summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/asn1
diff options
context:
space:
mode:
authormarkus <>2002-09-05 12:51:50 +0000
committermarkus <>2002-09-05 12:51:50 +0000
commit15b5d84f9da2ce4bfae8580e56e34a859f74ad71 (patch)
treebf939e82d7fd73cc8a01cf6959002209972091bc /src/lib/libcrypto/asn1
parent027351f729b9e837200dae6e1520cda6577ab930 (diff)
downloadopenbsd-15b5d84f9da2ce4bfae8580e56e34a859f74ad71.tar.gz
openbsd-15b5d84f9da2ce4bfae8580e56e34a859f74ad71.tar.bz2
openbsd-15b5d84f9da2ce4bfae8580e56e34a859f74ad71.zip
import openssl-0.9.7-beta1
Diffstat (limited to 'src/lib/libcrypto/asn1')
-rw-r--r--src/lib/libcrypto/asn1/a_bitstr.c120
-rw-r--r--src/lib/libcrypto/asn1/a_bool.c17
-rw-r--r--src/lib/libcrypto/asn1/a_bytes.c78
-rw-r--r--src/lib/libcrypto/asn1/a_d2i_fp.c87
-rw-r--r--src/lib/libcrypto/asn1/a_digest.c49
-rw-r--r--src/lib/libcrypto/asn1/a_dup.c37
-rw-r--r--src/lib/libcrypto/asn1/a_enum.c182
-rw-r--r--src/lib/libcrypto/asn1/a_i2d_fp.c70
-rw-r--r--src/lib/libcrypto/asn1/a_int.c281
-rw-r--r--src/lib/libcrypto/asn1/a_mbstr.c20
-rw-r--r--src/lib/libcrypto/asn1/a_object.c195
-rw-r--r--src/lib/libcrypto/asn1/a_octet.c33
-rw-r--r--src/lib/libcrypto/asn1/a_print.c56
-rw-r--r--src/lib/libcrypto/asn1/a_set.c117
-rw-r--r--src/lib/libcrypto/asn1/a_sign.c195
-rw-r--r--src/lib/libcrypto/asn1/a_strex.c32
-rw-r--r--src/lib/libcrypto/asn1/a_strnid.c29
-rw-r--r--src/lib/libcrypto/asn1/a_time.c79
-rw-r--r--src/lib/libcrypto/asn1/a_type.c256
-rw-r--r--src/lib/libcrypto/asn1/a_utf8.c162
-rw-r--r--src/lib/libcrypto/asn1/a_verify.c92
-rw-r--r--src/lib/libcrypto/asn1/asn1.h1180
-rw-r--r--src/lib/libcrypto/asn1/asn1_err.c308
-rw-r--r--src/lib/libcrypto/asn1/asn1_lib.c154
-rw-r--r--src/lib/libcrypto/asn1/asn1_mac.h377
-rw-r--r--src/lib/libcrypto/asn1/asn1_par.c198
-rw-r--r--src/lib/libcrypto/asn1/asn_pack.c56
-rw-r--r--src/lib/libcrypto/asn1/d2i_pr.c56
-rw-r--r--src/lib/libcrypto/asn1/d2i_pu.c33
-rw-r--r--src/lib/libcrypto/asn1/evp_asn1.c62
-rw-r--r--src/lib/libcrypto/asn1/f_enum.c6
-rw-r--r--src/lib/libcrypto/asn1/f_int.c39
-rw-r--r--src/lib/libcrypto/asn1/f_string.c32
-rw-r--r--src/lib/libcrypto/asn1/i2d_pr.c20
-rw-r--r--src/lib/libcrypto/asn1/i2d_pu.c20
-rw-r--r--src/lib/libcrypto/asn1/n_pkey.c346
-rw-r--r--src/lib/libcrypto/asn1/nsseq.c64
-rw-r--r--src/lib/libcrypto/asn1/p5_pbe.c52
-rw-r--r--src/lib/libcrypto/asn1/p5_pbev2.c137
-rw-r--r--src/lib/libcrypto/asn1/p8_pkey.c81
-rw-r--r--src/lib/libcrypto/asn1/t_crl.c49
-rw-r--r--src/lib/libcrypto/asn1/t_pkey.c117
-rw-r--r--src/lib/libcrypto/asn1/t_req.c112
-rw-r--r--src/lib/libcrypto/asn1/t_spki.c6
-rw-r--r--src/lib/libcrypto/asn1/t_x509.c424
-rw-r--r--src/lib/libcrypto/asn1/t_x509a.c10
-rw-r--r--src/lib/libcrypto/asn1/x_algor.c179
-rw-r--r--src/lib/libcrypto/asn1/x_attrib.c128
-rw-r--r--src/lib/libcrypto/asn1/x_crl.c371
-rw-r--r--src/lib/libcrypto/asn1/x_exten.c209
-rw-r--r--src/lib/libcrypto/asn1/x_info.c19
-rw-r--r--src/lib/libcrypto/asn1/x_long.c10
-rw-r--r--src/lib/libcrypto/asn1/x_name.c371
-rw-r--r--src/lib/libcrypto/asn1/x_pkey.c35
-rw-r--r--src/lib/libcrypto/asn1/x_pubkey.c236
-rw-r--r--src/lib/libcrypto/asn1/x_req.c223
-rw-r--r--src/lib/libcrypto/asn1/x_sig.c64
-rw-r--r--src/lib/libcrypto/asn1/x_spki.c128
-rw-r--r--src/lib/libcrypto/asn1/x_val.c63
-rw-r--r--src/lib/libcrypto/asn1/x_x509.c187
-rw-r--r--src/lib/libcrypto/asn1/x_x509a.c83
61 files changed, 4178 insertions, 4254 deletions
diff --git a/src/lib/libcrypto/asn1/a_bitstr.c b/src/lib/libcrypto/asn1/a_bitstr.c
index 2c10120651..ed0bdfbde1 100644
--- a/src/lib/libcrypto/asn1/a_bitstr.c
+++ b/src/lib/libcrypto/asn1/a_bitstr.c
@@ -58,78 +58,86 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "asn1.h" 61#include <openssl/asn1.h>
62 62
63/* ASN1err(ASN1_F_ASN1_STRING_NEW,ASN1_R_STRING_TOO_SHORT); 63int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len)
64 * ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,ASN1_R_EXPECTING_A_BIT_STRING); 64{ return M_ASN1_BIT_STRING_set(x, d, len); }
65 */
66 65
67int i2d_ASN1_BIT_STRING(a,pp) 66int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
68ASN1_BIT_STRING *a;
69unsigned char **pp;
70 { 67 {
71 int ret,j,r,bits; 68 int ret,j,bits,len;
72 unsigned char *p,*d; 69 unsigned char *p,*d;
73 70
74 if (a == NULL) return(0); 71 if (a == NULL) return(0);
75 72
76 /* our bit strings are always a multiple of 8 :-) */ 73 len=a->length;
77 bits=0; 74
78 ret=1+a->length; 75 if (len > 0)
79 r=ASN1_object_size(0,ret,V_ASN1_BIT_STRING); 76 {
80 if (pp == NULL) return(r); 77 if (a->flags & ASN1_STRING_FLAG_BITS_LEFT)
78 {
79 bits=(int)a->flags&0x07;
80 }
81 else
82 {
83 for ( ; len > 0; len--)
84 {
85 if (a->data[len-1]) break;
86 }
87 j=a->data[len-1];
88 if (j & 0x01) bits=0;
89 else if (j & 0x02) bits=1;
90 else if (j & 0x04) bits=2;
91 else if (j & 0x08) bits=3;
92 else if (j & 0x10) bits=4;
93 else if (j & 0x20) bits=5;
94 else if (j & 0x40) bits=6;
95 else if (j & 0x80) bits=7;
96 else bits=0; /* should not happen */
97 }
98 }
99 else
100 bits=0;
101
102 ret=1+len;
103 if (pp == NULL) return(ret);
104
81 p= *pp; 105 p= *pp;
82 106
83 ASN1_put_object(&p,0,ret,V_ASN1_BIT_STRING,V_ASN1_UNIVERSAL); 107 *(p++)=(unsigned char)bits;
84 if (bits == 0)
85 j=0;
86 else j=8-bits;
87 *(p++)=(unsigned char)j;
88 d=a->data; 108 d=a->data;
89 memcpy(p,d,a->length); 109 memcpy(p,d,len);
90 p+=a->length; 110 p+=len;
91 if (a->length > 0) p[-1]&=(0xff<<j); 111 if (len > 0) p[-1]&=(0xff<<bits);
92 *pp=p; 112 *pp=p;
93 return(r); 113 return(ret);
94 } 114 }
95 115
96ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(a, pp, length) 116ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, unsigned char **pp,
97ASN1_BIT_STRING **a; 117 long len)
98unsigned char **pp;
99long length;
100 { 118 {
101 ASN1_BIT_STRING *ret=NULL; 119 ASN1_BIT_STRING *ret=NULL;
102 unsigned char *p,*s; 120 unsigned char *p,*s;
103 long len;
104 int inf,tag,xclass;
105 int i; 121 int i;
106 122
107 if ((a == NULL) || ((*a) == NULL)) 123 if ((a == NULL) || ((*a) == NULL))
108 { 124 {
109 if ((ret=ASN1_BIT_STRING_new()) == NULL) return(NULL); 125 if ((ret=M_ASN1_BIT_STRING_new()) == NULL) return(NULL);
110 } 126 }
111 else 127 else
112 ret=(*a); 128 ret=(*a);
113 129
114 p= *pp; 130 p= *pp;
115 inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
116 if (inf & 0x80)
117 {
118 i=ASN1_R_BAD_OBJECT_HEADER;
119 goto err;
120 }
121
122 if (tag != V_ASN1_BIT_STRING)
123 {
124 i=ASN1_R_EXPECTING_A_BIT_STRING;
125 goto err;
126 }
127 if (len < 1) { i=ASN1_R_STRING_TOO_SHORT; goto err; }
128
129 i= *(p++); 131 i= *(p++);
132 /* We do this to preserve the settings. If we modify
133 * the settings, via the _set_bit function, we will recalculate
134 * on output */
135 ret->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear */
136 ret->flags|=(ASN1_STRING_FLAG_BITS_LEFT|(i&0x07)); /* set */
137
130 if (len-- > 1) /* using one because of the bits left byte */ 138 if (len-- > 1) /* using one because of the bits left byte */
131 { 139 {
132 s=(unsigned char *)Malloc((int)len); 140 s=(unsigned char *)OPENSSL_malloc((int)len);
133 if (s == NULL) 141 if (s == NULL)
134 { 142 {
135 i=ERR_R_MALLOC_FAILURE; 143 i=ERR_R_MALLOC_FAILURE;
@@ -143,7 +151,7 @@ long length;
143 s=NULL; 151 s=NULL;
144 152
145 ret->length=(int)len; 153 ret->length=(int)len;
146 if (ret->data != NULL) Free((char *)ret->data); 154 if (ret->data != NULL) OPENSSL_free(ret->data);
147 ret->data=s; 155 ret->data=s;
148 ret->type=V_ASN1_BIT_STRING; 156 ret->type=V_ASN1_BIT_STRING;
149 if (a != NULL) (*a)=ret; 157 if (a != NULL) (*a)=ret;
@@ -152,16 +160,13 @@ long length;
152err: 160err:
153 ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i); 161 ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i);
154 if ((ret != NULL) && ((a == NULL) || (*a != ret))) 162 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
155 ASN1_BIT_STRING_free(ret); 163 M_ASN1_BIT_STRING_free(ret);
156 return(NULL); 164 return(NULL);
157 } 165 }
158 166
159/* These next 2 functions from Goetz Babin-Ebell <babinebell@trustcenter.de> 167/* These next 2 functions from Goetz Babin-Ebell <babinebell@trustcenter.de>
160 */ 168 */
161int ASN1_BIT_STRING_set_bit(a,n,value) 169int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value)
162ASN1_BIT_STRING *a;
163int n;
164int value;
165 { 170 {
166 int w,v,iv; 171 int w,v,iv;
167 unsigned char *c; 172 unsigned char *c;
@@ -169,29 +174,30 @@ int value;
169 w=n/8; 174 w=n/8;
170 v=1<<(7-(n&0x07)); 175 v=1<<(7-(n&0x07));
171 iv= ~v; 176 iv= ~v;
177 if (!value) v=0;
178
179 a->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear, set on write */
172 180
173 if (a == NULL) return(0); 181 if (a == NULL) return(0);
174 if ((a->length < (w+1)) || (a->data == NULL)) 182 if ((a->length < (w+1)) || (a->data == NULL))
175 { 183 {
176 if (!value) return(1); /* Don't need to set */ 184 if (!value) return(1); /* Don't need to set */
177 if (a->data == NULL) 185 if (a->data == NULL)
178 c=(unsigned char *)Malloc(w+1); 186 c=(unsigned char *)OPENSSL_malloc(w+1);
179 else 187 else
180 c=(unsigned char *)Realloc(a->data,w+1); 188 c=(unsigned char *)OPENSSL_realloc(a->data,w+1);
181 if (c == NULL) return(0); 189 if (c == NULL) return(0);
190 if (w+1-a->length > 0) memset(c+a->length, 0, w+1-a->length);
182 a->data=c; 191 a->data=c;
183 a->length=w+1; 192 a->length=w+1;
184 c[w]=0; 193 }
185 }
186 a->data[w]=((a->data[w])&iv)|v; 194 a->data[w]=((a->data[w])&iv)|v;
187 while ((a->length > 0) && (a->data[a->length-1] == 0)) 195 while ((a->length > 0) && (a->data[a->length-1] == 0))
188 a->length--; 196 a->length--;
189 return(1); 197 return(1);
190 } 198 }
191 199
192int ASN1_BIT_STRING_get_bit(a,n) 200int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n)
193ASN1_BIT_STRING *a;
194int n;
195 { 201 {
196 int w,v; 202 int w,v;
197 203
diff --git a/src/lib/libcrypto/asn1/a_bool.c b/src/lib/libcrypto/asn1/a_bool.c
index 41a95aa278..24333ea4d5 100644
--- a/src/lib/libcrypto/asn1/a_bool.c
+++ b/src/lib/libcrypto/asn1/a_bool.c
@@ -58,15 +58,9 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "asn1.h" 61#include <openssl/asn1t.h>
62 62
63/* ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,ASN1_R_EXPECTING_A_BOOLEAN); 63int i2d_ASN1_BOOLEAN(int a, unsigned char **pp)
64 * ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,ASN1_R_BOOLEAN_IS_WRONG_LENGTH);
65 */
66
67int i2d_ASN1_BOOLEAN(a,pp)
68int a;
69unsigned char **pp;
70 { 64 {
71 int r; 65 int r;
72 unsigned char *p; 66 unsigned char *p;
@@ -81,10 +75,7 @@ unsigned char **pp;
81 return(r); 75 return(r);
82 } 76 }
83 77
84int d2i_ASN1_BOOLEAN(a, pp, length) 78int d2i_ASN1_BOOLEAN(int *a, unsigned char **pp, long length)
85int *a;
86unsigned char **pp;
87long length;
88 { 79 {
89 int ret= -1; 80 int ret= -1;
90 unsigned char *p; 81 unsigned char *p;
@@ -119,3 +110,5 @@ err:
119 ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,i); 110 ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,i);
120 return(ret); 111 return(ret);
121 } 112 }
113
114
diff --git a/src/lib/libcrypto/asn1/a_bytes.c b/src/lib/libcrypto/asn1/a_bytes.c
index 14168d61ad..bb88660f58 100644
--- a/src/lib/libcrypto/asn1/a_bytes.c
+++ b/src/lib/libcrypto/asn1/a_bytes.c
@@ -58,38 +58,13 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "asn1_mac.h" 61#include <openssl/asn1.h>
62 62
63/* ASN1err(ASN1_F_ASN1_TYPE_NEW,ASN1_R_ERROR_STACK); 63static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c);
64 * ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,ASN1_R_ERROR_STACK); 64/* type is a 'bitmap' of acceptable string types.
65 * ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,ASN1_R_WRONG_TYPE);
66 * ASN1err(ASN1_F_ASN1_COLLATE_PRIMATIVE,ASN1_R_WRONG_TAG);
67 */ 65 */
68 66ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, unsigned char **pp,
69static unsigned long tag2bit[32]={ 67 long length, int type)
700, 0, 0, B_ASN1_BIT_STRING, /* tags 0 - 3 */
71B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,/* tags 4- 7 */
72B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 8-11 */
73B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 12-15 */
740, 0, B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING,
75B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING,0,
760,B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING,
77B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_BMPSTRING,B_ASN1_UNKNOWN,
78 };
79
80#ifndef NOPROTO
81static int asn1_collate_primative(ASN1_STRING *a, ASN1_CTX *c);
82#else
83static int asn1_collate_primative();
84#endif
85
86/* type is a 'bitmap' of acceptable string types to be accepted.
87 */
88ASN1_STRING *d2i_ASN1_type_bytes(a, pp, length, type)
89ASN1_STRING **a;
90unsigned char **pp;
91long length;
92int type;
93 { 68 {
94 ASN1_STRING *ret=NULL; 69 ASN1_STRING *ret=NULL;
95 unsigned char *p,*s; 70 unsigned char *p,*s;
@@ -106,7 +81,7 @@ int type;
106 i=ASN1_R_TAG_VALUE_TOO_HIGH;; 81 i=ASN1_R_TAG_VALUE_TOO_HIGH;;
107 goto err; 82 goto err;
108 } 83 }
109 if (!(tag2bit[tag] & type)) 84 if (!(ASN1_tag2bit(tag) & type))
110 { 85 {
111 i=ASN1_R_WRONG_TYPE; 86 i=ASN1_R_WRONG_TYPE;
112 goto err; 87 goto err;
@@ -125,7 +100,7 @@ int type;
125 100
126 if (len != 0) 101 if (len != 0)
127 { 102 {
128 s=(unsigned char *)Malloc((int)len+1); 103 s=(unsigned char *)OPENSSL_malloc((int)len+1);
129 if (s == NULL) 104 if (s == NULL)
130 { 105 {
131 i=ERR_R_MALLOC_FAILURE; 106 i=ERR_R_MALLOC_FAILURE;
@@ -138,7 +113,7 @@ int type;
138 else 113 else
139 s=NULL; 114 s=NULL;
140 115
141 if (ret->data != NULL) Free((char *)ret->data); 116 if (ret->data != NULL) OPENSSL_free(ret->data);
142 ret->length=(int)len; 117 ret->length=(int)len;
143 ret->data=s; 118 ret->data=s;
144 ret->type=tag; 119 ret->type=tag;
@@ -152,11 +127,7 @@ err:
152 return(NULL); 127 return(NULL);
153 } 128 }
154 129
155int i2d_ASN1_bytes(a, pp, tag, xclass) 130int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass)
156ASN1_STRING *a;
157unsigned char **pp;
158int tag;
159int xclass;
160 { 131 {
161 int ret,r,constructed; 132 int ret,r,constructed;
162 unsigned char *p; 133 unsigned char *p;
@@ -182,12 +153,8 @@ int xclass;
182 return(r); 153 return(r);
183 } 154 }
184 155
185ASN1_STRING *d2i_ASN1_bytes(a, pp, length, Ptag, Pclass) 156ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, long length,
186ASN1_STRING **a; 157 int Ptag, int Pclass)
187unsigned char **pp;
188long length;
189int Ptag;
190int Pclass;
191 { 158 {
192 ASN1_STRING *ret=NULL; 159 ASN1_STRING *ret=NULL;
193 unsigned char *p,*s; 160 unsigned char *p,*s;
@@ -227,7 +194,7 @@ int Pclass;
227 c.tag=Ptag; 194 c.tag=Ptag;
228 c.xclass=Pclass; 195 c.xclass=Pclass;
229 c.max=(length == 0)?0:(p+length); 196 c.max=(length == 0)?0:(p+length);
230 if (!asn1_collate_primative(ret,&c)) 197 if (!asn1_collate_primitive(ret,&c))
231 goto err; 198 goto err;
232 else 199 else
233 { 200 {
@@ -240,8 +207,8 @@ int Pclass;
240 { 207 {
241 if ((ret->length < len) || (ret->data == NULL)) 208 if ((ret->length < len) || (ret->data == NULL))
242 { 209 {
243 if (ret->data != NULL) Free((char *)ret->data); 210 if (ret->data != NULL) OPENSSL_free(ret->data);
244 s=(unsigned char *)Malloc((int)len); 211 s=(unsigned char *)OPENSSL_malloc((int)len + 1);
245 if (s == NULL) 212 if (s == NULL)
246 { 213 {
247 i=ERR_R_MALLOC_FAILURE; 214 i=ERR_R_MALLOC_FAILURE;
@@ -251,12 +218,13 @@ int Pclass;
251 else 218 else
252 s=ret->data; 219 s=ret->data;
253 memcpy(s,p,(int)len); 220 memcpy(s,p,(int)len);
221 s[len] = '\0';
254 p+=len; 222 p+=len;
255 } 223 }
256 else 224 else
257 { 225 {
258 s=NULL; 226 s=NULL;
259 if (ret->data != NULL) Free((char *)ret->data); 227 if (ret->data != NULL) OPENSSL_free(ret->data);
260 } 228 }
261 229
262 ret->length=(int)len; 230 ret->length=(int)len;
@@ -275,13 +243,11 @@ err:
275 } 243 }
276 244
277 245
278/* We are about to parse 0..n d2i_ASN1_bytes objects, we are to collapes 246/* We are about to parse 0..n d2i_ASN1_bytes objects, we are to collapse
279 * them into the one struture that is then returned */ 247 * them into the one structure that is then returned */
280/* There have been a few bug fixes for this function from 248/* There have been a few bug fixes for this function from
281 * Paul Keogh <paul.keogh@sse.ie>, many thanks to him */ 249 * Paul Keogh <paul.keogh@sse.ie>, many thanks to him */
282static int asn1_collate_primative(a,c) 250static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c)
283ASN1_STRING *a;
284ASN1_CTX *c;
285 { 251 {
286 ASN1_STRING *os=NULL; 252 ASN1_STRING *os=NULL;
287 BUF_MEM b; 253 BUF_MEM b;
@@ -333,14 +299,14 @@ ASN1_CTX *c;
333 if (!asn1_Finish(c)) goto err; 299 if (!asn1_Finish(c)) goto err;
334 300
335 a->length=num; 301 a->length=num;
336 if (a->data != NULL) Free(a->data); 302 if (a->data != NULL) OPENSSL_free(a->data);
337 a->data=(unsigned char *)b.data; 303 a->data=(unsigned char *)b.data;
338 if (os != NULL) ASN1_STRING_free(os); 304 if (os != NULL) ASN1_STRING_free(os);
339 return(1); 305 return(1);
340err: 306err:
341 ASN1err(ASN1_F_ASN1_COLLATE_PRIMATIVE,c->error); 307 ASN1err(ASN1_F_ASN1_COLLATE_PRIMITIVE,c->error);
342 if (os != NULL) ASN1_STRING_free(os); 308 if (os != NULL) ASN1_STRING_free(os);
343 if (b.data != NULL) Free(b.data); 309 if (b.data != NULL) OPENSSL_free(b.data);
344 return(0); 310 return(0);
345 } 311 }
346 312
diff --git a/src/lib/libcrypto/asn1/a_d2i_fp.c b/src/lib/libcrypto/asn1/a_d2i_fp.c
index d952836a91..a80fbe9ff7 100644
--- a/src/lib/libcrypto/asn1/a_d2i_fp.c
+++ b/src/lib/libcrypto/asn1/a_d2i_fp.c
@@ -58,17 +58,16 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "buffer.h" 61#include <openssl/buffer.h>
62#include "asn1_mac.h" 62#include <openssl/asn1_mac.h>
63 63
64#define HEADER_SIZE 8 64static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb);
65
66#ifndef NO_OLD_ASN1
67#ifndef OPENSSL_NO_FP_API
65 68
66#ifndef NO_FP_API 69char *ASN1_d2i_fp(char *(*xnew)(), char *(*d2i)(), FILE *in,
67char *ASN1_d2i_fp(xnew,d2i,in,x) 70 unsigned char **x)
68char *(*xnew)();
69char *(*d2i)();
70FILE *in;
71unsigned char **x;
72 { 71 {
73 BIO *b; 72 BIO *b;
74 char *ret; 73 char *ret;
@@ -85,16 +84,68 @@ unsigned char **x;
85 } 84 }
86#endif 85#endif
87 86
88char *ASN1_d2i_bio(xnew,d2i,in,x) 87char *ASN1_d2i_bio(char *(*xnew)(), char *(*d2i)(), BIO *in,
89char *(*xnew)(); 88 unsigned char **x)
90char *(*d2i)(); 89 {
91BIO *in; 90 BUF_MEM *b = NULL;
92unsigned char **x; 91 unsigned char *p;
92 char *ret=NULL;
93 int len;
94
95 len = asn1_d2i_read_bio(in, &b);
96 if(len < 0) goto err;
97
98 p=(unsigned char *)b->data;
99 ret=d2i(x,&p,len);
100err:
101 if (b != NULL) BUF_MEM_free(b);
102 return(ret);
103 }
104
105#endif
106
107void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x)
108 {
109 BUF_MEM *b = NULL;
110 unsigned char *p;
111 void *ret=NULL;
112 int len;
113
114 len = asn1_d2i_read_bio(in, &b);
115 if(len < 0) goto err;
116
117 p=(unsigned char *)b->data;
118 ret=ASN1_item_d2i(x,&p,len, it);
119err:
120 if (b != NULL) BUF_MEM_free(b);
121 return(ret);
122 }
123
124#ifndef OPENSSL_NO_FP_API
125void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x)
126 {
127 BIO *b;
128 char *ret;
129
130 if ((b=BIO_new(BIO_s_file())) == NULL)
131 {
132 ASN1err(ASN1_F_ASN1_D2I_FP,ERR_R_BUF_LIB);
133 return(NULL);
134 }
135 BIO_set_fp(b,in,BIO_NOCLOSE);
136 ret=ASN1_item_d2i_bio(it,b,x);
137 BIO_free(b);
138 return(ret);
139 }
140#endif
141
142#define HEADER_SIZE 8
143static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
93 { 144 {
94 BUF_MEM *b; 145 BUF_MEM *b;
95 unsigned char *p; 146 unsigned char *p;
96 int i; 147 int i;
97 char *ret=NULL; 148 int ret=-1;
98 ASN1_CTX c; 149 ASN1_CTX c;
99 int want=HEADER_SIZE; 150 int want=HEADER_SIZE;
100 int eos=0; 151 int eos=0;
@@ -105,7 +156,7 @@ unsigned char **x;
105 if (b == NULL) 156 if (b == NULL)
106 { 157 {
107 ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); 158 ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
108 return(NULL); 159 return -1;
109 } 160 }
110 161
111 ERR_clear_error(); 162 ERR_clear_error();
@@ -193,8 +244,8 @@ unsigned char **x;
193 } 244 }
194 } 245 }
195 246
196 p=(unsigned char *)b->data; 247 *pb = b;
197 ret=d2i(x,&p,off); 248 return off;
198err: 249err:
199 if (b != NULL) BUF_MEM_free(b); 250 if (b != NULL) BUF_MEM_free(b);
200 return(ret); 251 return(ret);
diff --git a/src/lib/libcrypto/asn1/a_digest.c b/src/lib/libcrypto/asn1/a_digest.c
index 8ddb65b0dc..4931e222a0 100644
--- a/src/lib/libcrypto/asn1/a_digest.c
+++ b/src/lib/libcrypto/asn1/a_digest.c
@@ -58,34 +58,49 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include <time.h> 60#include <time.h>
61#include <sys/types.h>
62#include <sys/stat.h>
63 61
64#include "cryptlib.h" 62#include "cryptlib.h"
65#include "evp.h"
66#include "x509.h"
67#include "buffer.h"
68 63
69int ASN1_digest(i2d,type,data,md,len) 64#ifndef NO_SYS_TYPES_H
70int (*i2d)(); 65# include <sys/types.h>
71EVP_MD *type; 66#endif
72char *data; 67
73unsigned char *md; 68#include <openssl/evp.h>
74unsigned int *len; 69#include <openssl/buffer.h>
70#include <openssl/x509.h>
71
72#ifndef NO_ASN1_OLD
73
74int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data,
75 unsigned char *md, unsigned int *len)
75 { 76 {
76 EVP_MD_CTX ctx;
77 int i; 77 int i;
78 unsigned char *str,*p; 78 unsigned char *str,*p;
79 79
80 i=i2d(data,NULL); 80 i=i2d(data,NULL);
81 if ((str=(unsigned char *)Malloc(i)) == NULL) return(0); 81 if ((str=(unsigned char *)OPENSSL_malloc(i)) == NULL) return(0);
82 p=str; 82 p=str;
83 i2d(data,&p); 83 i2d(data,&p);
84 84
85 EVP_DigestInit(&ctx,type); 85 EVP_Digest(str, i, md, len, type, NULL);
86 EVP_DigestUpdate(&ctx,str,i); 86 OPENSSL_free(str);
87 EVP_DigestFinal(&ctx,md,len); 87 return(1);
88 Free(str); 88 }
89
90#endif
91
92
93int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn,
94 unsigned char *md, unsigned int *len)
95 {
96 int i;
97 unsigned char *str = NULL;
98
99 i=ASN1_item_i2d(asn,&str, it);
100 if (!str) return(0);
101
102 EVP_Digest(str, i, md, len, type, NULL);
103 OPENSSL_free(str);
89 return(1); 104 return(1);
90 } 105 }
91 106
diff --git a/src/lib/libcrypto/asn1/a_dup.c b/src/lib/libcrypto/asn1/a_dup.c
index 961b4cb069..58a017884c 100644
--- a/src/lib/libcrypto/asn1/a_dup.c
+++ b/src/lib/libcrypto/asn1/a_dup.c
@@ -58,14 +58,11 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "asn1_mac.h" 61#include <openssl/asn1.h>
62 62
63#define READ_CHUNK 2048 63#ifndef NO_OLD_ASN1
64 64
65char *ASN1_dup(i2d,d2i,x) 65char *ASN1_dup(int (*i2d)(), char *(*d2i)(), char *x)
66int (*i2d)();
67char *(*d2i)();
68char *x;
69 { 66 {
70 unsigned char *b,*p; 67 unsigned char *b,*p;
71 long i; 68 long i;
@@ -74,13 +71,37 @@ char *x;
74 if (x == NULL) return(NULL); 71 if (x == NULL) return(NULL);
75 72
76 i=(long)i2d(x,NULL); 73 i=(long)i2d(x,NULL);
77 b=(unsigned char *)Malloc((unsigned int)i+10); 74 b=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
78 if (b == NULL) 75 if (b == NULL)
79 { ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); } 76 { ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); }
80 p= b; 77 p= b;
81 i=i2d(x,&p); 78 i=i2d(x,&p);
82 p= b; 79 p= b;
83 ret=d2i(NULL,&p,i); 80 ret=d2i(NULL,&p,i);
84 Free((char *)b); 81 OPENSSL_free(b);
82 return(ret);
83 }
84
85#endif
86
87/* ASN1_ITEM version of dup: this follows the model above except we don't need
88 * to allocate the buffer. At some point this could be rewritten to directly dup
89 * the underlying structure instead of doing and encode and decode.
