional any"},
245 {ERR_REASON(ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE), "illegal options on item template"},
246 {ERR_REASON(ASN1_R_ILLEGAL_TAGGED_ANY) , "illegal tagged any"},
247 {ERR_REASON(ASN1_R_ILLEGAL_TIME_VALUE) , "illegal time value"},
248 {ERR_REASON(ASN1_R_INTEGER_NOT_ASCII_FORMAT), "integer not ascii format"},
249 {ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG), "integer too large for long"},
250 {ERR_REASON(ASN1_R_INVALID_BIT_STRING_BITS_LEFT), "invalid bit string bits left"},
251 {ERR_REASON(ASN1_R_INVALID_BMPSTRING_LENGTH), "invalid bmpstring length"},
252 {ERR_REASON(ASN1_R_INVALID_DIGIT) , "invalid digit"},
253 {ERR_REASON(ASN1_R_INVALID_MIME_TYPE) , "invalid mime type"},
254 {ERR_REASON(ASN1_R_INVALID_MODIFIER) , "invalid modifier"},
255 {ERR_REASON(ASN1_R_INVALID_NUMBER) , "invalid number"},
256 {ERR_REASON(ASN1_R_INVALID_OBJECT_ENCODING), "invalid object encoding"},
257 {ERR_REASON(ASN1_R_INVALID_SEPARATOR) , "invalid separator"},
258 {ERR_REASON(ASN1_R_INVALID_TIME_FORMAT) , "invalid time format"},
259 {ERR_REASON(ASN1_R_INVALID_UNIVERSALSTRING_LENGTH), "invalid universalstring length"},
260 {ERR_REASON(ASN1_R_INVALID_UTF8STRING) , "invalid utf8string"},
261 {ERR_REASON(ASN1_R_IV_TOO_LARGE) , "iv too large"},
262 {ERR_REASON(ASN1_R_LENGTH_ERROR) , "length error"},
263 {ERR_REASON(ASN1_R_LIST_ERROR) , "list error"},
264 {ERR_REASON(ASN1_R_MIME_NO_CONTENT_TYPE) , "mime no content type"},
265 {ERR_REASON(ASN1_R_MIME_PARSE_ERROR) , "mime parse error"},
266 {ERR_REASON(ASN1_R_MIME_SIG_PARSE_ERROR) , "mime sig parse error"},
267 {ERR_REASON(ASN1_R_MISSING_EOC) , "missing eoc"},
268 {ERR_REASON(ASN1_R_MISSING_SECOND_NUMBER), "missing second number"},
269 {ERR_REASON(ASN1_R_MISSING_VALUE) , "missing value"},
270 {ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL), "mstring not universal"},
271 {ERR_REASON(ASN1_R_MSTRING_WRONG_TAG) , "mstring wrong tag"},
272 {ERR_REASON(ASN1_R_NESTED_ASN1_STRING) , "nested asn1 string"},
273 {ERR_REASON(ASN1_R_NON_HEX_CHARACTERS) , "non hex characters"},
274 {ERR_REASON(ASN1_R_NOT_ASCII_FORMAT) , "not ascii format"},
275 {ERR_REASON(ASN1_R_NOT_ENOUGH_DATA) , "not enough data"},
276 {ERR_REASON(ASN1_R_NO_CONTENT_TYPE) , "no content type"},
277 {ERR_REASON(ASN1_R_NO_DEFAULT_DIGEST) , "no default digest"},
278 {ERR_REASON(ASN1_R_NO_MATCHING_CHOICE_TYPE), "no matching choice type"},
279 {ERR_REASON(ASN1_R_NO_MULTIPART_BODY_FAILURE), "no multipart body failure"},
280 {ERR_REASON(ASN1_R_NO_MULTIPART_BOUNDARY), "no multipart boundary"},
281 {ERR_REASON(ASN1_R_NO_SIG_CONTENT_TYPE) , "no sig content type"},
282 {ERR_REASON(ASN1_R_NULL_IS_WRONG_LENGTH) , "null is wrong length"},
283 {ERR_REASON(ASN1_R_OBJECT_NOT_ASCII_FORMAT), "object not ascii format"},
284 {ERR_REASON(ASN1_R_ODD_NUMBER_OF_CHARS) , "odd number of chars"},
285 {ERR_REASON(ASN1_R_PRIVATE_KEY_HEADER_MISSING), "private key header missing"},
286 {ERR_REASON(ASN1_R_SECOND_NUMBER_TOO_LARGE), "second number too large"},
287 {ERR_REASON(ASN1_R_SEQUENCE_LENGTH_MISMATCH), "sequence length mismatch"},
288 {ERR_REASON(ASN1_R_SEQUENCE_NOT_CONSTRUCTED), "sequence not constructed"},
289 {ERR_REASON(ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG), "sequence or set needs config"},
290 {ERR_REASON(ASN1_R_SHORT_LINE) , "short line"},
291 {ERR_REASON(ASN1_R_SIG_INVALID_MIME_TYPE), "sig invalid mime type"},
292 {ERR_REASON(ASN1_R_STREAMING_NOT_SUPPORTED), "streaming not supported"},
293 {ERR_REASON(ASN1_R_STRING_TOO_LONG) , "string too long"},
294 {ERR_REASON(ASN1_R_STRING_TOO_SHORT) , "string too short"},
295 {ERR_REASON(ASN1_R_TAG_VALUE_TOO_HIGH) , "tag value too high"},
296 {ERR_REASON(ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD), "the asn1 object identifier is not known for this md"},
297 {ERR_REASON(ASN1_R_TIME_NOT_ASCII_FORMAT), "time not ascii format"},
298 {ERR_REASON(ASN1_R_TOO_LONG) , "too long"},
299 {ERR_REASON(ASN1_R_TYPE_NOT_CONSTRUCTED) , "type not constructed"},
300 {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY), "unable to decode rsa key"},
301 {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY), "unable to decode rsa private key"},
302 {ERR_REASON(ASN1_R_UNEXPECTED_EOC) , "unexpected eoc"},
303 {ERR_REASON(ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH), "universalstring is wrong length"},
304 {ERR_REASON(ASN1_R_UNKNOWN_FORMAT) , "unknown format"},
305 {ERR_REASON(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM), "unknown message digest algorithm"},
306 {ERR_REASON(ASN1_R_UNKNOWN_OBJECT_TYPE) , "unknown object type"},
307 {ERR_REASON(ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE), "unknown public key type"},
308 {ERR_REASON(ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM), "unknown signature algorithm"},
309 {ERR_REASON(ASN1_R_UNKNOWN_TAG) , "unknown tag"},
310 {ERR_REASON(ASN1_R_UNKOWN_FORMAT) , "unknown format"},
311 {ERR_REASON(ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE), "unsupported any defined by type"},
312 {ERR_REASON(ASN1_R_UNSUPPORTED_CIPHER) , "unsupported cipher"},
313 {ERR_REASON(ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM), "unsupported encryption algorithm"},
314 {ERR_REASON(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE), "unsupported public key type"},
315 {ERR_REASON(ASN1_R_UNSUPPORTED_TYPE) , "unsupported type"},
316 {ERR_REASON(ASN1_R_WRONG_PUBLIC_KEY_TYPE), "wrong public key type"},
317 {ERR_REASON(ASN1_R_WRONG_TAG) , "wrong tag"},
318 {ERR_REASON(ASN1_R_WRONG_TYPE) , "wrong type"},
319 {0, NULL}
320};
321
322#endif
323
324void
325ERR_load_ASN1_strings(void)
326{
327#ifndef OPENSSL_NO_ERR
328 if (ERR_func_error_string(ASN1_str_functs[0].error) == NULL) {
329 ERR_load_strings(0, ASN1_str_functs);
330 ERR_load_strings(0, ASN1_str_reasons);
331 }
332#endif
333}
diff --git a/src/lib/libcrypto/asn1/asn1_gen.c b/src/lib/libcrypto/asn1/asn1_gen.c
deleted file mode 100644
index 08a5dec4a6..0000000000
--- a/src/lib/libcrypto/asn1/asn1_gen.c
+++ /dev/null
@@ -1,811 +0,0 @@
1/* $OpenBSD: asn1_gen.c,v 1.14 2015/07/18 14:40:59 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2002.
4 */
5/* ====================================================================
6 * Copyright (c) 2002 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <string.h>
60
61#include <openssl/asn1.h>
62#include <openssl/err.h>
63#include <openssl/x509v3.h>
64
65#define ASN1_GEN_FLAG 0x10000
66#define ASN1_GEN_FLAG_IMP (ASN1_GEN_FLAG|1)
67#define ASN1_GEN_FLAG_EXP (ASN1_GEN_FLAG|2)
68#define ASN1_GEN_FLAG_TAG (ASN1_GEN_FLAG|3)
69#define ASN1_GEN_FLAG_BITWRAP (ASN1_GEN_FLAG|4)
70#define ASN1_GEN_FLAG_OCTWRAP (ASN1_GEN_FLAG|5)
71#define ASN1_GEN_FLAG_SEQWRAP (ASN1_GEN_FLAG|6)
72#define ASN1_GEN_FLAG_SETWRAP (ASN1_GEN_FLAG|7)
73#define ASN1_GEN_FLAG_FORMAT (ASN1_GEN_FLAG|8)
74
75#define ASN1_GEN_STR(str,val){str, sizeof(str) - 1, val}
76
77#define ASN1_FLAG_EXP_MAX 20
78
79/* Input formats */
80
81/* ASCII: default */
82#define ASN1_GEN_FORMAT_ASCII 1
83/* UTF8 */
84#define ASN1_GEN_FORMAT_UTF8 2
85/* Hex */
86#define ASN1_GEN_FORMAT_HEX 3
87/* List of bits */
88#define ASN1_GEN_FORMAT_BITLIST 4
89
90struct tag_name_st {
91 const char *strnam;
92 int len;
93 int tag;
94};
95
96typedef struct {
97 int exp_tag;
98 int exp_class;
99 int exp_constructed;
100 int exp_pad;
101 long exp_len;
102} tag_exp_type;
103
104typedef struct {
105 int imp_tag;
106 int imp_class;
107 int utype;
108 int format;
109 const char *str;
110 tag_exp_type exp_list[ASN1_FLAG_EXP_MAX];
111 int exp_count;
112} tag_exp_arg;
113
114static int bitstr_cb(const char *elem, int len, void *bitstr);
115static int asn1_cb(const char *elem, int len, void *bitstr);
116static int append_exp(tag_exp_arg *arg, int exp_tag, int exp_class,
117 int exp_constructed, int exp_pad, int imp_ok);
118static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass);
119static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf);
120static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype);
121static int asn1_str2tag(const char *tagstr, int len);
122
123ASN1_TYPE *
124ASN1_generate_nconf(char *str, CONF *nconf)
125{
126 X509V3_CTX cnf;
127
128 if (!nconf)
129 return ASN1_generate_v3(str, NULL);
130
131 X509V3_set_nconf(&cnf, nconf);
132 return ASN1_generate_v3(str, &cnf);
133}
134
135ASN1_TYPE *
136ASN1_generate_v3(char *str, X509V3_CTX *cnf)
137{
138 ASN1_TYPE *ret;
139 tag_exp_arg asn1_tags;
140 tag_exp_type *etmp;
141
142 int i, len;
143
144 unsigned char *orig_der = NULL, *new_der = NULL;
145 const unsigned char *cpy_start;
146 unsigned char *p;
147 const unsigned char *cp;
148 int cpy_len;
149 long hdr_len;
150 int hdr_constructed = 0, hdr_tag, hdr_class;
151 int r;
152
153 asn1_tags.imp_tag = -1;
154 asn1_tags.imp_class = -1;
155 asn1_tags.format = ASN1_GEN_FORMAT_ASCII;
156 asn1_tags.exp_count = 0;
157 if (CONF_parse_list(str, ',', 1, asn1_cb, &asn1_tags) != 0)
158 return NULL;
159
160 if ((asn1_tags.utype == V_ASN1_SEQUENCE) ||
161 (asn1_tags.utype == V_ASN1_SET)) {
162 if (!cnf) {
163 ASN1err(ASN1_F_ASN1_GENERATE_V3,
164 ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG);
165 return NULL;
166 }
167 ret = asn1_multi(asn1_tags.utype, asn1_tags.str, cnf);
168 } else
169 ret = asn1_str2type(asn1_tags.str, asn1_tags.format,
170 asn1_tags.utype);
171
172 if (!ret)
173 return NULL;
174
175 /* If no tagging return base type */
176 if ((asn1_tags.imp_tag == -1) && (asn1_tags.exp_count == 0))
177 return ret;
178
179 /* Generate the encoding */
180 cpy_len = i2d_ASN1_TYPE(ret, &orig_der);
181 ASN1_TYPE_free(ret);
182 ret = NULL;
183 /* Set point to start copying for modified encoding */
184 cpy_start = orig_der;
185
186 /* Do we need IMPLICIT tagging? */
187 if (asn1_tags.imp_tag != -1) {
188 /* If IMPLICIT we will replace the underlying tag */
189 /* Skip existing tag+len */
190 r = ASN1_get_object(&cpy_start, &hdr_len, &hdr_tag,
191 &hdr_class, cpy_len);
192 if (r & 0x80)
193 goto err;
194 /* Update copy length */
195 cpy_len -= cpy_start - orig_der;
196 /* For IMPLICIT tagging the length should match the
197 * original length and constructed flag should be
198 * consistent.
199 */
200 if (r & 0x1) {
201 /* Indefinite length constructed */
202 hdr_constructed = 2;
203 hdr_len = 0;
204 } else
205 /* Just retain constructed flag */
206 hdr_constructed = r & V_ASN1_CONSTRUCTED;
207 /* Work out new length with IMPLICIT tag: ignore constructed
208 * because it will mess up if indefinite length
209 */
210 len = ASN1_object_size(0, hdr_len, asn1_tags.imp_tag);
211 } else
212 len = cpy_len;
213
214 /* Work out length in any EXPLICIT, starting from end */
215
216 for (i = 0, etmp = asn1_tags.exp_list + asn1_tags.exp_count - 1;
217 i < asn1_tags.exp_count; i++, etmp--) {
218 /* Content length: number of content octets + any padding */
219 len += etmp->exp_pad;
220 etmp->exp_len = len;
221 /* Total object length: length including new header */
222 len = ASN1_object_size(0, len, etmp->exp_tag);
223 }
224
225 /* Allocate buffer for new encoding */
226
227 new_der = malloc(len);
228 if (!new_der)
229 goto err;
230
231 /* Generate tagged encoding */
232 p = new_der;
233
234 /* Output explicit tags first */
235 for (i = 0, etmp = asn1_tags.exp_list; i < asn1_tags.exp_count;
236 i++, etmp++) {
237 ASN1_put_object(&p, etmp->exp_constructed, etmp->exp_len,
238 etmp->exp_tag, etmp->exp_class);
239 if (etmp->exp_pad)
240 *p++ = 0;
241 }
242
243 /* If IMPLICIT, output tag */
244
245 if (asn1_tags.imp_tag != -1) {
246 if (asn1_tags.imp_class == V_ASN1_UNIVERSAL &&
247 (asn1_tags.imp_tag == V_ASN1_SEQUENCE ||
248 asn1_tags.imp_tag == V_ASN1_SET))
249 hdr_constructed = V_ASN1_CONSTRUCTED;
250 ASN1_put_object(&p, hdr_constructed, hdr_len,
251 asn1_tags.imp_tag, asn1_tags.imp_class);
252 }
253
254 /* Copy across original encoding */
255 memcpy(p, cpy_start, cpy_len);
256
257 cp = new_der;
258
259 /* Obtain new ASN1_TYPE structure */
260 ret = d2i_ASN1_TYPE(NULL, &cp, len);
261
262err:
263 free(orig_der);
264 free(new_der);
265
266 return ret;
267}
268
269static int
270asn1_cb(const char *elem, int len, void *bitstr)
271{
272 tag_exp_arg *arg = bitstr;
273 int i;
274 int utype;
275 int vlen = 0;
276 const char *p, *vstart = NULL;
277
278 int tmp_tag, tmp_class;
279
280 for (i = 0, p = elem; i < len; p++, i++) {
281 /* Look for the ':' in name value pairs */
282 if (*p == ':') {
283 vstart = p + 1;
284 vlen = len - (vstart - elem);
285 len = p - elem;
286 break;
287 }
288 }
289
290 utype = asn1_str2tag(elem, len);
291
292 if (utype == -1) {
293 ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKNOWN_TAG);
294 ERR_asprintf_error_data("tag=%s", elem);
295 return -1;
296 }
297
298 /* If this is not a modifier mark end of string and exit */
299 if (!(utype & ASN1_GEN_FLAG)) {
300 arg->utype = utype;
301 arg->str = vstart;
302 /* If no value and not end of string, error */
303 if (!vstart && elem[len]) {
304 ASN1err(ASN1_F_ASN1_CB, ASN1_R_MISSING_VALUE);
305 return -1;
306 }
307 return 0;
308 }
309
310 switch (utype) {
311
312 case ASN1_GEN_FLAG_IMP:
313 /* Check for illegal multiple IMPLICIT tagging */
314 if (arg->imp_tag != -1) {
315 ASN1err(ASN1_F_ASN1_CB, ASN1_R_ILLEGAL_NESTED_TAGGING);
316 return -1;
317 }
318 if (!parse_tagging(vstart, vlen, &arg->imp_tag,
319 &arg->imp_class))
320 return -1;
321 break;
322
323 case ASN1_GEN_FLAG_EXP:
324 if (!parse_tagging(vstart, vlen, &tmp_tag, &tmp_class))
325 return -1;
326 if (!append_exp(arg, tmp_tag, tmp_class, 1, 0, 0))
327 return -1;
328 break;
329
330 case ASN1_GEN_FLAG_SEQWRAP:
331 if (!append_exp(arg, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, 1, 0, 1))
332 return -1;
333 break;
334
335 case ASN1_GEN_FLAG_SETWRAP:
336 if (!append_exp(arg, V_ASN1_SET, V_ASN1_UNIVERSAL, 1, 0, 1))
337 return -1;
338 break;
339
340 case ASN1_GEN_FLAG_BITWRAP:
341 if (!append_exp(arg, V_ASN1_BIT_STRING, V_ASN1_UNIVERSAL, 0, 1, 1))
342 return -1;
343 break;
344
345 case ASN1_GEN_FLAG_OCTWRAP:
346 if (!append_exp(arg, V_ASN1_OCTET_STRING, V_ASN1_UNIVERSAL, 0, 0, 1))
347 return -1;
348 break;
349
350 case ASN1_GEN_FLAG_FORMAT:
351 if (vstart == NULL) {
352 ASN1err(ASN1_F_ASN1_CB, ASN1_R_ILLEGAL_FORMAT);
353 return -1;
354 }
355 if (!strncmp(vstart, "ASCII", 5))
356 arg->format = ASN1_GEN_FORMAT_ASCII;
357 else if (!strncmp(vstart, "UTF8", 4))
358 arg->format = ASN1_GEN_FORMAT_UTF8;
359 else if (!strncmp(vstart, "HEX", 3))
360 arg->format = ASN1_GEN_FORMAT_HEX;
361 else if (!strncmp(vstart, "BITLIST", 7))
362 arg->format = ASN1_GEN_FORMAT_BITLIST;
363 else {
364 ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKOWN_FORMAT);
365 return -1;
366 }
367 break;
368
369 }
370
371 return 1;
372}
373
374static int
375parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass)
376{
377 long tag_num;
378 char *eptr;
379
380 if (!vstart)
381 return 0;
382 tag_num = strtoul(vstart, &eptr, 10);
383 /* Check we haven't gone past max length: should be impossible */
384 if (eptr && *eptr && (eptr > vstart + vlen))
385 return 0;
386 if (tag_num < 0) {
387 ASN1err(ASN1_F_PARSE_TAGGING, ASN1_R_INVALID_NUMBER);
388 return 0;
389 }
390 *ptag = tag_num;
391 /* If we have non numeric characters, parse them */
392 if (eptr)
393 vlen -= eptr - vstart;
394 else
395 vlen = 0;
396 if (vlen) {
397 switch (*eptr) {
398
399 case 'U':
400 *pclass = V_ASN1_UNIVERSAL;
401 break;
402
403 case 'A':
404 *pclass = V_ASN1_APPLICATION;
405 break;
406
407 case 'P':
408 *pclass = V_ASN1_PRIVATE;
409 break;
410
411 case 'C':
412 *pclass = V_ASN1_CONTEXT_SPECIFIC;
413 break;
414
415 default:
416 ASN1err(ASN1_F_PARSE_TAGGING, ASN1_R_INVALID_MODIFIER);
417 ERR_asprintf_error_data("Char=%c", *eptr);
418 return 0;
419 break;
420
421 }
422 } else
423 *pclass = V_ASN1_CONTEXT_SPECIFIC;
424
425 return 1;
426
427}
428
429/* Handle multiple types: SET and SEQUENCE */
430
431static ASN1_TYPE *
432asn1_multi(int utype, const char *section, X509V3_CTX *cnf)
433{
434 ASN1_TYPE *ret = NULL;
435 STACK_OF(ASN1_TYPE) *sk = NULL;
436 STACK_OF(CONF_VALUE) *sect = NULL;
437 unsigned char *der = NULL;
438 int derlen;
439 int i;
440 sk = sk_ASN1_TYPE_new_null();
441 if (!sk)
442 goto bad;
443 if (section) {
444 if (!cnf)
445 goto bad;
446 sect = X509V3_get_section(cnf, (char *)section);
447 if (!sect)
448 goto bad;
449 for (i = 0; i < sk_CONF_VALUE_num(sect); i++) {
450 ASN1_TYPE *typ = ASN1_generate_v3(
451 sk_CONF_VALUE_value(sect, i)->value, cnf);
452 if (!typ)
453 goto bad;
454 if (!sk_ASN1_TYPE_push(sk, typ))
455 goto bad;
456 }
457 }
458
459 /* Now we has a STACK of the components, convert to the correct form */
460
461 if (utype == V_ASN1_SET)
462 derlen = i2d_ASN1_SET_ANY(sk, &der);
463 else
464 derlen = i2d_ASN1_SEQUENCE_ANY(sk, &der);
465
466 if (derlen < 0)
467 goto bad;
468
469 if (!(ret = ASN1_TYPE_new()))
470 goto bad;
471
472 if (!(ret->value.asn1_string = ASN1_STRING_type_new(utype)))
473 goto bad;
474
475 ret->type = utype;
476
477 ret->value.asn1_string->data = der;
478 ret->value.asn1_string->length = derlen;
479
480 der = NULL;
481
482bad:
483 free(der);
484 if (sk)
485 sk_ASN1_TYPE_pop_free(sk, ASN1_TYPE_free);
486 if (sect)
487 X509V3_section_free(cnf, sect);
488
489 return ret;
490}
491
492static int
493append_exp(tag_exp_arg *arg, int exp_tag, int exp_class, int exp_constructed,
494 int exp_pad, int imp_ok)
495{
496 tag_exp_type *exp_tmp;
497
498 /* Can only have IMPLICIT if permitted */
499 if ((arg->imp_tag != -1) && !imp_ok) {
500 ASN1err(ASN1_F_APPEND_EXP, ASN1_R_ILLEGAL_IMPLICIT_TAG);
501 return 0;
502 }
503
504 if (arg->exp_count == ASN1_FLAG_EXP_MAX) {
505 ASN1err(ASN1_F_APPEND_EXP, ASN1_R_DEPTH_EXCEEDED);
506 return 0;
507 }
508
509 exp_tmp = &arg->exp_list[arg->exp_count++];
510
511 /* If IMPLICIT set tag to implicit value then
512 * reset implicit tag since it has been used.
513 */
514 if (arg->imp_tag != -1) {
515 exp_tmp->exp_tag = arg->imp_tag;
516 exp_tmp->exp_class = arg->imp_class;
517 arg->imp_tag = -1;
518 arg->imp_class = -1;
519 } else {
520 exp_tmp->exp_tag = exp_tag;
521 exp_tmp->exp_class = exp_class;
522 }
523 exp_tmp->exp_constructed = exp_constructed;
524 exp_tmp->exp_pad = exp_pad;
525
526 return 1;
527}
528
529static int
530asn1_str2tag(const char *tagstr, int len)
531{
532 unsigned int i;
533 static const struct tag_name_st *tntmp, tnst [] = {
534 ASN1_GEN_STR("BOOL", V_ASN1_BOOLEAN),
535 ASN1_GEN_STR("BOOLEAN", V_ASN1_BOOLEAN),
536 ASN1_GEN_STR("NULL", V_ASN1_NULL),
537 ASN1_GEN_STR("INT", V_ASN1_INTEGER),
538 ASN1_GEN_STR("INTEGER", V_ASN1_INTEGER),
539 ASN1_GEN_STR("ENUM", V_ASN1_ENUMERATED),
540 ASN1_GEN_STR("ENUMERATED", V_ASN1_ENUMERATED),
541 ASN1_GEN_STR("OID", V_ASN1_OBJECT),
542 ASN1_GEN_STR("OBJECT", V_ASN1_OBJECT),
543 ASN1_GEN_STR("UTCTIME", V_ASN1_UTCTIME),
544 ASN1_GEN_STR("UTC", V_ASN1_UTCTIME),
545 ASN1_GEN_STR("GENERALIZEDTIME", V_ASN1_GENERALIZEDTIME),
546 ASN1_GEN_STR("GENTIME", V_ASN1_GENERALIZEDTIME),
547 ASN1_GEN_STR("OCT", V_ASN1_OCTET_STRING),
548 ASN1_GEN_STR("OCTETSTRING", V_ASN1_OCTET_STRING),
549 ASN1_GEN_STR("BITSTR", V_ASN1_BIT_STRING),
550 ASN1_GEN_STR("BITSTRING", V_ASN1_BIT_STRING),
551 ASN1_GEN_STR("UNIVERSALSTRING", V_ASN1_UNIVERSALSTRING),
552 ASN1_GEN_STR("UNIV", V_ASN1_UNIVERSALSTRING),
553 ASN1_GEN_STR("IA5", V_ASN1_IA5STRING),
554 ASN1_GEN_STR("IA5STRING", V_ASN1_IA5STRING),
555 ASN1_GEN_STR("UTF8", V_ASN1_UTF8STRING),
556 ASN1_GEN_STR("UTF8String", V_ASN1_UTF8STRING),
557 ASN1_GEN_STR("BMP", V_ASN1_BMPSTRING),
558 ASN1_GEN_STR("BMPSTRING", V_ASN1_BMPSTRING),
559 ASN1_GEN_STR("VISIBLESTRING", V_ASN1_VISIBLESTRING),
560 ASN1_GEN_STR("VISIBLE", V_ASN1_VISIBLESTRING),
561 ASN1_GEN_STR("PRINTABLESTRING", V_ASN1_PRINTABLESTRING),
562 ASN1_GEN_STR("PRINTABLE", V_ASN1_PRINTABLESTRING),
563 ASN1_GEN_STR("T61", V_ASN1_T61STRING),
564 ASN1_GEN_STR("T61STRING", V_ASN1_T61STRING),
565 ASN1_GEN_STR("TELETEXSTRING", V_ASN1_T61STRING),
566 ASN1_GEN_STR("GeneralString", V_ASN1_GENERALSTRING),
567 ASN1_GEN_STR("GENSTR", V_ASN1_GENERALSTRING),
568 ASN1_GEN_STR("NUMERIC", V_ASN1_NUMERICSTRING),
569 ASN1_GEN_STR("NUMERICSTRING", V_ASN1_NUMERICSTRING),
570
571 /* Special cases */
572 ASN1_GEN_STR("SEQUENCE", V_ASN1_SEQUENCE),
573 ASN1_GEN_STR("SEQ", V_ASN1_SEQUENCE),
574 ASN1_GEN_STR("SET", V_ASN1_SET),
575 /* type modifiers */
576 /* Explicit tag */
577 ASN1_GEN_STR("EXP", ASN1_GEN_FLAG_EXP),
578 ASN1_GEN_STR("EXPLICIT", ASN1_GEN_FLAG_EXP),
579 /* Implicit tag */
580 ASN1_GEN_STR("IMP", ASN1_GEN_FLAG_IMP),
581 ASN1_GEN_STR("IMPLICIT", ASN1_GEN_FLAG_IMP),
582 /* OCTET STRING wrapper */
583 ASN1_GEN_STR("OCTWRAP", ASN1_GEN_FLAG_OCTWRAP),
584 /* SEQUENCE wrapper */
585 ASN1_GEN_STR("SEQWRAP", ASN1_GEN_FLAG_SEQWRAP),
586 /* SET wrapper */
587 ASN1_GEN_STR("SETWRAP", ASN1_GEN_FLAG_SETWRAP),
588 /* BIT STRING wrapper */
589 ASN1_GEN_STR("BITWRAP", ASN1_GEN_FLAG_BITWRAP),
590 ASN1_GEN_STR("FORM", ASN1_GEN_FLAG_FORMAT),
591 ASN1_GEN_STR("FORMAT", ASN1_GEN_FLAG_FORMAT),
592 };
593
594 if (len == -1)
595 len = strlen(tagstr);
596
597 tntmp = tnst;
598 for (i = 0; i < sizeof(tnst) / sizeof(struct tag_name_st);
599 i++, tntmp++) {
600 if ((len == tntmp->len) && !strncmp(tntmp->strnam, tagstr, len))
601 return tntmp->tag;
602 }
603
604 return -1;
605}
606
607static ASN1_TYPE *
608asn1_str2type(const char *str, int format, int utype)
609{
610 ASN1_TYPE *atmp = NULL;
611 CONF_VALUE vtmp;
612 unsigned char *rdata;
613 long rdlen;
614 int no_unused = 1;
615
616 if (!(atmp = ASN1_TYPE_new())) {
617 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
618 return NULL;
619 }
620
621 if (!str)
622 str = "";
623
624 switch (utype) {
625
626 case V_ASN1_NULL:
627 if (str && *str) {
628 ASN1err(ASN1_F_ASN1_STR2TYPE,
629 ASN1_R_ILLEGAL_NULL_VALUE);
630 goto bad_form;
631 }
632 break;
633
634 case V_ASN1_BOOLEAN:
635 if (format != ASN1_GEN_FORMAT_ASCII) {
636 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_NOT_ASCII_FORMAT);
637 goto bad_form;
638 }
639 vtmp.name = NULL;
640 vtmp.section = NULL;
641 vtmp.value = (char *)str;
642 if (!X509V3_get_value_bool(&vtmp, &atmp->value.boolean)) {
643 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_BOOLEAN);
644 goto bad_str;
645 }
646 break;
647
648 case V_ASN1_INTEGER:
649 case V_ASN1_ENUMERATED:
650 if (format != ASN1_GEN_FORMAT_ASCII) {
651 ASN1err(ASN1_F_ASN1_STR2TYPE,
652 ASN1_R_INTEGER_NOT_ASCII_FORMAT);
653 goto bad_form;
654 }
655 if (!(atmp->value.integer =
656 s2i_ASN1_INTEGER(NULL, (char *)str))) {
657 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_INTEGER);
658 goto bad_str;
659 }
660 break;
661
662 case V_ASN1_OBJECT:
663 if (format != ASN1_GEN_FORMAT_ASCII) {
664 ASN1err(ASN1_F_ASN1_STR2TYPE,
665 ASN1_R_OBJECT_NOT_ASCII_FORMAT);
666 goto bad_form;
667 }
668 if (!(atmp->value.object = OBJ_txt2obj(str, 0))) {
669 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_OBJECT);
670 goto bad_str;
671 }
672 break;
673
674 case V_ASN1_UTCTIME:
675 case V_ASN1_GENERALIZEDTIME:
676 if (format != ASN1_GEN_FORMAT_ASCII) {
677 ASN1err(ASN1_F_ASN1_STR2TYPE,
678 ASN1_R_TIME_NOT_ASCII_FORMAT);
679 goto bad_form;
680 }
681 if (!(atmp->value.asn1_string = ASN1_STRING_new())) {
682 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
683 goto bad_str;
684 }
685 if (!ASN1_STRING_set(atmp->value.asn1_string, str, -1)) {
686 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
687 goto bad_str;
688 }
689 atmp->value.asn1_string->type = utype;
690 if (!ASN1_TIME_check(atmp->value.asn1_string)) {
691 ASN1err(ASN1_F_ASN1_STR2TYPE,
692 ASN1_R_ILLEGAL_TIME_VALUE);
693 goto bad_str;
694 }
695 break;
696
697 case V_ASN1_BMPSTRING:
698 case V_ASN1_PRINTABLESTRING:
699 case V_ASN1_IA5STRING:
700 case V_ASN1_T61STRING:
701 case V_ASN1_UTF8STRING:
702 case V_ASN1_VISIBLESTRING:
703 case V_ASN1_UNIVERSALSTRING:
704 case V_ASN1_GENERALSTRING:
705 case V_ASN1_NUMERICSTRING:
706
707 if (format == ASN1_GEN_FORMAT_ASCII)
708 format = MBSTRING_ASC;
709 else if (format == ASN1_GEN_FORMAT_UTF8)
710 format = MBSTRING_UTF8;
711 else {
712 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_FORMAT);
713 goto bad_form;
714 }
715
716 if (ASN1_mbstring_copy(&atmp->value.asn1_string,
717 (unsigned char *)str, -1, format,
718 ASN1_tag2bit(utype)) <= 0) {
719 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
720 goto bad_str;
721 }
722 break;
723
724 case V_ASN1_BIT_STRING:
725 case V_ASN1_OCTET_STRING:
726 if (!(atmp->value.asn1_string = ASN1_STRING_new())) {
727 ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE);
728 goto bad_form;
729 }
730
731 if (format == ASN1_GEN_FORMAT_HEX) {
732
733 if (!(rdata = string_to_hex((char *)str, &rdlen))) {
734 ASN1err(ASN1_F_ASN1_STR2TYPE,
735 ASN1_R_ILLEGAL_HEX);
736 goto bad_str;
737 }
738
739 atmp->value.asn1_string->data = rdata;
740 atmp->value.asn1_string->length = rdlen;
741 atmp->value.asn1_string->type = utype;
742
743 } else if (format == ASN1_GEN_FORMAT_ASCII) {
744 if (ASN1_STRING_set(atmp->value.asn1_string, str,
745 -1) == 0) {
746 ASN1err(ASN1_F_ASN1_STR2TYPE,
747 ERR_R_MALLOC_FAILURE);
748 goto bad_str;
749 }
750 } else if ((format == ASN1_GEN_FORMAT_BITLIST) &&
751 (utype == V_ASN1_BIT_STRING)) {
752 if (!CONF_parse_list(str, ',', 1, bitstr_cb,
753 atmp->value.bit_string)) {
754 ASN1err(ASN1_F_ASN1_STR2TYPE,
755 ASN1_R_LIST_ERROR);
756 goto bad_str;
757 }
758 no_unused = 0;
759
760 } else {
761 ASN1err(ASN1_F_ASN1_STR2TYPE,
762 ASN1_R_ILLEGAL_BITSTRING_FORMAT);
763 goto bad_form;
764 }
765
766 if ((utype == V_ASN1_BIT_STRING) && no_unused) {
767 atmp->value.asn1_string->flags &=
768 ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07);
769 atmp->value.asn1_string->flags |=
770 ASN1_STRING_FLAG_BITS_LEFT;
771 }
772
773 break;
774
775 default:
776 ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_UNSUPPORTED_TYPE);
777 goto bad_str;
778 break;
779 }
780
781 atmp->type = utype;
782 return atmp;
783
784bad_str:
785 ERR_asprintf_error_data("string=%s", str);
786bad_form:
787 ASN1_TYPE_free(atmp);
788 return NULL;
789}
790
791static int
792bitstr_cb(const char *elem, int len, void *bitstr)
793{
794 long bitnum;
795 char *eptr;
796
797 if (!elem)
798 return 0;
799 bitnum = strtoul(elem, &eptr, 10);
800 if (eptr && *eptr && (eptr != elem + len))
801 return 0;
802 if (bitnum < 0) {
803 ASN1err(ASN1_F_BITSTR_CB, ASN1_R_INVALID_NUMBER);
804 return 0;
805 }
806 if (!ASN1_BIT_STRING_set_bit(bitstr, bitnum, 1)) {
807 ASN1err(ASN1_F_BITSTR_CB, ERR_R_MALLOC_FAILURE);
808 return 0;
809 }
810 return 1;
811}
diff --git a/src/lib/libcrypto/asn1/asn1_lib.c b/src/lib/libcrypto/asn1/asn1_lib.c
deleted file mode 100644
index 5d14a2780f..0000000000
--- a/src/lib/libcrypto/asn1/asn1_lib.c
+++ /dev/null
@@ -1,486 +0,0 @@
1/* $OpenBSD: asn1_lib.c,v 1.36 2015/07/29 14:53:20 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <limits.h>
60#include <stdio.h>
61#include <string.h>
62
63#include <openssl/asn1.h>
64#include <openssl/err.h>
65
66static int asn1_get_length(const unsigned char **pp, int *inf, long *rl, int max);
67static void asn1_put_length(unsigned char **pp, int length);
68
69static int
70_asn1_check_infinite_end(const unsigned char **p, long len)
71{
72 /* If there is 0 or 1 byte left, the length check should pick
73 * things up */
74 if (len <= 0)
75 return (1);
76 else if ((len >= 2) && ((*p)[0] == 0) && ((*p)[1] == 0)) {
77 (*p) += 2;
78 return (1);
79 }
80 return (0);
81}
82
83int
84ASN1_check_infinite_end(unsigned char **p, long len)
85{
86 return _asn1_check_infinite_end((const unsigned char **)p, len);
87}
88
89int
90ASN1_const_check_infinite_end(const unsigned char **p, long len)
91{
92 return _asn1_check_infinite_end(p, len);
93}
94
95int
96ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
97 int *pclass, long omax)
98{
99 int i, ret;
100 long l;
101 const unsigned char *p= *pp;
102 int tag, xclass, inf;
103 long max = omax;
104
105 if (!max)
106 goto err;
107 ret = (*p & V_ASN1_CONSTRUCTED);
108 xclass = (*p & V_ASN1_PRIVATE);
109 i= *p & V_ASN1_PRIMITIVE_TAG;
110 if (i == V_ASN1_PRIMITIVE_TAG) { /* high-tag */
111 p++;
112 if (--max == 0)
113 goto err;
114 l = 0;
115 while (*p & 0x80) {
116 l <<= 7L;
117 l |= *(p++) & 0x7f;
118 if (--max == 0)
119 goto err;
120 if (l > (INT_MAX >> 7L))
121 goto err;
122 }
123 l <<= 7L;
124 l |= *(p++) & 0x7f;
125 tag = (int)l;
126 if (--max == 0)
127 goto err;
128 } else {
129 tag = i;
130 p++;
131 if (--max == 0)
132 goto err;
133 }
134 *ptag = tag;
135 *pclass = xclass;
136 if (!asn1_get_length(&p, &inf, plength, (int)max))
137 goto err;
138
139 if (inf && !(ret & V_ASN1_CONSTRUCTED))
140 goto err;
141
142 if (*plength > (omax - (p - *pp))) {
143 ASN1err(ASN1_F_ASN1_GET_OBJECT, ASN1_R_TOO_LONG);
144 /* Set this so that even if things are not long enough
145 * the values are set correctly */
146 ret |= 0x80;
147 }
148 *pp = p;
149 return (ret | inf);
150
151err:
152 ASN1err(ASN1_F_ASN1_GET_OBJECT, ASN1_R_HEADER_TOO_LONG);
153 return (0x80);
154}
155
156static int
157asn1_get_length(const unsigned char **pp, int *inf, long *rl, int max)
158{
159 const unsigned char *p= *pp;
160 unsigned long ret = 0;
161 unsigned int i;
162
163 if (max-- < 1)
164 return (0);
165 if (*p == 0x80) {
166 *inf = 1;
167 ret = 0;
168 p++;
169 } else {
170 *inf = 0;
171 i= *p & 0x7f;
172 if (*(p++) & 0x80) {
173 if (max < (int)i)
174 return (0);
175 /* skip leading zeroes */
176 while (i && *p == 0) {
177 p++;
178 i--;
179 }
180 if (i > sizeof(long))
181 return 0;
182 while (i-- > 0) {
183 ret <<= 8L;
184 ret |= *(p++);
185 }
186 } else
187 ret = i;
188 }
189 if (ret > LONG_MAX)
190 return 0;
191 *pp = p;
192 *rl = (long)ret;
193 return (1);
194}
195
196/* class 0 is constructed
197 * constructed == 2 for indefinite length constructed */
198void
199ASN1_put_object(unsigned char **pp, int constructed, int length, int tag,
200 int xclass)
201{
202 unsigned char *p= *pp;
203 int i, ttag;
204
205 i = (constructed) ? V_ASN1_CONSTRUCTED : 0;
206 i |= (xclass & V_ASN1_PRIVATE);
207 if (tag < 31)
208 *(p++) = i | (tag & V_ASN1_PRIMITIVE_TAG);
209 else {
210 *(p++) = i | V_ASN1_PRIMITIVE_TAG;
211 for(i = 0, ttag = tag; ttag > 0; i++)
212 ttag >>= 7;
213 ttag = i;
214 while (i-- > 0) {
215 p[i] = tag & 0x7f;
216 if (i != (ttag - 1))
217 p[i] |= 0x80;
218 tag >>= 7;
219 }
220 p += ttag;
221 }
222 if (constructed == 2)
223 *(p++) = 0x80;
224 else
225 asn1_put_length(&p, length);
226 *pp = p;
227}
228
229int
230ASN1_put_eoc(unsigned char **pp)
231{
232 unsigned char *p = *pp;
233
234 *p++ = 0;
235 *p++ = 0;
236 *pp = p;
237 return 2;
238}
239
240static void
241asn1_put_length(unsigned char **pp, int length)
242{
243 unsigned char *p= *pp;
244
245 int i, l;
246 if (length <= 127)
247 *(p++) = (unsigned char)length;
248 else {
249 l = length;
250 for (i = 0; l > 0; i++)
251 l >>= 8;
252 *(p++) = i | 0x80;
253 l = i;
254 while (i-- > 0) {
255 p[i] = length & 0xff;
256 length >>= 8;
257 }
258 p += l;
259 }
260 *pp = p;
261}
262
263int
264ASN1_object_size(int constructed, int length, int tag)
265{
266 int ret;
267
268 ret = length;
269 ret++;
270 if (tag >= 31) {
271 while (tag > 0) {
272 tag >>= 7;
273 ret++;
274 }
275 }
276 if (constructed == 2)
277 return ret + 3;
278 ret++;
279 if (length > 127) {
280 while (length > 0) {
281 length >>= 8;
282 ret++;
283 }
284 }
285 return (ret);
286}
287
288static int
289_asn1_Finish(ASN1_const_CTX *c)
290{
291 if ((c->inf == (1|V_ASN1_CONSTRUCTED)) && (!c->eos)) {
292 if (!ASN1_const_check_infinite_end(&c->p, c->slen)) {
293 c->error = ERR_R_MISSING_ASN1_EOS;
294 return (0);
295 }
296 }
297 if (((c->slen != 0) && !(c->inf & 1)) ||
298 ((c->slen < 0) && (c->inf & 1))) {
299 c->error = ERR_R_ASN1_LENGTH_MISMATCH;
300 return (0);
301 }
302 return (1);
303}
304
305int
306asn1_Finish(ASN1_CTX *c)
307{
308 return _asn1_Finish((ASN1_const_CTX *)c);
309}
310
311int
312asn1_const_Finish(ASN1_const_CTX *c)
313{
314 return _asn1_Finish(c);
315}
316
317int
318asn1_GetSequence(ASN1_const_CTX *c, long *length)
319{
320 const unsigned char *q;
321
322 q = c->p;
323 c->inf = ASN1_get_object(&(c->p), &(c->slen), &(c->tag), &(c->xclass),
324 *length);
325 if (c->inf & 0x80) {
326 c->error = ERR_R_BAD_GET_ASN1_OBJECT_CALL;
327 return (0);
328 }
329 if (c->tag != V_ASN1_SEQUENCE) {
330 c->error = ERR_R_EXPECTING_AN_ASN1_SEQUENCE;
331 return (0);
332 }
333 (*length) -= (c->p - q);
334 if (c->max && (*length < 0)) {
335 c->error = ERR_R_ASN1_LENGTH_MISMATCH;
336 return (0);
337 }
338 if (c->inf == (1|V_ASN1_CONSTRUCTED))
339 c->slen= *length+ *(c->pp) - c->p;
340 c->eos = 0;
341 return (1);
342}
343
344int
345ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str)
346{
347 if (str == NULL)
348 return 0;
349 dst->type = str->type;
350 if (!ASN1_STRING_set(dst, str->data, str->length))
351 return 0;
352 dst->flags = str->flags;
353 return 1;
354}
355
356ASN1_STRING *
357ASN1_STRING_dup(const ASN1_STRING *str)
358{
359 ASN1_STRING *ret;
360
361 if (!str)
362 return NULL;
363 ret = ASN1_STRING_new();
364 if (!ret)
365 return NULL;
366 if (!ASN1_STRING_copy(ret, str)) {
367 ASN1_STRING_free(ret);
368 return NULL;
369 }
370 return ret;
371}
372
373int
374ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
375{
376 const char *data = _data;
377
378 if (len < 0) {
379 if (data == NULL)
380 return (0);
381 else
382 len = strlen(data);
383 }
384 if ((str->length < len) || (str->data == NULL)) {
385 unsigned char *tmp;
386 tmp = realloc(str->data, len + 1);
387 if (tmp == NULL) {
388 ASN1err(ASN1_F_ASN1_STRING_SET, ERR_R_MALLOC_FAILURE);
389 return (0);
390 }
391 str->data = tmp;
392 }
393 str->length = len;
394 if (data != NULL) {
395 memmove(str->data, data, len);
396 }
397 str->data[str->length]='\0';
398 return (1);
399}
400
401void
402ASN1_STRING_set0(ASN1_STRING *str, void *data, int len)
403{
404 free(str->data);
405 str->data = data;
406 str->length = len;
407}
408
409ASN1_STRING *
410ASN1_STRING_new(void)
411{
412 return (ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
413}
414
415ASN1_STRING *
416ASN1_STRING_type_new(int type)
417{
418 ASN1_STRING *ret;
419
420 ret = malloc(sizeof(ASN1_STRING));
421 if (ret == NULL) {
422 ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW, ERR_R_MALLOC_FAILURE);
423 return (NULL);
424 }
425 ret->length = 0;
426 ret->type = type;
427 ret->data = NULL;
428 ret->flags = 0;
429 return (ret);
430}
431
432void
433ASN1_STRING_free(ASN1_STRING *a)
434{
435 if (a == NULL)
436 return;
437 if (a->data && !(a->flags & ASN1_STRING_FLAG_NDEF))
438 free(a->data);
439 free(a);
440}
441
442int
443ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b)
444{
445 int i;
446
447 i = (a->length - b->length);
448 if (i == 0) {
449 i = memcmp(a->data, b->data, a->length);
450 if (i == 0)
451 return (a->type - b->type);
452 else
453 return (i);
454 } else
455 return (i);
456}
457
458void
459asn1_add_error(const unsigned char *address, int offset)
460{
461 ERR_asprintf_error_data("offset=%d", offset);
462}
463
464int
465ASN1_STRING_length(const ASN1_STRING *x)
466{
467 return (x->length);
468}
469
470void
471ASN1_STRING_length_set(ASN1_STRING *x, int len)
472{
473 x->length = len;
474}
475
476int
477ASN1_STRING_type(ASN1_STRING *x)
478{
479 return (x->type);
480}
481
482unsigned char *
483ASN1_STRING_data(ASN1_STRING *x)
484{
485 return (x->data);
486}
diff --git a/src/lib/libcrypto/asn1/asn1_locl.h b/src/lib/libcrypto/asn1/asn1_locl.h
deleted file mode 100644
index c6c80aa6aa..0000000000
--- a/src/lib/libcrypto/asn1/asn1_locl.h
+++ /dev/null
@@ -1,151 +0,0 @@
1/* $OpenBSD: asn1_locl.h,v 1.5 2014/06/12 15:49:27 deraadt Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2006.
4 */
5/* ====================================================================
6 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59/* Internal ASN1 structures and functions: not for application use */
60
61/* ASN1 print context structure */
62
63struct asn1_pctx_st {
64 unsigned long flags;
65 unsigned long nm_flags;
66 unsigned long cert_flags;
67 unsigned long oid_flags;
68 unsigned long str_flags;
69} /* ASN1_PCTX */;
70
71/* ASN1 public key method structure */
72
73struct evp_pkey_asn1_method_st {
74 int pkey_id;
75 int pkey_base_id;
76 unsigned long pkey_flags;
77
78 char *pem_str;
79 char *info;
80
81 int (*pub_decode)(EVP_PKEY *pk, X509_PUBKEY *pub);
82 int (*pub_encode)(X509_PUBKEY *pub, const EVP_PKEY *pk);
83 int (*pub_cmp)(const EVP_PKEY *a, const EVP_PKEY *b);
84 int (*pub_print)(BIO *out, const EVP_PKEY *pkey, int indent,
85 ASN1_PCTX *pctx);
86
87 int (*priv_decode)(EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf);
88 int (*priv_encode)(PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk);
89 int (*priv_print)(BIO *out, const EVP_PKEY *pkey, int indent,
90 ASN1_PCTX *pctx);
91
92 int (*pkey_size)(const EVP_PKEY *pk);
93 int (*pkey_bits)(const EVP_PKEY *pk);
94
95 int (*param_decode)(EVP_PKEY *pkey, const unsigned char **pder,
96 int derlen);
97 int (*param_encode)(const EVP_PKEY *pkey, unsigned char **pder);
98 int (*param_missing)(const EVP_PKEY *pk);
99 int (*param_copy)(EVP_PKEY *to, const EVP_PKEY *from);
100 int (*param_cmp)(const EVP_PKEY *a, const EVP_PKEY *b);
101 int (*param_print)(BIO *out, const EVP_PKEY *pkey, int indent,
102 ASN1_PCTX *pctx);
103 int (*sig_print)(BIO *out, const X509_ALGOR *sigalg,
104 const ASN1_STRING *sig, int indent, ASN1_PCTX *pctx);
105
106 void (*pkey_free)(EVP_PKEY *pkey);
107 int (*pkey_ctrl)(EVP_PKEY *pkey, int op, long arg1, void *arg2);
108
109 /* Legacy functions for old PEM */
110
111 int (*old_priv_decode)(EVP_PKEY *pkey, const unsigned char **pder,
112 int derlen);
113 int (*old_priv_encode)(const EVP_PKEY *pkey, unsigned char **pder);
114 /* Custom ASN1 signature verification */
115 int (*item_verify)(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
116 X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey);
117 int (*item_sign)(EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn,
118 X509_ALGOR *alg1, X509_ALGOR *alg2, ASN1_BIT_STRING *sig);
119
120} /* EVP_PKEY_ASN1_METHOD */;
121
122/* Method to handle CRL access.
123 * In general a CRL could be very large (several Mb) and can consume large
124 * amounts of resources if stored in memory by multiple processes.
125 * This method allows general CRL operations to be redirected to more
126 * efficient callbacks: for example a CRL entry database.
127 */
128
129#define X509_CRL_METHOD_DYNAMIC 1
130
131struct x509_crl_method_st {
132 int flags;
133 int (*crl_init)(X509_CRL *crl);
134 int (*crl_free)(X509_CRL *crl);
135 int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret,
136 ASN1_INTEGER *ser, X509_NAME *issuer);
137 int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk);
138};
139
140/*
141 * Unicode codepoint constants
142 */
143#define UNICODE_MAX 0x10FFFF
144#define UNICODE_SURROGATE_MIN 0x00D800
145#define UNICODE_SURROGATE_MAX 0x00DFFF
146
147#define UNICODE_IS_SURROGATE(x) \
148 ((x) >= UNICODE_SURROGATE_MIN && (x) <= UNICODE_SURROGATE_MAX)
149
150int UTF8_getc(const unsigned char *str, int len, unsigned long *val);
151int UTF8_putc(unsigned char *str, int len, unsigned long value);
diff --git a/src/lib/libcrypto/asn1/asn1_mac.h b/src/lib/libcrypto/asn1/asn1_mac.h
deleted file mode 100644
index fd524dc21c..0000000000
--- a/src/lib/libcrypto/asn1/asn1_mac.h
+++ /dev/null
@@ -1,426 +0,0 @@
1/* $OpenBSD: asn1_mac.h,v 1.14 2014/06/27 04:41:09 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_ASN1_MAC_H
60#define HEADER_ASN1_MAC_H
61
62#include <openssl/asn1.h>
63
64#ifdef __cplusplus
65extern "C" {
66#endif
67
68#ifndef ASN1_MAC_ERR_LIB
69#define ASN1_MAC_ERR_LIB ERR_LIB_ASN1
70#endif
71
72#define ASN1_MAC_H_err(f,r,line) \
73 ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),__FILE__,(line))
74
75#define M_ASN1_D2I_vars(a,type,func) \
76 ASN1_const_CTX c; \
77 type ret=NULL; \
78 \
79 c.pp=(const unsigned char **)pp; \
80 c.q= *(const unsigned char **)pp; \
81 c.error=ERR_R_NESTED_ASN1_ERROR; \
82 if ((a == NULL) || ((*a) == NULL)) \
83 { if ((ret=(type)func()) == NULL) \
84 { c.line=__LINE__; goto err; } } \
85 else ret=(*a);
86
87#define M_ASN1_D2I_Init() \
88 c.p= *(const unsigned char **)pp; \
89 c.max=(length == 0)?0:(c.p+length);
90
91#define M_ASN1_D2I_Finish_2(a) \
92 if (!asn1_const_Finish(&c)) \
93 { c.line=__LINE__; goto err; } \
94 *(const unsigned char **)pp=c.p; \
95 if (a != NULL) (*a)=ret; \
96 return(ret);
97
98#define M_ASN1_D2I_Finish(a,func,e) \
99 M_ASN1_D2I_Finish_2(a); \
100err:\
101 ASN1_MAC_H_err((e),c.error,c.line); \
102 asn1_add_error(*(const unsigned char **)pp,(int)(c.q- *pp)); \
103 if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
104 return(NULL)
105
106#define M_ASN1_D2I_start_sequence() \
107 if (!asn1_GetSequence(&c,&length)) \
108 { c.line=__LINE__; goto err; }
109/* Begin reading ASN1 without a surrounding sequence */
110#define M_ASN1_D2I_begin() \
111 c.slen = length;
112
113/* End reading ASN1 with no check on length */
114#define M_ASN1_D2I_Finish_nolen(a, func, e) \
115 *pp=c.p; \
116 if (a != NULL) (*a)=ret; \
117 return(ret); \
118err:\
119 ASN1_MAC_H_err((e),c.error,c.line); \
120 asn1_add_error(*pp,(int)(c.q- *pp)); \
121 if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
122 return(NULL)
123
124#define M_ASN1_D2I_end_sequence() \
125 (((c.inf&1) == 0)?(c.slen <= 0): \
126 (c.eos=ASN1_const_check_infinite_end(&c.p,c.slen)))
127
128/* Don't use this with d2i_ASN1_BOOLEAN() */
129#define M_ASN1_D2I_get(b, func) \
130 c.q=c.p; \
131 if (func(&(b),&c.p,c.slen) == NULL) \
132 {c.line=__LINE__; goto err; } \
133 c.slen-=(c.p-c.q);
134
135/* Don't use this with d2i_ASN1_BOOLEAN() */
136#define M_ASN1_D2I_get_x(type,b,func) \
137 c.q=c.p; \
138 if (((D2I_OF(type))func)(&(b),&c.p,c.slen) == NULL) \
139 {c.line=__LINE__; goto err; } \
140 c.slen-=(c.p-c.q);
141
142/* use this instead () */
143#define M_ASN1_D2I_get_int(b,func) \
144 c.q=c.p; \
145 if (func(&(b),&c.p,c.slen) < 0) \
146 {c.line=__LINE__; goto err; } \
147 c.slen-=(c.p-c.q);
148
149#define M_ASN1_D2I_get_opt(b,func,type) \
150 if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
151 == (V_ASN1_UNIVERSAL|(type)))) \
152 { \
153 M_ASN1_D2I_get(b,func); \
154 }
155
156#define M_ASN1_D2I_get_int_opt(b,func,type) \
157 if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
158 == (V_ASN1_UNIVERSAL|(type)))) \
159 { \
160 M_ASN1_D2I_get_int(b,func); \
161 }
162
163#define M_ASN1_D2I_get_imp(b,func, type) \
164 M_ASN1_next=(_tmp& V_ASN1_CONSTRUCTED)|type; \
165 c.q=c.p; \
166 if (func(&(b),&c.p,c.slen) == NULL) \
167 {c.line=__LINE__; M_ASN1_next_prev = _tmp; goto err; } \
168 c.slen-=(c.p-c.q);\
169 M_ASN1_next_prev=_tmp;
170
171#define M_ASN1_D2I_get_IMP_opt(b,func,tag,type) \
172 if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == \
173 (V_ASN1_CONTEXT_SPECIFIC|(tag)))) \
174 { \
175 unsigned char _tmp = M_ASN1_next; \
176 M_ASN1_D2I_get_imp(b,func, type);\
177 }
178
179#define M_ASN1_D2I_get_set_type(type,r,func,free_func) \
180 M_ASN1_D2I_get_imp_set_type(type,r,func,free_func, \
181 V_ASN1_SET,V_ASN1_UNIVERSAL);
182
183#define M_ASN1_D2I_get_set_opt_type(type,r,func,free_func) \
184 if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
185 V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
186 { M_ASN1_D2I_get_set_type(type,r,func,free_func); }
187
188#define M_ASN1_I2D_len_SET_opt(a,f) \
189 if ((a != NULL) && (sk_num(a) != 0)) \
190 M_ASN1_I2D_len_SET(a,f);
191
192#define M_ASN1_I2D_put_SET_opt(a,f) \
193 if ((a != NULL) && (sk_num(a) != 0)) \
194 M_ASN1_I2D_put_SET(a,f);
195
196#define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
197 if ((a != NULL) && (sk_num(a) != 0)) \
198 M_ASN1_I2D_put_SEQUENCE(a,f);
199
200#define M_ASN1_I2D_put_SEQUENCE_opt_type(type,a,f) \
201 if ((a != NULL) && (sk_##type##_num(a) != 0)) \
202 M_ASN1_I2D_put_SEQUENCE_type(type,a,f);
203
204#define M_ASN1_D2I_get_IMP_set_opt_type(type,b,func,free_func,tag) \
205 if ((c.slen != 0) && \
206 (M_ASN1_next == \
207 (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
208 { \
209 M_ASN1_D2I_get_imp_set_type(type,b,func,free_func,\
210 tag,V_ASN1_CONTEXT_SPECIFIC); \
211 }
212
213#define M_ASN1_D2I_get_seq_type(type,r,func,free_func) \
214 M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
215 V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
216
217#define M_ASN1_D2I_get_seq_opt_type(type,r,func,free_func) \
218 if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
219 V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
220 { M_ASN1_D2I_get_seq_type(type,r,func,free_func); }
221
222#define M_ASN1_D2I_get_IMP_set_type(type,r,func,free_func,x) \
223 M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
224 x,V_ASN1_CONTEXT_SPECIFIC);
225
226#define M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,a,b) \
227 c.q=c.p; \
228 if (d2i_ASN1_SET_OF_##type(&(r),&c.p,c.slen,func,\
229 free_func,a,b) == NULL) \
230 { c.line=__LINE__; goto err; } \
231 c.slen-=(c.p-c.q);
232
233#define M_ASN1_D2I_get_set_strings(r,func,a,b) \
234 c.q=c.p; \
235 if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \
236 { c.line=__LINE__; goto err; } \
237 c.slen-=(c.p-c.q);
238
239#define M_ASN1_D2I_get_EXP_opt(r,func,tag) \
240 if ((c.slen != 0L) && (M_ASN1_next == \
241 (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
242 { \
243 int Tinf,Ttag,Tclass; \
244 long Tlen; \
245 \
246 c.q=c.p; \
247 Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
248 if (Tinf & 0x80) \
249 { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
250 c.line=__LINE__; goto err; } \
251 if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
252 Tlen = c.slen - (c.p - c.q) - 2; \
253 if (func(&(r),&c.p,Tlen) == NULL) \
254 { c.line=__LINE__; goto err; } \
255 if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
256 Tlen = c.slen - (c.p - c.q); \
257 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) \
258 { c.error=ERR_R_MISSING_ASN1_EOS; \
259 c.line=__LINE__; goto err; } \
260 }\
261 c.slen-=(c.p-c.q); \
262 }
263
264#define M_ASN1_D2I_get_EXP_set_opt_type(type,r,func,free_func,tag,b) \
265 if ((c.slen != 0) && (M_ASN1_next == \
266 (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
267 { \
268 int Tinf,Ttag,Tclass; \
269 long Tlen; \
270 \
271 c.q=c.p; \
272 Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
273 if (Tinf & 0x80) \
274 { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
275 c.line=__LINE__; goto err; } \
276 if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
277 Tlen = c.slen - (c.p - c.q) - 2; \
278 if (d2i_ASN1_SET_OF_##type(&(r),&c.p,Tlen,func, \
279 free_func,b,V_ASN1_UNIVERSAL) == NULL) \
280 { c.line=__LINE__; goto err; } \
281 if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
282 Tlen = c.slen - (c.p - c.q); \
283 if(!ASN1_check_infinite_end(&c.p, Tlen)) \
284 { c.error=ERR_R_MISSING_ASN1_EOS; \
285 c.line=__LINE__; goto err; } \
286 }\
287 c.slen-=(c.p-c.q); \
288 }
289
290/* BIG UGLY WARNING! This is so damn ugly I wanna puke. Unfortunately,
291 some macros that use ASN1_const_CTX still insist on writing in the input
292 stream. ARGH! ARGH! ARGH! Let's get rid of this macro package.
293 Please? -- Richard Levitte */
294#define M_ASN1_next (*((unsigned char *)(c.p)))
295#define M_ASN1_next_prev (*((unsigned char *)(c.q)))
296
297/*************************************************/
298
299#define M_ASN1_I2D_vars(a) int r=0,ret=0; \
300 unsigned char *p; \
301 if (a == NULL) return(0)
302
303/* Length Macros */
304#define M_ASN1_I2D_len(a,f) ret+=f(a,NULL)
305#define M_ASN1_I2D_len_IMP_opt(a,f) if (a != NULL) M_ASN1_I2D_len(a,f)
306
307#define M_ASN1_I2D_len_SET_type(type,a,f) \
308 ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SET, \
309 V_ASN1_UNIVERSAL,IS_SET);
310
311#define M_ASN1_I2D_len_SEQUENCE_type(type,a,f) \
312 ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SEQUENCE, \
313 V_ASN1_UNIVERSAL,IS_SEQUENCE)
314
315#define M_ASN1_I2D_len_SEQUENCE_opt(a,f) \
316 if ((a != NULL) && (sk_num(a) != 0)) \
317 M_ASN1_I2D_len_SEQUENCE(a,f);
318
319#define M_ASN1_I2D_len_SEQUENCE_opt_type(type,a,f) \
320 if ((a != NULL) && (sk_##type##_num(a) != 0)) \
321 M_ASN1_I2D_len_SEQUENCE_type(type,a,f);
322
323#define M_ASN1_I2D_len_IMP_SET_type(type,a,f,x) \
324 ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
325 V_ASN1_CONTEXT_SPECIFIC,IS_SET);
326
327#define M_ASN1_I2D_len_IMP_SET_opt_type(type,a,f,x) \
328 if ((a != NULL) && (sk_##type##_num(a) != 0)) \
329 ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
330 V_ASN1_CONTEXT_SPECIFIC,IS_SET);
331
332#define M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(type,a,f,x) \
333 if ((a != NULL) && (sk_##type##_num(a) != 0)) \
334 ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
335 V_ASN1_CONTEXT_SPECIFIC, \
336 IS_SEQUENCE);
337
338#define M_ASN1_I2D_len_EXP_opt(a,f,mtag,v) \
339 if (a != NULL)\
340 { \
341 v=f(a,NULL); \
342 ret+=ASN1_object_size(1,v,mtag); \
343 }
344
345#define M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
346 if ((a != NULL) && (sk_##type##_num(a) != 0))\
347 { \
348 v=i2d_ASN1_SET_OF_##type(a,NULL,f,tag, \
349 V_ASN1_UNIVERSAL, \
350 IS_SEQUENCE); \
351 ret+=ASN1_object_size(1,v,mtag); \
352 }
353
354/* Put Macros */
355#define M_ASN1_I2D_put(a,f) f(a,&p)
356
357#define M_ASN1_I2D_put_IMP_opt(a,f,t) \
358 if (a != NULL) \
359 { \
360 unsigned char *q=p; \
361 f(a,&p); \
362 *q=(V_ASN1_CONTEXT_SPECIFIC|t|(*q&V_ASN1_CONSTRUCTED));\
363 }
364
365#define M_ASN1_I2D_put_SET_type(type,a,f) \
366 i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET)
367#define M_ASN1_I2D_put_IMP_SET_type(type,a,f,x) \
368 i2d_ASN1_SET_OF_##type(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET)
369
370#define M_ASN1_I2D_put_SEQUENCE_type(type,a,f) \
371 i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
372 IS_SEQUENCE)
373
374#define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
375 if ((a != NULL) && (sk_num(a) != 0)) \
376 M_ASN1_I2D_put_SEQUENCE(a,f);
377
378#define M_ASN1_I2D_put_IMP_SET_opt_type(type,a,f,x) \
379 if ((a != NULL) && (sk_##type##_num(a) != 0)) \
380 { i2d_ASN1_SET_OF_##type(a,&p,f,x, \
381 V_ASN1_CONTEXT_SPECIFIC, \
382 IS_SET); }
383
384#define M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(type,a,f,x) \
385 if ((a != NULL) && (sk_##type##_num(a) != 0)) \
386 { i2d_ASN1_SET_OF_##type(a,&p,f,x, \
387 V_ASN1_CONTEXT_SPECIFIC, \
388 IS_SEQUENCE); }
389
390#define M_ASN1_I2D_put_EXP_opt(a,f,tag,v) \
391 if (a != NULL) \
392 { \
393 ASN1_put_object(&p,1,v,tag,V_ASN1_CONTEXT_SPECIFIC); \
394 f(a,&p); \
395 }
396
397#define M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
398 if ((a != NULL) && (sk_##type##_num(a) != 0)) \
399 { \
400 ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
401 i2d_ASN1_SET_OF_##type(a,&p,f,tag,V_ASN1_UNIVERSAL, \
402 IS_SEQUENCE); \
403 }
404
405#define M_ASN1_I2D_seq_total() \
406 r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); \
407 if (pp == NULL) return(r); \
408 p= *pp; \
409 ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
410
411#define M_ASN1_I2D_INF_seq_start(tag,ctx) \
412 *(p++)=(V_ASN1_CONSTRUCTED|(tag)|(ctx)); \
413 *(p++)=0x80
414
415#define M_ASN1_I2D_INF_seq_end() *(p++)=0x00; *(p++)=0x00
416
417#define M_ASN1_I2D_finish() *pp=p; \
418 return(r);
419
420int asn1_GetSequence(ASN1_const_CTX *c, long *length);
421void asn1_add_error(const unsigned char *address, int offset);
422#ifdef __cplusplus
423}
424#endif
425
426#endif
diff --git a/src/lib/libcrypto/asn1/asn1_par.c b/src/lib/libcrypto/asn1/asn1_par.c
deleted file mode 100644
index b5742fe97d..0000000000
--- a/src/lib/libcrypto/asn1/asn1_par.c
+++ /dev/null
@@ -1,397 +0,0 @@
1/* $OpenBSD: asn1_par.c,v 1.22 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/asn1.h>
62#include <openssl/buffer.h>
63#include <openssl/objects.h>
64
65static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
66 int indent);
67static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
68 int offset, int depth, int indent, int dump);
69
70static int
71asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
72 int indent)
73{
74 char str[128];
75 const char *p;
76
77 if (constructed & V_ASN1_CONSTRUCTED)
78 p="cons: ";
79 else
80 p="prim: ";
81 if (BIO_write(bp, p, 6) < 6)
82 goto err;
83 BIO_indent(bp, indent, 128);
84
85 p = str;
86 if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
87 snprintf(str, sizeof str, "priv [ %d ] ", tag);
88 else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
89 snprintf(str, sizeof str, "cont [ %d ]", tag);
90 else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
91 snprintf(str, sizeof str, "appl [ %d ]", tag);
92 else if (tag > 30)
93 snprintf(str, sizeof str, "<ASN1 %d>", tag);
94 else
95 p = ASN1_tag2str(tag);
96
97 if (BIO_printf(bp, "%-18s", p) <= 0)
98 goto err;
99 return (1);
100err:
101 return (0);
102}
103
104int
105ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent)
106{
107 return (asn1_parse2(bp, &pp, len, 0, 0, indent, 0));
108}
109
110int
111ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent, int dump)
112{
113 return (asn1_parse2(bp, &pp, len, 0, 0, indent, dump));
114}
115
116static int
117asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offset,
118 int depth, int indent, int dump)
119{
120 const unsigned char *p, *ep, *tot, *op, *opp;
121 long len;
122 int tag, xclass, ret = 0;
123 int nl, hl, j, r;
124 ASN1_OBJECT *o = NULL;
125 ASN1_OCTET_STRING *os = NULL;
126 /* ASN1_BMPSTRING *bmp=NULL;*/
127 int dump_indent;
128
129 dump_indent = 6; /* Because we know BIO_dump_indent() */
130 p = *pp;
131 tot = p + length;
132 op = p - 1;
133 while ((p < tot) && (op < p)) {
134 op = p;
135 j = ASN1_get_object(&p, &len, &tag, &xclass, length);
136
137 if (j & 0x80) {
138 if (BIO_write(bp, "Error in encoding\n", 18) <= 0)
139 goto end;
140 ret = 0;
141 goto end;
142 }
143 hl = (p - op);
144 length -= hl;
145 /* if j == 0x21 it is a constructed indefinite length object */
146 if (BIO_printf(bp, "%5ld:", (long)offset +
147 (long)(op - *pp)) <= 0)
148 goto end;
149
150 if (j != (V_ASN1_CONSTRUCTED | 1)) {
151 if (BIO_printf(bp, "d=%-2d hl=%ld l=%4ld ",
152 depth, (long)hl, len) <= 0)
153 goto end;
154 } else {
155 if (BIO_printf(bp, "d=%-2d hl=%ld l=inf ",
156 depth, (long)hl) <= 0)
157 goto end;
158 }
159 if (!asn1_print_info(bp, tag, xclass, j, (indent) ? depth : 0))
160 goto end;
161 if (j & V_ASN1_CONSTRUCTED) {
162 ep = p + len;
163 if (BIO_write(bp, "\n", 1) <= 0)
164 goto end;
165 if (len > length) {
166 BIO_printf(bp, "length is greater than %ld\n",
167 length);
168 ret = 0;
169 goto end;
170 }
171 if ((j == 0x21) && (len == 0)) {
172 for (;;) {
173 r = asn1_parse2(bp, &p, (long)(tot - p),
174 offset + (p - *pp), depth + 1,
175 indent, dump);
176 if (r == 0) {
177 ret = 0;
178 goto end;
179 }
180 if ((r == 2) || (p >= tot))
181 break;
182 }
183 } else
184 while (p < ep) {
185 r = asn1_parse2(bp, &p, (long)len,
186 offset + (p - *pp), depth + 1,
187 indent, dump);
188 if (r == 0) {
189 ret = 0;
190 goto end;
191 }
192 }
193 } else if (xclass != 0) {
194 p += len;
195 if (BIO_write(bp, "\n", 1) <= 0)
196 goto end;
197 } else {
198 nl = 0;
199 if ((tag == V_ASN1_PRINTABLESTRING) ||
200 (tag == V_ASN1_T61STRING) ||
201 (tag == V_ASN1_IA5STRING) ||
202 (tag == V_ASN1_VISIBLESTRING) ||
203 (tag == V_ASN1_NUMERICSTRING) ||
204 (tag == V_ASN1_UTF8STRING) ||
205 (tag == V_ASN1_UTCTIME) ||
206 (tag == V_ASN1_GENERALIZEDTIME)) {
207 if (BIO_write(bp, ":", 1) <= 0)
208 goto end;
209 if ((len > 0) &&
210 BIO_write(bp, (const char *)p, (int)len) !=
211 (int)len)
212 goto end;
213 } else if (tag == V_ASN1_OBJECT) {
214 opp = op;
215 if (d2i_ASN1_OBJECT(&o, &opp, len + hl) !=
216 NULL) {
217 if (BIO_write(bp, ":", 1) <= 0)
218 goto end;
219 i2a_ASN1_OBJECT(bp, o);
220 } else {
221 if (BIO_write(bp, ":BAD OBJECT",
222 11) <= 0)
223 goto end;
224 }
225 } else if (tag == V_ASN1_BOOLEAN) {
226 int ii;
227
228 opp = op;
229 ii = d2i_ASN1_BOOLEAN(NULL, &opp, len + hl);
230 if (ii < 0) {
231 if (BIO_write(bp, "Bad boolean\n",
232 12) <= 0)
233 goto end;
234 }
235 BIO_printf(bp, ":%d", ii);
236 } else if (tag == V_ASN1_BMPSTRING) {
237 /* do the BMP thang */
238 } else if (tag == V_ASN1_OCTET_STRING) {
239 int i, printable = 1;
240
241 opp = op;
242 os = d2i_ASN1_OCTET_STRING(NULL, &opp, len + hl);
243 if (os != NULL && os->length > 0) {
244 opp = os->data;
245 /* testing whether the octet string is
246 * printable */
247 for (i = 0; i < os->length; i++) {
248 if (((opp[i] < ' ') &&
249 (opp[i] != '\n') &&
250 (opp[i] != '\r') &&
251 (opp[i] != '\t')) ||
252 (opp[i] > '~')) {
253 printable = 0;
254 break;
255 }
256 }
257 if (printable) {
258 /* printable string */
259 if (BIO_write(bp, ":", 1) <= 0)
260 goto end;
261 if (BIO_write(bp, (const char *)opp,
262 os->length) <= 0)
263 goto end;
264 } else if (!dump) {
265 /* not printable => print octet string
266 * as hex dump */
267 if (BIO_write(bp, "[HEX DUMP]:", 11) <= 0)
268 goto end;
269 for (i = 0; i < os->length; i++) {
270 if (BIO_printf(bp,
271 "%02X", opp[i]) <= 0)
272 goto end;
273 }
274 } else {
275 /* print the normal dump */
276 if (!nl) {
277 if (BIO_write(bp, "\n", 1) <= 0)
278 goto end;
279 }
280 if (BIO_dump_indent(bp,
281 (const char *)opp,
282 ((dump == -1 || dump >
283 os->length) ? os->length : dump),
284 dump_indent) <= 0)
285 goto end;
286 nl = 1;
287 }
288 }
289 M_ASN1_OCTET_STRING_free(os);
290 os = NULL;
291 } else if (tag == V_ASN1_INTEGER) {
292 ASN1_INTEGER *bs;
293 int i;
294
295 opp = op;
296 bs = d2i_ASN1_INTEGER(NULL, &opp, len + hl);
297 if (bs != NULL) {
298 if (BIO_write(bp, ":", 1) <= 0)
299 goto end;
300 if (bs->type == V_ASN1_NEG_INTEGER)
301 if (BIO_write(bp, "-", 1) <= 0)
302 goto end;
303 for (i = 0; i < bs->length; i++) {
304 if (BIO_printf(bp, "%02X",
305 bs->data[i]) <= 0)
306 goto end;
307 }
308 if (bs->length == 0) {
309 if (BIO_write(bp, "00", 2) <= 0)
310 goto end;
311 }
312 } else {
313 if (BIO_write(bp, "BAD INTEGER", 11) <= 0)
314 goto end;
315 }
316 M_ASN1_INTEGER_free(bs);
317 } else if (tag == V_ASN1_ENUMERATED) {
318 ASN1_ENUMERATED *bs;
319 int i;
320
321 opp = op;
322 bs = d2i_ASN1_ENUMERATED(NULL, &opp, len + hl);
323 if (bs != NULL) {
324 if (BIO_write(bp, ":", 1) <= 0)
325 goto end;
326 if (bs->type == V_ASN1_NEG_ENUMERATED)
327 if (BIO_write(bp, "-", 1) <= 0)
328 goto end;
329 for (i = 0; i < bs->length; i++) {
330 if (BIO_printf(bp, "%02X",
331 bs->data[i]) <= 0)
332 goto end;
333 }
334 if (bs->length == 0) {
335 if (BIO_write(bp, "00", 2) <= 0)
336 goto end;
337 }
338 } else {
339 if (BIO_write(bp, "BAD ENUMERATED", 14) <= 0)
340 goto end;
341 }
342 M_ASN1_ENUMERATED_free(bs);
343 } else if (len > 0 && dump) {
344 if (!nl) {
345 if (BIO_write(bp, "\n", 1) <= 0)
346 goto end;
347 }
348 if (BIO_dump_indent(bp, (const char *)p,
349 ((dump == -1 || dump > len) ? len : dump),
350 dump_indent) <= 0)
351 goto end;
352 nl = 1;
353 }
354
355 if (!nl) {
356 if (BIO_write(bp, "\n", 1) <= 0)
357 goto end;
358 }
359 p += len;
360 if ((tag == V_ASN1_EOC) && (xclass == 0)) {
361 ret = 2; /* End of sequence */
362 goto end;
363 }
364 }
365 length -= len;
366 }
367 ret = 1;
368
369end:
370 if (o != NULL)
371 ASN1_OBJECT_free(o);
372 M_ASN1_OCTET_STRING_free(os);
373 *pp = p;
374 return (ret);
375}
376
377const char *
378ASN1_tag2str(int tag)
379{
380 static const char * const tag2str[] = {
381 "EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING", /* 0-4 */
382 "NULL", "OBJECT", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL", /* 5-9 */
383 "ENUMERATED", "<ASN1 11>", "UTF8STRING", "<ASN1 13>", /* 10-13 */
384 "<ASN1 14>", "<ASN1 15>", "SEQUENCE", "SET", /* 15-17 */
385 "NUMERICSTRING", "PRINTABLESTRING", "T61STRING", /* 18-20 */
386 "VIDEOTEXSTRING", "IA5STRING", "UTCTIME", "GENERALIZEDTIME", /* 21-24 */
387 "GRAPHICSTRING", "VISIBLESTRING", "GENERALSTRING", /* 25-27 */
388 "UNIVERSALSTRING", "<ASN1 29>", "BMPSTRING" /* 28-30 */
389 };
390
391 if ((tag == V_ASN1_NEG_INTEGER) || (tag == V_ASN1_NEG_ENUMERATED))
392 tag &= ~0x100;
393
394 if (tag < 0 || tag > 30)
395 return "(unknown)";
396 return tag2str[tag];
397}
diff --git a/src/lib/libcrypto/asn1/asn1t.h b/src/lib/libcrypto/asn1/asn1t.h
deleted file mode 100644
index 27f591c464..0000000000
--- a/src/lib/libcrypto/asn1/asn1t.h
+++ /dev/null
@@ -1,880 +0,0 @@
1/* $OpenBSD: asn1t.h,v 1.13 2015/07/25 17:20:02 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58#ifndef HEADER_ASN1T_H
59#define HEADER_ASN1T_H
60
61#include <stddef.h>
62
63#include <openssl/opensslconf.h>
64
65#include <openssl/asn1.h>
66
67/* ASN1 template defines, structures and functions */
68
69#ifdef __cplusplus
70extern "C" {
71#endif
72
73#ifndef LIBRESSL_INTERNAL
74
75/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */
76#define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr))
77
78
79/* Macros for start and end of ASN1_ITEM definition */
80
81#define ASN1_ITEM_start(itname) \
82 const ASN1_ITEM itname##_it = {
83
84#define ASN1_ITEM_end(itname) \
85 };
86
87
88
89/* Macros to aid ASN1 template writing */
90
91#define ASN1_ITEM_TEMPLATE(tname) \
92 static const ASN1_TEMPLATE tname##_item_tt
93
94#define ASN1_ITEM_TEMPLATE_END(tname) \
95 ;\
96 ASN1_ITEM_start(tname) \
97 ASN1_ITYPE_PRIMITIVE,\
98 -1,\
99 &tname##_item_tt,\
100 0,\
101 NULL,\
102 0,\
103 #tname \
104 ASN1_ITEM_end(tname)
105
106
107/* This is a ASN1 type which just embeds a template */
108
109/* This pair helps declare a SEQUENCE. We can do:
110 *
111 * ASN1_SEQUENCE(stname) = {
112 * ... SEQUENCE components ...
113 * } ASN1_SEQUENCE_END(stname)
114 *
115 * This will produce an ASN1_ITEM called stname_it
116 * for a structure called stname.
117 *
118 * If you want the same structure but a different
119 * name then use:
120 *
121 * ASN1_SEQUENCE(itname) = {
122 * ... SEQUENCE components ...
123 * } ASN1_SEQUENCE_END_name(stname, itname)
124 *
125 * This will create an item called itname_it using
126 * a structure called stname.
127 */
128
129#define ASN1_SEQUENCE(tname) \
130 static const ASN1_TEMPLATE tname##_seq_tt[]
131
132#define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname)
133
134#define ASN1_SEQUENCE_END_name(stname, tname) \
135 ;\
136 ASN1_ITEM_start(tname) \
137 ASN1_ITYPE_SEQUENCE,\
138 V_ASN1_SEQUENCE,\
139 tname##_seq_tt,\
140 sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
141 NULL,\
142 sizeof(stname),\
143 #stname \
144 ASN1_ITEM_end(tname)
145
146#define ASN1_NDEF_SEQUENCE(tname) \
147 ASN1_SEQUENCE(tname)
148
149#define ASN1_NDEF_SEQUENCE_cb(tname, cb) \
150 ASN1_SEQUENCE_cb(tname, cb)
151
152#define ASN1_SEQUENCE_cb(tname, cb) \
153 static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
154 ASN1_SEQUENCE(tname)
155
156#define ASN1_BROKEN_SEQUENCE(tname) \
157 static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \
158 ASN1_SEQUENCE(tname)
159
160#define ASN1_SEQUENCE_ref(tname, cb, lck) \
161 static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \
162 ASN1_SEQUENCE(tname)
163
164#define ASN1_SEQUENCE_enc(tname, enc, cb) \
165 static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \
166 ASN1_SEQUENCE(tname)
167
168#define ASN1_NDEF_SEQUENCE_END(tname) \
169 ;\
170 ASN1_ITEM_start(tname) \
171 ASN1_ITYPE_NDEF_SEQUENCE,\
172 V_ASN1_SEQUENCE,\
173 tname##_seq_tt,\
174 sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
175 NULL,\
176 sizeof(tname),\
177 #tname \
178 ASN1_ITEM_end(tname)
179
180#define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname)
181
182#define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
183
184#define ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
185
186#define ASN1_SEQUENCE_END_ref(stname, tname) \
187 ;\
188 ASN1_ITEM_start(tname) \
189 ASN1_ITYPE_SEQUENCE,\
190 V_ASN1_SEQUENCE,\
191 tname##_seq_tt,\
192 sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
193 &tname##_aux,\
194 sizeof(stname),\
195 #stname \
196 ASN1_ITEM_end(tname)
197
198#define ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \
199 ;\
200 ASN1_ITEM_start(tname) \
201 ASN1_ITYPE_NDEF_SEQUENCE,\
202 V_ASN1_SEQUENCE,\
203 tname##_seq_tt,\
204 sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
205 &tname##_aux,\
206 sizeof(stname),\
207 #stname \
208 ASN1_ITEM_end(tname)
209
210
211/* This pair helps declare a CHOICE type. We can do:
212 *
213 * ASN1_CHOICE(chname) = {
214 * ... CHOICE options ...
215 * ASN1_CHOICE_END(chname)
216 *
217 * This will produce an ASN1_ITEM called chname_it
218 * for a structure called chname. The structure
219 * definition must look like this:
220 * typedef struct {
221 * int type;
222 * union {
223 * ASN1_SOMETHING *opt1;
224 * ASN1_SOMEOTHER *opt2;
225 * } value;
226 * } chname;
227 *
228 * the name of the selector must be 'type'.
229 * to use an alternative selector name use the
230 * ASN1_CHOICE_END_selector() version.
231 */
232
233#define ASN1_CHOICE(tname) \
234 static const ASN1_TEMPLATE tname##_ch_tt[]
235
236#define ASN1_CHOICE_cb(tname, cb) \
237 static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
238 ASN1_CHOICE(tname)
239
240#define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname)
241
242#define ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type)
243
244#define ASN1_CHOICE_END_selector(stname, tname, selname) \
245 ;\
246 ASN1_ITEM_start(tname) \
247 ASN1_ITYPE_CHOICE,\
248 offsetof(stname,selname) ,\
249 tname##_ch_tt,\
250 sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
251 NULL,\
252 sizeof(stname),\
253 #stname \
254 ASN1_ITEM_end(tname)
255
256#define ASN1_CHOICE_END_cb(stname, tname, selname) \
257 ;\
258 ASN1_ITEM_start(tname) \
259 ASN1_ITYPE_CHOICE,\
260 offsetof(stname,selname) ,\
261 tname##_ch_tt,\
262 sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
263 &tname##_aux,\
264 sizeof(stname),\
265 #stname \
266 ASN1_ITEM_end(tname)
267
268/* This helps with the template wrapper form of ASN1_ITEM */
269
270#define ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \
271 (flags), (tag), 0,\
272 #name, ASN1_ITEM_ref(type) }
273
274/* These help with SEQUENCE or CHOICE components */
275
276/* used to declare other types */
277
278#define ASN1_EX_TYPE(flags, tag, stname, field, type) { \
279 (flags), (tag), offsetof(stname, field),\
280 #field, ASN1_ITEM_ref(type) }
281
282/* used when the structure is combined with the parent */
283
284#define ASN1_EX_COMBINE(flags, tag, type) { \
285 (flags)|ASN1_TFLG_COMBINE, (tag), 0, NULL, ASN1_ITEM_ref(type) }
286
287/* implicit and explicit helper macros */
288
289#define ASN1_IMP_EX(stname, field, type, tag, ex) \
290 ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | ex, tag, stname, field, type)
291
292#define ASN1_EXP_EX(stname, field, type, tag, ex) \
293 ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | ex, tag, stname, field, type)
294
295/* Any defined by macros: the field used is in the table itself */
296
297#define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
298#define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) }
299/* Plain simple type */
300#define ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type)
301
302/* OPTIONAL simple type */
303#define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type)
304
305/* IMPLICIT tagged simple type */
306#define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0)
307
308/* IMPLICIT tagged OPTIONAL simple type */
309#define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
310
311/* Same as above but EXPLICIT */
312
313#define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0)
314#define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
315
316/* SEQUENCE OF type */
317#define ASN1_SEQUENCE_OF(stname, field, type) \
318 ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type)
319
320/* OPTIONAL SEQUENCE OF */
321#define ASN1_SEQUENCE_OF_OPT(stname, field, type) \
322 ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
323
324/* Same as above but for SET OF */
325
326#define ASN1_SET_OF(stname, field, type) \
327 ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type)
328
329#define ASN1_SET_OF_OPT(stname, field, type) \
330 ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
331
332/* Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL */
333
334#define ASN1_IMP_SET_OF(stname, field, type, tag) \
335 ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
336
337#define ASN1_EXP_SET_OF(stname, field, type, tag) \
338 ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
339
340#define ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \
341 ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
342
343#define ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \
344 ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
345
346#define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \
347 ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
348
349#define ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \
350 ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
351
352#define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \
353 ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
354
355#define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \
356 ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
357
358/* EXPLICIT using indefinite length constructed form */
359#define ASN1_NDEF_EXP(stname, field, type, tag) \
360 ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF)
361
362/* EXPLICIT OPTIONAL using indefinite length constructed form */
363#define ASN1_NDEF_EXP_OPT(stname, field, type, tag) \
364 ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF)
365
366/* Macros for the ASN1_ADB structure */
367
368#define ASN1_ADB(name) \
369 static const ASN1_ADB_TABLE name##_adbtbl[]
370
371
372#define ASN1_ADB_END(name, flags, field, app_table, def, none) \
373 ;\
374 static const ASN1_ADB name##_adb = {\
375 flags,\
376 offsetof(name, field),\
377 app_table,\
378 name##_adbtbl,\
379 sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
380 def,\
381 none\
382 }
383
384
385#define ADB_ENTRY(val, template) {val, template}
386
387#define ASN1_ADB_TEMPLATE(name) \
388 static const ASN1_TEMPLATE name##_tt
389
390#endif /* !LIBRESSL_INTERNAL */
391
392/* This is the ASN1 template structure that defines
393 * a wrapper round the actual type. It determines the
394 * actual position of the field in the value structure,
395 * various flags such as OPTIONAL and the field name.
396 */
397
398struct ASN1_TEMPLATE_st {
399unsigned long flags; /* Various flags */
400long tag; /* tag, not used if no tagging */
401unsigned long offset; /* Offset of this field in structure */
402#ifndef NO_ASN1_FIELD_NAMES
403const char *field_name; /* Field name */
404#endif
405ASN1_ITEM_EXP *item; /* Relevant ASN1_ITEM or ASN1_ADB */
406};
407
408/* Macro to extract ASN1_ITEM and ASN1_ADB pointer from ASN1_TEMPLATE */
409
410#define ASN1_TEMPLATE_item(t) (t->item_ptr)
411#define ASN1_TEMPLATE_adb(t) (t->item_ptr)
412
413typedef struct ASN1_ADB_TABLE_st ASN1_ADB_TABLE;
414typedef struct ASN1_ADB_st ASN1_ADB;
415
416struct ASN1_ADB_st {
417 unsigned long flags; /* Various flags */
418 unsigned long offset; /* Offset of selector field */
419 STACK_OF(ASN1_ADB_TABLE) **app_items; /* Application defined items */
420 const ASN1_ADB_TABLE *tbl; /* Table of possible types */
421 long tblcount; /* Number of entries in tbl */
422 const ASN1_TEMPLATE *default_tt; /* Type to use if no match */
423 const ASN1_TEMPLATE *null_tt; /* Type to use if selector is NULL */
424};
425
426struct ASN1_ADB_TABLE_st {
427 long value; /* NID for an object or value for an int */
428 const ASN1_TEMPLATE tt; /* item for this value */
429};
430
431/* template flags */
432
433/* Field is optional */
434#define ASN1_TFLG_OPTIONAL (0x1)
435
436/* Field is a SET OF */
437#define ASN1_TFLG_SET_OF (0x1 << 1)
438
439/* Field is a SEQUENCE OF */
440#define ASN1_TFLG_SEQUENCE_OF (0x2 << 1)
441
442/* Special case: this refers to a SET OF that
443 * will be sorted into DER order when encoded *and*
444 * the corresponding STACK will be modified to match
445 * the new order.
446 */
447#define ASN1_TFLG_SET_ORDER (0x3 << 1)
448
449/* Mask for SET OF or SEQUENCE OF */
450#define ASN1_TFLG_SK_MASK (0x3 << 1)
451
452/* These flags mean the tag should be taken from the
453 * tag field. If EXPLICIT then the underlying type
454 * is used for the inner tag.
455 */
456
457/* IMPLICIT tagging */
458#define ASN1_TFLG_IMPTAG (0x1 << 3)
459
460
461/* EXPLICIT tagging, inner tag from underlying type */
462#define ASN1_TFLG_EXPTAG (0x2 << 3)
463
464#define ASN1_TFLG_TAG_MASK (0x3 << 3)
465
466/* context specific IMPLICIT */
467#define ASN1_TFLG_IMPLICIT ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT
468
469/* context specific EXPLICIT */
470#define ASN1_TFLG_EXPLICIT ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT
471
472/* If tagging is in force these determine the
473 * type of tag to use. Otherwise the tag is
474 * determined by the underlying type. These
475 * values reflect the actual octet format.
476 */
477
478/* Universal tag */
479#define ASN1_TFLG_UNIVERSAL (0x0<<6)
480/* Application tag */
481#define ASN1_TFLG_APPLICATION (0x1<<6)
482/* Context specific tag */
483#define ASN1_TFLG_CONTEXT (0x2<<6)
484/* Private tag */
485#define ASN1_TFLG_PRIVATE (0x3<<6)
486
487#define ASN1_TFLG_TAG_CLASS (0x3<<6)
488
489/* These are for ANY DEFINED BY type. In this case
490 * the 'item' field points to an ASN1_ADB structure
491 * which contains a table of values to decode the
492 * relevant type
493 */
494
495#define ASN1_TFLG_ADB_MASK (0x3<<8)
496
497#define ASN1_TFLG_ADB_OID (0x1<<8)
498
499#define ASN1_TFLG_ADB_INT (0x1<<9)
500
501/* This flag means a parent structure is passed
502 * instead of the field: this is useful is a
503 * SEQUENCE is being combined with a CHOICE for
504 * example. Since this means the structure and
505 * item name will differ we need to use the
506 * ASN1_CHOICE_END_name() macro for example.
507 */
508
509#define ASN1_TFLG_COMBINE (0x1<<10)
510
511/* This flag when present in a SEQUENCE OF, SET OF
512 * or EXPLICIT causes indefinite length constructed
513 * encoding to be used if required.
514 */
515
516#define ASN1_TFLG_NDEF (0x1<<11)
517
518/* This is the actual ASN1 item itself */
519
520struct ASN1_ITEM_st {
521char itype; /* The item type, primitive, SEQUENCE, CHOICE or extern */
522long utype; /* underlying type */
523const ASN1_TEMPLATE *templates; /* If SEQUENCE or CHOICE this contains the contents */
524long tcount; /* Number of templates if SEQUENCE or CHOICE */
525const void *funcs; /* functions that handle this type */
526long size; /* Structure size (usually)*/
527#ifndef NO_ASN1_FIELD_NAMES
528const char *sname; /* Structure name */
529#endif
530};
531
532/* These are values for the itype field and
533 * determine how the type is interpreted.
534 *
535 * For PRIMITIVE types the underlying type
536 * determines the behaviour if items is NULL.
537 *
538 * Otherwise templates must contain a single
539 * template and the type is treated in the
540 * same way as the type specified in the template.
541 *
542 * For SEQUENCE types the templates field points
543 * to the members, the size field is the
544 * structure size.
545 *
546 * For CHOICE types the templates field points
547 * to each possible member (typically a union)
548 * and the 'size' field is the offset of the
549 * selector.
550 *
551 * The 'funcs' field is used for application
552 * specific functions.
553 *
554 * The EXTERN type uses a new style d2i/i2d.
555 * The new style should be used where possible
556 * because it avoids things like the d2i IMPLICIT
557 * hack.
558 *
559 * MSTRING is a multiple string type, it is used
560 * for a CHOICE of character strings where the
561 * actual strings all occupy an ASN1_STRING
562 * structure. In this case the 'utype' field
563 * has a special meaning, it is used as a mask
564 * of acceptable types using the B_ASN1 constants.
565 *
566 * NDEF_SEQUENCE is the same as SEQUENCE except
567 * that it will use indefinite length constructed
568 * encoding if requested.
569 *
570 */
571
572#define ASN1_ITYPE_PRIMITIVE 0x0
573
574#define ASN1_ITYPE_SEQUENCE 0x1
575
576#define ASN1_ITYPE_CHOICE 0x2
577
578#define ASN1_ITYPE_EXTERN 0x4
579
580#define ASN1_ITYPE_MSTRING 0x5
581
582#define ASN1_ITYPE_NDEF_SEQUENCE 0x6
583
584/* Cache for ASN1 tag and length, so we
585 * don't keep re-reading it for things
586 * like CHOICE
587 */
588
589struct ASN1_TLC_st{
590 char valid; /* Values below are valid */
591 int ret; /* return value */
592 long plen; /* length */
593 int ptag; /* class value */
594 int pclass; /* class value */
595 int hdrlen; /* header length */
596};
597
598/* Typedefs for ASN1 function pointers */
599
600typedef ASN1_VALUE * ASN1_new_func(void);
601typedef void ASN1_free_func(ASN1_VALUE *a);
602typedef ASN1_VALUE * ASN1_d2i_func(ASN1_VALUE **a, const unsigned char ** in, long length);
603typedef int ASN1_i2d_func(ASN1_VALUE * a, unsigned char **in);
604
605typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it,
606 int tag, int aclass, char opt, ASN1_TLC *ctx);
607
608typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
609typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
610typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
611
612typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval,
613 int indent, const char *fname,
614 const ASN1_PCTX *pctx);
615
616typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
617typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
618typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx);
619
620typedef struct ASN1_EXTERN_FUNCS_st {
621 void *app_data;
622 ASN1_ex_new_func *asn1_ex_new;
623 ASN1_ex_free_func *asn1_ex_free;
624 ASN1_ex_free_func *asn1_ex_clear;
625 ASN1_ex_d2i *asn1_ex_d2i;
626 ASN1_ex_i2d *asn1_ex_i2d;
627 ASN1_ex_print_func *asn1_ex_print;
628} ASN1_EXTERN_FUNCS;
629
630typedef struct ASN1_PRIMITIVE_FUNCS_st {
631 void *app_data;
632 unsigned long flags;
633 ASN1_ex_new_func *prim_new;
634 ASN1_ex_free_func *prim_free;
635 ASN1_ex_free_func *prim_clear;
636 ASN1_primitive_c2i *prim_c2i;
637 ASN1_primitive_i2c *prim_i2c;
638 ASN1_primitive_print *prim_print;
639} ASN1_PRIMITIVE_FUNCS;
640
641/* This is the ASN1_AUX structure: it handles various
642 * miscellaneous requirements. For example the use of
643 * reference counts and an informational callback.
644 *
645 * The "informational callback" is called at various
646 * points during the ASN1 encoding and decoding. It can
647 * be used to provide minor customisation of the structures
648 * used. This is most useful where the supplied routines
649 * *almost* do the right thing but need some extra help
650 * at a few points. If the callback returns zero then
651 * it is assumed a fatal error has occurred and the
652 * main operation should be abandoned.
653 *
654 * If major changes in the default behaviour are required
655 * then an external type is more appropriate.
656 */
657
658typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it,
659 void *exarg);
660
661typedef struct ASN1_AUX_st {
662 void *app_data;
663 int flags;
664 int ref_offset; /* Offset of reference value */
665 int ref_lock; /* Lock type to use */
666 ASN1_aux_cb *asn1_cb;
667 int enc_offset; /* Offset of ASN1_ENCODING structure */
668} ASN1_AUX;
669
670/* For print related callbacks exarg points to this structure */
671typedef struct ASN1_PRINT_ARG_st {
672 BIO *out;
673 int indent;
674 const ASN1_PCTX *pctx;
675} ASN1_PRINT_ARG;
676
677/* For streaming related callbacks exarg points to this structure */
678typedef struct ASN1_STREAM_ARG_st {
679 /* BIO to stream through */
680 BIO *out;
681 /* BIO with filters appended */
682 BIO *ndef_bio;
683 /* Streaming I/O boundary */
684 unsigned char **boundary;
685} ASN1_STREAM_ARG;
686
687/* Flags in ASN1_AUX */
688
689/* Use a reference count */
690#define ASN1_AFLG_REFCOUNT 1
691/* Save the encoding of structure (useful for signatures) */
692#define ASN1_AFLG_ENCODING 2
693/* The Sequence length is invalid */
694#define ASN1_AFLG_BROKEN 4
695
696/* operation values for asn1_cb */
697
698#define ASN1_OP_NEW_PRE 0
699#define ASN1_OP_NEW_POST 1
700#define ASN1_OP_FREE_PRE 2
701#define ASN1_OP_FREE_POST 3
702#define ASN1_OP_D2I_PRE 4
703#define ASN1_OP_D2I_POST 5
704#define ASN1_OP_I2D_PRE 6
705#define ASN1_OP_I2D_POST 7
706#define ASN1_OP_PRINT_PRE 8
707#define ASN1_OP_PRINT_POST 9
708#define ASN1_OP_STREAM_PRE 10
709#define ASN1_OP_STREAM_POST 11
710#define ASN1_OP_DETACHED_PRE 12
711#define ASN1_OP_DETACHED_POST 13
712
713#ifndef LIBRESSL_INTERNAL
714
715/* Macro to implement a primitive type */
716#define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
717#define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) \
718 ASN1_ITEM_start(itname) \
719 ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname \
720 ASN1_ITEM_end(itname)
721
722/* Macro to implement a multi string type */
723#define IMPLEMENT_ASN1_MSTRING(itname, mask) \
724 ASN1_ITEM_start(itname) \
725 ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \
726 ASN1_ITEM_end(itname)
727#define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \
728 ASN1_ITEM_start(sname) \
729 ASN1_ITYPE_EXTERN, \
730 tag, \
731 NULL, \
732 0, \
733 &fptrs, \
734 0, \
735 #sname \
736 ASN1_ITEM_end(sname)
737
738/* Macro to implement standard functions in terms of ASN1_ITEM structures */
739
740#define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname)
741
742#define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname)
743
744#define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
745 IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
746
747#define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \
748 IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname)
749
750#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \
751 IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname)
752
753#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \
754 pre stname *fname##_new(void) \
755 { \
756 return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
757 } \
758 pre void fname##_free(stname *a) \
759 { \
760 ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
761 }
762
763#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
764 stname *fname##_new(void) \
765 { \
766 return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \
767 } \
768 void fname##_free(stname *a) \
769 { \
770 ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \
771 }
772
773#define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \
774 IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
775 IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
776
777#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
778 stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
779 { \
780 return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
781 } \
782 int i2d_##fname(stname *a, unsigned char **out) \
783 { \
784 return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
785 }
786
787#define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \
788 int i2d_##stname##_NDEF(stname *a, unsigned char **out) \
789 { \
790 return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\
791 }
792
793/* This includes evil casts to remove const: they will go away when full
794 * ASN1 constification is done.
795 */
796#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
797 stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
798 { \
799 return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
800 } \
801 int i2d_##fname(const stname *a, unsigned char **out) \
802 { \
803 return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
804 }
805
806#define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \
807 stname * stname##_dup(stname *x) \
808 { \
809 return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \
810 }
811
812#define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \
813 IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname)
814
815#define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \
816 int fname##_print_ctx(BIO *out, stname *x, int indent, \
817 const ASN1_PCTX *pctx) \
818 { \
819 return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \
820 ASN1_ITEM_rptr(itname), pctx); \
821 }
822
823#define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
824 IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)
825
826#define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \
827 IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
828 IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
829
830#endif /* !LIBRESSL_INTERNAL */
831
832/* external definitions for primitive types */
833
834DECLARE_ASN1_ITEM(ASN1_BOOLEAN)
835DECLARE_ASN1_ITEM(ASN1_TBOOLEAN)
836DECLARE_ASN1_ITEM(ASN1_FBOOLEAN)
837DECLARE_ASN1_ITEM(ASN1_SEQUENCE)
838DECLARE_ASN1_ITEM(CBIGNUM)
839DECLARE_ASN1_ITEM(BIGNUM)
840DECLARE_ASN1_ITEM(LONG)
841DECLARE_ASN1_ITEM(ZLONG)
842
843DECLARE_STACK_OF(ASN1_VALUE)
844
845/* Functions used internally by the ASN1 code */
846
847int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
848void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
849int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
850int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
851
852void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
853int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_TEMPLATE *tt);
854int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it,
855 int tag, int aclass, char opt, ASN1_TLC *ctx);
856
857int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
858int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt);
859void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
860
861int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
862
863int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it);
864int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it);
865
866ASN1_VALUE ** asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
867
868const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr);
869
870int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it);
871
872void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it);
873void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
874int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it);
875int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen, const ASN1_ITEM *it);
876
877#ifdef __cplusplus
878}
879#endif
880#endif
diff --git a/src/lib/libcrypto/asn1/asn_mime.c b/src/lib/libcrypto/asn1/asn_mime.c
deleted file mode 100644
index 1d82f1a76f..0000000000
--- a/src/lib/libcrypto/asn1/asn_mime.c
+++ /dev/null
@@ -1,1019 +0,0 @@
1/* $OpenBSD: asn_mime.c,v 1.26 2015/02/22 15:19:56 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project.
4 */
5/* ====================================================================
6 * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 */
54
55#include <ctype.h>
56#include <stdio.h>
57#include <stdlib.h>
58#include <string.h>
59
60#include <openssl/asn1.h>
61#include <openssl/asn1t.h>
62#include <openssl/err.h>
63#include <openssl/x509.h>
64
65#include "asn1_locl.h"
66
67/* Generalised MIME like utilities for streaming ASN1. Although many
68 * have a PKCS7/CMS like flavour others are more general purpose.
69 */
70
71/* MIME format structures
72 * Note that all are translated to lower case apart from
73 * parameter values. Quotes are stripped off
74 */
75
76typedef struct {
77 char *param_name; /* Param name e.g. "micalg" */
78 char *param_value; /* Param value e.g. "sha1" */
79} MIME_PARAM;
80
81DECLARE_STACK_OF(MIME_PARAM)
82
83typedef struct {
84 char *name; /* Name of line e.g. "content-type" */
85 char *value; /* Value of line e.g. "text/plain" */
86 STACK_OF(MIME_PARAM) *params; /* Zero or more parameters */
87} MIME_HEADER;
88
89DECLARE_STACK_OF(MIME_HEADER)
90
91static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
92 const ASN1_ITEM *it);
93static char * strip_ends(char *name);
94static char * strip_start(char *name);
95static char * strip_end(char *name);
96static MIME_HEADER *mime_hdr_new(char *name, char *value);
97static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value);
98static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio);
99static int mime_hdr_cmp(const MIME_HEADER * const *a,
100 const MIME_HEADER * const *b);
101static int mime_param_cmp(const MIME_PARAM * const *a,
102 const MIME_PARAM * const *b);
103static void mime_param_free(MIME_PARAM *param);
104static int mime_bound_check(char *line, int linelen, char *bound, int blen);
105static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret);
106static int strip_eol(char *linebuf, int *plen);
107static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name);
108static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name);
109static void mime_hdr_free(MIME_HEADER *hdr);
110
111#define MAX_SMLEN 1024
112#define mime_debug(x) /* x */
113
114/* Output an ASN1 structure in BER format streaming if necessary */
115
116int
117i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
118 const ASN1_ITEM *it)
119{
120 /* If streaming create stream BIO and copy all content through it */
121 if (flags & SMIME_STREAM) {
122 BIO *bio, *tbio;
123 bio = BIO_new_NDEF(out, val, it);
124 if (!bio) {
125 ASN1err(ASN1_F_I2D_ASN1_BIO_STREAM,
126 ERR_R_MALLOC_FAILURE);
127 return 0;
128 }
129 SMIME_crlf_copy(in, bio, flags);
130 (void)BIO_flush(bio);
131 /* Free up successive BIOs until we hit the old output BIO */
132 do {
133 tbio = BIO_pop(bio);
134 BIO_free(bio);
135 bio = tbio;
136 } while (bio != out);
137 }
138 /* else just write out ASN1 structure which will have all content
139 * stored internally
140 */
141 else
142 ASN1_item_i2d_bio(it, out, val);
143 return 1;
144}
145
146/* Base 64 read and write of ASN1 structure */
147
148static int
149B64_write_ASN1(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
150 const ASN1_ITEM *it)
151{
152 BIO *b64;
153 int r;
154
155 b64 = BIO_new(BIO_f_base64());
156 if (!b64) {
157 ASN1err(ASN1_F_B64_WRITE_ASN1, ERR_R_MALLOC_FAILURE);
158 return 0;
159 }
160 /* prepend the b64 BIO so all data is base64 encoded.
161 */
162 out = BIO_push(b64, out);
163 r = i2d_ASN1_bio_stream(out, val, in, flags, it);
164 (void)BIO_flush(out);
165 BIO_pop(out);
166 BIO_free(b64);
167 return r;
168}
169
170/* Streaming ASN1 PEM write */
171
172int
173PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags,
174 const char *hdr, const ASN1_ITEM *it)
175{
176 int r;
177
178 BIO_printf(out, "-----BEGIN %s-----\n", hdr);
179 r = B64_write_ASN1(out, val, in, flags, it);
180 BIO_printf(out, "-----END %s-----\n", hdr);
181 return r;
182}
183
184static ASN1_VALUE *
185b64_read_asn1(BIO *bio, const ASN1_ITEM *it)
186{
187 BIO *b64;
188 ASN1_VALUE *val;
189 if (!(b64 = BIO_new(BIO_f_base64()))) {
190 ASN1err(ASN1_F_B64_READ_ASN1, ERR_R_MALLOC_FAILURE);
191 return 0;
192 }
193 bio = BIO_push(b64, bio);
194 val = ASN1_item_d2i_bio(it, bio, NULL);
195 if (!val)
196 ASN1err(ASN1_F_B64_READ_ASN1, ASN1_R_DECODE_ERROR);
197 (void)BIO_flush(bio);
198 bio = BIO_pop(bio);
199 BIO_free(b64);
200 return val;
201}
202
203/* Generate the MIME "micalg" parameter from RFC3851, RFC4490 */
204
205static int
206asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs)
207{
208 const EVP_MD *md;
209 int i, have_unknown = 0, write_comma, ret = 0, md_nid;
210
211 have_unknown = 0;
212 write_comma = 0;
213 for (i = 0; i < sk_X509_ALGOR_num(mdalgs); i++) {
214 if (write_comma)
215 BIO_write(out, ",", 1);
216 write_comma = 1;
217 md_nid = OBJ_obj2nid(sk_X509_ALGOR_value(mdalgs, i)->algorithm);
218 md = EVP_get_digestbynid(md_nid);
219 if (md && md->md_ctrl) {
220 int rv;
221 char *micstr;
222 rv = md->md_ctrl(NULL, EVP_MD_CTRL_MICALG, 0, &micstr);
223 if (rv > 0) {
224 BIO_puts(out, micstr);
225 free(micstr);
226 continue;
227 }
228 if (rv != -2)
229 goto err;
230 }
231 switch (md_nid) {
232 case NID_sha1:
233 BIO_puts(out, "sha1");
234 break;
235
236 case NID_md5:
237 BIO_puts(out, "md5");
238 break;
239
240 case NID_sha256:
241 BIO_puts(out, "sha-256");
242 break;
243
244 case NID_sha384:
245 BIO_puts(out, "sha-384");
246 break;
247
248 case NID_sha512:
249 BIO_puts(out, "sha-512");
250 break;
251
252 case NID_id_GostR3411_94:
253 BIO_puts(out, "gostr3411-94");
254 goto err;
255 break;
256
257 default:
258 if (have_unknown)
259 write_comma = 0;
260 else {
261 BIO_puts(out, "unknown");
262 have_unknown = 1;
263 }
264 break;
265
266 }
267 }
268
269 ret = 1;
270
271err:
272 return ret;
273}
274
275/* SMIME sender */
276
277int
278SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
279 int ctype_nid, int econt_nid, STACK_OF(X509_ALGOR) *mdalgs,
280 const ASN1_ITEM *it)
281{
282 char bound[33], c;
283 int i;
284 const char *mime_prefix, *mime_eol, *cname = "smime.p7m";
285 const char *msg_type = NULL;
286
287 if (flags & SMIME_OLDMIME)
288 mime_prefix = "application/x-pkcs7-";
289 else
290 mime_prefix = "application/pkcs7-";
291
292 if (flags & SMIME_CRLFEOL)
293 mime_eol = "\r\n";
294 else
295 mime_eol = "\n";
296 if ((flags & SMIME_DETACHED) && data) {
297 /* We want multipart/signed */
298 /* Generate a random boundary */
299 arc4random_buf(bound, 32);
300 for (i = 0; i < 32; i++) {
301 c = bound[i] & 0xf;
302 if (c < 10)
303 c += '0';
304 else
305 c += 'A' - 10;
306 bound[i] = c;
307 }
308 bound[32] = 0;
309 BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol);
310 BIO_printf(bio, "Content-Type: multipart/signed;");
311 BIO_printf(bio, " protocol=\"%ssignature\";", mime_prefix);
312 BIO_puts(bio, " micalg=\"");
313 asn1_write_micalg(bio, mdalgs);
314 BIO_printf(bio, "\"; boundary=\"----%s\"%s%s",
315 bound, mime_eol, mime_eol);
316 BIO_printf(bio, "This is an S/MIME signed message%s%s",
317 mime_eol, mime_eol);
318 /* Now write out the first part */
319 BIO_printf(bio, "------%s%s", bound, mime_eol);
320 if (!asn1_output_data(bio, data, val, flags, it))
321 return 0;
322 BIO_printf(bio, "%s------%s%s", mime_eol, bound, mime_eol);
323
324 /* Headers for signature */
325
326 BIO_printf(bio, "Content-Type: %ssignature;", mime_prefix);
327 BIO_printf(bio, " name=\"smime.p7s\"%s", mime_eol);
328 BIO_printf(bio, "Content-Transfer-Encoding: base64%s",
329 mime_eol);
330 BIO_printf(bio, "Content-Disposition: attachment;");
331 BIO_printf(bio, " filename=\"smime.p7s\"%s%s",
332 mime_eol, mime_eol);
333 B64_write_ASN1(bio, val, NULL, 0, it);
334 BIO_printf(bio, "%s------%s--%s%s", mime_eol, bound,
335 mime_eol, mime_eol);
336 return 1;
337 }
338
339 /* Determine smime-type header */
340
341 if (ctype_nid == NID_pkcs7_enveloped)
342 msg_type = "enveloped-data";
343 else if (ctype_nid == NID_pkcs7_signed) {
344 if (econt_nid == NID_id_smime_ct_receipt)
345 msg_type = "signed-receipt";
346 else if (sk_X509_ALGOR_num(mdalgs) >= 0)
347 msg_type = "signed-data";
348 else
349 msg_type = "certs-only";
350 } else if (ctype_nid == NID_id_smime_ct_compressedData) {
351 msg_type = "compressed-data";
352 cname = "smime.p7z";
353 }
354 /* MIME headers */
355 BIO_printf(bio, "MIME-Version: 1.0%s", mime_eol);
356 BIO_printf(bio, "Content-Disposition: attachment;");
357 BIO_printf(bio, " filename=\"%s\"%s", cname, mime_eol);
358 BIO_printf(bio, "Content-Type: %smime;", mime_prefix);
359 if (msg_type)
360 BIO_printf(bio, " smime-type=%s;", msg_type);
361 BIO_printf(bio, " name=\"%s\"%s", cname, mime_eol);
362 BIO_printf(bio, "Content-Transfer-Encoding: base64%s%s",
363 mime_eol, mime_eol);
364 if (!B64_write_ASN1(bio, val, data, flags, it))
365 return 0;
366 BIO_printf(bio, "%s", mime_eol);
367 return 1;
368}
369
370/* Handle output of ASN1 data */
371
372
373static int
374asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
375 const ASN1_ITEM *it)
376{
377 BIO *tmpbio;
378 const ASN1_AUX *aux = it->funcs;
379 ASN1_STREAM_ARG sarg;
380 int rv = 1;
381
382 /* If data is not deteched or resigning then the output BIO is
383 * already set up to finalise when it is written through.
384 */
385 if (!(flags & SMIME_DETACHED) || (flags & PKCS7_REUSE_DIGEST)) {
386 SMIME_crlf_copy(data, out, flags);
387 return 1;
388 }
389
390 if (!aux || !aux->asn1_cb) {
391 ASN1err(ASN1_F_ASN1_OUTPUT_DATA,
392 ASN1_R_STREAMING_NOT_SUPPORTED);
393 return 0;
394 }
395
396 sarg.out = out;
397 sarg.ndef_bio = NULL;
398 sarg.boundary = NULL;
399
400 /* Let ASN1 code prepend any needed BIOs */
401
402 if (aux->asn1_cb(ASN1_OP_DETACHED_PRE, &val, it, &sarg) <= 0)
403 return 0;
404
405 /* Copy data across, passing through filter BIOs for processing */
406 SMIME_crlf_copy(data, sarg.ndef_bio, flags);
407
408 /* Finalize structure */
409 if (aux->asn1_cb(ASN1_OP_DETACHED_POST, &val, it, &sarg) <= 0)
410 rv = 0;
411
412 /* Now remove any digests prepended to the BIO */
413
414 while (sarg.ndef_bio != out) {
415 tmpbio = BIO_pop(sarg.ndef_bio);
416 BIO_free(sarg.ndef_bio);
417 sarg.ndef_bio = tmpbio;
418 }
419
420 return rv;
421}
422
423/* SMIME reader: handle multipart/signed and opaque signing.
424 * in multipart case the content is placed in a memory BIO
425 * pointed to by "bcont". In opaque this is set to NULL
426 */
427
428ASN1_VALUE *
429SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it)
430{
431 BIO *asnin;
432 STACK_OF(MIME_HEADER) *headers = NULL;
433 STACK_OF(BIO) *parts = NULL;
434 MIME_HEADER *hdr;
435 MIME_PARAM *prm;
436 ASN1_VALUE *val;
437 int ret;
438
439 if (bcont)
440 *bcont = NULL;
441
442 if (!(headers = mime_parse_hdr(bio))) {
443 ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_MIME_PARSE_ERROR);
444 return NULL;
445 }
446
447 if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
448 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
449 ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_CONTENT_TYPE);
450 return NULL;
451 }
452
453 /* Handle multipart/signed */
454
455 if (!strcmp(hdr->value, "multipart/signed")) {
456 /* Split into two parts */
457 prm = mime_param_find(hdr, "boundary");
458 if (!prm || !prm->param_value) {
459 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
460 ASN1err(ASN1_F_SMIME_READ_ASN1,
461 ASN1_R_NO_MULTIPART_BOUNDARY);
462 return NULL;
463 }
464 ret = multi_split(bio, prm->param_value, &parts);
465 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
466 if (!ret || (sk_BIO_num(parts) != 2) ) {
467 ASN1err(ASN1_F_SMIME_READ_ASN1,
468 ASN1_R_NO_MULTIPART_BODY_FAILURE);
469 sk_BIO_pop_free(parts, BIO_vfree);
470 return NULL;
471 }
472
473 /* Parse the signature piece */
474 asnin = sk_BIO_value(parts, 1);
475
476 if (!(headers = mime_parse_hdr(asnin))) {
477 ASN1err(ASN1_F_SMIME_READ_ASN1,
478 ASN1_R_MIME_SIG_PARSE_ERROR);
479 sk_BIO_pop_free(parts, BIO_vfree);
480 return NULL;
481 }
482
483 /* Get content type */
484
485 if (!(hdr = mime_hdr_find(headers, "content-type")) ||
486 !hdr->value) {
487 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
488 sk_BIO_pop_free(parts, BIO_vfree);
489 ASN1err(ASN1_F_SMIME_READ_ASN1,
490 ASN1_R_NO_SIG_CONTENT_TYPE);
491 return NULL;
492 }
493
494 if (strcmp(hdr->value, "application/x-pkcs7-signature") &&
495 strcmp(hdr->value, "application/pkcs7-signature")) {
496 ASN1err(ASN1_F_SMIME_READ_ASN1,
497 ASN1_R_SIG_INVALID_MIME_TYPE);
498 ERR_asprintf_error_data("type: %s", hdr->value);
499 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
500 sk_BIO_pop_free(parts, BIO_vfree);
501 return NULL;
502 }
503 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
504 /* Read in ASN1 */
505 if (!(val = b64_read_asn1(asnin, it))) {
506 ASN1err(ASN1_F_SMIME_READ_ASN1,
507 ASN1_R_ASN1_SIG_PARSE_ERROR);
508 sk_BIO_pop_free(parts, BIO_vfree);
509 return NULL;
510 }
511
512 if (bcont) {
513 *bcont = sk_BIO_value(parts, 0);
514 BIO_free(asnin);
515 sk_BIO_free(parts);
516 } else sk_BIO_pop_free(parts, BIO_vfree);
517 return val;
518 }
519
520 /* OK, if not multipart/signed try opaque signature */
521
522 if (strcmp (hdr->value, "application/x-pkcs7-mime") &&
523 strcmp (hdr->value, "application/pkcs7-mime")) {
524 ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_INVALID_MIME_TYPE);
525 ERR_asprintf_error_data("type: %s", hdr->value);
526 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
527 return NULL;
528 }
529
530 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
531
532 if (!(val = b64_read_asn1(bio, it))) {
533 ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_ASN1_PARSE_ERROR);
534 return NULL;
535 }
536 return val;
537}
538
539/* Copy text from one BIO to another making the output CRLF at EOL */
540int
541SMIME_crlf_copy(BIO *in, BIO *out, int flags)
542{
543 BIO *bf;
544 char eol;
545 int len;
546 char linebuf[MAX_SMLEN];
547
548 /* Buffer output so we don't write one line at a time. This is
549 * useful when streaming as we don't end up with one OCTET STRING
550 * per line.