90 */
91
92void *ASN1_item_dup(const ASN1_ITEM *it, void *x)
93 {
94 unsigned char *b = NULL, *p;
95 long i;
96 void *ret;
97
98 if (x == NULL) return(NULL);
99
100 i=ASN1_item_i2d(x,&b,it);
101 if (b == NULL)
102 { ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); }
103 p= b;
104 ret=ASN1_item_d2i(NULL,&p,i, it);
105 OPENSSL_free(b);
85 return(ret); 106 return(ret);
86 } 107 }
diff --git a/src/lib/libcrypto/asn1/a_enum.c b/src/lib/libcrypto/asn1/a_enum.c
index 9239ecc439..ad8f0ffd1a 100644
--- a/src/lib/libcrypto/asn1/a_enum.c
+++ b/src/lib/libcrypto/asn1/a_enum.c
@@ -65,162 +65,6 @@
65 * for comments on encoding see a_int.c 65 * for comments on encoding see a_int.c
66 */ 66 */
67 67
68int i2d_ASN1_ENUMERATED(ASN1_ENUMERATED *a, unsigned char **pp)
69 {
70 int pad=0,ret,r,i,t;
71 unsigned char *p,*n,pb=0;
72
73 if ((a == NULL) || (a->data == NULL)) return(0);
74 t=a->type;
75 if (a->length == 0)
76 ret=1;
77 else
78 {
79 ret=a->length;
80 i=a->data[0];
81 if ((t == V_ASN1_ENUMERATED) && (i > 127)) {
82 pad=1;
83 pb=0;
84 } else if(t == V_ASN1_NEG_ENUMERATED) {
85 if(i>128) {
86 pad=1;
87 pb=0xFF;
88 } else if(i == 128) {
89 for(i = 1; i < a->length; i++) if(a->data[i]) {
90 pad=1;
91 pb=0xFF;
92 break;
93 }
94 }
95 }
96 ret+=pad;
97 }
98 r=ASN1_object_size(0,ret,V_ASN1_ENUMERATED);
99 if (pp == NULL) return(r);
100 p= *pp;
101
102 ASN1_put_object(&p,0,ret,V_ASN1_ENUMERATED,V_ASN1_UNIVERSAL);
103 if (pad) *(p++)=pb;
104 if (a->length == 0)
105 *(p++)=0;
106 else if (t == V_ASN1_ENUMERATED)
107 {
108 memcpy(p,a->data,(unsigned int)a->length);
109 p+=a->length;
110 }
111 else {
112 /* Begin at the end of the encoding */
113 n=a->data + a->length - 1;
114 p += a->length - 1;
115 i = a->length;
116 /* Copy zeros to destination as long as source is zero */
117 while(!*n) {
118 *(p--) = 0;
119 n--;
120 i--;
121 }
122 /* Complement and increment next octet */
123 *(p--) = ((*(n--)) ^ 0xff) + 1;
124 i--;
125 /* Complement any octets left */
126 for(;i > 0; i--) *(p--) = *(n--) ^ 0xff;
127 p += a->length;
128 }
129
130 *pp=p;
131 return(r);
132 }
133
134ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a, unsigned char **pp,
135 long length)
136 {
137 ASN1_ENUMERATED *ret=NULL;
138 unsigned char *p,*to,*s;
139 long len;
140 int inf,tag,xclass;
141 int i;
142
143 if ((a == NULL) || ((*a) == NULL))
144 {
145 if ((ret=ASN1_ENUMERATED_new()) == NULL) return(NULL);
146 ret->type=V_ASN1_ENUMERATED;
147 }
148 else
149 ret=(*a);
150
151 p= *pp;
152 inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
153 if (inf & 0x80)
154 {
155 i=ASN1_R_BAD_OBJECT_HEADER;
156 goto err;
157 }
158
159 if (tag != V_ASN1_ENUMERATED)
160 {
161 i=ASN1_R_EXPECTING_AN_ENUMERATED;
162 goto err;
163 }
164
165 /* We must Malloc stuff, even for 0 bytes otherwise it
166 * signifies a missing NULL parameter. */
167 s=(unsigned char *)Malloc((int)len+1);
168 if (s == NULL)
169 {
170 i=ERR_R_MALLOC_FAILURE;
171 goto err;
172 }
173 to=s;
174 if (*p & 0x80) /* a negative number */
175 {
176 ret->type=V_ASN1_NEG_ENUMERATED;
177 if ((*p == 0xff) && (len != 1)) {
178 p++;
179 len--;
180 }
181 i = len;
182 p += i - 1;
183 to += i - 1;
184 while((!*p) && i) {
185 *(to--) = 0;
186 i--;
187 p--;
188 }
189 if(!i) {
190 *s = 1;
191 s[len] = 0;
192 p += len;
193 len++;
194 } else {
195 *(to--) = (*(p--) ^ 0xff) + 1;
196 i--;
197 for(;i > 0; i--) *(to--) = *(p--) ^ 0xff;
198 p += len;
199 }
200 } else {
201 ret->type=V_ASN1_ENUMERATED;
202 if ((*p == 0) && (len != 1))
203 {
204 p++;
205 len--;
206 }
207 memcpy(s,p,(int)len);
208 p+=len;
209 }
210
211 if (ret->data != NULL) Free((char *)ret->data);
212 ret->data=s;
213 ret->length=(int)len;
214 if (a != NULL) (*a)=ret;
215 *pp=p;
216 return(ret);
217err:
218 ASN1err(ASN1_F_D2I_ASN1_ENUMERATED,i);
219 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
220 ASN1_ENUMERATED_free(ret);
221 return(NULL);
222 }
223
224int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v) 68int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v)
225 { 69 {
226 int i,j,k; 70 int i,j,k;
@@ -231,8 +75,8 @@ int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v)
231 if (a->length < (sizeof(long)+1)) 75 if (a->length < (sizeof(long)+1))
232 { 76 {
233 if (a->data != NULL) 77 if (a->data != NULL)
234 Free((char *)a->data); 78 OPENSSL_free(a->data);
235 if ((a->data=(unsigned char *)Malloc(sizeof(long)+1)) != NULL) 79 if ((a->data=(unsigned char *)OPENSSL_malloc(sizeof(long)+1)) != NULL)
236 memset((char *)a->data,0,sizeof(long)+1); 80 memset((char *)a->data,0,sizeof(long)+1);
237 } 81 }
238 if (a->data == NULL) 82 if (a->data == NULL)
@@ -270,7 +114,7 @@ long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a)
270 if (i == V_ASN1_NEG_ENUMERATED) 114 if (i == V_ASN1_NEG_ENUMERATED)
271 neg=1; 115 neg=1;
272 else if (i != V_ASN1_ENUMERATED) 116 else if (i != V_ASN1_ENUMERATED)
273 return(0); 117 return -1;
274 118
275 if (a->length > sizeof(long)) 119 if (a->length > sizeof(long))
276 { 120 {
@@ -278,7 +122,7 @@ long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a)
278 return(0xffffffffL); 122 return(0xffffffffL);
279 } 123 }
280 if (a->data == NULL) 124 if (a->data == NULL)
281 return(0); 125 return 0;
282 126
283 for (i=0; i<a->length; i++) 127 for (i=0; i<a->length; i++)
284 { 128 {
@@ -295,7 +139,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai)
295 int len,j; 139 int len,j;
296 140
297 if (ai == NULL) 141 if (ai == NULL)
298 ret=ASN1_ENUMERATED_new(); 142 ret=M_ASN1_ENUMERATED_new();
299 else 143 else
300 ret=ai; 144 ret=ai;
301 if (ret == NULL) 145 if (ret == NULL)
@@ -307,11 +151,21 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai)
307 else ret->type=V_ASN1_ENUMERATED; 151 else ret->type=V_ASN1_ENUMERATED;
308 j=BN_num_bits(bn); 152 j=BN_num_bits(bn);
309 len=((j == 0)?0:((j/8)+1)); 153 len=((j == 0)?0:((j/8)+1));
310 ret->data=(unsigned char *)Malloc(len+4); 154 if (ret->length < len+4)
155 {
156 unsigned char *new_data=OPENSSL_realloc(ret->data, len+4);
157 if (!new_data)
158 {
159 ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
160 goto err;
161 }
162 ret->data=new_data;
163 }
164
311 ret->length=BN_bn2bin(bn,ret->data); 165 ret->length=BN_bn2bin(bn,ret->data);
312 return(ret); 166 return(ret);
313err: 167err:
314 if (ret != ai) ASN1_ENUMERATED_free(ret); 168 if (ret != ai) M_ASN1_ENUMERATED_free(ret);
315 return(NULL); 169 return(NULL);
316 } 170 }
317 171
@@ -321,6 +175,6 @@ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn)
321 175
322 if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL) 176 if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
323 ASN1err(ASN1_F_ASN1_ENUMERATED_TO_BN,ASN1_R_BN_LIB); 177 ASN1err(ASN1_F_ASN1_ENUMERATED_TO_BN,ASN1_R_BN_LIB);
324 if(ai->type == V_ASN1_NEG_ENUMERATED) bn->neg = 1; 178 else if(ai->type == V_ASN1_NEG_ENUMERATED) ret->neg = 1;
325 return(ret); 179 return(ret);
326 } 180 }
diff --git a/src/lib/libcrypto/asn1/a_i2d_fp.c b/src/lib/libcrypto/asn1/a_i2d_fp.c
index 66c3df68d5..f4f1b73ebe 100644
--- a/src/lib/libcrypto/asn1/a_i2d_fp.c
+++ b/src/lib/libcrypto/asn1/a_i2d_fp.c
@@ -58,14 +58,13 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "buffer.h" 61#include <openssl/buffer.h>
62#include "asn1_mac.h" 62#include <openssl/asn1.h>
63 63
64#ifndef NO_FP_API 64#ifndef NO_OLD_ASN1
65int ASN1_i2d_fp(i2d,out,x) 65
66int (*i2d)(); 66#ifndef OPENSSL_NO_FP_API
67FILE *out; 67int ASN1_i2d_fp(int (*i2d)(), FILE *out, unsigned char *x)
68unsigned char *x;
69 { 68 {
70 BIO *b; 69 BIO *b;
71 int ret; 70 int ret;
@@ -82,17 +81,14 @@ unsigned char *x;
82 } 81 }
83#endif 82#endif
84 83
85int ASN1_i2d_bio(i2d,out,x) 84int ASN1_i2d_bio(int (*i2d)(), BIO *out, unsigned char *x)
86int (*i2d)();
87BIO *out;
88unsigned char *x;
89 { 85 {
90 char *b; 86 char *b;
91 unsigned char *p; 87 unsigned char *p;
92 int i,j=0,n,ret=1; 88 int i,j=0,n,ret=1;
93 89
94 n=i2d(x,NULL); 90 n=i2d(x,NULL);
95 b=(char *)Malloc(n); 91 b=(char *)OPENSSL_malloc(n);
96 if (b == NULL) 92 if (b == NULL)
97 { 93 {
98 ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE); 94 ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE);
@@ -114,6 +110,54 @@ unsigned char *x;
114 j+=i; 110 j+=i;
115 n-=i; 111 n-=i;
116 } 112 }
117 Free((char *)b); 113 OPENSSL_free(b);
114 return(ret);
115 }
116
117#endif
118
119#ifndef OPENSSL_NO_FP_API
120int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x)
121 {
122 BIO *b;
123 int ret;
124
125 if ((b=BIO_new(BIO_s_file())) == NULL)
126 {
127 ASN1err(ASN1_F_ASN1_I2D_FP,ERR_R_BUF_LIB);
128 return(0);
129 }
130 BIO_set_fp(b,out,BIO_NOCLOSE);
131 ret=ASN1_item_i2d_bio(it,b,x);
132 BIO_free(b);
133 return(ret);
134 }
135#endif
136
137int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x)
138 {
139 unsigned char *b = NULL;
140 int i,j=0,n,ret=1;
141
142 n = ASN1_item_i2d(x, &b, it);
143 if (b == NULL)
144 {
145 ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE);
146 return(0);
147 }
148
149 for (;;)
150 {
151 i=BIO_write(out,&(b[j]),n);
152 if (i == n) break;
153 if (i <= 0)
154 {
155 ret=0;
156 break;
157 }
158 j+=i;
159 n-=i;
160 }
161 OPENSSL_free(b);
118 return(ret); 162 return(ret);
119 } 163 }
diff --git a/src/lib/libcrypto/asn1/a_int.c b/src/lib/libcrypto/asn1/a_int.c
index df79cf99bb..edb243c021 100644
--- a/src/lib/libcrypto/asn1/a_int.c
+++ b/src/lib/libcrypto/asn1/a_int.c
@@ -58,68 +58,197 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "asn1.h" 61#include <openssl/asn1.h>
62 62
63/* ASN1err(ASN1_F_D2I_ASN1_INTEGER,ASN1_R_EXPECTING_AN_INTEGER); 63ASN1_INTEGER *ASN1_INTEGER_dup(ASN1_INTEGER *x)
64{ return M_ASN1_INTEGER_dup(x);}
65
66int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y)
67{ return M_ASN1_INTEGER_cmp(x,y);}
68
69/*
70 * This converts an ASN1 INTEGER into its content encoding.
71 * The internal representation is an ASN1_STRING whose data is a big endian
72 * representation of the value, ignoring the sign. The sign is determined by
73 * the type: V_ASN1_INTEGER for positive and V_ASN1_NEG_INTEGER for negative.
74 *
75 * Positive integers are no problem: they are almost the same as the DER
76 * encoding, except if the first byte is >= 0x80 we need to add a zero pad.
77 *
78 * Negative integers are a bit trickier...
79 * The DER representation of negative integers is in 2s complement form.
80 * The internal form is converted by complementing each octet and finally
81 * adding one to the result. This can be done less messily with a little trick.
82 * If the internal form has trailing zeroes then they will become FF by the
83 * complement and 0 by the add one (due to carry) so just copy as many trailing
84 * zeros to the destination as there are in the source. The carry will add one
85 * to the last none zero octet: so complement this octet and add one and finally
86 * complement any left over until you get to the start of the string.
87 *
88 * Padding is a little trickier too. If the first bytes is > 0x80 then we pad
89 * with 0xff. However if the first byte is 0x80 and one of the following bytes
90 * is non-zero we pad with 0xff. The reason for this distinction is that 0x80
91 * followed by optional zeros isn't padded.
64 */ 92 */
65 93
66int i2d_ASN1_INTEGER(a,pp) 94int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
67ASN1_INTEGER *a;
68unsigned char **pp;
69 { 95 {
70 int pad=0,ret,r,i,t; 96 int pad=0,ret,i,neg;
71 unsigned char *p,*pt,*n,pb=0; 97 unsigned char *p,*n,pb=0;
72 98
73 if ((a == NULL) || (a->data == NULL)) return(0); 99 if ((a == NULL) || (a->data == NULL)) return(0);
74 t=a->type; 100 neg=a->type & V_ASN1_NEG;
75 if (a->length == 0) 101 if (a->length == 0)
76 ret=1; 102 ret=1;
77 else 103 else
78 { 104 {
79 ret=a->length; 105 ret=a->length;
80 i=a->data[0]; 106 i=a->data[0];
81 if ((t == V_ASN1_INTEGER) && (i > 127)) 107 if (!neg && (i > 127)) {
82 {
83 pad=1; 108 pad=1;
84 pb=0; 109 pb=0;
110 } else if(neg) {
111 if(i>128) {
112 pad=1;
113 pb=0xFF;
114 } else if(i == 128) {
115 /*
116 * Special case: if any other bytes non zero we pad:
117 * otherwise we don't.
118 */
119 for(i = 1; i < a->length; i++) if(a->data[i]) {
120 pad=1;
121 pb=0xFF;
122 break;
123 }
85 } 124 }
86 else if ((t == V_ASN1_NEG_INTEGER) && (i>128)) 125 }
87 {
88 pad=1;
89 pb=0xFF;
90 }
91 ret+=pad; 126 ret+=pad;
92 } 127 }
93 r=ASN1_object_size(0,ret,V_ASN1_INTEGER); 128 if (pp == NULL) return(ret);
94 if (pp == NULL) return(r);
95 p= *pp; 129 p= *pp;
96 130
97 ASN1_put_object(&p,0,ret,V_ASN1_INTEGER,V_ASN1_UNIVERSAL);
98 if (pad) *(p++)=pb; 131 if (pad) *(p++)=pb;
99 if (a->length == 0) 132 if (a->length == 0) *(p++)=0;
100 *(p++)=0; 133 else if (!neg) memcpy(p,a->data,(unsigned int)a->length);
101 else if (t == V_ASN1_INTEGER) 134 else {
135 /* Begin at the end of the encoding */
136 n=a->data + a->length - 1;
137 p += a->length - 1;
138 i = a->length;
139 /* Copy zeros to destination as long as source is zero */
140 while(!*n) {
141 *(p--) = 0;
142 n--;
143 i--;
144 }
145 /* Complement and increment next octet */
146 *(p--) = ((*(n--)) ^ 0xff) + 1;
147 i--;
148 /* Complement any octets left */
149 for(;i > 0; i--) *(p--) = *(n--) ^ 0xff;
150 }
151
152 *pp+=ret;
153 return(ret);
154 }
155
156/* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */
157
158ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp,
159 long len)
160 {
161 ASN1_INTEGER *ret=NULL;
162 unsigned char *p,*to,*s, *pend;
163 int i;
164
165 if ((a == NULL) || ((*a) == NULL))
102 { 166 {
103 memcpy(p,a->data,(unsigned int)a->length); 167 if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL);
104 p+=a->length; 168 ret->type=V_ASN1_INTEGER;
105 } 169 }
106 else 170 else
171 ret=(*a);
172
173 p= *pp;
174 pend = p + len;
175
176 /* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it
177 * signifies a missing NULL parameter. */
178 s=(unsigned char *)OPENSSL_malloc((int)len+1);
179 if (s == NULL)
107 { 180 {
108 n=a->data; 181 i=ERR_R_MALLOC_FAILURE;
109 pt=p; 182 goto err;
110 for (i=a->length; i>0; i--)
111 *(p++)= (*(n++)^0xFF)+1;
112 if (!pad) *pt|=0x80;
113 } 183 }
184 to=s;
185 if(!len) {
186 /* Strictly speaking this is an illegal INTEGER but we
187 * tolerate it.
188 */
189 ret->type=V_ASN1_INTEGER;
190 } else if (*p & 0x80) /* a negative number */
191 {
192 ret->type=V_ASN1_NEG_INTEGER;
193 if ((*p == 0xff) && (len != 1)) {
194 p++;
195 len--;
196 }
197 i = len;
198 p += i - 1;
199 to += i - 1;
200 while((!*p) && i) {
201 *(to--) = 0;
202 i--;
203 p--;
204 }
205 /* Special case: if all zeros then the number will be of
206 * the form FF followed by n zero bytes: this corresponds to
207 * 1 followed by n zero bytes. We've already written n zeros
208 * so we just append an extra one and set the first byte to
209 * a 1. This is treated separately because it is the only case
210 * where the number of bytes is larger than len.
211 */
212 if(!i) {
213 *s = 1;
214 s[len] = 0;
215 len++;
216 } else {
217 *(to--) = (*(p--) ^ 0xff) + 1;
218 i--;
219 for(;i > 0; i--) *(to--) = *(p--) ^ 0xff;
220 }
221 } else {
222 ret->type=V_ASN1_INTEGER;
223 if ((*p == 0) && (len != 1))
224 {
225 p++;
226 len--;
227 }
228 memcpy(s,p,(int)len);
229 }
114 230
115 *pp=p; 231 if (ret->data != NULL) OPENSSL_free(ret->data);
116 return(r); 232 ret->data=s;
233 ret->length=(int)len;
234 if (a != NULL) (*a)=ret;
235 *pp=pend;
236 return(ret);
237err:
238 ASN1err(ASN1_F_D2I_ASN1_INTEGER,i);
239 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
240 M_ASN1_INTEGER_free(ret);
241 return(NULL);
117 } 242 }
118 243
119ASN1_INTEGER *d2i_ASN1_INTEGER(a, pp, length) 244
120ASN1_INTEGER **a; 245/* This is a version of d2i_ASN1_INTEGER that ignores the sign bit of
121unsigned char **pp; 246 * ASN1 integers: some broken software can encode a positive INTEGER
122long length; 247 * with its MSB set as negative (it doesn't add a padding zero).
248 */
249
250ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, unsigned char **pp,
251 long length)
123 { 252 {
124 ASN1_INTEGER *ret=NULL; 253 ASN1_INTEGER *ret=NULL;
125 unsigned char *p,*to,*s; 254 unsigned char *p,*to,*s;
@@ -129,7 +258,7 @@ long length;
129 258
130 if ((a == NULL) || ((*a) == NULL)) 259 if ((a == NULL) || ((*a) == NULL))
131 { 260 {
132 if ((ret=ASN1_INTEGER_new()) == NULL) return(NULL); 261 if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL);
133 ret->type=V_ASN1_INTEGER; 262 ret->type=V_ASN1_INTEGER;
134 } 263 }
135 else 264 else
@@ -149,29 +278,17 @@ long length;
149 goto err; 278 goto err;
150 } 279 }
151 280
152 /* We must Malloc stuff, even for 0 bytes otherwise it 281 /* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it
153 * signifies a missing NULL parameter. */ 282 * signifies a missing NULL parameter. */
154 s=(unsigned char *)Malloc((int)len+1); 283 s=(unsigned char *)OPENSSL_malloc((int)len+1);
155 if (s == NULL) 284 if (s == NULL)
156 { 285 {
157 i=ERR_R_MALLOC_FAILURE; 286 i=ERR_R_MALLOC_FAILURE;
158 goto err; 287 goto err;
159 } 288 }
160 to=s; 289 to=s;
161 if (*p & 0x80) /* a negative number */ 290 ret->type=V_ASN1_INTEGER;
162 { 291 if(len) {
163 ret->type=V_ASN1_NEG_INTEGER;
164 if (*p == 0xff)
165 {
166 p++;
167 len--;
168 }
169 for (i=(int)len; i>0; i--)
170 *(to++)= (*(p++)^0xFF)+1;
171 }
172 else
173 {
174 ret->type=V_ASN1_INTEGER;
175 if ((*p == 0) && (len != 1)) 292 if ((*p == 0) && (len != 1))
176 { 293 {
177 p++; 294 p++;
@@ -179,24 +296,22 @@ long length;
179 } 296 }
180 memcpy(s,p,(int)len); 297 memcpy(s,p,(int)len);
181 p+=len; 298 p+=len;
182 } 299 }
183 300
184 if (ret->data != NULL) Free((char *)ret->data); 301 if (ret->data != NULL) OPENSSL_free(ret->data);
185 ret->data=s; 302 ret->data=s;
186 ret->length=(int)len; 303 ret->length=(int)len;
187 if (a != NULL) (*a)=ret; 304 if (a != NULL) (*a)=ret;
188 *pp=p; 305 *pp=p;
189 return(ret); 306 return(ret);
190err: 307err:
191 ASN1err(ASN1_F_D2I_ASN1_INTEGER,i); 308 ASN1err(ASN1_F_D2I_ASN1_UINTEGER,i);
192 if ((ret != NULL) && ((a == NULL) || (*a != ret))) 309 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
193 ASN1_INTEGER_free(ret); 310 M_ASN1_INTEGER_free(ret);
194 return(NULL); 311 return(NULL);
195 } 312 }
196 313
197int ASN1_INTEGER_set(a,v) 314int ASN1_INTEGER_set(ASN1_INTEGER *a, long v)
198ASN1_INTEGER *a;
199long v;
200 { 315 {
201 int i,j,k; 316 int i,j,k;
202 unsigned char buf[sizeof(long)+1]; 317 unsigned char buf[sizeof(long)+1];
@@ -206,8 +321,8 @@ long v;
206 if (a->length < (sizeof(long)+1)) 321 if (a->length < (sizeof(long)+1))
207 { 322 {
208 if (a->data != NULL) 323 if (a->data != NULL)
209 Free((char *)a->data); 324 OPENSSL_free(a->data);
210 if ((a->data=(unsigned char *)Malloc(sizeof(long)+1)) != NULL) 325 if ((a->data=(unsigned char *)OPENSSL_malloc(sizeof(long)+1)) != NULL)
211 memset((char *)a->data,0,sizeof(long)+1); 326 memset((char *)a->data,0,sizeof(long)+1);
212 } 327 }
213 if (a->data == NULL) 328 if (a->data == NULL)
@@ -229,15 +344,13 @@ long v;
229 d>>=8; 344 d>>=8;
230 } 345 }
231 j=0; 346 j=0;
232 if (v < 0) a->data[j++]=0;
233 for (k=i-1; k >=0; k--) 347 for (k=i-1; k >=0; k--)
234 a->data[j++]=buf[k]; 348 a->data[j++]=buf[k];
235 a->length=j; 349 a->length=j;
236 return(1); 350 return(1);
237 } 351 }
238 352
239long ASN1_INTEGER_get(a) 353long ASN1_INTEGER_get(ASN1_INTEGER *a)
240ASN1_INTEGER *a;
241 { 354 {
242 int neg=0,i; 355 int neg=0,i;
243 long r=0; 356 long r=0;
@@ -247,7 +360,7 @@ ASN1_INTEGER *a;
247 if (i == V_ASN1_NEG_INTEGER) 360 if (i == V_ASN1_NEG_INTEGER)
248 neg=1; 361 neg=1;
249 else if (i != V_ASN1_INTEGER) 362 else if (i != V_ASN1_INTEGER)
250 return(0); 363 return -1;
251 364
252 if (a->length > sizeof(long)) 365 if (a->length > sizeof(long))
253 { 366 {
@@ -255,7 +368,7 @@ ASN1_INTEGER *a;
255 return(0xffffffffL); 368 return(0xffffffffL);
256 } 369 }
257 if (a->data == NULL) 370 if (a->data == NULL)
258 return(0); 371 return 0;
259 372
260 for (i=0; i<a->length; i++) 373 for (i=0; i<a->length; i++)
261 { 374 {
@@ -266,40 +379,56 @@ ASN1_INTEGER *a;
266 return(r); 379 return(r);
267 } 380 }
268 381
269ASN1_INTEGER *BN_to_ASN1_INTEGER(bn,ai) 382ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai)
270BIGNUM *bn;
271ASN1_INTEGER *ai;
272 { 383 {
273 ASN1_INTEGER *ret; 384 ASN1_INTEGER *ret;
274 int len,j; 385 int len,j;
275 386
276 if (ai == NULL) 387 if (ai == NULL)
277 ret=ASN1_INTEGER_new(); 388 ret=M_ASN1_INTEGER_new();
278 else 389 else
279 ret=ai; 390 ret=ai;
280 if (ret == NULL) 391 if (ret == NULL)
281 { 392 {
282 ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ASN1_R_ERROR_STACK); 393 ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_NESTED_ASN1_ERROR);
283 goto err; 394 goto err;
284 } 395 }
285 ret->type=V_ASN1_INTEGER; 396 if(bn->neg) ret->type = V_ASN1_NEG_INTEGER;
397 else ret->type=V_ASN1_INTEGER;
286 j=BN_num_bits(bn); 398 j=BN_num_bits(bn);
287 len=((j == 0)?0:((j/8)+1)); 399 len=((j == 0)?0:((j/8)+1));
288 ret->data=(unsigned char *)Malloc(len+4); 400 if (ret->length < len+4)
401 {
402 unsigned char *new_data=OPENSSL_realloc(ret->data, len+4);
403 if (!new_data)
404 {
405 ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
406 goto err;
407 }
408 ret->data=new_data;
409 }
289 ret->length=BN_bn2bin(bn,ret->data); 410 ret->length=BN_bn2bin(bn,ret->data);
411 /* Correct zero case */
412 if(!ret->length)
413 {
414 ret->data[0] = 0;
415 ret->length = 1;
416 }
290 return(ret); 417 return(ret);
291err: 418err:
292 if (ret != ai) ASN1_INTEGER_free(ret); 419 if (ret != ai) M_ASN1_INTEGER_free(ret);
293 return(NULL); 420 return(NULL);
294 } 421 }
295 422
296BIGNUM *ASN1_INTEGER_to_BN(ai,bn) 423BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai, BIGNUM *bn)
297ASN1_INTEGER *ai;
298BIGNUM *bn;
299 { 424 {
300 BIGNUM *ret; 425 BIGNUM *ret;
301 426
302 if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL) 427 if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
303 ASN1err(ASN1_F_ASN1_INTEGER_TO_BN,ASN1_R_BN_LIB); 428 ASN1err(ASN1_F_ASN1_INTEGER_TO_BN,ASN1_R_BN_LIB);
429 else if(ai->type == V_ASN1_NEG_INTEGER) ret->neg = 1;
304 return(ret); 430 return(ret);
305 } 431 }
432
433IMPLEMENT_STACK_OF(ASN1_INTEGER)
434IMPLEMENT_ASN1_SET_OF(ASN1_INTEGER)
diff --git a/src/lib/libcrypto/asn1/a_mbstr.c b/src/lib/libcrypto/asn1/a_mbstr.c
index 7a710d5459..5d981c6553 100644
--- a/src/lib/libcrypto/asn1/a_mbstr.c
+++ b/src/lib/libcrypto/asn1/a_mbstr.c
@@ -92,6 +92,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
92{ 92{
93 int str_type; 93 int str_type;
94 int ret; 94 int ret;
95 char free_out;
95 int outform, outlen; 96 int outform, outlen;
96 ASN1_STRING *dest; 97 ASN1_STRING *dest;
97 unsigned char *p; 98 unsigned char *p;
@@ -180,14 +181,16 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
180 } 181 }
181 if(!out) return str_type; 182 if(!out) return str_type;
182 if(*out) { 183 if(*out) {
184 free_out = 0;
183 dest = *out; 185 dest = *out;
184 if(dest->data) { 186 if(dest->data) {
185 dest->length = 0; 187 dest->length = 0;
186 Free(dest->data); 188 OPENSSL_free(dest->data);
187 dest->data = NULL; 189 dest->data = NULL;
188 } 190 }
189 dest->type = str_type; 191 dest->type = str_type;
190 } else { 192 } else {
193 free_out = 1;
191 dest = ASN1_STRING_type_new(str_type); 194 dest = ASN1_STRING_type_new(str_type);
192 if(!dest) { 195 if(!dest) {
193 ASN1err(ASN1_F_ASN1_MBSTRING_COPY, 196 ASN1err(ASN1_F_ASN1_MBSTRING_COPY,
@@ -228,8 +231,8 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
228 cpyfunc = cpy_utf8; 231 cpyfunc = cpy_utf8;
229 break; 232 break;
230 } 233 }
231 if(!(p = Malloc(outlen + 1))) { 234 if(!(p = OPENSSL_malloc(outlen + 1))) {
232 ASN1_STRING_free(dest); 235 if(free_out) ASN1_STRING_free(dest);
233 ASN1err(ASN1_F_ASN1_MBSTRING_COPY,ERR_R_MALLOC_FAILURE); 236 ASN1err(ASN1_F_ASN1_MBSTRING_COPY,ERR_R_MALLOC_FAILURE);
234 return -1; 237 return -1;
235 } 238 }
@@ -258,8 +261,8 @@ static int traverse_string(const unsigned char *p, int len, int inform,
258 value |= *p++; 261 value |= *p++;
259 len -= 2; 262 len -= 2;
260 } else if(inform == MBSTRING_UNIV) { 263 } else if(inform == MBSTRING_UNIV) {
261 value = *p++ << 24; 264 value = ((unsigned long)*p++) << 24;
262 value |= *p++ << 16; 265 value |= ((unsigned long)*p++) << 16;
263 value |= *p++ << 8; 266 value |= *p++ << 8;
264 value |= *p++; 267 value |= *p++;
265 len -= 4; 268 len -= 4;
@@ -382,9 +385,16 @@ static int is_printable(unsigned long value)
382 /* Note: we can't use 'isalnum' because certain accented 385 /* Note: we can't use 'isalnum' because certain accented
383 * characters may count as alphanumeric in some environments. 386 * characters may count as alphanumeric in some environments.
384 */ 387 */
388#ifndef CHARSET_EBCDIC
385 if((ch >= 'a') && (ch <= 'z')) return 1; 389 if((ch >= 'a') && (ch <= 'z')) return 1;
386 if((ch >= 'A') && (ch <= 'Z')) return 1; 390 if((ch >= 'A') && (ch <= 'Z')) return 1;
387 if((ch >= '0') && (ch <= '9')) return 1; 391 if((ch >= '0') && (ch <= '9')) return 1;
388 if ((ch == ' ') || strchr("'()+,-./:=?", ch)) return 1; 392 if ((ch == ' ') || strchr("'()+,-./:=?", ch)) return 1;
393#else /*CHARSET_EBCDIC*/
394 if((ch >= os_toascii['a']) && (ch <= os_toascii['z'])) return 1;
395 if((ch >= os_toascii['A']) && (ch <= os_toascii['Z'])) return 1;
396 if((ch >= os_toascii['0']) && (ch <= os_toascii['9'])) return 1;
397 if ((ch == os_toascii[' ']) || strchr("'()+,-./:=?", os_toebcdic[ch])) return 1;
398#endif /*CHARSET_EBCDIC*/
389 return 0; 399 return 0;
390} 400}
diff --git a/src/lib/libcrypto/asn1/a_object.c b/src/lib/libcrypto/asn1/a_object.c
index 5a7eeef8d8..71ce7c3896 100644
--- a/src/lib/libcrypto/asn1/a_object.c
+++ b/src/lib/libcrypto/asn1/a_object.c
@@ -58,25 +58,19 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "buffer.h" 61#include <openssl/buffer.h>
62#include "asn1.h" 62#include <openssl/asn1.h>
63#include "objects.h" 63#include <openssl/objects.h>
64 64
65/* ASN1err(ASN1_F_ASN1_OBJECT_NEW,ASN1_R_EXPECTING_AN_OBJECT); 65int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
66 * ASN1err(ASN1_F_D2I_ASN1_OBJECT,ASN1_R_BAD_OBJECT_HEADER);
67 * ASN1err(ASN1_F_I2T_ASN1_OBJECT,ASN1_R_BAD_OBJECT_HEADER);
68 */
69
70int i2d_ASN1_OBJECT(a, pp)
71ASN1_OBJECT *a;
72unsigned char **pp;
73 { 66 {
74 unsigned char *p; 67 unsigned char *p;
68 int objsize;
75 69
76 if ((a == NULL) || (a->data == NULL)) return(0); 70 if ((a == NULL) || (a->data == NULL)) return(0);
77 71
78 if (pp == NULL) 72 objsize = ASN1_object_size(0,a->length,V_ASN1_OBJECT);
79 return(ASN1_object_size(0,a->length,V_ASN1_OBJECT)); 73 if (pp == NULL) return objsize;
80 74
81 p= *pp; 75 p= *pp;
82 ASN1_put_object(&p,0,a->length,V_ASN1_OBJECT,V_ASN1_UNIVERSAL); 76 ASN1_put_object(&p,0,a->length,V_ASN1_OBJECT,V_ASN1_UNIVERSAL);
@@ -84,17 +78,14 @@ unsigned char **pp;
84 p+=a->length; 78 p+=a->length;
85 79
86 *pp=p; 80 *pp=p;
87 return(a->length); 81 return(objsize);
88 } 82 }
89 83
90int a2d_ASN1_OBJECT(out,olen,buf,num) 84int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
91unsigned char *out;
92int olen;
93char *buf;
94int num;
95 { 85 {
96 int i,first,len=0,c; 86 int i,first,len=0,c;
97 char tmp[24],*p; 87 char tmp[24];
88 const char *p;
98 unsigned long l; 89 unsigned long l;
99 90
100 if (num == 0) 91 if (num == 0)
@@ -180,85 +171,12 @@ err:
180 return(0); 171 return(0);
181 } 172 }
182 173
183int i2t_ASN1_OBJECT(buf,buf_len,a) 174int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a)
184char *buf; 175{
185int buf_len; 176 return OBJ_obj2txt(buf, buf_len, a, 0);
186ASN1_OBJECT *a; 177}
187 {
188 int i,idx=0,n=0,len,nid;
189 unsigned long l;
190 unsigned char *p;
191 char *s;
192 char tbuf[32];
193
194 if (buf_len <= 0) return(0);
195
196 if ((a == NULL) || (a->data == NULL))
197 {
198 buf[0]='\0';
199 return(0);
200 }
201
202 nid=OBJ_obj2nid(a);
203 if (nid == NID_undef)
204 {
205 len=a->length;
206 p=a->data;
207 178
208 idx=0; 179int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
209 l=0;
210 while (idx < a->length)
211 {
212 l|=(p[idx]&0x7f);
213 if (!(p[idx] & 0x80)) break;
214 l<<=7L;
215 idx++;
216 }
217 idx++;
218 i=(int)(l/40);
219 if (i > 2) i=2;
220 l-=(long)(i*40);
221
222 sprintf(tbuf,"%d.%ld",i,l);
223 i=strlen(tbuf);
224 strncpy(buf,tbuf,buf_len);
225 buf_len-=i;
226 buf+=i;
227 n+=i;
228
229 l=0;
230 for (; idx<len; idx++)
231 {
232 l|=p[idx]&0x7f;
233 if (!(p[idx] & 0x80))
234 {
235 sprintf(tbuf,".%ld",l);
236 i=strlen(tbuf);
237 if (buf_len > 0)
238 strncpy(buf,tbuf,buf_len);
239 buf_len-=i;
240 buf+=i;
241 n+=i;
242 l=0;
243 }
244 l<<=7L;
245 }
246 }
247 else
248 {
249 s=(char *)OBJ_nid2ln(nid);
250 if (s == NULL)
251 s=(char *)OBJ_nid2sn(nid);
252 strncpy(buf,s,buf_len);
253 n=strlen(s);
254 }
255 buf[buf_len-1]='\0';
256 return(n);
257 }
258
259int i2a_ASN1_OBJECT(bp,a)
260BIO *bp;
261ASN1_OBJECT *a;
262 { 180 {
263 char buf[80]; 181 char buf[80];
264 int i; 182 int i;
@@ -271,28 +189,15 @@ ASN1_OBJECT *a;
271 return(i); 189 return(i);
272 } 190 }
273 191
274ASN1_OBJECT *d2i_ASN1_OBJECT(a, pp, length) 192ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp,
275ASN1_OBJECT **a; 193 long length)
276unsigned char **pp; 194{
277long length;
278 {
279 ASN1_OBJECT *ret=NULL;
280 unsigned char *p; 195 unsigned char *p;
281 long len; 196 long len;
282 int tag,xclass; 197 int tag,xclass;
283 int inf,i; 198 int inf,i;
284 199 ASN1_OBJECT *ret = NULL;
285 /* only the ASN1_OBJECTs from the 'table' will have values
286 * for ->sn or ->ln */
287 if ((a == NULL) || ((*a) == NULL) ||
288 !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC))
289 {
290 if ((ret=ASN1_OBJECT_new()) == NULL) return(NULL);
291 }
292 else ret=(*a);
293
294 p= *pp; 200 p= *pp;
295
296 inf=ASN1_get_object(&p,&len,&tag,&xclass,length); 201 inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
297 if (inf & 0x80) 202 if (inf & 0x80)
298 { 203 {
@@ -305,10 +210,36 @@ long length;
305 i=ASN1_R_EXPECTING_AN_OBJECT; 210 i=ASN1_R_EXPECTING_AN_OBJECT;
306 goto err; 211 goto err;
307 } 212 }
213 ret = c2i_ASN1_OBJECT(a, &p, len);
214 if(ret) *pp = p;
215 return ret;
216err:
217 ASN1err(ASN1_F_D2I_ASN1_OBJECT,i);
218 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
219 ASN1_OBJECT_free(ret);
220 return(NULL);
221}
222ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp,
223 long len)
224 {
225 ASN1_OBJECT *ret=NULL;
226 unsigned char *p;
227 int i;
228
229 /* only the ASN1_OBJECTs from the 'table' will have values
230 * for ->sn or ->ln */
231 if ((a == NULL) || ((*a) == NULL) ||
232 !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC))
233 {
234 if ((ret=ASN1_OBJECT_new()) == NULL) return(NULL);
235 }
236 else ret=(*a);
237
238 p= *pp;
308 if ((ret->data == NULL) || (ret->length < len)) 239 if ((ret->data == NULL) || (ret->length < len))
309 { 240 {
310 if (ret->data != NULL) Free((char *)ret->data); 241 if (ret->data != NULL) OPENSSL_free(ret->data);
311 ret->data=(unsigned char *)Malloc((int)len); 242 ret->data=(unsigned char *)OPENSSL_malloc(len ? (int)len : 1);
312 ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA; 243 ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA;
313 if (ret->data == NULL) 244 if (ret->data == NULL)
314 { i=ERR_R_MALLOC_FAILURE; goto err; } 245 { i=ERR_R_MALLOC_FAILURE; goto err; }
@@ -330,11 +261,11 @@ err:
330 return(NULL); 261 return(NULL);
331 } 262 }
332 263
333ASN1_OBJECT *ASN1_OBJECT_new() 264ASN1_OBJECT *ASN1_OBJECT_new(void)
334 { 265 {
335 ASN1_OBJECT *ret; 266 ASN1_OBJECT *ret;
336 267
337 ret=(ASN1_OBJECT *)Malloc(sizeof(ASN1_OBJECT)); 268 ret=(ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT));
338 if (ret == NULL) 269 if (ret == NULL)
339 { 270 {
340 ASN1err(ASN1_F_ASN1_OBJECT_NEW,ERR_R_MALLOC_FAILURE); 271 ASN1err(ASN1_F_ASN1_OBJECT_NEW,ERR_R_MALLOC_FAILURE);
@@ -349,31 +280,29 @@ ASN1_OBJECT *ASN1_OBJECT_new()
349 return(ret); 280 return(ret);
350 } 281 }
351 282
352void ASN1_OBJECT_free(a) 283void ASN1_OBJECT_free(ASN1_OBJECT *a)
353ASN1_OBJECT *a;
354 { 284 {
355 if (a == NULL) return; 285 if (a == NULL) return;
356 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS) 286 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS)
357 { 287 {
358 if (a->sn != NULL) Free(a->sn); 288#ifndef CONST_STRICT /* disable purely for compile-time strict const checking. Doing this on a "real" compile will cause memory leaks */
359 if (a->ln != NULL) Free(a->ln); 289 if (a->sn != NULL) OPENSSL_free((void *)a->sn);
290 if (a->ln != NULL) OPENSSL_free((void *)a->ln);
291#endif
360 a->sn=a->ln=NULL; 292 a->sn=a->ln=NULL;
361 } 293 }
362 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) 294 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA)
363 { 295 {
364 if (a->data != NULL) Free(a->data); 296 if (a->data != NULL) OPENSSL_free(a->data);
365 a->data=NULL; 297 a->data=NULL;
366 a->length=0; 298 a->length=0;
367 } 299 }
368 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC) 300 if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC)
369 Free((char *)a); 301 OPENSSL_free(a);
370 } 302 }
371 303
372ASN1_OBJECT *ASN1_OBJECT_create(nid,data,len,sn,ln) 304ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len,
373int nid; 305 const char *sn, const char *ln)
374unsigned char *data;
375int len;
376char *sn,*ln;
377 { 306 {
378 ASN1_OBJECT o; 307 ASN1_OBJECT o;
379 308
@@ -382,8 +311,10 @@ char *sn,*ln;
382 o.data=data; 311 o.data=data;
383 o.nid=nid; 312 o.nid=nid;
384 o.length=len; 313 o.length=len;
385 o.flags=ASN1_OBJECT_FLAG_DYNAMIC| 314 o.flags=ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|
386 ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|ASN1_OBJECT_FLAG_DYNAMIC_DATA; 315 ASN1_OBJECT_FLAG_DYNAMIC_DATA;
387 return(OBJ_dup(&o)); 316 return(OBJ_dup(&o));
388 } 317 }
389 318
319IMPLEMENT_STACK_OF(ASN1_OBJECT)
320IMPLEMENT_ASN1_SET_OF(ASN1_OBJECT)
diff --git a/src/lib/libcrypto/asn1/a_octet.c b/src/lib/libcrypto/asn1/a_octet.c
index be3f172a8c..9690bae0f1 100644
--- a/src/lib/libcrypto/asn1/a_octet.c
+++ b/src/lib/libcrypto/asn1/a_octet.c
@@ -58,33 +58,14 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "asn1.h" 61#include <openssl/asn1.h>
62 62
63/* ASN1err(ASN1_F_D2I_ASN1_OCTET_STRING,ASN1_R_EXPECTING_AN_OCTET_STRING); 63ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *x)
64 */ 64{ return M_ASN1_OCTET_STRING_dup(x); }
65
66int i2d_ASN1_OCTET_STRING(a, pp)
67ASN1_OCTET_STRING *a;
68unsigned char **pp;
69 {
70 return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
71 V_ASN1_OCTET_STRING,V_ASN1_UNIVERSAL));
72 }
73 65
74ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(a, pp, length) 66int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b)
75ASN1_OCTET_STRING **a; 67{ return M_ASN1_OCTET_STRING_cmp(a, b); }
76unsigned char **pp;
77long length;
78 {
79 ASN1_OCTET_STRING *ret=NULL;
80 68
81 ret=(ASN1_OCTET_STRING *)d2i_ASN1_bytes((ASN1_STRING **)a, 69int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, unsigned char *d, int len)
82 pp,length,V_ASN1_OCTET_STRING,V_ASN1_UNIVERSAL); 70{ return M_ASN1_OCTET_STRING_set(x, d, len); }
83 if (ret == NULL)
84 {
85 ASN1err(ASN1_F_D2I_ASN1_OCTET_STRING,ASN1_R_ERROR_STACK);
86 return(NULL);
87 }
88 return(ret);
89 }
90 71
diff --git a/src/lib/libcrypto/asn1/a_print.c b/src/lib/libcrypto/asn1/a_print.c
index 3023361dee..8035513f04 100644
--- a/src/lib/libcrypto/asn1/a_print.c
+++ b/src/lib/libcrypto/asn1/a_print.c
@@ -58,49 +58,9 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "asn1.h" 61#include <openssl/asn1.h>
62 62
63/* ASN1err(ASN1_F_D2I_ASN1_PRINT_TYPE,ASN1_R_WRONG_PRINTABLE_TYPE); 63int ASN1_PRINTABLE_type(unsigned char *s, int len)
64 * ASN1err(ASN1_F_D2I_ASN1_PRINT_TYPE,ASN1_R_TAG_VALUE_TOO_HIGH);
65 */
66
67int i2d_ASN1_IA5STRING(a,pp)
68ASN1_IA5STRING *a;
69unsigned char **pp;
70 { return(M_i2d_ASN1_IA5STRING(a,pp)); }
71
72ASN1_IA5STRING *d2i_ASN1_IA5STRING(a,pp,l)
73ASN1_IA5STRING **a;
74unsigned char **pp;
75long l;
76 { return(M_d2i_ASN1_IA5STRING(a,pp,l)); }
77
78ASN1_T61STRING *d2i_ASN1_T61STRING(a,pp,l)
79ASN1_T61STRING **a;
80unsigned char **pp;
81long l;
82 { return(M_d2i_ASN1_T61STRING(a,pp,l)); }
83
84ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(a,pp,l)
85ASN1_PRINTABLESTRING **a;
86unsigned char **pp;
87long l;
88 { return(M_d2i_ASN1_PRINTABLESTRING(a,pp,l)); }
89
90int i2d_ASN1_PRINTABLE(a,pp)
91ASN1_STRING *a;
92unsigned char **pp;
93 { return(M_i2d_ASN1_PRINTABLE(a,pp)); }
94
95ASN1_STRING *d2i_ASN1_PRINTABLE(a,pp,l)
96ASN1_STRING **a;
97unsigned char **pp;
98long l;
99 { return(M_d2i_ASN1_PRINTABLE(a,pp,l)); }
100
101int ASN1_PRINTABLE_type(s,len)
102unsigned char *s;
103int len;
104 { 64 {
105 int c; 65 int c;
106 int ia5=0; 66 int ia5=0;
@@ -112,6 +72,7 @@ int len;
112 while ((*s) && (len-- != 0)) 72 while ((*s) && (len-- != 0))
113 { 73 {
114 c= *(s++); 74 c= *(s++);
75#ifndef CHARSET_EBCDIC
115 if (!( ((c >= 'a') && (c <= 'z')) || 76 if (!( ((c >= 'a') && (c <= 'z')) ||
116 ((c >= 'A') && (c <= 'Z')) || 77 ((c >= 'A') && (c <= 'Z')) ||
117 (c == ' ') || 78 (c == ' ') ||
@@ -125,14 +86,20 @@ int len;
125 ia5=1; 86 ia5=1;
126 if (c&0x80) 87 if (c&0x80)
127 t61=1; 88 t61=1;
89#else
90 if (!isalnum(c) && (c != ' ') &&
91 strchr("'()+,-./:=?", c) == NULL)
92 ia5=1;
93 if (os_toascii[c] & 0x80)
94 t61=1;
95#endif
128 } 96 }
129 if (t61) return(V_ASN1_T61STRING); 97 if (t61) return(V_ASN1_T61STRING);
130 if (ia5) return(V_ASN1_IA5STRING); 98 if (ia5) return(V_ASN1_IA5STRING);
131 return(V_ASN1_PRINTABLESTRING); 99 return(V_ASN1_PRINTABLESTRING);
132 } 100 }
133 101
134int ASN1_UNIVERSALSTRING_to_string(s) 102int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s)
135ASN1_UNIVERSALSTRING *s;
136 { 103 {
137 int i; 104 int i;
138 unsigned char *p; 105 unsigned char *p;
@@ -158,4 +125,3 @@ ASN1_UNIVERSALSTRING *s;
158 s->type=ASN1_PRINTABLE_type(s->data,s->length); 125 s->type=ASN1_PRINTABLE_type(s->data,s->length);
159 return(1); 126 return(1);
160 } 127 }
161
diff --git a/src/lib/libcrypto/asn1/a_set.c b/src/lib/libcrypto/asn1/a_set.c
index 17c49946cf..0f839822ff 100644
--- a/src/lib/libcrypto/asn1/a_set.c
+++ b/src/lib/libcrypto/asn1/a_set.c
@@ -58,21 +58,42 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "asn1_mac.h" 61#include <openssl/asn1_mac.h>
62 62
63/* ASN1err(ASN1_F_ASN1_TYPE_NEW,ERR_R_MALLOC_FAILURE); 63#ifndef NO_ASN1_OLD
64
65typedef struct
66 {
67 unsigned char *pbData;
68 int cbData;
69 } MYBLOB;
70
71/* SetBlobCmp
72 * This function compares two elements of SET_OF block
64 */ 73 */
74static int SetBlobCmp(const void *elem1, const void *elem2 )
75 {
76 const MYBLOB *b1 = (const MYBLOB *)elem1;
77 const MYBLOB *b2 = (const MYBLOB *)elem2;
78 int r;
79
80 r = memcmp(b1->pbData, b2->pbData,
81 b1->cbData < b2->cbData ? b1->cbData : b2->cbData);
82 if(r != 0)
83 return r;
84 return b1->cbData-b2->cbData;
85 }
65 86
66int i2d_ASN1_SET(a,pp,func,ex_tag,ex_class) 87/* int is_set: if TRUE, then sort the contents (i.e. it isn't a SEQUENCE) */
67STACK *a; 88int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag,
68unsigned char **pp; 89 int ex_class, int is_set)
69int (*func)();
70int ex_tag;
71int ex_class;
72 { 90 {
73 int ret=0,r; 91 int ret=0,r;
74 int i; 92 int i;
75 unsigned char *p; 93 unsigned char *p;
94 unsigned char *pStart, *pTempMem;
95 MYBLOB *rgSetBlob;
96 int totSize;
76 97
77 if (a == NULL) return(0); 98 if (a == NULL) return(0);
78 for (i=sk_num(a)-1; i>=0; i--) 99 for (i=sk_num(a)-1; i>=0; i--)
@@ -82,26 +103,64 @@ int ex_class;
82 103
83 p= *pp; 104 p= *pp;
84 ASN1_put_object(&p,1,ret,ex_tag,ex_class); 105 ASN1_put_object(&p,1,ret,ex_tag,ex_class);
85 for (i=0; i<sk_num(a); i++)
86 func(sk_value(a,i),&p);
87 106
88 *pp=p; 107/* Modified by gp@nsj.co.jp */
89 return(r); 108 /* And then again by Ben */
90 } 109 /* And again by Steve */
110
111 if(!is_set || (sk_num(a) < 2))
112 {
113 for (i=0; i<sk_num(a); i++)
114 func(sk_value(a,i),&p);
115
116 *pp=p;
117 return(r);
118 }
91 119
92STACK *d2i_ASN1_SET(a,pp,length,func,ex_tag,ex_class) 120 pStart = p; /* Catch the beg of Setblobs*/
93STACK **a; 121 if (!(rgSetBlob = (MYBLOB *)OPENSSL_malloc( sk_num(a) * sizeof(MYBLOB)))) return 0; /* In this array
94unsigned char **pp; 122we will store the SET blobs */
95long length; 123
96char *(*func)(); 124 for (i=0; i<sk_num(a); i++)
97int ex_tag; 125 {
98int ex_class; 126 rgSetBlob[i].pbData = p; /* catch each set encode blob */
127 func(sk_value(a,i),&p);
128 rgSetBlob[i].cbData = p - rgSetBlob[i].pbData; /* Length of this
129SetBlob
130*/
131 }
132 *pp=p;
133 totSize = p - pStart; /* This is the total size of all set blobs */
134
135 /* Now we have to sort the blobs. I am using a simple algo.
136 *Sort ptrs *Copy to temp-mem *Copy from temp-mem to user-mem*/
137 qsort( rgSetBlob, sk_num(a), sizeof(MYBLOB), SetBlobCmp);
138 if (!(pTempMem = OPENSSL_malloc(totSize))) return 0;
139
140/* Copy to temp mem */
141 p = pTempMem;
142 for(i=0; i<sk_num(a); ++i)
143 {
144 memcpy(p, rgSetBlob[i].pbData, rgSetBlob[i].cbData);
145 p += rgSetBlob[i].cbData;
146 }
147
148/* Copy back to user mem*/
149 memcpy(pStart, pTempMem, totSize);
150 OPENSSL_free(pTempMem);
151 OPENSSL_free(rgSetBlob);
152
153 return(r);
154 }
155
156STACK *d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
157 char *(*func)(), void (*free_func)(void *), int ex_tag, int ex_class)
99 { 158 {
100 ASN1_CTX c; 159 ASN1_CTX c;
101 STACK *ret=NULL; 160 STACK *ret=NULL;
102 161
103 if ((a == NULL) || ((*a) == NULL)) 162 if ((a == NULL) || ((*a) == NULL))
104 { if ((ret=sk_new(NULL)) == NULL) goto err; } 163 { if ((ret=sk_new_null()) == NULL) goto err; }
105 else 164 else
106 ret=(*a); 165 ret=(*a);
107 166
@@ -136,14 +195,26 @@ int ex_class;
136 char *s; 195 char *s;
137 196
138 if (M_ASN1_D2I_end_sequence()) break; 197 if (M_ASN1_D2I_end_sequence()) break;
139 if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL) goto err; 198 if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL)
199 {
200 ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_ERROR_PARSING_SET_ELEMENT);
201 asn1_add_error(*pp,(int)(c.q- *pp));
202 goto err;
203 }
140 if (!sk_push(ret,s)) goto err; 204 if (!sk_push(ret,s)) goto err;
141 } 205 }
142 if (a != NULL) (*a)=ret; 206 if (a != NULL) (*a)=ret;
143 *pp=c.p; 207 *pp=c.p;
144 return(ret); 208 return(ret);
145err: 209err:
146 if ((ret != NULL) && ((a == NULL) || (*a != ret))) sk_free(ret); 210 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
211 {
212 if (free_func != NULL)
213 sk_pop_free(ret,free_func);
214 else
215 sk_free(ret);
216 }
147 return(NULL); 217 return(NULL);
148 } 218 }
149 219
220#endif
diff --git a/src/lib/libcrypto/asn1/a_sign.c b/src/lib/libcrypto/asn1/a_sign.c
index 02188e68c4..de53b44144 100644
--- a/src/lib/libcrypto/asn1/a_sign.c
+++ b/src/lib/libcrypto/asn1/a_sign.c
@@ -55,34 +55,87 @@
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58/* ====================================================================
59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
60 *
61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions
63 * are met:
64 *
65 * 1. Redistributions of source code must retain the above copyright
66 * notice, this list of conditions and the following disclaimer.
67 *
68 * 2. Redistributions in binary form must reproduce the above copyright
69 * notice, this list of conditions and the following disclaimer in
70 * the documentation and/or other materials provided with the
71 * distribution.
72 *
73 * 3. All advertising materials mentioning features or use of this
74 * software must display the following acknowledgment:
75 * "This product includes software developed by the OpenSSL Project
76 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
77 *
78 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
79 * endorse or promote products derived from this software without
80 * prior written permission. For written permission, please contact
81 * openssl-core@openssl.org.
82 *
83 * 5. Products derived from this software may not be called "OpenSSL"
84 * nor may "OpenSSL" appear in their names without prior written
85 * permission of the OpenSSL Project.
86 *
87 * 6. Redistributions of any form whatsoever must retain the following
88 * acknowledgment:
89 * "This product includes software developed by the OpenSSL Project
90 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
91 *
92 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
93 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
94 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
95 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
96 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
97 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
98 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
99 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
100 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
101 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
103 * OF THE POSSIBILITY OF SUCH DAMAGE.
104 * ====================================================================
105 *
106 * This product includes cryptographic software written by Eric Young
107 * (eay@cryptsoft.com). This product includes software written by Tim
108 * Hudson (tjh@cryptsoft.com).