551 */
552 bf = BIO_new(BIO_f_buffer());
553 if (!bf)
554 return 0;
555 out = BIO_push(bf, out);
556 if (flags & SMIME_BINARY) {
557 while ((len = BIO_read(in, linebuf, MAX_SMLEN)) > 0)
558 BIO_write(out, linebuf, len);
559 } else {
560 if (flags & SMIME_TEXT)
561 BIO_printf(out, "Content-Type: text/plain\r\n\r\n");
562 while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0) {
563 eol = strip_eol(linebuf, &len);
564 if (len)
565 BIO_write(out, linebuf, len);
566 if (eol)
567 BIO_write(out, "\r\n", 2);
568 }
569 }
570 (void)BIO_flush(out);
571 BIO_pop(out);
572 BIO_free(bf);
573 return 1;
574}
575
576/* Strip off headers if they are text/plain */
577int
578SMIME_text(BIO *in, BIO *out)
579{
580 char iobuf[4096];
581 int len;
582 STACK_OF(MIME_HEADER) *headers;
583 MIME_HEADER *hdr;
584
585 if (!(headers = mime_parse_hdr(in))) {
586 ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_MIME_PARSE_ERROR);
587 return 0;
588 }
589 if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) {
590 ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_MIME_NO_CONTENT_TYPE);
591 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
592 return 0;
593 }
594 if (strcmp (hdr->value, "text/plain")) {
595 ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_INVALID_MIME_TYPE);
596 ERR_asprintf_error_data("type: %s", hdr->value);
597 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
598 return 0;
599 }
600 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
601 while ((len = BIO_read(in, iobuf, sizeof(iobuf))) > 0)
602 BIO_write(out, iobuf, len);
603 if (len < 0)
604 return 0;
605 return 1;
606}
607
608/*
609 * Split a multipart/XXX message body into component parts: result is
610 * canonical parts in a STACK of bios
611 */
612static int
613multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret)
614{
615 char linebuf[MAX_SMLEN];
616 int len, blen;
617 int eol = 0, next_eol = 0;
618 BIO *bpart = NULL;
619 STACK_OF(BIO) *parts;
620 char state, part, first;
621
622 blen = strlen(bound);
623 part = 0;
624 state = 0;
625 first = 1;
626 parts = sk_BIO_new_null();
627 *ret = parts;
628 if (parts == NULL)
629 return 0;
630 while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
631 state = mime_bound_check(linebuf, len, bound, blen);
632 if (state == 1) {
633 first = 1;
634 part++;
635 } else if (state == 2) {
636 if (sk_BIO_push(parts, bpart) == 0)
637 return 0;
638 return 1;
639 } else if (part) {
640 /* Strip CR+LF from linebuf */
641 next_eol = strip_eol(linebuf, &len);
642 if (first) {
643 first = 0;
644 if (bpart != NULL) {
645 if (sk_BIO_push(parts, bpart) == 0)
646 return 0;
647 }
648 bpart = BIO_new(BIO_s_mem());
649 if (bpart == NULL)
650 return 0;
651 BIO_set_mem_eof_return(bpart, 0);
652 } else if (eol)
653 BIO_write(bpart, "\r\n", 2);
654 eol = next_eol;
655 if (len)
656 BIO_write(bpart, linebuf, len);
657 }
658 }
659 BIO_free(bpart);
660 return 0;
661}
662
663/* This is the big one: parse MIME header lines up to message body */
664
665#define MIME_INVALID 0
666#define MIME_START 1
667#define MIME_TYPE 2
668#define MIME_NAME 3
669#define MIME_VALUE 4
670#define MIME_QUOTE 5
671#define MIME_COMMENT 6
672
673
674static
675STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio)
676{
677 char *p, *q, c;
678 char *ntmp;
679 char linebuf[MAX_SMLEN];
680 MIME_HEADER *mhdr = NULL;
681 STACK_OF(MIME_HEADER) *headers;
682 int len, state, save_state = 0;
683
684 headers = sk_MIME_HEADER_new(mime_hdr_cmp);
685 if (!headers)
686 return NULL;
687 while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) {
688 /* If whitespace at line start then continuation line */
689 if (mhdr && isspace((unsigned char)linebuf[0]))
690 state = MIME_NAME;
691 else
692 state = MIME_START;
693 ntmp = NULL;
694
695 /* Go through all characters */
696 for (p = linebuf, q = linebuf;
697 (c = *p) && (c != '\r') && (c != '\n'); p++) {
698
699 /* State machine to handle MIME headers
700 * if this looks horrible that's because it *is*
701 */
702
703 switch (state) {
704 case MIME_START:
705 if (c == ':') {
706 state = MIME_TYPE;
707 *p = 0;
708 ntmp = strip_ends(q);
709 q = p + 1;
710 }
711 break;
712
713 case MIME_TYPE:
714 if (c == ';') {
715 mime_debug("Found End Value\n");
716 *p = 0;
717 mhdr = mime_hdr_new(ntmp,
718 strip_ends(q));
719 if (mhdr == NULL)
720 goto merr;
721 if (sk_MIME_HEADER_push(headers,
722 mhdr) == 0)
723 goto merr;
724 ntmp = NULL;
725 q = p + 1;
726 state = MIME_NAME;
727 } else if (c == '(') {
728 save_state = state;
729 state = MIME_COMMENT;
730 }
731 break;
732
733 case MIME_COMMENT:
734 if (c == ')') {
735 state = save_state;
736 }
737 break;
738
739 case MIME_NAME:
740 if (c == '=') {
741 state = MIME_VALUE;
742 *p = 0;
743 ntmp = strip_ends(q);
744 q = p + 1;
745 }
746 break;
747
748 case MIME_VALUE:
749 if (c == ';') {
750 state = MIME_NAME;
751 *p = 0;
752 mime_hdr_addparam(mhdr, ntmp,
753 strip_ends(q));
754 ntmp = NULL;
755 q = p + 1;
756 } else if (c == '"') {
757 mime_debug("Found Quote\n");
758 state = MIME_QUOTE;
759 } else if (c == '(') {
760 save_state = state;
761 state = MIME_COMMENT;
762 }
763 break;
764
765 case MIME_QUOTE:
766 if (c == '"') {
767 mime_debug("Found Match Quote\n");
768 state = MIME_VALUE;
769 }
770 break;
771 }
772 }
773
774 if (state == MIME_TYPE) {
775 mhdr = mime_hdr_new(ntmp, strip_ends(q));
776 if (mhdr == NULL)
777 goto merr;
778 if (sk_MIME_HEADER_push(headers, mhdr) == 0)
779 goto merr;
780 } else if (state == MIME_VALUE)
781 mime_hdr_addparam(mhdr, ntmp, strip_ends(q));
782
783 if (p == linebuf)
784 break; /* Blank line means end of headers */
785 }
786
787 return headers;
788
789merr:
790 if (mhdr != NULL)
791 mime_hdr_free(mhdr);
792 sk_MIME_HEADER_pop_free(headers, mime_hdr_free);
793 return NULL;
794}
795
796static char *
797strip_ends(char *name)
798{
799 return strip_end(strip_start(name));
800}
801
802/* Strip a parameter of whitespace from start of param */
803static char *
804strip_start(char *name)
805{
806 char *p, c;
807
808 /* Look for first non white space or quote */
809 for (p = name; (c = *p); p++) {
810 if (c == '"') {
811 /* Next char is start of string if non null */
812 if (p[1])
813 return p + 1;
814 /* Else null string */
815 return NULL;
816 }
817 if (!isspace((unsigned char)c))
818 return p;
819 }
820 return NULL;
821}
822
823/* As above but strip from end of string : maybe should handle brackets? */
824static char *
825strip_end(char *name)
826{
827 char *p, c;
828
829 if (!name)
830 return NULL;
831
832 /* Look for first non white space or quote */
833 for (p = name + strlen(name) - 1; p >= name; p--) {
834 c = *p;
835 if (c == '"') {
836 if (p - 1 == name)
837 return NULL;
838 *p = 0;
839 return name;
840 }
841 if (isspace((unsigned char)c))
842 *p = 0;
843 else
844 return name;
845 }
846 return NULL;
847}
848
849static MIME_HEADER *
850mime_hdr_new(char *name, char *value)
851{
852 MIME_HEADER *mhdr;
853 char *tmpname = NULL, *tmpval = NULL, *p;
854
855 if (name) {
856 if (!(tmpname = strdup(name)))
857 goto err;
858 for (p = tmpname; *p; p++)
859 *p = tolower((unsigned char)*p);
860 }
861 if (value) {
862 if (!(tmpval = strdup(value)))
863 goto err;
864 for (p = tmpval; *p; p++)
865 *p = tolower((unsigned char)*p);
866 }
867 mhdr = malloc(sizeof(MIME_HEADER));
868 if (!mhdr)
869 goto err;
870 mhdr->name = tmpname;
871 mhdr->value = tmpval;
872 if (!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp))) {
873 free(mhdr);
874 goto err;
875 }
876 return mhdr;
877err:
878 free(tmpname);
879 free(tmpval);
880 return NULL;
881}
882
883static int
884mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value)
885{
886 char *tmpname = NULL, *tmpval = NULL, *p;
887 MIME_PARAM *mparam;
888
889 if (name) {
890 tmpname = strdup(name);
891 if (!tmpname)
892 goto err;
893 for (p = tmpname; *p; p++)
894 *p = tolower((unsigned char)*p);
895 }
896 if (value) {
897 tmpval = strdup(value);
898 if (!tmpval)
899 goto err;
900 }
901 /* Parameter values are case sensitive so leave as is */
902 mparam = malloc(sizeof(MIME_PARAM));
903 if (!mparam)
904 goto err;
905 mparam->param_name = tmpname;
906 mparam->param_value = tmpval;
907 if (sk_MIME_PARAM_push(mhdr->params, mparam) == 0) {
908 free(mparam);
909 goto err;
910 }
911 return 1;
912err:
913 free(tmpname);
914 free(tmpval);
915 return 0;
916}
917
918static int
919mime_hdr_cmp(const MIME_HEADER * const *a, const MIME_HEADER * const *b)
920{
921 if (!(*a)->name || !(*b)->name)
922 return !!(*a)->name - !!(*b)->name;
923 return (strcmp((*a)->name, (*b)->name));
924}
925
926static int
927mime_param_cmp(const MIME_PARAM * const *a, const MIME_PARAM * const *b)
928{
929 if (!(*a)->param_name || !(*b)->param_name)
930 return !!(*a)->param_name - !!(*b)->param_name;
931 return (strcmp((*a)->param_name, (*b)->param_name));
932}
933
934/* Find a header with a given name (if possible) */
935
936static MIME_HEADER *
937mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name)
938{
939 MIME_HEADER htmp;
940 int idx;
941 htmp.name = name;
942 idx = sk_MIME_HEADER_find(hdrs, &htmp);
943 if (idx < 0)
944 return NULL;
945 return sk_MIME_HEADER_value(hdrs, idx);
946}
947
948static MIME_PARAM *
949mime_param_find(MIME_HEADER *hdr, char *name)
950{
951 MIME_PARAM param;
952 int idx;
953 param.param_name = name;
954 idx = sk_MIME_PARAM_find(hdr->params, &param);
955 if (idx < 0)
956 return NULL;
957 return sk_MIME_PARAM_value(hdr->params, idx);
958}
959
960static void
961mime_hdr_free(MIME_HEADER *hdr)
962{
963 free(hdr->name);
964 free(hdr->value);
965 if (hdr->params)
966 sk_MIME_PARAM_pop_free(hdr->params, mime_param_free);
967 free(hdr);
968}
969
970static void
971mime_param_free(MIME_PARAM *param)
972{
973 free(param->param_name);
974 free(param->param_value);
975 free(param);
976}
977
978/* Check for a multipart boundary. Returns:
979 * 0 : no boundary
980 * 1 : part boundary
981 * 2 : final boundary
982 */
983static int
984mime_bound_check(char *line, int linelen, char *bound, int blen)
985{
986 if (linelen == -1)
987 linelen = strlen(line);
988 if (blen == -1)
989 blen = strlen(bound);
990 /* Quickly eliminate if line length too short */
991 if (blen + 2 > linelen)
992 return 0;
993 /* Check for part boundary */
994 if (!strncmp(line, "--", 2) && !strncmp(line + 2, bound, blen)) {
995 if (!strncmp(line + blen + 2, "--", 2))
996 return 2;
997 else
998 return 1;
999 }
1000 return 0;
1001}
1002
1003static int
1004strip_eol(char *linebuf, int *plen)
1005{
1006 int len = *plen;
1007 char *p, c;
1008 int is_eol = 0;
1009
1010 for (p = linebuf + len - 1; len > 0; len--, p--) {
1011 c = *p;
1012 if (c == '\n')
1013 is_eol = 1;
1014 else if (c != '\r')
1015 break;
1016 }
1017 *plen = len;
1018 return is_eol;
1019}
diff --git a/src/lib/libcrypto/asn1/asn_moid.c b/src/lib/libcrypto/asn1/asn_moid.c
deleted file mode 100644
index 76b6405212..0000000000
--- a/src/lib/libcrypto/asn1/asn_moid.c
+++ /dev/null
@@ -1,158 +0,0 @@
1/* $OpenBSD: asn_moid.c,v 1.12 2014/07/11 08:44:47 jsing Exp $ */
2/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL
3 * project 2001.
4 */
5/* ====================================================================
6 * Copyright (c) 2001-2004 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <ctype.h>
60#include <stdio.h>
61#include <string.h>
62
63#include <openssl/err.h>
64#include <openssl/conf.h>
65#include <openssl/crypto.h>
66#include <openssl/x509.h>
67
68/* Simple ASN1 OID module: add all objects in a given section */
69
70static int do_create(char *value, char *name);
71
72static int
73oid_module_init(CONF_IMODULE *md, const CONF *cnf)
74{
75 int i;
76 const char *oid_section;
77 STACK_OF(CONF_VALUE) *sktmp;
78 CONF_VALUE *oval;
79
80 oid_section = CONF_imodule_get_value(md);
81 if (!(sktmp = NCONF_get_section(cnf, oid_section))) {
82 ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ERROR_LOADING_SECTION);
83 return 0;
84 }
85 for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) {
86 oval = sk_CONF_VALUE_value(sktmp, i);
87 if (!do_create(oval->value, oval->name)) {
88 ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ADDING_OBJECT);
89 return 0;
90 }
91 }
92 return 1;
93}
94
95static void
96oid_module_finish(CONF_IMODULE *md)
97{
98 OBJ_cleanup();
99}
100
101void
102ASN1_add_oid_module(void)
103{
104 CONF_module_add("oid_section", oid_module_init, oid_module_finish);
105}
106
107/* Create an OID based on a name value pair. Accept two formats.
108 * shortname = 1.2.3.4
109 * shortname = some long name, 1.2.3.4
110 */
111
112static int
113do_create(char *value, char *name)
114{
115 int nid;
116 ASN1_OBJECT *oid;
117 char *ln, *ostr, *p, *lntmp;
118
119 p = strrchr(value, ',');
120 if (!p) {
121 ln = name;
122 ostr = value;
123 } else {
124 ln = NULL;
125 ostr = p + 1;
126 if (!*ostr)
127 return 0;
128 while (isspace((unsigned char)*ostr))
129 ostr++;
130 }
131
132 nid = OBJ_create(ostr, name, ln);
133
134 if (nid == NID_undef)
135 return 0;
136
137 if (p) {
138 ln = value;
139 while (isspace((unsigned char)*ln))
140 ln++;
141 p--;
142 while (isspace((unsigned char)*p)) {
143 if (p == ln)
144 return 0;
145 p--;
146 }
147 p++;
148 lntmp = malloc((p - ln) + 1);
149 if (lntmp == NULL)
150 return 0;
151 memcpy(lntmp, ln, p - ln);
152 lntmp[p - ln] = 0;
153 oid = OBJ_nid2obj(nid);
154 oid->ln = lntmp;
155 }
156
157 return 1;
158}
diff --git a/src/lib/libcrypto/asn1/asn_pack.c b/src/lib/libcrypto/asn1/asn_pack.c
deleted file mode 100644
index f010f87bbd..0000000000
--- a/src/lib/libcrypto/asn1/asn_pack.c
+++ /dev/null
@@ -1,217 +0,0 @@
1/* $OpenBSD: asn_pack.c,v 1.14 2014/07/11 13:41:59 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60
61#include <openssl/asn1.h>
62#include <openssl/err.h>
63
64#ifndef NO_ASN1_OLD
65
66/* ASN1 packing and unpacking functions */
67
68/* Turn an ASN1 encoded SEQUENCE OF into a STACK of structures */
69
70STACK_OF(OPENSSL_BLOCK) *
71ASN1_seq_unpack(const unsigned char *buf, int len, d2i_of_void *d2i,
72 void (*free_func)(OPENSSL_BLOCK))
73{
74 STACK_OF(OPENSSL_BLOCK) *sk;
75 const unsigned char *pbuf;
76
77 pbuf = buf;
78 if (!(sk = d2i_ASN1_SET(NULL, &pbuf, len, d2i, free_func,
79 V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL)))
80 ASN1err(ASN1_F_ASN1_SEQ_UNPACK,ASN1_R_DECODE_ERROR);
81 return sk;
82}
83
84/* Turn a STACK structures into an ASN1 encoded SEQUENCE OF structure in a
85 * OPENSSL_malloc'ed buffer
86 */
87
88unsigned char *
89ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d,
90 unsigned char **buf, int *len)
91{
92 int safelen;
93 unsigned char *safe, *p;
94
95 if (!(safelen = i2d_ASN1_SET(safes, NULL, i2d, V_ASN1_SEQUENCE,
96 V_ASN1_UNIVERSAL, IS_SEQUENCE))) {
97 ASN1err(ASN1_F_ASN1_SEQ_PACK,ASN1_R_ENCODE_ERROR);
98 return NULL;
99 }
100 if (!(safe = malloc(safelen))) {
101 ASN1err(ASN1_F_ASN1_SEQ_PACK,ERR_R_MALLOC_FAILURE);
102 return NULL;
103 }
104 p = safe;
105 i2d_ASN1_SET(safes, &p, i2d, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL,
106 IS_SEQUENCE);
107 if (len)
108 *len = safelen;
109 if (buf)
110 *buf = safe;
111 return safe;
112}
113
114/* Extract an ASN1 object from an ASN1_STRING */
115
116void *
117ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i)
118{
119 const unsigned char *p;
120 char *ret;
121
122 p = oct->data;
123 if (!(ret = d2i(NULL, &p, oct->length)))
124 ASN1err(ASN1_F_ASN1_UNPACK_STRING,ASN1_R_DECODE_ERROR);
125 return ret;
126}
127
128/* Pack an ASN1 object into an ASN1_STRING */
129
130ASN1_STRING *
131ASN1_pack_string(void *obj, i2d_of_void *i2d, ASN1_STRING **oct)
132{
133 unsigned char *p;
134 ASN1_STRING *octmp;
135
136 if (!oct || !*oct) {
137 if (!(octmp = ASN1_STRING_new())) {
138 ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE);
139 return NULL;
140 }
141 } else
142 octmp = *oct;
143
144 if (!(octmp->length = i2d(obj, NULL))) {
145 ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR);
146 goto err;
147 }
148 if (!(p = malloc (octmp->length))) {
149 ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE);
150 goto err;
151 }
152 octmp->data = p;
153 i2d (obj, &p);
154 if (oct)
155 *oct = octmp;
156 return octmp;
157err:
158 if (!oct || octmp != *oct) {
159 ASN1_STRING_free(octmp);
160 if (oct)
161 *oct = NULL;
162 }
163 return NULL;
164}
165
166#endif
167
168/* ASN1_ITEM versions of the above */
169
170ASN1_STRING *
171ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct)
172{
173 ASN1_STRING *octmp;
174
175 if (!oct || !*oct) {
176 if (!(octmp = ASN1_STRING_new ())) {
177 ASN1err(ASN1_F_ASN1_ITEM_PACK, ERR_R_MALLOC_FAILURE);
178 return NULL;
179 }
180 } else
181 octmp = *oct;
182
183 if (octmp->data) {
184 free(octmp->data);
185 octmp->data = NULL;
186 }
187
188 if (!(octmp->length = ASN1_item_i2d(obj, &octmp->data, it))) {
189 ASN1err(ASN1_F_ASN1_ITEM_PACK, ASN1_R_ENCODE_ERROR);
190 goto err;
191 }
192 if (!octmp->data) {
193 ASN1err(ASN1_F_ASN1_ITEM_PACK, ERR_R_MALLOC_FAILURE);
194 goto err;
195 }
196 if (oct)
197 *oct = octmp;
198 return octmp;
199err:
200 if (!oct || octmp != *oct)
201 ASN1_STRING_free(octmp);
202 return NULL;
203}
204
205/* Extract an ASN1 object from an ASN1_STRING */
206
207void *
208ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it)
209{
210 const unsigned char *p;
211 void *ret;
212
213 p = oct->data;
214 if (!(ret = ASN1_item_d2i(NULL, &p, oct->length, it)))
215 ASN1err(ASN1_F_ASN1_ITEM_UNPACK, ASN1_R_DECODE_ERROR);
216 return ret;
217}
diff --git a/src/lib/libcrypto/asn1/bio_asn1.c b/src/lib/libcrypto/asn1/bio_asn1.c
deleted file mode 100644
index 219810db82..0000000000
--- a/src/lib/libcrypto/asn1/bio_asn1.c
+++ /dev/null
@@ -1,496 +0,0 @@
1/* $OpenBSD: bio_asn1.c,v 1.11 2015/02/10 09:52:35 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project.
4 */
5/* ====================================================================
6 * Copyright (c) 2006 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59/* Experimental ASN1 BIO. When written through the data is converted
60 * to an ASN1 string type: default is OCTET STRING. Additional functions
61 * can be provided to add prefix and suffix data.
62 */
63
64#include <stdlib.h>
65#include <string.h>
66
67#include <openssl/bio.h>
68#include <openssl/asn1.h>
69
70/* Must be large enough for biggest tag+length */
71#define DEFAULT_ASN1_BUF_SIZE 20
72
73typedef enum {
74 ASN1_STATE_START,
75 ASN1_STATE_PRE_COPY,
76 ASN1_STATE_HEADER,
77 ASN1_STATE_HEADER_COPY,
78 ASN1_STATE_DATA_COPY,
79 ASN1_STATE_POST_COPY,
80 ASN1_STATE_DONE
81} asn1_bio_state_t;
82
83typedef struct BIO_ASN1_EX_FUNCS_st {
84 asn1_ps_func *ex_func;
85 asn1_ps_func *ex_free_func;
86} BIO_ASN1_EX_FUNCS;
87
88typedef struct BIO_ASN1_BUF_CTX_t {
89 /* Internal state */
90 asn1_bio_state_t state;
91 /* Internal buffer */
92 unsigned char *buf;
93 /* Size of buffer */
94 int bufsize;
95 /* Current position in buffer */
96 int bufpos;
97 /* Current buffer length */
98 int buflen;
99 /* Amount of data to copy */
100 int copylen;
101 /* Class and tag to use */
102 int asn1_class, asn1_tag;
103 asn1_ps_func *prefix, *prefix_free, *suffix, *suffix_free;
104 /* Extra buffer for prefix and suffix data */
105 unsigned char *ex_buf;
106 int ex_len;
107 int ex_pos;
108 void *ex_arg;
109} BIO_ASN1_BUF_CTX;
110
111
112static int asn1_bio_write(BIO *h, const char *buf, int num);
113static int asn1_bio_read(BIO *h, char *buf, int size);
114static int asn1_bio_puts(BIO *h, const char *str);
115static int asn1_bio_gets(BIO *h, char *str, int size);
116static long asn1_bio_ctrl(BIO *h, int cmd, long arg1, void *arg2);
117static int asn1_bio_new(BIO *h);
118static int asn1_bio_free(BIO *data);
119static long asn1_bio_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp);
120
121static int asn1_bio_init(BIO_ASN1_BUF_CTX *ctx, int size);
122static int asn1_bio_flush_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
123 asn1_ps_func *cleanup, asn1_bio_state_t next);
124static int asn1_bio_setup_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx,
125 asn1_ps_func *setup, asn1_bio_state_t ex_state,
126 asn1_bio_state_t other_state);
127
128static BIO_METHOD methods_asn1 = {
129 .type = BIO_TYPE_ASN1,
130 .name = "asn1",
131 .bwrite = asn1_bio_write,
132 .bread = asn1_bio_read,
133 .bputs = asn1_bio_puts,
134 .bgets = asn1_bio_gets,
135 .ctrl = asn1_bio_ctrl,
136 .create = asn1_bio_new,
137 .destroy = asn1_bio_free,
138 .callback_ctrl = asn1_bio_callback_ctrl
139};
140
141BIO_METHOD *
142BIO_f_asn1(void)
143{
144 return (&methods_asn1);
145}
146
147static int
148asn1_bio_new(BIO *b)
149{
150 BIO_ASN1_BUF_CTX *ctx;
151 ctx = malloc(sizeof(BIO_ASN1_BUF_CTX));
152 if (!ctx)
153 return 0;
154 if (!asn1_bio_init(ctx, DEFAULT_ASN1_BUF_SIZE)) {
155 free(ctx);
156 return 0;
157 }
158 b->init = 1;
159 b->ptr = (char *)ctx;
160 b->flags = 0;
161 return 1;
162}
163
164static int
165asn1_bio_init(BIO_ASN1_BUF_CTX *ctx, int size)
166{
167 ctx->buf = malloc(size);
168 if (!ctx->buf)
169 return 0;
170 ctx->bufsize = size;
171 ctx->bufpos = 0;
172 ctx->buflen = 0;
173 ctx->copylen = 0;
174 ctx->asn1_class = V_ASN1_UNIVERSAL;
175 ctx->asn1_tag = V_ASN1_OCTET_STRING;
176 ctx->ex_buf = 0;
177 ctx->ex_pos = 0;
178 ctx->ex_len = 0;
179 ctx->state = ASN1_STATE_START;
180 return 1;
181}
182
183static int
184asn1_bio_free(BIO *b)
185{
186 BIO_ASN1_BUF_CTX *ctx;
187
188 ctx = (BIO_ASN1_BUF_CTX *) b->ptr;
189 if (ctx == NULL)
190 return 0;
191 free(ctx->buf);
192 free(ctx);
193 b->init = 0;
194 b->ptr = NULL;
195 b->flags = 0;
196 return 1;
197}
198
199static int
200asn1_bio_write(BIO *b, const char *in , int inl)
201{
202 BIO_ASN1_BUF_CTX *ctx;
203 int wrmax, wrlen, ret, buflen;
204 unsigned char *p;
205
206 if (!in || (inl < 0) || (b->next_bio == NULL))
207 return 0;
208 ctx = (BIO_ASN1_BUF_CTX *) b->ptr;
209 if (ctx == NULL)
210 return 0;
211
212 wrlen = 0;
213 ret = -1;
214
215 for (;;) {
216 switch (ctx->state) {
217
218 /* Setup prefix data, call it */
219 case ASN1_STATE_START:
220 if (!asn1_bio_setup_ex(b, ctx, ctx->prefix,
221 ASN1_STATE_PRE_COPY, ASN1_STATE_HEADER))
222 return 0;
223 break;
224
225 /* Copy any pre data first */
226 case ASN1_STATE_PRE_COPY:
227 ret = asn1_bio_flush_ex(b, ctx, ctx->prefix_free,
228 ASN1_STATE_HEADER);
229 if (ret <= 0)
230 goto done;
231 break;
232
233 case ASN1_STATE_HEADER:
234 buflen = ASN1_object_size(0, inl, ctx->asn1_tag) - inl;
235 if (buflen <= 0 || buflen > ctx->bufsize)
236 return -1;
237 ctx->buflen = buflen;
238 p = ctx->buf;
239 ASN1_put_object(&p, 0, inl,
240 ctx->asn1_tag, ctx->asn1_class);
241 ctx->copylen = inl;
242 ctx->state = ASN1_STATE_HEADER_COPY;
243 break;
244
245 case ASN1_STATE_HEADER_COPY:
246 ret = BIO_write(b->next_bio,
247 ctx->buf + ctx->bufpos, ctx->buflen);
248 if (ret <= 0)
249 goto done;
250
251 ctx->buflen -= ret;
252 if (ctx->buflen)
253 ctx->bufpos += ret;
254 else {
255 ctx->bufpos = 0;
256 ctx->state = ASN1_STATE_DATA_COPY;
257 }
258 break;
259
260 case ASN1_STATE_DATA_COPY:
261
262 if (inl > ctx->copylen)
263 wrmax = ctx->copylen;
264 else
265 wrmax = inl;
266 ret = BIO_write(b->next_bio, in, wrmax);
267 if (ret <= 0)
268 break;
269 wrlen += ret;
270 ctx->copylen -= ret;
271 in += ret;
272 inl -= ret;
273
274 if (ctx->copylen == 0)
275 ctx->state = ASN1_STATE_HEADER;
276 if (inl == 0)
277 goto done;
278 break;
279
280 default:
281 BIO_clear_retry_flags(b);
282 return 0;
283 }
284
285 }
286
287done:
288 BIO_clear_retry_flags(b);
289 BIO_copy_next_retry(b);
290
291 return (wrlen > 0) ? wrlen : ret;
292}
293
294static int
295asn1_bio_flush_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx, asn1_ps_func *cleanup,
296 asn1_bio_state_t next)
297{
298 int ret;
299
300 if (ctx->ex_len <= 0)
301 return 1;
302 for (;;) {
303 ret = BIO_write(b->next_bio, ctx->ex_buf + ctx->ex_pos,
304 ctx->ex_len);
305 if (ret <= 0)
306 break;
307 ctx->ex_len -= ret;
308 if (ctx->ex_len > 0)
309 ctx->ex_pos += ret;
310 else {
311 if (cleanup)
312 cleanup(b, &ctx->ex_buf, &ctx->ex_len,
313 &ctx->ex_arg);
314 ctx->state = next;
315 ctx->ex_pos = 0;
316 break;
317 }
318 }
319 return ret;
320}
321
322static int
323asn1_bio_setup_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx, asn1_ps_func *setup,
324 asn1_bio_state_t ex_state, asn1_bio_state_t other_state)
325{
326 if (setup && !setup(b, &ctx->ex_buf, &ctx->ex_len, &ctx->ex_arg)) {
327 BIO_clear_retry_flags(b);
328 return 0;
329 }
330 if (ctx->ex_len > 0)
331 ctx->state = ex_state;
332 else
333 ctx->state = other_state;
334 return 1;
335}
336
337static int
338asn1_bio_read(BIO *b, char *in , int inl)
339{
340 if (!b->next_bio)
341 return 0;
342 return BIO_read(b->next_bio, in , inl);
343}
344
345static int
346asn1_bio_puts(BIO *b, const char *str)
347{
348 return asn1_bio_write(b, str, strlen(str));
349}
350
351static int
352asn1_bio_gets(BIO *b, char *str, int size)
353{
354 if (!b->next_bio)
355 return 0;
356 return BIO_gets(b->next_bio, str , size);
357}
358
359static long
360asn1_bio_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp)
361{
362 if (b->next_bio == NULL)
363 return (0);
364 return BIO_callback_ctrl(b->next_bio, cmd, fp);
365}
366
367static long
368asn1_bio_ctrl(BIO *b, int cmd, long arg1, void *arg2)
369{
370 BIO_ASN1_BUF_CTX *ctx;
371 BIO_ASN1_EX_FUNCS *ex_func;
372 long ret = 1;
373
374 ctx = (BIO_ASN1_BUF_CTX *) b->ptr;
375 if (ctx == NULL)
376 return 0;
377 switch (cmd) {
378
379 case BIO_C_SET_PREFIX:
380 ex_func = arg2;
381 ctx->prefix = ex_func->ex_func;
382 ctx->prefix_free = ex_func->ex_free_func;
383 break;
384
385 case BIO_C_GET_PREFIX:
386 ex_func = arg2;
387 ex_func->ex_func = ctx->prefix;
388 ex_func->ex_free_func = ctx->prefix_free;
389 break;
390
391 case BIO_C_SET_SUFFIX:
392 ex_func = arg2;
393 ctx->suffix = ex_func->ex_func;
394 ctx->suffix_free = ex_func->ex_free_func;
395 break;
396
397 case BIO_C_GET_SUFFIX:
398 ex_func = arg2;
399 ex_func->ex_func = ctx->suffix;
400 ex_func->ex_free_func = ctx->suffix_free;
401 break;
402
403 case BIO_C_SET_EX_ARG:
404 ctx->ex_arg = arg2;
405 break;
406
407 case BIO_C_GET_EX_ARG:
408 *(void **)arg2 = ctx->ex_arg;
409 break;
410
411 case BIO_CTRL_FLUSH:
412 if (!b->next_bio)
413 return 0;
414
415 /* Call post function if possible */
416 if (ctx->state == ASN1_STATE_HEADER) {
417 if (!asn1_bio_setup_ex(b, ctx, ctx->suffix,
418 ASN1_STATE_POST_COPY, ASN1_STATE_DONE))
419 return 0;
420 }
421
422 if (ctx->state == ASN1_STATE_POST_COPY) {
423 ret = asn1_bio_flush_ex(b, ctx, ctx->suffix_free,
424 ASN1_STATE_DONE);
425 if (ret <= 0)
426 return ret;
427 }
428
429 if (ctx->state == ASN1_STATE_DONE)
430 return BIO_ctrl(b->next_bio, cmd, arg1, arg2);
431 else {
432 BIO_clear_retry_flags(b);
433 return 0;
434 }
435 break;
436
437
438 default:
439 if (!b->next_bio)
440 return 0;
441 return BIO_ctrl(b->next_bio, cmd, arg1, arg2);
442
443 }
444
445 return ret;
446}
447
448static int
449asn1_bio_set_ex(BIO *b, int cmd, asn1_ps_func *ex_func, asn1_ps_func
450 *ex_free_func)
451{
452 BIO_ASN1_EX_FUNCS extmp;
453
454 extmp.ex_func = ex_func;
455 extmp.ex_free_func = ex_free_func;
456 return BIO_ctrl(b, cmd, 0, &extmp);
457}
458
459static int
460asn1_bio_get_ex(BIO *b, int cmd, asn1_ps_func **ex_func,
461 asn1_ps_func **ex_free_func)
462{
463 BIO_ASN1_EX_FUNCS extmp;
464 int ret;
465
466 ret = BIO_ctrl(b, cmd, 0, &extmp);
467 if (ret > 0) {
468 *ex_func = extmp.ex_func;
469 *ex_free_func = extmp.ex_free_func;
470 }
471 return ret;
472}
473
474int
475BIO_asn1_set_prefix(BIO *b, asn1_ps_func *prefix, asn1_ps_func *prefix_free)
476{
477 return asn1_bio_set_ex(b, BIO_C_SET_PREFIX, prefix, prefix_free);
478}
479
480int
481BIO_asn1_get_prefix(BIO *b, asn1_ps_func **pprefix, asn1_ps_func **pprefix_free)
482{
483 return asn1_bio_get_ex(b, BIO_C_GET_PREFIX, pprefix, pprefix_free);
484}
485
486int
487BIO_asn1_set_suffix(BIO *b, asn1_ps_func *suffix, asn1_ps_func *suffix_free)
488{
489 return asn1_bio_set_ex(b, BIO_C_SET_SUFFIX, suffix, suffix_free);
490}
491
492int
493BIO_asn1_get_suffix(BIO *b, asn1_ps_func **psuffix, asn1_ps_func **psuffix_free)
494{
495 return asn1_bio_get_ex(b, BIO_C_GET_SUFFIX, psuffix, psuffix_free);
496}
diff --git a/src/lib/libcrypto/asn1/bio_ndef.c b/src/lib/libcrypto/asn1/bio_ndef.c
deleted file mode 100644
index 1a23c27d04..0000000000
--- a/src/lib/libcrypto/asn1/bio_ndef.c
+++ /dev/null
@@ -1,243 +0,0 @@
1/* $OpenBSD: bio_ndef.c,v 1.9 2014/07/25 06:05:32 doug Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project.
4 */
5/* ====================================================================
6 * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 */
54
55#include <openssl/asn1.h>
56#include <openssl/asn1t.h>
57#include <openssl/bio.h>
58#include <openssl/err.h>
59
60#include <stdio.h>
61
62/* Experimental NDEF ASN1 BIO support routines */
63
64/* The usage is quite simple, initialize an ASN1 structure,
65 * get a BIO from it then any data written through the BIO
66 * will end up translated to approptiate format on the fly.
67 * The data is streamed out and does *not* need to be
68 * all held in memory at once.
69 *
70 * When the BIO is flushed the output is finalized and any
71 * signatures etc written out.
72 *
73 * The BIO is a 'proper' BIO and can handle non blocking I/O
74 * correctly.
75 *
76 * The usage is simple. The implementation is *not*...
77 */
78
79/* BIO support data stored in the ASN1 BIO ex_arg */
80
81typedef struct ndef_aux_st {
82 /* ASN1 structure this BIO refers to */
83 ASN1_VALUE *val;
84 const ASN1_ITEM *it;
85 /* Top of the BIO chain */
86 BIO *ndef_bio;
87 /* Output BIO */
88 BIO *out;
89 /* Boundary where content is inserted */
90 unsigned char **boundary;
91 /* DER buffer start */
92 unsigned char *derbuf;
93} NDEF_SUPPORT;
94
95static int ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg);
96static int ndef_prefix_free(BIO *b, unsigned char **pbuf, int *plen, void *parg);
97static int ndef_suffix(BIO *b, unsigned char **pbuf, int *plen, void *parg);
98static int ndef_suffix_free(BIO *b, unsigned char **pbuf, int *plen, void *parg);
99
100BIO *
101BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it)
102{
103 NDEF_SUPPORT *ndef_aux = NULL;
104 BIO *asn_bio = NULL;
105 const ASN1_AUX *aux = it->funcs;
106 ASN1_STREAM_ARG sarg;
107
108 if (!aux || !aux->asn1_cb) {
109 ASN1err(ASN1_F_BIO_NEW_NDEF, ASN1_R_STREAMING_NOT_SUPPORTED);
110 return NULL;
111 }
112 ndef_aux = malloc(sizeof(NDEF_SUPPORT));
113 asn_bio = BIO_new(BIO_f_asn1());
114
115 /* ASN1 bio needs to be next to output BIO */
116
117 out = BIO_push(asn_bio, out);
118
119 if (!ndef_aux || !asn_bio || !out)
120 goto err;
121
122 BIO_asn1_set_prefix(asn_bio, ndef_prefix, ndef_prefix_free);
123 BIO_asn1_set_suffix(asn_bio, ndef_suffix, ndef_suffix_free);
124
125 /* Now let callback prepend any digest, cipher etc BIOs
126 * ASN1 structure needs.
127 */
128
129 sarg.out = out;
130 sarg.ndef_bio = NULL;
131 sarg.boundary = NULL;
132
133 if (aux->asn1_cb(ASN1_OP_STREAM_PRE, &val, it, &sarg) <= 0)
134 goto err;
135
136 ndef_aux->val = val;
137 ndef_aux->it = it;
138 ndef_aux->ndef_bio = sarg.ndef_bio;
139 ndef_aux->boundary = sarg.boundary;
140 ndef_aux->out = out;
141
142 BIO_ctrl(asn_bio, BIO_C_SET_EX_ARG, 0, ndef_aux);
143
144 return sarg.ndef_bio;
145
146err:
147 BIO_free(asn_bio);
148 free(ndef_aux);
149 return NULL;
150}
151
152static int
153ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
154{
155 NDEF_SUPPORT *ndef_aux;
156 unsigned char *p;
157 int derlen;
158
159 if (!parg)
160 return 0;
161
162 ndef_aux = *(NDEF_SUPPORT **)parg;
163
164 derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
165 p = malloc(derlen);
166 ndef_aux->derbuf = p;
167 *pbuf = p;
168 derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it);
169
170 if (!*ndef_aux->boundary)
171 return 0;
172
173 *plen = *ndef_aux->boundary - *pbuf;
174
175 return 1;
176}
177
178static int
179ndef_prefix_free(BIO *b, unsigned char **pbuf, int *plen, void *parg)
180{
181 NDEF_SUPPORT *ndef_aux;
182
183 if (!parg)
184 return 0;
185
186 ndef_aux = *(NDEF_SUPPORT **)parg;
187
188 free(ndef_aux->derbuf);
189
190 ndef_aux->derbuf = NULL;
191 *pbuf = NULL;
192 *plen = 0;
193 return 1;
194}
195
196static int
197ndef_suffix_free(BIO *b, unsigned char **pbuf, int *plen, void *parg)
198{
199 NDEF_SUPPORT **pndef_aux = (NDEF_SUPPORT **)parg;
200 if (!ndef_prefix_free(b, pbuf, plen, parg))
201 return 0;
202 free(*pndef_aux);
203 *pndef_aux = NULL;
204 return 1;
205}
206
207static int
208ndef_suffix(BIO *b, unsigned char **pbuf, int *plen, void *parg)
209{
210 NDEF_SUPPORT *ndef_aux;
211 unsigned char *p;
212 int derlen;
213 const ASN1_AUX *aux;
214 ASN1_STREAM_ARG sarg;
215
216 if (!parg)
217 return 0;
218
219 ndef_aux = *(NDEF_SUPPORT **)parg;
220
221 aux = ndef_aux->it->funcs;
222
223 /* Finalize structures */
224 sarg.ndef_bio = ndef_aux->ndef_bio;
225 sarg.out = ndef_aux->out;
226 sarg.boundary = ndef_aux->boundary;
227 if (aux->asn1_cb(ASN1_OP_STREAM_POST,
228 &ndef_aux->val, ndef_aux->it, &sarg) <= 0)
229 return 0;
230
231 derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it);
232 p = malloc(derlen);
233 ndef_aux->derbuf = p;
234 *pbuf = p;
235 derlen = ASN1_item_ndef_i2d(ndef_aux->val, &p, ndef_aux->it);
236
237 if (!*ndef_aux->boundary)
238 return 0;
239 *pbuf = *ndef_aux->boundary;
240 *plen = derlen - (*ndef_aux->boundary - ndef_aux->derbuf);
241
242 return 1;
243}
diff --git a/src/lib/libcrypto/asn1/charmap.h b/src/lib/libcrypto/asn1/charmap.h
deleted file mode 100644
index d9397bf826..0000000000
--- a/src/lib/libcrypto/asn1/charmap.h
+++ /dev/null
@@ -1,15 +0,0 @@
1/* $OpenBSD: charmap.h,v 1.4 2014/06/12 15:49:27 deraadt Exp $ */
2/* Auto generated with chartype.pl script.
3 * Mask of various character properties
4 */
5
6static const unsigned char char_type[] = {
7 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
8 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2,
9 120, 0, 1, 40, 0, 0, 0, 16, 16, 16, 0, 25, 25, 16, 16, 16,
10 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 9, 9, 16, 9, 16,
11 0, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
12 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 0, 1, 0, 0, 0,
13 0, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16,
14 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 0, 0, 0, 0, 2
15};
diff --git a/src/lib/libcrypto/asn1/charmap.pl b/src/lib/libcrypto/asn1/charmap.pl
deleted file mode 100644
index 2875c59867..0000000000
--- a/src/lib/libcrypto/asn1/charmap.pl
+++ /dev/null
@@ -1,80 +0,0 @@
1#!/usr/local/bin/perl -w
2
3use strict;
4
5my ($i, @arr);
6
7# Set up an array with the type of ASCII characters
8# Each set bit represents a character property.
9
10# RFC2253 character properties
11my $RFC2253_ESC = 1; # Character escaped with \
12my $ESC_CTRL = 2; # Escaped control character
13# These are used with RFC1779 quoting using "
14my $NOESC_QUOTE = 8; # Not escaped if quoted
15my $PSTRING_CHAR = 0x10; # Valid PrintableString character
16my $RFC2253_FIRST_ESC = 0x20; # Escaped with \ if first character
17my $RFC2253_LAST_ESC = 0x40; # Escaped with \ if last character
18
19for($i = 0; $i < 128; $i++) {
20 # Set the RFC2253 escape characters (control)
21 $arr[$i] = 0;
22 if(($i < 32) || ($i > 126)) {
23 $arr[$i] |= $ESC_CTRL;
24 }
25
26 # Some PrintableString characters
27 if( ( ( $i >= ord("a")) && ( $i <= ord("z")) )
28 || ( ( $i >= ord("A")) && ( $i <= ord("Z")) )
29 || ( ( $i >= ord("0")) && ( $i <= ord("9")) ) ) {
30 $arr[$i] |= $PSTRING_CHAR;
31 }
32}
33
34# Now setup the rest
35
36# Remaining RFC2253 escaped characters
37
38$arr[ord(" ")] |= $NOESC_QUOTE | $RFC2253_FIRST_ESC | $RFC2253_LAST_ESC;
39$arr[ord("#")] |= $NOESC_QUOTE | $RFC2253_FIRST_ESC;
40
41$arr[ord(",")] |= $NOESC_QUOTE | $RFC2253_ESC;
42$arr[ord("+")] |= $NOESC_QUOTE | $RFC2253_ESC;
43$arr[ord("\"")] |= $RFC2253_ESC;
44$arr[ord("\\")] |= $RFC2253_ESC;
45$arr[ord("<")] |= $NOESC_QUOTE | $RFC2253_ESC;
46$arr[ord(">")] |= $NOESC_QUOTE | $RFC2253_ESC;
47$arr[ord(";")] |= $NOESC_QUOTE | $RFC2253_ESC;
48
49# Remaining PrintableString characters
50
51$arr[ord(" ")] |= $PSTRING_CHAR;
52$arr[ord("'")] |= $PSTRING_CHAR;
53$arr[ord("(")] |= $PSTRING_CHAR;
54$arr[ord(")")] |= $PSTRING_CHAR;
55$arr[ord("+")] |= $PSTRING_CHAR;
56$arr[ord(",")] |= $PSTRING_CHAR;
57$arr[ord("-")] |= $PSTRING_CHAR;
58$arr[ord(".")] |= $PSTRING_CHAR;
59$arr[ord("/")] |= $PSTRING_CHAR;
60$arr[ord(":")] |= $PSTRING_CHAR;
61$arr[ord("=")] |= $PSTRING_CHAR;
62$arr[ord("?")] |= $PSTRING_CHAR;
63
64# Now generate the C code
65
66print <<EOF;
67/* Auto generated with chartype.pl script.
68 * Mask of various character properties
69 */
70
71static unsigned char char_type[] = {
72EOF
73
74for($i = 0; $i < 128; $i++) {
75 print("\n") if($i && (($i % 16) == 0));
76 printf("%2d", $arr[$i]);
77 print(",") if ($i != 127);
78}
79print("\n};\n\n");
80
diff --git a/src/lib/libcrypto/asn1/d2i_pr.c b/src/lib/libcrypto/asn1/d2i_pr.c
deleted file mode 100644
index 68d02177c4..0000000000
--- a/src/lib/libcrypto/asn1/d2i_pr.c
+++ /dev/null
@@ -1,170 +0,0 @@
1/* $OpenBSD: d2i_pr.c,v 1.14 2015/03/19 14:00:22 tedu Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#include <openssl/asn1.h>
64#include <openssl/bn.h>
65#include <openssl/err.h>
66#include <openssl/evp.h>
67#include <openssl/objects.h>
68#include <openssl/x509.h>
69
70#ifndef OPENSSL_NO_ENGINE
71#include <openssl/engine.h>
72#endif
73
74#include "asn1_locl.h"
75
76EVP_PKEY *
77d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, long length)
78{
79 EVP_PKEY *ret;
80
81 if ((a == NULL) || (*a == NULL)) {
82 if ((ret = EVP_PKEY_new()) == NULL) {
83 ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_EVP_LIB);
84 return (NULL);
85 }
86 } else {
87 ret = *a;
88#ifndef OPENSSL_NO_ENGINE
89 if (ret->engine) {
90 ENGINE_finish(ret->engine);
91 ret->engine = NULL;
92 }
93#endif
94 }
95
96 if (!EVP_PKEY_set_type(ret, type)) {
97 ASN1err(ASN1_F_D2I_PRIVATEKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
98 goto err;
99 }
100
101 if (!ret->ameth->old_priv_decode ||
102 !ret->ameth->old_priv_decode(ret, pp, length)) {
103 if (ret->ameth->priv_decode) {
104 PKCS8_PRIV_KEY_INFO *p8 = NULL;
105 p8 = d2i_PKCS8_PRIV_KEY_INFO(NULL, pp, length);
106 if (!p8)
107 goto err;
108 EVP_PKEY_free(ret);
109 ret = EVP_PKCS82PKEY(p8);
110 PKCS8_PRIV_KEY_INFO_free(p8);
111 } else {
112 ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
113 goto err;
114 }
115 }
116 if (a != NULL)
117 (*a) = ret;
118 return (ret);
119
120err:
121 if (a == NULL || *a != ret)
122 EVP_PKEY_free(ret);
123 return (NULL);
124}
125
126/* This works like d2i_PrivateKey() except it automatically works out the type */
127
128EVP_PKEY *
129d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp, long length)
130{
131 STACK_OF(ASN1_TYPE) *inkey;
132 const unsigned char *p;
133 int keytype;
134
135 p = *pp;
136 /* Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE):
137 * by analyzing it we can determine the passed structure: this
138 * assumes the input is surrounded by an ASN1 SEQUENCE.
139 */
140 inkey = d2i_ASN1_SEQUENCE_ANY(NULL, &p, length);
141 /* Since we only need to discern "traditional format" RSA and DSA
142 * keys we can just count the elements.
143 */
144 if (sk_ASN1_TYPE_num(inkey) == 6)
145 keytype = EVP_PKEY_DSA;
146 else if (sk_ASN1_TYPE_num(inkey) == 4)
147 keytype = EVP_PKEY_EC;
148 else if (sk_ASN1_TYPE_num(inkey) == 3) {
149 /* This seems to be PKCS8, not traditional format */
150 PKCS8_PRIV_KEY_INFO *p8 = d2i_PKCS8_PRIV_KEY_INFO(
151 NULL, pp, length);
152 EVP_PKEY *ret;
153
154 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
155 if (!p8) {
156 ASN1err(ASN1_F_D2I_AUTOPRIVATEKEY,
157 ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
158 return NULL;
159 }
160 ret = EVP_PKCS82PKEY(p8);
161 PKCS8_PRIV_KEY_INFO_free(p8);
162 if (a) {
163 *a = ret;
164 }
165 return ret;
166 } else
167 keytype = EVP_PKEY_RSA;
168 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
169 return d2i_PrivateKey(keytype, a, pp, length);
170}
diff --git a/src/lib/libcrypto/asn1/d2i_pu.c b/src/lib/libcrypto/asn1/d2i_pu.c
deleted file mode 100644
index e917356254..0000000000
--- a/src/lib/libcrypto/asn1/d2i_pu.c
+++ /dev/null
@@ -1,136 +0,0 @@
1/* $OpenBSD: d2i_pu.c,v 1.13 2015/03/19 14:00:22 tedu Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#include <openssl/asn1.h>
64#include <openssl/bn.h>
65#include <openssl/err.h>
66#include <openssl/evp.h>
67#include <openssl/objects.h>
68
69#ifndef OPENSSL_NO_DSA
70#include <openssl/dsa.h>
71#endif
72#ifndef OPENSSL_NO_EC
73#include <openssl/ec.h>
74#endif
75#ifndef OPENSSL_NO_RSA
76#include <openssl/rsa.h>
77#endif
78
79EVP_PKEY *
80d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, long length)
81{
82 EVP_PKEY *ret;
83
84 if ((a == NULL) || (*a == NULL)) {
85 if ((ret = EVP_PKEY_new()) == NULL) {
86 ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_EVP_LIB);
87 return (NULL);
88 }
89 } else
90 ret = *a;
91
92 if (!EVP_PKEY_set_type(ret, type)) {
93 ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_EVP_LIB);
94 goto err;
95 }
96
97 switch (EVP_PKEY_id(ret)) {
98#ifndef OPENSSL_NO_RSA
99 case EVP_PKEY_RSA:
100 if ((ret->pkey.rsa = d2i_RSAPublicKey(NULL, pp, length)) ==
101 NULL) {
102 ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
103 goto err;
104 }
105 break;
106#endif
107#ifndef OPENSSL_NO_DSA
108 case EVP_PKEY_DSA:
109 if (!d2i_DSAPublicKey(&(ret->pkey.dsa), pp, length)) {
110 ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
111 goto err;
112 }
113 break;
114#endif
115#ifndef OPENSSL_NO_EC
116 case EVP_PKEY_EC:
117 if (!o2i_ECPublicKey(&(ret->pkey.ec), pp, length)) {
118 ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
119 goto err;
120 }
121 break;
122#endif
123 default:
124 ASN1err(ASN1_F_D2I_PUBLICKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
125 goto err;
126 /* break; */
127 }
128 if (a != NULL)
129 (*a) = ret;
130 return (ret);
131
132err:
133 if (a == NULL || *a != ret)
134 EVP_PKEY_free(ret);
135 return (NULL);
136}
diff --git a/src/lib/libcrypto/asn1/evp_asn1.c b/src/lib/libcrypto/asn1/evp_asn1.c
deleted file mode 100644
index 5ee4751763..0000000000
--- a/src/lib/libcrypto/asn1/evp_asn1.c
+++ /dev/null
@@ -1,199 +0,0 @@
1/* $OpenBSD: evp_asn1.c,v 1.14 2015/07/29 14:58:34 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61
62#include <openssl/asn1.h>
63#include <openssl/asn1_mac.h>
64#include <openssl/err.h>
65
66int
67ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len)
68{
69 ASN1_STRING *os;
70
71 if ((os = M_ASN1_OCTET_STRING_new()) == NULL)
72 return (0);
73 if (!ASN1_STRING_set(os, data, len)) {
74 M_ASN1_OCTET_STRING_free(os);
75 return (0);
76 }
77 ASN1_TYPE_set(a, V_ASN1_OCTET_STRING, os);
78 return (1);
79}
80
81/* int max_len: for returned value */
82int
83ASN1_TYPE_get_octetstring(ASN1_TYPE *a, unsigned char *data, int max_len)
84{
85 int ret, num;
86 unsigned char *p;
87
88 if ((a->type != V_ASN1_OCTET_STRING) ||
89 (a->value.octet_string == NULL)) {
90 ASN1err(ASN1_F_ASN1_TYPE_GET_OCTETSTRING, ASN1_R_DATA_IS_WRONG);
91 return (-1);
92 }
93 p = M_ASN1_STRING_data(a->value.octet_string);
94 ret = M_ASN1_STRING_length(a->value.octet_string);
95 if (ret < max_len)
96 num = ret;
97 else
98 num = max_len;
99 memcpy(data, p, num);
100 return (ret);
101}
102
103int
104ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data,
105 int len)
106{
107 int n, size;
108 ASN1_OCTET_STRING os, *osp;
109 ASN1_INTEGER in;
110 unsigned char *p;
111 unsigned char buf[32]; /* when they have 256bit longs,
112 * I'll be in trouble */
113 in.data = buf;
114 in.length = 32;
115 os.data = data;
116 os.type = V_ASN1_OCTET_STRING;
117 os.length = len;
118 ASN1_INTEGER_set(&in, num);
119 n = i2d_ASN1_INTEGER(&in, NULL);
120 n += M_i2d_ASN1_OCTET_STRING(&os, NULL);
121
122 size = ASN1_object_size(1, n, V_ASN1_SEQUENCE);
123
124 if ((osp = ASN1_STRING_new()) == NULL)
125 return (0);
126 /* Grow the 'string' */
127 if (!ASN1_STRING_set(osp, NULL, size)) {
128 ASN1_STRING_free(osp);
129 return (0);
130 }
131
132 M_ASN1_STRING_length_set(osp, size);
133 p = M_ASN1_STRING_data(osp);
134
135 ASN1_put_object(&p, 1,n, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
136 i2d_ASN1_INTEGER(&in, &p);
137 M_i2d_ASN1_OCTET_STRING(&os, &p);
138
139 ASN1_TYPE_set(a, V_ASN1_SEQUENCE, osp);
140 return (1);
141}
142
143/* we return the actual length..., num may be missing, in which
144 * case, set it to zero */
145/* int max_len: for returned value */
146int
147ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num, unsigned char *data,
148 int max_len)
149{
150 int ret = -1, n;
151 ASN1_INTEGER *ai = NULL;
152 ASN1_OCTET_STRING *os = NULL;
153 const unsigned char *p;
154 long length;
155 ASN1_const_CTX c;
156
157 if ((a->type != V_ASN1_SEQUENCE) || (a->value.sequence == NULL)) {
158 goto err;
159 }
160 p = M_ASN1_STRING_data(a->value.sequence);
161 length = M_ASN1_STRING_length(a->value.sequence);
162
163 c.pp = &p;
164 c.p = p;
165 c.max = p + length;
166 c.error = ASN1_R_DATA_IS_WRONG;
167
168 M_ASN1_D2I_start_sequence();
169 c.q = c.p;
170 if ((ai = d2i_ASN1_INTEGER(NULL, &c.p, c.slen)) == NULL)
171 goto err;
172 c.slen -= (c.p - c.q);
173 c.q = c.p;
174 if ((os = d2i_ASN1_OCTET_STRING(NULL, &c.p, c.slen)) == NULL)
175 goto err;
176 c.slen -= (c.p - c.q);
177 if (!M_ASN1_D2I_end_sequence())
178 goto err;
179
180 if (num != NULL)
181 *num = ASN1_INTEGER_get(ai);
182
183 ret = M_ASN1_STRING_length(os);
184 if (max_len > ret)
185 n = ret;
186 else
187 n = max_len;
188
189 if (data != NULL)
190 memcpy(data, M_ASN1_STRING_data(os), n);
191 if (0) {
192err:
193 ASN1err(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,
194 ASN1_R_DATA_IS_WRONG);
195 }
196 M_ASN1_OCTET_STRING_free(os);
197 M_ASN1_INTEGER_free(ai);
198 return (ret);
199}
diff --git a/src/lib/libcrypto/asn1/f_enum.c b/src/lib/libcrypto/asn1/f_enum.c
deleted file mode 100644
index 7f064edb04..0000000000
--- a/src/lib/libcrypto/asn1/f_enum.c
+++ /dev/null
@@ -1,201 +0,0 @@
1/* $OpenBSD: f_enum.c,v 1.14 2014/07/11 08:44:47 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/asn1.h>
62#include <openssl/buffer.h>
63#include <openssl/err.h>
64
65/* Based on a_int.c: equivalent ENUMERATED functions */
66
67int
68i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a)
69{
70 int i, n = 0;
71 static const char h[] = "0123456789ABCDEF";
72 char buf[2];
73
74 if (a == NULL)
75 return (0);
76
77 if (a->length == 0) {
78 if (BIO_write(bp, "00", 2) != 2)
79 goto err;
80 n = 2;
81 } else {
82 for (i = 0; i < a->length; i++) {
83 if ((i != 0) && (i % 35 == 0)) {
84 if (BIO_write(bp, "\\\n", 2) != 2)
85 goto err;
86 n += 2;
87 }
88 buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f];
89 buf[1] = h[((unsigned char)a->data[i]) & 0x0f];
90 if (BIO_write(bp, buf, 2) != 2)
91 goto err;
92 n += 2;
93 }
94 }
95 return (n);
96
97err:
98 return (-1);
99}
100
101int
102a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
103{
104 int ret = 0;
105 int i, j,k, m,n, again, bufsize;
106 unsigned char *s = NULL, *sp;
107 unsigned char *bufp;
108 int first = 1;
109 size_t num = 0, slen = 0;
110
111 bs->type = V_ASN1_ENUMERATED;
112
113 bufsize = BIO_gets(bp, buf, size);
114 for (;;) {
115 if (bufsize < 1)
116 goto err_sl;
117 i = bufsize;
118 if (buf[i-1] == '\n')
119 buf[--i] = '\0';
120 if (i == 0)
121 goto err_sl;
122 if (buf[i-1] == '\r')
123 buf[--i] = '\0';
124 if (i == 0)
125 goto err_sl;
126 again = (buf[i - 1] == '\\');
127
128 for (j = 0; j < i; j++) {
129 if (!(((buf[j] >= '0') && (buf[j] <= '9')) ||
130 ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
131 ((buf[j] >= 'A') && (buf[j] <= 'F')))) {
132 i = j;
133 break;
134 }
135 }
136 buf[i] = '\0';
137 /* We have now cleared all the crap off the end of the
138 * line */
139 if (i < 2)
140 goto err_sl;
141
142 bufp = (unsigned char *)buf;
143 if (first) {
144 first = 0;
145 if ((bufp[0] == '0') && (buf[1] == '0')) {
146 bufp += 2;
147 i -= 2;
148 }
149 }
150 k = 0;
151 i -= again;
152 if (i % 2 != 0) {
153 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,
154 ASN1_R_ODD_NUMBER_OF_CHARS);
155 goto err;
156 }
157 i /= 2;
158 if (num + i > slen) {
159 sp = realloc(s, num + i);
160 if (sp == NULL) {
161 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,
162 ERR_R_MALLOC_FAILURE);
163 goto err;
164 }
165 s = sp;
166 slen = num + i;
167 }
168 for (j = 0; j < i; j++, k += 2) {
169 for (n = 0; n < 2; n++) {
170 m = bufp[k + n];
171 if ((m >= '0') && (m <= '9'))
172 m -= '0';
173 else if ((m >= 'a') && (m <= 'f'))
174 m = m - 'a' + 10;
175 else if ((m >= 'A') && (m <= 'F'))
176 m = m - 'A' + 10;
177 else {
178 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,
179 ASN1_R_NON_HEX_CHARACTERS);
180 goto err;
181 }
182 s[num + j] <<= 4;
183 s[num + j] |= m;
184 }
185 }
186 num += i;
187 if (again)
188 bufsize = BIO_gets(bp, buf, size);
189 else
190 break;
191 }
192 bs->length = num;
193 bs->data = s;
194 return (1);
195
196err_sl:
197 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ASN1_R_SHORT_LINE);
198err:
199 free(s);
200 return (ret);
201}
diff --git a/src/lib/libcrypto/asn1/f_int.c b/src/lib/libcrypto/asn1/f_int.c
deleted file mode 100644
index 0ec29f5769..0000000000
--- a/src/lib/libcrypto/asn1/f_int.c
+++ /dev/null
@@ -1,204 +0,0 @@
1/* $OpenBSD: f_int.c,v 1.17 2014/07/11 08:44:47 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/asn1.h>
62#include <openssl/buffer.h>
63#include <openssl/err.h>
64
65int
66i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a)
67{
68 int i, n = 0;
69 static const char h[] = "0123456789ABCDEF";
70 char buf[2];
71
72 if (a == NULL)
73 return (0);
74
75 if (a->type & V_ASN1_NEG) {
76 if (BIO_write(bp, "-", 1) != 1)
77 goto err;
78 n = 1;
79 }
80
81 if (a->length == 0) {
82 if (BIO_write(bp, "00", 2) != 2)
83 goto err;
84 n += 2;
85 } else {
86 for (i = 0; i < a->length; i++) {
87 if ((i != 0) && (i % 35 == 0)) {
88 if (BIO_write(bp, "\\\n", 2) != 2)
89 goto err;
90 n += 2;
91 }
92 buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f];
93 buf[1] = h[((unsigned char)a->data[i]) & 0x0f];
94 if (BIO_write(bp, buf, 2) != 2)
95 goto err;
96 n += 2;
97 }
98 }
99 return (n);
100
101err:
102 return (-1);
103}
104
105int
106a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
107{
108 int ret = 0;
109 int i, j,k, m,n, again, bufsize;
110 unsigned char *s = NULL, *sp;
111 unsigned char *bufp;
112 int num = 0, slen = 0, first = 1;
113
114 bs->type = V_ASN1_INTEGER;
115
116 bufsize = BIO_gets(bp, buf, size);
117 for (;;) {
118 if (bufsize < 1)
119 goto err_sl;
120 i = bufsize;
121 if (buf[i - 1] == '\n')
122 buf[--i] = '\0';
123 if (i == 0)
124 goto err_sl;
125 if (buf[i - 1] == '\r')
126 buf[--i] = '\0';
127 if (i == 0)
128 goto err_sl;
129 again = (buf[i - 1] == '\\');
130
131 for (j = 0; j < i; j++) {
132 if (!(((buf[j] >= '0') && (buf[j] <= '9')) ||
133 ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
134 ((buf[j] >= 'A') && (buf[j] <= 'F')))) {
135 i = j;
136 break;
137 }
138 }
139 buf[i] = '\0';
140 /* We have now cleared all the crap off the end of the
141 * line */
142 if (i < 2)
143 goto err_sl;
144
145 bufp = (unsigned char *)buf;
146 if (first) {
147 first = 0;
148 if ((bufp[0] == '0') && (buf[1] == '0')) {
149 bufp += 2;
150 i -= 2;
151 }
152 }
153 k = 0;
154 i -= again;
155 if (i % 2 != 0) {
156 ASN1err(ASN1_F_A2I_ASN1_INTEGER,
157 ASN1_R_ODD_NUMBER_OF_CHARS);
158 goto err;
159 }
160 i /= 2;
161 if (num + i > slen) {
162 sp = OPENSSL_realloc_clean(s, slen, num + i);
163 if (sp == NULL) {
164 ASN1err(ASN1_F_A2I_ASN1_INTEGER,
165 ERR_R_MALLOC_FAILURE);
166 goto err;
167 }
168 s = sp;
169 slen = num + i;
170 }
171 for (j = 0; j < i; j++, k += 2) {
172 for (n = 0; n < 2; n++) {
173 m = bufp[k + n];
174 if ((m >= '0') && (m <= '9'))
175 m -= '0';
176 else if ((m >= 'a') && (m <= 'f'))
177 m = m - 'a' + 10;
178 else if ((m >= 'A') && (m <= 'F'))
179 m = m - 'A' + 10;
180 else {
181 ASN1err(ASN1_F_A2I_ASN1_INTEGER,
182 ASN1_R_NON_HEX_CHARACTERS);
183 goto err;
184 }
185 s[num + j] <<= 4;
186 s[num + j] |= m;
187 }
188 }
189 num += i;
190 if (again)
191 bufsize = BIO_gets(bp, buf, size);
192 else
193 break;
194 }
195 bs->length = num;
196 bs->data = s;
197 return (1);
198
199err_sl:
200 ASN1err(ASN1_F_A2I_ASN1_INTEGER, ASN1_R_SHORT_LINE);
201err:
202 free(s);
203 return (ret);
204}
diff --git a/src/lib/libcrypto/asn1/f_string.c b/src/lib/libcrypto/asn1/f_string.c
deleted file mode 100644
index 14cd1a906a..0000000000
--- a/src/lib/libcrypto/asn1/f_string.c
+++ /dev/null
@@ -1,197 +0,0 @@
1/* $OpenBSD: f_string.c,v 1.16 2014/07/11 08:44:47 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/asn1.h>
62#include <openssl/buffer.h>
63#include <openssl/err.h>
64
65int
66i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type)
67{
68 int i, n = 0;
69 static const char h[] = "0123456789ABCDEF";
70 char buf[2];
71
72 if (a == NULL)
73 return (0);
74
75 if (a->length == 0) {
76 if (BIO_write(bp, "0", 1) != 1)
77 goto err;
78 n = 1;
79 } else {
80 for (i = 0; i < a->length; i++) {
81 if ((i != 0) && (i % 35 == 0)) {
82 if (BIO_write(bp, "\\\n", 2) != 2)
83 goto err;
84 n += 2;
85 }
86 buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f];
87 buf[1] = h[((unsigned char)a->data[i]) & 0x0f];
88 if (BIO_write(bp, buf, 2) != 2)
89 goto err;
90 n += 2;
91 }
92 }
93 return (n);
94
95err:
96 return (-1);
97}
98
99int
100a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
101{
102 int ret = 0;
103 int i, j, k, m, n, again, bufsize;
104 unsigned char *s = NULL, *sp;
105 unsigned char *bufp;
106 int first = 1;
107 size_t num = 0, slen = 0;
108
109 bufsize = BIO_gets(bp, buf, size);
110 for (;;) {
111 if (bufsize < 1) {
112 if (first)
113 break;
114 else
115 goto err_sl;
116 }
117 first = 0;
118
119 i = bufsize;
120 if (buf[i-1] == '\n')
121 buf[--i] = '\0';
122 if (i == 0)
123 goto err_sl;
124 if (buf[i-1] == '\r')
125 buf[--i] = '\0';
126 if (i == 0)
127 goto err_sl;
128 again = (buf[i - 1] == '\\');
129
130 for (j = i - 1; j > 0; j--) {
131 if (!(((buf[j] >= '0') && (buf[j] <= '9')) ||
132 ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
133 ((buf[j] >= 'A') && (buf[j] <= 'F')))) {
134 i = j;
135 break;
136 }
137 }
138 buf[i] = '\0';
139 /* We have now cleared all the crap off the end of the
140 * line */
141 if (i < 2)
142 goto err_sl;
143
144 bufp = (unsigned char *)buf;
145
146 k = 0;
147 i -= again;
148 if (i % 2 != 0) {
149 ASN1err(ASN1_F_A2I_ASN1_STRING,
150 ASN1_R_ODD_NUMBER_OF_CHARS);
151 goto err;
152 }
153 i /= 2;
154 if (num + i > slen) {
155 sp = realloc(s, num + i);
156 if (sp == NULL) {
157 ASN1err(ASN1_F_A2I_ASN1_STRING,
158 ERR_R_MALLOC_FAILURE);
159 goto err;
160 }
161 s = sp;
162 slen = num + i;
163 }
164 for (j = 0; j < i; j++, k += 2) {
165 for (n = 0; n < 2; n++) {
166 m = bufp[k + n];
167 if ((m >= '0') && (m <= '9'))
168 m -= '0';
169 else if ((m >= 'a') && (m <= 'f'))
170 m = m - 'a' + 10;
171 else if ((m >= 'A') && (m <= 'F'))
172 m = m - 'A' + 10;
173 else {
174 ASN1err(ASN1_F_A2I_ASN1_STRING,
175 ASN1_R_NON_HEX_CHARACTERS);
176 goto err;
177 }
178 s[num + j] <<= 4;
179 s[num + j] |= m;
180 }
181 }
182 num += i;
183 if (again)
184 bufsize = BIO_gets(bp, buf, size);
185 else
186 break;
187 }
188 bs->length = num;
189 bs->data = s;
190 return (1);
191
192err_sl:
193 ASN1err(ASN1_F_A2I_ASN1_STRING, ASN1_R_SHORT_LINE);
194err:
195 free(s);
196 return (ret);
197}
diff --git a/src/lib/libcrypto/asn1/i2d_pr.c b/src/lib/libcrypto/asn1/i2d_pr.c
deleted file mode 100644
index 5fa34678b6..0000000000
--- a/src/lib/libcrypto/asn1/i2d_pr.c
+++ /dev/null
@@ -1,81 +0,0 @@
1/* $OpenBSD: i2d_pr.c,v 1.10 2014/07/11 08:44:47 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/err.h>
62#include <openssl/evp.h>
63#include <openssl/x509.h>
64
65#include "asn1_locl.h"
66
67int
68i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
69{
70 if (a->ameth && a->ameth->old_priv_encode) {
71 return a->ameth->old_priv_encode(a, pp);
72 }
73 if (a->ameth && a->ameth->priv_encode) {
74 PKCS8_PRIV_KEY_INFO *p8 = EVP_PKEY2PKCS8(a);
75 int ret = i2d_PKCS8_PRIV_KEY_INFO(p8, pp);
76 PKCS8_PRIV_KEY_INFO_free(p8);
77 return ret;
78 }
79 ASN1err(ASN1_F_I2D_PRIVATEKEY, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
80 return (-1);
81}
diff --git a/src/lib/libcrypto/asn1/i2d_pu.c b/src/lib/libcrypto/asn1/i2d_pu.c
deleted file mode 100644
index 6e485ea325..0000000000
--- a/src/lib/libcrypto/asn1/i2d_pu.c
+++ /dev/null
@@ -1,98 +0,0 @@
1/* $OpenBSD: i2d_pu.c,v 1.10 2014/07/11 08:44:47 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#include <openssl/bn.h>
64#include <openssl/err.h>
65#include <openssl/evp.h>
66#include <openssl/objects.h>
67
68#ifndef OPENSSL_NO_DSA
69#include <openssl/dsa.h>
70#endif
71#ifndef OPENSSL_NO_EC
72#include <openssl/ec.h>
73#endif
74#ifndef OPENSSL_NO_RSA
75#include <openssl/rsa.h>
76#endif
77
78int
79i2d_PublicKey(EVP_PKEY *a, unsigned char **pp)
80{
81 switch (a->type) {
82#ifndef OPENSSL_NO_RSA
83 case EVP_PKEY_RSA:
84 return (i2d_RSAPublicKey(a->pkey.rsa, pp));
85#endif
86#ifndef OPENSSL_NO_DSA
87 case EVP_PKEY_DSA:
88 return (i2d_DSAPublicKey(a->pkey.dsa, pp));
89#endif
90#ifndef OPENSSL_NO_EC
91 case EVP_PKEY_EC:
92 return (i2o_ECPublicKey(a->pkey.ec, pp));
93#endif
94 default:
95 ASN1err(ASN1_F_I2D_PUBLICKEY, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
96 return (-1);
97 }
98}
diff --git a/src/lib/libcrypto/asn1/n_pkey.c b/src/lib/libcrypto/asn1/n_pkey.c
deleted file mode 100644
index d3a7431356..0000000000
--- a/src/lib/libcrypto/asn1/n_pkey.c
+++ /dev/null
@@ -1,430 +0,0 @@
1/* $OpenBSD: n_pkey.c,v 1.26 2015/03/19 14:00:22 tedu Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61
62#include <openssl/opensslconf.h>
63
64#ifndef OPENSSL_NO_RSA
65#include <openssl/asn1t.h>
66#include <openssl/err.h>
67#include <openssl/evp.h>
68#include <openssl/objects.h>
69#include <openssl/rsa.h>
70#include <openssl/x509.h>
71
72#ifndef OPENSSL_NO_RC4
73
74typedef struct netscape_pkey_st {
75 long version;
76 X509_ALGOR *algor;
77 ASN1_OCTET_STRING *private_key;
78} NETSCAPE_PKEY;
79
80typedef struct netscape_encrypted_pkey_st {
81 ASN1_OCTET_STRING *os;
82 /* This is the same structure as DigestInfo so use it:
83 * although this isn't really anything to do with
84 * digests.
85 */
86 X509_SIG *enckey;
87} NETSCAPE_ENCRYPTED_PKEY;
88
89
90static const ASN1_AUX NETSCAPE_ENCRYPTED_PKEY_aux = {
91 .flags = ASN1_AFLG_BROKEN,
92};
93static const ASN1_TEMPLATE NETSCAPE_ENCRYPTED_PKEY_seq_tt[] = {
94 {
95 .offset = offsetof(NETSCAPE_ENCRYPTED_PKEY, os),
96 .field_name = "os",
97 .item = &ASN1_OCTET_STRING_it,
98 },
99 {
100 .offset = offsetof(NETSCAPE_ENCRYPTED_PKEY, enckey),
101 .field_name = "enckey",
102 .item = &X509_SIG_it,
103 },
104};
105
106const ASN1_ITEM NETSCAPE_ENCRYPTED_PKEY_it = {
107 .itype = ASN1_ITYPE_SEQUENCE,
108 .utype = V_ASN1_SEQUENCE,
109 .templates = NETSCAPE_ENCRYPTED_PKEY_seq_tt,
110 .tcount = sizeof(NETSCAPE_ENCRYPTED_PKEY_seq_tt) / sizeof(ASN1_TEMPLATE),
111 .funcs = &NETSCAPE_ENCRYPTED_PKEY_aux,
112 .size = sizeof(NETSCAPE_ENCRYPTED_PKEY),
113 .sname = "NETSCAPE_ENCRYPTED_PKEY",
114};
115
116DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY)
117DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY, NETSCAPE_ENCRYPTED_PKEY)
118
119NETSCAPE_ENCRYPTED_PKEY *
120d2i_NETSCAPE_ENCRYPTED_PKEY(NETSCAPE_ENCRYPTED_PKEY **a, const unsigned char **in, long len)
121{
122 return (NETSCAPE_ENCRYPTED_PKEY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
123 &NETSCAPE_ENCRYPTED_PKEY_it);
124}
125
126int
127i2d_NETSCAPE_ENCRYPTED_PKEY(const NETSCAPE_ENCRYPTED_PKEY *a, unsigned char **out)
128{
129 return ASN1_item_i2d((ASN1_VALUE *)a, out, &NETSCAPE_ENCRYPTED_PKEY_it);
130}
131
132NETSCAPE_ENCRYPTED_PKEY *
133NETSCAPE_ENCRYPTED_PKEY_new(void)
134{
135 return (NETSCAPE_ENCRYPTED_PKEY *)ASN1_item_new(&NETSCAPE_ENCRYPTED_PKEY_it);
136}
137
138void
139NETSCAPE_ENCRYPTED_PKEY_free(NETSCAPE_ENCRYPTED_PKEY *a)
140{
141 ASN1_item_free((ASN1_VALUE *)a, &NETSCAPE_ENCRYPTED_PKEY_it);
142}
143
144static const ASN1_TEMPLATE NETSCAPE_PKEY_seq_tt[] = {
145 {
146 .offset = offsetof(NETSCAPE_PKEY, version),
147 .field_name = "version",
148 .item = &LONG_it,
149 },
150 {
151 .offset = offsetof(NETSCAPE_PKEY, algor),
152 .field_name = "algor",
153 .item = &X509_ALGOR_it,
154 },
155 {
156 .offset = offsetof(NETSCAPE_PKEY, private_key),
157 .field_name = "private_key",
158 .item = &ASN1_OCTET_STRING_it,
159 },
160};
161
162const ASN1_ITEM NETSCAPE_PKEY_it = {
163 .itype = ASN1_ITYPE_SEQUENCE,
164 .utype = V_ASN1_SEQUENCE,
165 .templates = NETSCAPE_PKEY_seq_tt,
166 .tcount = sizeof(NETSCAPE_PKEY_seq_tt) / sizeof(ASN1_TEMPLATE),
167 .size = sizeof(NETSCAPE_PKEY),
168 .sname = "NETSCAPE_PKEY",
169};
170
171DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_PKEY)
172DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_PKEY, NETSCAPE_PKEY)
173
174NETSCAPE_PKEY *
175d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a, const unsigned char **in, long len)
176{
177 return (NETSCAPE_PKEY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
178 &NETSCAPE_PKEY_it);
179}
180
181int
182i2d_NETSCAPE_PKEY(const NETSCAPE_PKEY *a, unsigned char **out)
183{
184 return ASN1_item_i2d((ASN1_VALUE *)a, out, &NETSCAPE_PKEY_it);
185}
186
187NETSCAPE_PKEY *
188NETSCAPE_PKEY_new(void)
189{
190 return (NETSCAPE_PKEY *)ASN1_item_new(&NETSCAPE_PKEY_it);
191}
192
193void
194NETSCAPE_PKEY_free(NETSCAPE_PKEY *a)
195{
196 ASN1_item_free((ASN1_VALUE *)a, &NETSCAPE_PKEY_it);
197}
198
199static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
200 int (*cb)(char *buf, int len, const char *prompt, int verify), int sgckey);
201
202int
203i2d_Netscape_RSA(const RSA *a, unsigned char **pp,
204 int (*cb)(char *buf, int len, const char *prompt, int verify))
205{
206 return i2d_RSA_NET(a, pp, cb, 0);
207}
208
209int
210i2d_RSA_NET(const RSA *a, unsigned char **pp,
211 int (*cb)(char *buf, int len, const char *prompt, int verify), int sgckey)
212{
213 int i, j, ret = 0;
214 int rsalen, pkeylen, olen;
215 NETSCAPE_PKEY *pkey = NULL;
216 NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
217 unsigned char buf[256], *zz;
218 unsigned char key[EVP_MAX_KEY_LENGTH];
219 EVP_CIPHER_CTX ctx;
220 EVP_CIPHER_CTX_init(&ctx);
221
222 if (a == NULL)
223 return (0);
224
225 if ((pkey = NETSCAPE_PKEY_new()) == NULL)
226 goto err;
227 if ((enckey = NETSCAPE_ENCRYPTED_PKEY_new()) == NULL)
228 goto err;
229 pkey->version = 0;
230
231 pkey->algor->algorithm = OBJ_nid2obj(NID_rsaEncryption);
232 if ((pkey->algor->parameter = ASN1_TYPE_new()) == NULL)
233 goto err;
234 pkey->algor->parameter->type = V_ASN1_NULL;
235
236 rsalen = i2d_RSAPrivateKey(a, NULL);
237
238 /* Fake some octet strings just for the initial length
239 * calculation.
240 */
241 pkey->private_key->length = rsalen;
242 pkeylen = i2d_NETSCAPE_PKEY(pkey, NULL);
243 enckey->enckey->digest->length = pkeylen;
244 enckey->os->length = 11; /* "private-key" */
245 enckey->enckey->algor->algorithm = OBJ_nid2obj(NID_rc4);
246 if ((enckey->enckey->algor->parameter = ASN1_TYPE_new()) == NULL)
247 goto err;
248 enckey->enckey->algor->parameter->type = V_ASN1_NULL;
249
250 if (pp == NULL) {
251 olen = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, NULL);
252 NETSCAPE_PKEY_free(pkey);
253 NETSCAPE_ENCRYPTED_PKEY_free(enckey);
254 return olen;
255 }
256
257 /* Since its RC4 encrypted length is actual length */
258 if ((zz = malloc(rsalen)) == NULL) {
259 ASN1err(ASN1_F_I2D_RSA_NET, ERR_R_MALLOC_FAILURE);
260 goto err;
261 }
262
263 pkey->private_key->data = zz;
264 /* Write out private key encoding */
265 i2d_RSAPrivateKey(a, &zz);
266
267 if ((zz = malloc(pkeylen)) == NULL) {
268 ASN1err(ASN1_F_I2D_RSA_NET, ERR_R_MALLOC_FAILURE);
269 goto err;
270 }
271
272 if (!ASN1_STRING_set(enckey->os, "private-key", -1)) {
273 ASN1err(ASN1_F_I2D_RSA_NET, ERR_R_MALLOC_FAILURE);
274 goto err;
275 }
276 enckey->enckey->digest->data = zz;
277 i2d_NETSCAPE_PKEY(pkey, &zz);
278
279 /* Wipe the private key encoding */
280 OPENSSL_cleanse(pkey->private_key->data, rsalen);
281
282 if (cb == NULL)
283 cb = EVP_read_pw_string;
284 i = cb((char *)buf, sizeof(buf), "Enter Private Key password:", 1);
285 if (i != 0) {
286 ASN1err(ASN1_F_I2D_RSA_NET, ASN1_R_BAD_PASSWORD_READ);
287 goto err;
288 }
289 i = strlen((char *)buf);
290 /* If the key is used for SGC the algorithm is modified a little. */
291 if (sgckey) {
292 if (!EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL))
293 goto err;
294 memcpy(buf + 16, "SGCKEYSALT", 10);
295 i = 26;
296 }
297
298 if (!EVP_BytesToKey(EVP_rc4(), EVP_md5(), NULL, buf, i,1, key, NULL))
299 goto err;
300 OPENSSL_cleanse(buf, sizeof(buf));
301
302 /* Encrypt private key in place */
303 zz = enckey->enckey->digest->data;
304 if (!EVP_EncryptInit_ex(&ctx, EVP_rc4(), NULL, key, NULL))
305 goto err;
306 if (!EVP_EncryptUpdate(&ctx, zz, &i, zz, pkeylen))
307 goto err;
308 if (!EVP_EncryptFinal_ex(&ctx, zz + i, &j))
309 goto err;
310
311 ret = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, pp);
312err:
313 EVP_CIPHER_CTX_cleanup(&ctx);
314 NETSCAPE_ENCRYPTED_PKEY_free(enckey);
315 NETSCAPE_PKEY_free(pkey);
316 return (ret);
317}
318
319
320RSA *
321d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length,
322 int (*cb)(char *buf, int len, const char *prompt, int verify))
323{
324 return d2i_RSA_NET(a, pp, length, cb, 0);
325}
326
327RSA *
328d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
329 int (*cb)(char *buf, int len, const char *prompt, int verify), int sgckey)
330{
331 RSA *ret = NULL;
332 const unsigned char *p;
333 NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
334
335 p = *pp;
336
337 enckey = d2i_NETSCAPE_ENCRYPTED_PKEY(NULL, &p, length);
338 if (!enckey) {
339 ASN1err(ASN1_F_D2I_RSA_NET, ASN1_R_DECODING_ERROR);
340 return NULL;
341 }
342
343 /* XXX 11 == strlen("private-key") */
344 if (enckey->os->length != 11 ||
345 memcmp("private-key", enckey->os->data, 11) != 0) {
346 ASN1err(ASN1_F_D2I_RSA_NET, ASN1_R_PRIVATE_KEY_HEADER_MISSING);
347 goto err;
348 }
349 if (OBJ_obj2nid(enckey->enckey->algor->algorithm) != NID_rc4) {
350 ASN1err(ASN1_F_D2I_RSA_NET,
351 ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
352 goto err;
353 }
354 if (cb == NULL)
355 cb = EVP_read_pw_string;
356 if ((ret = d2i_RSA_NET_2(a, enckey->enckey->digest, cb,
357 sgckey)) == NULL)
358 goto err;
359
360 *pp = p;
361
362err:
363 NETSCAPE_ENCRYPTED_PKEY_free(enckey);
364 return ret;
365
366}
367
368static RSA *
369d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
370 int (*cb)(char *buf, int len, const char *prompt, int verify), int sgckey)
371{
372 NETSCAPE_PKEY *pkey = NULL;
373 RSA *ret = NULL;
374 int i, j;
375 unsigned char buf[256];
376 const unsigned char *zz;
377 unsigned char key[EVP_MAX_KEY_LENGTH];
378 EVP_CIPHER_CTX ctx;
379 EVP_CIPHER_CTX_init(&ctx);
380
381 i=cb((char *)buf, sizeof(buf), "Enter Private Key password:",0);
382 if (i != 0) {
383 ASN1err(ASN1_F_D2I_RSA_NET_2, ASN1_R_BAD_PASSWORD_READ);
384 goto err;
385 }
386
387 i = strlen((char *)buf);
388 if (sgckey){
389 if (!EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL))
390 goto err;
391 memcpy(buf + 16, "SGCKEYSALT", 10);
392 i = 26;
393 }
394
395 if (!EVP_BytesToKey(EVP_rc4(), EVP_md5(), NULL, buf, i,1, key, NULL))
396 goto err;
397 OPENSSL_cleanse(buf, sizeof(buf));
398
399 if (!EVP_DecryptInit_ex(&ctx, EVP_rc4(), NULL, key, NULL))
400 goto err;
401 if (!EVP_DecryptUpdate(&ctx, os->data, &i, os->data, os->length))
402 goto err;
403 if (!EVP_DecryptFinal_ex(&ctx, &(os->data[i]), &j))
404 goto err;
405 os->length = i + j;
406
407 zz = os->data;
408
409 if ((pkey = d2i_NETSCAPE_PKEY(NULL, &zz, os->length)) == NULL) {
410 ASN1err(ASN1_F_D2I_RSA_NET_2,
411 ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY);
412 goto err;
413 }
414
415 zz = pkey->private_key->data;
416 if ((ret = d2i_RSAPrivateKey(a, &zz,
417 pkey->private_key->length)) == NULL) {
418 ASN1err(ASN1_F_D2I_RSA_NET_2, ASN1_R_UNABLE_TO_DECODE_RSA_KEY);
419 goto err;
420 }
421
422err:
423 EVP_CIPHER_CTX_cleanup(&ctx);
424 NETSCAPE_PKEY_free(pkey);
425 return (ret);
426}
427
428#endif /* OPENSSL_NO_RC4 */
429
430#endif
diff --git a/src/lib/libcrypto/asn1/nsseq.c b/src/lib/libcrypto/asn1/nsseq.c
deleted file mode 100644
index 8b39278692..0000000000
--- a/src/lib/libcrypto/asn1/nsseq.c
+++ /dev/null
@@ -1,129 +0,0 @@
1/* $OpenBSD: nsseq.c,v 1.10 2015/02/11 04:00:39 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <openssl/asn1t.h>
62#include <openssl/x509.h>
63#include <openssl/objects.h>
64
65static int
66nsseq_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
67{
68 if (operation == ASN1_OP_NEW_POST) {
69 NETSCAPE_CERT_SEQUENCE *nsseq;
70 nsseq = (NETSCAPE_CERT_SEQUENCE *)*pval;
71 nsseq->type = OBJ_nid2obj(NID_netscape_cert_sequence);
72 }
73 return 1;
74}
75
76/* Netscape certificate sequence structure */
77
78static const ASN1_AUX NETSCAPE_CERT_SEQUENCE_aux = {
79 .asn1_cb = nsseq_cb,
80};
81static const ASN1_TEMPLATE NETSCAPE_CERT_SEQUENCE_seq_tt[] = {
82 {
83 .offset = offsetof(NETSCAPE_CERT_SEQUENCE, type),
84 .field_name = "type",
85 .item = &ASN1_OBJECT_it,
86 },
87 {
88 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
89 .offset = offsetof(NETSCAPE_CERT_SEQUENCE, certs),
90 .field_name = "certs",
91 .item = &X509_it,
92 },
93};
94
95const ASN1_ITEM NETSCAPE_CERT_SEQUENCE_it = {
96 .itype = ASN1_ITYPE_SEQUENCE,
97 .utype = V_ASN1_SEQUENCE,
98 .templates = NETSCAPE_CERT_SEQUENCE_seq_tt,
99 .tcount = sizeof(NETSCAPE_CERT_SEQUENCE_seq_tt) / sizeof(ASN1_TEMPLATE),
100 .funcs = &NETSCAPE_CERT_SEQUENCE_aux,
101 .size = sizeof(NETSCAPE_CERT_SEQUENCE),
102 .sname = "NETSCAPE_CERT_SEQUENCE",
103};
104
105
106NETSCAPE_CERT_SEQUENCE *
107d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a, const unsigned char **in, long len)
108{
109 return (NETSCAPE_CERT_SEQUENCE *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
110 &NETSCAPE_CERT_SEQUENCE_it);
111}
112
113int
114i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **out)
115{
116 return ASN1_item_i2d((ASN1_VALUE *)a, out, &NETSCAPE_CERT_SEQUENCE_it);
117}
118
119NETSCAPE_CERT_SEQUENCE *
120NETSCAPE_CERT_SEQUENCE_new(void)
121{
122 return (NETSCAPE_CERT_SEQUENCE *)ASN1_item_new(&NETSCAPE_CERT_SEQUENCE_it);
123}
124
125void
126NETSCAPE_CERT_SEQUENCE_free(NETSCAPE_CERT_SEQUENCE *a)
127{
128 ASN1_item_free((ASN1_VALUE *)a, &NETSCAPE_CERT_SEQUENCE_it);
129}
diff --git a/src/lib/libcrypto/asn1/p5_pbe.c b/src/lib/libcrypto/asn1/p5_pbe.c
deleted file mode 100644
index 3e7057bb24..0000000000
--- a/src/lib/libcrypto/asn1/p5_pbe.c
+++ /dev/null
@@ -1,186 +0,0 @@
1/* $OpenBSD: p5_pbe.c,v 1.20 2015/02/11 04:00:39 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <string.h>
62
63#include <openssl/asn1t.h>
64#include <openssl/err.h>
65#include <openssl/x509.h>
66
67/* PKCS#5 password based encryption structure */
68
69static const ASN1_TEMPLATE PBEPARAM_seq_tt[] = {
70 {
71 .offset = offsetof(PBEPARAM, salt),
72 .field_name = "salt",
73 .item = &ASN1_OCTET_STRING_it,
74 },
75 {
76 .offset = offsetof(PBEPARAM, iter),
77 .field_name = "iter",
78 .item = &ASN1_INTEGER_it,
79 },
80};
81
82const ASN1_ITEM PBEPARAM_it = {
83 .itype = ASN1_ITYPE_SEQUENCE,
84 .utype = V_ASN1_SEQUENCE,
85 .templates = PBEPARAM_seq_tt,
86 .tcount = sizeof(PBEPARAM_seq_tt) / sizeof(ASN1_TEMPLATE),
87 .size = sizeof(PBEPARAM),
88 .sname = "PBEPARAM",
89};
90
91
92PBEPARAM *
93d2i_PBEPARAM(PBEPARAM **a, const unsigned char **in, long len)
94{
95 return (PBEPARAM *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
96 &PBEPARAM_it);
97}
98
99int
100i2d_PBEPARAM(PBEPARAM *a, unsigned char **out)
101{
102 return ASN1_item_i2d((ASN1_VALUE *)a, out, &PBEPARAM_it);
103}
104
105PBEPARAM *
106PBEPARAM_new(void)
107{
108 return (PBEPARAM *)ASN1_item_new(&PBEPARAM_it);
109}
110
111void
112PBEPARAM_free(PBEPARAM *a)
113{
114 ASN1_item_free((ASN1_VALUE *)a, &PBEPARAM_it);
115}
116
117
118/* Set an algorithm identifier for a PKCS#5 PBE algorithm */
119
120int
121PKCS5_pbe_set0_algor(X509_ALGOR *algor, int alg, int iter,
122 const unsigned char *salt, int saltlen)
123{
124 PBEPARAM *pbe = NULL;
125 ASN1_STRING *pbe_str = NULL;
126 unsigned char *sstr;
127
128 pbe = PBEPARAM_new();
129 if (!pbe) {
130 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
131 goto err;
132 }
133 if (iter <= 0)
134 iter = PKCS5_DEFAULT_ITER;
135 if (!ASN1_INTEGER_set(pbe->iter, iter)) {
136 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
137 goto err;
138 }
139 if (!saltlen)
140 saltlen = PKCS5_SALT_LEN;
141 if (!ASN1_STRING_set(pbe->salt, NULL, saltlen)) {
142 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
143 goto err;
144 }
145 sstr = ASN1_STRING_data(pbe->salt);
146 if (salt)
147 memcpy(sstr, salt, saltlen);
148 else
149 arc4random_buf(sstr, saltlen);
150
151 if (!ASN1_item_pack(pbe, ASN1_ITEM_rptr(PBEPARAM), &pbe_str)) {
152 ASN1err(ASN1_F_PKCS5_PBE_SET0_ALGOR, ERR_R_MALLOC_FAILURE);
153 goto err;
154 }
155
156 PBEPARAM_free(pbe);
157 pbe = NULL;
158
159 if (X509_ALGOR_set0(algor, OBJ_nid2obj(alg), V_ASN1_SEQUENCE, pbe_str))
160 return 1;
161
162err:
163 if (pbe != NULL)
164 PBEPARAM_free(pbe);
165 ASN1_STRING_free(pbe_str);
166 return 0;
167}
168
169/* Return an algorithm identifier for a PKCS#5 PBE algorithm */
170
171X509_ALGOR *
172PKCS5_pbe_set(int alg, int iter, const unsigned char *salt, int saltlen)
173{
174 X509_ALGOR *ret;
175 ret = X509_ALGOR_new();
176 if (!ret) {
177 ASN1err(ASN1_F_PKCS5_PBE_SET, ERR_R_MALLOC_FAILURE);
178 return NULL;
179 }
180
181 if (PKCS5_pbe_set0_algor(ret, alg, iter, salt, saltlen))
182 return ret;
183
184 X509_ALGOR_free(ret);
185 return NULL;
186}
diff --git a/src/lib/libcrypto/asn1/p5_pbev2.c b/src/lib/libcrypto/asn1/p5_pbev2.c
deleted file mode 100644
index 795721fad2..0000000000
--- a/src/lib/libcrypto/asn1/p5_pbev2.c
+++ /dev/null
@@ -1,374 +0,0 @@
1/* $OpenBSD: p5_pbev2.c,v 1.21 2015/02/11 04:00:39 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999-2004.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <stdlib.h>
61#include <string.h>
62
63#include <openssl/asn1t.h>
64#include <openssl/err.h>
65#include <openssl/x509.h>
66
67/* PKCS#5 v2.0 password based encryption structures */
68
69static const ASN1_TEMPLATE PBE2PARAM_seq_tt[] = {
70 {
71 .offset = offsetof(PBE2PARAM, keyfunc),
72 .field_name = "keyfunc",
73 .item = &X509_ALGOR_it,
74 },
75 {
76 .offset = offsetof(PBE2PARAM, encryption),
77 .field_name = "encryption",
78 .item = &X509_ALGOR_it,
79 },
80};
81
82const ASN1_ITEM PBE2PARAM_it = {
83 .itype = ASN1_ITYPE_SEQUENCE,
84 .utype = V_ASN1_SEQUENCE,
85 .templates = PBE2PARAM_seq_tt,
86 .tcount = sizeof(PBE2PARAM_seq_tt) / sizeof(ASN1_TEMPLATE),
87 .size = sizeof(PBE2PARAM),
88 .sname = "PBE2PARAM",
89};
90
91
92PBE2PARAM *
93d2i_PBE2PARAM(PBE2PARAM **a, const unsigned char **in, long len)
94{
95 return (PBE2PARAM *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
96 &PBE2PARAM_it);
97}
98
99int
100i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **out)
101{
102 return ASN1_item_i2d((ASN1_VALUE *)a, out, &PBE2PARAM_it);
103}
104
105PBE2PARAM *
106PBE2PARAM_new(void)
107{
108 return (PBE2PARAM *)ASN1_item_new(&PBE2PARAM_it);
109}
110
111void
112PBE2PARAM_free(PBE2PARAM *a)
113{
114 ASN1_item_free((ASN1_VALUE *)a, &PBE2PARAM_it);
115}
116
117static const ASN1_TEMPLATE PBKDF2PARAM_seq_tt[] = {
118 {
119 .offset = offsetof(PBKDF2PARAM, salt),
120 .field_name = "salt",
121 .item = &ASN1_ANY_it,
122 },
123 {
124 .offset = offsetof(PBKDF2PARAM, iter),
125 .field_name = "iter",
126 .item = &ASN1_INTEGER_it,
127 },
128 {
129 .flags = ASN1_TFLG_OPTIONAL,
130 .offset = offsetof(PBKDF2PARAM, keylength),
131 .field_name = "keylength",
132 .item = &ASN1_INTEGER_it,
133 },
134 {
135 .flags = ASN1_TFLG_OPTIONAL,
136 .offset = offsetof(PBKDF2PARAM, prf),
137 .field_name = "prf",
138 .item = &X509_ALGOR_it,
139 },
140};
141
142const ASN1_ITEM PBKDF2PARAM_it = {
143 .itype = ASN1_ITYPE_SEQUENCE,
144 .utype = V_ASN1_SEQUENCE,
145 .templates = PBKDF2PARAM_seq_tt,
146 .tcount = sizeof(PBKDF2PARAM_seq_tt) / sizeof(ASN1_TEMPLATE),
147 .size = sizeof(PBKDF2PARAM),
148 .sname = "PBKDF2PARAM",
149};
150
151
152PBKDF2PARAM *
153d2i_PBKDF2PARAM(PBKDF2PARAM **a, const unsigned char **in, long len)
154{
155 return (PBKDF2PARAM *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
156 &PBKDF2PARAM_it);
157}
158
159int
160i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **out)
161{
162 return ASN1_item_i2d((ASN1_VALUE *)a, out, &PBKDF2PARAM_it);
163}
164
165PBKDF2PARAM *
166PBKDF2PARAM_new(void)
167{
168 return (PBKDF2PARAM *)ASN1_item_new(&PBKDF2PARAM_it);
169}
170
171void
172PBKDF2PARAM_free(PBKDF2PARAM *a)
173{
174 ASN1_item_free((ASN1_VALUE *)a, &PBKDF2PARAM_it);
175}
176
177/* Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm:
178 * yes I know this is horrible!
179 *
180 * Extended version to allow application supplied PRF NID and IV.
181 */
182
183X509_ALGOR *
184PKCS5_pbe2_set_iv(const EVP_CIPHER *cipher, int iter, unsigned char *salt,
185 int saltlen, unsigned char *aiv, int prf_nid)
186{
187 X509_ALGOR *scheme = NULL, *kalg = NULL, *ret = NULL;
188 int alg_nid, keylen;
189 EVP_CIPHER_CTX ctx;
190 unsigned char iv[EVP_MAX_IV_LENGTH];
191 PBE2PARAM *pbe2 = NULL;
192 ASN1_OBJECT *obj;
193
194 alg_nid = EVP_CIPHER_type(cipher);
195 if (alg_nid == NID_undef) {
196 ASN1err(ASN1_F_PKCS5_PBE2_SET_IV,
197 ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
198 goto err;
199 }
200 obj = OBJ_nid2obj(alg_nid);
201
202 if (!(pbe2 = PBE2PARAM_new()))
203 goto merr;
204
205 /* Setup the AlgorithmIdentifier for the encryption scheme */
206 scheme = pbe2->encryption;
207
208 scheme->algorithm = obj;
209 if (!(scheme->parameter = ASN1_TYPE_new()))
210 goto merr;
211
212 /* Create random IV */
213 if (EVP_CIPHER_iv_length(cipher)) {
214 if (aiv)
215 memcpy(iv, aiv, EVP_CIPHER_iv_length(cipher));
216 else
217 arc4random_buf(iv, EVP_CIPHER_iv_length(cipher));
218 }
219
220 EVP_CIPHER_CTX_init(&ctx);
221
222 /* Dummy cipherinit to just setup the IV, and PRF */
223 if (!EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0))
224 goto err;
225 if (EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) {
226 ASN1err(ASN1_F_PKCS5_PBE2_SET_IV,
227 ASN1_R_ERROR_SETTING_CIPHER_PARAMS);
228 EVP_CIPHER_CTX_cleanup(&ctx);
229 goto err;
230 }
231 /* If prf NID unspecified see if cipher has a preference.
232 * An error is OK here: just means use default PRF.
233 */
234 if ((prf_nid == -1) &&
235 EVP_CIPHER_CTX_ctrl(&ctx, EVP_CTRL_PBE_PRF_NID, 0, &prf_nid) <= 0) {
236 ERR_clear_error();
237 prf_nid = NID_hmacWithSHA1;
238 }
239 EVP_CIPHER_CTX_cleanup(&ctx);
240
241 /* If its RC2 then we'd better setup the key length */
242
243 if (alg_nid == NID_rc2_cbc)
244 keylen = EVP_CIPHER_key_length(cipher);
245 else
246 keylen = -1;
247
248 /* Setup keyfunc */
249
250 X509_ALGOR_free(pbe2->keyfunc);
251
252 pbe2->keyfunc = PKCS5_pbkdf2_set(iter, salt, saltlen, prf_nid, keylen);
253
254 if (!pbe2->keyfunc)
255 goto merr;
256
257 /* Now set up top level AlgorithmIdentifier */
258
259 if (!(ret = X509_ALGOR_new()))
260 goto merr;
261 if (!(ret->parameter = ASN1_TYPE_new()))
262 goto merr;
263
264 ret->algorithm = OBJ_nid2obj(NID_pbes2);
265
266 /* Encode PBE2PARAM into parameter */
267
268 if (!ASN1_item_pack(pbe2, ASN1_ITEM_rptr(PBE2PARAM),
269 &ret->parameter->value.sequence)) goto merr;
270 ret->parameter->type = V_ASN1_SEQUENCE;
271
272 PBE2PARAM_free(pbe2);
273 pbe2 = NULL;
274
275 return ret;
276
277merr:
278 ASN1err(ASN1_F_PKCS5_PBE2_SET_IV, ERR_R_MALLOC_FAILURE);
279
280err:
281 PBE2PARAM_free(pbe2);
282 /* Note 'scheme' is freed as part of pbe2 */
283 X509_ALGOR_free(kalg);
284 X509_ALGOR_free(ret);
285
286 return NULL;
287}
288
289X509_ALGOR *
290PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, unsigned char *salt,
291 int saltlen)
292{
293 return PKCS5_pbe2_set_iv(cipher, iter, salt, saltlen, NULL, -1);
294}
295
296X509_ALGOR *
297PKCS5_pbkdf2_set(int iter, unsigned char *salt, int saltlen, int prf_nid,
298 int keylen)
299{
300 X509_ALGOR *keyfunc = NULL;
301 PBKDF2PARAM *kdf = NULL;
302 ASN1_OCTET_STRING *osalt = NULL;
303
304 if (!(kdf = PBKDF2PARAM_new()))
305 goto merr;
306 if (!(osalt = M_ASN1_OCTET_STRING_new()))
307 goto merr;
308
309 kdf->salt->value.octet_string = osalt;
310 kdf->salt->type = V_ASN1_OCTET_STRING;
311
312 if (!saltlen)
313 saltlen = PKCS5_SALT_LEN;
314 if (!(osalt->data = malloc (saltlen)))
315 goto merr;
316
317 osalt->length = saltlen;
318
319 if (salt)
320 memcpy (osalt->data, salt, saltlen);
321 else
322 arc4random_buf(osalt->data, saltlen);
323
324 if (iter <= 0)
325 iter = PKCS5_DEFAULT_ITER;
326
327 if (!ASN1_INTEGER_set(kdf->iter, iter))
328 goto merr;
329
330 /* If have a key len set it up */
331
332 if (keylen > 0) {
333 if (!(kdf->keylength = M_ASN1_INTEGER_new()))
334 goto merr;
335 if (!ASN1_INTEGER_set (kdf->keylength, keylen))
336 goto merr;
337 }
338
339 /* prf can stay NULL if we are using hmacWithSHA1 */
340 if (prf_nid > 0 && prf_nid != NID_hmacWithSHA1) {
341 kdf->prf = X509_ALGOR_new();
342 if (!kdf->prf)
343 goto merr;
344 X509_ALGOR_set0(kdf->prf, OBJ_nid2obj(prf_nid),
345 V_ASN1_NULL, NULL);
346 }
347
348 /* Finally setup the keyfunc structure */
349
350 keyfunc = X509_ALGOR_new();
351 if (!keyfunc)
352 goto merr;
353
354 keyfunc->algorithm = OBJ_nid2obj(NID_id_pbkdf2);
355
356 /* Encode PBKDF2PARAM into parameter of pbe2 */
357
358 if (!(keyfunc->parameter = ASN1_TYPE_new()))
359 goto merr;
360
361 if (!ASN1_item_pack(kdf, ASN1_ITEM_rptr(PBKDF2PARAM),
362 &keyfunc->parameter->value.sequence))
363 goto merr;
364 keyfunc->parameter->type = V_ASN1_SEQUENCE;
365
366 PBKDF2PARAM_free(kdf);
367 return keyfunc;
368
369merr:
370 ASN1err(ASN1_F_PKCS5_PBKDF2_SET, ERR_R_MALLOC_FAILURE);
371 PBKDF2PARAM_free(kdf);
372 X509_ALGOR_free(keyfunc);
373 return NULL;
374}
diff --git a/src/lib/libcrypto/asn1/p8_pkey.c b/src/lib/libcrypto/asn1/p8_pkey.c
deleted file mode 100644
index 2f7a469673..0000000000
--- a/src/lib/libcrypto/asn1/p8_pkey.c
+++ /dev/null
@@ -1,200 +0,0 @@
1/* $OpenBSD: p8_pkey.c,v 1.16 2015/07/16 18:21:57 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60
61#include <openssl/asn1t.h>
62#include <openssl/x509.h>
63
64/* Minor tweak to operation: zero private key data */
65static int
66pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
67{
68 /* Since the structure must still be valid use ASN1_OP_FREE_PRE */
69 if (operation == ASN1_OP_FREE_PRE) {
70 PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval;
71 if (key->pkey != NULL &&
72 key->pkey->type == V_ASN1_OCTET_STRING &&
73 key->pkey->value.octet_string != NULL)
74 OPENSSL_cleanse(key->pkey->value.octet_string->data,
75 key->pkey->value.octet_string->length);
76 }
77 return 1;
78}
79
80static const ASN1_AUX PKCS8_PRIV_KEY_INFO_aux = {
81 .asn1_cb = pkey_cb,
82};
83static const ASN1_TEMPLATE PKCS8_PRIV_KEY_INFO_seq_tt[] = {
84 {
85 .offset = offsetof(PKCS8_PRIV_KEY_INFO, version),
86 .field_name = "version",
87 .item = &ASN1_INTEGER_it,
88 },
89 {
90 .offset = offsetof(PKCS8_PRIV_KEY_INFO, pkeyalg),
91 .field_name = "pkeyalg",
92 .item = &X509_ALGOR_it,
93 },
94 {
95 .offset = offsetof(PKCS8_PRIV_KEY_INFO, pkey),
96 .field_name = "pkey",
97 .item = &ASN1_ANY_it,
98 },
99 {
100 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
101 .offset = offsetof(PKCS8_PRIV_KEY_INFO, attributes),
102 .field_name = "attributes",
103 .item = &X509_ATTRIBUTE_it,
104 },
105};
106
107const ASN1_ITEM PKCS8_PRIV_KEY_INFO_it = {
108 .itype = ASN1_ITYPE_SEQUENCE,
109 .utype = V_ASN1_SEQUENCE,
110 .templates = PKCS8_PRIV_KEY_INFO_seq_tt,
111 .tcount = sizeof(PKCS8_PRIV_KEY_INFO_seq_tt) / sizeof(ASN1_TEMPLATE),
112 .funcs = &PKCS8_PRIV_KEY_INFO_aux,
113 .size = sizeof(PKCS8_PRIV_KEY_INFO),
114 .sname = "PKCS8_PRIV_KEY_INFO",
115};
116
117
118PKCS8_PRIV_KEY_INFO *
119d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a, const unsigned char **in, long len)
120{
121 return (PKCS8_PRIV_KEY_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
122 &PKCS8_PRIV_KEY_INFO_it);
123}
124
125int
126i2d_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO *a, unsigned char **out)
127{
128 return ASN1_item_i2d((ASN1_VALUE *)a, out, &PKCS8_PRIV_KEY_INFO_it);
129}
130
131PKCS8_PRIV_KEY_INFO *
132PKCS8_PRIV_KEY_INFO_new(void)
133{
134 return (PKCS8_PRIV_KEY_INFO *)ASN1_item_new(&PKCS8_PRIV_KEY_INFO_it);
135}
136
137void
138PKCS8_PRIV_KEY_INFO_free(PKCS8_PRIV_KEY_INFO *a)
139{
140 ASN1_item_free((ASN1_VALUE *)a, &PKCS8_PRIV_KEY_INFO_it);
141}
142
143int
144PKCS8_pkey_set0(PKCS8_PRIV_KEY_INFO *priv, ASN1_OBJECT *aobj, int version,
145 int ptype, void *pval, unsigned char *penc, int penclen)
146{
147 unsigned char **ppenc = NULL;
148
149 if (version >= 0) {
150 if (!ASN1_INTEGER_set(priv->version, version))
151 return 0;
152 }
153 if (penc) {
154 int pmtype;
155 ASN1_OCTET_STRING *oct;
156 oct = ASN1_OCTET_STRING_new();
157 if (!oct)
158 return 0;
159 oct->data = penc;
160 ppenc = &oct->data;
161 oct->length = penclen;
162 if (priv->broken == PKCS8_NO_OCTET)
163 pmtype = V_ASN1_SEQUENCE;
164 else
165 pmtype = V_ASN1_OCTET_STRING;
166 ASN1_TYPE_set(priv->pkey, pmtype, oct);
167 }
168 if (!X509_ALGOR_set0(priv->pkeyalg, aobj, ptype, pval)) {
169 /* If call fails do not swallow 'enc' */
170 if (ppenc)
171 *ppenc = NULL;
172 return 0;
173 }
174 return 1;
175}
176
177int
178PKCS8_pkey_get0(ASN1_OBJECT **ppkalg, const unsigned char **pk, int *ppklen,
179 X509_ALGOR **pa, PKCS8_PRIV_KEY_INFO *p8)
180{
181 if (ppkalg)
182 *ppkalg = p8->pkeyalg->algorithm;
183 if (p8->pkey->type == V_ASN1_OCTET_STRING) {
184 p8->broken = PKCS8_OK;
185 if (pk) {
186 *pk = p8->pkey->value.octet_string->data;
187 *ppklen = p8->pkey->value.octet_string->length;
188 }
189 } else if (p8->pkey->type == V_ASN1_SEQUENCE) {
190 p8->broken = PKCS8_NO_OCTET;
191 if (pk) {
192 *pk = p8->pkey->value.sequence->data;
193 *ppklen = p8->pkey->value.sequence->length;
194 }
195 } else
196 return 0;
197 if (pa)
198 *pa = p8->pkeyalg;
199 return 1;
200}
diff --git a/src/lib/libcrypto/asn1/t_bitst.c b/src/lib/libcrypto/asn1/t_bitst.c
deleted file mode 100644
index ea4138e0fb..0000000000
--- a/src/lib/libcrypto/asn1/t_bitst.c
+++ /dev/null
@@ -1,112 +0,0 @@
1/* $OpenBSD: t_bitst.c,v 1.7 2014/07/11 08:44:47 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <string.h>
61
62#include <openssl/conf.h>
63#include <openssl/x509v3.h>
64
65int
66ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
67 BIT_STRING_BITNAME *tbl, int indent)
68{
69 BIT_STRING_BITNAME *bnam;
70 char first = 1;
71
72 BIO_printf(out, "%*s", indent, "");
73 for (bnam = tbl; bnam->lname; bnam++) {
74 if (ASN1_BIT_STRING_get_bit(bs, bnam->bitnum)) {
75 if (!first)
76 BIO_puts(out, ", ");
77 BIO_puts(out, bnam->lname);
78 first = 0;
79 }
80 }
81 BIO_puts(out, "\n");
82 return 1;
83}
84
85int
86ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value,
87 BIT_STRING_BITNAME *tbl)
88{
89 int bitnum;
90
91 bitnum = ASN1_BIT_STRING_num_asc(name, tbl);
92 if (bitnum < 0)
93 return 0;
94 if (bs) {
95 if (!ASN1_BIT_STRING_set_bit(bs, bitnum, value))
96 return 0;
97 }
98 return 1;
99}
100
101int
102ASN1_BIT_STRING_num_asc(char *name, BIT_STRING_BITNAME *tbl)
103{
104 BIT_STRING_BITNAME *bnam;
105
106 for (bnam = tbl; bnam->lname; bnam++) {
107 if (!strcmp(bnam->sname, name) ||
108 !strcmp(bnam->lname, name))
109 return bnam->bitnum;
110 }
111 return -1;
112}
diff --git a/src/lib/libcrypto/asn1/t_crl.c b/src/lib/libcrypto/asn1/t_crl.c
deleted file mode 100644
index 67116361a5..0000000000
--- a/src/lib/libcrypto/asn1/t_crl.c
+++ /dev/null
@@ -1,140 +0,0 @@
1/* $OpenBSD: t_crl.c,v 1.16 2014/07/12 16:33:25 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60
61#include <openssl/bn.h>
62#include <openssl/buffer.h>
63#include <openssl/err.h>
64#include <openssl/objects.h>
65#include <openssl/x509.h>
66#include <openssl/x509v3.h>
67
68int
69X509_CRL_print_fp(FILE *fp, X509_CRL *x)
70{
71 BIO *b;
72 int ret;
73
74 if ((b = BIO_new(BIO_s_file())) == NULL) {
75 X509err(X509_F_X509_CRL_PRINT_FP, ERR_R_BUF_LIB);
76 return (0);
77 }
78 BIO_set_fp(b, fp, BIO_NOCLOSE);
79 ret = X509_CRL_print(b, x);
80 BIO_free(b);
81 return (ret);
82}
83
84int
85X509_CRL_print(BIO *out, X509_CRL *x)
86{
87 STACK_OF(X509_REVOKED) *rev;
88 X509_REVOKED *r;
89 long l;
90 int i;
91 char *p;
92
93 BIO_printf(out, "Certificate Revocation List (CRL):\n");
94 l = X509_CRL_get_version(x);
95 BIO_printf(out, "%8sVersion %lu (0x%lx)\n", "", l + 1, l);
96 i = OBJ_obj2nid(x->sig_alg->algorithm);
97 if (X509_signature_print(out, x->sig_alg, NULL) == 0)
98 goto err;
99 p = X509_NAME_oneline(X509_CRL_get_issuer(x), NULL, 0);
100 if (p == NULL)
101 goto err;
102 BIO_printf(out, "%8sIssuer: %s\n", "", p);
103 free(p);
104 BIO_printf(out, "%8sLast Update: ", "");
105 ASN1_TIME_print(out, X509_CRL_get_lastUpdate(x));
106 BIO_printf(out, "\n%8sNext Update: ", "");
107 if (X509_CRL_get_nextUpdate(x))
108 ASN1_TIME_print(out, X509_CRL_get_nextUpdate(x));
109 else
110 BIO_printf(out, "NONE");
111 BIO_printf(out, "\n");
112
113 X509V3_extensions_print(out, "CRL extensions",
114 x->crl->extensions, 0, 8);
115
116 rev = X509_CRL_get_REVOKED(x);
117
118 if (sk_X509_REVOKED_num(rev) > 0)
119 BIO_printf(out, "Revoked Certificates:\n");
120 else
121 BIO_printf(out, "No Revoked Certificates.\n");
122
123 for (i = 0; i < sk_X509_REVOKED_num(rev); i++) {
124 r = sk_X509_REVOKED_value(rev, i);
125 BIO_printf(out, " Serial Number: ");
126 i2a_ASN1_INTEGER(out, r->serialNumber);
127 BIO_printf(out, "\n Revocation Date: ");
128 ASN1_TIME_print(out, r->revocationDate);
129 BIO_printf(out, "\n");
130 X509V3_extensions_print(out, "CRL entry extensions",
131 r->extensions, 0, 8);
132 }
133 if (X509_signature_print(out, x->sig_alg, x->signature) == 0)
134 goto err;
135
136 return 1;
137
138err:
139 return 0;
140}
diff --git a/src/lib/libcrypto/asn1/t_pkey.c b/src/lib/libcrypto/asn1/t_pkey.c
deleted file mode 100644
index b3f7d084c5..0000000000
--- a/src/lib/libcrypto/asn1/t_pkey.c
+++ /dev/null
@@ -1,114 +0,0 @@
1/* $OpenBSD: t_pkey.c,v 1.16 2014/07/11 08:44:47 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/bn.h>
62#include <openssl/buffer.h>
63#include <openssl/objects.h>
64
65int
66ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num,
67 unsigned char *buf, int off)
68{
69 int n, i;
70 const char *neg;
71
72 if (num == NULL)
73 return (1);
74 neg = (BN_is_negative(num)) ? "-" : "";
75 if (!BIO_indent(bp, off, 128))
76 return 0;
77 if (BN_is_zero(num)) {
78 if (BIO_printf(bp, "%s 0\n", number) <= 0)
79 return 0;
80 return 1;
81 }
82
83 if (BN_num_bytes(num) <= BN_BYTES) {
84 if (BIO_printf(bp, "%s %s%lu (%s0x%lx)\n", number, neg,
85 (unsigned long)num->d[0], neg,
86 (unsigned long)num->d[0]) <= 0)
87 return (0);
88 } else {
89 buf[0] = 0;
90 if (BIO_printf(bp, "%s%s", number,
91 (neg[0] == '-') ? " (Negative)" : "") <= 0)
92 return (0);
93 n = BN_bn2bin(num, &buf[1]);
94
95 if (buf[1] & 0x80)
96 n++;
97 else
98 buf++;
99
100 for (i = 0; i < n; i++) {
101 if ((i % 15) == 0) {
102 if (BIO_puts(bp, "\n") <= 0 ||
103 !BIO_indent(bp, off + 4, 128))
104 return 0;
105 }
106 if (BIO_printf(bp, "%02x%s", buf[i],
107 ((i + 1) == n) ? "" : ":") <= 0)
108 return (0);
109 }
110 if (BIO_write(bp, "\n", 1) <= 0)
111 return (0);
112 }
113 return (1);
114}
diff --git a/src/lib/libcrypto/asn1/t_req.c b/src/lib/libcrypto/asn1/t_req.c
deleted file mode 100644
index 8db456708a..0000000000
--- a/src/lib/libcrypto/asn1/t_req.c
+++ /dev/null
@@ -1,267 +0,0 @@
1/* $OpenBSD: t_req.c,v 1.18 2015/07/29 14:58:34 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#include <openssl/bn.h>
64#include <openssl/buffer.h>
65#include <openssl/err.h>
66#include <openssl/objects.h>
67#include <openssl/x509.h>
68#include <openssl/x509v3.h>
69
70#ifndef OPENSSL_NO_DSA
71#include <openssl/dsa.h>
72#endif
73#ifndef OPENSSL_NO_RSA
74#include <openssl/rsa.h>
75#endif
76
77int
78X509_REQ_print_fp(FILE *fp, X509_REQ *x)
79{
80 BIO *b;
81 int ret;
82
83 if ((b = BIO_new(BIO_s_file())) == NULL) {
84 X509err(X509_F_X509_REQ_PRINT_FP, ERR_R_BUF_LIB);
85 return (0);
86 }
87 BIO_set_fp(b, fp, BIO_NOCLOSE);
88 ret = X509_REQ_print(b, x);
89 BIO_free(b);
90 return (ret);
91}
92
93int
94X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags,
95 unsigned long cflag)
96{
97 unsigned long l;
98 int i;
99 const char *neg;
100 X509_REQ_INFO *ri;
101 EVP_PKEY *pkey;
102 STACK_OF(X509_ATTRIBUTE) *sk;
103 STACK_OF(X509_EXTENSION) *exts;
104 char mlch = ' ';
105 int nmindent = 0;
106
107 if ((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
108 mlch = '\n';
109 nmindent = 12;
110 }
111
112 if (nmflags == X509_FLAG_COMPAT)
113 nmindent = 16;
114
115 ri = x->req_info;
116 if (!(cflag & X509_FLAG_NO_HEADER)) {
117 if (BIO_write(bp, "Certificate Request:\n", 21) <= 0)
118 goto err;
119 if (BIO_write(bp, " Data:\n", 10) <= 0)
120
121 goto err;
122 }
123 if (!(cflag & X509_FLAG_NO_VERSION)) {
124 neg = (ri->version->type == V_ASN1_NEG_INTEGER) ? "-" : "";
125 l = 0;
126 for (i = 0; i < ri->version->length; i++) {
127 l <<= 8;
128 l += ri->version->data[i];
129 }
130 if (BIO_printf(bp, "%8sVersion: %s%lu (%s0x%lx)\n", "", neg,
131 l, neg, l) <= 0)
132 goto err;
133 }
134 if (!(cflag & X509_FLAG_NO_SUBJECT)) {
135 if (BIO_printf(bp, " Subject:%c", mlch) <= 0)
136 goto err;
137 if (X509_NAME_print_ex(bp, ri->subject, nmindent, nmflags) < 0)
138 goto err;
139 if (BIO_write(bp, "\n", 1) <= 0)
140 goto err;
141 }
142 if (!(cflag & X509_FLAG_NO_PUBKEY)) {
143 if (BIO_write(bp, " Subject Public Key Info:\n",
144 33) <= 0)
145 goto err;
146 if (BIO_printf(bp, "%12sPublic Key Algorithm: ", "") <= 0)
147 goto err;
148 if (i2a_ASN1_OBJECT(bp, ri->pubkey->algor->algorithm) <= 0)
149 goto err;
150 if (BIO_puts(bp, "\n") <= 0)
151 goto err;
152
153 pkey = X509_REQ_get_pubkey(x);
154 if (pkey == NULL) {
155 BIO_printf(bp, "%12sUnable to load Public Key\n", "");
156 ERR_print_errors(bp);
157 } else {
158 EVP_PKEY_print_public(bp, pkey, 16, NULL);
159 EVP_PKEY_free(pkey);
160 }
161 }
162
163 if (!(cflag & X509_FLAG_NO_ATTRIBUTES)) {
164 /* may not be */
165 if (BIO_printf(bp, "%8sAttributes:\n", "") <= 0)
166 goto err;
167
168 sk = x->req_info->attributes;
169 if (sk_X509_ATTRIBUTE_num(sk) == 0) {
170 if (BIO_printf(bp, "%12sa0:00\n", "") <= 0)
171 goto err;
172 } else {
173 for (i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
174 ASN1_TYPE *at;
175 X509_ATTRIBUTE *a;
176 ASN1_BIT_STRING *bs = NULL;
177 ASN1_TYPE *t;
178 int j, type = 0, count = 1, ii = 0;
179
180 a = sk_X509_ATTRIBUTE_value(sk, i);
181 if (X509_REQ_extension_nid(
182 OBJ_obj2nid(a->object)))
183 continue;
184 if (BIO_printf(bp, "%12s", "") <= 0)
185 goto err;
186 if ((j = i2a_ASN1_OBJECT(bp, a->object)) > 0) {
187 if (a->single) {
188 t = a->value.single;
189 type = t->type;
190 bs = t->value.bit_string;
191 } else {
192 ii = 0;
193 count = sk_ASN1_TYPE_num(
194 a->value.set);
195get_next:
196 at = sk_ASN1_TYPE_value(
197 a->value.set, ii);
198 type = at->type;
199 bs = at->value.asn1_string;
200 }
201 }
202 for (j = 25 - j; j > 0; j--)
203 if (BIO_write(bp, " ", 1) != 1)
204 goto err;
205 if (BIO_puts(bp, ":") <= 0)
206 goto err;
207 if ((type == V_ASN1_PRINTABLESTRING) ||
208 (type == V_ASN1_T61STRING) ||
209 (type == V_ASN1_IA5STRING)) {
210 if (BIO_write(bp, (char *)bs->data,
211 bs->length) != bs->length)
212 goto err;
213 BIO_puts(bp, "\n");
214 } else {
215 BIO_puts(bp,
216 "unable to print attribute\n");
217 }
218 if (++ii < count)
219 goto get_next;
220 }
221 }
222 }
223 if (!(cflag & X509_FLAG_NO_EXTENSIONS)) {
224 exts = X509_REQ_get_extensions(x);
225 if (exts) {
226 BIO_printf(bp, "%8sRequested Extensions:\n", "");
227 for (i = 0; i < sk_X509_EXTENSION_num(exts); i++) {
228 ASN1_OBJECT *obj;
229 X509_EXTENSION *ex;
230 int j;
231 ex = sk_X509_EXTENSION_value(exts, i);
232 if (BIO_printf(bp, "%12s", "") <= 0)
233 goto err;
234 obj = X509_EXTENSION_get_object(ex);
235 i2a_ASN1_OBJECT(bp, obj);
236 j = X509_EXTENSION_get_critical(ex);
237 if (BIO_printf(bp, ": %s\n",
238 j ? "critical" : "") <= 0)
239 goto err;
240 if (!X509V3_EXT_print(bp, ex, cflag, 16)) {
241 BIO_printf(bp, "%16s", "");
242 ASN1_STRING_print(bp, ex->value);
243 }
244 if (BIO_write(bp, "\n", 1) <= 0)
245 goto err;
246 }
247 sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
248 }
249 }
250
251 if (!(cflag & X509_FLAG_NO_SIGDUMP)) {
252 if (!X509_signature_print(bp, x->sig_alg, x->signature))
253 goto err;
254 }
255
256 return (1);
257
258err:
259 X509err(X509_F_X509_REQ_PRINT_EX, ERR_R_BUF_LIB);
260 return (0);
261}
262
263int
264X509_REQ_print(BIO *bp, X509_REQ *x)
265{
266 return X509_REQ_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
267}
diff --git a/src/lib/libcrypto/asn1/t_spki.c b/src/lib/libcrypto/asn1/t_spki.c
deleted file mode 100644
index 39ff0670b6..0000000000
--- a/src/lib/libcrypto/asn1/t_spki.c
+++ /dev/null
@@ -1,112 +0,0 @@
1/* $OpenBSD: t_spki.c,v 1.11 2014/07/11 08:44:47 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#include <openssl/asn1.h>
64#include <openssl/bn.h>
65#include <openssl/x509.h>
66
67#ifndef OPENSSL_NO_DSA
68#include <openssl/dsa.h>
69#endif
70#ifndef OPENSSL_NO_RSA
71#include <openssl/rsa.h>
72#endif
73
74/* Print out an SPKI */
75
76int
77NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki)
78{
79 EVP_PKEY *pkey;
80 ASN1_IA5STRING *chal;
81 int i, n;
82 char *s;
83
84 BIO_printf(out, "Netscape SPKI:\n");
85 i = OBJ_obj2nid(spki->spkac->pubkey->algor->algorithm);
86 BIO_printf(out, " Public Key Algorithm: %s\n",
87 (i == NID_undef) ? "UNKNOWN" : OBJ_nid2ln(i));
88 pkey = X509_PUBKEY_get(spki->spkac->pubkey);
89 if (!pkey)
90 BIO_printf(out, " Unable to load public key\n");
91 else {
92 EVP_PKEY_print_public(out, pkey, 4, NULL);
93 EVP_PKEY_free(pkey);
94 }
95 chal = spki->spkac->challenge;
96 if (chal->length)
97 BIO_printf(out, " Challenge String: %s\n", chal->data);
98 i = OBJ_obj2nid(spki->sig_algor->algorithm);
99 BIO_printf(out, " Signature Algorithm: %s",
100 (i == NID_undef) ? "UNKNOWN" : OBJ_nid2ln(i));
101
102 n = spki->signature->length;
103 s = (char *)spki->signature->data;
104 for (i = 0; i < n; i++) {
105 if ((i % 18) == 0)
106 BIO_write(out, "\n ", 7);
107 BIO_printf(out, "%02x%s", (unsigned char)s[i],
108 ((i + 1) == n) ? "" : ":");
109 }
110 BIO_write(out, "\n", 1);
111 return 1;
112}
diff --git a/src/lib/libcrypto/asn1/t_x509.c b/src/lib/libcrypto/asn1/t_x509.c
deleted file mode 100644
index 1c83fc5608..0000000000
--- a/src/lib/libcrypto/asn1/t_x509.c
+++ /dev/null
@@ -1,537 +0,0 @@
1/* $OpenBSD: t_x509.c,v 1.26 2015/02/07 13:19:15 doug Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#include <openssl/bn.h>
64#include <openssl/buffer.h>
65#include <openssl/err.h>
66#include <openssl/objects.h>
67#include <openssl/x509.h>
68#include <openssl/x509v3.h>
69
70#ifndef OPENSSL_NO_DSA
71#include <openssl/dsa.h>
72#endif
73#ifndef OPENSSL_NO_EC
74#include <openssl/ec.h>
75#endif
76#ifndef OPENSSL_NO_RSA
77#include <openssl/rsa.h>
78#endif
79
80#include "asn1_locl.h"
81
82int
83X509_print_fp(FILE *fp, X509 *x)
84{
85 return X509_print_ex_fp(fp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
86}
87
88int
89X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag, unsigned long cflag)
90{
91 BIO *b;
92 int ret;
93
94 if ((b = BIO_new(BIO_s_file())) == NULL) {
95 X509err(X509_F_X509_PRINT_EX_FP, ERR_R_BUF_LIB);
96 return (0);
97 }
98 BIO_set_fp(b, fp, BIO_NOCLOSE);
99 ret = X509_print_ex(b, x, nmflag, cflag);
100 BIO_free(b);
101 return (ret);
102}
103
104int
105X509_print(BIO *bp, X509 *x)
106{
107 return X509_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
108}
109
110int
111X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
112{
113 long l;
114 int ret = 0, i;
115 char *m = NULL, mlch = ' ';
116 int nmindent = 0;
117 X509_CINF *ci;
118 ASN1_INTEGER *bs;
119 EVP_PKEY *pkey = NULL;
120 const char *neg;
121
122 if ((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
123 mlch = '\n';
124 nmindent = 12;
125 }
126
127 if (nmflags == X509_FLAG_COMPAT)
128 nmindent = 16;
129
130 ci = x->cert_info;
131 if (!(cflag & X509_FLAG_NO_HEADER)) {
132 if (BIO_write(bp, "Certificate:\n", 13) <= 0)
133 goto err;
134 if (BIO_write(bp, " Data:\n", 10) <= 0)
135 goto err;
136 }
137 if (!(cflag & X509_FLAG_NO_VERSION)) {
138 l = X509_get_version(x);
139 if (BIO_printf(bp, "%8sVersion: %lu (0x%lx)\n",
140 "", l + 1, l) <= 0)
141 goto err;
142 }
143 if (!(cflag & X509_FLAG_NO_SERIAL)) {
144 if (BIO_write(bp, " Serial Number:", 22) <= 0)
145 goto err;
146
147 bs = X509_get_serialNumber(x);
148 if (bs->length <= (int)sizeof(long)) {
149 l = ASN1_INTEGER_get(bs);
150 if (bs->type == V_ASN1_NEG_INTEGER) {
151 l = -l;
152 neg = "-";
153 } else
154 neg = "";
155 if (BIO_printf(bp, " %s%lu (%s0x%lx)\n",
156 neg, l, neg, l) <= 0)
157 goto err;
158 } else {
159 neg = (bs->type == V_ASN1_NEG_INTEGER) ?