109 *
110 */
58 111
59#include <stdio.h> 112#include <stdio.h>
60#include <time.h> 113#include <time.h>
61#include <sys/types.h>
62#include <sys/stat.h>
63 114
64#include "cryptlib.h" 115#include "cryptlib.h"
65#include "bn.h"
66#include "evp.h"
67#include "x509.h"
68#include "objects.h"
69#include "buffer.h"
70#include "pem.h"
71 116
72int ASN1_sign(i2d,algor1,algor2,signature,data,pkey,type) 117#ifndef NO_SYS_TYPES_H
73int (*i2d)(); 118# include <sys/types.h>
74X509_ALGOR *algor1; 119#endif
75X509_ALGOR *algor2; 120
76ASN1_BIT_STRING *signature; 121#include <openssl/bn.h>
77char *data; 122#include <openssl/evp.h>
78EVP_PKEY *pkey; 123#include <openssl/x509.h>
79EVP_MD *type; 124#include <openssl/objects.h>
125#include <openssl/buffer.h>
126
127#ifndef NO_ASN1_OLD
128
129int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
130 ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey,
131 const EVP_MD *type)
80 { 132 {
81 EVP_MD_CTX ctx; 133 EVP_MD_CTX ctx;
82 unsigned char *p,*buf_in=NULL,*buf_out=NULL; 134 unsigned char *p,*buf_in=NULL,*buf_out=NULL;
83 int i,inl=0,outl=0,outll=0; 135 int i,inl=0,outl=0,outll=0;
84 X509_ALGOR *a; 136 X509_ALGOR *a;
85 137
138 EVP_MD_CTX_init(&ctx);
86 for (i=0; i<2; i++) 139 for (i=0; i<2; i++)
87 { 140 {
88 if (i == 0) 141 if (i == 0)
@@ -90,7 +143,14 @@ EVP_MD *type;
90 else 143 else
91 a=algor2; 144 a=algor2;
92 if (a == NULL) continue; 145 if (a == NULL) continue;
93 if ( (a->parameter == NULL) || 146 if (type->pkey_type == NID_dsaWithSHA1)
147 {
148 /* special case: RFC 2459 tells us to omit 'parameters'
149 * with id-dsa-with-sha1 */
150 ASN1_TYPE_free(a->parameter);
151 a->parameter = NULL;
152 }
153 else if ((a->parameter == NULL) ||
94 (a->parameter->type != V_ASN1_NULL)) 154 (a->parameter->type != V_ASN1_NULL))
95 { 155 {
96 ASN1_TYPE_free(a->parameter); 156 ASN1_TYPE_free(a->parameter);
@@ -111,9 +171,9 @@ EVP_MD *type;
111 } 171 }
112 } 172 }
113 inl=i2d(data,NULL); 173 inl=i2d(data,NULL);
114 buf_in=(unsigned char *)Malloc((unsigned int)inl); 174 buf_in=(unsigned char *)OPENSSL_malloc((unsigned int)inl);
115 outll=outl=EVP_PKEY_size(pkey); 175 outll=outl=EVP_PKEY_size(pkey);
116 buf_out=(unsigned char *)Malloc((unsigned int)outl); 176 buf_out=(unsigned char *)OPENSSL_malloc((unsigned int)outl);
117 if ((buf_in == NULL) || (buf_out == NULL)) 177 if ((buf_in == NULL) || (buf_out == NULL))
118 { 178 {
119 outl=0; 179 outl=0;
@@ -123,7 +183,7 @@ EVP_MD *type;
123 p=buf_in; 183 p=buf_in;
124 184
125 i2d(data,&p); 185 i2d(data,&p);
126 EVP_SignInit(&ctx,type); 186 EVP_SignInit_ex(&ctx,type, NULL);
127 EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl); 187 EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl);
128 if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out, 188 if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out,
129 (unsigned int *)&outl,pkey)) 189 (unsigned int *)&outl,pkey))
@@ -132,16 +192,103 @@ EVP_MD *type;
132 ASN1err(ASN1_F_ASN1_SIGN,ERR_R_EVP_LIB); 192 ASN1err(ASN1_F_ASN1_SIGN,ERR_R_EVP_LIB);
133 goto err; 193 goto err;
134 } 194 }
135 if (signature->data != NULL) Free((char *)signature->data); 195 if (signature->data != NULL) OPENSSL_free(signature->data);
136 signature->data=buf_out; 196 signature->data=buf_out;
137 buf_out=NULL; 197 buf_out=NULL;
138 signature->length=outl; 198 signature->length=outl;
199 /* In the interests of compatibility, I'll make sure that
200 * the bit string has a 'not-used bits' value of 0
201 */
202 signature->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
203 signature->flags|=ASN1_STRING_FLAG_BITS_LEFT;
204err:
205 EVP_MD_CTX_cleanup(&ctx);
206 if (buf_in != NULL)
207 { memset((char *)buf_in,0,(unsigned int)inl); OPENSSL_free(buf_in); }
208 if (buf_out != NULL)
209 { memset((char *)buf_out,0,outll); OPENSSL_free(buf_out); }
210 return(outl);
211 }
212
213#endif
214
215int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
216 ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey,
217 const EVP_MD *type)
218 {
219 EVP_MD_CTX ctx;
220 unsigned char *buf_in=NULL,*buf_out=NULL;
221 int i,inl=0,outl=0,outll=0;
222 X509_ALGOR *a;
223
224 EVP_MD_CTX_init(&ctx);
225 for (i=0; i<2; i++)
226 {
227 if (i == 0)
228 a=algor1;
229 else
230 a=algor2;
231 if (a == NULL) continue;
232 if (type->pkey_type == NID_dsaWithSHA1)
233 {
234 /* special case: RFC 2459 tells us to omit 'parameters'
235 * with id-dsa-with-sha1 */
236 ASN1_TYPE_free(a->parameter);
237 a->parameter = NULL;
238 }
239 else if ((a->parameter == NULL) ||
240 (a->parameter->type != V_ASN1_NULL))
241 {
242 ASN1_TYPE_free(a->parameter);
243 if ((a->parameter=ASN1_TYPE_new()) == NULL) goto err;
244 a->parameter->type=V_ASN1_NULL;
245 }
246 ASN1_OBJECT_free(a->algorithm);
247 a->algorithm=OBJ_nid2obj(type->pkey_type);
248 if (a->algorithm == NULL)
249 {
250 ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_UNKNOWN_OBJECT_TYPE);
251 goto err;
252 }
253 if (a->algorithm->length == 0)
254 {
255 ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
256 goto err;
257 }
258 }
259 inl=ASN1_item_i2d(asn,&buf_in, it);
260 outll=outl=EVP_PKEY_size(pkey);
261 buf_out=(unsigned char *)OPENSSL_malloc((unsigned int)outl);
262 if ((buf_in == NULL) || (buf_out == NULL))
263 {
264 outl=0;
265 ASN1err(ASN1_F_ASN1_SIGN,ERR_R_MALLOC_FAILURE);
266 goto err;
267 }
139 268
269 EVP_SignInit_ex(&ctx,type, NULL);
270 EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl);
271 if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out,
272 (unsigned int *)&outl,pkey))
273 {
274 outl=0;
275 ASN1err(ASN1_F_ASN1_SIGN,ERR_R_EVP_LIB);
276 goto err;
277 }
278 if (signature->data != NULL) OPENSSL_free(signature->data);
279 signature->data=buf_out;
280 buf_out=NULL;
281 signature->length=outl;
282 /* In the interests of compatibility, I'll make sure that
283 * the bit string has a 'not-used bits' value of 0
284 */
285 signature->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
286 signature->flags|=ASN1_STRING_FLAG_BITS_LEFT;
140err: 287err:
141 memset(&ctx,0,sizeof(ctx)); 288 EVP_MD_CTX_cleanup(&ctx);
142 if (buf_in != NULL) 289 if (buf_in != NULL)
143 { memset((char *)buf_in,0,(unsigned int)inl); Free((char *)buf_in); } 290 { memset((char *)buf_in,0,(unsigned int)inl); OPENSSL_free(buf_in); }
144 if (buf_out != NULL) 291 if (buf_out != NULL)
145 { memset((char *)buf_out,0,outll); Free((char *)buf_out); } 292 { memset((char *)buf_out,0,outll); OPENSSL_free(buf_out); }
146 return(outl); 293 return(outl);
147 } 294 }
diff --git a/src/lib/libcrypto/asn1/a_strex.c b/src/lib/libcrypto/asn1/a_strex.c
index 569b811998..128aa7e772 100644
--- a/src/lib/libcrypto/asn1/a_strex.c
+++ b/src/lib/libcrypto/asn1/a_strex.c
@@ -371,6 +371,8 @@ static int do_indent(char_io *io_ch, void *arg, int indent)
371 return 1; 371 return 1;
372} 372}
373 373
374#define FN_WIDTH_LN 25
375#define FN_WIDTH_SN 10
374 376
375static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n, 377static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n,
376 int indent, unsigned long flags) 378 int indent, unsigned long flags)
@@ -456,19 +458,29 @@ static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n,
456 val = X509_NAME_ENTRY_get_data(ent); 458 val = X509_NAME_ENTRY_get_data(ent);
457 fn_nid = OBJ_obj2nid(fn); 459 fn_nid = OBJ_obj2nid(fn);
458 if(fn_opt != XN_FLAG_FN_NONE) { 460 if(fn_opt != XN_FLAG_FN_NONE) {
459 int objlen; 461 int objlen, fld_len;
460 if((fn_opt == XN_FLAG_FN_OID) || (fn_nid==NID_undef) ) { 462 if((fn_opt == XN_FLAG_FN_OID) || (fn_nid==NID_undef) ) {
461 OBJ_obj2txt(objtmp, 80, fn, 1); 463 OBJ_obj2txt(objtmp, 80, fn, 1);
464 fld_len = 0; /* XXX: what should this be? */
462 objbuf = objtmp; 465 objbuf = objtmp;
463 } else { 466 } else {
464 if(fn_opt == XN_FLAG_FN_SN) 467 if(fn_opt == XN_FLAG_FN_SN) {
468 fld_len = FN_WIDTH_SN;
465 objbuf = OBJ_nid2sn(fn_nid); 469 objbuf = OBJ_nid2sn(fn_nid);
466 else if(fn_opt == XN_FLAG_FN_LN) 470 } else if(fn_opt == XN_FLAG_FN_LN) {
471 fld_len = FN_WIDTH_LN;
467 objbuf = OBJ_nid2ln(fn_nid); 472 objbuf = OBJ_nid2ln(fn_nid);
468 else objbuf = ""; 473 } else {
474 fld_len = 0; /* XXX: what should this be? */
475 objbuf = "";
476 }
469 } 477 }
470 objlen = strlen(objbuf); 478 objlen = strlen(objbuf);
471 if(!io_ch(arg, objbuf, objlen)) return -1; 479 if(!io_ch(arg, objbuf, objlen)) return -1;
480 if ((objlen < fld_len) && (flags & XN_FLAG_FN_ALIGN)) {
481 if (!do_indent(io_ch, arg, fld_len - objlen)) return -1;
482 outlen += fld_len - objlen;
483 }
472 if(!io_ch(arg, sep_eq, sep_eq_len)) return -1; 484 if(!io_ch(arg, sep_eq, sep_eq_len)) return -1;
473 outlen += objlen + sep_eq_len; 485 outlen += objlen + sep_eq_len;
474 } 486 }
@@ -491,12 +503,24 @@ static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n,
491 503
492int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags) 504int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags)
493{ 505{
506 if(flags == XN_FLAG_COMPAT)
507 return X509_NAME_print(out, nm, indent);
494 return do_name_ex(send_bio_chars, out, nm, indent, flags); 508 return do_name_ex(send_bio_chars, out, nm, indent, flags);
495} 509}
496 510
497 511
498int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags) 512int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags)
499{ 513{
514 if(flags == XN_FLAG_COMPAT)
515 {
516 BIO *btmp;
517 int ret;
518 btmp = BIO_new_fp(fp, BIO_NOCLOSE);
519 if(!btmp) return -1;
520 ret = X509_NAME_print(btmp, nm, indent);
521 BIO_free(btmp);
522 return ret;
523 }
500 return do_name_ex(send_fp_chars, fp, nm, indent, flags); 524 return do_name_ex(send_fp_chars, fp, nm, indent, flags);
501} 525}
502 526
diff --git a/src/lib/libcrypto/asn1/a_strnid.c b/src/lib/libcrypto/asn1/a_strnid.c
index ab8417ffab..04789d1c63 100644
--- a/src/lib/libcrypto/asn1/a_strnid.c
+++ b/src/lib/libcrypto/asn1/a_strnid.c
@@ -65,8 +65,9 @@
65 65
66static STACK_OF(ASN1_STRING_TABLE) *stable = NULL; 66static STACK_OF(ASN1_STRING_TABLE) *stable = NULL;
67static void st_free(ASN1_STRING_TABLE *tbl); 67static void st_free(ASN1_STRING_TABLE *tbl);
68static int sk_table_cmp(ASN1_STRING_TABLE **a, ASN1_STRING_TABLE **b); 68static int sk_table_cmp(const ASN1_STRING_TABLE * const *a,
69static int table_cmp(ASN1_STRING_TABLE *a, ASN1_STRING_TABLE *b); 69 const ASN1_STRING_TABLE * const *b);
70static int table_cmp(const void *a, const void *b);
70 71
71 72
72/* This is the global mask for the mbstring functions: this is use to 73/* This is the global mask for the mbstring functions: this is use to
@@ -104,9 +105,9 @@ int ASN1_STRING_set_default_mask_asc(char *p)
104 mask = strtoul(p + 5, &end, 0); 105 mask = strtoul(p + 5, &end, 0);
105 if(*end) return 0; 106 if(*end) return 0;
106 } else if(!strcmp(p, "nombstr")) 107 } else if(!strcmp(p, "nombstr"))
107 mask = ~(B_ASN1_BMPSTRING|B_ASN1_UTF8STRING); 108 mask = ~((unsigned long)(B_ASN1_BMPSTRING|B_ASN1_UTF8STRING));
108 else if(!strcmp(p, "pkix")) 109 else if(!strcmp(p, "pkix"))
109 mask = ~B_ASN1_T61STRING; 110 mask = ~((unsigned long)B_ASN1_T61STRING);
110 else if(!strcmp(p, "utf8only")) mask = B_ASN1_UTF8STRING; 111 else if(!strcmp(p, "utf8only")) mask = B_ASN1_UTF8STRING;
111 else if(!strcmp(p, "default")) 112 else if(!strcmp(p, "default"))
112 mask = 0xFFFFFFFFL; 113 mask = 0xFFFFFFFFL;
@@ -132,7 +133,7 @@ ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, const unsigned char *in,
132 if(tbl) { 133 if(tbl) {
133 mask = tbl->mask; 134 mask = tbl->mask;
134 if(!(tbl->flags & STABLE_NO_MASK)) mask &= global_mask; 135 if(!(tbl->flags & STABLE_NO_MASK)) mask &= global_mask;
135 ret = ASN1_mbstring_ncopy(out, in, inlen, inform, tbl->mask, 136 ret = ASN1_mbstring_ncopy(out, in, inlen, inform, mask,
136 tbl->minsize, tbl->maxsize); 137 tbl->minsize, tbl->maxsize);
137 } else ret = ASN1_mbstring_copy(out, in, inlen, inform, DIRSTRING_TYPE & global_mask); 138 } else ret = ASN1_mbstring_copy(out, in, inlen, inform, DIRSTRING_TYPE & global_mask);
138 if(ret <= 0) return NULL; 139 if(ret <= 0) return NULL;
@@ -169,18 +170,22 @@ static ASN1_STRING_TABLE tbl_standard[] = {
169{NID_givenName, 1, ub_name, DIRSTRING_TYPE, 0}, 170{NID_givenName, 1, ub_name, DIRSTRING_TYPE, 0},
170{NID_surname, 1, ub_name, DIRSTRING_TYPE, 0}, 171{NID_surname, 1, ub_name, DIRSTRING_TYPE, 0},
171{NID_initials, 1, ub_name, DIRSTRING_TYPE, 0}, 172{NID_initials, 1, ub_name, DIRSTRING_TYPE, 0},
173{NID_friendlyName, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK},
172{NID_name, 1, ub_name, DIRSTRING_TYPE, 0}, 174{NID_name, 1, ub_name, DIRSTRING_TYPE, 0},
173{NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK} 175{NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK},
176{NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK}
174}; 177};
175 178
176static int sk_table_cmp(ASN1_STRING_TABLE **a, ASN1_STRING_TABLE **b) 179static int sk_table_cmp(const ASN1_STRING_TABLE * const *a,
180 const ASN1_STRING_TABLE * const *b)
177{ 181{
178 return (*a)->nid - (*b)->nid; 182 return (*a)->nid - (*b)->nid;
179} 183}
180 184
181static int table_cmp(ASN1_STRING_TABLE *a, ASN1_STRING_TABLE *b) 185static int table_cmp(const void *a, const void *b)
182{ 186{
183 return a->nid - b->nid; 187 const ASN1_STRING_TABLE *sa = a, *sb = b;
188 return sa->nid - sb->nid;
184} 189}
185 190
186ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid) 191ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid)
@@ -192,7 +197,7 @@ ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid)
192 ttmp = (ASN1_STRING_TABLE *) OBJ_bsearch((char *)&fnd, 197 ttmp = (ASN1_STRING_TABLE *) OBJ_bsearch((char *)&fnd,
193 (char *)tbl_standard, 198 (char *)tbl_standard,
194 sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE), 199 sizeof(tbl_standard)/sizeof(ASN1_STRING_TABLE),
195 sizeof(ASN1_STRING_TABLE), (int(*)())table_cmp); 200 sizeof(ASN1_STRING_TABLE), table_cmp);
196 if(ttmp) return ttmp; 201 if(ttmp) return ttmp;
197 if(!stable) return NULL; 202 if(!stable) return NULL;
198 idx = sk_ASN1_STRING_TABLE_find(stable, &fnd); 203 idx = sk_ASN1_STRING_TABLE_find(stable, &fnd);
@@ -213,7 +218,7 @@ int ASN1_STRING_TABLE_add(int nid,
213 return 0; 218 return 0;
214 } 219 }
215 if(!(tmp = ASN1_STRING_TABLE_get(nid))) { 220 if(!(tmp = ASN1_STRING_TABLE_get(nid))) {
216 tmp = Malloc(sizeof(ASN1_STRING_TABLE)); 221 tmp = OPENSSL_malloc(sizeof(ASN1_STRING_TABLE));
217 if(!tmp) { 222 if(!tmp) {
218 ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD, 223 ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD,
219 ERR_R_MALLOC_FAILURE); 224 ERR_R_MALLOC_FAILURE);
@@ -241,7 +246,7 @@ void ASN1_STRING_TABLE_cleanup(void)
241 246
242static void st_free(ASN1_STRING_TABLE *tbl) 247static void st_free(ASN1_STRING_TABLE *tbl)
243{ 248{
244 if(tbl->flags & STABLE_FLAGS_MALLOC) Free(tbl); 249 if(tbl->flags & STABLE_FLAGS_MALLOC) OPENSSL_free(tbl);
245} 250}
246 251
247IMPLEMENT_STACK_OF(ASN1_STRING_TABLE) 252IMPLEMENT_STACK_OF(ASN1_STRING_TABLE)
diff --git a/src/lib/libcrypto/asn1/a_time.c b/src/lib/libcrypto/asn1/a_time.c
index c1690a5694..27ddd30899 100644
--- a/src/lib/libcrypto/asn1/a_time.c
+++ b/src/lib/libcrypto/asn1/a_time.c
@@ -64,8 +64,14 @@
64#include <stdio.h> 64#include <stdio.h>
65#include <time.h> 65#include <time.h>
66#include "cryptlib.h" 66#include "cryptlib.h"
67#include <openssl/asn1.h> 67#include "o_time.h"
68#include <openssl/asn1t.h>
68 69
70IMPLEMENT_ASN1_MSTRING(ASN1_TIME, B_ASN1_TIME)
71
72IMPLEMENT_ASN1_FUNCTIONS(ASN1_TIME)
73
74#if 0
69int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp) 75int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp)
70 { 76 {
71#ifdef CHARSET_EBCDIC 77#ifdef CHARSET_EBCDIC
@@ -89,35 +95,64 @@ int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp)
89 ASN1err(ASN1_F_I2D_ASN1_TIME,ASN1_R_EXPECTING_A_TIME); 95 ASN1err(ASN1_F_I2D_ASN1_TIME,ASN1_R_EXPECTING_A_TIME);
90 return -1; 96 return -1;
91 } 97 }
92 98#endif
93
94ASN1_TIME *d2i_ASN1_TIME(ASN1_TIME **a, unsigned char **pp, long length)
95 {
96 unsigned char tag;
97 tag = **pp & ~V_ASN1_CONSTRUCTED;
98 if(tag == (V_ASN1_UTCTIME|V_ASN1_UNIVERSAL))
99 return d2i_ASN1_UTCTIME(a, pp, length);
100 if(tag == (V_ASN1_GENERALIZEDTIME|V_ASN1_UNIVERSAL))
101 return d2i_ASN1_GENERALIZEDTIME(a, pp, length);
102 ASN1err(ASN1_F_D2I_ASN1_TIME,ASN1_R_EXPECTING_A_TIME);
103 return(NULL);
104 }
105 99
106 100
107ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t) 101ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t)
108 { 102 {
109 struct tm *ts; 103 struct tm *ts;
110#if defined(THREADS) && !defined(WIN32)
111 struct tm data; 104 struct tm data;
112#endif
113 105
114#if defined(THREADS) && !defined(WIN32) 106 ts=OPENSSL_gmtime(&t,&data);
115 gmtime_r(&t,&data); 107 if (ts == NULL)
116 ts=&data; /* should return &data, but doesn't on some systems, so we don't even look at the return value */ 108 return NULL;
117#else
118 ts=gmtime(&t);
119#endif
120 if((ts->tm_year >= 50) && (ts->tm_year < 150)) 109 if((ts->tm_year >= 50) && (ts->tm_year < 150))
121 return ASN1_UTCTIME_set(s, t); 110 return ASN1_UTCTIME_set(s, t);
122 return ASN1_GENERALIZEDTIME_set(s,t); 111 return ASN1_GENERALIZEDTIME_set(s,t);
123 } 112 }
113
114int ASN1_TIME_check(ASN1_TIME *t)
115 {
116 if (t->type == V_ASN1_GENERALIZEDTIME)
117 return ASN1_GENERALIZEDTIME_check(t);
118 else if (t->type == V_ASN1_UTCTIME)
119 return ASN1_UTCTIME_check(t);
120 return 0;
121 }
122
123/* Convert an ASN1_TIME structure to GeneralizedTime */
124ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out)
125 {
126 ASN1_GENERALIZEDTIME *ret;
127 char *str;
128
129 if (!ASN1_TIME_check(t)) return NULL;
130
131 if (!out || !*out)
132 {
133 if (!(ret = ASN1_GENERALIZEDTIME_new ()))
134 return NULL;
135 if (out) *out = ret;
136 }
137 else ret = *out;
138
139 /* If already GeneralizedTime just copy across */
140 if (t->type == V_ASN1_GENERALIZEDTIME)
141 {
142 if(!ASN1_STRING_set(ret, t->data, t->length))
143 return NULL;
144 return ret;
145 }
146
147 /* grow the string */
148 if (!ASN1_STRING_set(ret, NULL, t->length + 2))
149 return NULL;
150 str = (char *)ret->data;
151 /* Work out the century and prepend */
152 if (t->data[0] >= '5') strcpy(str, "19");
153 else strcpy(str, "20");
154
155 strcat(str, (char *)t->data);
156
157 return ret;
158 }
diff --git a/src/lib/libcrypto/asn1/a_type.c b/src/lib/libcrypto/asn1/a_type.c
index 7c0004084c..96e111cf23 100644
--- a/src/lib/libcrypto/asn1/a_type.c
+++ b/src/lib/libcrypto/asn1/a_type.c
@@ -57,219 +57,10 @@
57 */ 57 */
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include <openssl/asn1t.h>
60#include "cryptlib.h" 61#include "cryptlib.h"
61#include "asn1_mac.h"
62 62
63/* ASN1err(ASN1_F_ASN1_TYPE_NEW,ASN1_R_ERROR_STACK); 63int ASN1_TYPE_get(ASN1_TYPE *a)
64 * ASN1err(ASN1_F_D2I_ASN1_BYTES,ASN1_R_ERROR_STACK);
65 * ASN1err(ASN1_F_D2I_ASN1_BYTES,ASN1_R_WRONG_TAG);
66 * ASN1err(ASN1_F_ASN1_COLLATE_PRIMATIVE,ASN1_R_WRONG_TAG);
67 */
68
69#ifndef NOPROTO
70static void ASN1_TYPE_component_free(ASN1_TYPE *a);
71#else
72static void ASN1_TYPE_component_free();
73#endif
74
75int i2d_ASN1_TYPE(a,pp)
76ASN1_TYPE *a;
77unsigned char **pp;
78 {
79 int r=0;
80
81 if (a == NULL) return(0);
82
83 switch (a->type)
84 {
85 case V_ASN1_NULL:
86 if (pp != NULL)
87 ASN1_put_object(pp,0,0,V_ASN1_NULL,V_ASN1_UNIVERSAL);
88 r=2;
89 break;
90 case V_ASN1_INTEGER:
91 case V_ASN1_NEG_INTEGER:
92 r=i2d_ASN1_INTEGER(a->value.integer,pp);
93 break;
94 case V_ASN1_BIT_STRING:
95 r=i2d_ASN1_BIT_STRING(a->value.bit_string,pp);
96 break;
97 case V_ASN1_OCTET_STRING:
98 r=i2d_ASN1_OCTET_STRING(a->value.octet_string,pp);
99 break;
100 case V_ASN1_OBJECT:
101 r=i2d_ASN1_OBJECT(a->value.object,pp);
102 break;
103 case V_ASN1_PRINTABLESTRING:
104 r=M_i2d_ASN1_PRINTABLESTRING(a->value.printablestring,pp);
105 break;
106 case V_ASN1_T61STRING:
107 r=M_i2d_ASN1_T61STRING(a->value.t61string,pp);
108 break;
109 case V_ASN1_IA5STRING:
110 r=M_i2d_ASN1_IA5STRING(a->value.ia5string,pp);
111 break;
112 case V_ASN1_GENERALSTRING:
113 r=M_i2d_ASN1_GENERALSTRING(a->value.generalstring,pp);
114 break;
115 case V_ASN1_UNIVERSALSTRING:
116 r=M_i2d_ASN1_UNIVERSALSTRING(a->value.universalstring,pp);
117 break;
118 case V_ASN1_BMPSTRING:
119 r=M_i2d_ASN1_BMPSTRING(a->value.bmpstring,pp);
120 break;
121 case V_ASN1_UTCTIME:
122 r=i2d_ASN1_UTCTIME(a->value.utctime,pp);
123 break;
124 case V_ASN1_SET:
125 case V_ASN1_SEQUENCE:
126 if (a->value.set == NULL)
127 r=0;
128 else
129 {
130 r=a->value.set->length;
131 if (pp != NULL)
132 {
133 memcpy(*pp,a->value.set->data,r);
134 *pp+=r;
135 }
136 }
137 break;
138 }
139 return(r);
140 }
141
142ASN1_TYPE *d2i_ASN1_TYPE(a,pp,length)
143ASN1_TYPE **a;
144unsigned char **pp;
145long length;
146 {
147 ASN1_TYPE *ret=NULL;
148 unsigned char *q,*p,*max;
149 int inf,tag,xclass;
150 long len;
151
152 if ((a == NULL) || ((*a) == NULL))
153 {
154 if ((ret=ASN1_TYPE_new()) == NULL) goto err;
155 }
156 else
157 ret=(*a);
158
159 p= *pp;
160 q=p;
161 max=(p+length);
162
163 inf=ASN1_get_object(&q,&len,&tag,&xclass,length);
164 if (inf & 0x80) goto err;
165
166 ASN1_TYPE_component_free(ret);
167
168 switch (tag)
169 {
170 case V_ASN1_NULL:
171 p=q;
172 ret->value.ptr=NULL;
173 break;
174 case V_ASN1_INTEGER:
175 if ((ret->value.integer=
176 d2i_ASN1_INTEGER(NULL,&p,max-p)) == NULL)
177 goto err;
178 break;
179 case V_ASN1_BIT_STRING:
180 if ((ret->value.bit_string=
181 d2i_ASN1_BIT_STRING(NULL,&p,max-p)) == NULL)
182 goto err;
183 break;
184 case V_ASN1_OCTET_STRING:
185 if ((ret->value.octet_string=
186 d2i_ASN1_OCTET_STRING(NULL,&p,max-p)) == NULL)
187 goto err;
188 break;
189 case V_ASN1_OBJECT:
190 if ((ret->value.object=
191 d2i_ASN1_OBJECT(NULL,&p,max-p)) == NULL)
192 goto err;
193 break;
194 case V_ASN1_PRINTABLESTRING:
195 if ((ret->value.printablestring=
196 d2i_ASN1_PRINTABLESTRING(NULL,&p,max-p)) == NULL)
197 goto err;
198 break;
199 case V_ASN1_T61STRING:
200 if ((ret->value.t61string=
201 M_d2i_ASN1_T61STRING(NULL,&p,max-p)) == NULL)
202 goto err;
203 break;
204 case V_ASN1_IA5STRING:
205 if ((ret->value.ia5string=
206 M_d2i_ASN1_IA5STRING(NULL,&p,max-p)) == NULL)
207 goto err;
208 break;
209 case V_ASN1_GENERALSTRING:
210 if ((ret->value.generalstring=
211 M_d2i_ASN1_GENERALSTRING(NULL,&p,max-p)) == NULL)
212 goto err;
213 break;
214 case V_ASN1_UNIVERSALSTRING:
215 if ((ret->value.universalstring=
216 M_d2i_ASN1_UNIVERSALSTRING(NULL,&p,max-p)) == NULL)
217 goto err;
218 break;
219 case V_ASN1_BMPSTRING:
220 if ((ret->value.bmpstring=
221 M_d2i_ASN1_BMPSTRING(NULL,&p,max-p)) == NULL)
222 goto err;
223 break;
224 case V_ASN1_UTCTIME:
225 if ((ret->value.utctime=
226 d2i_ASN1_UTCTIME(NULL,&p,max-p)) == NULL)
227 goto err;
228 break;
229 case V_ASN1_SET:
230 case V_ASN1_SEQUENCE:
231 /* Sets and sequences are left complete */
232 if ((ret->value.set=ASN1_STRING_new()) == NULL) goto err;
233 ret->value.set->type=tag;
234 len+=(q-p);
235 if (!ASN1_STRING_set(ret->value.set,p,(int)len)) goto err;
236 p+=len;
237 break;
238 default:
239 ASN1err(ASN1_F_D2I_ASN1_TYPE,ASN1_R_BAD_TYPE);
240 goto err;
241 }
242
243 ret->type=tag;
244 if (a != NULL) (*a)=ret;
245 *pp=p;
246 return(ret);
247err:
248 if ((ret != NULL) && ((a == NULL) || (*a != ret))) ASN1_TYPE_free(ret);
249 return(NULL);
250 }
251
252ASN1_TYPE *ASN1_TYPE_new()
253 {
254 ASN1_TYPE *ret=NULL;
255
256 M_ASN1_New_Malloc(ret,ASN1_TYPE);
257 ret->type= -1;
258 ret->value.ptr=NULL;
259 return(ret);
260 M_ASN1_New_Error(ASN1_F_ASN1_TYPE_NEW);
261 }
262
263void ASN1_TYPE_free(a)
264ASN1_TYPE *a;
265 {
266 if (a == NULL) return;
267 ASN1_TYPE_component_free(a);
268 Free((char *)(char *)a);
269 }
270
271int ASN1_TYPE_get(a)
272ASN1_TYPE *a;
273 { 64 {
274 if (a->value.ptr != NULL) 65 if (a->value.ptr != NULL)
275 return(a->type); 66 return(a->type);
@@ -277,49 +68,14 @@ ASN1_TYPE *a;
277 return(0); 68 return(0);
278 } 69 }
279 70
280void ASN1_TYPE_set(a,type,value) 71void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
281ASN1_TYPE *a;
282int type;
283char *value;
284 { 72 {
285 if (a->value.ptr != NULL) 73 if (a->value.ptr != NULL)
286 ASN1_TYPE_component_free(a); 74 ASN1_primitive_free((ASN1_VALUE **)&a, NULL);
287 a->type=type; 75 a->type=type;
288 a->value.ptr=value; 76 a->value.ptr=value;
289 } 77 }
290 78
291static void ASN1_TYPE_component_free(a)
292ASN1_TYPE *a;
293 {
294 if (a == NULL) return;
295
296 if (a->value.ptr != NULL)
297 {
298 switch (a->type)
299 {
300 case V_ASN1_OBJECT:
301 ASN1_OBJECT_free(a->value.object);
302 break;
303 case V_ASN1_INTEGER:
304 case V_ASN1_NEG_INTEGER:
305 case V_ASN1_BIT_STRING:
306 case V_ASN1_OCTET_STRING:
307 case V_ASN1_PRINTABLESTRING:
308 case V_ASN1_T61STRING:
309 case V_ASN1_IA5STRING:
310 case V_ASN1_UNIVERSALSTRING:
311 case V_ASN1_GENERALSTRING:
312 case V_ASN1_UTCTIME:
313 case V_ASN1_SET:
314 case V_ASN1_SEQUENCE:
315 ASN1_STRING_free((ASN1_STRING *)a->value.ptr);
316 break;
317 default:
318 /* MEMORY LEAK */
319 break;
320 }
321 a->type=0;
322 a->value.ptr=NULL;
323 }
324 }
325 79
80IMPLEMENT_STACK_OF(ASN1_TYPE)
81IMPLEMENT_ASN1_SET_OF(ASN1_TYPE)
diff --git a/src/lib/libcrypto/asn1/a_utf8.c b/src/lib/libcrypto/asn1/a_utf8.c
index 4a8a92e9e4..508e11e527 100644
--- a/src/lib/libcrypto/asn1/a_utf8.c
+++ b/src/lib/libcrypto/asn1/a_utf8.c
@@ -60,24 +60,152 @@
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/asn1.h> 61#include <openssl/asn1.h>
62 62
63int i2d_ASN1_UTF8STRING(ASN1_UTF8STRING *a, unsigned char **pp)
64 {
65 return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
66 V_ASN1_UTF8STRING,V_ASN1_UNIVERSAL));
67 }
68 63
69ASN1_UTF8STRING *d2i_ASN1_UTF8STRING(ASN1_UTF8STRING **a, unsigned char **pp, 64/* UTF8 utilities */
70 long length) 65
71 { 66/* This parses a UTF8 string one character at a time. It is passed a pointer
72 ASN1_UTF8STRING *ret=NULL; 67 * to the string and the length of the string. It sets 'value' to the value of
68 * the current character. It returns the number of characters read or a
69 * negative error code:
70 * -1 = string too short
71 * -2 = illegal character
72 * -3 = subsequent characters not of the form 10xxxxxx
73 * -4 = character encoded incorrectly (not minimal length).