160 " (Negative)" : "";
161 if (BIO_printf(bp, "\n%12s%s", "", neg) <= 0)
162 goto err;
163 for (i = 0; i < bs->length; i++) {
164 if (BIO_printf(bp, "%02x%c", bs->data[i],
165 ((i + 1 == bs->length) ? '\n' : ':')) <= 0)
166 goto err;
167 }
168 }
169
170 }
171
172 if (!(cflag & X509_FLAG_NO_SIGNAME)) {
173 if (X509_signature_print(bp, x->sig_alg, NULL) <= 0)
174 goto err;
175 }
176
177 if (!(cflag & X509_FLAG_NO_ISSUER)) {
178 if (BIO_printf(bp, " Issuer:%c", mlch) <= 0)
179 goto err;
180 if (X509_NAME_print_ex(bp, X509_get_issuer_name(x),
181 nmindent, nmflags) < 0)
182 goto err;
183 if (BIO_write(bp, "\n", 1) <= 0)
184 goto err;
185 }
186 if (!(cflag & X509_FLAG_NO_VALIDITY)) {
187 if (BIO_write(bp, " Validity\n", 17) <= 0)
188 goto err;
189 if (BIO_write(bp, " Not Before: ", 24) <= 0)
190 goto err;
191 if (!ASN1_TIME_print(bp, X509_get_notBefore(x)))
192 goto err;
193 if (BIO_write(bp, "\n Not After : ", 25) <= 0)
194 goto err;
195 if (!ASN1_TIME_print(bp, X509_get_notAfter(x)))
196 goto err;
197 if (BIO_write(bp, "\n", 1) <= 0)
198 goto err;
199 }
200 if (!(cflag & X509_FLAG_NO_SUBJECT)) {
201 if (BIO_printf(bp, " Subject:%c", mlch) <= 0)
202 goto err;
203 if (X509_NAME_print_ex(bp, X509_get_subject_name(x),
204 nmindent, nmflags) < 0)
205 goto err;
206 if (BIO_write(bp, "\n", 1) <= 0)
207 goto err;
208 }
209 if (!(cflag & X509_FLAG_NO_PUBKEY)) {
210 if (BIO_write(bp, " Subject Public Key Info:\n",
211 33) <= 0)
212 goto err;
213 if (BIO_printf(bp, "%12sPublic Key Algorithm: ", "") <= 0)
214 goto err;
215 if (i2a_ASN1_OBJECT(bp, ci->key->algor->algorithm) <= 0)
216 goto err;
217 if (BIO_puts(bp, "\n") <= 0)
218 goto err;
219
220 pkey = X509_get_pubkey(x);
221 if (pkey == NULL) {
222 BIO_printf(bp, "%12sUnable to load Public Key\n", "");
223 ERR_print_errors(bp);
224 } else {
225 EVP_PKEY_print_public(bp, pkey, 16, NULL);
226 EVP_PKEY_free(pkey);
227 }
228 }
229
230 if (!(cflag & X509_FLAG_NO_EXTENSIONS))
231 X509V3_extensions_print(bp, "X509v3 extensions",
232 ci->extensions, cflag, 8);
233
234 if (!(cflag & X509_FLAG_NO_SIGDUMP)) {
235 if (X509_signature_print(bp, x->sig_alg, x->signature) <= 0)
236 goto err;
237 }
238 if (!(cflag & X509_FLAG_NO_AUX)) {
239 if (!X509_CERT_AUX_print(bp, x->aux, 0))
240 goto err;
241 }
242 ret = 1;
243
244err:
245 free(m);
246 return (ret);
247}
248
249int X509_ocspid_print (BIO *bp, X509 *x)
250{
251 unsigned char *der = NULL;
252 unsigned char *dertmp;
253 int derlen;
254 int i;
255 unsigned char SHA1md[SHA_DIGEST_LENGTH];
256
257 /* display the hash of the subject as it would appear
258 in OCSP requests */
259 if (BIO_printf(bp, " Subject OCSP hash: ") <= 0)
260 goto err;
261 derlen = i2d_X509_NAME(x->cert_info->subject, NULL);
262 if ((der = dertmp = malloc(derlen)) == NULL)
263 goto err;
264 i2d_X509_NAME(x->cert_info->subject, &dertmp);
265
266 if (!EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL))
267 goto err;
268 for (i = 0; i < SHA_DIGEST_LENGTH; i++) {
269 if (BIO_printf(bp, "%02X", SHA1md[i]) <= 0)
270 goto err;
271 }
272 free (der);
273 der = NULL;
274
275 /* display the hash of the public key as it would appear
276 in OCSP requests */
277 if (BIO_printf(bp, "\n Public key OCSP hash: ") <= 0)
278 goto err;
279
280 if (!EVP_Digest(x->cert_info->key->public_key->data,
281 x->cert_info->key->public_key->length,
282 SHA1md, NULL, EVP_sha1(), NULL))
283 goto err;
284 for (i = 0; i < SHA_DIGEST_LENGTH; i++) {
285 if (BIO_printf(bp, "%02X", SHA1md[i]) <= 0)
286 goto err;
287 }
288 BIO_printf(bp, "\n");
289
290 return (1);
291
292err:
293 free(der);
294 return (0);
295}
296
297int
298X509_signature_dump(BIO *bp, const ASN1_STRING *sig, int indent)
299{
300 const unsigned char *s;
301 int i, n;
302
303 n = sig->length;
304 s = sig->data;
305 for (i = 0; i < n; i++) {
306 if ((i % 18) == 0) {
307 if (BIO_write(bp, "\n", 1) <= 0)
308 return 0;
309 if (BIO_indent(bp, indent, indent) <= 0)
310 return 0;
311 }
312 if (BIO_printf(bp, "%02x%s", s[i],
313 ((i + 1) == n) ? "" : ":") <= 0)
314 return 0;
315 }
316 if (BIO_write(bp, "\n", 1) != 1)
317 return 0;
318
319 return 1;
320}
321
322int
323X509_signature_print(BIO *bp, X509_ALGOR *sigalg, ASN1_STRING *sig)
324{
325 int sig_nid;
326 if (BIO_puts(bp, " Signature Algorithm: ") <= 0)
327 return 0;
328 if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0)
329 return 0;
330
331 sig_nid = OBJ_obj2nid(sigalg->algorithm);
332 if (sig_nid != NID_undef) {
333 int pkey_nid, dig_nid;
334 const EVP_PKEY_ASN1_METHOD *ameth;
335 if (OBJ_find_sigid_algs(sig_nid, &dig_nid, &pkey_nid)) {
336 ameth = EVP_PKEY_asn1_find(NULL, pkey_nid);
337 if (ameth && ameth->sig_print)
338 return ameth->sig_print(bp, sigalg, sig, 9, 0);
339 }
340 }
341 if (sig)
342 return X509_signature_dump(bp, sig, 9);
343 else if (BIO_puts(bp, "\n") <= 0)
344 return 0;
345 return 1;
346}
347
348int
349ASN1_STRING_print(BIO *bp, const ASN1_STRING *v)
350{
351 int i, n;
352 char buf[80];
353 const char *p;
354
355 if (v == NULL)
356 return (0);
357 n = 0;
358 p = (const char *)v->data;
359 for (i = 0; i < v->length; i++) {
360 if ((p[i] > '~') || ((p[i] < ' ') &&
361 (p[i] != '\n') && (p[i] != '\r')))
362 buf[n] = '.';
363 else
364 buf[n] = p[i];
365 n++;
366 if (n >= 80) {
367 if (BIO_write(bp, buf, n) <= 0)
368 return (0);
369 n = 0;
370 }
371 }
372 if (n > 0)
373 if (BIO_write(bp, buf, n) <= 0)
374 return (0);
375 return (1);
376}
377
378int
379ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm)
380{
381 if (tm->type == V_ASN1_UTCTIME)
382 return ASN1_UTCTIME_print(bp, tm);
383 if (tm->type == V_ASN1_GENERALIZEDTIME)
384 return ASN1_GENERALIZEDTIME_print(bp, tm);
385 BIO_write(bp, "Bad time value", 14);
386 return (0);
387}
388
389static const char *mon[12] = {
390 "Jan", "Feb", "Mar", "Apr", "May", "Jun",
391 "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"
392};
393
394int
395ASN1_GENERALIZEDTIME_print(BIO *bp, const ASN1_GENERALIZEDTIME *tm)
396{
397 char *v;
398 int gmt = 0;
399 int i;
400 int y = 0, M = 0, d = 0, h = 0, m = 0, s = 0;
401 char *f = NULL;
402 int f_len = 0;
403
404 i = tm->length;
405 v = (char *)tm->data;
406
407 if (i < 12)
408 goto err;
409 if (v[i-1] == 'Z')
410 gmt = 1;
411 for (i = 0; i < 12; i++)
412 if ((v[i] > '9') || (v[i] < '0'))
413 goto err;
414 y = (v[0] - '0') * 1000 + (v[1] - '0') * 100 +
415 (v[2] - '0') * 10 + (v[3] - '0');
416 M = (v[4] - '0') * 10 + (v[5] - '0');
417 if ((M > 12) || (M < 1))
418 goto err;
419 d = (v[6] - '0') * 10 + (v[7] - '0');
420 h = (v[8] - '0') * 10 + (v[9] - '0');
421 m = (v[10] - '0') * 10 + (v[11] - '0');
422 if (tm->length >= 14 &&
423 (v[12] >= '0') && (v[12] <= '9') &&
424 (v[13] >= '0') && (v[13] <= '9')) {
425 s = (v[12] - '0') * 10 + (v[13] - '0');
426 /* Check for fractions of seconds. */
427 if (tm->length >= 15 && v[14] == '.') {
428 int l = tm->length;
429 f = &v[14]; /* The decimal point. */
430 f_len = 1;
431 while (14 + f_len < l && f[f_len] >= '0' &&
432 f[f_len] <= '9')
433 ++f_len;
434 }
435 }
436
437 if (BIO_printf(bp, "%s %2d %02d:%02d:%02d%.*s %d%s",
438 mon[M - 1], d, h, m, s, f_len, f, y, (gmt) ? " GMT" : "") <= 0)
439 return (0);
440 else
441 return (1);
442
443err:
444 BIO_write(bp, "Bad time value", 14);
445 return (0);
446}
447
448int
449ASN1_UTCTIME_print(BIO *bp, const ASN1_UTCTIME *tm)
450{
451 const char *v;
452 int gmt = 0;
453 int i;
454 int y = 0, M = 0, d = 0, h = 0, m = 0, s = 0;
455
456 i = tm->length;
457 v = (const char *)tm->data;
458
459 if (i < 10)
460 goto err;
461 if (v[i-1] == 'Z')
462 gmt = 1;
463 for (i = 0; i < 10; i++)
464 if ((v[i] > '9') || (v[i] < '0'))
465 goto err;
466 y = (v[0] - '0') * 10 + (v[1] - '0');
467 if (y < 50)
468 y += 100;
469 M = (v[2] - '0') * 10 + (v[3] - '0');
470 if ((M > 12) || (M < 1))
471 goto err;
472 d = (v[4] - '0') * 10 + (v[5] - '0');
473 h = (v[6] - '0') * 10 + (v[7] - '0');
474 m = (v[8] - '0') * 10 + (v[9] - '0');
475 if (tm->length >=12 &&
476 (v[10] >= '0') && (v[10] <= '9') &&
477 (v[11] >= '0') && (v[11] <= '9'))
478 s = (v[10] - '0') * 10 + (v[11] - '0');
479
480 if (BIO_printf(bp, "%s %2d %02d:%02d:%02d %d%s",
481 mon[M - 1], d, h, m, s, y + 1900, (gmt) ? " GMT" : "") <= 0)
482 return (0);
483 else
484 return (1);
485
486err:
487 BIO_write(bp, "Bad time value", 14);
488 return (0);
489}
490
491int
492X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
493{
494 char *s, *c, *b;
495 int ret = 0, l, i;
496
497 l = 80 - 2 - obase;
498
499 b = X509_NAME_oneline(name, NULL, 0);
500 if (b == NULL)
501 return 0;
502 if (*b == '\0') {
503 free(b);
504 return 1;
505 }
506 s = b + 1; /* skip the first slash */
507
508 c = s;
509 for (;;) {
510 if (((*s == '/') &&
511 ((s[1] >= 'A') && (s[1] <= 'Z') &&
512 ((s[2] == '=') || ((s[2] >= 'A') && (s[2] <= 'Z') &&
513 (s[3] == '='))))) || (*s == '\0')) {
514 i = s - c;
515 if (BIO_write(bp, c, i) != i)
516 goto err;
517 c = s + 1; /* skip following slash */
518 if (*s != '\0') {
519 if (BIO_write(bp, ", ", 2) != 2)
520 goto err;
521 }
522 l--;
523 }
524 if (*s == '\0')
525 break;
526 s++;
527 l--;
528 }
529
530 ret = 1;
531 if (0) {
532err:
533 X509err(X509_F_X509_NAME_PRINT, ERR_R_BUF_LIB);
534 }
535 free(b);
536 return (ret);
537}
diff --git a/src/lib/libcrypto/asn1/t_x509a.c b/src/lib/libcrypto/asn1/t_x509a.c
deleted file mode 100644
index fd68211b84..0000000000
--- a/src/lib/libcrypto/asn1/t_x509a.c
+++ /dev/null
@@ -1,118 +0,0 @@
1/* $OpenBSD: t_x509a.c,v 1.8 2014/07/11 08:44:47 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60
61#include <openssl/asn1.h>
62#include <openssl/evp.h>
63#include <openssl/x509.h>
64
65/* X509_CERT_AUX and string set routines
66 */
67
68int
69X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent)
70{
71 char oidstr[80], first;
72 int i;
73 if (!aux)
74 return 1;
75 if (aux->trust) {
76 first = 1;
77 BIO_printf(out, "%*sTrusted Uses:\n%*s",
78 indent, "", indent + 2, "");
79 for (i = 0; i < sk_ASN1_OBJECT_num(aux->trust); i++) {
80 if (!first)
81 BIO_puts(out, ", ");
82 else
83 first = 0;
84 OBJ_obj2txt(oidstr, sizeof oidstr,
85 sk_ASN1_OBJECT_value(aux->trust, i), 0);
86 BIO_puts(out, oidstr);
87 }
88 BIO_puts(out, "\n");
89 } else
90 BIO_printf(out, "%*sNo Trusted Uses.\n", indent, "");
91 if (aux->reject) {
92 first = 1;
93 BIO_printf(out, "%*sRejected Uses:\n%*s",
94 indent, "", indent + 2, "");
95 for (i = 0; i < sk_ASN1_OBJECT_num(aux->reject); i++) {
96 if (!first)
97 BIO_puts(out, ", ");
98 else
99 first = 0;
100 OBJ_obj2txt(oidstr, sizeof oidstr,
101 sk_ASN1_OBJECT_value(aux->reject, i), 0);
102 BIO_puts(out, oidstr);
103 }
104 BIO_puts(out, "\n");
105 } else
106 BIO_printf(out, "%*sNo Rejected Uses.\n", indent, "");
107 if (aux->alias)
108 BIO_printf(out, "%*sAlias: %s\n", indent, "",
109 aux->alias->data);
110 if (aux->keyid) {
111 BIO_printf(out, "%*sKey Id: ", indent, "");
112 for (i = 0; i < aux->keyid->length; i++)
113 BIO_printf(out, "%s%02X", i ? ":" : "",
114 aux->keyid->data[i]);
115 BIO_write(out, "\n", 1);
116 }
117 return 1;
118}
diff --git a/src/lib/libcrypto/asn1/tasn_dec.c b/src/lib/libcrypto/asn1/tasn_dec.c
deleted file mode 100644
index f08514dc83..0000000000
--- a/src/lib/libcrypto/asn1/tasn_dec.c
+++ /dev/null
@@ -1,1184 +0,0 @@
1/* $OpenBSD: tasn_dec.c,v 1.27 2015/07/20 15:41:48 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59
60#include <stddef.h>
61#include <string.h>
62#include <openssl/asn1.h>
63#include <openssl/asn1t.h>
64#include <openssl/objects.h>
65#include <openssl/buffer.h>
66#include <openssl/err.h>
67
68static int asn1_check_eoc(const unsigned char **in, long len);
69static int asn1_find_end(const unsigned char **in, long len, char inf);
70
71static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
72 char inf, int tag, int aclass, int depth);
73
74static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen);
75
76static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
77 char *inf, char *cst, const unsigned char **in, long len, int exptag,
78 int expclass, char opt, ASN1_TLC *ctx);
79
80static int asn1_template_ex_d2i(ASN1_VALUE **pval, const unsigned char **in,
81 long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx);
82static int asn1_template_noexp_d2i(ASN1_VALUE **val, const unsigned char **in,
83 long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx);
84static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, const unsigned char **in,
85 long len, const ASN1_ITEM *it, int tag, int aclass, char opt,
86 ASN1_TLC *ctx);
87
88/* Table to convert tags to bit values, used for MSTRING type */
89static const unsigned long tag2bit[32] = {
90 0, 0, 0, B_ASN1_BIT_STRING, /* tags 0 - 3 */
91 B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,/* tags 4- 7 */
92 B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 8-11 */
93 B_ASN1_UTF8STRING,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,/* tags 12-15 */
94 B_ASN1_SEQUENCE,0,B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING, /* tags 16-19 */
95 B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING, /* tags 20-22 */
96 B_ASN1_UTCTIME, B_ASN1_GENERALIZEDTIME, /* tags 23-24 */
97 B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING, /* tags 25-27 */
98 B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_BMPSTRING,B_ASN1_UNKNOWN, /* tags 28-31 */
99};
100
101unsigned long
102ASN1_tag2bit(int tag)
103{
104 if ((tag < 0) || (tag > 30))
105 return 0;
106 return tag2bit[tag];
107}
108
109/* Macro to initialize and invalidate the cache */
110
111#define asn1_tlc_clear(c) if (c) (c)->valid = 0
112/* Version to avoid compiler warning about 'c' always non-NULL */
113#define asn1_tlc_clear_nc(c) (c)->valid = 0
114
115/* Decode an ASN1 item, this currently behaves just
116 * like a standard 'd2i' function. 'in' points to
117 * a buffer to read the data from, in future we will
118 * have more advanced versions that can input data
119 * a piece at a time and this will simply be a special
120 * case.
121 */
122
123ASN1_VALUE *
124ASN1_item_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
125 const ASN1_ITEM *it)
126{
127 ASN1_TLC c;
128 ASN1_VALUE *ptmpval = NULL;
129
130 if (!pval)
131 pval = &ptmpval;
132 asn1_tlc_clear_nc(&c);
133 if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0)
134 return *pval;
135 return NULL;
136}
137
138int
139ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
140 const ASN1_TEMPLATE *tt)
141{
142 ASN1_TLC c;
143
144 asn1_tlc_clear_nc(&c);
145 return asn1_template_ex_d2i(pval, in, len, tt, 0, &c);
146}
147
148
149/* Decode an item, taking care of IMPLICIT tagging, if any.
150 * If 'opt' set and tag mismatch return -1 to handle OPTIONAL
151 */
152
153int
154ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
155 const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx)
156{
157 const ASN1_TEMPLATE *tt, *errtt = NULL;
158 const ASN1_EXTERN_FUNCS *ef;
159 const ASN1_AUX *aux = it->funcs;
160 ASN1_aux_cb *asn1_cb;
161 const unsigned char *p = NULL, *q;
162 unsigned char oclass;
163 char seq_eoc, seq_nolen, cst, isopt;
164 long tmplen;
165 int i;
166 int otag;
167 int ret = 0;
168 ASN1_VALUE **pchptr;
169
170 if (!pval)
171 return 0;
172
173 if (aux && aux->asn1_cb)
174 asn1_cb = aux->asn1_cb;
175 else
176 asn1_cb = 0;
177
178 switch (it->itype) {
179 case ASN1_ITYPE_PRIMITIVE:
180 if (it->templates) {
181 /* tagging or OPTIONAL is currently illegal on an item
182 * template because the flags can't get passed down.
183 * In practice this isn't a problem: we include the
184 * relevant flags from the item template in the
185 * template itself.
186 */
187 if ((tag != -1) || opt) {
188 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
189 ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE);
190 goto err;
191 }
192 return asn1_template_ex_d2i(pval, in, len,
193 it->templates, opt, ctx);
194 }
195 return asn1_d2i_ex_primitive(pval, in, len, it,
196 tag, aclass, opt, ctx);
197 break;
198
199 case ASN1_ITYPE_MSTRING:
200 p = *in;
201 /* Just read in tag and class */
202 ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL,
203 &p, len, -1, 0, 1, ctx);
204 if (!ret) {
205 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
206 ERR_R_NESTED_ASN1_ERROR);
207 goto err;
208 }
209
210 /* Must be UNIVERSAL class */
211 if (oclass != V_ASN1_UNIVERSAL) {
212 /* If OPTIONAL, assume this is OK */
213 if (opt)
214 return -1;
215 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
216 ASN1_R_MSTRING_NOT_UNIVERSAL);
217 goto err;
218 }
219 /* Check tag matches bit map */
220 if (!(ASN1_tag2bit(otag) & it->utype)) {
221 /* If OPTIONAL, assume this is OK */
222 if (opt)
223 return -1;
224 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
225 ASN1_R_MSTRING_WRONG_TAG);
226 goto err;
227 }
228 return asn1_d2i_ex_primitive(pval, in, len,
229 it, otag, 0, 0, ctx);
230
231 case ASN1_ITYPE_EXTERN:
232 /* Use new style d2i */
233 ef = it->funcs;
234 return ef->asn1_ex_d2i(pval, in, len,
235 it, tag, aclass, opt, ctx);
236
237 case ASN1_ITYPE_CHOICE:
238 if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
239 goto auxerr;
240
241 if (*pval) {
242 /* Free up and zero CHOICE value if initialised */
243 i = asn1_get_choice_selector(pval, it);
244 if ((i >= 0) && (i < it->tcount)) {
245 tt = it->templates + i;
246 pchptr = asn1_get_field_ptr(pval, tt);
247 ASN1_template_free(pchptr, tt);
248 asn1_set_choice_selector(pval, -1, it);
249 }
250 } else if (!ASN1_item_ex_new(pval, it)) {
251 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
252 ERR_R_NESTED_ASN1_ERROR);
253 goto err;
254 }
255 /* CHOICE type, try each possibility in turn */
256 p = *in;
257 for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
258 pchptr = asn1_get_field_ptr(pval, tt);
259 /* We mark field as OPTIONAL so its absence
260 * can be recognised.
261 */
262 ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx);
263 /* If field not present, try the next one */
264 if (ret == -1)
265 continue;
266 /* If positive return, read OK, break loop */
267 if (ret > 0)
268 break;
269 /* Otherwise must be an ASN1 parsing error */
270 errtt = tt;
271 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
272 ERR_R_NESTED_ASN1_ERROR);
273 goto err;
274 }
275
276 /* Did we fall off the end without reading anything? */
277 if (i == it->tcount) {
278 /* If OPTIONAL, this is OK */
279 if (opt) {
280 /* Free and zero it */
281 ASN1_item_ex_free(pval, it);
282 return -1;
283 }
284 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
285 ASN1_R_NO_MATCHING_CHOICE_TYPE);
286 goto err;
287 }
288
289 asn1_set_choice_selector(pval, i, it);
290 *in = p;
291 if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
292 goto auxerr;
293 return 1;
294
295 case ASN1_ITYPE_NDEF_SEQUENCE:
296 case ASN1_ITYPE_SEQUENCE:
297 p = *in;
298 tmplen = len;
299
300 /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
301 if (tag == -1) {
302 tag = V_ASN1_SEQUENCE;
303 aclass = V_ASN1_UNIVERSAL;
304 }
305 /* Get SEQUENCE length and update len, p */
306 ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst,
307 &p, len, tag, aclass, opt, ctx);
308 if (!ret) {
309 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
310 ERR_R_NESTED_ASN1_ERROR);
311 goto err;
312 } else if (ret == -1)
313 return -1;
314 if (aux && (aux->flags & ASN1_AFLG_BROKEN)) {
315 len = tmplen - (p - *in);
316 seq_nolen = 1;
317 }
318 /* If indefinite we don't do a length check */
319 else
320 seq_nolen = seq_eoc;
321 if (!cst) {
322 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
323 ASN1_R_SEQUENCE_NOT_CONSTRUCTED);
324 goto err;
325 }
326
327 if (!*pval && !ASN1_item_ex_new(pval, it)) {
328 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
329 ERR_R_NESTED_ASN1_ERROR);
330 goto err;
331 }
332
333 if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it, NULL))
334 goto auxerr;
335
336 /* Free up and zero any ADB found */
337 for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
338 if (tt->flags & ASN1_TFLG_ADB_MASK) {
339 const ASN1_TEMPLATE *seqtt;
340 ASN1_VALUE **pseqval;
341 seqtt = asn1_do_adb(pval, tt, 1);
342 if (!seqtt)
343 goto err;
344 pseqval = asn1_get_field_ptr(pval, seqtt);
345 ASN1_template_free(pseqval, seqtt);
346 }
347 }
348
349 /* Get each field entry */
350 for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
351 const ASN1_TEMPLATE *seqtt;
352 ASN1_VALUE **pseqval;
353 seqtt = asn1_do_adb(pval, tt, 1);
354 if (!seqtt)
355 goto err;
356 pseqval = asn1_get_field_ptr(pval, seqtt);
357 /* Have we ran out of data? */
358 if (!len)
359 break;
360 q = p;
361 if (asn1_check_eoc(&p, len)) {
362 if (!seq_eoc) {
363 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
364 ASN1_R_UNEXPECTED_EOC);
365 goto err;
366 }
367 len -= p - q;
368 seq_eoc = 0;
369 q = p;
370 break;
371 }
372 /* This determines the OPTIONAL flag value. The field
373 * cannot be omitted if it is the last of a SEQUENCE
374 * and there is still data to be read. This isn't
375 * strictly necessary but it increases efficiency in
376 * some cases.
377 */
378 if (i == (it->tcount - 1))
379 isopt = 0;
380 else
381 isopt = (char)(seqtt->flags & ASN1_TFLG_OPTIONAL);
382 /* attempt to read in field, allowing each to be
383 * OPTIONAL */
384
385 ret = asn1_template_ex_d2i(pseqval, &p, len,
386 seqtt, isopt, ctx);
387 if (!ret) {
388 errtt = seqtt;
389 goto err;
390 } else if (ret == -1) {
391 /* OPTIONAL component absent.
392 * Free and zero the field.
393 */
394 ASN1_template_free(pseqval, seqtt);
395 continue;
396 }
397 /* Update length */
398 len -= p - q;
399 }
400
401 /* Check for EOC if expecting one */
402 if (seq_eoc && !asn1_check_eoc(&p, len)) {
403 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MISSING_EOC);
404 goto err;
405 }
406 /* Check all data read */
407 if (!seq_nolen && len) {
408 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
409 ASN1_R_SEQUENCE_LENGTH_MISMATCH);
410 goto err;
411 }
412
413 /* If we get here we've got no more data in the SEQUENCE,
414 * however we may not have read all fields so check all
415 * remaining are OPTIONAL and clear any that are.
416 */
417 for (; i < it->tcount; tt++, i++) {
418 const ASN1_TEMPLATE *seqtt;
419 seqtt = asn1_do_adb(pval, tt, 1);
420 if (!seqtt)
421 goto err;
422 if (seqtt->flags & ASN1_TFLG_OPTIONAL) {
423 ASN1_VALUE **pseqval;
424 pseqval = asn1_get_field_ptr(pval, seqtt);
425 ASN1_template_free(pseqval, seqtt);
426 } else {
427 errtt = seqtt;
428 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
429 ASN1_R_FIELD_MISSING);
430 goto err;
431 }
432 }
433 /* Save encoding */
434 if (!asn1_enc_save(pval, *in, p - *in, it)) {
435 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_MALLOC_FAILURE);
436 goto auxerr;
437 }
438 *in = p;
439 if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it, NULL))
440 goto auxerr;
441 return 1;
442
443 default:
444 return 0;
445 }
446
447auxerr:
448 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR);
449err:
450 ASN1_item_ex_free(pval, it);
451 if (errtt)
452 ERR_asprintf_error_data("Field=%s, Type=%s", errtt->field_name,
453 it->sname);
454 else
455 ERR_asprintf_error_data("Type=%s", it->sname);
456 return 0;
457}
458
459/* Templates are handled with two separate functions.
460 * One handles any EXPLICIT tag and the other handles the rest.
461 */
462
463static int
464asn1_template_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long inlen,
465 const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx)
466{
467 int flags, aclass;
468 int ret;
469 long len;
470 const unsigned char *p, *q;
471 char exp_eoc;
472
473 if (!val)
474 return 0;
475 flags = tt->flags;
476 aclass = flags & ASN1_TFLG_TAG_CLASS;
477
478 p = *in;
479
480 /* Check if EXPLICIT tag expected */
481 if (flags & ASN1_TFLG_EXPTAG) {
482 char cst;
483 /* Need to work out amount of data available to the inner
484 * content and where it starts: so read in EXPLICIT header to
485 * get the info.
486 */
487 ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst,
488 &p, inlen, tt->tag, aclass, opt, ctx);
489 q = p;
490 if (!ret) {
491 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
492 ERR_R_NESTED_ASN1_ERROR);
493 return 0;
494 } else if (ret == -1)
495 return -1;
496 if (!cst) {
497 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
498 ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED);
499 return 0;
500 }
501 /* We've found the field so it can't be OPTIONAL now */
502 ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx);
503 if (!ret) {
504 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
505 ERR_R_NESTED_ASN1_ERROR);
506 return 0;
507 }
508 /* We read the field in OK so update length */
509 len -= p - q;
510 if (exp_eoc) {
511 /* If NDEF we must have an EOC here */
512 if (!asn1_check_eoc(&p, len)) {
513 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
514 ASN1_R_MISSING_EOC);
515 goto err;
516 }
517 } else {
518 /* Otherwise we must hit the EXPLICIT tag end or its
519 * an error */
520 if (len) {
521 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
522 ASN1_R_EXPLICIT_LENGTH_MISMATCH);
523 goto err;
524 }
525 }
526 } else
527 return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx);
528
529 *in = p;
530 return 1;
531
532err:
533 ASN1_template_free(val, tt);
534 return 0;
535}
536
537static int
538asn1_template_noexp_d2i(ASN1_VALUE **val, const unsigned char **in, long len,
539 const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx)
540{
541 int flags, aclass;
542 int ret;
543 const unsigned char *p, *q;
544
545 if (!val)
546 return 0;
547 flags = tt->flags;
548 aclass = flags & ASN1_TFLG_TAG_CLASS;
549
550 p = *in;
551 q = p;
552
553 if (flags & ASN1_TFLG_SK_MASK) {
554 /* SET OF, SEQUENCE OF */
555 int sktag, skaclass;
556 char sk_eoc;
557 /* First work out expected inner tag value */
558 if (flags & ASN1_TFLG_IMPTAG) {
559 sktag = tt->tag;
560 skaclass = aclass;
561 } else {
562 skaclass = V_ASN1_UNIVERSAL;
563 if (flags & ASN1_TFLG_SET_OF)
564 sktag = V_ASN1_SET;
565 else
566 sktag = V_ASN1_SEQUENCE;
567 }
568 /* Get the tag */
569 ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL,
570 &p, len, sktag, skaclass, opt, ctx);
571 if (!ret) {
572 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
573 ERR_R_NESTED_ASN1_ERROR);
574 return 0;
575 } else if (ret == -1)
576 return -1;
577 if (!*val)
578 *val = (ASN1_VALUE *)sk_new_null();
579 else {
580 /* We've got a valid STACK: free up any items present */
581 STACK_OF(ASN1_VALUE) *sktmp =
582 (STACK_OF(ASN1_VALUE) *)*val;
583 ASN1_VALUE *vtmp;
584 while (sk_ASN1_VALUE_num(sktmp) > 0) {
585 vtmp = sk_ASN1_VALUE_pop(sktmp);
586 ASN1_item_ex_free(&vtmp,
587 ASN1_ITEM_ptr(tt->item));
588 }
589 }
590
591 if (!*val) {
592 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
593 ERR_R_MALLOC_FAILURE);
594 goto err;
595 }
596
597 /* Read as many items as we can */
598 while (len > 0) {
599 ASN1_VALUE *skfield;
600 q = p;
601 /* See if EOC found */
602 if (asn1_check_eoc(&p, len)) {
603 if (!sk_eoc) {
604 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
605 ASN1_R_UNEXPECTED_EOC);
606 goto err;
607 }
608 len -= p - q;
609 sk_eoc = 0;
610 break;
611 }
612 skfield = NULL;
613 if (!ASN1_item_ex_d2i(&skfield, &p, len,
614 ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx)) {
615 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
616 ERR_R_NESTED_ASN1_ERROR);
617 goto err;
618 }
619 len -= p - q;
620 if (!sk_ASN1_VALUE_push((STACK_OF(ASN1_VALUE) *)*val,
621 skfield)) {
622 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
623 ERR_R_MALLOC_FAILURE);
624 goto err;
625 }
626 }
627 if (sk_eoc) {
628 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
629 ASN1_R_MISSING_EOC);
630 goto err;
631 }
632 } else if (flags & ASN1_TFLG_IMPTAG) {
633 /* IMPLICIT tagging */
634 ret = ASN1_item_ex_d2i(val, &p, len,
635 ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, ctx);
636 if (!ret) {
637 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
638 ERR_R_NESTED_ASN1_ERROR);
639 goto err;
640 } else if (ret == -1)
641 return -1;
642 } else {
643 /* Nothing special */
644 ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
645 -1, 0, opt, ctx);
646 if (!ret) {
647 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
648 ERR_R_NESTED_ASN1_ERROR);
649 goto err;
650 } else if (ret == -1)
651 return -1;
652 }
653
654 *in = p;
655 return 1;
656
657err:
658 ASN1_template_free(val, tt);
659 return 0;
660}
661
662static int
663asn1_d2i_ex_primitive(ASN1_VALUE **pval, const unsigned char **in, long inlen,
664 const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx)
665{
666 int ret = 0, utype;
667 long plen;
668 char cst, inf, free_cont = 0;
669 const unsigned char *p;
670 BUF_MEM buf;
671 const unsigned char *cont = NULL;
672 long len;
673
674 if (!pval) {
675 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_NULL);
676 return 0; /* Should never happen */
677 }
678
679 if (it->itype == ASN1_ITYPE_MSTRING) {
680 utype = tag;
681 tag = -1;
682 } else
683 utype = it->utype;
684
685 if (utype == V_ASN1_ANY) {
686 /* If type is ANY need to figure out type from tag */
687 unsigned char oclass;
688 if (tag >= 0) {
689 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
690 ASN1_R_ILLEGAL_TAGGED_ANY);
691 return 0;
692 }
693 if (opt) {
694 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
695 ASN1_R_ILLEGAL_OPTIONAL_ANY);
696 return 0;
697 }
698 p = *in;
699 ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL,
700 &p, inlen, -1, 0, 0, ctx);
701 if (!ret) {
702 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
703 ERR_R_NESTED_ASN1_ERROR);
704 return 0;
705 }
706 if (oclass != V_ASN1_UNIVERSAL)
707 utype = V_ASN1_OTHER;
708 }
709 if (tag == -1) {
710 tag = utype;
711 aclass = V_ASN1_UNIVERSAL;
712 }
713 p = *in;
714 /* Check header */
715 ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst,
716 &p, inlen, tag, aclass, opt, ctx);
717 if (!ret) {
718 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR);
719 return 0;
720 } else if (ret == -1)
721 return -1;
722 ret = 0;
723 /* SEQUENCE, SET and "OTHER" are left in encoded form */
724 if ((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) ||
725 (utype == V_ASN1_OTHER)) {
726 /* Clear context cache for type OTHER because the auto clear
727 * when we have a exact match wont work
728 */
729 if (utype == V_ASN1_OTHER) {
730 asn1_tlc_clear(ctx);
731 }
732 /* SEQUENCE and SET must be constructed */
733 else if (!cst) {
734 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
735 ASN1_R_TYPE_NOT_CONSTRUCTED);
736 return 0;
737 }
738
739 cont = *in;
740 /* If indefinite length constructed find the real end */
741 if (inf) {
742 if (!asn1_find_end(&p, plen, inf))
743 goto err;
744 len = p - cont;
745 } else {
746 len = p - cont + plen;
747 p += plen;
748 buf.data = NULL;
749 }
750 } else if (cst) {
751 buf.length = 0;
752 buf.max = 0;
753 buf.data = NULL;
754 /* Should really check the internal tags are correct but
755 * some things may get this wrong. The relevant specs
756 * say that constructed string types should be OCTET STRINGs
757 * internally irrespective of the type. So instead just check
758 * for UNIVERSAL class and ignore the tag.
759 */
760 if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL, 0)) {
761 free_cont = 1;
762 goto err;
763 }
764 len = buf.length;
765 /* Append a final null to string */
766 if (!BUF_MEM_grow_clean(&buf, len + 1)) {
767 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
768 ERR_R_MALLOC_FAILURE);
769 return 0;
770 }
771 buf.data[len] = 0;
772 cont = (const unsigned char *)buf.data;
773 free_cont = 1;
774 } else {
775 cont = p;
776 len = plen;
777 p += plen;
778 }
779
780 /* We now have content length and type: translate into a structure */
781 if (!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it))
782 goto err;
783
784 *in = p;
785 ret = 1;
786
787err:
788 if (free_cont && buf.data)
789 free(buf.data);
790 return ret;
791}
792
793/* Translate ASN1 content octets into a structure */
794
795int
796asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype,
797 char *free_cont, const ASN1_ITEM *it)
798{
799 ASN1_VALUE **opval = NULL;
800 ASN1_STRING *stmp;
801 ASN1_TYPE *typ = NULL;
802 int ret = 0;
803 const ASN1_PRIMITIVE_FUNCS *pf;
804 ASN1_INTEGER **tint;
805
806 pf = it->funcs;
807
808 if (pf && pf->prim_c2i)
809 return pf->prim_c2i(pval, cont, len, utype, free_cont, it);
810 /* If ANY type clear type and set pointer to internal value */
811 if (it->utype == V_ASN1_ANY) {
812 if (!*pval) {
813 typ = ASN1_TYPE_new();
814 if (typ == NULL)
815 goto err;
816 *pval = (ASN1_VALUE *)typ;
817 } else
818 typ = (ASN1_TYPE *)*pval;
819
820 if (utype != typ->type)
821 ASN1_TYPE_set(typ, utype, NULL);
822 opval = pval;
823 pval = &typ->value.asn1_value;
824 }
825 switch (utype) {
826 case V_ASN1_OBJECT:
827 if (!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len))
828 goto err;
829 break;
830
831 case V_ASN1_NULL:
832 if (len) {
833 ASN1err(ASN1_F_ASN1_EX_C2I,
834 ASN1_R_NULL_IS_WRONG_LENGTH);
835 goto err;
836 }
837 *pval = (ASN1_VALUE *)1;
838 break;
839
840 case V_ASN1_BOOLEAN:
841 if (len != 1) {
842 ASN1err(ASN1_F_ASN1_EX_C2I,
843 ASN1_R_BOOLEAN_IS_WRONG_LENGTH);
844 goto err;
845 } else {
846 ASN1_BOOLEAN *tbool;
847 tbool = (ASN1_BOOLEAN *)pval;
848 *tbool = *cont;
849 }
850 break;
851
852 case V_ASN1_BIT_STRING:
853 if (!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len))
854 goto err;
855 break;
856
857 case V_ASN1_INTEGER:
858 case V_ASN1_NEG_INTEGER:
859 case V_ASN1_ENUMERATED:
860 case V_ASN1_NEG_ENUMERATED:
861 tint = (ASN1_INTEGER **)pval;
862 if (!c2i_ASN1_INTEGER(tint, &cont, len))
863 goto err;
864 /* Fixup type to match the expected form */
865 (*tint)->type = utype | ((*tint)->type & V_ASN1_NEG);
866 break;
867
868 case V_ASN1_OCTET_STRING:
869 case V_ASN1_NUMERICSTRING:
870 case V_ASN1_PRINTABLESTRING:
871 case V_ASN1_T61STRING:
872 case V_ASN1_VIDEOTEXSTRING:
873 case V_ASN1_IA5STRING:
874 case V_ASN1_UTCTIME:
875 case V_ASN1_GENERALIZEDTIME:
876 case V_ASN1_GRAPHICSTRING:
877 case V_ASN1_VISIBLESTRING:
878 case V_ASN1_GENERALSTRING:
879 case V_ASN1_UNIVERSALSTRING:
880 case V_ASN1_BMPSTRING:
881 case V_ASN1_UTF8STRING:
882 case V_ASN1_OTHER:
883 case V_ASN1_SET:
884 case V_ASN1_SEQUENCE:
885 default:
886 if (utype == V_ASN1_BMPSTRING && (len & 1)) {
887 ASN1err(ASN1_F_ASN1_EX_C2I,
888 ASN1_R_BMPSTRING_IS_WRONG_LENGTH);
889 goto err;
890 }
891 if (utype == V_ASN1_UNIVERSALSTRING && (len & 3)) {
892 ASN1err(ASN1_F_ASN1_EX_C2I,
893 ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH);
894 goto err;
895 }
896 /* All based on ASN1_STRING and handled the same */
897 if (!*pval) {
898 stmp = ASN1_STRING_type_new(utype);
899 if (!stmp) {
900 ASN1err(ASN1_F_ASN1_EX_C2I,
901 ERR_R_MALLOC_FAILURE);
902 goto err;
903 }
904 *pval = (ASN1_VALUE *)stmp;
905 } else {
906 stmp = (ASN1_STRING *)*pval;
907 stmp->type = utype;
908 }
909 /* If we've already allocated a buffer use it */
910 if (*free_cont) {
911 free(stmp->data);
912 stmp->data = (unsigned char *)cont; /* UGLY CAST! RL */
913 stmp->length = len;
914 *free_cont = 0;
915 } else {
916 if (!ASN1_STRING_set(stmp, cont, len)) {
917 ASN1err(ASN1_F_ASN1_EX_C2I,
918 ERR_R_MALLOC_FAILURE);
919 ASN1_STRING_free(stmp);
920 *pval = NULL;
921 goto err;
922 }
923 }
924 break;
925 }
926 /* If ASN1_ANY and NULL type fix up value */
927 if (typ && (utype == V_ASN1_NULL))
928 typ->value.ptr = NULL;
929
930 ret = 1;
931
932err:
933 if (!ret) {
934 ASN1_TYPE_free(typ);
935 if (opval)
936 *opval = NULL;
937 }
938 return ret;
939}
940
941
942/* This function finds the end of an ASN1 structure when passed its maximum
943 * length, whether it is indefinite length and a pointer to the content.
944 * This is more efficient than calling asn1_collect because it does not
945 * recurse on each indefinite length header.
946 */
947
948static int
949asn1_find_end(const unsigned char **in, long len, char inf)
950{
951 int expected_eoc;
952 long plen;
953 const unsigned char *p = *in, *q;
954
955 /* If not indefinite length constructed just add length */
956 if (inf == 0) {
957 *in += len;
958 return 1;
959 }
960 expected_eoc = 1;
961 /* Indefinite length constructed form. Find the end when enough EOCs
962 * are found. If more indefinite length constructed headers
963 * are encountered increment the expected eoc count otherwise just
964 * skip to the end of the data.
965 */
966 while (len > 0) {
967 if (asn1_check_eoc(&p, len)) {
968 expected_eoc--;
969 if (expected_eoc == 0)
970 break;
971 len -= 2;
972 continue;
973 }
974 q = p;
975 /* Just read in a header: only care about the length */
976 if (!asn1_check_tlen(&plen, NULL, NULL, &inf, NULL, &p, len,
977 -1, 0, 0, NULL)) {
978 ASN1err(ASN1_F_ASN1_FIND_END, ERR_R_NESTED_ASN1_ERROR);
979 return 0;
980 }
981 if (inf)
982 expected_eoc++;
983 else
984 p += plen;
985 len -= p - q;
986 }
987 if (expected_eoc) {
988 ASN1err(ASN1_F_ASN1_FIND_END, ASN1_R_MISSING_EOC);
989 return 0;
990 }
991 *in = p;
992 return 1;
993}
994/* This function collects the asn1 data from a constructred string
995 * type into a buffer. The values of 'in' and 'len' should refer
996 * to the contents of the constructed type and 'inf' should be set
997 * if it is indefinite length.
998 */
999
1000#ifndef ASN1_MAX_STRING_NEST
1001/* This determines how many levels of recursion are permitted in ASN1
1002 * string types. If it is not limited stack overflows can occur. If set
1003 * to zero no recursion is allowed at all. Although zero should be adequate
1004 * examples exist that require a value of 1. So 5 should be more than enough.
1005 */
1006#define ASN1_MAX_STRING_NEST 5
1007#endif
1008
1009static int
1010asn1_collect(BUF_MEM *buf, const unsigned char **in, long len, char inf,
1011 int tag, int aclass, int depth)
1012{
1013 const unsigned char *p, *q;
1014 long plen;
1015 char cst, ininf;
1016
1017 p = *in;
1018 inf &= 1;
1019 /* If no buffer and not indefinite length constructed just pass over
1020 * the encoded data */
1021 if (!buf && !inf) {
1022 *in += len;
1023 return 1;
1024 }
1025 while (len > 0) {
1026 q = p;
1027 /* Check for EOC */
1028 if (asn1_check_eoc(&p, len)) {
1029 /* EOC is illegal outside indefinite length
1030 * constructed form */
1031 if (!inf) {
1032 ASN1err(ASN1_F_ASN1_COLLECT,
1033 ASN1_R_UNEXPECTED_EOC);
1034 return 0;
1035 }
1036 inf = 0;
1037 break;
1038 }
1039
1040 if (!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p,
1041 len, tag, aclass, 0, NULL)) {
1042 ASN1err(ASN1_F_ASN1_COLLECT, ERR_R_NESTED_ASN1_ERROR);
1043 return 0;
1044 }
1045
1046 /* If indefinite length constructed update max length */
1047 if (cst) {
1048 if (depth >= ASN1_MAX_STRING_NEST) {
1049 ASN1err(ASN1_F_ASN1_COLLECT,
1050 ASN1_R_NESTED_ASN1_STRING);
1051 return 0;
1052 }
1053 if (!asn1_collect(buf, &p, plen, ininf, tag, aclass,
1054 depth + 1))
1055 return 0;
1056 } else if (plen && !collect_data(buf, &p, plen))
1057 return 0;
1058 len -= p - q;
1059 }
1060 if (inf) {
1061 ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_MISSING_EOC);
1062 return 0;
1063 }
1064 *in = p;
1065 return 1;
1066}
1067
1068static int
1069collect_data(BUF_MEM *buf, const unsigned char **p, long plen)
1070{
1071 int len;
1072 if (buf) {
1073 len = buf->length;
1074 if (!BUF_MEM_grow_clean(buf, len + plen)) {
1075 ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE);
1076 return 0;
1077 }
1078 memcpy(buf->data + len, *p, plen);
1079 }
1080 *p += plen;
1081 return 1;
1082}
1083
1084/* Check for ASN1 EOC and swallow it if found */
1085
1086static int
1087asn1_check_eoc(const unsigned char **in, long len)
1088{
1089 const unsigned char *p;
1090
1091 if (len < 2)
1092 return 0;
1093 p = *in;
1094 if (!p[0] && !p[1]) {
1095 *in += 2;
1096 return 1;
1097 }
1098 return 0;
1099}
1100
1101/* Check an ASN1 tag and length: a bit like ASN1_get_object
1102 * but it sets the length for indefinite length constructed
1103 * form, we don't know the exact length but we can set an
1104 * upper bound to the amount of data available minus the
1105 * header length just read.
1106 */
1107
1108static int
1109asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf,
1110 char *cst, const unsigned char **in, long len, int exptag, int expclass,
1111 char opt, ASN1_TLC *ctx)
1112{
1113 int i;
1114 int ptag, pclass;
1115 long plen;
1116 const unsigned char *p, *q;
1117
1118 p = *in;
1119 q = p;
1120
1121 if (ctx && ctx->valid) {
1122 i = ctx->ret;
1123 plen = ctx->plen;
1124 pclass = ctx->pclass;
1125 ptag = ctx->ptag;
1126 p += ctx->hdrlen;
1127 } else {
1128 i = ASN1_get_object(&p, &plen, &ptag, &pclass, len);
1129 if (ctx) {
1130 ctx->ret = i;
1131 ctx->plen = plen;
1132 ctx->pclass = pclass;
1133 ctx->ptag = ptag;
1134 ctx->hdrlen = p - q;
1135 ctx->valid = 1;
1136 /* If definite length, and no error, length +
1137 * header can't exceed total amount of data available.
1138 */
1139 if (!(i & 0x81) && ((plen + ctx->hdrlen) > len)) {
1140 ASN1err(ASN1_F_ASN1_CHECK_TLEN,
1141 ASN1_R_TOO_LONG);
1142 asn1_tlc_clear(ctx);
1143 return 0;
1144 }
1145 }
1146 }
1147
1148 if (i & 0x80) {
1149 ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_BAD_OBJECT_HEADER);
1150 asn1_tlc_clear(ctx);
1151 return 0;
1152 }
1153 if (exptag >= 0) {
1154 if ((exptag != ptag) || (expclass != pclass)) {
1155 /* If type is OPTIONAL, not an error:
1156 * indicate missing type.
1157 */
1158 if (opt)
1159 return -1;
1160 asn1_tlc_clear(ctx);
1161 ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_WRONG_TAG);
1162 return 0;
1163 }
1164 /* We have a tag and class match:
1165 * assume we are going to do something with it */
1166 asn1_tlc_clear(ctx);
1167 }
1168
1169 if (i & 1)
1170 plen = len - (p - q);
1171 if (inf)
1172 *inf = i & 1;
1173 if (cst)
1174 *cst = i & V_ASN1_CONSTRUCTED;
1175 if (olen)
1176 *olen = plen;
1177 if (oclass)
1178 *oclass = pclass;
1179 if (otag)
1180 *otag = ptag;
1181
1182 *in = p;
1183 return 1;
1184}
diff --git a/src/lib/libcrypto/asn1/tasn_enc.c b/src/lib/libcrypto/asn1/tasn_enc.c
deleted file mode 100644
index c59033e54d..0000000000
--- a/src/lib/libcrypto/asn1/tasn_enc.c
+++ /dev/null
@@ -1,654 +0,0 @@
1/* $OpenBSD: tasn_enc.c,v 1.16 2015/02/14 15:23:57 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stddef.h>
60#include <string.h>
61
62#include <openssl/asn1.h>
63#include <openssl/asn1t.h>
64#include <openssl/objects.h>
65
66static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
67 const ASN1_ITEM *it, int tag, int aclass);
68static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
69 int skcontlen, const ASN1_ITEM *item, int do_sort, int iclass);
70static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
71 const ASN1_TEMPLATE *tt, int tag, int aclass);
72static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out,
73 const ASN1_ITEM *it, int flags);
74static int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
75 const ASN1_ITEM *it);
76
77/* Top level i2d equivalents: the 'ndef' variant instructs the encoder
78 * to use indefinite length constructed encoding, where appropriate
79 */
80
81int
82ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it)
83{
84 return asn1_item_flags_i2d(val, out, it, ASN1_TFLG_NDEF);
85}
86
87int
88ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it)
89{
90 return asn1_item_flags_i2d(val, out, it, 0);
91}
92
93/* Encode an ASN1 item, this is use by the
94 * standard 'i2d' function. 'out' points to
95 * a buffer to output the data to.
96 *
97 * The new i2d has one additional feature. If the output
98 * buffer is NULL (i.e. *out == NULL) then a buffer is
99 * allocated and populated with the encoding.
100 */
101
102static int
103asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it,
104 int flags)
105{
106 if (out && !*out) {
107 unsigned char *p, *buf;
108 int len;
109 len = ASN1_item_ex_i2d(&val, NULL, it, -1, flags);
110 if (len <= 0)
111 return len;
112 buf = malloc(len);
113 if (!buf)
114 return -1;
115 p = buf;
116 ASN1_item_ex_i2d(&val, &p, it, -1, flags);
117 *out = buf;
118 return len;
119 }
120
121 return ASN1_item_ex_i2d(&val, out, it, -1, flags);
122}
123
124/* Encode an item, taking care of IMPLICIT tagging (if any).
125 * This function performs the normal item handling: it can be
126 * used in external types.
127 */
128
129int
130ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it,
131 int tag, int aclass)
132{
133 const ASN1_TEMPLATE *tt = NULL;
134 int i, seqcontlen, seqlen, ndef = 1;
135 const ASN1_EXTERN_FUNCS *ef;
136 const ASN1_AUX *aux = it->funcs;
137 ASN1_aux_cb *asn1_cb = 0;
138
139 if ((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval)
140 return 0;
141
142 if (aux && aux->asn1_cb)
143 asn1_cb = aux->asn1_cb;
144
145 switch (it->itype) {
146
147 case ASN1_ITYPE_PRIMITIVE:
148 if (it->templates)
149 return asn1_template_ex_i2d(pval, out, it->templates,
150 tag, aclass);
151 return asn1_i2d_ex_primitive(pval, out, it, tag, aclass);
152 break;
153
154 case ASN1_ITYPE_MSTRING:
155 return asn1_i2d_ex_primitive(pval, out, it, -1, aclass);
156
157 case ASN1_ITYPE_CHOICE:
158 if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
159 return 0;
160 i = asn1_get_choice_selector(pval, it);
161 if ((i >= 0) && (i < it->tcount)) {
162 ASN1_VALUE **pchval;
163 const ASN1_TEMPLATE *chtt;
164 chtt = it->templates + i;
165 pchval = asn1_get_field_ptr(pval, chtt);
166 return asn1_template_ex_i2d(pchval, out, chtt,
167 -1, aclass);
168 }
169 /* Fixme: error condition if selector out of range */
170 if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL))
171 return 0;
172 break;
173
174 case ASN1_ITYPE_EXTERN:
175 /* If new style i2d it does all the work */
176 ef = it->funcs;
177 return ef->asn1_ex_i2d(pval, out, it, tag, aclass);
178
179 case ASN1_ITYPE_NDEF_SEQUENCE:
180 /* Use indefinite length constructed if requested */
181 if (aclass & ASN1_TFLG_NDEF)
182 ndef = 2;
183 /* fall through */
184
185 case ASN1_ITYPE_SEQUENCE:
186 i = asn1_enc_restore(&seqcontlen, out, pval, it);
187 /* An error occurred */
188 if (i < 0)
189 return 0;
190 /* We have a valid cached encoding... */
191 if (i > 0)
192 return seqcontlen;
193 /* Otherwise carry on */
194 seqcontlen = 0;
195 /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
196 if (tag == -1) {
197 tag = V_ASN1_SEQUENCE;
198 /* Retain any other flags in aclass */
199 aclass = (aclass & ~ASN1_TFLG_TAG_CLASS) |
200 V_ASN1_UNIVERSAL;
201 }
202 if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it, NULL))
203 return 0;
204 /* First work out sequence content length */
205 for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
206 const ASN1_TEMPLATE *seqtt;
207 ASN1_VALUE **pseqval;
208 seqtt = asn1_do_adb(pval, tt, 1);
209 if (!seqtt)
210 return 0;
211 pseqval = asn1_get_field_ptr(pval, seqtt);
212 /* FIXME: check for errors in enhanced version */
213 seqcontlen += asn1_template_ex_i2d(pseqval, NULL, seqtt,
214 -1, aclass);
215 }
216
217 seqlen = ASN1_object_size(ndef, seqcontlen, tag);
218 if (!out)
219 return seqlen;
220 /* Output SEQUENCE header */
221 ASN1_put_object(out, ndef, seqcontlen, tag, aclass);
222 for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
223 const ASN1_TEMPLATE *seqtt;
224 ASN1_VALUE **pseqval;
225 seqtt = asn1_do_adb(pval, tt, 1);
226 if (!seqtt)
227 return 0;
228 pseqval = asn1_get_field_ptr(pval, seqtt);
229 /* FIXME: check for errors in enhanced version */
230 asn1_template_ex_i2d(pseqval, out, seqtt, -1, aclass);
231 }
232 if (ndef == 2)
233 ASN1_put_eoc(out);
234 if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it, NULL))
235 return 0;
236 return seqlen;
237
238 default:
239 return 0;
240
241 }
242 return 0;
243}
244
245int
246ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out,
247 const ASN1_TEMPLATE *tt)
248{
249 return asn1_template_ex_i2d(pval, out, tt, -1, 0);
250}
251
252static int
253asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
254 const ASN1_TEMPLATE *tt, int tag, int iclass)
255{
256 int i, ret, flags, ttag, tclass, ndef;
257 flags = tt->flags;
258 /* Work out tag and class to use: tagging may come
259 * either from the template or the arguments, not both
260 * because this would create ambiguity. Additionally
261 * the iclass argument may contain some additional flags
262 * which should be noted and passed down to other levels.
263 */
264 if (flags & ASN1_TFLG_TAG_MASK) {
265 /* Error if argument and template tagging */
266 if (tag != -1)
267 /* FIXME: error code here */
268 return -1;
269 /* Get tagging from template */
270 ttag = tt->tag;
271 tclass = flags & ASN1_TFLG_TAG_CLASS;
272 } else if (tag != -1) {
273 /* No template tagging, get from arguments */
274 ttag = tag;
275 tclass = iclass & ASN1_TFLG_TAG_CLASS;
276 } else {
277 ttag = -1;
278 tclass = 0;
279 }
280 /*
281 * Remove any class mask from iflag.
282 */
283 iclass &= ~ASN1_TFLG_TAG_CLASS;
284
285 /* At this point 'ttag' contains the outer tag to use,
286 * 'tclass' is the class and iclass is any flags passed
287 * to this function.
288 */
289
290 /* if template and arguments require ndef, use it */
291 if ((flags & ASN1_TFLG_NDEF) && (iclass & ASN1_TFLG_NDEF))
292 ndef = 2;
293 else
294 ndef = 1;
295
296 if (flags & ASN1_TFLG_SK_MASK) {
297 /* SET OF, SEQUENCE OF */
298 STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
299 int isset, sktag, skaclass;
300 int skcontlen, sklen;
301 ASN1_VALUE *skitem;
302
303 if (!*pval)
304 return 0;
305
306 if (flags & ASN1_TFLG_SET_OF) {
307 isset = 1;
308 /* 2 means we reorder */
309 if (flags & ASN1_TFLG_SEQUENCE_OF)
310 isset = 2;
311 } else
312 isset = 0;
313
314 /* Work out inner tag value: if EXPLICIT
315 * or no tagging use underlying type.
316 */
317 if ((ttag != -1) && !(flags & ASN1_TFLG_EXPTAG)) {
318 sktag = ttag;
319 skaclass = tclass;
320 } else {
321 skaclass = V_ASN1_UNIVERSAL;
322 if (isset)
323 sktag = V_ASN1_SET;
324 else
325 sktag = V_ASN1_SEQUENCE;
326 }
327
328 /* Determine total length of items */
329 skcontlen = 0;
330 for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
331 skitem = sk_ASN1_VALUE_value(sk, i);
332 skcontlen += ASN1_item_ex_i2d(&skitem, NULL,
333 ASN1_ITEM_ptr(tt->item), -1, iclass);
334 }
335 sklen = ASN1_object_size(ndef, skcontlen, sktag);
336 /* If EXPLICIT need length of surrounding tag */
337 if (flags & ASN1_TFLG_EXPTAG)
338 ret = ASN1_object_size(ndef, sklen, ttag);
339 else
340 ret = sklen;
341
342 if (!out)
343 return ret;
344
345 /* Now encode this lot... */
346 /* EXPLICIT tag */
347 if (flags & ASN1_TFLG_EXPTAG)
348 ASN1_put_object(out, ndef, sklen, ttag, tclass);
349 /* SET or SEQUENCE and IMPLICIT tag */
350 ASN1_put_object(out, ndef, skcontlen, sktag, skaclass);
351 /* And the stuff itself */
352 asn1_set_seq_out(sk, out, skcontlen, ASN1_ITEM_ptr(tt->item),
353 isset, iclass);
354 if (ndef == 2) {
355 ASN1_put_eoc(out);
356 if (flags & ASN1_TFLG_EXPTAG)
357 ASN1_put_eoc(out);
358 }
359
360 return ret;
361 }
362
363 if (flags & ASN1_TFLG_EXPTAG) {
364 /* EXPLICIT tagging */
365 /* Find length of tagged item */
366 i = ASN1_item_ex_i2d(pval, NULL, ASN1_ITEM_ptr(tt->item),
367 -1, iclass);
368 if (!i)
369 return 0;
370 /* Find length of EXPLICIT tag */
371 ret = ASN1_object_size(ndef, i, ttag);
372 if (out) {
373 /* Output tag and item */
374 ASN1_put_object(out, ndef, i, ttag, tclass);
375 ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item),
376 -1, iclass);
377 if (ndef == 2)
378 ASN1_put_eoc(out);
379 }
380 return ret;
381 }
382
383 /* Either normal or IMPLICIT tagging: combine class and flags */
384 return ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item),
385 ttag, tclass | iclass);
386}
387
388/* Temporary structure used to hold DER encoding of items for SET OF */
389
390typedef struct {
391 unsigned char *data;
392 int length;
393 ASN1_VALUE *field;
394} DER_ENC;
395
396static int
397der_cmp(const void *a, const void *b)
398{
399 const DER_ENC *d1 = a, *d2 = b;
400 int cmplen, i;
401
402 cmplen = (d1->length < d2->length) ? d1->length : d2->length;
403 i = memcmp(d1->data, d2->data, cmplen);
404 if (i)
405 return i;
406 return d1->length - d2->length;
407}
408
409/* Output the content octets of SET OF or SEQUENCE OF */
410
411static int
412asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, int skcontlen,
413 const ASN1_ITEM *item, int do_sort, int iclass)
414{
415 int i;
416 ASN1_VALUE *skitem;
417 unsigned char *tmpdat = NULL, *p = NULL;
418 DER_ENC *derlst = NULL, *tder;
419
420 if (do_sort) {
421 /* Don't need to sort less than 2 items */
422 if (sk_ASN1_VALUE_num(sk) < 2)
423 do_sort = 0;
424 else {
425 derlst = reallocarray(NULL, sk_ASN1_VALUE_num(sk),
426 sizeof(*derlst));
427 tmpdat = malloc(skcontlen);
428 if (!derlst || !tmpdat) {
429 free(derlst);
430 free(tmpdat);
431 return 0;
432 }
433 }
434 }
435 /* If not sorting just output each item */
436 if (!do_sort) {
437 for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
438 skitem = sk_ASN1_VALUE_value(sk, i);
439 ASN1_item_ex_i2d(&skitem, out, item, -1, iclass);
440 }
441 return 1;
442 }
443 p = tmpdat;
444
445 /* Doing sort: build up a list of each member's DER encoding */
446 for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
447 skitem = sk_ASN1_VALUE_value(sk, i);
448 tder->data = p;
449 tder->length = ASN1_item_ex_i2d(&skitem, &p, item, -1, iclass);
450 tder->field = skitem;
451 }
452
453 /* Now sort them */
454 qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp);
455 /* Output sorted DER encoding */
456 p = *out;
457 for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
458 memcpy(p, tder->data, tder->length);
459 p += tder->length;
460 }
461 *out = p;
462 /* If do_sort is 2 then reorder the STACK */
463 if (do_sort == 2) {
464 for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++)
465 (void)sk_ASN1_VALUE_set(sk, i, tder->field);
466 }
467 free(derlst);
468 free(tmpdat);
469 return 1;
470}
471
472static int
473asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
474 const ASN1_ITEM *it, int tag, int aclass)
475{
476 int len;
477 int utype;
478 int usetag;
479 int ndef = 0;
480
481 utype = it->utype;
482
483 /* Get length of content octets and maybe find
484 * out the underlying type.
485 */
486
487 len = asn1_ex_i2c(pval, NULL, &utype, it);
488
489 /* If SEQUENCE, SET or OTHER then header is
490 * included in pseudo content octets so don't
491 * include tag+length. We need to check here
492 * because the call to asn1_ex_i2c() could change
493 * utype.
494 */
495 if ((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) ||
496 (utype == V_ASN1_OTHER))
497 usetag = 0;
498 else
499 usetag = 1;
500
501 /* -1 means omit type */
502 if (len == -1)
503 return 0;
504
505 /* -2 return is special meaning use ndef */
506 if (len == -2) {
507 ndef = 2;
508 len = 0;
509 }
510
511 /* If not implicitly tagged get tag from underlying type */
512 if (tag == -1)
513 tag = utype;
514
515 /* Output tag+length followed by content octets */
516 if (out) {
517 if (usetag)
518 ASN1_put_object(out, ndef, len, tag, aclass);
519 asn1_ex_i2c(pval, *out, &utype, it);
520 if (ndef)
521 ASN1_put_eoc(out);
522 else
523 *out += len;
524 }
525
526 if (usetag)
527 return ASN1_object_size(ndef, len, tag);
528 return len;
529}
530
531/* Produce content octets from a structure */
532
533static int
534asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
535 const ASN1_ITEM *it)
536{
537 ASN1_BOOLEAN *tbool = NULL;
538 ASN1_STRING *strtmp;
539 ASN1_OBJECT *otmp;
540 int utype;
541 const unsigned char *cont;
542 unsigned char c;
543 int len;
544 const ASN1_PRIMITIVE_FUNCS *pf;
545
546 pf = it->funcs;
547 if (pf && pf->prim_i2c)
548 return pf->prim_i2c(pval, cout, putype, it);
549
550 /* Should type be omitted? */
551 if ((it->itype != ASN1_ITYPE_PRIMITIVE) ||
552 (it->utype != V_ASN1_BOOLEAN)) {
553 if (!*pval)
554 return -1;
555 }
556
557 if (it->itype == ASN1_ITYPE_MSTRING) {
558 /* If MSTRING type set the underlying type */
559 strtmp = (ASN1_STRING *)*pval;
560 utype = strtmp->type;
561 *putype = utype;
562 } else if (it->utype == V_ASN1_ANY) {
563 /* If ANY set type and pointer to value */
564 ASN1_TYPE *typ;
565 typ = (ASN1_TYPE *)*pval;
566 utype = typ->type;
567 *putype = utype;
568 pval = &typ->value.asn1_value;
569 } else
570 utype = *putype;
571
572 switch (utype) {
573 case V_ASN1_OBJECT:
574 otmp = (ASN1_OBJECT *)*pval;
575 cont = otmp->data;
576 len = otmp->length;
577 break;
578
579 case V_ASN1_NULL:
580 cont = NULL;
581 len = 0;
582 break;
583
584 case V_ASN1_BOOLEAN:
585 tbool = (ASN1_BOOLEAN *)pval;
586 if (*tbool == -1)
587 return -1;
588 if (it->utype != V_ASN1_ANY) {
589 /* Default handling if value == size field then omit */
590 if (*tbool && (it->size > 0))
591 return -1;
592 if (!*tbool && !it->size)
593 return -1;
594 }
595 c = (unsigned char)*tbool;
596 cont = &c;
597 len = 1;
598 break;
599
600 case V_ASN1_BIT_STRING:
601 return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval,
602 cout ? &cout : NULL);
603 break;
604
605 case V_ASN1_INTEGER:
606 case V_ASN1_NEG_INTEGER:
607 case V_ASN1_ENUMERATED:
608 case V_ASN1_NEG_ENUMERATED:
609 /* These are all have the same content format
610 * as ASN1_INTEGER
611 */
612 return i2c_ASN1_INTEGER((ASN1_INTEGER *)*pval,
613 cout ? &cout : NULL);
614 break;
615
616 case V_ASN1_OCTET_STRING:
617 case V_ASN1_NUMERICSTRING:
618 case V_ASN1_PRINTABLESTRING:
619 case V_ASN1_T61STRING:
620 case V_ASN1_VIDEOTEXSTRING:
621 case V_ASN1_IA5STRING:
622 case V_ASN1_UTCTIME:
623 case V_ASN1_GENERALIZEDTIME:
624 case V_ASN1_GRAPHICSTRING:
625 case V_ASN1_VISIBLESTRING:
626 case V_ASN1_GENERALSTRING:
627 case V_ASN1_UNIVERSALSTRING:
628 case V_ASN1_BMPSTRING:
629 case V_ASN1_UTF8STRING:
630 case V_ASN1_SEQUENCE:
631 case V_ASN1_SET:
632 default:
633 /* All based on ASN1_STRING and handled the same */
634 strtmp = (ASN1_STRING *)*pval;
635 /* Special handling for NDEF */
636 if ((it->size == ASN1_TFLG_NDEF) &&
637 (strtmp->flags & ASN1_STRING_FLAG_NDEF)) {
638 if (cout) {
639 strtmp->data = cout;
640 strtmp->length = 0;
641 }
642 /* Special return code */
643 return -2;
644 }
645 cont = strtmp->data;
646 len = strtmp->length;
647
648 break;
649
650 }
651 if (cout && len)
652 memcpy(cout, cont, len);
653 return len;
654}
diff --git a/src/lib/libcrypto/asn1/tasn_fre.c b/src/lib/libcrypto/asn1/tasn_fre.c
deleted file mode 100644
index 30d68786b1..0000000000
--- a/src/lib/libcrypto/asn1/tasn_fre.c
+++ /dev/null
@@ -1,243 +0,0 @@
1/* $OpenBSD: tasn_fre.c,v 1.14 2015/02/14 15:23:57 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59
60#include <stddef.h>
61#include <openssl/asn1.h>
62#include <openssl/asn1t.h>
63#include <openssl/objects.h>
64
65static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it,
66 int combine);
67
68/* Free up an ASN1 structure */
69
70void
71ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it)
72{
73 asn1_item_combine_free(&val, it, 0);
74}
75
76void
77ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
78{
79 asn1_item_combine_free(pval, it, 0);
80}
81
82static void
83asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine)
84{
85 const ASN1_TEMPLATE *tt = NULL, *seqtt;
86 const ASN1_EXTERN_FUNCS *ef;
87 const ASN1_AUX *aux = it->funcs;
88 ASN1_aux_cb *asn1_cb = NULL;
89 int i;
90
91 if (pval == NULL || *pval == NULL)
92 return;
93
94 if (aux != NULL && aux->asn1_cb != NULL)
95 asn1_cb = aux->asn1_cb;
96
97 switch (it->itype) {
98 case ASN1_ITYPE_PRIMITIVE:
99 if (it->templates)
100 ASN1_template_free(pval, it->templates);
101 else
102 ASN1_primitive_free(pval, it);
103 break;
104
105 case ASN1_ITYPE_MSTRING:
106 ASN1_primitive_free(pval, it);
107 break;
108
109 case ASN1_ITYPE_CHOICE:
110 if (asn1_cb) {
111 i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL);
112 if (i == 2)
113 return;
114 }
115 i = asn1_get_choice_selector(pval, it);
116 if ((i >= 0) && (i < it->tcount)) {
117 ASN1_VALUE **pchval;
118 tt = it->templates + i;
119 pchval = asn1_get_field_ptr(pval, tt);
120 ASN1_template_free(pchval, tt);
121 }
122 if (asn1_cb)
123 asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL);
124 if (!combine) {
125 free(*pval);
126 *pval = NULL;
127 }
128 break;
129
130 case ASN1_ITYPE_EXTERN:
131 ef = it->funcs;
132 if (ef && ef->asn1_ex_free)
133 ef->asn1_ex_free(pval, it);
134 break;
135
136 case ASN1_ITYPE_NDEF_SEQUENCE:
137 case ASN1_ITYPE_SEQUENCE:
138 if (asn1_do_lock(pval, -1, it) > 0)
139 return;
140 if (asn1_cb) {
141 i = asn1_cb(ASN1_OP_FREE_PRE, pval, it, NULL);
142 if (i == 2)
143 return;
144 }
145 asn1_enc_free(pval, it);
146 /* If we free up as normal we will invalidate any
147 * ANY DEFINED BY field and we wont be able to
148 * determine the type of the field it defines. So
149 * free up in reverse order.
150 */
151 tt = it->templates + it->tcount - 1;
152 for (i = 0; i < it->tcount; tt--, i++) {
153 ASN1_VALUE **pseqval;
154 seqtt = asn1_do_adb(pval, tt, 0);
155 if (!seqtt)
156 continue;
157 pseqval = asn1_get_field_ptr(pval, seqtt);
158 ASN1_template_free(pseqval, seqtt);
159 }
160 if (asn1_cb)
161 asn1_cb(ASN1_OP_FREE_POST, pval, it, NULL);
162 if (!combine) {
163 free(*pval);
164 *pval = NULL;
165 }
166 break;
167 }
168}
169
170void
171ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
172{
173 int i;
174 if (tt->flags & ASN1_TFLG_SK_MASK) {
175 STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
176 for (i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
177 ASN1_VALUE *vtmp;
178 vtmp = sk_ASN1_VALUE_value(sk, i);
179 asn1_item_combine_free(&vtmp, ASN1_ITEM_ptr(tt->item),
180 0);
181 }
182 sk_ASN1_VALUE_free(sk);
183 *pval = NULL;
184 } else
185 asn1_item_combine_free(pval, ASN1_ITEM_ptr(tt->item),
186 tt->flags & ASN1_TFLG_COMBINE);
187}
188
189void
190ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
191{
192 int utype;
193 if (it) {
194 const ASN1_PRIMITIVE_FUNCS *pf;
195 pf = it->funcs;
196 if (pf && pf->prim_free) {
197 pf->prim_free(pval, it);
198 return;
199 }
200 }
201 /* Special case: if 'it' is NULL free contents of ASN1_TYPE */
202 if (!it) {
203 ASN1_TYPE *typ = (ASN1_TYPE *)*pval;
204 utype = typ->type;
205 pval = &typ->value.asn1_value;
206 if (!*pval)
207 return;
208 } else if (it->itype == ASN1_ITYPE_MSTRING) {
209 utype = -1;
210 if (!*pval)
211 return;
212 } else {
213 utype = it->utype;
214 if ((utype != V_ASN1_BOOLEAN) && !*pval)
215 return;
216 }
217
218 switch (utype) {
219 case V_ASN1_OBJECT:
220 ASN1_OBJECT_free((ASN1_OBJECT *)*pval);
221 break;
222
223 case V_ASN1_BOOLEAN:
224 if (it)
225 *(ASN1_BOOLEAN *)pval = it->size;
226 else
227 *(ASN1_BOOLEAN *)pval = -1;
228 return;
229
230 case V_ASN1_NULL:
231 break;
232
233 case V_ASN1_ANY:
234 ASN1_primitive_free(pval, NULL);
235 free(*pval);
236 break;
237
238 default:
239 ASN1_STRING_free((ASN1_STRING *)*pval);
240 break;
241 }
242 *pval = NULL;
243}
diff --git a/src/lib/libcrypto/asn1/tasn_new.c b/src/lib/libcrypto/asn1/tasn_new.c
deleted file mode 100644
index 986e5811b6..0000000000
--- a/src/lib/libcrypto/asn1/tasn_new.c
+++ /dev/null
@@ -1,374 +0,0 @@
1/* $OpenBSD: tasn_new.c,v 1.15 2015/07/20 15:43:23 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59
60#include <stddef.h>
61#include <openssl/asn1.h>
62#include <openssl/objects.h>
63#include <openssl/err.h>
64#include <openssl/asn1t.h>
65#include <string.h>
66
67static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
68 int combine);
69static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
70static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
71static void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
72
73ASN1_VALUE *
74ASN1_item_new(const ASN1_ITEM *it)
75{
76 ASN1_VALUE *ret = NULL;
77 if (ASN1_item_ex_new(&ret, it) > 0)
78 return ret;
79 return NULL;
80}
81
82/* Allocate an ASN1 structure */
83
84int
85ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
86{
87 return asn1_item_ex_combine_new(pval, it, 0);
88}
89
90static int
91asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine)
92{
93 const ASN1_TEMPLATE *tt = NULL;
94 const ASN1_EXTERN_FUNCS *ef;
95 const ASN1_AUX *aux = it->funcs;
96 ASN1_aux_cb *asn1_cb = NULL;
97 ASN1_VALUE **pseqval;
98 int i;
99
100 if (aux != NULL && aux->asn1_cb != NULL)
101 asn1_cb = aux->asn1_cb;
102
103 if (!combine)
104 *pval = NULL;
105
106#ifdef CRYPTO_MDEBUG
107 if (it->sname)
108 CRYPTO_push_info(it->sname);
109#endif
110
111 switch (it->itype) {
112 case ASN1_ITYPE_EXTERN:
113 ef = it->funcs;
114 if (ef && ef->asn1_ex_new) {
115 if (!ef->asn1_ex_new(pval, it))
116 goto memerr;
117 }
118 break;
119
120 case ASN1_ITYPE_PRIMITIVE:
121 if (it->templates) {
122 if (!ASN1_template_new(pval, it->templates))
123 goto memerr;
124 } else if (!ASN1_primitive_new(pval, it))
125 goto memerr;
126 break;
127
128 case ASN1_ITYPE_MSTRING:
129 if (!ASN1_primitive_new(pval, it))
130 goto memerr;
131 break;
132
133 case ASN1_ITYPE_CHOICE:
134 if (asn1_cb) {
135 i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL);
136 if (!i)
137 goto auxerr;
138 if (i == 2) {
139#ifdef CRYPTO_MDEBUG
140 if (it->sname)
141 CRYPTO_pop_info();
142#endif
143 return 1;
144 }
145 }
146 if (!combine) {
147 *pval = calloc(1, it->size);
148 if (!*pval)
149 goto memerr;
150 }
151 asn1_set_choice_selector(pval, -1, it);
152 if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL))
153 goto auxerr;
154 break;
155
156 case ASN1_ITYPE_NDEF_SEQUENCE:
157 case ASN1_ITYPE_SEQUENCE:
158 if (asn1_cb) {
159 i = asn1_cb(ASN1_OP_NEW_PRE, pval, it, NULL);
160 if (!i)
161 goto auxerr;
162 if (i == 2) {
163#ifdef CRYPTO_MDEBUG
164 if (it->sname)
165 CRYPTO_pop_info();
166#endif
167 return 1;
168 }
169 }
170 if (!combine) {
171 *pval = calloc(1, it->size);
172 if (!*pval)
173 goto memerr;
174 asn1_do_lock(pval, 0, it);
175 asn1_enc_init(pval, it);
176 }
177 for (i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
178 pseqval = asn1_get_field_ptr(pval, tt);
179 if (!ASN1_template_new(pseqval, tt))
180 goto memerr;
181 }
182 if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it, NULL))
183 goto auxerr;
184 break;
185 }
186#ifdef CRYPTO_MDEBUG
187 if (it->sname)
188 CRYPTO_pop_info();
189#endif
190 return 1;
191
192memerr:
193 ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ERR_R_MALLOC_FAILURE);
194#ifdef CRYPTO_MDEBUG
195 if (it->sname)
196 CRYPTO_pop_info();
197#endif
198 return 0;
199
200auxerr:
201 ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ASN1_R_AUX_ERROR);
202 ASN1_item_ex_free(pval, it);
203#ifdef CRYPTO_MDEBUG
204 if (it->sname)
205 CRYPTO_pop_info();
206#endif
207 return 0;
208
209}
210
211static void
212asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
213{
214 const ASN1_EXTERN_FUNCS *ef;
215
216 switch (it->itype) {
217 case ASN1_ITYPE_EXTERN:
218 ef = it->funcs;
219 if (ef && ef->asn1_ex_clear)
220 ef->asn1_ex_clear(pval, it);
221 else
222 *pval = NULL;
223 break;
224
225 case ASN1_ITYPE_PRIMITIVE:
226 if (it->templates)
227 asn1_template_clear(pval, it->templates);
228 else
229 asn1_primitive_clear(pval, it);
230 break;
231
232 case ASN1_ITYPE_MSTRING:
233 asn1_primitive_clear(pval, it);
234 break;
235
236 case ASN1_ITYPE_CHOICE:
237 case ASN1_ITYPE_SEQUENCE:
238 case ASN1_ITYPE_NDEF_SEQUENCE:
239 *pval = NULL;
240 break;
241 }
242}
243
244int
245ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
246{
247 const ASN1_ITEM *it = ASN1_ITEM_ptr(tt->item);
248 int ret;
249
250 if (tt->flags & ASN1_TFLG_OPTIONAL) {
251 asn1_template_clear(pval, tt);
252 return 1;
253 }
254 /* If ANY DEFINED BY nothing to do */
255
256 if (tt->flags & ASN1_TFLG_ADB_MASK) {
257 *pval = NULL;
258 return 1;
259 }
260#ifdef CRYPTO_MDEBUG
261 if (tt->field_name)
262 CRYPTO_push_info(tt->field_name);
263#endif
264 /* If SET OF or SEQUENCE OF, its a STACK */
265 if (tt->flags & ASN1_TFLG_SK_MASK) {
266 STACK_OF(ASN1_VALUE) *skval;
267 skval = sk_ASN1_VALUE_new_null();
268 if (!skval) {
269 ASN1err(ASN1_F_ASN1_TEMPLATE_NEW, ERR_R_MALLOC_FAILURE);
270 ret = 0;
271 goto done;
272 }
273 *pval = (ASN1_VALUE *)skval;
274 ret = 1;
275 goto done;
276 }
277 /* Otherwise pass it back to the item routine */
278 ret = asn1_item_ex_combine_new(pval, it, tt->flags & ASN1_TFLG_COMBINE);
279done:
280#ifdef CRYPTO_MDEBUG
281 if (it->sname)
282 CRYPTO_pop_info();
283#endif
284 return ret;
285}
286
287static void
288asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
289{
290 /* If ADB or STACK just NULL the field */
291 if (tt->flags & (ASN1_TFLG_ADB_MASK|ASN1_TFLG_SK_MASK))
292 *pval = NULL;
293 else
294 asn1_item_clear(pval, ASN1_ITEM_ptr(tt->item));
295}
296
297
298/* NB: could probably combine most of the real XXX_new() behaviour and junk
299 * all the old functions.
300 */
301
302int
303ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
304{
305 ASN1_TYPE *typ;
306 ASN1_STRING *str;
307 int utype;
308
309 if (it && it->funcs) {
310 const ASN1_PRIMITIVE_FUNCS *pf = it->funcs;
311 if (pf->prim_new)
312 return pf->prim_new(pval, it);
313 }
314
315 if (!it || (it->itype == ASN1_ITYPE_MSTRING))
316 utype = V_ASN1_UNDEF;
317 else
318 utype = it->utype;
319 switch (utype) {
320 case V_ASN1_OBJECT:
321 *pval = (ASN1_VALUE *)OBJ_nid2obj(NID_undef);
322 return 1;
323
324 case V_ASN1_BOOLEAN:
325 *(ASN1_BOOLEAN *)pval = it->size;
326 return 1;
327
328 case V_ASN1_NULL:
329 *pval = (ASN1_VALUE *)1;
330 return 1;
331
332 case V_ASN1_ANY:
333 typ = malloc(sizeof(ASN1_TYPE));
334 if (typ != NULL) {
335 typ->value.ptr = NULL;
336 typ->type = V_ASN1_UNDEF;
337 }
338 *pval = (ASN1_VALUE *)typ;
339 break;
340
341 default:
342 str = ASN1_STRING_type_new(utype);
343 if (it != NULL && it->itype == ASN1_ITYPE_MSTRING &&
344 str != NULL)
345 str->flags |= ASN1_STRING_FLAG_MSTRING;
346 *pval = (ASN1_VALUE *)str;
347 break;
348 }
349 if (*pval)
350 return 1;
351 return 0;
352}
353
354static void
355asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
356{
357 int utype;
358 if (it && it->funcs) {
359 const ASN1_PRIMITIVE_FUNCS *pf = it->funcs;
360 if (pf->prim_clear)
361 pf->prim_clear(pval, it);
362 else
363 *pval = NULL;
364 return;
365 }
366 if (!it || (it->itype == ASN1_ITYPE_MSTRING))
367 utype = V_ASN1_UNDEF;
368 else
369 utype = it->utype;
370 if (utype == V_ASN1_BOOLEAN)
371 *(ASN1_BOOLEAN *)pval = it->size;
372 else
373 *pval = NULL;
374}
diff --git a/src/lib/libcrypto/asn1/tasn_prn.c b/src/lib/libcrypto/asn1/tasn_prn.c
deleted file mode 100644
index c9fde96789..0000000000
--- a/src/lib/libcrypto/asn1/tasn_prn.c
+++ /dev/null
@@ -1,596 +0,0 @@
1/* $OpenBSD: tasn_prn.c,v 1.13 2015/02/14 15:15:27 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000,2005 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stddef.h>
60
61#include <openssl/asn1.h>
62#include <openssl/asn1t.h>
63#include <openssl/buffer.h>
64#include <openssl/err.h>
65#include <openssl/objects.h>
66#include <openssl/x509v3.h>
67
68#include "asn1_locl.h"
69
70/* Print routines.
71 */
72
73/* ASN1_PCTX routines */
74
75ASN1_PCTX default_pctx = {
76 ASN1_PCTX_FLAGS_SHOW_ABSENT, /* flags */
77 0, /* nm_flags */
78 0, /* cert_flags */
79 0, /* oid_flags */
80 0 /* str_flags */
81};
82
83
84ASN1_PCTX *
85ASN1_PCTX_new(void)
86{
87 ASN1_PCTX *ret;
88 ret = malloc(sizeof(ASN1_PCTX));
89 if (ret == NULL) {
90 ASN1err(ASN1_F_ASN1_PCTX_NEW, ERR_R_MALLOC_FAILURE);
91 return NULL;
92 }
93 ret->flags = 0;
94 ret->nm_flags = 0;
95 ret->cert_flags = 0;
96 ret->oid_flags = 0;
97 ret->str_flags = 0;
98 return ret;
99}
100
101void
102ASN1_PCTX_free(ASN1_PCTX *p)
103{
104 free(p);
105}
106
107unsigned long
108ASN1_PCTX_get_flags(ASN1_PCTX *p)
109{
110 return p->flags;
111}
112
113void
114ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags)
115{
116 p->flags = flags;
117}
118
119unsigned long
120ASN1_PCTX_get_nm_flags(ASN1_PCTX *p)
121{
122 return p->nm_flags;
123}
124
125void
126ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags)
127{
128 p->nm_flags = flags;
129}
130
131unsigned long
132ASN1_PCTX_get_cert_flags(ASN1_PCTX *p)
133{
134 return p->cert_flags;
135}
136
137void
138ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags)
139{
140 p->cert_flags = flags;
141}
142
143unsigned long
144ASN1_PCTX_get_oid_flags(ASN1_PCTX *p)
145{
146 return p->oid_flags;
147}
148
149void
150ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags)
151{
152 p->oid_flags = flags;
153}
154
155unsigned long
156ASN1_PCTX_get_str_flags(ASN1_PCTX *p)
157{
158 return p->str_flags;
159}
160
161void
162ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags)
163{
164 p->str_flags = flags;
165}
166
167/* Main print routines */
168
169static int asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
170 const ASN1_ITEM *it, const char *fname, const char *sname, int nohdr,
171 const ASN1_PCTX *pctx);
172
173int asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
174 const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx);
175
176static int asn1_primitive_print(BIO *out, ASN1_VALUE **fld,
177 const ASN1_ITEM *it, int indent, const char *fname, const char *sname,
178 const ASN1_PCTX *pctx);
179
180static int asn1_print_fsname(BIO *out, int indent, const char *fname,
181 const char *sname, const ASN1_PCTX *pctx);
182
183int
184ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent, const ASN1_ITEM *it,
185 const ASN1_PCTX *pctx)
186{
187 const char *sname;
188
189 if (pctx == NULL)
190 pctx = &default_pctx;
191 if (pctx->flags & ASN1_PCTX_FLAGS_NO_STRUCT_NAME)
192 sname = NULL;
193 else
194 sname = it->sname;
195 return asn1_item_print_ctx(out, &ifld, indent, it, NULL, sname,
196 0, pctx);
197}
198
199static int
200asn1_item_print_ctx(BIO *out, ASN1_VALUE **fld, int indent, const ASN1_ITEM *it,
201 const char *fname, const char *sname, int nohdr, const ASN1_PCTX *pctx)
202{
203 const ASN1_TEMPLATE *tt;
204 const ASN1_EXTERN_FUNCS *ef;
205 ASN1_VALUE **tmpfld;
206 const ASN1_AUX *aux = it->funcs;
207 ASN1_aux_cb *asn1_cb;
208 ASN1_PRINT_ARG parg;
209 int i;
210
211 if (aux && aux->asn1_cb) {
212 parg.out = out;
213 parg.indent = indent;
214 parg.pctx = pctx;
215 asn1_cb = aux->asn1_cb;
216 } else
217 asn1_cb = 0;
218
219 if (*fld == NULL) {
220 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_ABSENT) {
221 if (!nohdr &&
222 !asn1_print_fsname(out, indent, fname, sname, pctx))
223 return 0;
224 if (BIO_puts(out, "<ABSENT>\n") <= 0)
225 return 0;
226 }
227 return 1;
228 }
229
230 switch (it->itype) {
231 case ASN1_ITYPE_PRIMITIVE:
232 if (it->templates) {
233 if (!asn1_template_print_ctx(out, fld, indent,
234 it->templates, pctx))
235 return 0;
236 }
237 /* fall thru */
238 case ASN1_ITYPE_MSTRING:
239 if (!asn1_primitive_print(out, fld, it,
240 indent, fname, sname, pctx))
241 return 0;
242 break;
243
244 case ASN1_ITYPE_EXTERN:
245 if (!nohdr &&
246 !asn1_print_fsname(out, indent, fname, sname, pctx))
247 return 0;
248 /* Use new style print routine if possible */
249 ef = it->funcs;
250 if (ef && ef->asn1_ex_print) {
251 i = ef->asn1_ex_print(out, fld, indent, "", pctx);
252 if (!i)
253 return 0;
254 if ((i == 2) && (BIO_puts(out, "\n") <= 0))
255 return 0;
256 return 1;
257 } else if (sname &&
258 BIO_printf(out, ":EXTERNAL TYPE %s\n", sname) <= 0)
259 return 0;
260 break;
261
262 case ASN1_ITYPE_CHOICE:
263 /* CHOICE type, get selector */
264 i = asn1_get_choice_selector(fld, it);
265 /* This should never happen... */
266 if ((i < 0) || (i >= it->tcount)) {
267 if (BIO_printf(out,
268 "ERROR: selector [%d] invalid\n", i) <= 0)
269 return 0;
270 return 1;
271 }
272 tt = it->templates + i;
273 tmpfld = asn1_get_field_ptr(fld, tt);
274 if (!asn1_template_print_ctx(out, tmpfld, indent, tt, pctx))
275 return 0;
276 break;
277
278 case ASN1_ITYPE_SEQUENCE:
279 case ASN1_ITYPE_NDEF_SEQUENCE:
280 if (!nohdr &&
281 !asn1_print_fsname(out, indent, fname, sname, pctx))
282 return 0;
283 if (fname || sname) {
284 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
285 if (BIO_puts(out, " {\n") <= 0)
286 return 0;
287 } else {
288 if (BIO_puts(out, "\n") <= 0)
289 return 0;
290 }
291 }
292
293 if (asn1_cb) {
294 i = asn1_cb(ASN1_OP_PRINT_PRE, fld, it, &parg);
295 if (i == 0)
296 return 0;
297 if (i == 2)
298 return 1;
299 }
300
301 /* Print each field entry */
302 for (i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
303 const ASN1_TEMPLATE *seqtt;
304
305 seqtt = asn1_do_adb(fld, tt, 1);
306 if (seqtt == NULL)
307 return 0;
308 tmpfld = asn1_get_field_ptr(fld, seqtt);
309 if (!asn1_template_print_ctx(out, tmpfld, indent + 2,
310 seqtt, pctx))
311 return 0;
312 }
313 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
314 if (BIO_printf(out, "%*s}\n", indent, "") < 0)
315 return 0;
316 }
317
318 if (asn1_cb) {
319 i = asn1_cb(ASN1_OP_PRINT_POST, fld, it, &parg);
320 if (i == 0)
321 return 0;
322 }
323 break;
324
325 default:
326 BIO_printf(out, "Unprocessed type %d\n", it->itype);
327 return 0;
328 }
329
330 return 1;
331}
332
333int
334asn1_template_print_ctx(BIO *out, ASN1_VALUE **fld, int indent,
335 const ASN1_TEMPLATE *tt, const ASN1_PCTX *pctx)
336{
337 int i, flags;
338 const char *sname, *fname;
339
340 flags = tt->flags;
341 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME)
342 sname = ASN1_ITEM_ptr(tt->item)->sname;
343 else
344 sname = NULL;
345 if (pctx->flags & ASN1_PCTX_FLAGS_NO_FIELD_NAME)
346 fname = NULL;
347 else
348 fname = tt->field_name;
349 if (flags & ASN1_TFLG_SK_MASK) {
350 char *tname;
351 ASN1_VALUE *skitem;
352 STACK_OF(ASN1_VALUE) *stack;
353
354 /* SET OF, SEQUENCE OF */
355 if (fname) {
356 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SSOF) {
357 if (flags & ASN1_TFLG_SET_OF)
358 tname = "SET";
359 else
360 tname = "SEQUENCE";
361 if (BIO_printf(out, "%*s%s OF %s {\n",
362 indent, "", tname, tt->field_name) <= 0)
363 return 0;
364 } else if (BIO_printf(out, "%*s%s:\n", indent, "",
365 fname) <= 0)
366 return 0;
367 }
368 stack = (STACK_OF(ASN1_VALUE) *)*fld;
369 for (i = 0; i < sk_ASN1_VALUE_num(stack); i++) {
370 if ((i > 0) && (BIO_puts(out, "\n") <= 0))
371 return 0;
372 skitem = sk_ASN1_VALUE_value(stack, i);
373 if (!asn1_item_print_ctx(out, &skitem, indent + 2,
374 ASN1_ITEM_ptr(tt->item), NULL, NULL, 1, pctx))
375 return 0;
376 }
377 if (!i && BIO_printf(out, "%*s<EMPTY>\n", indent + 2, "") <= 0)
378 return 0;
379 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_SEQUENCE) {
380 if (BIO_printf(out, "%*s}\n", indent, "") <= 0)
381 return 0;
382 }
383 return 1;
384 }
385 return asn1_item_print_ctx(out, fld, indent, ASN1_ITEM_ptr(tt->item),
386 fname, sname, 0, pctx);
387}
388
389static int
390asn1_print_fsname(BIO *out, int indent, const char *fname, const char *sname,
391 const ASN1_PCTX *pctx)
392{
393 static char spaces[] = " ";
394 const int nspaces = sizeof(spaces) - 1;
395
396 while (indent > nspaces) {
397 if (BIO_write(out, spaces, nspaces) != nspaces)
398 return 0;
399 indent -= nspaces;
400 }
401 if (BIO_write(out, spaces, indent) != indent)
402 return 0;
403 if (pctx->flags & ASN1_PCTX_FLAGS_NO_STRUCT_NAME)
404 sname = NULL;
405 if (pctx->flags & ASN1_PCTX_FLAGS_NO_FIELD_NAME)
406 fname = NULL;
407 if (!sname && !fname)
408 return 1;
409 if (fname) {
410 if (BIO_puts(out, fname) <= 0)
411 return 0;
412 }
413 if (sname) {
414 if (fname) {
415 if (BIO_printf(out, " (%s)", sname) <= 0)
416 return 0;
417 } else {
418 if (BIO_puts(out, sname) <= 0)
419 return 0;
420 }
421 }
422 if (BIO_write(out, ": ", 2) != 2)
423 return 0;
424 return 1;
425}
426
427static int
428asn1_print_boolean_ctx(BIO *out, int boolval, const ASN1_PCTX *pctx)
429{
430 const char *str;
431 switch (boolval) {
432 case -1:
433 str = "BOOL ABSENT";
434 break;
435
436 case 0:
437 str = "FALSE";
438 break;
439
440 default:
441 str = "TRUE";
442 break;
443
444 }
445
446 if (BIO_puts(out, str) <= 0)
447 return 0;
448 return 1;
449
450}
451
452static int
453asn1_print_integer_ctx(BIO *out, ASN1_INTEGER *str, const ASN1_PCTX *pctx)
454{
455 char *s;
456 int ret = 1;
457 s = i2s_ASN1_INTEGER(NULL, str);
458 if (BIO_puts(out, s) <= 0)
459 ret = 0;
460 free(s);
461 return ret;
462}
463
464static int
465asn1_print_oid_ctx(BIO *out, const ASN1_OBJECT *oid, const ASN1_PCTX *pctx)
466{
467 char objbuf[80];
468 const char *ln;
469 ln = OBJ_nid2ln(OBJ_obj2nid(oid));
470 if (!ln)
471 ln = "";
472 OBJ_obj2txt(objbuf, sizeof objbuf, oid, 1);
473 if (BIO_printf(out, "%s (%s)", ln, objbuf) <= 0)
474 return 0;
475 return 1;
476}
477
478static int
479asn1_print_obstring_ctx(BIO *out, ASN1_STRING *str, int indent,
480 const ASN1_PCTX *pctx)
481{
482 if (str->type == V_ASN1_BIT_STRING) {
483 if (BIO_printf(out, " (%ld unused bits)\n",
484 str->flags & 0x7) <= 0)
485 return 0;
486 } else if (BIO_puts(out, "\n") <= 0)
487 return 0;
488 if ((str->length > 0) &&
489 BIO_dump_indent(out, (char *)str->data, str->length,
490 indent + 2) <= 0)
491 return 0;
492 return 1;
493}
494
495static int
496asn1_primitive_print(BIO *out, ASN1_VALUE **fld, const ASN1_ITEM *it,
497 int indent, const char *fname, const char *sname, const ASN1_PCTX *pctx)
498{
499 long utype;
500 ASN1_STRING *str;
501 int ret = 1, needlf = 1;
502 const char *pname;
503 const ASN1_PRIMITIVE_FUNCS *pf;
504
505 pf = it->funcs;
506 if (!asn1_print_fsname(out, indent, fname, sname, pctx))
507 return 0;
508 if (pf && pf->prim_print)
509 return pf->prim_print(out, fld, it, indent, pctx);
510 str = (ASN1_STRING *)*fld;
511 if (it->itype == ASN1_ITYPE_MSTRING)
512 utype = str->type & ~V_ASN1_NEG;
513 else
514 utype = it->utype;
515 if (utype == V_ASN1_ANY) {
516 ASN1_TYPE *atype = (ASN1_TYPE *)*fld;
517 utype = atype->type;
518 fld = &atype->value.asn1_value;
519 str = (ASN1_STRING *)*fld;
520 if (pctx->flags & ASN1_PCTX_FLAGS_NO_ANY_TYPE)
521 pname = NULL;
522 else
523 pname = ASN1_tag2str(utype);
524 } else {
525 if (pctx->flags & ASN1_PCTX_FLAGS_SHOW_TYPE)
526 pname = ASN1_tag2str(utype);
527 else
528 pname = NULL;
529 }
530
531 if (utype == V_ASN1_NULL) {
532 if (BIO_puts(out, "NULL\n") <= 0)
533 return 0;
534 return 1;
535 }
536
537 if (pname) {
538 if (BIO_puts(out, pname) <= 0)
539 return 0;
540 if (BIO_puts(out, ":") <= 0)
541 return 0;
542 }
543
544 switch (utype) {
545 case V_ASN1_BOOLEAN:
546 {
547 int boolval = *(int *)fld;
548 if (boolval == -1)
549 boolval = it->size;
550 ret = asn1_print_boolean_ctx(out, boolval, pctx);
551 }
552 break;
553
554 case V_ASN1_INTEGER:
555 case V_ASN1_ENUMERATED:
556 ret = asn1_print_integer_ctx(out, str, pctx);
557 break;
558
559 case V_ASN1_UTCTIME:
560 ret = ASN1_UTCTIME_print(out, str);
561 break;
562
563 case V_ASN1_GENERALIZEDTIME:
564 ret = ASN1_GENERALIZEDTIME_print(out, str);
565 break;
566
567 case V_ASN1_OBJECT:
568 ret = asn1_print_oid_ctx(out, (const ASN1_OBJECT *)*fld, pctx);
569 break;
570
571 case V_ASN1_OCTET_STRING:
572 case V_ASN1_BIT_STRING:
573 ret = asn1_print_obstring_ctx(out, str, indent, pctx);
574 needlf = 0;
575 break;
576
577 case V_ASN1_SEQUENCE:
578 case V_ASN1_SET:
579 case V_ASN1_OTHER:
580 if (BIO_puts(out, "\n") <= 0)
581 return 0;
582 if (ASN1_parse_dump(out, str->data, str->length,
583 indent, 0) <= 0)
584 ret = 0;
585 needlf = 0;
586 break;
587
588 default:
589 ret = ASN1_STRING_print_ex(out, str, pctx->str_flags);
590 }
591 if (!ret)
592 return 0;
593 if (needlf && BIO_puts(out, "\n") <= 0)
594 return 0;
595 return 1;
596}
diff --git a/src/lib/libcrypto/asn1/tasn_typ.c b/src/lib/libcrypto/asn1/tasn_typ.c
deleted file mode 100644
index 542713aa09..0000000000
--- a/src/lib/libcrypto/asn1/tasn_typ.c
+++ /dev/null
@@ -1,799 +0,0 @@
1/* $OpenBSD: tasn_typ.c,v 1.13 2015/07/24 15:09:52 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58#include <stdio.h>
59#include <openssl/asn1.h>
60#include <openssl/asn1t.h>
61
62/* Declarations for string types */
63
64const ASN1_ITEM ASN1_INTEGER_it = {
65 .itype = ASN1_ITYPE_PRIMITIVE,
66 .utype = V_ASN1_INTEGER,
67 .sname = "ASN1_INTEGER",
68};
69
70ASN1_INTEGER *
71d2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **in, long len)
72{
73 return (ASN1_INTEGER *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
74 &ASN1_INTEGER_it);
75}
76
77int
78i2d_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **out)
79{
80 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_INTEGER_it);
81}
82
83ASN1_INTEGER *
84ASN1_INTEGER_new(void)
85{
86 return (ASN1_INTEGER *)ASN1_item_new(&ASN1_INTEGER_it);
87}
88
89void
90ASN1_INTEGER_free(ASN1_INTEGER *a)
91{
92 ASN1_item_free((ASN1_VALUE *)a, &ASN1_INTEGER_it);
93}
94
95
96const ASN1_ITEM ASN1_ENUMERATED_it = {
97 .itype = ASN1_ITYPE_PRIMITIVE,
98 .utype = V_ASN1_ENUMERATED,
99 .sname = "ASN1_ENUMERATED",
100};
101
102ASN1_ENUMERATED *
103d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a, const unsigned char **in, long len)
104{
105 return (ASN1_ENUMERATED *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
106 &ASN1_ENUMERATED_it);
107}
108
109int
110i2d_ASN1_ENUMERATED(ASN1_ENUMERATED *a, unsigned char **out)
111{
112 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_ENUMERATED_it);
113}
114
115ASN1_ENUMERATED *
116ASN1_ENUMERATED_new(void)
117{
118 return (ASN1_ENUMERATED *)ASN1_item_new(&ASN1_ENUMERATED_it);
119}
120
121void
122ASN1_ENUMERATED_free(ASN1_ENUMERATED *a)
123{
124 ASN1_item_free((ASN1_VALUE *)a, &ASN1_ENUMERATED_it);
125}
126
127
128const ASN1_ITEM ASN1_BIT_STRING_it = {
129 .itype = ASN1_ITYPE_PRIMITIVE,
130 .utype = V_ASN1_BIT_STRING,
131 .sname = "ASN1_BIT_STRING",
132};
133
134ASN1_BIT_STRING *
135d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, const unsigned char **in, long len)
136{
137 return (ASN1_BIT_STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
138 &ASN1_BIT_STRING_it);
139}
140
141int
142i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **out)
143{
144 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_BIT_STRING_it);
145}
146
147ASN1_BIT_STRING *
148ASN1_BIT_STRING_new(void)
149{
150 return (ASN1_BIT_STRING *)ASN1_item_new(&ASN1_BIT_STRING_it);
151}
152
153void
154ASN1_BIT_STRING_free(ASN1_BIT_STRING *a)
155{
156 ASN1_item_free((ASN1_VALUE *)a, &ASN1_BIT_STRING_it);
157}
158
159
160const ASN1_ITEM ASN1_OCTET_STRING_it = {
161 .itype = ASN1_ITYPE_PRIMITIVE,
162 .utype = V_ASN1_OCTET_STRING,
163 .sname = "ASN1_OCTET_STRING",
164};
165
166ASN1_OCTET_STRING *
167d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a, const unsigned char **in, long len)
168{
169 return (ASN1_OCTET_STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
170 &ASN1_OCTET_STRING_it);
171}
172
173int
174i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a, unsigned char **out)
175{
176 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_OCTET_STRING_it);
177}
178
179ASN1_OCTET_STRING *
180ASN1_OCTET_STRING_new(void)
181{
182 return (ASN1_OCTET_STRING *)ASN1_item_new(&ASN1_OCTET_STRING_it);
183}
184
185void
186ASN1_OCTET_STRING_free(ASN1_OCTET_STRING *a)
187{
188 ASN1_item_free((ASN1_VALUE *)a, &ASN1_OCTET_STRING_it);
189}
190
191
192const ASN1_ITEM ASN1_NULL_it = {
193 .itype = ASN1_ITYPE_PRIMITIVE,
194 .utype = V_ASN1_NULL,
195 .sname = "ASN1_NULL",
196};
197
198ASN1_NULL *
199d2i_ASN1_NULL(ASN1_NULL **a, const unsigned char **in, long len)
200{
201 return (ASN1_NULL *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
202 &ASN1_NULL_it);
203}
204
205int
206i2d_ASN1_NULL(ASN1_NULL *a, unsigned char **out)
207{
208 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_NULL_it);
209}
210
211ASN1_NULL *
212ASN1_NULL_new(void)
213{
214 return (ASN1_NULL *)ASN1_item_new(&ASN1_NULL_it);
215}
216
217void
218ASN1_NULL_free(ASN1_NULL *a)
219{
220 ASN1_item_free((ASN1_VALUE *)a, &ASN1_NULL_it);
221}
222
223
224const ASN1_ITEM ASN1_OBJECT_it = {
225 .itype = ASN1_ITYPE_PRIMITIVE,
226 .utype = V_ASN1_OBJECT,
227 .sname = "ASN1_OBJECT",
228};
229
230
231const ASN1_ITEM ASN1_UTF8STRING_it = {
232 .itype = ASN1_ITYPE_PRIMITIVE,
233 .utype = V_ASN1_UTF8STRING,
234 .sname = "ASN1_UTF8STRING",
235};
236
237ASN1_UTF8STRING *
238d2i_ASN1_UTF8STRING(ASN1_UTF8STRING **a, const unsigned char **in, long len)
239{
240 return (ASN1_UTF8STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
241 &ASN1_UTF8STRING_it);
242}
243
244int
245i2d_ASN1_UTF8STRING(ASN1_UTF8STRING *a, unsigned char **out)
246{
247 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_UTF8STRING_it);
248}
249
250ASN1_UTF8STRING *
251ASN1_UTF8STRING_new(void)
252{
253 return (ASN1_UTF8STRING *)ASN1_item_new(&ASN1_UTF8STRING_it);
254}
255
256void
257ASN1_UTF8STRING_free(ASN1_UTF8STRING *a)
258{
259 ASN1_item_free((ASN1_VALUE *)a, &ASN1_UTF8STRING_it);
260}
261
262
263const ASN1_ITEM ASN1_PRINTABLESTRING_it = {
264 .itype = ASN1_ITYPE_PRIMITIVE,
265 .utype = V_ASN1_PRINTABLESTRING,
266 .sname = "ASN1_PRINTABLESTRING",
267};
268
269ASN1_PRINTABLESTRING *
270d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a, const unsigned char **in,
271 long len)
272{
273 return (ASN1_PRINTABLESTRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
274 &ASN1_PRINTABLESTRING_it);
275}
276
277int
278i2d_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING *a, unsigned char **out)
279{
280 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_PRINTABLESTRING_it);
281}
282
283ASN1_PRINTABLESTRING *
284ASN1_PRINTABLESTRING_new(void)
285{
286 return (ASN1_PRINTABLESTRING *)ASN1_item_new(&ASN1_PRINTABLESTRING_it);
287}
288
289void
290ASN1_PRINTABLESTRING_free(ASN1_PRINTABLESTRING *a)
291{
292 ASN1_item_free((ASN1_VALUE *)a, &ASN1_PRINTABLESTRING_it);
293}
294
295
296const ASN1_ITEM ASN1_T61STRING_it = {
297 .itype = ASN1_ITYPE_PRIMITIVE,
298 .utype = V_ASN1_T61STRING,
299 .sname = "ASN1_T61STRING",
300};
301
302ASN1_T61STRING *
303d2i_ASN1_T61STRING(ASN1_T61STRING **a, const unsigned char **in, long len)
304{
305 return (ASN1_T61STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
306 &ASN1_T61STRING_it);
307}
308
309int
310i2d_ASN1_T61STRING(ASN1_T61STRING *a, unsigned char **out)
311{
312 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_T61STRING_it);
313}
314
315ASN1_T61STRING *
316ASN1_T61STRING_new(void)
317{
318 return (ASN1_T61STRING *)ASN1_item_new(&ASN1_T61STRING_it);
319}
320
321void
322ASN1_T61STRING_free(ASN1_T61STRING *a)
323{
324 ASN1_item_free((ASN1_VALUE *)a, &ASN1_T61STRING_it);
325}
326
327
328const ASN1_ITEM ASN1_IA5STRING_it = {
329 .itype = ASN1_ITYPE_PRIMITIVE,
330 .utype = V_ASN1_IA5STRING,
331 .sname = "ASN1_IA5STRING",
332};
333
334ASN1_IA5STRING *
335d2i_ASN1_IA5STRING(ASN1_IA5STRING **a, const unsigned char **in, long len)
336{
337 return (ASN1_IA5STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
338 &ASN1_IA5STRING_it);
339}
340
341int
342i2d_ASN1_IA5STRING(ASN1_IA5STRING *a, unsigned char **out)
343{
344 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_IA5STRING_it);
345}
346
347ASN1_IA5STRING *
348ASN1_IA5STRING_new(void)
349{
350 return (ASN1_IA5STRING *)ASN1_item_new(&ASN1_IA5STRING_it);
351}
352
353void
354ASN1_IA5STRING_free(ASN1_IA5STRING *a)
355{
356 ASN1_item_free((ASN1_VALUE *)a, &ASN1_IA5STRING_it);
357}
358
359
360const ASN1_ITEM ASN1_GENERALSTRING_it = {
361 .itype = ASN1_ITYPE_PRIMITIVE,
362 .utype = V_ASN1_GENERALSTRING,
363 .sname = "ASN1_GENERALSTRING",
364};
365
366ASN1_GENERALSTRING *
367d2i_ASN1_GENERALSTRING(ASN1_GENERALSTRING **a, const unsigned char **in,
368 long len)
369{
370 return (ASN1_GENERALSTRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
371 &ASN1_GENERALSTRING_it);
372}
373
374int
375i2d_ASN1_GENERALSTRING(ASN1_GENERALSTRING *a, unsigned char **out)
376{
377 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_GENERALSTRING_it);
378}
379
380ASN1_GENERALSTRING *
381ASN1_GENERALSTRING_new(void)
382{
383 return (ASN1_GENERALSTRING *)ASN1_item_new(&ASN1_GENERALSTRING_it);
384}
385
386void
387ASN1_GENERALSTRING_free(ASN1_GENERALSTRING *a)
388{
389 ASN1_item_free((ASN1_VALUE *)a, &ASN1_GENERALSTRING_it);
390}
391
392
393const ASN1_ITEM ASN1_UTCTIME_it = {
394 .itype = ASN1_ITYPE_PRIMITIVE,
395 .utype = V_ASN1_UTCTIME,
396 .sname = "ASN1_UTCTIME",
397};
398
399ASN1_UTCTIME *
400d2i_ASN1_UTCTIME(ASN1_UTCTIME **a, const unsigned char **in, long len)
401{
402 return (ASN1_UTCTIME *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
403 &ASN1_UTCTIME_it);
404}
405
406int
407i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **out)
408{
409 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_UTCTIME_it);
410}
411
412ASN1_UTCTIME *
413ASN1_UTCTIME_new(void)
414{
415 return (ASN1_UTCTIME *)ASN1_item_new(&ASN1_UTCTIME_it);
416}
417
418void
419ASN1_UTCTIME_free(ASN1_UTCTIME *a)
420{
421 ASN1_item_free((ASN1_VALUE *)a, &ASN1_UTCTIME_it);
422}
423
424
425const ASN1_ITEM ASN1_GENERALIZEDTIME_it = {
426 .itype = ASN1_ITYPE_PRIMITIVE,
427 .utype = V_ASN1_GENERALIZEDTIME,
428 .sname = "ASN1_GENERALIZEDTIME",
429};
430
431ASN1_GENERALIZEDTIME *
432d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a, const unsigned char **in,
433 long len)
434{
435 return (ASN1_GENERALIZEDTIME *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
436 &ASN1_GENERALIZEDTIME_it);
437}
438
439int
440i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **out)
441{
442 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_GENERALIZEDTIME_it);
443}
444
445ASN1_GENERALIZEDTIME *
446ASN1_GENERALIZEDTIME_new(void)
447{
448 return (ASN1_GENERALIZEDTIME *)ASN1_item_new(&ASN1_GENERALIZEDTIME_it);
449}
450
451void
452ASN1_GENERALIZEDTIME_free(ASN1_GENERALIZEDTIME *a)
453{
454 ASN1_item_free((ASN1_VALUE *)a, &ASN1_GENERALIZEDTIME_it);
455}
456
457
458const ASN1_ITEM ASN1_VISIBLESTRING_it = {
459 .itype = ASN1_ITYPE_PRIMITIVE,
460 .utype = V_ASN1_VISIBLESTRING,
461 .sname = "ASN1_VISIBLESTRING",
462};
463
464ASN1_VISIBLESTRING *
465d2i_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING **a, const unsigned char **in,
466 long len)
467{
468 return (ASN1_VISIBLESTRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
469 &ASN1_VISIBLESTRING_it);
470}
471
472int
473i2d_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING *a, unsigned char **out)
474{
475 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_VISIBLESTRING_it);
476}
477
478ASN1_VISIBLESTRING *
479ASN1_VISIBLESTRING_new(void)
480{
481 return (ASN1_VISIBLESTRING *)ASN1_item_new(&ASN1_VISIBLESTRING_it);
482}
483
484void
485ASN1_VISIBLESTRING_free(ASN1_VISIBLESTRING *a)
486{
487 ASN1_item_free((ASN1_VALUE *)a, &ASN1_VISIBLESTRING_it);
488}
489
490
491const ASN1_ITEM ASN1_UNIVERSALSTRING_it = {
492 .itype = ASN1_ITYPE_PRIMITIVE,
493 .utype = V_ASN1_UNIVERSALSTRING,
494 .sname = "ASN1_UNIVERSALSTRING",
495};
496
497ASN1_UNIVERSALSTRING *
498d2i_ASN1_UNIVERSALSTRING(ASN1_UNIVERSALSTRING **a, const unsigned char **in,
499 long len)
500{
501 return (ASN1_UNIVERSALSTRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
502 &ASN1_UNIVERSALSTRING_it);
503}
504
505int
506i2d_ASN1_UNIVERSALSTRING(ASN1_UNIVERSALSTRING *a, unsigned char **out)
507{
508 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_UNIVERSALSTRING_it);
509}
510
511ASN1_UNIVERSALSTRING *
512ASN1_UNIVERSALSTRING_new(void)
513{
514 return (ASN1_UNIVERSALSTRING *)ASN1_item_new(&ASN1_UNIVERSALSTRING_it);
515}
516
517void
518ASN1_UNIVERSALSTRING_free(ASN1_UNIVERSALSTRING *a)
519{
520 ASN1_item_free((ASN1_VALUE *)a, &ASN1_UNIVERSALSTRING_it);
521}
522
523
524const ASN1_ITEM ASN1_BMPSTRING_it = {
525 .itype = ASN1_ITYPE_PRIMITIVE,
526 .utype = V_ASN1_BMPSTRING,
527 .sname = "ASN1_BMPSTRING",
528};
529
530ASN1_BMPSTRING *
531d2i_ASN1_BMPSTRING(ASN1_BMPSTRING **a, const unsigned char **in, long len)
532{
533 return (ASN1_BMPSTRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
534 &ASN1_BMPSTRING_it);
535}
536
537int
538i2d_ASN1_BMPSTRING(ASN1_BMPSTRING *a, unsigned char **out)
539{
540 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_BMPSTRING_it);
541}
542
543ASN1_BMPSTRING *
544ASN1_BMPSTRING_new(void)
545{
546 return (ASN1_BMPSTRING *)ASN1_item_new(&ASN1_BMPSTRING_it);
547}
548
549void
550ASN1_BMPSTRING_free(ASN1_BMPSTRING *a)
551{
552 ASN1_item_free((ASN1_VALUE *)a, &ASN1_BMPSTRING_it);
553}
554
555
556const ASN1_ITEM ASN1_ANY_it = {
557 .itype = ASN1_ITYPE_PRIMITIVE,
558 .utype = V_ASN1_ANY,
559 .sname = "ASN1_ANY",
560};
561
562/* Just swallow an ASN1_SEQUENCE in an ASN1_STRING */
563
564const ASN1_ITEM ASN1_SEQUENCE_it = {
565 .itype = ASN1_ITYPE_PRIMITIVE,
566 .utype = V_ASN1_SEQUENCE,
567 .sname = "ASN1_SEQUENCE",
568};
569
570
571ASN1_TYPE *
572d2i_ASN1_TYPE(ASN1_TYPE **a, const unsigned char **in, long len)
573{
574 return (ASN1_TYPE *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
575 &ASN1_ANY_it);
576}
577
578int
579i2d_ASN1_TYPE(ASN1_TYPE *a, unsigned char **out)
580{
581 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_ANY_it);
582}
583
584ASN1_TYPE *
585ASN1_TYPE_new(void)
586{
587 return (ASN1_TYPE *)ASN1_item_new(&ASN1_ANY_it);
588}
589
590void
591ASN1_TYPE_free(ASN1_TYPE *a)
592{
593 ASN1_item_free((ASN1_VALUE *)a, &ASN1_ANY_it);
594}
595
596/* Multistring types */
597
598
599const ASN1_ITEM ASN1_PRINTABLE_it = {
600 .itype = ASN1_ITYPE_MSTRING,
601 .utype = B_ASN1_PRINTABLE,
602 .templates = NULL,
603 .tcount = 0,
604 .funcs = NULL,
605 .size = sizeof(ASN1_STRING),
606 .sname = "ASN1_PRINTABLE",
607};
608
609ASN1_STRING *
610d2i_ASN1_PRINTABLE(ASN1_STRING **a, const unsigned char **in, long len)
611{
612 return (ASN1_STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
613 &ASN1_PRINTABLE_it);
614}
615
616int
617i2d_ASN1_PRINTABLE(ASN1_STRING *a, unsigned char **out)
618{
619 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_PRINTABLE_it);
620}
621
622ASN1_STRING *
623ASN1_PRINTABLE_new(void)
624{
625 return (ASN1_STRING *)ASN1_item_new(&ASN1_PRINTABLE_it);
626}
627
628void
629ASN1_PRINTABLE_free(ASN1_STRING *a)
630{
631 ASN1_item_free((ASN1_VALUE *)a, &ASN1_PRINTABLE_it);
632}
633
634
635const ASN1_ITEM DISPLAYTEXT_it = {
636 .itype = ASN1_ITYPE_MSTRING,
637 .utype = B_ASN1_DISPLAYTEXT,
638 .templates = NULL,
639 .tcount = 0,
640 .funcs = NULL,
641 .size = sizeof(ASN1_STRING),
642 .sname = "DISPLAYTEXT",
643};
644
645ASN1_STRING *
646d2i_DISPLAYTEXT(ASN1_STRING **a, const unsigned char **in, long len)
647{
648 return (ASN1_STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
649 &DISPLAYTEXT_it);
650}
651
652int
653i2d_DISPLAYTEXT(ASN1_STRING *a, unsigned char **out)
654{
655 return ASN1_item_i2d((ASN1_VALUE *)a, out, &DISPLAYTEXT_it);
656}
657
658ASN1_STRING *
659DISPLAYTEXT_new(void)
660{
661 return (ASN1_STRING *)ASN1_item_new(&DISPLAYTEXT_it);
662}
663
664void
665DISPLAYTEXT_free(ASN1_STRING *a)
666{
667 ASN1_item_free((ASN1_VALUE *)a, &DISPLAYTEXT_it);
668}
669
670
671const ASN1_ITEM DIRECTORYSTRING_it = {
672 .itype = ASN1_ITYPE_MSTRING,
673 .utype = B_ASN1_DIRECTORYSTRING,
674 .templates = NULL,
675 .tcount = 0,
676 .funcs = NULL,
677 .size = sizeof(ASN1_STRING),
678 .sname = "DIRECTORYSTRING",
679};
680
681ASN1_STRING *
682d2i_DIRECTORYSTRING(ASN1_STRING **a, const unsigned char **in, long len)
683{
684 return (ASN1_STRING *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
685 &DIRECTORYSTRING_it);
686}
687
688int
689i2d_DIRECTORYSTRING(ASN1_STRING *a, unsigned char **out)
690{
691 return ASN1_item_i2d((ASN1_VALUE *)a, out, &DIRECTORYSTRING_it);
692}
693
694ASN1_STRING *
695DIRECTORYSTRING_new(void)
696{
697 return (ASN1_STRING *)ASN1_item_new(&DIRECTORYSTRING_it);
698}
699
700void
701DIRECTORYSTRING_free(ASN1_STRING *a)
702{
703 ASN1_item_free((ASN1_VALUE *)a, &DIRECTORYSTRING_it);
704}
705
706/* Three separate BOOLEAN type: normal, DEFAULT TRUE and DEFAULT FALSE */
707
708const ASN1_ITEM ASN1_BOOLEAN_it = {
709 .itype = ASN1_ITYPE_PRIMITIVE,
710 .utype = V_ASN1_BOOLEAN,
711 .size = -1,
712 .sname = "ASN1_BOOLEAN",
713};
714
715const ASN1_ITEM ASN1_TBOOLEAN_it = {
716 .itype = ASN1_ITYPE_PRIMITIVE,
717 .utype = V_ASN1_BOOLEAN,
718 .size = 1,
719 .sname = "ASN1_TBOOLEAN",
720};
721
722const ASN1_ITEM ASN1_FBOOLEAN_it = {
723 .itype = ASN1_ITYPE_PRIMITIVE,
724 .utype = V_ASN1_BOOLEAN,
725 .size = 0,
726 .sname = "ASN1_FBOOLEAN",
727};
728
729/* Special, OCTET STRING with indefinite length constructed support */
730
731const ASN1_ITEM ASN1_OCTET_STRING_NDEF_it = {
732 .itype = ASN1_ITYPE_PRIMITIVE,
733 .utype = V_ASN1_OCTET_STRING,
734 .size = ASN1_TFLG_NDEF,
735 .sname = "ASN1_OCTET_STRING_NDEF",
736};
737
738static const ASN1_TEMPLATE ASN1_SEQUENCE_ANY_item_tt = {
739 .flags = ASN1_TFLG_SEQUENCE_OF,
740 .tag = 0,
741 .offset = 0,
742 .field_name = "ASN1_SEQUENCE_ANY",
743 .item = &ASN1_ANY_it,
744};
745
746const ASN1_ITEM ASN1_SEQUENCE_ANY_it = {
747 .itype = ASN1_ITYPE_PRIMITIVE,
748 .utype = -1,
749 .templates = &ASN1_SEQUENCE_ANY_item_tt,
750 .tcount = 0,
751 .funcs = NULL,
752 .size = 0,
753 .sname = "ASN1_SEQUENCE_ANY",
754};
755
756static const ASN1_TEMPLATE ASN1_SET_ANY_item_tt = {
757 .flags = ASN1_TFLG_SET_OF,
758 .tag = 0,
759 .offset = 0,
760 .field_name = "ASN1_SET_ANY",
761 .item = &ASN1_ANY_it,
762};
763
764const ASN1_ITEM ASN1_SET_ANY_it = {
765 .itype = ASN1_ITYPE_PRIMITIVE,
766 .utype = -1,
767 .templates = &ASN1_SET_ANY_item_tt,
768 .tcount = 0,
769 .funcs = NULL,
770 .size = 0,
771 .sname = "ASN1_SET_ANY",
772};
773
774
775ASN1_SEQUENCE_ANY *
776d2i_ASN1_SEQUENCE_ANY(ASN1_SEQUENCE_ANY **a, const unsigned char **in, long len)
777{
778 return (ASN1_SEQUENCE_ANY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
779 &ASN1_SEQUENCE_ANY_it);
780}
781
782int
783i2d_ASN1_SEQUENCE_ANY(const ASN1_SEQUENCE_ANY *a, unsigned char **out)
784{
785 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_SEQUENCE_ANY_it);
786}
787
788ASN1_SEQUENCE_ANY *
789d2i_ASN1_SET_ANY(ASN1_SEQUENCE_ANY **a, const unsigned char **in, long len)
790{
791 return (ASN1_SEQUENCE_ANY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
792 &ASN1_SET_ANY_it);
793}
794
795int
796i2d_ASN1_SET_ANY(const ASN1_SEQUENCE_ANY *a, unsigned char **out)
797{
798 return ASN1_item_i2d((ASN1_VALUE *)a, out, &ASN1_SET_ANY_it);
799}
diff --git a/src/lib/libcrypto/asn1/tasn_utl.c b/src/lib/libcrypto/asn1/tasn_utl.c
deleted file mode 100644
index 529aaf6116..0000000000
--- a/src/lib/libcrypto/asn1/tasn_utl.c
+++ /dev/null
@@ -1,281 +0,0 @@
1/* $OpenBSD: tasn_utl.c,v 1.11 2015/07/25 17:07:17 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stddef.h>
60#include <string.h>
61#include <openssl/asn1.h>
62#include <openssl/asn1t.h>
63#include <openssl/objects.h>
64#include <openssl/err.h>
65
66/* Utility functions for manipulating fields and offsets */
67
68/* Add 'offset' to 'addr' */
69#define offset2ptr(addr, offset) (void *)(((char *) addr) + offset)
70
71/* Given an ASN1_ITEM CHOICE type return
72 * the selector value
73 */
74
75int
76asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it)
77{
78 int *sel = offset2ptr(*pval, it->utype);
79 return *sel;
80}
81
82/* Given an ASN1_ITEM CHOICE type set
83 * the selector value, return old value.