74 */
75
76int UTF8_getc(const unsigned char *str, int len, unsigned long *val)
77{
78 const unsigned char *p;
79 unsigned long value;
80 int ret;
81 if(len <= 0) return 0;
82 p = str;
73 83
74 ret=(ASN1_UTF8STRING *)d2i_ASN1_bytes((ASN1_STRING **)a, 84 /* Check syntax and work out the encoded value (if correct) */
75 pp,length,V_ASN1_UTF8STRING,V_ASN1_UNIVERSAL); 85 if((*p & 0x80) == 0) {
76 if (ret == NULL) 86 value = *p++ & 0x7f;
77 { 87 ret = 1;
78 ASN1err(ASN1_F_D2I_ASN1_UTF8STRING,ERR_R_NESTED_ASN1_ERROR); 88 } else if((*p & 0xe0) == 0xc0) {
79 return(NULL); 89 if(len < 2) return -1;
90 if((p[1] & 0xc0) != 0x80) return -3;
91 value = (*p++ & 0x1f) << 6;
92 value |= *p++ & 0x3f;
93 if(value < 0x80) return -4;
94 ret = 2;
95 } else if((*p & 0xf0) == 0xe0) {
96 if(len < 3) return -1;
97 if( ((p[1] & 0xc0) != 0x80)
98 || ((p[2] & 0xc0) != 0x80) ) return -3;
99 value = (*p++ & 0xf) << 12;
100 value |= (*p++ & 0x3f) << 6;
101 value |= *p++ & 0x3f;
102 if(value < 0x800) return -4;
103 ret = 3;
104 } else if((*p & 0xf8) == 0xf0) {
105 if(len < 4) return -1;
106 if( ((p[1] & 0xc0) != 0x80)
107 || ((p[2] & 0xc0) != 0x80)
108 || ((p[3] & 0xc0) != 0x80) ) return -3;
109 value = ((unsigned long)(*p++ & 0x7)) << 18;
110 value |= (*p++ & 0x3f) << 12;
111 value |= (*p++ & 0x3f) << 6;
112 value |= *p++ & 0x3f;
113 if(value < 0x10000) return -4;
114 ret = 4;
115 } else if((*p & 0xfc) == 0xf8) {
116 if(len < 5) return -1;
117 if( ((p[1] & 0xc0) != 0x80)
118 || ((p[2] & 0xc0) != 0x80)
119 || ((p[3] & 0xc0) != 0x80)
120 || ((p[4] & 0xc0) != 0x80) ) return -3;
121 value = ((unsigned long)(*p++ & 0x3)) << 24;
122 value |= ((unsigned long)(*p++ & 0x3f)) << 18;
123 value |= ((unsigned long)(*p++ & 0x3f)) << 12;
124 value |= (*p++ & 0x3f) << 6;
125 value |= *p++ & 0x3f;
126 if(value < 0x200000) return -4;
127 ret = 5;
128 } else if((*p & 0xfe) == 0xfc) {
129 if(len < 6) return -1;
130 if( ((p[1] & 0xc0) != 0x80)
131 || ((p[2] & 0xc0) != 0x80)
132 || ((p[3] & 0xc0) != 0x80)
133 || ((p[4] & 0xc0) != 0x80)
134 || ((p[5] & 0xc0) != 0x80) ) return -3;
135 value = ((unsigned long)(*p++ & 0x1)) << 30;
136 value |= ((unsigned long)(*p++ & 0x3f)) << 24;
137 value |= ((unsigned long)(*p++ & 0x3f)) << 18;
138 value |= ((unsigned long)(*p++ & 0x3f)) << 12;
139 value |= (*p++ & 0x3f) << 6;
140 value |= *p++ & 0x3f;
141 if(value < 0x4000000) return -4;
142 ret = 6;
143 } else return -2;
144 *val = value;
145 return ret;
146}
147
148/* This takes a character 'value' and writes the UTF8 encoded value in
149 * 'str' where 'str' is a buffer containing 'len' characters. Returns
150 * the number of characters written or -1 if 'len' is too small. 'str' can
151 * be set to NULL in which case it just returns the number of characters.
152 * It will need at most 6 characters.
153 */
154
155int UTF8_putc(unsigned char *str, int len, unsigned long value)
156{
157 if(!str) len = 6; /* Maximum we will need */
158 else if(len <= 0) return -1;
159 if(value < 0x80) {
160 if(str) *str = (unsigned char)value;
161 return 1;
162 }
163 if(value < 0x800) {
164 if(len < 2) return -1;
165 if(str) {
166 *str++ = (unsigned char)(((value >> 6) & 0x1f) | 0xc0);
167 *str = (unsigned char)((value & 0x3f) | 0x80);
80 } 168 }
81 return(ret); 169 return 2;
82 } 170 }
83 171 if(value < 0x10000) {
172 if(len < 3) return -1;
173 if(str) {
174 *str++ = (unsigned char)(((value >> 12) & 0xf) | 0xe0);
175 *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
176 *str = (unsigned char)((value & 0x3f) | 0x80);
177 }
178 return 3;
179 }
180 if(value < 0x200000) {
181 if(len < 4) return -1;
182 if(str) {
183 *str++ = (unsigned char)(((value >> 18) & 0x7) | 0xf0);
184 *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
185 *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
186 *str = (unsigned char)((value & 0x3f) | 0x80);
187 }
188 return 4;
189 }
190 if(value < 0x4000000) {
191 if(len < 5) return -1;
192 if(str) {
193 *str++ = (unsigned char)(((value >> 24) & 0x3) | 0xf8);
194 *str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80);
195 *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
196 *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
197 *str = (unsigned char)((value & 0x3f) | 0x80);
198 }
199 return 5;
200 }
201 if(len < 6) return -1;
202 if(str) {
203 *str++ = (unsigned char)(((value >> 30) & 0x1) | 0xfc);
204 *str++ = (unsigned char)(((value >> 24) & 0x3f) | 0x80);
205 *str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80);
206 *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
207 *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
208 *str = (unsigned char)((value & 0x3f) | 0x80);
209 }
210 return 6;
211}
diff --git a/src/lib/libcrypto/asn1/a_verify.c b/src/lib/libcrypto/asn1/a_verify.c
index 03fc63dbef..bf41de5146 100644
--- a/src/lib/libcrypto/asn1/a_verify.c
+++ b/src/lib/libcrypto/asn1/a_verify.c
@@ -58,29 +58,30 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include <time.h> 60#include <time.h>
61#include <sys/types.h>
62#include <sys/stat.h>
63 61
64#include "cryptlib.h" 62#include "cryptlib.h"
65#include "bn.h" 63
66#include "x509.h" 64#ifndef NO_SYS_TYPES_H
67#include "objects.h" 65# include <sys/types.h>
68#include "buffer.h" 66#endif
69#include "evp.h" 67
70#include "pem.h" 68#include <openssl/bn.h>
71 69#include <openssl/x509.h>
72int ASN1_verify(i2d,a,signature,data,pkey) 70#include <openssl/objects.h>
73int (*i2d)(); 71#include <openssl/buffer.h>
74X509_ALGOR *a; 72#include <openssl/evp.h>
75ASN1_BIT_STRING *signature; 73
76char *data; 74#ifndef NO_ASN1_OLD
77EVP_PKEY *pkey; 75
76int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature,
77 char *data, EVP_PKEY *pkey)
78 { 78 {
79 EVP_MD_CTX ctx; 79 EVP_MD_CTX ctx;
80 EVP_MD *type; 80 const EVP_MD *type;
81 unsigned char *p,*buf_in=NULL; 81 unsigned char *p,*buf_in=NULL;
82 int ret= -1,i,inl; 82 int ret= -1,i,inl;
83 83
84 EVP_MD_CTX_init(&ctx);
84 i=OBJ_obj2nid(a->algorithm); 85 i=OBJ_obj2nid(a->algorithm);
85 type=EVP_get_digestbyname(OBJ_nid2sn(i)); 86 type=EVP_get_digestbyname(OBJ_nid2sn(i));
86 if (type == NULL) 87 if (type == NULL)
@@ -90,7 +91,7 @@ EVP_PKEY *pkey;
90 } 91 }
91 92
92 inl=i2d(data,NULL); 93 inl=i2d(data,NULL);
93 buf_in=(unsigned char *)Malloc((unsigned int)inl); 94 buf_in=OPENSSL_malloc((unsigned int)inl);
94 if (buf_in == NULL) 95 if (buf_in == NULL)
95 { 96 {
96 ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE); 97 ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE);
@@ -99,11 +100,61 @@ EVP_PKEY *pkey;
99 p=buf_in; 100 p=buf_in;
100 101
101 i2d(data,&p); 102 i2d(data,&p);
102 EVP_VerifyInit(&ctx,type); 103 EVP_VerifyInit_ex(&ctx,type, NULL);
104 EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
105
106 memset(buf_in,0,(unsigned int)inl);
107 OPENSSL_free(buf_in);
108
109 if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data,
110 (unsigned int)signature->length,pkey) <= 0)
111 {
112 ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
113 ret=0;
114 goto err;
115 }
116 /* we don't need to zero the 'ctx' because we just checked
117 * public information */
118 /* memset(&ctx,0,sizeof(ctx)); */
119 ret=1;
120err:
121 EVP_MD_CTX_cleanup(&ctx);
122 return(ret);
123 }
124
125#endif
126
127
128int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signature,
129 void *asn, EVP_PKEY *pkey)
130 {
131 EVP_MD_CTX ctx;
132 const EVP_MD *type;
133 unsigned char *buf_in=NULL;
134 int ret= -1,i,inl;
135
136 EVP_MD_CTX_init(&ctx);
137 i=OBJ_obj2nid(a->algorithm);
138 type=EVP_get_digestbyname(OBJ_nid2sn(i));
139 if (type == NULL)
140 {
141 ASN1err(ASN1_F_ASN1_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
142 goto err;
143 }
144
145 inl = ASN1_item_i2d(asn, &buf_in, it);
146
147 if (buf_in == NULL)
148 {
149 ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE);
150 goto err;
151 }
152
153 EVP_VerifyInit_ex(&ctx,type, NULL);
103 EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl); 154 EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
104 155
105 memset(buf_in,0,(unsigned int)inl); 156 memset(buf_in,0,(unsigned int)inl);
106 Free((char *)buf_in); 157 OPENSSL_free(buf_in);
107 158
108 if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, 159 if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data,
109 (unsigned int)signature->length,pkey) <= 0) 160 (unsigned int)signature->length,pkey) <= 0)
@@ -117,5 +168,8 @@ EVP_PKEY *pkey;
117 /* memset(&ctx,0,sizeof(ctx)); */ 168 /* memset(&ctx,0,sizeof(ctx)); */
118 ret=1; 169 ret=1;
119err: 170err:
171 EVP_MD_CTX_cleanup(&ctx);
120 return(ret); 172 return(ret);
121 } 173 }
174
175
diff --git a/src/lib/libcrypto/asn1/asn1.h b/src/lib/libcrypto/asn1/asn1.h
index 9793db365d..0d1713f8dd 100644
--- a/src/lib/libcrypto/asn1/asn1.h
+++ b/src/lib/libcrypto/asn1/asn1.h
@@ -59,29 +59,49 @@
59#ifndef HEADER_ASN1_H 59#ifndef HEADER_ASN1_H
60#define HEADER_ASN1_H 60#define HEADER_ASN1_H
61 61
62#include <time.h>
63#ifndef OPENSSL_NO_BIO
64#include <openssl/bio.h>
65#endif
66#include <openssl/e_os2.h>
67#include <openssl/bn.h>
68#include <openssl/stack.h>
69#include <openssl/safestack.h>
70
71#include <openssl/symhacks.h>
72
73#include <openssl/e_os2.h>
74#include <openssl/ossl_typ.h>
75
76#ifdef OPENSSL_BUILD_SHLIBCRYPTO
77# undef OPENSSL_EXTERN
78# define OPENSSL_EXTERN OPENSSL_EXPORT
79#endif
80
62#ifdef __cplusplus 81#ifdef __cplusplus
63extern "C" { 82extern "C" {
64#endif 83#endif
65 84
66#include <time.h>
67#include "bn.h"
68#include "stack.h"
69
70#define V_ASN1_UNIVERSAL 0x00 85#define V_ASN1_UNIVERSAL 0x00
71#define V_ASN1_APPLICATION 0x40 86#define V_ASN1_APPLICATION 0x40
72#define V_ASN1_CONTEXT_SPECIFIC 0x80 87#define V_ASN1_CONTEXT_SPECIFIC 0x80
73#define V_ASN1_PRIVATE 0xc0 88#define V_ASN1_PRIVATE 0xc0
74 89
75#define V_ASN1_CONSTRUCTED 0x20 90#define V_ASN1_CONSTRUCTED 0x20
91#define V_ASN1_PRIMITIVE_TAG 0x1f
76#define V_ASN1_PRIMATIVE_TAG 0x1f 92#define V_ASN1_PRIMATIVE_TAG 0x1f
77 93
78#define V_ASN1_APP_CHOOSE -2 /* let the recipent choose */ 94#define V_ASN1_APP_CHOOSE -2 /* let the recipient choose */
95#define V_ASN1_OTHER -3 /* used in ASN1_TYPE */
96#define V_ASN1_ANY -4 /* used in ASN1 template code */
97
98#define V_ASN1_NEG 0x100 /* negative flag */
79 99
80#define V_ASN1_UNDEF -1 100#define V_ASN1_UNDEF -1
81#define V_ASN1_EOC 0 101#define V_ASN1_EOC 0
82#define V_ASN1_BOOLEAN 1 /**/ 102#define V_ASN1_BOOLEAN 1 /**/
83#define V_ASN1_INTEGER 2 103#define V_ASN1_INTEGER 2
84#define V_ASN1_NEG_INTEGER (2+0x100) 104#define V_ASN1_NEG_INTEGER (2 | V_ASN1_NEG)
85#define V_ASN1_BIT_STRING 3 105#define V_ASN1_BIT_STRING 3
86#define V_ASN1_OCTET_STRING 4 106#define V_ASN1_OCTET_STRING 4
87#define V_ASN1_NULL 5 107#define V_ASN1_NULL 5
@@ -89,7 +109,9 @@ extern "C" {
89#define V_ASN1_OBJECT_DESCRIPTOR 7 109#define V_ASN1_OBJECT_DESCRIPTOR 7
90#define V_ASN1_EXTERNAL 8 110#define V_ASN1_EXTERNAL 8
91#define V_ASN1_REAL 9 111#define V_ASN1_REAL 9
92#define V_ASN1_ENUMERATED 10 /* microsoft weirdness */ 112#define V_ASN1_ENUMERATED 10
113#define V_ASN1_NEG_ENUMERATED (10 | V_ASN1_NEG)
114#define V_ASN1_UTF8STRING 12
93#define V_ASN1_SEQUENCE 16 115#define V_ASN1_SEQUENCE 16
94#define V_ASN1_SET 17 116#define V_ASN1_SET 17
95#define V_ASN1_NUMERICSTRING 18 /**/ 117#define V_ASN1_NUMERICSTRING 18 /**/
@@ -111,111 +133,33 @@ extern "C" {
111#define B_ASN1_NUMERICSTRING 0x0001 133#define B_ASN1_NUMERICSTRING 0x0001
112#define B_ASN1_PRINTABLESTRING 0x0002 134#define B_ASN1_PRINTABLESTRING 0x0002
113#define B_ASN1_T61STRING 0x0004 135#define B_ASN1_T61STRING 0x0004
136#define B_ASN1_TELETEXSTRING 0x0008
114#define B_ASN1_VIDEOTEXSTRING 0x0008 137#define B_ASN1_VIDEOTEXSTRING 0x0008
115#define B_ASN1_IA5STRING 0x0010 138#define B_ASN1_IA5STRING 0x0010
116#define B_ASN1_GRAPHICSTRING 0x0020 139#define B_ASN1_GRAPHICSTRING 0x0020
117#define B_ASN1_ISO64STRING 0x0040 140#define B_ASN1_ISO64STRING 0x0040
141#define B_ASN1_VISIBLESTRING 0x0040
118#define B_ASN1_GENERALSTRING 0x0080 142#define B_ASN1_GENERALSTRING 0x0080
119#define B_ASN1_UNIVERSALSTRING 0x0100 143#define B_ASN1_UNIVERSALSTRING 0x0100
120#define B_ASN1_OCTET_STRING 0x0200 144#define B_ASN1_OCTET_STRING 0x0200
121#define B_ASN1_BIT_STRING 0x0400 145#define B_ASN1_BIT_STRING 0x0400
122#define B_ASN1_BMPSTRING 0x0800 146#define B_ASN1_BMPSTRING 0x0800
123#define B_ASN1_UNKNOWN 0x1000 147#define B_ASN1_UNKNOWN 0x1000
148#define B_ASN1_UTF8STRING 0x2000
149#define B_ASN1_UTCTIME 0x4000
150#define B_ASN1_GENERALIZEDTIME 0x8000
124 151
125#ifndef DEBUG 152/* For use with ASN1_mbstring_copy() */
126 153#define MBSTRING_FLAG 0x1000
127#define ASN1_INTEGER ASN1_STRING 154#define MBSTRING_ASC (MBSTRING_FLAG|1)
128#define ASN1_BIT_STRING ASN1_STRING 155#define MBSTRING_BMP (MBSTRING_FLAG|2)
129#define ASN1_OCTET_STRING ASN1_STRING 156#define MBSTRING_UNIV (MBSTRING_FLAG|3)
130#define ASN1_PRINTABLESTRING ASN1_STRING 157#define MBSTRING_UTF8 (MBSTRING_FLAG|4)
131#define ASN1_T61STRING ASN1_STRING
132#define ASN1_IA5STRING ASN1_STRING
133#define ASN1_UTCTIME ASN1_STRING
134#define ASN1_GENERALIZEDTIME ASN1_STRING
135#define ASN1_GENERALSTRING ASN1_STRING
136#define ASN1_UNIVERSALSTRING ASN1_STRING
137#define ASN1_BMPSTRING ASN1_STRING
138
139#else
140
141typedef struct asn1_integer_st
142 {
143 int length;
144 int type;
145 unsigned char *data;
146 } ASN1_INTEGER;
147
148typedef struct asn1_bit_string_st
149 {
150 int length;
151 int type;
152 unsigned char *data;
153 } ASN1_BIT_STRING;
154
155typedef struct asn1_octet_string_st
156 {
157 int length;
158 int type;
159 unsigned char *data;
160 } ASN1_OCTET_STRING;
161
162typedef struct asn1_printablestring_st
163 {
164 int length;
165 int type;
166 unsigned char *data;
167 } ASN1_PRINTABLESTRING;
168 158
169typedef struct asn1_t61string_st 159struct X509_algor_st;
170 {
171 int length;
172 int type;
173 unsigned char *data;
174 } ASN1_T61STRING;
175 160
176typedef struct asn1_ia5string_st 161#define DECLARE_ASN1_SET_OF(type) /* filled in by mkstack.pl */
177 { 162#define IMPLEMENT_ASN1_SET_OF(type) /* nothing, no longer needed */
178 int length;
179 int type;
180 unsigned char *data;
181 } ASN1_IA5STRING;
182
183typedef struct asn1_generalstring_st
184 {
185 int length;
186 int type;
187 unsigned char *data;
188 } ASN1_GENERALSTRING;
189
190typedef struct asn1_universalstring_st
191 {
192 int length;
193 int type;
194 unsigned char *data;
195 } ASN1_UNIVERSALSTRING;
196
197typedef struct asn1_bmpstring_st
198 {
199 int length;
200 int type;
201 unsigned char *data;
202 } ASN1_BMPSTRING;
203
204typedef struct asn1_utctime_st
205 {
206 int length;
207 int type;
208 unsigned char *data;
209 } ASN1_UTCTIME;
210
211typedef struct asn1_generalizedtime_st
212 {
213 int length;
214 int type;
215 unsigned char *data;
216 } ASN1_GENERALIZEDTIME;
217
218#endif
219 163
220typedef struct asn1_ctx_st 164typedef struct asn1_ctx_st
221 { 165 {
@@ -226,9 +170,10 @@ typedef struct asn1_ctx_st
226 int tag; /* tag from last 'get object' */ 170 int tag; /* tag from last 'get object' */
227 int xclass; /* class from last 'get object' */ 171 int xclass; /* class from last 'get object' */
228 long slen; /* length of last 'get object' */ 172 long slen; /* length of last 'get object' */
229 unsigned char *max; /* largest value of p alowed */ 173 unsigned char *max; /* largest value of p allowed */
230 unsigned char *q;/* temporary variable */ 174 unsigned char *q;/* temporary variable */
231 unsigned char **pp;/* variable */ 175 unsigned char **pp;/* variable */
176 int line; /* used in error processing */
232 } ASN1_CTX; 177 } ASN1_CTX;
233 178
234/* These are used internally in the ASN1_OBJECT to keep track of 179/* These are used internally in the ASN1_OBJECT to keep track of
@@ -239,29 +184,274 @@ typedef struct asn1_ctx_st
239#define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08 /* internal use */ 184#define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08 /* internal use */
240typedef struct asn1_object_st 185typedef struct asn1_object_st
241 { 186 {
242 char *sn,*ln; 187 const char *sn,*ln;
243 int nid; 188 int nid;
244 int length; 189 int length;
245 unsigned char *data; 190 unsigned char *data;
246 int flags; /* Should we free this one */ 191 int flags; /* Should we free this one */
247 } ASN1_OBJECT; 192 } ASN1_OBJECT;
248 193
194#define ASN1_STRING_FLAG_BITS_LEFT 0x08 /* Set if 0x07 has bits left value */
249/* This is the base type that holds just about everything :-) */ 195/* This is the base type that holds just about everything :-) */
250typedef struct asn1_string_st 196typedef struct asn1_string_st
251 { 197 {
252 int length; 198 int length;
253 int type; 199 int type;
254 unsigned char *data; 200 unsigned char *data;
201 /* The value of the following field depends on the type being
202 * held. It is mostly being used for BIT_STRING so if the
203 * input data has a non-zero 'unused bits' value, it will be
204 * handled correctly */
205 long flags;
255 } ASN1_STRING; 206 } ASN1_STRING;
256 207
208/* ASN1_ENCODING structure: this is used to save the received
209 * encoding of an ASN1 type. This is useful to get round
210 * problems with invalid encodings which can break signatures.
211 */
212
213typedef struct ASN1_ENCODING_st
214 {
215 unsigned char *enc; /* DER encoding */
216 long len; /* Length of encoding */
217 int modified; /* set to 1 if 'enc' is invalid */
218 } ASN1_ENCODING;
219
220/* Used with ASN1 LONG type: if a long is set to this it is omitted */
221#define ASN1_LONG_UNDEF 0x7fffffffL
222
223#define STABLE_FLAGS_MALLOC 0x01
224#define STABLE_NO_MASK 0x02
225#define DIRSTRING_TYPE \
226 (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_BMPSTRING|B_ASN1_UTF8STRING)
227#define PKCS9STRING_TYPE (DIRSTRING_TYPE|B_ASN1_IA5STRING)
228
229typedef struct asn1_string_table_st {
230 int nid;
231 long minsize;
232 long maxsize;
233 unsigned long mask;
234 unsigned long flags;
235} ASN1_STRING_TABLE;
236
237DECLARE_STACK_OF(ASN1_STRING_TABLE)
238
239/* size limits: this stuff is taken straight from RFC2459 */
240
241#define ub_name 32768
242#define ub_common_name 64
243#define ub_locality_name 128
244#define ub_state_name 128
245#define ub_organization_name 64
246#define ub_organization_unit_name 64
247#define ub_title 64
248#define ub_email_address 128
249
250/* Declarations for template structures: for full definitions
251 * see asn1t.h
252 */
253typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE;
254typedef struct ASN1_ITEM_st ASN1_ITEM;
255typedef struct ASN1_TLC_st ASN1_TLC;
256/* This is just an opaque pointer */
257typedef struct ASN1_VALUE_st ASN1_VALUE;
258
259/* Declare ASN1 functions: the implement macro in in asn1t.h */
260
261#define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type)
262
263#define DECLARE_ASN1_FUNCTIONS_name(type, name) \
264 type *name##_new(void); \
265 void name##_free(type *a); \
266 DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name)
267
268#define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \
269 type *name##_new(void); \
270 void name##_free(type *a); \
271 DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name)
272
273#define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \
274 type *d2i_##name(type **a, unsigned char **in, long len); \
275 int i2d_##name(type *a, unsigned char **out); \
276 DECLARE_ASN1_ITEM(itname)
277
278#define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \
279 type *d2i_##name(type **a, const unsigned char **in, long len); \
280 int i2d_##name(const type *a, unsigned char **out); \
281 DECLARE_ASN1_ITEM(name)
282
283#define DECLARE_ASN1_FUNCTIONS_const(name) \
284 name *name##_new(void); \
285 void name##_free(name *a);
286
287
288/* The following macros and typedefs allow an ASN1_ITEM
289 * to be embedded in a structure and referenced. Since
290 * the ASN1_ITEM pointers need to be globally accessible
291 * (possibly from shared libraries) they may exist in
292 * different forms. On platforms that support it the
293 * ASN1_ITEM structure itself will be globally exported.
294 * Other platforms will export a function that returns
295 * an ASN1_ITEM pointer.
296 *
297 * To handle both cases transparently the macros below
298 * should be used instead of hard coding an ASN1_ITEM
299 * pointer in a structure.
300 *
301 * The structure will look like this:
302 *
303 * typedef struct SOMETHING_st {
304 * ...
305 * ASN1_ITEM_EXP *iptr;
306 * ...
307 * } SOMETHING;
308 *
309 * It would be initialised as e.g.:
310 *
311 * SOMETHING somevar = {...,ASN1_ITEM_ref(X509),...};
312 *
313 * and the actual pointer extracted with:
314 *
315 * const ASN1_ITEM *it = ASN1_ITEM_ptr(somevar.iptr);
316 *
317 * Finally an ASN1_ITEM pointer can be extracted from an
318 * appropriate reference with: ASN1_ITEM_rptr(X509). This
319 * would be used when a function takes an ASN1_ITEM * argument.
320 *
321 */
322
323#ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
324
325/* ASN1_ITEM pointer exported type */
326typedef const ASN1_ITEM ASN1_ITEM_EXP;
327
328/* Macro to obtain ASN1_ITEM pointer from exported type */
329#define ASN1_ITEM_ptr(iptr) (iptr)
330
331/* Macro to include ASN1_ITEM pointer from base type */
332#define ASN1_ITEM_ref(iptr) (&(iptr##_it))
333
334#define ASN1_ITEM_rptr(ref) (&(ref##_it))
335
336#define DECLARE_ASN1_ITEM(name) \
337 OPENSSL_EXTERN const ASN1_ITEM name##_it;
338
339#else
340
341/* Platforms that can't easily handle shared global variables are declared
342 * as functions returning ASN1_ITEM pointers.
343 */
344
345/* ASN1_ITEM pointer exported type */
346typedef const ASN1_ITEM * ASN1_ITEM_EXP(void);
347
348/* Macro to obtain ASN1_ITEM pointer from exported type */
349#define ASN1_ITEM_ptr(iptr) (iptr())
350
351/* Macro to include ASN1_ITEM pointer from base type */
352#define ASN1_ITEM_ref(iptr) (iptr##_it)
353
354#define ASN1_ITEM_rptr(ref) (ref##_it())
355
356#define DECLARE_ASN1_ITEM(name) \
357 const ASN1_ITEM * name##_it(void);
358
359#endif
360
361/* Parameters used by ASN1_STRING_print_ex() */
362
363/* These determine which characters to escape:
364 * RFC2253 special characters, control characters and
365 * MSB set characters
366 */
367
368#define ASN1_STRFLGS_ESC_2253 1
369#define ASN1_STRFLGS_ESC_CTRL 2
370#define ASN1_STRFLGS_ESC_MSB 4
371
372
373/* This flag determines how we do escaping: normally
374 * RC2253 backslash only, set this to use backslash and
375 * quote.
376 */
377
378#define ASN1_STRFLGS_ESC_QUOTE 8
379
380
381/* These three flags are internal use only. */
382
383/* Character is a valid PrintableString character */
384#define CHARTYPE_PRINTABLESTRING 0x10
385/* Character needs escaping if it is the first character */
386#define CHARTYPE_FIRST_ESC_2253 0x20
387/* Character needs escaping if it is the last character */
388#define CHARTYPE_LAST_ESC_2253 0x40
389
390/* NB the internal flags are safely reused below by flags
391 * handled at the top level.
392 */
393
394/* If this is set we convert all character strings
395 * to UTF8 first
396 */
397
398#define ASN1_STRFLGS_UTF8_CONVERT 0x10
399
400/* If this is set we don't attempt to interpret content:
401 * just assume all strings are 1 byte per character. This
402 * will produce some pretty odd looking output!
403 */
404
405#define ASN1_STRFLGS_IGNORE_TYPE 0x20
406
407/* If this is set we include the string type in the output */
408#define ASN1_STRFLGS_SHOW_TYPE 0x40
409
410/* This determines which strings to display and which to
411 * 'dump' (hex dump of content octets or DER encoding). We can
412 * only dump non character strings or everything. If we
413 * don't dump 'unknown' they are interpreted as character
414 * strings with 1 octet per character and are subject to
415 * the usual escaping options.
416 */
417
418#define ASN1_STRFLGS_DUMP_ALL 0x80
419#define ASN1_STRFLGS_DUMP_UNKNOWN 0x100
420
421/* These determine what 'dumping' does, we can dump the
422 * content octets or the DER encoding: both use the
423 * RFC2253 #XXXXX notation.
424 */
425
426#define ASN1_STRFLGS_DUMP_DER 0x200
427
428/* All the string flags consistent with RFC2253,
429 * escaping control characters isn't essential in
430 * RFC2253 but it is advisable anyway.
431 */
432
433#define ASN1_STRFLGS_RFC2253 (ASN1_STRFLGS_ESC_2253 | \
434 ASN1_STRFLGS_ESC_CTRL | \
435 ASN1_STRFLGS_ESC_MSB | \
436 ASN1_STRFLGS_UTF8_CONVERT | \
437 ASN1_STRFLGS_DUMP_UNKNOWN | \
438 ASN1_STRFLGS_DUMP_DER)
439
440DECLARE_STACK_OF(ASN1_INTEGER)
441DECLARE_ASN1_SET_OF(ASN1_INTEGER)
442
443DECLARE_STACK_OF(ASN1_GENERALSTRING)
444
257typedef struct asn1_type_st 445typedef struct asn1_type_st
258 { 446 {
259 int type; 447 int type;
260 union { 448 union {
261 char *ptr; 449 char *ptr;
450 ASN1_BOOLEAN boolean;
262 ASN1_STRING * asn1_string; 451 ASN1_STRING * asn1_string;
263 ASN1_OBJECT * object; 452 ASN1_OBJECT * object;
264 ASN1_INTEGER * integer; 453 ASN1_INTEGER * integer;
454 ASN1_ENUMERATED * enumerated;
265 ASN1_BIT_STRING * bit_string; 455 ASN1_BIT_STRING * bit_string;
266 ASN1_OCTET_STRING * octet_string; 456 ASN1_OCTET_STRING * octet_string;
267 ASN1_PRINTABLESTRING * printablestring; 457 ASN1_PRINTABLESTRING * printablestring;
@@ -272,6 +462,8 @@ typedef struct asn1_type_st
272 ASN1_UNIVERSALSTRING * universalstring; 462 ASN1_UNIVERSALSTRING * universalstring;
273 ASN1_UTCTIME * utctime; 463 ASN1_UTCTIME * utctime;
274 ASN1_GENERALIZEDTIME * generalizedtime; 464 ASN1_GENERALIZEDTIME * generalizedtime;
465 ASN1_VISIBLESTRING * visiblestring;
466 ASN1_UTF8STRING * utf8string;
275 /* set and sequence are left complete and still 467 /* set and sequence are left complete and still
276 * contain the set or sequence bytes */ 468 * contain the set or sequence bytes */
277 ASN1_STRING * set; 469 ASN1_STRING * set;
@@ -279,6 +471,9 @@ typedef struct asn1_type_st
279 } value; 471 } value;
280 } ASN1_TYPE; 472 } ASN1_TYPE;
281 473
474DECLARE_STACK_OF(ASN1_TYPE)
475DECLARE_ASN1_SET_OF(ASN1_TYPE)
476
282typedef struct asn1_method_st 477typedef struct asn1_method_st
283 { 478 {
284 int (*i2d)(); 479 int (*i2d)();
@@ -295,64 +490,110 @@ typedef struct asn1_header_st
295 ASN1_METHOD *meth; 490 ASN1_METHOD *meth;
296 } ASN1_HEADER; 491 } ASN1_HEADER;
297 492
298#define ASN1_STRING_length(x) ((x)->length) 493/* This is used to contain a list of bit names */
299#define ASN1_STRING_type(x) ((x)->type) 494typedef struct BIT_STRING_BITNAME_st {
300#define ASN1_STRING_data(x) ((x)->data) 495 int bitnum;
496 const char *lname;
497 const char *sname;
498} BIT_STRING_BITNAME;
499
500
501#define M_ASN1_STRING_length(x) ((x)->length)
502#define M_ASN1_STRING_length_set(x, n) ((x)->length = (n))
503#define M_ASN1_STRING_type(x) ((x)->type)
504#define M_ASN1_STRING_data(x) ((x)->data)
301 505
302/* Macros for string operations */ 506/* Macros for string operations */
303#define ASN1_BIT_STRING_new() (ASN1_BIT_STRING *)\ 507#define M_ASN1_BIT_STRING_new() (ASN1_BIT_STRING *)\
304 ASN1_STRING_type_new(V_ASN1_BIT_STRING) 508 ASN1_STRING_type_new(V_ASN1_BIT_STRING)
305#define ASN1_BIT_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) 509#define M_ASN1_BIT_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
306#define ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\ 510#define M_ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\
307 ASN1_STRING_dup((ASN1_STRING *)a) 511 ASN1_STRING_dup((ASN1_STRING *)a)
308#define ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\ 512#define M_ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\
309 (ASN1_STRING *)a,(ASN1_STRING *)b) 513 (ASN1_STRING *)a,(ASN1_STRING *)b)
310#define ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c) 514#define M_ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
311/* i2d_ASN1_BIT_STRING() is a function */
312/* d2i_ASN1_BIT_STRING() is a function */
313 515
314#define ASN1_INTEGER_new() (ASN1_INTEGER *)\ 516#define M_ASN1_INTEGER_new() (ASN1_INTEGER *)\
315 ASN1_STRING_type_new(V_ASN1_INTEGER) 517 ASN1_STRING_type_new(V_ASN1_INTEGER)
316#define ASN1_INTEGER_free(a) ASN1_STRING_free((ASN1_STRING *)a) 518#define M_ASN1_INTEGER_free(a) ASN1_STRING_free((ASN1_STRING *)a)
317#define ASN1_INTEGER_dup(a) (ASN1_INTEGER *)ASN1_STRING_dup((ASN1_STRING *)a) 519#define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)ASN1_STRING_dup((ASN1_STRING *)a)
318#define ASN1_INTEGER_cmp(a,b) ASN1_STRING_cmp(\ 520#define M_ASN1_INTEGER_cmp(a,b) ASN1_STRING_cmp(\
521 (ASN1_STRING *)a,(ASN1_STRING *)b)
522
523#define M_ASN1_ENUMERATED_new() (ASN1_ENUMERATED *)\
524 ASN1_STRING_type_new(V_ASN1_ENUMERATED)
525#define M_ASN1_ENUMERATED_free(a) ASN1_STRING_free((ASN1_STRING *)a)
526#define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)ASN1_STRING_dup((ASN1_STRING *)a)
527#define M_ASN1_ENUMERATED_cmp(a,b) ASN1_STRING_cmp(\
319 (ASN1_STRING *)a,(ASN1_STRING *)b) 528 (ASN1_STRING *)a,(ASN1_STRING *)b)
320/* ASN1_INTEGER_set() is a function, also see BN_to_ASN1_INTEGER() */
321/* ASN1_INTEGER_get() is a function, also see ASN1_INTEGER_to_BN() */
322/* i2d_ASN1_INTEGER() is a function */
323/* d2i_ASN1_INTEGER() is a function */
324 529
325#define ASN1_OCTET_STRING_new() (ASN1_OCTET_STRING *)\ 530#define M_ASN1_OCTET_STRING_new() (ASN1_OCTET_STRING *)\
326 ASN1_STRING_type_new(V_ASN1_OCTET_STRING) 531 ASN1_STRING_type_new(V_ASN1_OCTET_STRING)
327#define ASN1_OCTET_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) 532#define M_ASN1_OCTET_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
328#define ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\ 533#define M_ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\
329 ASN1_STRING_dup((ASN1_STRING *)a) 534 ASN1_STRING_dup((ASN1_STRING *)a)
330#define ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\ 535#define M_ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\
331 (ASN1_STRING *)a,(ASN1_STRING *)b) 536 (ASN1_STRING *)a,(ASN1_STRING *)b)
332#define ASN1_OCTET_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c) 537#define M_ASN1_OCTET_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
333#define ASN1_OCTET_STRING_print(a,b) ASN1_STRING_print(a,(ASN1_STRING *)b) 538#define M_ASN1_OCTET_STRING_print(a,b) ASN1_STRING_print(a,(ASN1_STRING *)b)
334#define M_i2d_ASN1_OCTET_STRING(a,pp) \ 539#define M_i2d_ASN1_OCTET_STRING(a,pp) \
335 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_OCTET_STRING,\ 540 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_OCTET_STRING,\
336 V_ASN1_OCTET_STRING) 541 V_ASN1_UNIVERSAL)
337/* d2i_ASN1_OCTET_STRING() is a function */
338 542
339#define ASN1_PRINTABLE_new() ASN1_STRING_type_new(V_ASN1_T61STRING) 543#define B_ASN1_TIME \
340#define ASN1_PRINTABLE_free(a) ASN1_STRING_free((ASN1_STRING *)a) 544 B_ASN1_UTCTIME | \
341#define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\ 545 B_ASN1_GENERALIZEDTIME
342 pp,a->type,V_ASN1_UNIVERSAL) 546
343#define M_d2i_ASN1_PRINTABLE(a,pp,l) \ 547#define B_ASN1_PRINTABLE \
344 d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
345 B_ASN1_PRINTABLESTRING| \ 548 B_ASN1_PRINTABLESTRING| \
346 B_ASN1_T61STRING| \ 549 B_ASN1_T61STRING| \
347 B_ASN1_IA5STRING| \ 550 B_ASN1_IA5STRING| \
348 B_ASN1_BIT_STRING| \ 551 B_ASN1_BIT_STRING| \
349 B_ASN1_UNIVERSALSTRING|\ 552 B_ASN1_UNIVERSALSTRING|\
350 B_ASN1_BMPSTRING|\ 553 B_ASN1_BMPSTRING|\
351 B_ASN1_UNKNOWN) 554 B_ASN1_UTF8STRING|\
555 B_ASN1_UNKNOWN
352 556
353#define ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING_STRING *)\ 557#define B_ASN1_DIRECTORYSTRING \
558 B_ASN1_PRINTABLESTRING| \
559 B_ASN1_TELETEXSTRING|\
560 B_ASN1_BMPSTRING|\
561 B_ASN1_UNIVERSALSTRING|\
562 B_ASN1_UTF8STRING
563
564#define B_ASN1_DISPLAYTEXT \
565 B_ASN1_IA5STRING| \
566 B_ASN1_VISIBLESTRING| \
567 B_ASN1_BMPSTRING|\
568 B_ASN1_UTF8STRING
569
570#define M_ASN1_PRINTABLE_new() ASN1_STRING_type_new(V_ASN1_T61STRING)
571#define M_ASN1_PRINTABLE_free(a) ASN1_STRING_free((ASN1_STRING *)a)
572#define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
573 pp,a->type,V_ASN1_UNIVERSAL)
574#define M_d2i_ASN1_PRINTABLE(a,pp,l) \
575 d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
576 B_ASN1_PRINTABLE)
577
578#define M_DIRECTORYSTRING_new() ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
579#define M_DIRECTORYSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
580#define M_i2d_DIRECTORYSTRING(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
581 pp,a->type,V_ASN1_UNIVERSAL)
582#define M_d2i_DIRECTORYSTRING(a,pp,l) \
583 d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
584 B_ASN1_DIRECTORYSTRING)
585
586#define M_DISPLAYTEXT_new() ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
587#define M_DISPLAYTEXT_free(a) ASN1_STRING_free((ASN1_STRING *)a)
588#define M_i2d_DISPLAYTEXT(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
589 pp,a->type,V_ASN1_UNIVERSAL)
590#define M_d2i_DISPLAYTEXT(a,pp,l) \
591 d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
592 B_ASN1_DISPLAYTEXT)
593
594#define M_ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING *)\
354 ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING) 595 ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
355#define ASN1_PRINTABLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) 596#define M_ASN1_PRINTABLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
356#define M_i2d_ASN1_PRINTABLESTRING(a,pp) \ 597#define M_i2d_ASN1_PRINTABLESTRING(a,pp) \
357 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_PRINTABLESTRING,\ 598 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_PRINTABLESTRING,\
358 V_ASN1_UNIVERSAL) 599 V_ASN1_UNIVERSAL)
@@ -360,9 +601,9 @@ typedef struct asn1_header_st
360 (ASN1_PRINTABLESTRING *)d2i_ASN1_type_bytes\ 601 (ASN1_PRINTABLESTRING *)d2i_ASN1_type_bytes\
361 ((ASN1_STRING **)a,pp,l,B_ASN1_PRINTABLESTRING) 602 ((ASN1_STRING **)a,pp,l,B_ASN1_PRINTABLESTRING)
362 603
363#define ASN1_T61STRING_new() (ASN1_T61STRING_STRING *)\ 604#define M_ASN1_T61STRING_new() (ASN1_T61STRING *)\
364 ASN1_STRING_type_new(V_ASN1_T61STRING) 605 ASN1_STRING_type_new(V_ASN1_T61STRING)
365#define ASN1_T61STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) 606#define M_ASN1_T61STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
366#define M_i2d_ASN1_T61STRING(a,pp) \ 607#define M_i2d_ASN1_T61STRING(a,pp) \
367 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_T61STRING,\ 608 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_T61STRING,\
368 V_ASN1_UNIVERSAL) 609 V_ASN1_UNIVERSAL)
@@ -370,9 +611,11 @@ typedef struct asn1_header_st
370 (ASN1_T61STRING *)d2i_ASN1_type_bytes\ 611 (ASN1_T61STRING *)d2i_ASN1_type_bytes\
371 ((ASN1_STRING **)a,pp,l,B_ASN1_T61STRING) 612 ((ASN1_STRING **)a,pp,l,B_ASN1_T61STRING)
372 613
373#define ASN1_IA5STRING_new() (ASN1_IA5STRING *)\ 614#define M_ASN1_IA5STRING_new() (ASN1_IA5STRING *)\
374 ASN1_STRING_type_new(V_ASN1_IA5STRING) 615 ASN1_STRING_type_new(V_ASN1_IA5STRING)
375#define ASN1_IA5STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) 616#define M_ASN1_IA5STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
617#define M_ASN1_IA5STRING_dup(a) \
618 (ASN1_IA5STRING *)ASN1_STRING_dup((ASN1_STRING *)a)
376#define M_i2d_ASN1_IA5STRING(a,pp) \ 619#define M_i2d_ASN1_IA5STRING(a,pp) \
377 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\ 620 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\
378 V_ASN1_UNIVERSAL) 621 V_ASN1_UNIVERSAL)
@@ -380,28 +623,25 @@ typedef struct asn1_header_st
380 (ASN1_IA5STRING *)d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l,\ 623 (ASN1_IA5STRING *)d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l,\
381 B_ASN1_IA5STRING) 624 B_ASN1_IA5STRING)
382 625
383#define ASN1_UTCTIME_new() (ASN1_UTCTIME *)\ 626#define M_ASN1_UTCTIME_new() (ASN1_UTCTIME *)\
384 ASN1_STRING_type_new(V_ASN1_UTCTIME) 627 ASN1_STRING_type_new(V_ASN1_UTCTIME)
385#define ASN1_UTCTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a) 628#define M_ASN1_UTCTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
386#define ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)ASN1_STRING_dup((ASN1_STRING *)a) 629#define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)ASN1_STRING_dup((ASN1_STRING *)a)
387/* i2d_ASN1_UTCTIME() is a function */ 630
388/* d2i_ASN1_UTCTIME() is a function */ 631#define M_ASN1_GENERALIZEDTIME_new() (ASN1_GENERALIZEDTIME *)\
389/* ASN1_UTCTIME_set() is a function */
390/* ASN1_UTCTIME_check() is a function */
391
392#define ASN1_GENERALIZEDTIME_new() (ASN1_GENERALIZEDTIME *)\
393 ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME) 632 ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME)
394#define ASN1_GENERALIZEDTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a) 633#define M_ASN1_GENERALIZEDTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
395#define ASN1_GENERALIZEDTIME_dup(a) (ASN1_UTCTIME *)ASN1_STRING_dup(\ 634#define M_ASN1_GENERALIZEDTIME_dup(a) (ASN1_GENERALIZEDTIME *)ASN1_STRING_dup(\
396 (ASN1_STRING *)a) 635 (ASN1_STRING *)a)
397/* DOES NOT EXIST YET i2d_ASN1_GENERALIZEDTIME() is a function */
398/* DOES NOT EXIST YET d2i_ASN1_GENERALIZEDTIME() is a function */
399/* DOES NOT EXIST YET ASN1_GENERALIZEDTIME_set() is a function */
400/* DOES NOT EXIST YET ASN1_GENERALIZEDTIME_check() is a function */
401 636
402#define ASN1_GENERALSTRING_new() (ASN1_GENERALSTRING *)\ 637#define M_ASN1_TIME_new() (ASN1_TIME *)\
638 ASN1_STRING_type_new(V_ASN1_UTCTIME)
639#define M_ASN1_TIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
640#define M_ASN1_TIME_dup(a) (ASN1_TIME *)ASN1_STRING_dup((ASN1_STRING *)a)
641
642#define M_ASN1_GENERALSTRING_new() (ASN1_GENERALSTRING *)\
403 ASN1_STRING_type_new(V_ASN1_GENERALSTRING) 643 ASN1_STRING_type_new(V_ASN1_GENERALSTRING)
404#define ASN1_GENERALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) 644#define M_ASN1_GENERALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
405#define M_i2d_ASN1_GENERALSTRING(a,pp) \ 645#define M_i2d_ASN1_GENERALSTRING(a,pp) \
406 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_GENERALSTRING,\ 646 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_GENERALSTRING,\
407 V_ASN1_UNIVERSAL) 647 V_ASN1_UNIVERSAL)
@@ -409,9 +649,9 @@ typedef struct asn1_header_st
409 (ASN1_GENERALSTRING *)d2i_ASN1_type_bytes\ 649 (ASN1_GENERALSTRING *)d2i_ASN1_type_bytes\
410 ((ASN1_STRING **)a,pp,l,B_ASN1_GENERALSTRING) 650 ((ASN1_STRING **)a,pp,l,B_ASN1_GENERALSTRING)
411 651
412#define ASN1_UNIVERSALSTRING_new() (ASN1_UNIVERSALSTRING *)\ 652#define M_ASN1_UNIVERSALSTRING_new() (ASN1_UNIVERSALSTRING *)\
413 ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING) 653 ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING)
414#define ASN1_UNIVERSALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) 654#define M_ASN1_UNIVERSALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
415#define M_i2d_ASN1_UNIVERSALSTRING(a,pp) \ 655#define M_i2d_ASN1_UNIVERSALSTRING(a,pp) \
416 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UNIVERSALSTRING,\ 656 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UNIVERSALSTRING,\
417 V_ASN1_UNIVERSAL) 657 V_ASN1_UNIVERSAL)
@@ -419,9 +659,9 @@ typedef struct asn1_header_st
419 (ASN1_UNIVERSALSTRING *)d2i_ASN1_type_bytes\ 659 (ASN1_UNIVERSALSTRING *)d2i_ASN1_type_bytes\
420 ((ASN1_STRING **)a,pp,l,B_ASN1_UNIVERSALSTRING) 660 ((ASN1_STRING **)a,pp,l,B_ASN1_UNIVERSALSTRING)
421 661
422#define ASN1_BMPSTRING_new() (ASN1_BMPSTRING *)\ 662#define M_ASN1_BMPSTRING_new() (ASN1_BMPSTRING *)\
423 ASN1_STRING_type_new(V_ASN1_BMPSTRING) 663 ASN1_STRING_type_new(V_ASN1_BMPSTRING)
424#define ASN1_BMPSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) 664#define M_ASN1_BMPSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
425#define M_i2d_ASN1_BMPSTRING(a,pp) \ 665#define M_i2d_ASN1_BMPSTRING(a,pp) \
426 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_BMPSTRING,\ 666 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_BMPSTRING,\
427 V_ASN1_UNIVERSAL) 667 V_ASN1_UNIVERSAL)
@@ -429,88 +669,164 @@ typedef struct asn1_header_st
429 (ASN1_BMPSTRING *)d2i_ASN1_type_bytes\ 669 (ASN1_BMPSTRING *)d2i_ASN1_type_bytes\
430 ((ASN1_STRING **)a,pp,l,B_ASN1_BMPSTRING) 670 ((ASN1_STRING **)a,pp,l,B_ASN1_BMPSTRING)
431 671
432#ifndef NOPROTO 672#define M_ASN1_VISIBLESTRING_new() (ASN1_VISIBLESTRING *)\
433ASN1_TYPE * ASN1_TYPE_new(void ); 673 ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
434void ASN1_TYPE_free(ASN1_TYPE *a); 674#define M_ASN1_VISIBLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
435int i2d_ASN1_TYPE(ASN1_TYPE *a,unsigned char **pp); 675#define M_i2d_ASN1_VISIBLESTRING(a,pp) \
436ASN1_TYPE * d2i_ASN1_TYPE(ASN1_TYPE **a,unsigned char **pp,long length); 676 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_VISIBLESTRING,\
677 V_ASN1_UNIVERSAL)
678#define M_d2i_ASN1_VISIBLESTRING(a,pp,l) \
679 (ASN1_VISIBLESTRING *)d2i_ASN1_type_bytes\
680 ((ASN1_STRING **)a,pp,l,B_ASN1_VISIBLESTRING)
681
682#define M_ASN1_UTF8STRING_new() (ASN1_UTF8STRING *)\
683 ASN1_STRING_type_new(V_ASN1_UTF8STRING)
684#define M_ASN1_UTF8STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
685#define M_i2d_ASN1_UTF8STRING(a,pp) \
686 i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UTF8STRING,\
687 V_ASN1_UNIVERSAL)
688#define M_d2i_ASN1_UTF8STRING(a,pp,l) \
689 (ASN1_UTF8STRING *)d2i_ASN1_type_bytes\
690 ((ASN1_STRING **)a,pp,l,B_ASN1_UTF8STRING)
691
692 /* for the is_set parameter to i2d_ASN1_SET */
693#define IS_SEQUENCE 0
694#define IS_SET 1
695
696DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
697
437int ASN1_TYPE_get(ASN1_TYPE *a); 698int ASN1_TYPE_get(ASN1_TYPE *a);
438void ASN1_TYPE_set(ASN1_TYPE *a, int type, char *value); 699void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
439 700
440ASN1_OBJECT * ASN1_OBJECT_new(void ); 701ASN1_OBJECT * ASN1_OBJECT_new(void );
441void ASN1_OBJECT_free(ASN1_OBJECT *a); 702void ASN1_OBJECT_free(ASN1_OBJECT *a);
442int i2d_ASN1_OBJECT(ASN1_OBJECT *a,unsigned char **pp); 703int i2d_ASN1_OBJECT(ASN1_OBJECT *a,unsigned char **pp);
704ASN1_OBJECT * c2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp,
705 long length);
443ASN1_OBJECT * d2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp, 706ASN1_OBJECT * d2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp,
444 long length); 707 long length);
445 708
446ASN1_STRING * ASN1_STRING_new(void ); 709DECLARE_ASN1_ITEM(ASN1_OBJECT)
710
711DECLARE_STACK_OF(ASN1_OBJECT)
712DECLARE_ASN1_SET_OF(ASN1_OBJECT)
713
714ASN1_STRING * ASN1_STRING_new(void);
447void ASN1_STRING_free(ASN1_STRING *a); 715void ASN1_STRING_free(ASN1_STRING *a);
448ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a); 716ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a);
449ASN1_STRING * ASN1_STRING_type_new(int type ); 717ASN1_STRING * ASN1_STRING_type_new(int type );
450int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b); 718int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
451int ASN1_STRING_set(ASN1_STRING *str,unsigned char *data, int len); 719 /* Since this is used to store all sorts of things, via macros, for now, make
452 720 its data void * */
453int i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp); 721int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
454ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp, 722int ASN1_STRING_length(ASN1_STRING *x);
723void ASN1_STRING_length_set(ASN1_STRING *x, int n);
724int ASN1_STRING_type(ASN1_STRING *x);
725unsigned char * ASN1_STRING_data(ASN1_STRING *x);
726
727DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING)
728int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp);
729ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp,
455 long length); 730 long length);
731int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d,
732 int length );
456int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value); 733int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value);
457int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n); 734int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n);
458 735
736#ifndef OPENSSL_NO_BIO
737int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs,
738 BIT_STRING_BITNAME *tbl, int indent);
739#endif
740int ASN1_BIT_STRING_num_asc(char *name, BIT_STRING_BITNAME *tbl);
741int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value,
742 BIT_STRING_BITNAME *tbl);
459 743
460int i2d_ASN1_BOOLEAN(int a,unsigned char **pp); 744int i2d_ASN1_BOOLEAN(int a,unsigned char **pp);
461int d2i_ASN1_BOOLEAN(int *a,unsigned char **pp,long length); 745int d2i_ASN1_BOOLEAN(int *a,unsigned char **pp,long length);
462 746
463int i2d_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp); 747DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER)
464ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp, 748int i2c_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp);
749ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp,
750 long length);
751ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,unsigned char **pp,
465 long length); 752 long length);
753ASN1_INTEGER * ASN1_INTEGER_dup(ASN1_INTEGER *x);
754int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y);
755
756DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED)
466 757
467int ASN1_UTCTIME_check(ASN1_UTCTIME *a); 758int ASN1_UTCTIME_check(ASN1_UTCTIME *a);
468ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t); 759ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t);
469int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str); 760int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str);
761int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
762#if 0
763time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s);
764#endif
470 765
471int i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a,unsigned char **pp); 766int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a);
472ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a, 767ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t);
473 unsigned char **pp,long length); 768int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str);
474 769
475int i2d_ASN1_PRINTABLE(ASN1_STRING *a,unsigned char **pp); 770DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
476ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a, 771ASN1_OCTET_STRING * ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *a);
477 unsigned char **pp, long l); 772int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b);
478ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a, 773int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, unsigned char *data, int len);
479 unsigned char **pp, long l);
480 774
481ASN1_T61STRING *d2i_ASN1_T61STRING(ASN1_T61STRING **a, 775DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
482 unsigned char **pp, long l); 776DECLARE_ASN1_FUNCTIONS(ASN1_UTF8STRING)
483int i2d_ASN1_IA5STRING(ASN1_IA5STRING *a,unsigned char **pp); 777DECLARE_ASN1_FUNCTIONS(ASN1_NULL)
484ASN1_IA5STRING *d2i_ASN1_IA5STRING(ASN1_IA5STRING **a, 778DECLARE_ASN1_FUNCTIONS(ASN1_BMPSTRING)
485 unsigned char **pp, long l);
486 779
487int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a,unsigned char **pp); 780int UTF8_getc(const unsigned char *str, int len, unsigned long *val);
488ASN1_UTCTIME * d2i_ASN1_UTCTIME(ASN1_UTCTIME **a,unsigned char **pp, 781int UTF8_putc(unsigned char *str, int len, unsigned long value);
489 long length); 782
783DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE)
784
785DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING)
786DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT)
787DECLARE_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING)
788DECLARE_ASN1_FUNCTIONS(ASN1_T61STRING)
789DECLARE_ASN1_FUNCTIONS(ASN1_IA5STRING)
790DECLARE_ASN1_FUNCTIONS(ASN1_GENERALSTRING)
791DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME)
792DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
793DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
794
795ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s,time_t t);
796int ASN1_TIME_check(ASN1_TIME *t);
797ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out);
490 798
491int i2d_ASN1_SET(STACK *a, unsigned char **pp, 799int i2d_ASN1_SET(STACK *a, unsigned char **pp,
492 int (*func)(), int ex_tag, int ex_class); 800 int (*func)(), int ex_tag, int ex_class, int is_set);
493STACK * d2i_ASN1_SET(STACK **a, unsigned char **pp, long length, 801STACK * d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
494 char *(*func)(), int ex_tag, int ex_class); 802 char *(*func)(), void (*free_func)(void *),
803 int ex_tag, int ex_class);
495 804
496#ifdef HEADER_BIO_H 805#ifndef OPENSSL_NO_BIO
497int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a); 806int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
498int a2i_ASN1_INTEGER(BIO *bp,ASN1_INTEGER *bs,char *buf,int size); 807int a2i_ASN1_INTEGER(BIO *bp,ASN1_INTEGER *bs,char *buf,int size);
808int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a);
809int a2i_ASN1_ENUMERATED(BIO *bp,ASN1_ENUMERATED *bs,char *buf,int size);
499int i2a_ASN1_OBJECT(BIO *bp,ASN1_OBJECT *a); 810int i2a_ASN1_OBJECT(BIO *bp,ASN1_OBJECT *a);
500int a2i_ASN1_STRING(BIO *bp,ASN1_STRING *bs,char *buf,int size); 811int a2i_ASN1_STRING(BIO *bp,ASN1_STRING *bs,char *buf,int size);
501int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type); 812int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type);
502#endif 813#endif
503int i2t_ASN1_OBJECT(char *buf,int buf_len,ASN1_OBJECT *a); 814int i2t_ASN1_OBJECT(char *buf,int buf_len,ASN1_OBJECT *a);
504 815
505int a2d_ASN1_OBJECT(unsigned char *out,int olen, char *buf, int num); 816int a2d_ASN1_OBJECT(unsigned char *out,int olen, const char *buf, int num);
506ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data,int len, 817ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data,int len,
507 char *sn, char *ln); 818 const char *sn, const char *ln);
508 819
509int ASN1_INTEGER_set(ASN1_INTEGER *a, long v); 820int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
510long ASN1_INTEGER_get(ASN1_INTEGER *a); 821long ASN1_INTEGER_get(ASN1_INTEGER *a);
511ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai); 822ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai);
512BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai,BIGNUM *bn); 823BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai,BIGNUM *bn);
513 824
825int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v);
826long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a);
827ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai);
828BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai,BIGNUM *bn);
829
514/* General */ 830/* General */
515/* given a string, return the correct type, max is the maximum length */ 831/* given a string, return the correct type, max is the maximum length */
516int ASN1_PRINTABLE_type(unsigned char *s, int max); 832int ASN1_PRINTABLE_type(unsigned char *s, int max);
@@ -518,6 +834,7 @@ int ASN1_PRINTABLE_type(unsigned char *s, int max);
518int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass); 834int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass);
519ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, 835ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp,
520 long length, int Ptag, int Pclass); 836 long length, int Ptag, int Pclass);
837unsigned long ASN1_tag2bit(int tag);
521/* type is one or more of the B_ASN1_ values. */ 838/* type is one or more of the B_ASN1_ values. */
522ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a,unsigned char **pp, 839ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a,unsigned char **pp,
523 long length,int type); 840 long length,int type);
@@ -536,18 +853,32 @@ int ASN1_object_size(int constructed, int length, int tag);
536/* Used to implement other functions */ 853/* Used to implement other functions */
537char *ASN1_dup(int (*i2d)(),char *(*d2i)(),char *x); 854char *ASN1_dup(int (*i2d)(),char *(*d2i)(),char *x);
538 855
539#ifndef NO_FP_API 856void *ASN1_item_dup(const ASN1_ITEM *it, void *x);
857
858#ifndef OPENSSL_NO_FP_API
540char *ASN1_d2i_fp(char *(*xnew)(),char *(*d2i)(),FILE *fp,unsigned char **x); 859char *ASN1_d2i_fp(char *(*xnew)(),char *(*d2i)(),FILE *fp,unsigned char **x);
860void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x);
541int ASN1_i2d_fp(int (*i2d)(),FILE *out,unsigned char *x); 861int ASN1_i2d_fp(int (*i2d)(),FILE *out,unsigned char *x);
862int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x);
863int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags);
542#endif 864#endif
543 865
544#ifdef HEADER_BIO_H 866int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in);
867
868#ifndef OPENSSL_NO_BIO
545char *ASN1_d2i_bio(char *(*xnew)(),char *(*d2i)(),BIO *bp,unsigned char **x); 869char *ASN1_d2i_bio(char *(*xnew)(),char *(*d2i)(),BIO *bp,unsigned char **x);
870void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x);
546int ASN1_i2d_bio(int (*i2d)(),BIO *out,unsigned char *x); 871int ASN1_i2d_bio(int (*i2d)(),BIO *out,unsigned char *x);
872int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x);
547int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a); 873int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a);
874int ASN1_GENERALIZEDTIME_print(BIO *fp,ASN1_GENERALIZEDTIME *a);
875int ASN1_TIME_print(BIO *fp,ASN1_TIME *a);
548int ASN1_STRING_print(BIO *bp,ASN1_STRING *v); 876int ASN1_STRING_print(BIO *bp,ASN1_STRING *v);
877int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags);
549int ASN1_parse(BIO *bp,unsigned char *pp,long len,int indent); 878int ASN1_parse(BIO *bp,unsigned char *pp,long len,int indent);
879int ASN1_parse_dump(BIO *bp,unsigned char *pp,long len,int indent,int dump);
550#endif 880#endif
881const char *ASN1_tag2str(int tag);
551 882
552/* Used to load and write netscape format cert/key */ 883/* Used to load and write netscape format cert/key */
553int i2d_ASN1_HEADER(ASN1_HEADER *a,unsigned char **pp); 884int i2d_ASN1_HEADER(ASN1_HEADER *a,unsigned char **pp);
@@ -557,8 +888,6 @@ void ASN1_HEADER_free(ASN1_HEADER *a);
557 888
558int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s); 889int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
559 890
560void ERR_load_ASN1_strings(void);
561
562/* Not used that much at this point, except for the first two */ 891/* Not used that much at this point, except for the first two */
563ASN1_METHOD *X509_asn1_meth(void); 892ASN1_METHOD *X509_asn1_meth(void);
564ASN1_METHOD *RSAPrivateKey_asn1_meth(void); 893ASN1_METHOD *RSAPrivateKey_asn1_meth(void);
@@ -574,286 +903,201 @@ int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num,
574int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a,long *num, 903int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a,long *num,
575 unsigned char *data, int max_len); 904 unsigned char *data, int max_len);
576 905
577#else 906STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(),
578 907 void (*free_func)(void *) );
579ASN1_TYPE * ASN1_TYPE_new(); 908unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf,
580void ASN1_TYPE_free(); 909 int *len );
581int i2d_ASN1_TYPE(); 910void *ASN1_unpack_string(ASN1_STRING *oct, char *(*d2i)());
582ASN1_TYPE * d2i_ASN1_TYPE(); 911void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it);
583int ASN1_TYPE_get(); 912ASN1_STRING *ASN1_pack_string(void *obj, int (*i2d)(), ASN1_OCTET_STRING **oct);
584void ASN1_TYPE_set(); 913ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_OCTET_STRING **oct);
585 914
586ASN1_OBJECT * ASN1_OBJECT_new(); 915void ASN1_STRING_set_default_mask(unsigned long mask);
587void ASN1_OBJECT_free(); 916int ASN1_STRING_set_default_mask_asc(char *p);
588int i2d_ASN1_OBJECT(); 917unsigned long ASN1_STRING_get_default_mask(void);
589ASN1_OBJECT * d2i_ASN1_OBJECT(); 918int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len,
590ASN1_STRING * ASN1_STRING_new(); 919 int inform, unsigned long mask);
591void ASN1_STRING_free(); 920int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
592ASN1_STRING * ASN1_STRING_dup(); 921 int inform, unsigned long mask,
593ASN1_STRING * ASN1_STRING_type_new(); 922 long minsize, long maxsize);
594int ASN1_STRING_cmp(); 923
595int ASN1_STRING_set(); 924ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out,
596int i2d_ASN1_BIT_STRING(); 925 const unsigned char *in, int inlen, int inform, int nid);
597ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(); 926ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid);
598int ASN1_BIT_STRING_set_bit(); 927int ASN1_STRING_TABLE_add(int, long, long, unsigned long, unsigned long);
599int ASN1_BIT_STRING_get_bit(); 928void ASN1_STRING_TABLE_cleanup(void);
600int i2d_ASN1_BOOLEAN(); 929
601int d2i_ASN1_BOOLEAN(); 930/* ASN1 template functions */
602int i2d_ASN1_INTEGER(); 931
603ASN1_INTEGER *d2i_ASN1_INTEGER(); 932/* Old API compatible functions */
604int ASN1_UTCTIME_check(); 933ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it);
605ASN1_UTCTIME *ASN1_UTCTIME_set(); 934void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it);
606int ASN1_UTCTIME_set_string(); 935ASN1_VALUE * ASN1_item_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it);
607int i2d_ASN1_OCTET_STRING(); 936int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
608ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(); 937
609int i2d_ASN1_PRINTABLE(); 938void ASN1_add_oid_module(void);
610ASN1_STRING *d2i_ASN1_PRINTABLE();
611ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING();
612ASN1_T61STRING *d2i_ASN1_T61STRING();
613int i2d_ASN1_IA5STRING();
614ASN1_IA5STRING *d2i_ASN1_IA5STRING();
615int i2d_ASN1_UTCTIME();
616ASN1_UTCTIME * d2i_ASN1_UTCTIME();
617int i2d_ASN1_SET();
618STACK * d2i_ASN1_SET();
619int a2d_ASN1_OBJECT();
620ASN1_OBJECT *ASN1_OBJECT_create();
621int ASN1_INTEGER_set();
622long ASN1_INTEGER_get();
623ASN1_INTEGER *BN_to_ASN1_INTEGER();
624BIGNUM *ASN1_INTEGER_to_BN();
625int ASN1_PRINTABLE_type();
626int i2d_ASN1_bytes();
627ASN1_STRING *d2i_ASN1_bytes();
628ASN1_STRING *d2i_ASN1_type_bytes();
629int asn1_Finish();
630int ASN1_get_object();
631int ASN1_check_infinite_end();
632void ASN1_put_object();
633int ASN1_object_size();
634char *ASN1_dup();
635#ifndef NO_FP_API
636char *ASN1_d2i_fp();
637int ASN1_i2d_fp();
638#endif
639
640char *ASN1_d2i_bio();
641int ASN1_i2d_bio();
642int ASN1_UTCTIME_print();
643int ASN1_STRING_print();
644int ASN1_parse();
645int i2a_ASN1_INTEGER();
646int a2i_ASN1_INTEGER();
647int i2a_ASN1_OBJECT();
648int i2t_ASN1_OBJECT();
649int a2i_ASN1_STRING();
650int i2a_ASN1_STRING();
651
652int i2d_ASN1_HEADER();
653ASN1_HEADER *d2i_ASN1_HEADER();
654ASN1_HEADER *ASN1_HEADER_new();
655void ASN1_HEADER_free();
656void ERR_load_ASN1_strings();
657ASN1_METHOD *X509_asn1_meth();
658ASN1_METHOD *RSAPrivateKey_asn1_meth();
659ASN1_METHOD *ASN1_IA5STRING_asn1_meth();
660ASN1_METHOD *ASN1_BIT_STRING_asn1_meth();
661
662int ASN1_UNIVERSALSTRING_to_string();
663
664int ASN1_TYPE_set_octetstring();
665int ASN1_TYPE_get_octetstring();
666int ASN1_TYPE_set_int_octetstring();
667int ASN1_TYPE_get_int_octetstring();
668
669#endif
670 939
671/* BEGIN ERROR CODES */ 940/* BEGIN ERROR CODES */
941/* The following lines are auto generated by the script mkerr.pl. Any changes
942 * made after this point may be overwritten when the script is next run.