84 */
85
86int
87asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it)
88{
89 int *sel, ret;
90 sel = offset2ptr(*pval, it->utype);
91 ret = *sel;
92 *sel = value;
93 return ret;
94}
95
96/* Do reference counting. The value 'op' decides what to do.
97 * if it is +1 then the count is incremented. If op is 0 count is
98 * set to 1. If op is -1 count is decremented and the return value
99 * is the current refrence count or 0 if no reference count exists.
100 */
101
102int
103asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it)
104{
105 const ASN1_AUX *aux;
106 int *lck, ret;
107
108 if ((it->itype != ASN1_ITYPE_SEQUENCE) &&
109 (it->itype != ASN1_ITYPE_NDEF_SEQUENCE))
110 return 0;
111 aux = it->funcs;
112 if (!aux || !(aux->flags & ASN1_AFLG_REFCOUNT))
113 return 0;
114 lck = offset2ptr(*pval, aux->ref_offset);
115 if (op == 0) {
116 *lck = 1;
117 return 1;
118 }
119 ret = CRYPTO_add(lck, op, aux->ref_lock);
120 return ret;
121}
122
123static ASN1_ENCODING *
124asn1_get_enc_ptr(ASN1_VALUE **pval, const ASN1_ITEM *it)
125{
126 const ASN1_AUX *aux;
127
128 if (!pval || !*pval)
129 return NULL;
130 aux = it->funcs;
131 if (!aux || !(aux->flags & ASN1_AFLG_ENCODING))
132 return NULL;
133 return offset2ptr(*pval, aux->enc_offset);
134}
135
136void
137asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it)
138{
139 ASN1_ENCODING *enc;
140
141 enc = asn1_get_enc_ptr(pval, it);
142 if (enc) {
143 enc->enc = NULL;
144 enc->len = 0;
145 enc->modified = 1;
146 }
147}
148
149void
150asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
151{
152 ASN1_ENCODING *enc;
153
154 enc = asn1_get_enc_ptr(pval, it);
155 if (enc) {
156 free(enc->enc);
157 enc->enc = NULL;
158 enc->len = 0;
159 enc->modified = 1;
160 }
161}
162
163int
164asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen,
165 const ASN1_ITEM *it)
166{
167 ASN1_ENCODING *enc;
168
169 enc = asn1_get_enc_ptr(pval, it);
170 if (!enc)
171 return 1;
172
173 free(enc->enc);
174 enc->enc = malloc(inlen);
175 if (!enc->enc)
176 return 0;
177 memcpy(enc->enc, in, inlen);
178 enc->len = inlen;
179 enc->modified = 0;
180
181 return 1;
182}
183
184int
185asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval,
186 const ASN1_ITEM *it)
187{
188 ASN1_ENCODING *enc;
189
190 enc = asn1_get_enc_ptr(pval, it);
191 if (!enc || enc->modified)
192 return 0;
193 if (out) {
194 memcpy(*out, enc->enc, enc->len);
195 *out += enc->len;
196 }
197 if (len)
198 *len = enc->len;
199 return 1;
200}
201
202/* Given an ASN1_TEMPLATE get a pointer to a field */
203ASN1_VALUE **
204asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
205{
206 ASN1_VALUE **pvaltmp;
207
208 if (tt->flags & ASN1_TFLG_COMBINE)
209 return pval;
210 pvaltmp = offset2ptr(*pval, tt->offset);
211 /* NOTE for BOOLEAN types the field is just a plain
212 * int so we can't return int **, so settle for
213 * (int *).
214 */
215 return pvaltmp;
216}
217
218/* Handle ANY DEFINED BY template, find the selector, look up
219 * the relevant ASN1_TEMPLATE in the table and return it.
220 */
221
222const ASN1_TEMPLATE *
223asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr)
224{
225 const ASN1_ADB *adb;
226 const ASN1_ADB_TABLE *atbl;
227 long selector;
228 ASN1_VALUE **sfld;
229 int i;
230
231 if (!(tt->flags & ASN1_TFLG_ADB_MASK))
232 return tt;
233
234 /* Else ANY DEFINED BY ... get the table */
235 adb = (const ASN1_ADB *)tt->item;
236
237 /* Get the selector field */
238 sfld = offset2ptr(*pval, adb->offset);
239
240 /* Check if NULL */
241 if (!sfld) {
242 if (!adb->null_tt)
243 goto err;
244 return adb->null_tt;
245 }
246
247 /* Convert type to a long:
248 * NB: don't check for NID_undef here because it
249 * might be a legitimate value in the table
250 */
251 if (tt->flags & ASN1_TFLG_ADB_OID)
252 selector = OBJ_obj2nid((ASN1_OBJECT *)*sfld);
253 else
254 selector = ASN1_INTEGER_get((ASN1_INTEGER *)*sfld);
255
256 /* Try to find matching entry in table
257 * Maybe should check application types first to
258 * allow application override? Might also be useful
259 * to have a flag which indicates table is sorted and
260 * we can do a binary search. For now stick to a
261 * linear search.
262 */
263
264 for (atbl = adb->tbl, i = 0; i < adb->tblcount; i++, atbl++)
265 if (atbl->value == selector)
266 return &atbl->tt;
267
268 /* FIXME: need to search application table too */
269
270 /* No match, return default type */
271 if (!adb->default_tt)
272 goto err;
273 return adb->default_tt;
274
275err:
276 /* FIXME: should log the value or OID of unsupported type */
277 if (nullerr)
278 ASN1err(ASN1_F_ASN1_DO_ADB,
279 ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE);
280 return NULL;
281}
diff --git a/src/lib/libcrypto/asn1/x_algor.c b/src/lib/libcrypto/asn1/x_algor.c
deleted file mode 100644
index 27405a2bfb..0000000000
--- a/src/lib/libcrypto/asn1/x_algor.c
+++ /dev/null
@@ -1,222 +0,0 @@
1/* $OpenBSD: x_algor.c,v 1.21 2015/07/24 15:09:52 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stddef.h>
60#include <openssl/x509.h>
61#include <openssl/asn1.h>
62#include <openssl/asn1t.h>
63
64static const ASN1_TEMPLATE X509_ALGOR_seq_tt[] = {
65 {
66 .offset = offsetof(X509_ALGOR, algorithm),
67 .field_name = "algorithm",
68 .item = &ASN1_OBJECT_it,
69 },
70 {
71 .flags = ASN1_TFLG_OPTIONAL,
72 .offset = offsetof(X509_ALGOR, parameter),
73 .field_name = "parameter",
74 .item = &ASN1_ANY_it,
75 },
76};
77
78const ASN1_ITEM X509_ALGOR_it = {
79 .itype = ASN1_ITYPE_SEQUENCE,
80 .utype = V_ASN1_SEQUENCE,
81 .templates = X509_ALGOR_seq_tt,
82 .tcount = sizeof(X509_ALGOR_seq_tt) / sizeof(ASN1_TEMPLATE),
83 .size = sizeof(X509_ALGOR),
84 .sname = "X509_ALGOR",
85};
86
87static const ASN1_TEMPLATE X509_ALGORS_item_tt = {
88 .flags = ASN1_TFLG_SEQUENCE_OF,
89 .tag = 0,
90 .offset = 0,
91 .field_name = "algorithms",
92 .item = &X509_ALGOR_it,
93};
94
95const ASN1_ITEM X509_ALGORS_it = {
96 .itype = ASN1_ITYPE_PRIMITIVE,
97 .utype = -1,
98 .templates = &X509_ALGORS_item_tt,
99 .tcount = 0,
100 .funcs = NULL,
101 .size = 0,
102 .sname = "X509_ALGORS",
103};
104
105
106X509_ALGOR *
107d2i_X509_ALGOR(X509_ALGOR **a, const unsigned char **in, long len)
108{
109 return (X509_ALGOR *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
110 &X509_ALGOR_it);
111}
112
113int
114i2d_X509_ALGOR(X509_ALGOR *a, unsigned char **out)
115{
116 return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_ALGOR_it);
117}
118
119X509_ALGOR *
120X509_ALGOR_new(void)
121{
122 return (X509_ALGOR *)ASN1_item_new(&X509_ALGOR_it);
123}
124
125void
126X509_ALGOR_free(X509_ALGOR *a)
127{
128 ASN1_item_free((ASN1_VALUE *)a, &X509_ALGOR_it);
129}
130
131X509_ALGORS *
132d2i_X509_ALGORS(X509_ALGORS **a, const unsigned char **in, long len)
133{
134 return (X509_ALGORS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
135 &X509_ALGORS_it);
136}
137
138int
139i2d_X509_ALGORS(X509_ALGORS *a, unsigned char **out)
140{
141 return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_ALGORS_it);
142}
143
144X509_ALGOR *
145X509_ALGOR_dup(X509_ALGOR *x)
146{
147 return ASN1_item_dup(&X509_ALGOR_it, x);
148}
149
150int
151X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval)
152{
153 if (!alg)
154 return 0;
155 if (ptype != V_ASN1_UNDEF) {
156 if (alg->parameter == NULL)
157 alg->parameter = ASN1_TYPE_new();
158 if (alg->parameter == NULL)
159 return 0;
160 }
161 if (alg) {
162 if (alg->algorithm)
163 ASN1_OBJECT_free(alg->algorithm);
164 alg->algorithm = aobj;
165 }
166 if (ptype == 0)
167 return 1;
168 if (ptype == V_ASN1_UNDEF) {
169 if (alg->parameter) {
170 ASN1_TYPE_free(alg->parameter);
171 alg->parameter = NULL;
172 }
173 } else
174 ASN1_TYPE_set(alg->parameter, ptype, pval);
175 return 1;
176}
177
178void
179X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
180 X509_ALGOR *algor)
181{
182 if (paobj)
183 *paobj = algor->algorithm;
184 if (pptype) {
185 if (algor->parameter == NULL) {
186 *pptype = V_ASN1_UNDEF;
187 return;
188 } else
189 *pptype = algor->parameter->type;
190 if (ppval)
191 *ppval = algor->parameter->value.ptr;
192 }
193}
194
195/* Set up an X509_ALGOR DigestAlgorithmIdentifier from an EVP_MD */
196
197void
198X509_ALGOR_set_md(X509_ALGOR *alg, const EVP_MD *md)
199{
200 int param_type;
201
202 if (md->flags & EVP_MD_FLAG_DIGALGID_ABSENT)
203 param_type = V_ASN1_UNDEF;
204 else
205 param_type = V_ASN1_NULL;
206
207 X509_ALGOR_set0(alg, OBJ_nid2obj(EVP_MD_type(md)), param_type, NULL);
208}
209
210/* Returns 0 if they are equal, != 0 otherwise. */
211int
212X509_ALGOR_cmp(const X509_ALGOR *a, const X509_ALGOR *b)
213{
214 int rv = OBJ_cmp(a->algorithm, b->algorithm);
215 if (!rv) {
216 if (!a->parameter && !b->parameter)
217 rv = 0;
218 else
219 rv = ASN1_TYPE_cmp(a->parameter, b->parameter);
220 }
221 return(rv);
222}
diff --git a/src/lib/libcrypto/asn1/x_attrib.c b/src/lib/libcrypto/asn1/x_attrib.c
deleted file mode 100644
index bb74a1b6c7..0000000000
--- a/src/lib/libcrypto/asn1/x_attrib.c
+++ /dev/null
@@ -1,198 +0,0 @@
1/* $OpenBSD: x_attrib.c,v 1.13 2015/02/14 14:56:45 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/asn1t.h>
62#include <openssl/objects.h>
63#include <openssl/x509.h>
64
65/* X509_ATTRIBUTE: this has the following form:
66 *
67 * typedef struct x509_attributes_st
68 * {
69 * ASN1_OBJECT *object;
70 * int single;
71 * union {
72 * char *ptr;
73 * STACK_OF(ASN1_TYPE) *set;
74 * ASN1_TYPE *single;
75 * } value;
76 * } X509_ATTRIBUTE;
77 *
78 * this needs some extra thought because the CHOICE type is
79 * merged with the main structure and because the value can
80 * be anything at all we *must* try the SET OF first because
81 * the ASN1_ANY type will swallow anything including the whole
82 * SET OF structure.
83 */
84
85static const ASN1_TEMPLATE X509_ATTRIBUTE_SET_ch_tt[] = {
86 {
87 .flags = ASN1_TFLG_SET_OF,
88 .tag = 0,
89 .offset = offsetof(X509_ATTRIBUTE, value.set),
90 .field_name = "value.set",
91 .item = &ASN1_ANY_it,
92 },
93 {
94 .flags = 0,
95 .tag = 0,
96 .offset = offsetof(X509_ATTRIBUTE, value.single),
97 .field_name = "value.single",
98 .item = &ASN1_ANY_it,
99 },
100};
101
102const ASN1_ITEM X509_ATTRIBUTE_SET_it = {
103 .itype = ASN1_ITYPE_CHOICE,
104 .utype = offsetof(X509_ATTRIBUTE, single),
105 .templates = X509_ATTRIBUTE_SET_ch_tt,
106 .tcount = sizeof(X509_ATTRIBUTE_SET_ch_tt) / sizeof(ASN1_TEMPLATE),
107 .funcs = NULL,
108 .size = sizeof(X509_ATTRIBUTE),
109 .sname = "X509_ATTRIBUTE",
110};
111
112static const ASN1_TEMPLATE X509_ATTRIBUTE_seq_tt[] = {
113 {
114 .flags = 0,
115 .tag = 0,
116 .offset = offsetof(X509_ATTRIBUTE, object),
117 .field_name = "object",
118 .item = &ASN1_OBJECT_it,
119 },
120 /* CHOICE type merged with parent */
121 {
122 .flags = 0 | ASN1_TFLG_COMBINE,
123 .tag = 0,
124 .offset = 0,
125 .field_name = NULL,
126 .item = &X509_ATTRIBUTE_SET_it,
127 },
128};
129
130const ASN1_ITEM X509_ATTRIBUTE_it = {
131 .itype = ASN1_ITYPE_SEQUENCE,
132 .utype = V_ASN1_SEQUENCE,
133 .templates = X509_ATTRIBUTE_seq_tt,
134 .tcount = sizeof(X509_ATTRIBUTE_seq_tt) / sizeof(ASN1_TEMPLATE),
135 .funcs = NULL,
136 .size = sizeof(X509_ATTRIBUTE),
137 .sname = "X509_ATTRIBUTE",
138};
139
140
141X509_ATTRIBUTE *
142d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a, const unsigned char **in, long len)
143{
144 return (X509_ATTRIBUTE *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
145 &X509_ATTRIBUTE_it);
146}
147
148int
149i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a, unsigned char **out)
150{
151 return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_ATTRIBUTE_it);
152}
153
154X509_ATTRIBUTE *
155X509_ATTRIBUTE_new(void)
156{
157 return (X509_ATTRIBUTE *)ASN1_item_new(&X509_ATTRIBUTE_it);
158}
159
160void
161X509_ATTRIBUTE_free(X509_ATTRIBUTE *a)
162{
163 ASN1_item_free((ASN1_VALUE *)a, &X509_ATTRIBUTE_it);
164}
165
166X509_ATTRIBUTE *
167X509_ATTRIBUTE_dup(X509_ATTRIBUTE *x)
168{
169 return ASN1_item_dup(&X509_ATTRIBUTE_it, x);
170}
171
172X509_ATTRIBUTE *
173X509_ATTRIBUTE_create(int nid, int atrtype, void *value)
174{
175 X509_ATTRIBUTE *ret = NULL;
176 ASN1_TYPE *val = NULL;
177
178 if ((ret = X509_ATTRIBUTE_new()) == NULL)
179 return (NULL);
180 ret->object = OBJ_nid2obj(nid);
181 ret->single = 0;
182 if ((ret->value.set = sk_ASN1_TYPE_new_null()) == NULL)
183 goto err;
184 if ((val = ASN1_TYPE_new()) == NULL)
185 goto err;
186 if (!sk_ASN1_TYPE_push(ret->value.set, val))
187 goto err;
188
189 ASN1_TYPE_set(val, atrtype, value);
190 return (ret);
191
192err:
193 if (ret != NULL)
194 X509_ATTRIBUTE_free(ret);
195 if (val != NULL)
196 ASN1_TYPE_free(val);
197 return (NULL);
198}
diff --git a/src/lib/libcrypto/asn1/x_bignum.c b/src/lib/libcrypto/asn1/x_bignum.c
deleted file mode 100644
index 73f0f73c1c..0000000000
--- a/src/lib/libcrypto/asn1/x_bignum.c
+++ /dev/null
@@ -1,167 +0,0 @@
1/* $OpenBSD: x_bignum.c,v 1.8 2015/07/25 17:07:17 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60
61#include <openssl/asn1t.h>
62#include <openssl/bn.h>
63
64/*
65 * Custom primitive type for BIGNUM handling. This reads in an ASN1_INTEGER as a
66 * BIGNUM directly. Currently it ignores the sign which isn't a problem since
67 * all BIGNUMs used are non negative and anything that looks negative is
68 * normally due to an encoding error.
69 */
70
71static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
72static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
73
74static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
75 const ASN1_ITEM *it);
76static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
77 int utype, char *free_cont, const ASN1_ITEM *it);
78
79static ASN1_PRIMITIVE_FUNCS bignum_pf = {
80 NULL,
81 0,
82 bn_new,
83 bn_free,
84 0,
85 bn_c2i,
86 bn_i2c
87};
88
89const ASN1_ITEM BIGNUM_it = {
90 .itype = ASN1_ITYPE_PRIMITIVE,
91 .utype = V_ASN1_INTEGER,
92 .templates = NULL,
93 .tcount = 0,
94 .funcs = &bignum_pf,
95 .size = 0,
96 .sname = "BIGNUM",
97};
98
99const ASN1_ITEM CBIGNUM_it = {
100 .itype = ASN1_ITYPE_PRIMITIVE,
101 .utype = V_ASN1_INTEGER,
102 .templates = NULL,
103 .tcount = 0,
104 .funcs = &bignum_pf,
105 .size = 0,
106 .sname = "BIGNUM",
107};
108
109static int
110bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
111{
112 *pval = (ASN1_VALUE *)BN_new();
113 if (*pval)
114 return 1;
115 else
116 return 0;
117}
118
119static void
120bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
121{
122 if (*pval == NULL)
123 return;
124 BN_clear_free((BIGNUM *)*pval);
125 *pval = NULL;
126}
127
128static int
129bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it)
130{
131 BIGNUM *bn;
132 int pad, len;
133
134 if (*pval == NULL)
135 return -1;
136 bn = (BIGNUM *)*pval;
137 /* If MSB set in an octet we need a padding byte */
138 if (BN_num_bits(bn) & 0x7)
139 pad = 0;
140 else
141 pad = 1;
142 if (cont) {
143 if (pad)
144 *cont++ = 0;
145 len = BN_bn2bin(bn, cont);
146 } else
147 len = BN_num_bytes(bn);
148 return pad + len;
149}
150
151static int
152bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype,
153 char *free_cont, const ASN1_ITEM *it)
154{
155 BIGNUM *bn;
156
157 if (*pval == NULL) {
158 if (bn_new(pval, it) == 0)
159 return 0;
160 }
161 bn = (BIGNUM *)*pval;
162 if (!BN_bin2bn(cont, len, bn)) {
163 bn_free(pval, it);
164 return 0;
165 }
166 return 1;
167}
diff --git a/src/lib/libcrypto/asn1/x_crl.c b/src/lib/libcrypto/asn1/x_crl.c
deleted file mode 100644
index 6062587ed4..0000000000
--- a/src/lib/libcrypto/asn1/x_crl.c
+++ /dev/null
@@ -1,687 +0,0 @@
1/* $OpenBSD: x_crl.c,v 1.25 2015/07/20 15:29:13 miod Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#include <openssl/asn1t.h>
64#include <openssl/err.h>
65#include <openssl/x509.h>
66#include <openssl/x509v3.h>
67
68#include "asn1_locl.h"
69
70static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
71 const X509_REVOKED * const *b);
72static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp);
73
74static const ASN1_TEMPLATE X509_REVOKED_seq_tt[] = {
75 {
76 .offset = offsetof(X509_REVOKED, serialNumber),
77 .field_name = "serialNumber",
78 .item = &ASN1_INTEGER_it,
79 },
80 {
81 .offset = offsetof(X509_REVOKED, revocationDate),
82 .field_name = "revocationDate",
83 .item = &ASN1_TIME_it,
84 },
85 {
86 .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
87 .offset = offsetof(X509_REVOKED, extensions),
88 .field_name = "extensions",
89 .item = &X509_EXTENSION_it,
90 },
91};
92
93const ASN1_ITEM X509_REVOKED_it = {
94 .itype = ASN1_ITYPE_SEQUENCE,
95 .utype = V_ASN1_SEQUENCE,
96 .templates = X509_REVOKED_seq_tt,
97 .tcount = sizeof(X509_REVOKED_seq_tt) / sizeof(ASN1_TEMPLATE),
98 .size = sizeof(X509_REVOKED),
99 .sname = "X509_REVOKED",
100};
101
102static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r);
103static int def_crl_lookup(X509_CRL *crl, X509_REVOKED **ret,
104 ASN1_INTEGER *serial, X509_NAME *issuer);
105
106static X509_CRL_METHOD int_crl_meth = {
107 .crl_lookup = def_crl_lookup,
108 .crl_verify = def_crl_verify
109};
110
111static const X509_CRL_METHOD *default_crl_method = &int_crl_meth;
112
113/* The X509_CRL_INFO structure needs a bit of customisation.
114 * Since we cache the original encoding the signature wont be affected by
115 * reordering of the revoked field.
116 */
117static int
118crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
119{
120 X509_CRL_INFO *a = (X509_CRL_INFO *)*pval;
121
122 if (!a || !a->revoked)
123 return 1;
124 switch (operation) {
125 /* Just set cmp function here. We don't sort because that
126 * would affect the output of X509_CRL_print().
127 */
128 case ASN1_OP_D2I_POST:
129 (void)sk_X509_REVOKED_set_cmp_func(a->revoked, X509_REVOKED_cmp);
130 break;
131 }
132 return 1;
133}
134
135
136static const ASN1_AUX X509_CRL_INFO_aux = {
137 .flags = ASN1_AFLG_ENCODING,
138 .asn1_cb = crl_inf_cb,
139 .enc_offset = offsetof(X509_CRL_INFO, enc),
140};
141static const ASN1_TEMPLATE X509_CRL_INFO_seq_tt[] = {
142 {
143 .flags = ASN1_TFLG_OPTIONAL,
144 .offset = offsetof(X509_CRL_INFO, version),
145 .field_name = "version",
146 .item = &ASN1_INTEGER_it,
147 },
148 {
149 .offset = offsetof(X509_CRL_INFO, sig_alg),
150 .field_name = "sig_alg",
151 .item = &X509_ALGOR_it,
152 },
153 {
154 .offset = offsetof(X509_CRL_INFO, issuer),
155 .field_name = "issuer",
156 .item = &X509_NAME_it,
157 },
158 {
159 .offset = offsetof(X509_CRL_INFO, lastUpdate),
160 .field_name = "lastUpdate",
161 .item = &ASN1_TIME_it,
162 },
163 {
164 .flags = ASN1_TFLG_OPTIONAL,
165 .offset = offsetof(X509_CRL_INFO, nextUpdate),
166 .field_name = "nextUpdate",
167 .item = &ASN1_TIME_it,
168 },
169 {
170 .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
171 .offset = offsetof(X509_CRL_INFO, revoked),
172 .field_name = "revoked",
173 .item = &X509_REVOKED_it,
174 },
175 {
176 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
177 .offset = offsetof(X509_CRL_INFO, extensions),
178 .field_name = "extensions",
179 .item = &X509_EXTENSION_it,
180 },
181};
182
183const ASN1_ITEM X509_CRL_INFO_it = {
184 .itype = ASN1_ITYPE_SEQUENCE,
185 .utype = V_ASN1_SEQUENCE,
186 .templates = X509_CRL_INFO_seq_tt,
187 .tcount = sizeof(X509_CRL_INFO_seq_tt) / sizeof(ASN1_TEMPLATE),
188 .funcs = &X509_CRL_INFO_aux,
189 .size = sizeof(X509_CRL_INFO),
190 .sname = "X509_CRL_INFO",
191};
192
193/* Set CRL entry issuer according to CRL certificate issuer extension.
194 * Check for unhandled critical CRL entry extensions.
195 */
196
197static int
198crl_set_issuers(X509_CRL *crl)
199{
200 int i, j;
201 GENERAL_NAMES *gens, *gtmp;
202 STACK_OF(X509_REVOKED) *revoked;
203
204 revoked = X509_CRL_get_REVOKED(crl);
205
206 gens = NULL;
207 for (i = 0; i < sk_X509_REVOKED_num(revoked); i++) {
208 X509_REVOKED *rev = sk_X509_REVOKED_value(revoked, i);
209 STACK_OF(X509_EXTENSION) *exts;
210 ASN1_ENUMERATED *reason;
211 X509_EXTENSION *ext;
212 gtmp = X509_REVOKED_get_ext_d2i(rev, NID_certificate_issuer,
213 &j, NULL);
214 if (!gtmp && (j != -1)) {
215 crl->flags |= EXFLAG_INVALID;
216 return 1;
217 }
218
219 if (gtmp) {
220 gens = gtmp;
221 if (!crl->issuers) {
222 crl->issuers = sk_GENERAL_NAMES_new_null();
223 if (!crl->issuers)
224 return 0;
225 }
226 if (!sk_GENERAL_NAMES_push(crl->issuers, gtmp))
227 return 0;
228 }
229 rev->issuer = gens;
230
231 reason = X509_REVOKED_get_ext_d2i(rev, NID_crl_reason,
232 &j, NULL);
233 if (!reason && (j != -1)) {
234 crl->flags |= EXFLAG_INVALID;
235 return 1;
236 }
237
238 if (reason) {
239 rev->reason = ASN1_ENUMERATED_get(reason);
240 ASN1_ENUMERATED_free(reason);
241 } else
242 rev->reason = CRL_REASON_NONE;
243
244 /* Check for critical CRL entry extensions */
245
246 exts = rev->extensions;
247
248 for (j = 0; j < sk_X509_EXTENSION_num(exts); j++) {
249 ext = sk_X509_EXTENSION_value(exts, j);
250 if (ext->critical > 0) {
251 if (OBJ_obj2nid(ext->object) ==
252 NID_certificate_issuer)
253 continue;
254 crl->flags |= EXFLAG_CRITICAL;
255 break;
256 }
257 }
258 }
259
260 return 1;
261}
262
263/* The X509_CRL structure needs a bit of customisation. Cache some extensions
264 * and hash of the whole CRL.
265 */
266static int
267crl_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
268{
269 X509_CRL *crl = (X509_CRL *)*pval;
270 STACK_OF(X509_EXTENSION) *exts;
271 X509_EXTENSION *ext;
272 int idx;
273 int rc = 1;
274
275 switch (operation) {
276 case ASN1_OP_NEW_POST:
277 crl->idp = NULL;
278 crl->akid = NULL;
279 crl->flags = 0;
280 crl->idp_flags = 0;
281 crl->idp_reasons = CRLDP_ALL_REASONS;
282 crl->meth = default_crl_method;
283 crl->meth_data = NULL;
284 crl->issuers = NULL;
285 crl->crl_number = NULL;
286 crl->base_crl_number = NULL;
287 break;
288
289 case ASN1_OP_D2I_POST:
290#ifndef OPENSSL_NO_SHA
291 X509_CRL_digest(crl, EVP_sha1(), crl->sha1_hash, NULL);
292#endif
293 crl->idp = X509_CRL_get_ext_d2i(crl,
294 NID_issuing_distribution_point, NULL, NULL);
295 if (crl->idp)
296 setup_idp(crl, crl->idp);
297
298 crl->akid = X509_CRL_get_ext_d2i(crl,
299 NID_authority_key_identifier, NULL, NULL);
300
301 crl->crl_number = X509_CRL_get_ext_d2i(crl,
302 NID_crl_number, NULL, NULL);
303
304 crl->base_crl_number = X509_CRL_get_ext_d2i(crl,
305 NID_delta_crl, NULL, NULL);
306 /* Delta CRLs must have CRL number */
307 if (crl->base_crl_number && !crl->crl_number)
308 crl->flags |= EXFLAG_INVALID;
309
310 /* See if we have any unhandled critical CRL extensions and
311 * indicate this in a flag. We only currently handle IDP,
312 * AKID and deltas, so anything else critical sets the flag.
313 *
314 * This code accesses the X509_CRL structure directly:
315 * applications shouldn't do this.
316 */
317
318 exts = crl->crl->extensions;
319
320 for (idx = 0; idx < sk_X509_EXTENSION_num(exts); idx++) {
321 int nid;
322 ext = sk_X509_EXTENSION_value(exts, idx);
323 nid = OBJ_obj2nid(ext->object);
324 if (nid == NID_freshest_crl)
325 crl->flags |= EXFLAG_FRESHEST;
326 if (ext->critical > 0) {
327 /* We handle IDP, AKID and deltas */
328 if (nid == NID_issuing_distribution_point ||
329 nid == NID_authority_key_identifier ||
330 nid == NID_delta_crl)
331 break;
332 crl->flags |= EXFLAG_CRITICAL;
333 break;
334 }
335 }
336
337 if (!crl_set_issuers(crl))
338 return 0;
339
340 if (crl->meth->crl_init) {
341 if (crl->meth->crl_init(crl) == 0)
342 return 0;
343 }
344 break;
345
346 case ASN1_OP_FREE_POST:
347 if (crl->meth->crl_free) {
348 if (!crl->meth->crl_free(crl))
349 rc = 0;
350 }
351 if (crl->akid)
352 AUTHORITY_KEYID_free(crl->akid);
353 if (crl->idp)
354 ISSUING_DIST_POINT_free(crl->idp);
355 ASN1_INTEGER_free(crl->crl_number);
356 ASN1_INTEGER_free(crl->base_crl_number);
357 sk_GENERAL_NAMES_pop_free(crl->issuers, GENERAL_NAMES_free);
358 break;
359 }
360 return rc;
361}
362
363/* Convert IDP into a more convenient form */
364
365static void
366setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp)
367{
368 int idp_only = 0;
369
370 /* Set various flags according to IDP */
371 crl->idp_flags |= IDP_PRESENT;
372 if (idp->onlyuser > 0) {
373 idp_only++;
374 crl->idp_flags |= IDP_ONLYUSER;
375 }
376 if (idp->onlyCA > 0) {
377 idp_only++;
378 crl->idp_flags |= IDP_ONLYCA;
379 }
380 if (idp->onlyattr > 0) {
381 idp_only++;
382 crl->idp_flags |= IDP_ONLYATTR;
383 }
384
385 if (idp_only > 1)
386 crl->idp_flags |= IDP_INVALID;
387
388 if (idp->indirectCRL > 0)
389 crl->idp_flags |= IDP_INDIRECT;
390
391 if (idp->onlysomereasons) {
392 crl->idp_flags |= IDP_REASONS;
393 if (idp->onlysomereasons->length > 0)
394 crl->idp_reasons = idp->onlysomereasons->data[0];
395 if (idp->onlysomereasons->length > 1)
396 crl->idp_reasons |=
397 (idp->onlysomereasons->data[1] << 8);
398 crl->idp_reasons &= CRLDP_ALL_REASONS;
399 }
400
401 DIST_POINT_set_dpname(idp->distpoint, X509_CRL_get_issuer(crl));
402}
403
404static const ASN1_AUX X509_CRL_aux = {
405 .app_data = NULL,
406 .flags = ASN1_AFLG_REFCOUNT,
407 .ref_offset = offsetof(X509_CRL, references),
408 .ref_lock = CRYPTO_LOCK_X509_CRL,
409 .asn1_cb = crl_cb,
410};
411static const ASN1_TEMPLATE X509_CRL_seq_tt[] = {
412 {
413 .offset = offsetof(X509_CRL, crl),
414 .field_name = "crl",
415 .item = &X509_CRL_INFO_it,
416 },
417 {
418 .offset = offsetof(X509_CRL, sig_alg),
419 .field_name = "sig_alg",
420 .item = &X509_ALGOR_it,
421 },
422 {
423 .offset = offsetof(X509_CRL, signature),
424 .field_name = "signature",
425 .item = &ASN1_BIT_STRING_it,
426 },
427};
428
429const ASN1_ITEM X509_CRL_it = {
430 .itype = ASN1_ITYPE_SEQUENCE,
431 .utype = V_ASN1_SEQUENCE,
432 .templates = X509_CRL_seq_tt,
433 .tcount = sizeof(X509_CRL_seq_tt) / sizeof(ASN1_TEMPLATE),
434 .funcs = &X509_CRL_aux,
435 .size = sizeof(X509_CRL),
436 .sname = "X509_CRL",
437};
438
439
440X509_REVOKED *
441d2i_X509_REVOKED(X509_REVOKED **a, const unsigned char **in, long len)
442{
443 return (X509_REVOKED *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
444 &X509_REVOKED_it);
445}
446
447int
448i2d_X509_REVOKED(X509_REVOKED *a, unsigned char **out)
449{
450 return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_REVOKED_it);
451}
452
453X509_REVOKED *
454X509_REVOKED_new(void)
455{
456 return (X509_REVOKED *)ASN1_item_new(&X509_REVOKED_it);
457}
458
459void
460X509_REVOKED_free(X509_REVOKED *a)
461{
462 ASN1_item_free((ASN1_VALUE *)a, &X509_REVOKED_it);
463}
464
465X509_CRL_INFO *
466d2i_X509_CRL_INFO(X509_CRL_INFO **a, const unsigned char **in, long len)
467{
468 return (X509_CRL_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
469 &X509_CRL_INFO_it);
470}
471
472int
473i2d_X509_CRL_INFO(X509_CRL_INFO *a, unsigned char **out)
474{
475 return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_CRL_INFO_it);
476}
477
478X509_CRL_INFO *
479X509_CRL_INFO_new(void)
480{
481 return (X509_CRL_INFO *)ASN1_item_new(&X509_CRL_INFO_it);
482}
483
484void
485X509_CRL_INFO_free(X509_CRL_INFO *a)
486{
487 ASN1_item_free((ASN1_VALUE *)a, &X509_CRL_INFO_it);
488}
489
490X509_CRL *
491d2i_X509_CRL(X509_CRL **a, const unsigned char **in, long len)
492{
493 return (X509_CRL *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
494 &X509_CRL_it);
495}
496
497int
498i2d_X509_CRL(X509_CRL *a, unsigned char **out)
499{
500 return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_CRL_it);
501}
502
503X509_CRL *
504X509_CRL_new(void)
505{
506 return (X509_CRL *)ASN1_item_new(&X509_CRL_it);
507}
508
509void
510X509_CRL_free(X509_CRL *a)
511{
512 ASN1_item_free((ASN1_VALUE *)a, &X509_CRL_it);
513}
514
515X509_CRL *
516X509_CRL_dup(X509_CRL *x)
517{
518 return ASN1_item_dup(&X509_CRL_it, x);
519}
520
521static int
522X509_REVOKED_cmp(const X509_REVOKED * const *a, const X509_REVOKED * const *b)
523{
524 return(ASN1_STRING_cmp(
525 (ASN1_STRING *)(*a)->serialNumber,
526 (ASN1_STRING *)(*b)->serialNumber));
527}
528
529int
530X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
531{
532 X509_CRL_INFO *inf;
533
534 inf = crl->crl;
535 if (!inf->revoked)
536 inf->revoked = sk_X509_REVOKED_new(X509_REVOKED_cmp);
537 if (!inf->revoked || !sk_X509_REVOKED_push(inf->revoked, rev)) {
538 ASN1err(ASN1_F_X509_CRL_ADD0_REVOKED, ERR_R_MALLOC_FAILURE);
539 return 0;
540 }
541 inf->enc.modified = 1;
542 return 1;
543}
544
545int
546X509_CRL_verify(X509_CRL *crl, EVP_PKEY *r)
547{
548 if (crl->meth->crl_verify)
549 return crl->meth->crl_verify(crl, r);
550 return 0;
551}
552
553int
554X509_CRL_get0_by_serial(X509_CRL *crl, X509_REVOKED **ret,
555 ASN1_INTEGER *serial)
556{
557 if (crl->meth->crl_lookup)
558 return crl->meth->crl_lookup(crl, ret, serial, NULL);
559 return 0;
560}
561
562int
563X509_CRL_get0_by_cert(X509_CRL *crl, X509_REVOKED **ret, X509 *x)
564{
565 if (crl->meth->crl_lookup)
566 return crl->meth->crl_lookup(crl, ret,
567 X509_get_serialNumber(x), X509_get_issuer_name(x));
568 return 0;
569}
570
571static int
572def_crl_verify(X509_CRL *crl, EVP_PKEY *r)
573{
574 return(ASN1_item_verify(ASN1_ITEM_rptr(X509_CRL_INFO),
575 crl->sig_alg, crl->signature, crl->crl, r));
576}
577
578static int
579crl_revoked_issuer_match(X509_CRL *crl, X509_NAME *nm, X509_REVOKED *rev)
580{
581 int i;
582
583 if (!rev->issuer) {
584 if (!nm)
585 return 1;
586 if (!X509_NAME_cmp(nm, X509_CRL_get_issuer(crl)))
587 return 1;
588 return 0;
589 }
590
591 if (!nm)
592 nm = X509_CRL_get_issuer(crl);
593
594 for (i = 0; i < sk_GENERAL_NAME_num(rev->issuer); i++) {
595 GENERAL_NAME *gen = sk_GENERAL_NAME_value(rev->issuer, i);
596 if (gen->type != GEN_DIRNAME)
597 continue;
598 if (!X509_NAME_cmp(nm, gen->d.directoryName))
599 return 1;
600 }
601 return 0;
602
603}
604
605static int
606def_crl_lookup(X509_CRL *crl, X509_REVOKED **ret, ASN1_INTEGER *serial,
607 X509_NAME *issuer)
608{
609 X509_REVOKED rtmp, *rev;
610 int idx;
611
612 rtmp.serialNumber = serial;
613 /* Sort revoked into serial number order if not already sorted.
614 * Do this under a lock to avoid race condition.
615 */
616 if (!sk_X509_REVOKED_is_sorted(crl->crl->revoked)) {
617 CRYPTO_w_lock(CRYPTO_LOCK_X509_CRL);
618 sk_X509_REVOKED_sort(crl->crl->revoked);
619 CRYPTO_w_unlock(CRYPTO_LOCK_X509_CRL);
620 }
621 idx = sk_X509_REVOKED_find(crl->crl->revoked, &rtmp);
622 if (idx < 0)
623 return 0;
624 /* Need to look for matching name */
625 for (; idx < sk_X509_REVOKED_num(crl->crl->revoked); idx++) {
626 rev = sk_X509_REVOKED_value(crl->crl->revoked, idx);
627 if (ASN1_INTEGER_cmp(rev->serialNumber, serial))
628 return 0;
629 if (crl_revoked_issuer_match(crl, issuer, rev)) {
630 if (ret)
631 *ret = rev;
632 if (rev->reason == CRL_REASON_REMOVE_FROM_CRL)
633 return 2;
634 return 1;
635 }
636 }
637 return 0;
638}
639
640void
641X509_CRL_set_default_method(const X509_CRL_METHOD *meth)
642{
643 if (meth == NULL)
644 default_crl_method = &int_crl_meth;
645 else
646 default_crl_method = meth;
647}
648
649X509_CRL_METHOD *
650X509_CRL_METHOD_new(int (*crl_init)(X509_CRL *crl),
651 int (*crl_free)(X509_CRL *crl),
652 int (*crl_lookup)(X509_CRL *crl, X509_REVOKED **ret,
653 ASN1_INTEGER *ser, X509_NAME *issuer),
654 int (*crl_verify)(X509_CRL *crl, EVP_PKEY *pk))
655{
656 X509_CRL_METHOD *m;
657
658 m = malloc(sizeof(X509_CRL_METHOD));
659 if (!m)
660 return NULL;
661 m->crl_init = crl_init;
662 m->crl_free = crl_free;
663 m->crl_lookup = crl_lookup;
664 m->crl_verify = crl_verify;
665 m->flags = X509_CRL_METHOD_DYNAMIC;
666 return m;
667}
668
669void
670X509_CRL_METHOD_free(X509_CRL_METHOD *m)
671{
672 if (!(m->flags & X509_CRL_METHOD_DYNAMIC))
673 return;
674 free(m);
675}
676
677void
678X509_CRL_set_meth_data(X509_CRL *crl, void *dat)
679{
680 crl->meth_data = dat;
681}
682
683void *
684X509_CRL_get_meth_data(X509_CRL *crl)
685{
686 return crl->meth_data;
687}
diff --git a/src/lib/libcrypto/asn1/x_exten.c b/src/lib/libcrypto/asn1/x_exten.c
deleted file mode 100644
index bb3dffc821..0000000000
--- a/src/lib/libcrypto/asn1/x_exten.c
+++ /dev/null
@@ -1,153 +0,0 @@
1/* $OpenBSD: x_exten.c,v 1.16 2015/07/24 15:09:52 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stddef.h>
60#include <openssl/x509.h>
61#include <openssl/asn1.h>
62#include <openssl/asn1t.h>
63
64static const ASN1_TEMPLATE X509_EXTENSION_seq_tt[] = {
65 {
66 .offset = offsetof(X509_EXTENSION, object),
67 .field_name = "object",
68 .item = &ASN1_OBJECT_it,
69 },
70 {
71 .flags = ASN1_TFLG_OPTIONAL,
72 .offset = offsetof(X509_EXTENSION, critical),
73 .field_name = "critical",
74 .item = &ASN1_BOOLEAN_it,
75 },
76 {
77 .offset = offsetof(X509_EXTENSION, value),
78 .field_name = "value",
79 .item = &ASN1_OCTET_STRING_it,
80 },
81};
82
83const ASN1_ITEM X509_EXTENSION_it = {
84 .itype = ASN1_ITYPE_SEQUENCE,
85 .utype = V_ASN1_SEQUENCE,
86 .templates = X509_EXTENSION_seq_tt,
87 .tcount = sizeof(X509_EXTENSION_seq_tt) / sizeof(ASN1_TEMPLATE),
88 .size = sizeof(X509_EXTENSION),
89 .sname = "X509_EXTENSION",
90};
91
92static const ASN1_TEMPLATE X509_EXTENSIONS_item_tt = {
93 .flags = ASN1_TFLG_SEQUENCE_OF,
94 .tag = 0,
95 .offset = 0,
96 .field_name = "Extension",
97 .item = &X509_EXTENSION_it,
98};
99
100const ASN1_ITEM X509_EXTENSIONS_it = {
101 .itype = ASN1_ITYPE_PRIMITIVE,
102 .utype = -1,
103 .templates = &X509_EXTENSIONS_item_tt,
104 .tcount = 0,
105 .funcs = NULL,
106 .size = 0,
107 .sname = "X509_EXTENSIONS",
108};
109
110
111X509_EXTENSION *
112d2i_X509_EXTENSION(X509_EXTENSION **a, const unsigned char **in, long len)
113{
114 return (X509_EXTENSION *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
115 &X509_EXTENSION_it);
116}
117
118int
119i2d_X509_EXTENSION(X509_EXTENSION *a, unsigned char **out)
120{
121 return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_EXTENSION_it);
122}
123
124X509_EXTENSION *
125X509_EXTENSION_new(void)
126{
127 return (X509_EXTENSION *)ASN1_item_new(&X509_EXTENSION_it);
128}
129
130void
131X509_EXTENSION_free(X509_EXTENSION *a)
132{
133 ASN1_item_free((ASN1_VALUE *)a, &X509_EXTENSION_it);
134}
135
136X509_EXTENSIONS *
137d2i_X509_EXTENSIONS(X509_EXTENSIONS **a, const unsigned char **in, long len)
138{
139 return (X509_EXTENSIONS *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
140 &X509_EXTENSIONS_it);
141}
142
143int
144i2d_X509_EXTENSIONS(X509_EXTENSIONS *a, unsigned char **out)
145{
146 return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_EXTENSIONS_it);
147}
148
149X509_EXTENSION *
150X509_EXTENSION_dup(X509_EXTENSION *x)
151{
152 return ASN1_item_dup(&X509_EXTENSION_it, x);
153}
diff --git a/src/lib/libcrypto/asn1/x_info.c b/src/lib/libcrypto/asn1/x_info.c
deleted file mode 100644
index 466deaf6ce..0000000000
--- a/src/lib/libcrypto/asn1/x_info.c
+++ /dev/null
@@ -1,108 +0,0 @@
1/* $OpenBSD: x_info.c,v 1.15 2015/02/10 11:22:21 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/asn1.h>
62#include <openssl/err.h>
63#include <openssl/evp.h>
64#include <openssl/x509.h>
65
66X509_INFO *
67X509_INFO_new(void)
68{
69 X509_INFO *ret = NULL;
70
71 ret = malloc(sizeof(X509_INFO));
72 if (ret == NULL) {
73 ASN1err(ASN1_F_X509_INFO_NEW, ERR_R_MALLOC_FAILURE);
74 return (NULL);
75 }
76
77 ret->enc_cipher.cipher = NULL;
78 ret->enc_len = 0;
79 ret->enc_data = NULL;
80
81 ret->references = 1;
82 ret->x509 = NULL;
83 ret->crl = NULL;
84 ret->x_pkey = NULL;
85 return (ret);
86}
87
88void
89X509_INFO_free(X509_INFO *x)
90{
91 int i;
92
93 if (x == NULL)
94 return;
95
96 i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_X509_INFO);
97 if (i > 0)
98 return;
99
100 if (x->x509 != NULL)
101 X509_free(x->x509);
102 if (x->crl != NULL)
103 X509_CRL_free(x->crl);
104 if (x->x_pkey != NULL)
105 X509_PKEY_free(x->x_pkey);
106 free(x->enc_data);
107 free(x);
108}
diff --git a/src/lib/libcrypto/asn1/x_long.c b/src/lib/libcrypto/asn1/x_long.c
deleted file mode 100644
index 90a41129bc..0000000000
--- a/src/lib/libcrypto/asn1/x_long.c
+++ /dev/null
@@ -1,210 +0,0 @@
1/* $OpenBSD: x_long.c,v 1.10 2015/07/25 17:07:17 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60#include <string.h>
61
62#include <openssl/asn1t.h>
63#include <openssl/bn.h>
64#include <openssl/err.h>
65
66/* Custom primitive type for long handling. This converts between an ASN1_INTEGER
67 * and a long directly.
68 */
69
70
71static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
72static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
73
74static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
75static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
76static int long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent, const ASN1_PCTX *pctx);
77
78static ASN1_PRIMITIVE_FUNCS long_pf = {
79 NULL, 0,
80 long_new,
81 long_free,
82 long_free, /* Clear should set to initial value */
83 long_c2i,
84 long_i2c,
85 long_print
86};
87
88const ASN1_ITEM LONG_it = {
89 .itype = ASN1_ITYPE_PRIMITIVE,
90 .utype = V_ASN1_INTEGER,
91 .templates = NULL,
92 .tcount = 0,
93 .funcs = &long_pf,
94 .size = ASN1_LONG_UNDEF,
95 .sname = "LONG",
96};
97
98const ASN1_ITEM ZLONG_it = {
99 .itype = ASN1_ITYPE_PRIMITIVE,
100 .utype = V_ASN1_INTEGER,
101 .templates = NULL,
102 .tcount = 0,
103 .funcs = &long_pf,
104 .size = 0,
105 .sname = "ZLONG",
106};
107
108static int
109long_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
110{
111 *(long *)pval = it->size;
112 return 1;
113}
114
115static void
116long_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
117{
118 *(long *)pval = it->size;
119}
120
121static int
122long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype,
123 const ASN1_ITEM *it)
124{
125 long ltmp;
126 unsigned long utmp;
127 int clen, pad, i;
128 /* this exists to bypass broken gcc optimization */
129 char *cp = (char *)pval;
130
131 /* use memcpy, because we may not be long aligned */
132 memcpy(&ltmp, cp, sizeof(long));
133
134 if (ltmp == it->size)
135 return -1;
136 /* Convert the long to positive: we subtract one if negative so
137 * we can cleanly handle the padding if only the MSB of the leading
138 * octet is set.
139 */
140 if (ltmp < 0)
141 utmp = -ltmp - 1;
142 else
143 utmp = ltmp;
144 clen = BN_num_bits_word(utmp);
145 /* If MSB of leading octet set we need to pad */
146 if (!(clen & 0x7))
147 pad = 1;
148 else
149 pad = 0;
150
151 /* Convert number of bits to number of octets */
152 clen = (clen + 7) >> 3;
153
154 if (cont) {
155 if (pad)
156 *cont++ = (ltmp < 0) ? 0xff : 0;
157 for (i = clen - 1; i >= 0; i--) {
158 cont[i] = (unsigned char)(utmp & 0xff);
159 if (ltmp < 0)
160 cont[i] ^= 0xff;
161 utmp >>= 8;
162 }
163 }
164 return clen + pad;
165}
166
167static int
168long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype,
169 char *free_cont, const ASN1_ITEM *it)
170{
171 int neg, i;
172 long ltmp;
173 unsigned long utmp = 0;
174 char *cp = (char *)pval;
175 if (len > (int)sizeof(long)) {
176 ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
177 return 0;
178 }
179 /* Is it negative? */
180 if (len && (cont[0] & 0x80))
181 neg = 1;
182 else
183 neg = 0;
184 utmp = 0;
185 for (i = 0; i < len; i++) {
186 utmp <<= 8;
187 if (neg)
188 utmp |= cont[i] ^ 0xff;
189 else
190 utmp |= cont[i];
191 }
192 ltmp = (long)utmp;
193 if (neg) {
194 ltmp++;
195 ltmp = -ltmp;
196 }
197 if (ltmp == it->size) {
198 ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
199 return 0;
200 }
201 memcpy(cp, &ltmp, sizeof(long));
202 return 1;
203}
204
205static int
206long_print(BIO *out, ASN1_VALUE **pval, const ASN1_ITEM *it, int indent,
207 const ASN1_PCTX *pctx)
208{
209 return BIO_printf(out, "%ld\n", *(long *)pval);
210}
diff --git a/src/lib/libcrypto/asn1/x_name.c b/src/lib/libcrypto/asn1/x_name.c
deleted file mode 100644
index be936318d8..0000000000
--- a/src/lib/libcrypto/asn1/x_name.c
+++ /dev/null
@@ -1,642 +0,0 @@
1/* $OpenBSD: x_name.c,v 1.31 2015/07/24 15:09:52 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <ctype.h>
60#include <stdio.h>
61#include <string.h>
62
63#include <openssl/asn1t.h>
64#include <openssl/err.h>
65#include <openssl/x509.h>
66
67#include "asn1_locl.h"
68
69typedef STACK_OF(X509_NAME_ENTRY) STACK_OF_X509_NAME_ENTRY;
70DECLARE_STACK_OF(STACK_OF_X509_NAME_ENTRY)
71
72static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in,
73 long len, const ASN1_ITEM *it, int tag, int aclass, char opt,
74 ASN1_TLC *ctx);
75
76static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out,
77 const ASN1_ITEM *it, int tag, int aclass);
78static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it);
79static void x509_name_ex_free(ASN1_VALUE **val, const ASN1_ITEM *it);
80
81static int x509_name_encode(X509_NAME *a);
82static int x509_name_canon(X509_NAME *a);
83static int asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in);
84static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname,
85 unsigned char **in);
86
87static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval, int indent,
88 const char *fname, const ASN1_PCTX *pctx);
89
90static const ASN1_TEMPLATE X509_NAME_ENTRY_seq_tt[] = {
91 {
92 .offset = offsetof(X509_NAME_ENTRY, object),
93 .field_name = "object",
94 .item = &ASN1_OBJECT_it,
95 },
96 {
97 .offset = offsetof(X509_NAME_ENTRY, value),
98 .field_name = "value",
99 .item = &ASN1_PRINTABLE_it,
100 },
101};
102
103const ASN1_ITEM X509_NAME_ENTRY_it = {
104 .itype = ASN1_ITYPE_SEQUENCE,
105 .utype = V_ASN1_SEQUENCE,
106 .templates = X509_NAME_ENTRY_seq_tt,
107 .tcount = sizeof(X509_NAME_ENTRY_seq_tt) / sizeof(ASN1_TEMPLATE),
108 .size = sizeof(X509_NAME_ENTRY),
109 .sname = "X509_NAME_ENTRY",
110};
111
112
113X509_NAME_ENTRY *
114d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **a, const unsigned char **in, long len)
115{
116 return (X509_NAME_ENTRY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
117 &X509_NAME_ENTRY_it);
118}
119
120int
121i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *a, unsigned char **out)
122{
123 return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_NAME_ENTRY_it);
124}
125
126X509_NAME_ENTRY *
127X509_NAME_ENTRY_new(void)
128{
129 return (X509_NAME_ENTRY *)ASN1_item_new(&X509_NAME_ENTRY_it);
130}
131
132void
133X509_NAME_ENTRY_free(X509_NAME_ENTRY *a)
134{
135 ASN1_item_free((ASN1_VALUE *)a, &X509_NAME_ENTRY_it);
136}
137
138X509_NAME_ENTRY *
139X509_NAME_ENTRY_dup(X509_NAME_ENTRY *x)
140{
141 return ASN1_item_dup(&X509_NAME_ENTRY_it, x);
142}
143
144/* For the "Name" type we need a SEQUENCE OF { SET OF X509_NAME_ENTRY }
145 * so declare two template wrappers for this
146 */
147
148static const ASN1_TEMPLATE X509_NAME_ENTRIES_item_tt = {
149 .flags = ASN1_TFLG_SET_OF,
150 .tag = 0,
151 .offset = 0,
152 .field_name = "RDNS",
153 .item = &X509_NAME_ENTRY_it,
154};
155
156const ASN1_ITEM X509_NAME_ENTRIES_it = {
157 .itype = ASN1_ITYPE_PRIMITIVE,
158 .utype = -1,
159 .templates = &X509_NAME_ENTRIES_item_tt,
160 .tcount = 0,
161 .funcs = NULL,
162 .size = 0,
163 .sname = "X509_NAME_ENTRIES",
164};
165
166static const ASN1_TEMPLATE X509_NAME_INTERNAL_item_tt = {
167 .flags = ASN1_TFLG_SEQUENCE_OF,
168 .tag = 0,
169 .offset = 0,
170 .field_name = "Name",
171 .item = &X509_NAME_ENTRIES_it,
172};
173
174const ASN1_ITEM X509_NAME_INTERNAL_it = {
175 .itype = ASN1_ITYPE_PRIMITIVE,
176 .utype = -1,
177 .templates = &X509_NAME_INTERNAL_item_tt,
178 .tcount = 0,
179 .funcs = NULL,
180 .size = 0,
181 .sname = "X509_NAME_INTERNAL",
182};
183
184/* Normally that's where it would end: we'd have two nested STACK structures
185 * representing the ASN1. Unfortunately X509_NAME uses a completely different
186 * form and caches encodings so we have to process the internal form and convert
187 * to the external form.