943 */
944void ERR_load_ASN1_strings(void);
945
672/* Error codes for the ASN1 functions. */ 946/* Error codes for the ASN1 functions. */
673 947
674/* Function codes. */ 948/* Function codes. */
675#define ASN1_F_A2D_ASN1_OBJECT 100 949#define ASN1_F_A2D_ASN1_OBJECT 100
676#define ASN1_F_A2I_ASN1_INTEGER 101 950#define ASN1_F_A2I_ASN1_ENUMERATED 101
677#define ASN1_F_A2I_ASN1_STRING 102 951#define ASN1_F_A2I_ASN1_INTEGER 102
678#define ASN1_F_ASN1_COLLATE_PRIMATIVE 103 952#define ASN1_F_A2I_ASN1_STRING 103
679#define ASN1_F_ASN1_D2I_BIO 104 953#define ASN1_F_ASN1_CHECK_TLEN 104
680#define ASN1_F_ASN1_D2I_FP 105 954#define ASN1_F_ASN1_COLLATE_PRIMITIVE 105
681#define ASN1_F_ASN1_DUP 106 955#define ASN1_F_ASN1_COLLECT 106
682#define ASN1_F_ASN1_GET_OBJECT 107 956#define ASN1_F_ASN1_D2I_BIO 107
683#define ASN1_F_ASN1_HEADER_NEW 108 957#define ASN1_F_ASN1_D2I_EX_PRIMITIVE 108
684#define ASN1_F_ASN1_I2D_BIO 109 958#define ASN1_F_ASN1_D2I_FP 109
685#define ASN1_F_ASN1_I2D_FP 110 959#define ASN1_F_ASN1_DO_ADB 110
686#define ASN1_F_ASN1_INTEGER_SET 111 960#define ASN1_F_ASN1_DUP 111
687#define ASN1_F_ASN1_INTEGER_TO_BN 112 961#define ASN1_F_ASN1_ENUMERATED_SET 112
688#define ASN1_F_ASN1_OBJECT_NEW 113 962#define ASN1_F_ASN1_ENUMERATED_TO_BN 113
689#define ASN1_F_ASN1_SIGN 114 963#define ASN1_F_ASN1_GET_OBJECT 114
690#define ASN1_F_ASN1_STRING_NEW 115 964#define ASN1_F_ASN1_HEADER_NEW 115
691#define ASN1_F_ASN1_STRING_TYPE_NEW 116 965#define ASN1_F_ASN1_I2D_BIO 116
692#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 117 966#define ASN1_F_ASN1_I2D_FP 117
693#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 118 967#define ASN1_F_ASN1_INTEGER_SET 118
694#define ASN1_F_ASN1_TYPE_NEW 119 968#define ASN1_F_ASN1_INTEGER_TO_BN 119
695#define ASN1_F_ASN1_UTCTIME_NEW 120 969#define ASN1_F_ASN1_ITEM_EX_D2I 120
696#define ASN1_F_ASN1_VERIFY 121 970#define ASN1_F_ASN1_ITEM_NEW 121
697#define ASN1_F_BN_TO_ASN1_INTEGER 122 971#define ASN1_F_ASN1_MBSTRING_COPY 122
698#define ASN1_F_D2I_ASN1_BIT_STRING 123 972#define ASN1_F_ASN1_OBJECT_NEW 123
699#define ASN1_F_D2I_ASN1_BMPSTRING 124 973#define ASN1_F_ASN1_PACK_STRING 124
700#define ASN1_F_D2I_ASN1_BOOLEAN 125 974#define ASN1_F_ASN1_PBE_SET 125
701#define ASN1_F_D2I_ASN1_BYTES 126 975#define ASN1_F_ASN1_SEQ_PACK 126
702#define ASN1_F_D2I_ASN1_HEADER 127 976#define ASN1_F_ASN1_SEQ_UNPACK 127
703#define ASN1_F_D2I_ASN1_INTEGER 128 977#define ASN1_F_ASN1_SIGN 128
704#define ASN1_F_D2I_ASN1_OBJECT 129 978#define ASN1_F_ASN1_STRING_TABLE_ADD 129
705#define ASN1_F_D2I_ASN1_OCTET_STRING 130 979#define ASN1_F_ASN1_STRING_TYPE_NEW 130
706#define ASN1_F_D2I_ASN1_PRINT_TYPE 131 980#define ASN1_F_ASN1_TEMPLATE_D2I 131
707#define ASN1_F_D2I_ASN1_SET 132 981#define ASN1_F_ASN1_TEMPLATE_EX_D2I 132
708#define ASN1_F_D2I_ASN1_TYPE 133 982#define ASN1_F_ASN1_TEMPLATE_NEW 133
709#define ASN1_F_D2I_ASN1_TYPE_BYTES 134 983#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134
710#define ASN1_F_D2I_ASN1_UTCTIME 135 984#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135
711#define ASN1_F_D2I_DHPARAMS 136 985#define ASN1_F_ASN1_UNPACK_STRING 136
712#define ASN1_F_D2I_DSAPARAMS 137 986#define ASN1_F_ASN1_VERIFY 137
713#define ASN1_F_D2I_DSAPRIVATEKEY 138 987#define ASN1_F_BN_TO_ASN1_ENUMERATED 138
714#define ASN1_F_D2I_DSAPUBLICKEY 139 988#define ASN1_F_BN_TO_ASN1_INTEGER 139
715#define ASN1_F_D2I_NETSCAPE_PKEY 140 989#define ASN1_F_COLLECT_DATA 140
716#define ASN1_F_D2I_NETSCAPE_RSA 141 990#define ASN1_F_D2I_ASN1_BIT_STRING 141
717#define ASN1_F_D2I_NETSCAPE_RSA_2 142 991#define ASN1_F_D2I_ASN1_BOOLEAN 142
718#define ASN1_F_D2I_NETSCAPE_SPKAC 143 992#define ASN1_F_D2I_ASN1_BYTES 143
719#define ASN1_F_D2I_NETSCAPE_SPKI 144 993#define ASN1_F_D2I_ASN1_GENERALIZEDTIME 144
720#define ASN1_F_D2I_PKCS7 145 994#define ASN1_F_D2I_ASN1_HEADER 145
721#define ASN1_F_D2I_PKCS7_DIGEST 146 995#define ASN1_F_D2I_ASN1_INTEGER 146
722#define ASN1_F_D2I_PKCS7_ENCRYPT 147 996#define ASN1_F_D2I_ASN1_OBJECT 147
723#define ASN1_F_D2I_PKCS7_ENC_CONTENT 148 997#define ASN1_F_D2I_ASN1_SET 148
724#define ASN1_F_D2I_PKCS7_ENVELOPE 149 998#define ASN1_F_D2I_ASN1_TYPE_BYTES 149
725#define ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL 150 999#define ASN1_F_D2I_ASN1_UINTEGER 150
726#define ASN1_F_D2I_PKCS7_RECIP_INFO 151 1000#define ASN1_F_D2I_ASN1_UTCTIME 151
727#define ASN1_F_D2I_PKCS7_SIGNED 152 1001#define ASN1_F_D2I_NETSCAPE_RSA 152
728#define ASN1_F_D2I_PKCS7_SIGNER_INFO 153 1002#define ASN1_F_D2I_NETSCAPE_RSA_2 153
729#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE 154 1003#define ASN1_F_D2I_PRIVATEKEY 154
730#define ASN1_F_D2I_PRIVATEKEY 155 1004#define ASN1_F_D2I_PUBLICKEY 155
731#define ASN1_F_D2I_PUBLICKEY 156 1005#define ASN1_F_D2I_X509 156
732#define ASN1_F_D2I_RSAPRIVATEKEY 157 1006#define ASN1_F_D2I_X509_CINF 157
733#define ASN1_F_D2I_RSAPUBLICKEY 158 1007#define ASN1_F_D2I_X509_NAME 158
734#define ASN1_F_D2I_X509 159 1008#define ASN1_F_D2I_X509_PKEY 159
735#define ASN1_F_D2I_X509_ALGOR 160 1009#define ASN1_F_I2D_ASN1_TIME 160
736#define ASN1_F_D2I_X509_ATTRIBUTE 161 1010#define ASN1_F_I2D_DSA_PUBKEY 161
737#define ASN1_F_D2I_X509_CINF 162 1011#define ASN1_F_I2D_NETSCAPE_RSA 162
738#define ASN1_F_D2I_X509_CRL 163 1012#define ASN1_F_I2D_PRIVATEKEY 163
739#define ASN1_F_D2I_X509_CRL_INFO 164 1013#define ASN1_F_I2D_PUBLICKEY 164
740#define ASN1_F_D2I_X509_EXTENSION 165 1014#define ASN1_F_I2D_RSA_PUBKEY 165
741#define ASN1_F_D2I_X509_KEY 166 1015#define ASN1_F_LONG_C2I 166
742#define ASN1_F_D2I_X509_NAME 167 1016#define ASN1_F_OID_MODULE_INIT 174
743#define ASN1_F_D2I_X509_NAME_ENTRY 168 1017#define ASN1_F_PKCS5_PBE2_SET 167
744#define ASN1_F_D2I_X509_PKEY 169 1018#define ASN1_F_X509_CINF_NEW 168
745#define ASN1_F_D2I_X509_PUBKEY 170 1019#define ASN1_F_X509_CRL_ADD0_REVOKED 169
746#define ASN1_F_D2I_X509_REQ 171 1020#define ASN1_F_X509_INFO_NEW 170
747#define ASN1_F_D2I_X509_REQ_INFO 172 1021#define ASN1_F_X509_NAME_NEW 171
748#define ASN1_F_D2I_X509_REVOKED 173 1022#define ASN1_F_X509_NEW 172
749#define ASN1_F_D2I_X509_SIG 174 1023#define ASN1_F_X509_PKEY_NEW 173
750#define ASN1_F_D2I_X509_VAL 175
751#define ASN1_F_I2D_ASN1_HEADER 176
752#define ASN1_F_I2D_DHPARAMS 177
753#define ASN1_F_I2D_DSAPARAMS 178
754#define ASN1_F_I2D_DSAPRIVATEKEY 179
755#define ASN1_F_I2D_DSAPUBLICKEY 180
756#define ASN1_F_I2D_NETSCAPE_RSA 181
757#define ASN1_F_I2D_PKCS7 182
758#define ASN1_F_I2D_PRIVATEKEY 183
759#define ASN1_F_I2D_PUBLICKEY 184
760#define ASN1_F_I2D_RSAPRIVATEKEY 185
761#define ASN1_F_I2D_RSAPUBLICKEY 186
762#define ASN1_F_I2D_X509_ATTRIBUTE 187
763#define ASN1_F_I2T_ASN1_OBJECT 188
764#define ASN1_F_NETSCAPE_PKEY_NEW 189
765#define ASN1_F_NETSCAPE_SPKAC_NEW 190
766#define ASN1_F_NETSCAPE_SPKI_NEW 191
767#define ASN1_F_PKCS7_DIGEST_NEW 192
768#define ASN1_F_PKCS7_ENCRYPT_NEW 193
769#define ASN1_F_PKCS7_ENC_CONTENT_NEW 194
770#define ASN1_F_PKCS7_ENVELOPE_NEW 195
771#define ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW 196
772#define ASN1_F_PKCS7_NEW 197
773#define ASN1_F_PKCS7_RECIP_INFO_NEW 198
774#define ASN1_F_PKCS7_SIGNED_NEW 199
775#define ASN1_F_PKCS7_SIGNER_INFO_NEW 200
776#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW 201
777#define ASN1_F_X509_ALGOR_NEW 202
778#define ASN1_F_X509_ATTRIBUTE_NEW 203
779#define ASN1_F_X509_CINF_NEW 204
780#define ASN1_F_X509_CRL_INFO_NEW 205
781#define ASN1_F_X509_CRL_NEW 206
782#define ASN1_F_X509_DHPARAMS_NEW 207
783#define ASN1_F_X509_EXTENSION_NEW 208
784#define ASN1_F_X509_INFO_NEW 209
785#define ASN1_F_X509_KEY_NEW 210
786#define ASN1_F_X509_NAME_ENTRY_NEW 211
787#define ASN1_F_X509_NAME_NEW 212
788#define ASN1_F_X509_NEW 213
789#define ASN1_F_X509_PKEY_NEW 214
790#define ASN1_F_X509_PUBKEY_NEW 215
791#define ASN1_F_X509_REQ_INFO_NEW 216
792#define ASN1_F_X509_REQ_NEW 217
793#define ASN1_F_X509_REVOKED_NEW 218
794#define ASN1_F_X509_SIG_NEW 219
795#define ASN1_F_X509_VAL_FREE 220
796#define ASN1_F_X509_VAL_NEW 221
797 1024
798/* Reason codes. */ 1025/* Reason codes. */
799#define ASN1_R_BAD_CLASS 100 1026#define ASN1_R_ADDING_OBJECT 171
800#define ASN1_R_BAD_GET_OBJECT 101 1027#define ASN1_R_AUX_ERROR 100
1028#define ASN1_R_BAD_CLASS 101
801#define ASN1_R_BAD_OBJECT_HEADER 102 1029#define ASN1_R_BAD_OBJECT_HEADER 102
802#define ASN1_R_BAD_PASSWORD_READ 103 1030#define ASN1_R_BAD_PASSWORD_READ 103
803#define ASN1_R_BAD_PKCS7_CONTENT 104 1031#define ASN1_R_BAD_TAG 104
804#define ASN1_R_BAD_PKCS7_TYPE 105 1032#define ASN1_R_BN_LIB 105
805#define ASN1_R_BAD_TAG 106 1033#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106
806#define ASN1_R_BAD_TYPE 107 1034#define ASN1_R_BUFFER_TOO_SMALL 107
807#define ASN1_R_BN_LIB 108 1035#define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 108
808#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 109 1036#define ASN1_R_DATA_IS_WRONG 109
809#define ASN1_R_BUFFER_TOO_SMALL 110 1037#define ASN1_R_DECODE_ERROR 110
810#define ASN1_R_DATA_IS_WRONG 111 1038#define ASN1_R_DECODING_ERROR 111
811#define ASN1_R_DECODING_ERROR 112 1039#define ASN1_R_ENCODE_ERROR 112
812#define ASN1_R_ERROR_STACK 113 1040#define ASN1_R_ERROR_LOADING_SECTION 172
813#define ASN1_R_EXPECTING_AN_INTEGER 114 1041#define ASN1_R_ERROR_PARSING_SET_ELEMENT 113
814#define ASN1_R_EXPECTING_AN_OBJECT 115 1042#define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 114
815#define ASN1_R_EXPECTING_AN_OCTET_STRING 116 1043#define ASN1_R_EXPECTING_AN_INTEGER 115
816#define ASN1_R_EXPECTING_A_BIT_STRING 117 1044#define ASN1_R_EXPECTING_AN_OBJECT 116
817#define ASN1_R_EXPECTING_A_BOOLEAN 118 1045#define ASN1_R_EXPECTING_A_BOOLEAN 117
818#define ASN1_R_EXPECTING_A_SEQUENCE 119 1046#define ASN1_R_EXPECTING_A_TIME 118
819#define ASN1_R_EXPECTING_A_UTCTIME 120 1047#define ASN1_R_EXPLICIT_LENGTH_MISMATCH 119
820#define ASN1_R_FIRST_NUM_TOO_LARGE 121 1048#define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED 120
821#define ASN1_R_HEADER_TOO_LONG 122 1049#define ASN1_R_FIELD_MISSING 121
822#define ASN1_R_INVALID_DIGIT 123 1050#define ASN1_R_FIRST_NUM_TOO_LARGE 122
823#define ASN1_R_INVALID_SEPARATOR 124 1051#define ASN1_R_HEADER_TOO_LONG 123
824#define ASN1_R_INVALID_TIME_FORMAT 125 1052#define ASN1_R_ILLEGAL_CHARACTERS 124
825#define ASN1_R_IV_TOO_LARGE 126 1053#define ASN1_R_ILLEGAL_NULL 125
826#define ASN1_R_LENGTH_ERROR 127 1054#define ASN1_R_ILLEGAL_OPTIONAL_ANY 126
827#define ASN1_R_LENGTH_MISMATCH 128 1055#define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE 170
828#define ASN1_R_MISSING_EOS 129 1056#define ASN1_R_ILLEGAL_TAGGED_ANY 127
829#define ASN1_R_MISSING_SECOND_NUMBER 130 1057#define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128
830#define ASN1_R_NON_HEX_CHARACTERS 131 1058#define ASN1_R_INVALID_BMPSTRING_LENGTH 129
831#define ASN1_R_NOT_ENOUGH_DATA 132 1059#define ASN1_R_INVALID_DIGIT 130
832#define ASN1_R_ODD_NUMBER_OF_CHARS 133 1060#define ASN1_R_INVALID_SEPARATOR 131
833#define ASN1_R_PARSING 134 1061#define ASN1_R_INVALID_TIME_FORMAT 132
834#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 135 1062#define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133
835#define ASN1_R_SECOND_NUMBER_TOO_LARGE 136 1063#define ASN1_R_INVALID_UTF8STRING 134
836#define ASN1_R_SHORT_LINE 137 1064#define ASN1_R_IV_TOO_LARGE 135
837#define ASN1_R_STRING_TOO_SHORT 138 1065#define ASN1_R_LENGTH_ERROR 136
838#define ASN1_R_TAG_VALUE_TOO_HIGH 139 1066#define ASN1_R_MISSING_EOC 137
839#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 140 1067#define ASN1_R_MISSING_SECOND_NUMBER 138
840#define ASN1_R_TOO_LONG 141 1068#define ASN1_R_MSTRING_NOT_UNIVERSAL 139
841#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 142 1069#define ASN1_R_MSTRING_WRONG_TAG 140
842#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 143 1070#define ASN1_R_NON_HEX_CHARACTERS 141
843#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE 144 1071#define ASN1_R_NOT_ENOUGH_DATA 142
844#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 145 1072#define ASN1_R_NO_MATCHING_CHOICE_TYPE 143
845#define ASN1_R_UNKNOWN_OBJECT_TYPE 146 1073#define ASN1_R_NULL_IS_WRONG_LENGTH 144
846#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 147 1074#define ASN1_R_ODD_NUMBER_OF_CHARS 145
847#define ASN1_R_UNSUPPORTED_CIPHER 148 1075#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 146
848#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 149 1076#define ASN1_R_SECOND_NUMBER_TOO_LARGE 147
849#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 150 1077#define ASN1_R_SEQUENCE_LENGTH_MISMATCH 148
850#define ASN1_R_UTCTIME_TOO_LONG 151 1078#define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149
851#define ASN1_R_WRONG_PRINTABLE_TYPE 152 1079#define ASN1_R_SHORT_LINE 150
852#define ASN1_R_WRONG_TAG 153 1080#define ASN1_R_STRING_TOO_LONG 151
853#define ASN1_R_WRONG_TYPE 154 1081#define ASN1_R_STRING_TOO_SHORT 152
854 1082#define ASN1_R_TAG_VALUE_TOO_HIGH 153
1083#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154
1084#define ASN1_R_TOO_LONG 155
1085#define ASN1_R_TYPE_NOT_CONSTRUCTED 156
1086#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157
1087#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 158
1088#define ASN1_R_UNEXPECTED_EOC 159
1089#define ASN1_R_UNKNOWN_FORMAT 160
1090#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161
1091#define ASN1_R_UNKNOWN_OBJECT_TYPE 162
1092#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163
1093#define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164
1094#define ASN1_R_UNSUPPORTED_CIPHER 165
1095#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 166
1096#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167
1097#define ASN1_R_WRONG_TAG 168
1098#define ASN1_R_WRONG_TYPE 169
1099
855#ifdef __cplusplus 1100#ifdef __cplusplus
856} 1101}
857#endif 1102#endif
858#endif 1103#endif
859
diff --git a/src/lib/libcrypto/asn1/asn1_err.c b/src/lib/libcrypto/asn1/asn1_err.c
index 03c2858e7d..c4c3d2a91d 100644
--- a/src/lib/libcrypto/asn1/asn1_err.c
+++ b/src/lib/libcrypto/asn1/asn1_err.c
@@ -1,263 +1,237 @@
1/* lib/asn1/asn1_err.c */ 1/* crypto/asn1/asn1_err.c */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) 2/* ====================================================================
3 * All rights reserved. 3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
25 * are met: 7 * are met:
26 * 1. Redistributions of source code must retain the copyright 8 *
27 * notice, this list of conditions and the following disclaimer. 9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
28 * 2. Redistributions in binary form must reproduce the above copyright 12 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the 13 * notice, this list of conditions and the following disclaimer in
30 * documentation and/or other materials provided with the distribution. 14 * the documentation and/or other materials provided with the
31 * 3. All advertising materials mentioning features or use of this software 15 * distribution.
32 * must display the following acknowledgement: 16 *
33 * "This product includes cryptographic software written by 17 * 3. All advertising materials mentioning features or use of this
34 * Eric Young (eay@cryptsoft.com)" 18 * software must display the following acknowledgment:
35 * The word 'cryptographic' can be left out if the rouines from the library 19 * "This product includes software developed by the OpenSSL Project
36 * being used are not cryptographic related :-). 20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
37 * 4. If you include any Windows specific code (or a derivative thereof) from 21 *
38 * the apps directory (application code) you must include an acknowledgement: 22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 23 * endorse or promote products derived from this software without
40 * 24 * prior written permission. For written permission, please contact
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 25 * openssl-core@OpenSSL.org.
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 *
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * 5. Products derived from this software may not be called "OpenSSL"
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 28 * nor may "OpenSSL" appear in their names without prior written
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * permission of the OpenSSL Project.
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 *
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * 6. Redistributions of any form whatsoever must retain the following
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * acknowledgment:
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * "This product includes software developed by the OpenSSL Project
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
51 * SUCH DAMAGE. 35 *
52 * 36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
53 * The licence and distribution terms for any publically available version or 37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
55 * copied and put under another distribution licence 39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
56 * [including the GNU Public Licence.] 40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
57 */ 54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file,
58 * only reason strings will be preserved.