188 */
189
190const ASN1_EXTERN_FUNCS x509_name_ff = {
191 NULL,
192 x509_name_ex_new,
193 x509_name_ex_free,
194 0, /* Default clear behaviour is OK */
195 x509_name_ex_d2i,
196 x509_name_ex_i2d,
197 x509_name_ex_print
198};
199
200const ASN1_ITEM X509_NAME_it = {
201 .itype = ASN1_ITYPE_EXTERN,
202 .utype = V_ASN1_SEQUENCE,
203 .templates = NULL,
204 .tcount = 0,
205 .funcs = &x509_name_ff,
206 .size = 0,
207 .sname = "X509_NAME",
208};
209
210X509_NAME *
211d2i_X509_NAME(X509_NAME **a, const unsigned char **in, long len)
212{
213 return (X509_NAME *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
214 &X509_NAME_it);
215}
216
217int
218i2d_X509_NAME(X509_NAME *a, unsigned char **out)
219{
220 return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_NAME_it);
221}
222
223X509_NAME *
224X509_NAME_new(void)
225{
226 return (X509_NAME *)ASN1_item_new(&X509_NAME_it);
227}
228
229void
230X509_NAME_free(X509_NAME *a)
231{
232 ASN1_item_free((ASN1_VALUE *)a, &X509_NAME_it);
233}
234
235X509_NAME *
236X509_NAME_dup(X509_NAME *x)
237{
238 return ASN1_item_dup(&X509_NAME_it, x);
239}
240
241static int
242x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it)
243{
244 X509_NAME *ret = NULL;
245
246 ret = malloc(sizeof(X509_NAME));
247 if (!ret)
248 goto memerr;
249 if ((ret->entries = sk_X509_NAME_ENTRY_new_null()) == NULL)
250 goto memerr;
251 if ((ret->bytes = BUF_MEM_new()) == NULL)
252 goto memerr;
253 ret->canon_enc = NULL;
254 ret->canon_enclen = 0;
255 ret->modified = 1;
256 *val = (ASN1_VALUE *)ret;
257 return 1;
258
259memerr:
260 ASN1err(ASN1_F_X509_NAME_EX_NEW, ERR_R_MALLOC_FAILURE);
261 if (ret) {
262 if (ret->entries)
263 sk_X509_NAME_ENTRY_free(ret->entries);
264 free(ret);
265 }
266 return 0;
267}
268
269static void
270x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
271{
272 X509_NAME *a;
273
274 if (!pval || !*pval)
275 return;
276 a = (X509_NAME *)*pval;
277
278 BUF_MEM_free(a->bytes);
279 sk_X509_NAME_ENTRY_pop_free(a->entries, X509_NAME_ENTRY_free);
280 free(a->canon_enc);
281 free(a);
282 *pval = NULL;
283}
284
285static int
286x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len,
287 const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx)
288{
289 const unsigned char *p = *in, *q;
290 union {
291 STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
292 ASN1_VALUE *a;
293 } intname = {NULL};
294 union {
295 X509_NAME *x;
296 ASN1_VALUE *a;
297 } nm = {NULL};
298 int i, j, ret;
299 STACK_OF(X509_NAME_ENTRY) *entries;
300 X509_NAME_ENTRY *entry;
301 q = p;
302
303 /* Get internal representation of Name */
304 ret = ASN1_item_ex_d2i(&intname.a, &p, len,
305 ASN1_ITEM_rptr(X509_NAME_INTERNAL), tag, aclass, opt, ctx);
306
307 if (ret <= 0)
308 return ret;
309
310 if (*val)
311 x509_name_ex_free(val, NULL);
312 if (!x509_name_ex_new(&nm.a, NULL))
313 goto err;
314 /* We've decoded it: now cache encoding */
315 if (!BUF_MEM_grow(nm.x->bytes, p - q))
316 goto err;
317 memcpy(nm.x->bytes->data, q, p - q);
318
319 /* Convert internal representation to X509_NAME structure */
320 for (i = 0; i < sk_STACK_OF_X509_NAME_ENTRY_num(intname.s); i++) {
321 entries = sk_STACK_OF_X509_NAME_ENTRY_value(intname.s, i);
322 for (j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) {
323 entry = sk_X509_NAME_ENTRY_value(entries, j);
324 entry->set = i;
325 if (!sk_X509_NAME_ENTRY_push(nm.x->entries, entry))
326 goto err;
327 }
328 sk_X509_NAME_ENTRY_free(entries);
329 }
330 sk_STACK_OF_X509_NAME_ENTRY_free(intname.s);
331 ret = x509_name_canon(nm.x);
332 if (!ret)
333 goto err;
334 nm.x->modified = 0;
335 *val = nm.a;
336 *in = p;
337 return ret;
338
339err:
340 if (nm.x != NULL)
341 X509_NAME_free(nm.x);
342 ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
343 return 0;
344}
345
346static int
347x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it,
348 int tag, int aclass)
349{
350 int ret;
351 X509_NAME *a = (X509_NAME *)*val;
352
353 if (a->modified) {
354 ret = x509_name_encode(a);
355 if (ret < 0)
356 return ret;
357 ret = x509_name_canon(a);
358 if (ret < 0)
359 return ret;
360 }
361 ret = a->bytes->length;
362 if (out != NULL) {
363 memcpy(*out, a->bytes->data, ret);
364 *out += ret;
365 }
366 return ret;
367}
368
369static void
370local_sk_X509_NAME_ENTRY_free(STACK_OF(X509_NAME_ENTRY) *ne)
371{
372 sk_X509_NAME_ENTRY_free(ne);
373}
374
375static void
376local_sk_X509_NAME_ENTRY_pop_free(STACK_OF(X509_NAME_ENTRY) *ne)
377{
378 sk_X509_NAME_ENTRY_pop_free(ne, X509_NAME_ENTRY_free);
379}
380
381static int
382x509_name_encode(X509_NAME *a)
383{
384 union {
385 STACK_OF(STACK_OF_X509_NAME_ENTRY) *s;
386 ASN1_VALUE *a;
387 } intname = {NULL};
388 int len;
389 unsigned char *p;
390 STACK_OF(X509_NAME_ENTRY) *entries = NULL;
391 X509_NAME_ENTRY *entry;
392 int i, set = -1;
393
394 intname.s = sk_STACK_OF_X509_NAME_ENTRY_new_null();
395 if (!intname.s)
396 goto memerr;
397 for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
398 entry = sk_X509_NAME_ENTRY_value(a->entries, i);
399 if (entry->set != set) {
400 entries = sk_X509_NAME_ENTRY_new_null();
401 if (!entries)
402 goto memerr;
403 if (!sk_STACK_OF_X509_NAME_ENTRY_push(intname.s,
404 entries))
405 goto memerr;
406 set = entry->set;
407 }
408 if (entries == NULL /* if entry->set is bogusly -1 */ ||
409 !sk_X509_NAME_ENTRY_push(entries, entry))
410 goto memerr;
411 }
412 len = ASN1_item_ex_i2d(&intname.a, NULL,
413 ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
414 if (!BUF_MEM_grow(a->bytes, len))
415 goto memerr;
416 p = (unsigned char *)a->bytes->data;
417 ASN1_item_ex_i2d(&intname.a, &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL),
418 -1, -1);
419 sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
420 local_sk_X509_NAME_ENTRY_free);
421 a->modified = 0;
422 return len;
423
424memerr:
425 sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname.s,
426 local_sk_X509_NAME_ENTRY_free);
427 ASN1err(ASN1_F_X509_NAME_ENCODE, ERR_R_MALLOC_FAILURE);
428 return -1;
429}
430
431static int
432x509_name_ex_print(BIO *out, ASN1_VALUE **pval, int indent, const char *fname,
433 const ASN1_PCTX *pctx)
434{
435 if (X509_NAME_print_ex(out, (X509_NAME *)*pval, indent,
436 pctx->nm_flags) <= 0)
437 return 0;
438 return 2;
439}
440
441/* This function generates the canonical encoding of the Name structure.
442 * In it all strings are converted to UTF8, leading, trailing and
443 * multiple spaces collapsed, converted to lower case and the leading
444 * SEQUENCE header removed.
445 *
446 * In future we could also normalize the UTF8 too.
447 *
448 * By doing this comparison of Name structures can be rapidly
449 * performed by just using memcmp() of the canonical encoding.
450 * By omitting the leading SEQUENCE name constraints of type
451 * dirName can also be checked with a simple memcmp().
452 */
453
454static int
455x509_name_canon(X509_NAME *a)
456{
457 unsigned char *p;
458 STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname = NULL;
459 STACK_OF(X509_NAME_ENTRY) *entries = NULL;
460 X509_NAME_ENTRY *entry, *tmpentry = NULL;
461 int i, len, set = -1, ret = 0;
462
463 if (a->canon_enc) {
464 free(a->canon_enc);
465 a->canon_enc = NULL;
466 }
467 /* Special case: empty X509_NAME => null encoding */
468 if (sk_X509_NAME_ENTRY_num(a->entries) == 0) {
469 a->canon_enclen = 0;
470 return 1;
471 }
472 intname = sk_STACK_OF_X509_NAME_ENTRY_new_null();
473 if (!intname)
474 goto err;
475 for (i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
476 entry = sk_X509_NAME_ENTRY_value(a->entries, i);
477 if (entry->set != set) {
478 entries = sk_X509_NAME_ENTRY_new_null();
479 if (!entries)
480 goto err;
481 if (sk_STACK_OF_X509_NAME_ENTRY_push(intname,
482 entries) == 0) {
483 sk_X509_NAME_ENTRY_free(entries);
484 goto err;
485 }
486 set = entry->set;
487 }
488 tmpentry = X509_NAME_ENTRY_new();
489 if (tmpentry == NULL)
490 goto err;
491 tmpentry->object = OBJ_dup(entry->object);
492 if (tmpentry->object == NULL)
493 goto err;
494 if (!asn1_string_canon(tmpentry->value, entry->value))
495 goto err;
496 if (entries == NULL /* if entry->set is bogusly -1 */ ||
497 !sk_X509_NAME_ENTRY_push(entries, tmpentry))
498 goto err;
499 tmpentry = NULL;
500 }
501
502 /* Finally generate encoding */
503 len = i2d_name_canon(intname, NULL);
504 if (len < 0)
505 goto err;
506 p = malloc(len);
507 if (p == NULL)
508 goto err;
509 a->canon_enc = p;
510 a->canon_enclen = len;
511 i2d_name_canon(intname, &p);
512 ret = 1;
513
514err:
515 if (tmpentry)
516 X509_NAME_ENTRY_free(tmpentry);
517 if (intname)
518 sk_STACK_OF_X509_NAME_ENTRY_pop_free(intname,
519 local_sk_X509_NAME_ENTRY_pop_free);
520 return ret;
521}
522
523/* Bitmap of all the types of string that will be canonicalized. */
524
525#define ASN1_MASK_CANON \
526 (B_ASN1_UTF8STRING | B_ASN1_BMPSTRING | B_ASN1_UNIVERSALSTRING \
527 | B_ASN1_PRINTABLESTRING | B_ASN1_T61STRING | B_ASN1_IA5STRING \
528 | B_ASN1_VISIBLESTRING)
529
530
531static int
532asn1_string_canon(ASN1_STRING *out, ASN1_STRING *in)
533{
534 unsigned char *to, *from;
535 int len, i;
536
537 /* If type not in bitmask just copy string across */
538 if (!(ASN1_tag2bit(in->type) & ASN1_MASK_CANON)) {
539 if (!ASN1_STRING_copy(out, in))
540 return 0;
541 return 1;
542 }
543
544 out->type = V_ASN1_UTF8STRING;
545 out->length = ASN1_STRING_to_UTF8(&out->data, in);
546 if (out->length == -1)
547 return 0;
548
549 to = out->data;
550 from = to;
551
552 len = out->length;
553
554 /* Convert string in place to canonical form.
555 * Ultimately we may need to handle a wider range of characters
556 * but for now ignore anything with MSB set and rely on the
557 * isspace() and tolower() functions.
558 */
559
560 /* Ignore leading spaces */
561 while ((len > 0) && !(*from & 0x80) && isspace(*from)) {
562 from++;
563 len--;
564 }
565
566 to = from + len - 1;
567
568 /* Ignore trailing spaces */
569 while ((len > 0) && !(*to & 0x80) && isspace(*to)) {
570 to--;
571 len--;
572 }
573
574 to = out->data;
575
576 i = 0;
577 while (i < len) {
578 /* If MSB set just copy across */
579 if (*from & 0x80) {
580 *to++ = *from++;
581 i++;
582 }
583 /* Collapse multiple spaces */
584 else if (isspace(*from)) {
585 /* Copy one space across */
586 *to++ = ' ';
587 /* Ignore subsequent spaces. Note: don't need to
588 * check len here because we know the last
589 * character is a non-space so we can't overflow.
590 */
591 do {
592 from++;
593 i++;
594 } while (!(*from & 0x80) && isspace(*from));
595 } else {
596 *to++ = tolower(*from);
597 from++;
598 i++;
599 }
600 }
601
602 out->length = to - out->data;
603
604 return 1;
605}
606
607static int
608i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) *_intname, unsigned char **in)
609{
610 int i, len, ltmp;
611 ASN1_VALUE *v;
612 STACK_OF(ASN1_VALUE) *intname = (STACK_OF(ASN1_VALUE) *)_intname;
613
614 len = 0;
615 for (i = 0; i < sk_ASN1_VALUE_num(intname); i++) {
616 v = sk_ASN1_VALUE_value(intname, i);
617 ltmp = ASN1_item_ex_i2d(&v, in,
618 ASN1_ITEM_rptr(X509_NAME_ENTRIES), -1, -1);
619 if (ltmp < 0)
620 return ltmp;
621 len += ltmp;
622 }
623 return len;
624}
625
626int
627X509_NAME_set(X509_NAME **xn, X509_NAME *name)
628{
629 X509_NAME *in;
630
631 if (!xn || !name)
632 return (0);
633
634 if (*xn != name) {
635 in = X509_NAME_dup(name);
636 if (in != NULL) {
637 X509_NAME_free(*xn);
638 *xn = in;
639 }
640 }
641 return (*xn != NULL);
642}
diff --git a/src/lib/libcrypto/asn1/x_nx509.c b/src/lib/libcrypto/asn1/x_nx509.c
deleted file mode 100644
index 7e18be8c79..0000000000
--- a/src/lib/libcrypto/asn1/x_nx509.c
+++ /dev/null
@@ -1,113 +0,0 @@
1/* $OpenBSD: x_nx509.c,v 1.6 2015/02/11 04:00:39 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2005.
4 */
5/* ====================================================================
6 * Copyright (c) 2005 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stddef.h>
60#include <openssl/x509.h>
61#include <openssl/asn1.h>
62#include <openssl/asn1t.h>
63
64/* Old netscape certificate wrapper format */
65
66static const ASN1_TEMPLATE NETSCAPE_X509_seq_tt[] = {
67 {
68 .offset = offsetof(NETSCAPE_X509, header),
69 .field_name = "header",
70 .item = &ASN1_OCTET_STRING_it,
71 },
72 {
73 .flags = ASN1_TFLG_OPTIONAL,
74 .offset = offsetof(NETSCAPE_X509, cert),
75 .field_name = "cert",
76 .item = &X509_it,
77 },
78};
79
80const ASN1_ITEM NETSCAPE_X509_it = {
81 .itype = ASN1_ITYPE_SEQUENCE,
82 .utype = V_ASN1_SEQUENCE,
83 .templates = NETSCAPE_X509_seq_tt,
84 .tcount = sizeof(NETSCAPE_X509_seq_tt) / sizeof(ASN1_TEMPLATE),
85 .size = sizeof(NETSCAPE_X509),
86 .sname = "NETSCAPE_X509",
87};
88
89
90NETSCAPE_X509 *
91d2i_NETSCAPE_X509(NETSCAPE_X509 **a, const unsigned char **in, long len)
92{
93 return (NETSCAPE_X509 *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
94 &NETSCAPE_X509_it);
95}
96
97int
98i2d_NETSCAPE_X509(NETSCAPE_X509 *a, unsigned char **out)
99{
100 return ASN1_item_i2d((ASN1_VALUE *)a, out, &NETSCAPE_X509_it);
101}
102
103NETSCAPE_X509 *
104NETSCAPE_X509_new(void)
105{
106 return (NETSCAPE_X509 *)ASN1_item_new(&NETSCAPE_X509_it);
107}
108
109void
110NETSCAPE_X509_free(NETSCAPE_X509 *a)
111{
112 ASN1_item_free((ASN1_VALUE *)a, &NETSCAPE_X509_it);
113}
diff --git a/src/lib/libcrypto/asn1/x_pkey.c b/src/lib/libcrypto/asn1/x_pkey.c
deleted file mode 100644
index 28e79858b5..0000000000
--- a/src/lib/libcrypto/asn1/x_pkey.c
+++ /dev/null
@@ -1,121 +0,0 @@
1/* $OpenBSD: x_pkey.c,v 1.18 2015/07/27 12:53:56 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <string.h>
61
62#include <openssl/err.h>
63#include <openssl/evp.h>
64#include <openssl/objects.h>
65#include <openssl/x509.h>
66
67X509_PKEY *
68X509_PKEY_new(void)
69{
70 X509_PKEY *ret = NULL;
71
72 if ((ret = malloc(sizeof(X509_PKEY))) == NULL) {
73 ASN1err(ASN1_F_X509_PKEY_NEW, ERR_R_MALLOC_FAILURE);
74 goto err;
75 }
76 ret->version = 0;
77 if ((ret->enc_algor = X509_ALGOR_new()) == NULL) {
78 ASN1err(ASN1_F_X509_PKEY_NEW, ERR_R_MALLOC_FAILURE);
79 goto err;
80 }
81 if ((ret->enc_pkey = M_ASN1_OCTET_STRING_new()) == NULL) {
82 ASN1err(ASN1_F_X509_PKEY_NEW, ERR_R_MALLOC_FAILURE);
83 goto err;
84 }
85 ret->dec_pkey = NULL;
86 ret->key_length = 0;
87 ret->key_data = NULL;
88 ret->key_free = 0;
89 ret->cipher.cipher = NULL;
90 memset(ret->cipher.iv, 0, EVP_MAX_IV_LENGTH);
91 ret->references = 1;
92 return (ret);
93
94err:
95 if (ret) {
96 X509_ALGOR_free(ret->enc_algor);
97 free(ret);
98 }
99 return NULL;
100}
101
102void
103X509_PKEY_free(X509_PKEY *x)
104{
105 int i;
106
107 if (x == NULL)
108 return;
109
110 i = CRYPTO_add(&x->references, -1, CRYPTO_LOCK_X509_PKEY);
111 if (i > 0)
112 return;
113
114 if (x->enc_algor != NULL)
115 X509_ALGOR_free(x->enc_algor);
116 M_ASN1_OCTET_STRING_free(x->enc_pkey);
117 EVP_PKEY_free(x->dec_pkey);
118 if ((x->key_data != NULL) && (x->key_free))
119 free(x->key_data);
120 free(x);
121}
diff --git a/src/lib/libcrypto/asn1/x_pubkey.c b/src/lib/libcrypto/asn1/x_pubkey.c
deleted file mode 100644
index 3bdbb5a536..0000000000
--- a/src/lib/libcrypto/asn1/x_pubkey.c
+++ /dev/null
@@ -1,430 +0,0 @@
1/* $OpenBSD: x_pubkey.c,v 1.25 2015/02/11 04:00:39 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#include <openssl/asn1t.h>
64#include <openssl/err.h>
65#include <openssl/x509.h>
66
67#ifndef OPENSSL_NO_DSA
68#include <openssl/dsa.h>
69#endif
70#ifndef OPENSSL_NO_RSA
71#include <openssl/rsa.h>
72#endif
73
74#include "asn1_locl.h"
75
76/* Minor tweak to operation: free up EVP_PKEY */
77static int
78pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
79{
80 if (operation == ASN1_OP_FREE_POST) {
81 X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
82 EVP_PKEY_free(pubkey->pkey);
83 }
84 return 1;
85}
86
87static const ASN1_AUX X509_PUBKEY_aux = {
88 .asn1_cb = pubkey_cb,
89};
90static const ASN1_TEMPLATE X509_PUBKEY_seq_tt[] = {
91 {
92 .offset = offsetof(X509_PUBKEY, algor),
93 .field_name = "algor",
94 .item = &X509_ALGOR_it,
95 },
96 {
97 .offset = offsetof(X509_PUBKEY, public_key),
98 .field_name = "public_key",
99 .item = &ASN1_BIT_STRING_it,
100 },
101};
102
103const ASN1_ITEM X509_PUBKEY_it = {
104 .itype = ASN1_ITYPE_SEQUENCE,
105 .utype = V_ASN1_SEQUENCE,
106 .templates = X509_PUBKEY_seq_tt,
107 .tcount = sizeof(X509_PUBKEY_seq_tt) / sizeof(ASN1_TEMPLATE),
108 .funcs = &X509_PUBKEY_aux,
109 .size = sizeof(X509_PUBKEY),
110 .sname = "X509_PUBKEY",
111};
112
113
114X509_PUBKEY *
115d2i_X509_PUBKEY(X509_PUBKEY **a, const unsigned char **in, long len)
116{
117 return (X509_PUBKEY *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
118 &X509_PUBKEY_it);
119}
120
121int
122i2d_X509_PUBKEY(X509_PUBKEY *a, unsigned char **out)
123{
124 return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_PUBKEY_it);
125}
126
127X509_PUBKEY *
128X509_PUBKEY_new(void)
129{
130 return (X509_PUBKEY *)ASN1_item_new(&X509_PUBKEY_it);
131}
132
133void
134X509_PUBKEY_free(X509_PUBKEY *a)
135{
136 ASN1_item_free((ASN1_VALUE *)a, &X509_PUBKEY_it);
137}
138
139int
140X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
141{
142 X509_PUBKEY *pk = NULL;
143
144 if (x == NULL)
145 return (0);
146 if ((pk = X509_PUBKEY_new()) == NULL)
147 goto error;
148
149 if (pkey->ameth) {
150 if (pkey->ameth->pub_encode) {
151 if (!pkey->ameth->pub_encode(pk, pkey)) {
152 X509err(X509_F_X509_PUBKEY_SET,
153 X509_R_PUBLIC_KEY_ENCODE_ERROR);
154 goto error;
155 }
156 } else {
157 X509err(X509_F_X509_PUBKEY_SET,
158 X509_R_METHOD_NOT_SUPPORTED);
159 goto error;
160 }
161 } else {
162 X509err(X509_F_X509_PUBKEY_SET, X509_R_UNSUPPORTED_ALGORITHM);
163 goto error;
164 }
165
166 if (*x != NULL)
167 X509_PUBKEY_free(*x);
168
169 *x = pk;
170
171 return 1;
172
173error:
174 if (pk != NULL)
175 X509_PUBKEY_free(pk);
176 return 0;
177}
178
179EVP_PKEY *
180X509_PUBKEY_get(X509_PUBKEY *key)
181{
182 EVP_PKEY *ret = NULL;
183
184 if (key == NULL)
185 goto error;
186
187 if (key->pkey != NULL) {
188 CRYPTO_add(&key->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
189 return key->pkey;
190 }
191
192 if (key->public_key == NULL)
193 goto error;
194
195 if ((ret = EVP_PKEY_new()) == NULL) {
196 X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
197 goto error;
198 }
199
200 if (!EVP_PKEY_set_type(ret, OBJ_obj2nid(key->algor->algorithm))) {
201 X509err(X509_F_X509_PUBKEY_GET, X509_R_UNSUPPORTED_ALGORITHM);
202 goto error;
203 }
204
205 if (ret->ameth->pub_decode) {
206 if (!ret->ameth->pub_decode(ret, key)) {
207 X509err(X509_F_X509_PUBKEY_GET,
208 X509_R_PUBLIC_KEY_DECODE_ERROR);
209 goto error;
210 }
211 } else {
212 X509err(X509_F_X509_PUBKEY_GET, X509_R_METHOD_NOT_SUPPORTED);
213 goto error;
214 }
215
216 /* Check to see if another thread set key->pkey first */
217 CRYPTO_w_lock(CRYPTO_LOCK_EVP_PKEY);
218 if (key->pkey) {
219 CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
220 EVP_PKEY_free(ret);
221 ret = key->pkey;
222 } else {
223 key->pkey = ret;
224 CRYPTO_w_unlock(CRYPTO_LOCK_EVP_PKEY);
225 }
226 CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY);
227
228 return ret;
229
230error:
231 EVP_PKEY_free(ret);
232 return (NULL);
233}
234
235/* Now two pseudo ASN1 routines that take an EVP_PKEY structure
236 * and encode or decode as X509_PUBKEY
237 */
238
239EVP_PKEY *
240d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp, long length)
241{
242 X509_PUBKEY *xpk;
243 EVP_PKEY *pktmp;
244 xpk = d2i_X509_PUBKEY(NULL, pp, length);
245 if (!xpk)
246 return NULL;
247 pktmp = X509_PUBKEY_get(xpk);
248 X509_PUBKEY_free(xpk);
249 if (!pktmp)
250 return NULL;
251 if (a) {
252 EVP_PKEY_free(*a);
253 *a = pktmp;
254 }
255 return pktmp;
256}
257
258int
259i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp)
260{
261 X509_PUBKEY *xpk = NULL;
262 int ret;
263 if (!a)
264 return 0;
265 if (!X509_PUBKEY_set(&xpk, a))
266 return 0;
267 ret = i2d_X509_PUBKEY(xpk, pp);
268 X509_PUBKEY_free(xpk);
269 return ret;
270}
271
272/* The following are equivalents but which return RSA and DSA
273 * keys
274 */
275#ifndef OPENSSL_NO_RSA
276RSA *
277d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp, long length)
278{
279 EVP_PKEY *pkey;
280 RSA *key;
281 const unsigned char *q;
282 q = *pp;
283 pkey = d2i_PUBKEY(NULL, &q, length);
284 if (!pkey)
285 return NULL;
286 key = EVP_PKEY_get1_RSA(pkey);
287 EVP_PKEY_free(pkey);
288 if (!key)
289 return NULL;
290 *pp = q;
291 if (a) {
292 RSA_free(*a);
293 *a = key;
294 }
295 return key;
296}
297
298int
299i2d_RSA_PUBKEY(RSA *a, unsigned char **pp)
300{
301 EVP_PKEY *pktmp;
302 int ret;
303 if (!a)
304 return 0;
305 pktmp = EVP_PKEY_new();
306 if (!pktmp) {
307 ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE);
308 return 0;
309 }
310 EVP_PKEY_set1_RSA(pktmp, a);
311 ret = i2d_PUBKEY(pktmp, pp);
312 EVP_PKEY_free(pktmp);
313 return ret;
314}
315#endif
316
317#ifndef OPENSSL_NO_DSA
318DSA *
319d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp, long length)
320{
321 EVP_PKEY *pkey;
322 DSA *key;
323 const unsigned char *q;
324 q = *pp;
325 pkey = d2i_PUBKEY(NULL, &q, length);
326 if (!pkey)
327 return NULL;
328 key = EVP_PKEY_get1_DSA(pkey);
329 EVP_PKEY_free(pkey);
330 if (!key)
331 return NULL;
332 *pp = q;
333 if (a) {
334 DSA_free(*a);
335 *a = key;
336 }
337 return key;
338}
339
340int
341i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
342{
343 EVP_PKEY *pktmp;
344 int ret;
345 if (!a)
346 return 0;
347 pktmp = EVP_PKEY_new();
348 if (!pktmp) {
349 ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE);
350 return 0;
351 }
352 EVP_PKEY_set1_DSA(pktmp, a);
353 ret = i2d_PUBKEY(pktmp, pp);
354 EVP_PKEY_free(pktmp);
355 return ret;
356}
357#endif
358
359#ifndef OPENSSL_NO_EC
360EC_KEY *
361d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length)
362{
363 EVP_PKEY *pkey;
364 EC_KEY *key;
365 const unsigned char *q;
366 q = *pp;
367 pkey = d2i_PUBKEY(NULL, &q, length);
368 if (!pkey)
369 return (NULL);
370 key = EVP_PKEY_get1_EC_KEY(pkey);
371 EVP_PKEY_free(pkey);
372 if (!key)
373 return (NULL);
374 *pp = q;
375 if (a) {
376 EC_KEY_free(*a);
377 *a = key;
378 }
379 return (key);
380}
381
382int
383i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp)
384{
385 EVP_PKEY *pktmp;
386 int ret;
387 if (!a)
388 return (0);
389 if ((pktmp = EVP_PKEY_new()) == NULL) {
390 ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE);
391 return (0);
392 }
393 EVP_PKEY_set1_EC_KEY(pktmp, a);
394 ret = i2d_PUBKEY(pktmp, pp);
395 EVP_PKEY_free(pktmp);
396 return (ret);
397}
398#endif
399
400int
401X509_PUBKEY_set0_param(X509_PUBKEY *pub, ASN1_OBJECT *aobj, int ptype,
402 void *pval, unsigned char *penc, int penclen)
403{
404 if (!X509_ALGOR_set0(pub->algor, aobj, ptype, pval))
405 return 0;
406 if (penc) {
407 free(pub->public_key->data);
408 pub->public_key->data = penc;
409 pub->public_key->length = penclen;
410 /* Set number of unused bits to zero */
411 pub->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
412 pub->public_key->flags |= ASN1_STRING_FLAG_BITS_LEFT;
413 }
414 return 1;
415}
416
417int
418X509_PUBKEY_get0_param(ASN1_OBJECT **ppkalg, const unsigned char **pk,
419 int *ppklen, X509_ALGOR **pa, X509_PUBKEY *pub)
420{
421 if (ppkalg)
422 *ppkalg = pub->algor->algorithm;
423 if (pk) {
424 *pk = pub->public_key->data;
425 *ppklen = pub->public_key->length;
426 }
427 if (pa)
428 *pa = pub->algor;
429 return 1;
430}
diff --git a/src/lib/libcrypto/asn1/x_req.c b/src/lib/libcrypto/asn1/x_req.c
deleted file mode 100644
index 5ffa11e2dd..0000000000
--- a/src/lib/libcrypto/asn1/x_req.c
+++ /dev/null
@@ -1,227 +0,0 @@
1/* $OpenBSD: x_req.c,v 1.15 2015/02/11 04:00:39 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/asn1t.h>
62#include <openssl/x509.h>
63
64/* X509_REQ_INFO is handled in an unusual way to get round
65 * invalid encodings. Some broken certificate requests don't
66 * encode the attributes field if it is empty. This is in
67 * violation of PKCS#10 but we need to tolerate it. We do
68 * this by making the attributes field OPTIONAL then using
69 * the callback to initialise it to an empty STACK.
70 *
71 * This means that the field will be correctly encoded unless
72 * we NULL out the field.
73 *
74 * As a result we no longer need the req_kludge field because
75 * the information is now contained in the attributes field:
76 * 1. If it is NULL then it's the invalid omission.
77 * 2. If it is empty it is the correct encoding.
78 * 3. If it is not empty then some attributes are present.
79 *
80 */
81
82static int
83rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
84{
85 X509_REQ_INFO *rinf = (X509_REQ_INFO *)*pval;
86
87 if (operation == ASN1_OP_NEW_POST) {
88 rinf->attributes = sk_X509_ATTRIBUTE_new_null();
89 if (!rinf->attributes)
90 return 0;
91 }
92 return 1;
93}
94
95static const ASN1_AUX X509_REQ_INFO_aux = {
96 .flags = ASN1_AFLG_ENCODING,
97 .asn1_cb = rinf_cb,
98 .enc_offset = offsetof(X509_REQ_INFO, enc),
99};
100static const ASN1_TEMPLATE X509_REQ_INFO_seq_tt[] = {
101 {
102 .offset = offsetof(X509_REQ_INFO, version),
103 .field_name = "version",
104 .item = &ASN1_INTEGER_it,
105 },
106 {
107 .offset = offsetof(X509_REQ_INFO, subject),
108 .field_name = "subject",
109 .item = &X509_NAME_it,
110 },
111 {
112 .offset = offsetof(X509_REQ_INFO, pubkey),
113 .field_name = "pubkey",
114 .item = &X509_PUBKEY_it,
115 },
116 /* This isn't really OPTIONAL but it gets round invalid
117 * encodings
118 */
119 {
120 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
121 .offset = offsetof(X509_REQ_INFO, attributes),
122 .field_name = "attributes",
123 .item = &X509_ATTRIBUTE_it,
124 },
125};
126
127const ASN1_ITEM X509_REQ_INFO_it = {
128 .itype = ASN1_ITYPE_SEQUENCE,
129 .utype = V_ASN1_SEQUENCE,
130 .templates = X509_REQ_INFO_seq_tt,
131 .tcount = sizeof(X509_REQ_INFO_seq_tt) / sizeof(ASN1_TEMPLATE),
132 .funcs = &X509_REQ_INFO_aux,
133 .size = sizeof(X509_REQ_INFO),
134 .sname = "X509_REQ_INFO",
135};
136
137
138X509_REQ_INFO *
139d2i_X509_REQ_INFO(X509_REQ_INFO **a, const unsigned char **in, long len)
140{
141 return (X509_REQ_INFO *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
142 &X509_REQ_INFO_it);
143}
144
145int
146i2d_X509_REQ_INFO(X509_REQ_INFO *a, unsigned char **out)
147{
148 return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_REQ_INFO_it);
149}
150
151X509_REQ_INFO *
152X509_REQ_INFO_new(void)
153{
154 return (X509_REQ_INFO *)ASN1_item_new(&X509_REQ_INFO_it);
155}
156
157void
158X509_REQ_INFO_free(X509_REQ_INFO *a)
159{
160 ASN1_item_free((ASN1_VALUE *)a, &X509_REQ_INFO_it);
161}
162
163static const ASN1_AUX X509_REQ_aux = {
164 .app_data = NULL,
165 .flags = ASN1_AFLG_REFCOUNT,
166 .ref_offset = offsetof(X509_REQ, references),
167 .ref_lock = CRYPTO_LOCK_X509_REQ,
168};
169static const ASN1_TEMPLATE X509_REQ_seq_tt[] = {
170 {
171 .offset = offsetof(X509_REQ, req_info),
172 .field_name = "req_info",
173 .item = &X509_REQ_INFO_it,
174 },
175 {
176 .offset = offsetof(X509_REQ, sig_alg),
177 .field_name = "sig_alg",
178 .item = &X509_ALGOR_it,
179 },
180 {
181 .offset = offsetof(X509_REQ, signature),
182 .field_name = "signature",
183 .item = &ASN1_BIT_STRING_it,
184 },
185};
186
187const ASN1_ITEM X509_REQ_it = {
188 .itype = ASN1_ITYPE_SEQUENCE,
189 .utype = V_ASN1_SEQUENCE,
190 .templates = X509_REQ_seq_tt,
191 .tcount = sizeof(X509_REQ_seq_tt) / sizeof(ASN1_TEMPLATE),
192 .funcs = &X509_REQ_aux,
193 .size = sizeof(X509_REQ),
194 .sname = "X509_REQ",
195};
196
197
198X509_REQ *
199d2i_X509_REQ(X509_REQ **a, const unsigned char **in, long len)
200{
201 return (X509_REQ *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
202 &X509_REQ_it);
203}
204
205int
206i2d_X509_REQ(X509_REQ *a, unsigned char **out)
207{
208 return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_REQ_it);
209}
210
211X509_REQ *
212X509_REQ_new(void)
213{
214 return (X509_REQ *)ASN1_item_new(&X509_REQ_it);
215}
216
217void
218X509_REQ_free(X509_REQ *a)
219{
220 ASN1_item_free((ASN1_VALUE *)a, &X509_REQ_it);
221}
222
223X509_REQ *
224X509_REQ_dup(X509_REQ *x)
225{
226 return ASN1_item_dup(&X509_REQ_it, x);
227}
diff --git a/src/lib/libcrypto/asn1/x_sig.c b/src/lib/libcrypto/asn1/x_sig.c
deleted file mode 100644
index 702bc40e55..0000000000
--- a/src/lib/libcrypto/asn1/x_sig.c
+++ /dev/null
@@ -1,110 +0,0 @@
1/* $OpenBSD: x_sig.c,v 1.11 2015/02/11 04:00:39 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/asn1t.h>
62#include <openssl/x509.h>
63
64static const ASN1_TEMPLATE X509_SIG_seq_tt[] = {
65 {
66 .offset = offsetof(X509_SIG, algor),
67 .field_name = "algor",
68 .item = &X509_ALGOR_it,
69 },
70 {
71 .offset = offsetof(X509_SIG, digest),
72 .field_name = "digest",
73 .item = &ASN1_OCTET_STRING_it,
74 },
75};
76
77const ASN1_ITEM X509_SIG_it = {
78 .itype = ASN1_ITYPE_SEQUENCE,
79 .utype = V_ASN1_SEQUENCE,
80 .templates = X509_SIG_seq_tt,
81 .tcount = sizeof(X509_SIG_seq_tt) / sizeof(ASN1_TEMPLATE),
82 .size = sizeof(X509_SIG),
83 .sname = "X509_SIG",
84};
85
86
87X509_SIG *
88d2i_X509_SIG(X509_SIG **a, const unsigned char **in, long len)
89{
90 return (X509_SIG *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
91 &X509_SIG_it);
92}
93
94int
95i2d_X509_SIG(X509_SIG *a, unsigned char **out)
96{
97 return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_SIG_it);
98}
99
100X509_SIG *
101X509_SIG_new(void)
102{
103 return (X509_SIG *)ASN1_item_new(&X509_SIG_it);
104}
105
106void
107X509_SIG_free(X509_SIG *a)
108{
109 ASN1_item_free((ASN1_VALUE *)a, &X509_SIG_it);
110}
diff --git a/src/lib/libcrypto/asn1/x_spki.c b/src/lib/libcrypto/asn1/x_spki.c
deleted file mode 100644
index 2aa860feb9..0000000000
--- a/src/lib/libcrypto/asn1/x_spki.c
+++ /dev/null
@@ -1,174 +0,0 @@
1/* $OpenBSD: x_spki.c,v 1.11 2015/02/11 04:00:39 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59 /* This module was send to me my Pat Richards <patr@x509.com> who
60 * wrote it. It is under my Copyright with his permission
61 */
62
63#include <stdio.h>
64
65#include <openssl/x509.h>
66#include <openssl/asn1t.h>
67
68static const ASN1_TEMPLATE NETSCAPE_SPKAC_seq_tt[] = {
69 {
70 .offset = offsetof(NETSCAPE_SPKAC, pubkey),
71 .field_name = "pubkey",
72 .item = &X509_PUBKEY_it,
73 },
74 {
75 .offset = offsetof(NETSCAPE_SPKAC, challenge),
76 .field_name = "challenge",
77 .item = &ASN1_IA5STRING_it,
78 },
79};
80
81const ASN1_ITEM NETSCAPE_SPKAC_it = {
82 .itype = ASN1_ITYPE_SEQUENCE,
83 .utype = V_ASN1_SEQUENCE,
84 .templates = NETSCAPE_SPKAC_seq_tt,
85 .tcount = sizeof(NETSCAPE_SPKAC_seq_tt) / sizeof(ASN1_TEMPLATE),
86 .size = sizeof(NETSCAPE_SPKAC),
87 .sname = "NETSCAPE_SPKAC",
88};
89
90
91NETSCAPE_SPKAC *
92d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a, const unsigned char **in, long len)
93{
94 return (NETSCAPE_SPKAC *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
95 &NETSCAPE_SPKAC_it);
96}
97
98int
99i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a, unsigned char **out)
100{
101 return ASN1_item_i2d((ASN1_VALUE *)a, out, &NETSCAPE_SPKAC_it);
102}
103
104NETSCAPE_SPKAC *
105NETSCAPE_SPKAC_new(void)
106{
107 return (NETSCAPE_SPKAC *)ASN1_item_new(&NETSCAPE_SPKAC_it);
108}
109
110void
111NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a)
112{
113 ASN1_item_free((ASN1_VALUE *)a, &NETSCAPE_SPKAC_it);
114}
115
116static const ASN1_TEMPLATE NETSCAPE_SPKI_seq_tt[] = {
117 {
118 .flags = 0,
119 .tag = 0,
120 .offset = offsetof(NETSCAPE_SPKI, spkac),
121 .field_name = "spkac",
122 .item = &NETSCAPE_SPKAC_it,
123 },
124 {
125 .flags = 0,
126 .tag = 0,
127 .offset = offsetof(NETSCAPE_SPKI, sig_algor),
128 .field_name = "sig_algor",
129 .item = &X509_ALGOR_it,
130 },
131 {
132 .flags = 0,
133 .tag = 0,
134 .offset = offsetof(NETSCAPE_SPKI, signature),
135 .field_name = "signature",
136 .item = &ASN1_BIT_STRING_it,
137 },
138};
139
140const ASN1_ITEM NETSCAPE_SPKI_it = {
141 .itype = ASN1_ITYPE_SEQUENCE,
142 .utype = V_ASN1_SEQUENCE,
143 .templates = NETSCAPE_SPKI_seq_tt,
144 .tcount = sizeof(NETSCAPE_SPKI_seq_tt) / sizeof(ASN1_TEMPLATE),
145 .funcs = NULL,
146 .size = sizeof(NETSCAPE_SPKI),
147 .sname = "NETSCAPE_SPKI",
148};
149
150
151NETSCAPE_SPKI *
152d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **a, const unsigned char **in, long len)
153{
154 return (NETSCAPE_SPKI *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
155 &NETSCAPE_SPKI_it);
156}
157
158int
159i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a, unsigned char **out)
160{
161 return ASN1_item_i2d((ASN1_VALUE *)a, out, &NETSCAPE_SPKI_it);
162}
163
164NETSCAPE_SPKI *
165NETSCAPE_SPKI_new(void)
166{
167 return (NETSCAPE_SPKI *)ASN1_item_new(&NETSCAPE_SPKI_it);
168}
169
170void
171NETSCAPE_SPKI_free(NETSCAPE_SPKI *a)
172{
173 ASN1_item_free((ASN1_VALUE *)a, &NETSCAPE_SPKI_it);
174}
diff --git a/src/lib/libcrypto/asn1/x_val.c b/src/lib/libcrypto/asn1/x_val.c
deleted file mode 100644
index eb2ba783bb..0000000000
--- a/src/lib/libcrypto/asn1/x_val.c
+++ /dev/null
@@ -1,110 +0,0 @@
1/* $OpenBSD: x_val.c,v 1.11 2015/02/11 04:00:39 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/asn1t.h>
62#include <openssl/x509.h>
63
64static const ASN1_TEMPLATE X509_VAL_seq_tt[] = {
65 {
66 .offset = offsetof(X509_VAL, notBefore),
67 .field_name = "notBefore",
68 .item = &ASN1_TIME_it,
69 },
70 {
71 .offset = offsetof(X509_VAL, notAfter),
72 .field_name = "notAfter",
73 .item = &ASN1_TIME_it,
74 },
75};
76
77const ASN1_ITEM X509_VAL_it = {
78 .itype = ASN1_ITYPE_SEQUENCE,
79 .utype = V_ASN1_SEQUENCE,
80 .templates = X509_VAL_seq_tt,
81 .tcount = sizeof(X509_VAL_seq_tt) / sizeof(ASN1_TEMPLATE),
82 .size = sizeof(X509_VAL),
83 .sname = "X509_VAL",
84};
85
86
87X509_VAL *
88d2i_X509_VAL(X509_VAL **a, const unsigned char **in, long len)
89{
90 return (X509_VAL *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
91 &X509_VAL_it);
92}
93
94int
95i2d_X509_VAL(X509_VAL *a, unsigned char **out)
96{
97 return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_VAL_it);
98}
99
100X509_VAL *
101X509_VAL_new(void)
102{
103 return (X509_VAL *)ASN1_item_new(&X509_VAL_it);
104}
105
106void
107X509_VAL_free(X509_VAL *a)
108{
109 ASN1_item_free((ASN1_VALUE *)a, &X509_VAL_it);
110}
diff --git a/src/lib/libcrypto/asn1/x_x509.c b/src/lib/libcrypto/asn1/x_x509.c
deleted file mode 100644
index 168c2c0fcd..0000000000
--- a/src/lib/libcrypto/asn1/x_x509.c
+++ /dev/null
@@ -1,346 +0,0 @@
1/* $OpenBSD: x_x509.c,v 1.24 2015/03/19 14:00:22 tedu Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60
61#include <openssl/opensslconf.h>
62
63#include <openssl/asn1t.h>
64#include <openssl/evp.h>
65#include <openssl/x509.h>
66#include <openssl/x509v3.h>
67
68static const ASN1_AUX X509_CINF_aux = {
69 .flags = ASN1_AFLG_ENCODING,
70 .enc_offset = offsetof(X509_CINF, enc),
71};
72static const ASN1_TEMPLATE X509_CINF_seq_tt[] = {
73 {
74 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
75 .offset = offsetof(X509_CINF, version),
76 .field_name = "version",
77 .item = &ASN1_INTEGER_it,
78 },
79 {
80 .offset = offsetof(X509_CINF, serialNumber),
81 .field_name = "serialNumber",
82 .item = &ASN1_INTEGER_it,
83 },
84 {
85 .offset = offsetof(X509_CINF, signature),
86 .field_name = "signature",
87 .item = &X509_ALGOR_it,
88 },
89 {
90 .offset = offsetof(X509_CINF, issuer),
91 .field_name = "issuer",
92 .item = &X509_NAME_it,
93 },
94 {
95 .offset = offsetof(X509_CINF, validity),
96 .field_name = "validity",
97 .item = &X509_VAL_it,
98 },
99 {
100 .offset = offsetof(X509_CINF, subject),
101 .field_name = "subject",
102 .item = &X509_NAME_it,
103 },
104 {
105 .offset = offsetof(X509_CINF, key),
106 .field_name = "key",
107 .item = &X509_PUBKEY_it,
108 },
109 {
110 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
111 .tag = 1,
112 .offset = offsetof(X509_CINF, issuerUID),
113 .field_name = "issuerUID",
114 .item = &ASN1_BIT_STRING_it,
115 },
116 {
117 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
118 .tag = 2,
119 .offset = offsetof(X509_CINF, subjectUID),
120 .field_name = "subjectUID",
121 .item = &ASN1_BIT_STRING_it,
122 },
123 {
124 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF |
125 ASN1_TFLG_OPTIONAL,
126 .tag = 3,
127 .offset = offsetof(X509_CINF, extensions),
128 .field_name = "extensions",
129 .item = &X509_EXTENSION_it,
130 },
131};
132
133const ASN1_ITEM X509_CINF_it = {
134 .itype = ASN1_ITYPE_SEQUENCE,
135 .utype = V_ASN1_SEQUENCE,
136 .templates = X509_CINF_seq_tt,
137 .tcount = sizeof(X509_CINF_seq_tt) / sizeof(ASN1_TEMPLATE),
138 .funcs = &X509_CINF_aux,
139 .size = sizeof(X509_CINF),
140 .sname = "X509_CINF",
141};
142
143
144X509_CINF *
145d2i_X509_CINF(X509_CINF **a, const unsigned char **in, long len)
146{
147 return (X509_CINF *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
148 &X509_CINF_it);
149}
150
151int
152i2d_X509_CINF(X509_CINF *a, unsigned char **out)
153{
154 return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_CINF_it);
155}
156
157X509_CINF *
158X509_CINF_new(void)
159{
160 return (X509_CINF *)ASN1_item_new(&X509_CINF_it);
161}
162
163void
164X509_CINF_free(X509_CINF *a)
165{
166 ASN1_item_free((ASN1_VALUE *)a, &X509_CINF_it);
167}
168/* X509 top level structure needs a bit of customisation */
169
170extern void policy_cache_free(X509_POLICY_CACHE *cache);
171
172static int
173x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
174{
175 X509 *ret = (X509 *)*pval;
176
177 switch (operation) {
178
179 case ASN1_OP_NEW_POST:
180 ret->valid = 0;
181 ret->name = NULL;
182 ret->ex_flags = 0;
183 ret->ex_pathlen = -1;
184 ret->skid = NULL;
185 ret->akid = NULL;
186 ret->aux = NULL;
187 ret->crldp = NULL;
188 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
189 break;
190
191 case ASN1_OP_D2I_POST:
192 free(ret->name);
193 ret->name = X509_NAME_oneline(ret->cert_info->subject, NULL, 0);
194 break;
195
196 case ASN1_OP_FREE_POST:
197 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
198 X509_CERT_AUX_free(ret->aux);
199 ASN1_OCTET_STRING_free(ret->skid);
200 AUTHORITY_KEYID_free(ret->akid);
201 CRL_DIST_POINTS_free(ret->crldp);
202 policy_cache_free(ret->policy_cache);
203 GENERAL_NAMES_free(ret->altname);
204 NAME_CONSTRAINTS_free(ret->nc);
205 free(ret->name);
206 ret->name = NULL;
207 break;
208 }
209
210 return 1;
211}
212
213static const ASN1_AUX X509_aux = {
214 .app_data = NULL,
215 .flags = ASN1_AFLG_REFCOUNT,
216 .ref_offset = offsetof(X509, references),
217 .ref_lock = CRYPTO_LOCK_X509,
218 .asn1_cb = x509_cb,
219};
220static const ASN1_TEMPLATE X509_seq_tt[] = {
221 {
222 .offset = offsetof(X509, cert_info),
223 .field_name = "cert_info",
224 .item = &X509_CINF_it,
225 },
226 {
227 .offset = offsetof(X509, sig_alg),
228 .field_name = "sig_alg",
229 .item = &X509_ALGOR_it,
230 },
231 {
232 .offset = offsetof(X509, signature),
233 .field_name = "signature",
234 .item = &ASN1_BIT_STRING_it,
235 },
236};
237
238const ASN1_ITEM X509_it = {
239 .itype = ASN1_ITYPE_SEQUENCE,
240 .utype = V_ASN1_SEQUENCE,
241 .templates = X509_seq_tt,
242 .tcount = sizeof(X509_seq_tt) / sizeof(ASN1_TEMPLATE),
243 .funcs = &X509_aux,
244 .size = sizeof(X509),
245 .sname = "X509",
246};
247
248
249X509 *
250d2i_X509(X509 **a, const unsigned char **in, long len)
251{
252 return (X509 *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
253 &X509_it);
254}
255
256int
257i2d_X509(X509 *a, unsigned char **out)
258{
259 return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_it);
260}
261
262X509 *
263X509_new(void)
264{
265 return (X509 *)ASN1_item_new(&X509_it);
266}
267
268void
269X509_free(X509 *a)
270{
271 ASN1_item_free((ASN1_VALUE *)a, &X509_it);
272}
273
274X509 *
275X509_dup(X509 *x)
276{
277 return ASN1_item_dup(&X509_it, x);
278}
279
280int
281X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
282 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
283{
284 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, argl, argp,
285 new_func, dup_func, free_func);
286}
287
288int
289X509_set_ex_data(X509 *r, int idx, void *arg)
290{
291 return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
292}
293
294void *
295X509_get_ex_data(X509 *r, int idx)
296{
297 return (CRYPTO_get_ex_data(&r->ex_data, idx));
298}
299
300/* X509_AUX ASN1 routines. X509_AUX is the name given to
301 * a certificate with extra info tagged on the end. Since these
302 * functions set how a certificate is trusted they should only
303 * be used when the certificate comes from a reliable source
304 * such as local storage.
305 *
306 */
307
308X509 *
309d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
310{
311 const unsigned char *q;
312 X509 *ret;
313
314 /* Save start position */
315 q = *pp;
316 ret = d2i_X509(NULL, pp, length);
317 /* If certificate unreadable then forget it */
318 if (!ret)
319 return NULL;
320 /* update length */
321 length -= *pp - q;
322 if (length > 0) {
323 if (!d2i_X509_CERT_AUX(&ret->aux, pp, length))
324 goto err;
325 }
326 if (a != NULL) {
327 X509_free(*a);
328 *a = ret;
329 }
330 return ret;
331
332err:
333 X509_free(ret);
334 return NULL;
335}
336
337int
338i2d_X509_AUX(X509 *a, unsigned char **pp)
339{
340 int length;
341
342 length = i2d_X509(a, pp);
343 if (a)
344 length += i2d_X509_CERT_AUX(a->aux, pp);
345 return length;
346}
diff --git a/src/lib/libcrypto/asn1/x_x509a.c b/src/lib/libcrypto/asn1/x_x509a.c
deleted file mode 100644
index 29817915b6..0000000000
--- a/src/lib/libcrypto/asn1/x_x509a.c
+++ /dev/null
@@ -1,325 +0,0 @@
1/* $OpenBSD: x_x509a.c,v 1.14 2015/02/14 15:28:39 miod Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999.
4 */
5/* ====================================================================
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * licensing@OpenSSL.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59#include <stdio.h>
60
61#include <openssl/asn1t.h>
62#include <openssl/evp.h>
63#include <openssl/x509.h>
64
65/* X509_CERT_AUX routines. These are used to encode additional
66 * user modifiable data about a certificate. This data is
67 * appended to the X509 encoding when the *_X509_AUX routines
68 * are used. This means that the "traditional" X509 routines
69 * will simply ignore the extra data.
70 */
71
72static X509_CERT_AUX *aux_get(X509 *x);
73
74static const ASN1_TEMPLATE X509_CERT_AUX_seq_tt[] = {
75 {
76 .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
77 .offset = offsetof(X509_CERT_AUX, trust),
78 .field_name = "trust",
79 .item = &ASN1_OBJECT_it,
80 },
81 {
82 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF |
83 ASN1_TFLG_OPTIONAL,
84 .tag = 0,
85 .offset = offsetof(X509_CERT_AUX, reject),
86 .field_name = "reject",
87 .item = &ASN1_OBJECT_it,
88 },
89 {
90 .flags = ASN1_TFLG_OPTIONAL,
91 .offset = offsetof(X509_CERT_AUX, alias),
92 .field_name = "alias",
93 .item = &ASN1_UTF8STRING_it,
94 },
95 {
96 .flags = ASN1_TFLG_OPTIONAL,
97 .offset = offsetof(X509_CERT_AUX, keyid),
98 .field_name = "keyid",
99 .item = &ASN1_OCTET_STRING_it,
100 },
101 {
102 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF |
103 ASN1_TFLG_OPTIONAL,
104 .tag = 1,
105 .offset = offsetof(X509_CERT_AUX, other),
106 .field_name = "other",
107 .item = &X509_ALGOR_it,
108 },
109};
110
111const ASN1_ITEM X509_CERT_AUX_it = {
112 .itype = ASN1_ITYPE_SEQUENCE,
113 .utype = V_ASN1_SEQUENCE,
114 .templates = X509_CERT_AUX_seq_tt,
115 .tcount = sizeof(X509_CERT_AUX_seq_tt) / sizeof(ASN1_TEMPLATE),
116 .size = sizeof(X509_CERT_AUX),
117 .sname = "X509_CERT_AUX",
118};
119
120
121X509_CERT_AUX *
122d2i_X509_CERT_AUX(X509_CERT_AUX **a, const unsigned char **in, long len)
123{
124 return (X509_CERT_AUX *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
125 &X509_CERT_AUX_it);
126}
127
128int
129i2d_X509_CERT_AUX(X509_CERT_AUX *a, unsigned char **out)
130{
131 return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_CERT_AUX_it);
132}
133
134X509_CERT_AUX *
135X509_CERT_AUX_new(void)
136{
137 return (X509_CERT_AUX *)ASN1_item_new(&X509_CERT_AUX_it);
138}
139
140void
141X509_CERT_AUX_free(X509_CERT_AUX *a)
142{
143 ASN1_item_free((ASN1_VALUE *)a, &X509_CERT_AUX_it);
144}
145
146static X509_CERT_AUX *
147aux_get(X509 *x)
148{
149 if (!x)
150 return NULL;
151 if (!x->aux && !(x->aux = X509_CERT_AUX_new()))
152 return NULL;
153 return x->aux;
154}
155
156int
157X509_alias_set1(X509 *x, unsigned char *name, int len)
158{
159 X509_CERT_AUX *aux;
160 if (!name) {
161 if (!x || !x->aux || !x->aux->alias)
162 return 1;
163 ASN1_UTF8STRING_free(x->aux->alias);
164 x->aux->alias = NULL;
165 return 1;
166 }
167 if (!(aux = aux_get(x)))
168 return 0;
169 if (!aux->alias && !(aux->alias = ASN1_UTF8STRING_new()))
170 return 0;
171 return ASN1_STRING_set(aux->alias, name, len);
172}
173
174int
175X509_keyid_set1(X509 *x, unsigned char *id, int len)
176{
177 X509_CERT_AUX *aux;
178 if (!id) {
179 if (!x || !x->aux || !x->aux->keyid)
180 return 1;
181 ASN1_OCTET_STRING_free(x->aux->keyid);
182 x->aux->keyid = NULL;
183 return 1;
184 }
185 if (!(aux = aux_get(x)))
186 return 0;
187 if (!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new()))
188 return 0;
189 return ASN1_STRING_set(aux->keyid, id, len);
190}
191
192unsigned char *
193X509_alias_get0(X509 *x, int *len)
194{
195 if (!x->aux || !x->aux->alias)
196 return NULL;
197 if (len)
198 *len = x->aux->alias->length;
199 return x->aux->alias->data;
200}
201
202unsigned char *
203X509_keyid_get0(X509 *x, int *len)
204{
205 if (!x->aux || !x->aux->keyid)
206 return NULL;
207 if (len)
208 *len = x->aux->keyid->length;
209 return x->aux->keyid->data;
210}
211
212int
213X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj)
214{
215 X509_CERT_AUX *aux;
216 ASN1_OBJECT *objtmp;
217 int rc;
218
219 if (!(objtmp = OBJ_dup(obj)))
220 return 0;
221 if (!(aux = aux_get(x)))
222 goto err;
223 if (!aux->trust && !(aux->trust = sk_ASN1_OBJECT_new_null()))
224 goto err;
225 rc = sk_ASN1_OBJECT_push(aux->trust, objtmp);
226 if (rc != 0)
227 return rc;
228
229err:
230 ASN1_OBJECT_free(objtmp);
231 return 0;
232}
233
234int
235X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj)
236{
237 X509_CERT_AUX *aux;
238 ASN1_OBJECT *objtmp;
239 int rc;
240
241 if (!(objtmp = OBJ_dup(obj)))
242 return 0;
243 if (!(aux = aux_get(x)))
244 goto err;
245 if (!aux->reject && !(aux->reject = sk_ASN1_OBJECT_new_null()))
246 goto err;
247 rc = sk_ASN1_OBJECT_push(aux->reject, objtmp);
248 if (rc != 0)
249 return rc;
250
251err:
252 ASN1_OBJECT_free(objtmp);
253 return 0;
254}
255
256void
257X509_trust_clear(X509 *x)
258{
259 if (x->aux && x->aux->trust) {
260 sk_ASN1_OBJECT_pop_free(x->aux->trust, ASN1_OBJECT_free);
261 x->aux->trust = NULL;
262 }
263}
264
265void
266X509_reject_clear(X509 *x)
267{
268 if (x->aux && x->aux->reject) {
269 sk_ASN1_OBJECT_pop_free(x->aux->reject, ASN1_OBJECT_free);
270 x->aux->reject = NULL;
271 }
272}
273
274static const ASN1_TEMPLATE X509_CERT_PAIR_seq_tt[] = {
275 {
276 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
277 .tag = 0,
278 .offset = offsetof(X509_CERT_PAIR, forward),
279 .field_name = "forward",
280 .item = &X509_it,
281 },
282 {
283 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
284 .tag = 1,
285 .offset = offsetof(X509_CERT_PAIR, reverse),
286 .field_name = "reverse",
287 .item = &X509_it,
288 },
289};
290
291const ASN1_ITEM X509_CERT_PAIR_it = {
292 .itype = ASN1_ITYPE_SEQUENCE,
293 .utype = V_ASN1_SEQUENCE,
294 .templates = X509_CERT_PAIR_seq_tt,
295 .tcount = sizeof(X509_CERT_PAIR_seq_tt) / sizeof(ASN1_TEMPLATE),
296 .funcs = NULL,
297 .size = sizeof(X509_CERT_PAIR),
298 .sname = "X509_CERT_PAIR",
299};
300
301
302X509_CERT_PAIR *
303d2i_X509_CERT_PAIR(X509_CERT_PAIR **a, const unsigned char **in, long len)
304{
305 return (X509_CERT_PAIR *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
306 &X509_CERT_PAIR_it);
307}
308
309int
310i2d_X509_CERT_PAIR(X509_CERT_PAIR *a, unsigned char **out)
311{
312 return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_CERT_PAIR_it);
313}
314
315X509_CERT_PAIR *
316X509_CERT_PAIR_new(void)
317{
318 return (X509_CERT_PAIR *)ASN1_item_new(&X509_CERT_PAIR_it);
319}
320
321void
322X509_CERT_PAIR_free(X509_CERT_PAIR *a)
323{
324 ASN1_item_free((ASN1_VALUE *)a, &X509_CERT_PAIR_it);
325}
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-23 15:09:34 +0000