59 */
60
58#include <stdio.h> 61#include <stdio.h>
59#include "err.h" 62#include <openssl/err.h>
60#include "asn1.h" 63#include <openssl/asn1.h>
61 64
62/* BEGIN ERROR CODES */ 65/* BEGIN ERROR CODES */
63#ifndef NO_ERR 66#ifndef OPENSSL_NO_ERR
64static ERR_STRING_DATA ASN1_str_functs[]= 67static ERR_STRING_DATA ASN1_str_functs[]=
65 { 68 {
66{ERR_PACK(0,ASN1_F_A2D_ASN1_OBJECT,0), "a2d_ASN1_OBJECT"}, 69{ERR_PACK(0,ASN1_F_A2D_ASN1_OBJECT,0), "a2d_ASN1_OBJECT"},
70{ERR_PACK(0,ASN1_F_A2I_ASN1_ENUMERATED,0), "a2i_ASN1_ENUMERATED"},
67{ERR_PACK(0,ASN1_F_A2I_ASN1_INTEGER,0), "a2i_ASN1_INTEGER"}, 71{ERR_PACK(0,ASN1_F_A2I_ASN1_INTEGER,0), "a2i_ASN1_INTEGER"},
68{ERR_PACK(0,ASN1_F_A2I_ASN1_STRING,0), "a2i_ASN1_STRING"}, 72{ERR_PACK(0,ASN1_F_A2I_ASN1_STRING,0), "a2i_ASN1_STRING"},
69{ERR_PACK(0,ASN1_F_ASN1_COLLATE_PRIMATIVE,0), "ASN1_COLLATE_PRIMATIVE"}, 73{ERR_PACK(0,ASN1_F_ASN1_CHECK_TLEN,0), "ASN1_CHECK_TLEN"},
74{ERR_PACK(0,ASN1_F_ASN1_COLLATE_PRIMITIVE,0), "ASN1_COLLATE_PRIMITIVE"},
75{ERR_PACK(0,ASN1_F_ASN1_COLLECT,0), "ASN1_COLLECT"},
70{ERR_PACK(0,ASN1_F_ASN1_D2I_BIO,0), "ASN1_d2i_bio"}, 76{ERR_PACK(0,ASN1_F_ASN1_D2I_BIO,0), "ASN1_d2i_bio"},
77{ERR_PACK(0,ASN1_F_ASN1_D2I_EX_PRIMITIVE,0), "ASN1_D2I_EX_PRIMITIVE"},
71{ERR_PACK(0,ASN1_F_ASN1_D2I_FP,0), "ASN1_d2i_fp"}, 78{ERR_PACK(0,ASN1_F_ASN1_D2I_FP,0), "ASN1_d2i_fp"},
79{ERR_PACK(0,ASN1_F_ASN1_DO_ADB,0), "ASN1_DO_ADB"},
72{ERR_PACK(0,ASN1_F_ASN1_DUP,0), "ASN1_dup"}, 80{ERR_PACK(0,ASN1_F_ASN1_DUP,0), "ASN1_dup"},
81{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_SET,0), "ASN1_ENUMERATED_set"},
82{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_TO_BN,0), "ASN1_ENUMERATED_to_BN"},
73{ERR_PACK(0,ASN1_F_ASN1_GET_OBJECT,0), "ASN1_get_object"}, 83{ERR_PACK(0,ASN1_F_ASN1_GET_OBJECT,0), "ASN1_get_object"},
74{ERR_PACK(0,ASN1_F_ASN1_HEADER_NEW,0), "ASN1_HEADER_new"}, 84{ERR_PACK(0,ASN1_F_ASN1_HEADER_NEW,0), "ASN1_HEADER_new"},
75{ERR_PACK(0,ASN1_F_ASN1_I2D_BIO,0), "ASN1_i2d_bio"}, 85{ERR_PACK(0,ASN1_F_ASN1_I2D_BIO,0), "ASN1_i2d_bio"},
76{ERR_PACK(0,ASN1_F_ASN1_I2D_FP,0), "ASN1_i2d_fp"}, 86{ERR_PACK(0,ASN1_F_ASN1_I2D_FP,0), "ASN1_i2d_fp"},
77{ERR_PACK(0,ASN1_F_ASN1_INTEGER_SET,0), "ASN1_INTEGER_set"}, 87{ERR_PACK(0,ASN1_F_ASN1_INTEGER_SET,0), "ASN1_INTEGER_set"},
78{ERR_PACK(0,ASN1_F_ASN1_INTEGER_TO_BN,0), "ASN1_INTEGER_to_BN"}, 88{ERR_PACK(0,ASN1_F_ASN1_INTEGER_TO_BN,0), "ASN1_INTEGER_to_BN"},
89{ERR_PACK(0,ASN1_F_ASN1_ITEM_EX_D2I,0), "ASN1_ITEM_EX_D2I"},
90{ERR_PACK(0,ASN1_F_ASN1_ITEM_NEW,0), "ASN1_item_new"},
91{ERR_PACK(0,ASN1_F_ASN1_MBSTRING_COPY,0), "ASN1_mbstring_copy"},
79{ERR_PACK(0,ASN1_F_ASN1_OBJECT_NEW,0), "ASN1_OBJECT_new"}, 92{ERR_PACK(0,ASN1_F_ASN1_OBJECT_NEW,0), "ASN1_OBJECT_new"},
80{ERR_PACK(0,ASN1_F_ASN1_SIGN,0), "ASN1_SIGN"}, 93{ERR_PACK(0,ASN1_F_ASN1_PACK_STRING,0), "ASN1_pack_string"},
81{ERR_PACK(0,ASN1_F_ASN1_STRING_NEW,0), "ASN1_STRING_new"}, 94{ERR_PACK(0,ASN1_F_ASN1_PBE_SET,0), "ASN1_PBE_SET"},
95{ERR_PACK(0,ASN1_F_ASN1_SEQ_PACK,0), "ASN1_seq_pack"},
96{ERR_PACK(0,ASN1_F_ASN1_SEQ_UNPACK,0), "ASN1_seq_unpack"},
97{ERR_PACK(0,ASN1_F_ASN1_SIGN,0), "ASN1_sign"},
98{ERR_PACK(0,ASN1_F_ASN1_STRING_TABLE_ADD,0), "ASN1_STRING_TABLE_add"},
82{ERR_PACK(0,ASN1_F_ASN1_STRING_TYPE_NEW,0), "ASN1_STRING_type_new"}, 99{ERR_PACK(0,ASN1_F_ASN1_STRING_TYPE_NEW,0), "ASN1_STRING_type_new"},
100{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_D2I,0), "ASN1_TEMPLATE_D2I"},
101{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_EX_D2I,0), "ASN1_TEMPLATE_EX_D2I"},
102{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_NEW,0), "ASN1_TEMPLATE_NEW"},
83{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0), "ASN1_TYPE_get_int_octetstring"}, 103{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0), "ASN1_TYPE_get_int_octetstring"},
84{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0), "ASN1_TYPE_get_octetstring"}, 104{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0), "ASN1_TYPE_get_octetstring"},
85{ERR_PACK(0,ASN1_F_ASN1_TYPE_NEW,0), "ASN1_TYPE_new"}, 105{ERR_PACK(0,ASN1_F_ASN1_UNPACK_STRING,0), "ASN1_unpack_string"},
86{ERR_PACK(0,ASN1_F_ASN1_UTCTIME_NEW,0), "ASN1_UTCTIME_NEW"}, 106{ERR_PACK(0,ASN1_F_ASN1_VERIFY,0), "ASN1_verify"},
87{ERR_PACK(0,ASN1_F_ASN1_VERIFY,0), "ASN1_VERIFY"}, 107{ERR_PACK(0,ASN1_F_BN_TO_ASN1_ENUMERATED,0), "BN_to_ASN1_ENUMERATED"},
88{ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0), "BN_to_ASN1_INTEGER"}, 108{ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0), "BN_to_ASN1_INTEGER"},
89{ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0), "d2i_ASN1_BIT_STRING"}, 109{ERR_PACK(0,ASN1_F_COLLECT_DATA,0), "COLLECT_DATA"},
90{ERR_PACK(0,ASN1_F_D2I_ASN1_BMPSTRING,0), "D2I_ASN1_BMPSTRING"}, 110{ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0), "D2I_ASN1_BIT_STRING"},
91{ERR_PACK(0,ASN1_F_D2I_ASN1_BOOLEAN,0), "d2i_ASN1_BOOLEAN"}, 111{ERR_PACK(0,ASN1_F_D2I_ASN1_BOOLEAN,0), "d2i_ASN1_BOOLEAN"},
92{ERR_PACK(0,ASN1_F_D2I_ASN1_BYTES,0), "d2i_ASN1_bytes"}, 112{ERR_PACK(0,ASN1_F_D2I_ASN1_BYTES,0), "d2i_ASN1_bytes"},
113{ERR_PACK(0,ASN1_F_D2I_ASN1_GENERALIZEDTIME,0), "D2I_ASN1_GENERALIZEDTIME"},
93{ERR_PACK(0,ASN1_F_D2I_ASN1_HEADER,0), "d2i_ASN1_HEADER"}, 114{ERR_PACK(0,ASN1_F_D2I_ASN1_HEADER,0), "d2i_ASN1_HEADER"},
94{ERR_PACK(0,ASN1_F_D2I_ASN1_INTEGER,0), "d2i_ASN1_INTEGER"}, 115{ERR_PACK(0,ASN1_F_D2I_ASN1_INTEGER,0), "D2I_ASN1_INTEGER"},
95{ERR_PACK(0,ASN1_F_D2I_ASN1_OBJECT,0), "d2i_ASN1_OBJECT"}, 116{ERR_PACK(0,ASN1_F_D2I_ASN1_OBJECT,0), "d2i_ASN1_OBJECT"},
96{ERR_PACK(0,ASN1_F_D2I_ASN1_OCTET_STRING,0), "d2i_ASN1_OCTET_STRING"},
97{ERR_PACK(0,ASN1_F_D2I_ASN1_PRINT_TYPE,0), "D2I_ASN1_PRINT_TYPE"},
98{ERR_PACK(0,ASN1_F_D2I_ASN1_SET,0), "d2i_ASN1_SET"}, 117{ERR_PACK(0,ASN1_F_D2I_ASN1_SET,0), "d2i_ASN1_SET"},
99{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE,0), "d2i_ASN1_TYPE"},
100{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE_BYTES,0), "d2i_ASN1_type_bytes"}, 118{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE_BYTES,0), "d2i_ASN1_type_bytes"},
101{ERR_PACK(0,ASN1_F_D2I_ASN1_UTCTIME,0), "d2i_ASN1_UTCTIME"}, 119{ERR_PACK(0,ASN1_F_D2I_ASN1_UINTEGER,0), "d2i_ASN1_UINTEGER"},
102{ERR_PACK(0,ASN1_F_D2I_DHPARAMS,0), "D2I_DHPARAMS"}, 120{ERR_PACK(0,ASN1_F_D2I_ASN1_UTCTIME,0), "D2I_ASN1_UTCTIME"},
103{ERR_PACK(0,ASN1_F_D2I_DSAPARAMS,0), "D2I_DSAPARAMS"}, 121{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA,0), "d2i_Netscape_RSA"},
104{ERR_PACK(0,ASN1_F_D2I_DSAPRIVATEKEY,0), "D2I_DSAPRIVATEKEY"},
105{ERR_PACK(0,ASN1_F_D2I_DSAPUBLICKEY,0), "D2I_DSAPUBLICKEY"},
106{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_PKEY,0), "D2I_NETSCAPE_PKEY"},
107{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA,0), "D2I_NETSCAPE_RSA"},
108{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA_2,0), "D2I_NETSCAPE_RSA_2"}, 122{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA_2,0), "D2I_NETSCAPE_RSA_2"},
109{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKAC,0), "D2I_NETSCAPE_SPKAC"}, 123{ERR_PACK(0,ASN1_F_D2I_PRIVATEKEY,0), "d2i_PrivateKey"},
110{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKI,0), "D2I_NETSCAPE_SPKI"}, 124{ERR_PACK(0,ASN1_F_D2I_PUBLICKEY,0), "d2i_PublicKey"},
111{ERR_PACK(0,ASN1_F_D2I_PKCS7,0), "D2I_PKCS7"},
112{ERR_PACK(0,ASN1_F_D2I_PKCS7_DIGEST,0), "D2I_PKCS7_DIGEST"},
113{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENCRYPT,0), "D2I_PKCS7_ENCRYPT"},
114{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENC_CONTENT,0), "D2I_PKCS7_ENC_CONTENT"},
115{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENVELOPE,0), "D2I_PKCS7_ENVELOPE"},
116{ERR_PACK(0,ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL,0), "D2I_PKCS7_ISSUER_AND_SERIAL"},
117{ERR_PACK(0,ASN1_F_D2I_PKCS7_RECIP_INFO,0), "D2I_PKCS7_RECIP_INFO"},
118{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNED,0), "D2I_PKCS7_SIGNED"},
119{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNER_INFO,0), "D2I_PKCS7_SIGNER_INFO"},
120{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGN_ENVELOPE,0), "D2I_PKCS7_SIGN_ENVELOPE"},
121{ERR_PACK(0,ASN1_F_D2I_PRIVATEKEY,0), "D2I_PRIVATEKEY"},
122{ERR_PACK(0,ASN1_F_D2I_PUBLICKEY,0), "D2I_PUBLICKEY"},
123{ERR_PACK(0,ASN1_F_D2I_RSAPRIVATEKEY,0), "D2I_RSAPRIVATEKEY"},
124{ERR_PACK(0,ASN1_F_D2I_RSAPUBLICKEY,0), "D2I_RSAPUBLICKEY"},
125{ERR_PACK(0,ASN1_F_D2I_X509,0), "D2I_X509"}, 125{ERR_PACK(0,ASN1_F_D2I_X509,0), "D2I_X509"},
126{ERR_PACK(0,ASN1_F_D2I_X509_ALGOR,0), "D2I_X509_ALGOR"},
127{ERR_PACK(0,ASN1_F_D2I_X509_ATTRIBUTE,0), "D2I_X509_ATTRIBUTE"},
128{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0), "D2I_X509_CINF"}, 126{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0), "D2I_X509_CINF"},
129{ERR_PACK(0,ASN1_F_D2I_X509_CRL,0), "D2I_X509_CRL"},
130{ERR_PACK(0,ASN1_F_D2I_X509_CRL_INFO,0), "D2I_X509_CRL_INFO"},
131{ERR_PACK(0,ASN1_F_D2I_X509_EXTENSION,0), "D2I_X509_EXTENSION"},
132{ERR_PACK(0,ASN1_F_D2I_X509_KEY,0), "D2I_X509_KEY"},
133{ERR_PACK(0,ASN1_F_D2I_X509_NAME,0), "D2I_X509_NAME"}, 127{ERR_PACK(0,ASN1_F_D2I_X509_NAME,0), "D2I_X509_NAME"},
134{ERR_PACK(0,ASN1_F_D2I_X509_NAME_ENTRY,0), "D2I_X509_NAME_ENTRY"}, 128{ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0), "d2i_X509_PKEY"},
135{ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0), "D2I_X509_PKEY"}, 129{ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0), "I2D_ASN1_TIME"},
136{ERR_PACK(0,ASN1_F_D2I_X509_PUBKEY,0), "D2I_X509_PUBKEY"}, 130{ERR_PACK(0,ASN1_F_I2D_DSA_PUBKEY,0), "i2d_DSA_PUBKEY"},
137{ERR_PACK(0,ASN1_F_D2I_X509_REQ,0), "D2I_X509_REQ"}, 131{ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0), "i2d_Netscape_RSA"},
138{ERR_PACK(0,ASN1_F_D2I_X509_REQ_INFO,0), "D2I_X509_REQ_INFO"}, 132{ERR_PACK(0,ASN1_F_I2D_PRIVATEKEY,0), "i2d_PrivateKey"},
139{ERR_PACK(0,ASN1_F_D2I_X509_REVOKED,0), "D2I_X509_REVOKED"}, 133{ERR_PACK(0,ASN1_F_I2D_PUBLICKEY,0), "i2d_PublicKey"},
140{ERR_PACK(0,ASN1_F_D2I_X509_SIG,0), "D2I_X509_SIG"}, 134{ERR_PACK(0,ASN1_F_I2D_RSA_PUBKEY,0), "i2d_RSA_PUBKEY"},
141{ERR_PACK(0,ASN1_F_D2I_X509_VAL,0), "D2I_X509_VAL"}, 135{ERR_PACK(0,ASN1_F_LONG_C2I,0), "LONG_C2I"},
142{ERR_PACK(0,ASN1_F_I2D_ASN1_HEADER,0), "i2d_ASN1_HEADER"}, 136{ERR_PACK(0,ASN1_F_OID_MODULE_INIT,0), "OID_MODULE_INIT"},
143{ERR_PACK(0,ASN1_F_I2D_DHPARAMS,0), "I2D_DHPARAMS"}, 137{ERR_PACK(0,ASN1_F_PKCS5_PBE2_SET,0), "PKCS5_pbe2_set"},
144{ERR_PACK(0,ASN1_F_I2D_DSAPARAMS,0), "I2D_DSAPARAMS"},
145{ERR_PACK(0,ASN1_F_I2D_DSAPRIVATEKEY,0), "I2D_DSAPRIVATEKEY"},
146{ERR_PACK(0,ASN1_F_I2D_DSAPUBLICKEY,0), "I2D_DSAPUBLICKEY"},
147{ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0), "I2D_NETSCAPE_RSA"},
148{ERR_PACK(0,ASN1_F_I2D_PKCS7,0), "I2D_PKCS7"},
149{ERR_PACK(0,ASN1_F_I2D_PRIVATEKEY,0), "I2D_PRIVATEKEY"},
150{ERR_PACK(0,ASN1_F_I2D_PUBLICKEY,0), "I2D_PUBLICKEY"},
151{ERR_PACK(0,ASN1_F_I2D_RSAPRIVATEKEY,0), "I2D_RSAPRIVATEKEY"},
152{ERR_PACK(0,ASN1_F_I2D_RSAPUBLICKEY,0), "I2D_RSAPUBLICKEY"},
153{ERR_PACK(0,ASN1_F_I2D_X509_ATTRIBUTE,0), "I2D_X509_ATTRIBUTE"},
154{ERR_PACK(0,ASN1_F_I2T_ASN1_OBJECT,0), "i2t_ASN1_OBJECT"},
155{ERR_PACK(0,ASN1_F_NETSCAPE_PKEY_NEW,0), "NETSCAPE_PKEY_NEW"},
156{ERR_PACK(0,ASN1_F_NETSCAPE_SPKAC_NEW,0), "NETSCAPE_SPKAC_NEW"},
157{ERR_PACK(0,ASN1_F_NETSCAPE_SPKI_NEW,0), "NETSCAPE_SPKI_NEW"},
158{ERR_PACK(0,ASN1_F_PKCS7_DIGEST_NEW,0), "PKCS7_DIGEST_NEW"},
159{ERR_PACK(0,ASN1_F_PKCS7_ENCRYPT_NEW,0), "PKCS7_ENCRYPT_NEW"},
160{ERR_PACK(0,ASN1_F_PKCS7_ENC_CONTENT_NEW,0), "PKCS7_ENC_CONTENT_NEW"},
161{ERR_PACK(0,ASN1_F_PKCS7_ENVELOPE_NEW,0), "PKCS7_ENVELOPE_NEW"},
162{ERR_PACK(0,ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW,0), "PKCS7_ISSUER_AND_SERIAL_NEW"},
163{ERR_PACK(0,ASN1_F_PKCS7_NEW,0), "PKCS7_NEW"},
164{ERR_PACK(0,ASN1_F_PKCS7_RECIP_INFO_NEW,0), "PKCS7_RECIP_INFO_NEW"},
165{ERR_PACK(0,ASN1_F_PKCS7_SIGNED_NEW,0), "PKCS7_SIGNED_NEW"},
166{ERR_PACK(0,ASN1_F_PKCS7_SIGNER_INFO_NEW,0), "PKCS7_SIGNER_INFO_NEW"},
167{ERR_PACK(0,ASN1_F_PKCS7_SIGN_ENVELOPE_NEW,0), "PKCS7_SIGN_ENVELOPE_NEW"},
168{ERR_PACK(0,ASN1_F_X509_ALGOR_NEW,0), "X509_ALGOR_NEW"},
169{ERR_PACK(0,ASN1_F_X509_ATTRIBUTE_NEW,0), "X509_ATTRIBUTE_NEW"},
170{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0), "X509_CINF_NEW"}, 138{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0), "X509_CINF_NEW"},
171{ERR_PACK(0,ASN1_F_X509_CRL_INFO_NEW,0), "X509_CRL_INFO_NEW"}, 139{ERR_PACK(0,ASN1_F_X509_CRL_ADD0_REVOKED,0), "X509_CRL_add0_revoked"},
172{ERR_PACK(0,ASN1_F_X509_CRL_NEW,0), "X509_CRL_NEW"}, 140{ERR_PACK(0,ASN1_F_X509_INFO_NEW,0), "X509_INFO_new"},
173{ERR_PACK(0,ASN1_F_X509_DHPARAMS_NEW,0), "X509_DHPARAMS_NEW"},
174{ERR_PACK(0,ASN1_F_X509_EXTENSION_NEW,0), "X509_EXTENSION_NEW"},
175{ERR_PACK(0,ASN1_F_X509_INFO_NEW,0), "X509_INFO_NEW"},
176{ERR_PACK(0,ASN1_F_X509_KEY_NEW,0), "X509_KEY_NEW"},
177{ERR_PACK(0,ASN1_F_X509_NAME_ENTRY_NEW,0), "X509_NAME_ENTRY_NEW"},
178{ERR_PACK(0,ASN1_F_X509_NAME_NEW,0), "X509_NAME_NEW"}, 141{ERR_PACK(0,ASN1_F_X509_NAME_NEW,0), "X509_NAME_NEW"},
179{ERR_PACK(0,ASN1_F_X509_NEW,0), "X509_NEW"}, 142{ERR_PACK(0,ASN1_F_X509_NEW,0), "X509_NEW"},
180{ERR_PACK(0,ASN1_F_X509_PKEY_NEW,0), "X509_PKEY_NEW"}, 143{ERR_PACK(0,ASN1_F_X509_PKEY_NEW,0), "X509_PKEY_new"},
181{ERR_PACK(0,ASN1_F_X509_PUBKEY_NEW,0), "X509_PUBKEY_NEW"}, 144{0,NULL}
182{ERR_PACK(0,ASN1_F_X509_REQ_INFO_NEW,0), "X509_REQ_INFO_NEW"},
183{ERR_PACK(0,ASN1_F_X509_REQ_NEW,0), "X509_REQ_NEW"},
184{ERR_PACK(0,ASN1_F_X509_REVOKED_NEW,0), "X509_REVOKED_NEW"},
185{ERR_PACK(0,ASN1_F_X509_SIG_NEW,0), "X509_SIG_NEW"},
186{ERR_PACK(0,ASN1_F_X509_VAL_FREE,0), "X509_VAL_FREE"},
187{ERR_PACK(0,ASN1_F_X509_VAL_NEW,0), "X509_VAL_NEW"},
188{0,NULL},
189 }; 145 };
190 146
191static ERR_STRING_DATA ASN1_str_reasons[]= 147static ERR_STRING_DATA ASN1_str_reasons[]=
192 { 148 {
149{ASN1_R_ADDING_OBJECT ,"adding object"},
150{ASN1_R_AUX_ERROR ,"aux error"},
193{ASN1_R_BAD_CLASS ,"bad class"}, 151{ASN1_R_BAD_CLASS ,"bad class"},
194{ASN1_R_BAD_GET_OBJECT ,"bad get object"},
195{ASN1_R_BAD_OBJECT_HEADER ,"bad object header"}, 152{ASN1_R_BAD_OBJECT_HEADER ,"bad object header"},
196{ASN1_R_BAD_PASSWORD_READ ,"bad password read"}, 153{ASN1_R_BAD_PASSWORD_READ ,"bad password read"},
197{ASN1_R_BAD_PKCS7_CONTENT ,"bad pkcs7 content"},
198{ASN1_R_BAD_PKCS7_TYPE ,"bad pkcs7 type"},
199{ASN1_R_BAD_TAG ,"bad tag"}, 154{ASN1_R_BAD_TAG ,"bad tag"},
200{ASN1_R_BAD_TYPE ,"bad type"},
201{ASN1_R_BN_LIB ,"bn lib"}, 155{ASN1_R_BN_LIB ,"bn lib"},
202{ASN1_R_BOOLEAN_IS_WRONG_LENGTH ,"boolean is wrong length"}, 156{ASN1_R_BOOLEAN_IS_WRONG_LENGTH ,"boolean is wrong length"},
203{ASN1_R_BUFFER_TOO_SMALL ,"buffer too small"}, 157{ASN1_R_BUFFER_TOO_SMALL ,"buffer too small"},
158{ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER ,"cipher has no object identifier"},
204{ASN1_R_DATA_IS_WRONG ,"data is wrong"}, 159{ASN1_R_DATA_IS_WRONG ,"data is wrong"},
160{ASN1_R_DECODE_ERROR ,"decode error"},
205{ASN1_R_DECODING_ERROR ,"decoding error"}, 161{ASN1_R_DECODING_ERROR ,"decoding error"},
206{ASN1_R_ERROR_STACK ,"error stack"}, 162{ASN1_R_ENCODE_ERROR ,"encode error"},
163{ASN1_R_ERROR_LOADING_SECTION ,"error loading section"},
164{ASN1_R_ERROR_PARSING_SET_ELEMENT ,"error parsing set element"},
165{ASN1_R_ERROR_SETTING_CIPHER_PARAMS ,"error setting cipher params"},
207{ASN1_R_EXPECTING_AN_INTEGER ,"expecting an integer"}, 166{ASN1_R_EXPECTING_AN_INTEGER ,"expecting an integer"},
208{ASN1_R_EXPECTING_AN_OBJECT ,"expecting an object"}, 167{ASN1_R_EXPECTING_AN_OBJECT ,"expecting an object"},
209{ASN1_R_EXPECTING_AN_OCTET_STRING ,"expecting an octet string"},
210{ASN1_R_EXPECTING_A_BIT_STRING ,"expecting a bit string"},
211{ASN1_R_EXPECTING_A_BOOLEAN ,"expecting a boolean"}, 168{ASN1_R_EXPECTING_A_BOOLEAN ,"expecting a boolean"},
212{ASN1_R_EXPECTING_A_SEQUENCE ,"expecting a sequence"}, 169{ASN1_R_EXPECTING_A_TIME ,"expecting a time"},
213{ASN1_R_EXPECTING_A_UTCTIME ,"expecting a utctime"}, 170{ASN1_R_EXPLICIT_LENGTH_MISMATCH ,"explicit length mismatch"},
171{ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED ,"explicit tag not constructed"},
172{ASN1_R_FIELD_MISSING ,"field missing"},
214{ASN1_R_FIRST_NUM_TOO_LARGE ,"first num too large"}, 173{ASN1_R_FIRST_NUM_TOO_LARGE ,"first num too large"},
215{ASN1_R_HEADER_TOO_LONG ,"header too long"}, 174{ASN1_R_HEADER_TOO_LONG ,"header too long"},
175{ASN1_R_ILLEGAL_CHARACTERS ,"illegal characters"},
176{ASN1_R_ILLEGAL_NULL ,"illegal null"},
177{ASN1_R_ILLEGAL_OPTIONAL_ANY ,"illegal optional any"},
178{ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE ,"illegal options on item template"},
179{ASN1_R_ILLEGAL_TAGGED_ANY ,"illegal tagged any"},
180{ASN1_R_INTEGER_TOO_LARGE_FOR_LONG ,"integer too large for long"},
181{ASN1_R_INVALID_BMPSTRING_LENGTH ,"invalid bmpstring length"},
216{ASN1_R_INVALID_DIGIT ,"invalid digit"}, 182{ASN1_R_INVALID_DIGIT ,"invalid digit"},
217{ASN1_R_INVALID_SEPARATOR ,"invalid separator"}, 183{ASN1_R_INVALID_SEPARATOR ,"invalid separator"},
218{ASN1_R_INVALID_TIME_FORMAT ,"invalid time format"}, 184{ASN1_R_INVALID_TIME_FORMAT ,"invalid time format"},
185{ASN1_R_INVALID_UNIVERSALSTRING_LENGTH ,"invalid universalstring length"},
186{ASN1_R_INVALID_UTF8STRING ,"invalid utf8string"},
219{ASN1_R_IV_TOO_LARGE ,"iv too large"}, 187{ASN1_R_IV_TOO_LARGE ,"iv too large"},
220{ASN1_R_LENGTH_ERROR ,"length error"}, 188{ASN1_R_LENGTH_ERROR ,"length error"},
221{ASN1_R_LENGTH_MISMATCH ,"length mismatch"}, 189{ASN1_R_MISSING_EOC ,"missing eoc"},
222{ASN1_R_MISSING_EOS ,"missing eos"},
223{ASN1_R_MISSING_SECOND_NUMBER ,"missing second number"}, 190{ASN1_R_MISSING_SECOND_NUMBER ,"missing second number"},
191{ASN1_R_MSTRING_NOT_UNIVERSAL ,"mstring not universal"},
192{ASN1_R_MSTRING_WRONG_TAG ,"mstring wrong tag"},
224{ASN1_R_NON_HEX_CHARACTERS ,"non hex characters"}, 193{ASN1_R_NON_HEX_CHARACTERS ,"non hex characters"},
225{ASN1_R_NOT_ENOUGH_DATA ,"not enough data"}, 194{ASN1_R_NOT_ENOUGH_DATA ,"not enough data"},
195{ASN1_R_NO_MATCHING_CHOICE_TYPE ,"no matching choice type"},
196{ASN1_R_NULL_IS_WRONG_LENGTH ,"null is wrong length"},
226{ASN1_R_ODD_NUMBER_OF_CHARS ,"odd number of chars"}, 197{ASN1_R_ODD_NUMBER_OF_CHARS ,"odd number of chars"},
227{ASN1_R_PARSING ,"parsing"},
228{ASN1_R_PRIVATE_KEY_HEADER_MISSING ,"private key header missing"}, 198{ASN1_R_PRIVATE_KEY_HEADER_MISSING ,"private key header missing"},
229{ASN1_R_SECOND_NUMBER_TOO_LARGE ,"second number too large"}, 199{ASN1_R_SECOND_NUMBER_TOO_LARGE ,"second number too large"},
200{ASN1_R_SEQUENCE_LENGTH_MISMATCH ,"sequence length mismatch"},
201{ASN1_R_SEQUENCE_NOT_CONSTRUCTED ,"sequence not constructed"},
230{ASN1_R_SHORT_LINE ,"short line"}, 202{ASN1_R_SHORT_LINE ,"short line"},
203{ASN1_R_STRING_TOO_LONG ,"string too long"},
231{ASN1_R_STRING_TOO_SHORT ,"string too short"}, 204{ASN1_R_STRING_TOO_SHORT ,"string too short"},
232{ASN1_R_TAG_VALUE_TOO_HIGH ,"tag value too high"}, 205{ASN1_R_TAG_VALUE_TOO_HIGH ,"tag value too high"},
233{ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"}, 206{ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
234{ASN1_R_TOO_LONG ,"too long"}, 207{ASN1_R_TOO_LONG ,"too long"},
208{ASN1_R_TYPE_NOT_CONSTRUCTED ,"type not constructed"},
235{ASN1_R_UNABLE_TO_DECODE_RSA_KEY ,"unable to decode rsa key"}, 209{ASN1_R_UNABLE_TO_DECODE_RSA_KEY ,"unable to decode rsa key"},
236{ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY ,"unable to decode rsa private key"}, 210{ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY ,"unable to decode rsa private key"},
237{ASN1_R_UNKNOWN_ATTRIBUTE_TYPE ,"unknown attribute type"}, 211{ASN1_R_UNEXPECTED_EOC ,"unexpected eoc"},
212{ASN1_R_UNKNOWN_FORMAT ,"unknown format"},
238{ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM ,"unknown message digest algorithm"}, 213{ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM ,"unknown message digest algorithm"},
239{ASN1_R_UNKNOWN_OBJECT_TYPE ,"unknown object type"}, 214{ASN1_R_UNKNOWN_OBJECT_TYPE ,"unknown object type"},
240{ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE ,"unknown public key type"}, 215{ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE ,"unknown public key type"},
216{ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE ,"unsupported any defined by type"},
241{ASN1_R_UNSUPPORTED_CIPHER ,"unsupported cipher"}, 217{ASN1_R_UNSUPPORTED_CIPHER ,"unsupported cipher"},
242{ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM ,"unsupported encryption algorithm"}, 218{ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM ,"unsupported encryption algorithm"},
243{ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE ,"unsupported public key type"}, 219{ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE ,"unsupported public key type"},
244{ASN1_R_UTCTIME_TOO_LONG ,"utctime too long"},
245{ASN1_R_WRONG_PRINTABLE_TYPE ,"wrong printable type"},
246{ASN1_R_WRONG_TAG ,"wrong tag"}, 220{ASN1_R_WRONG_TAG ,"wrong tag"},
247{ASN1_R_WRONG_TYPE ,"wrong type"}, 221{ASN1_R_WRONG_TYPE ,"wrong type"},
248{0,NULL}, 222{0,NULL}
249 }; 223 };
250 224
251#endif 225#endif
252 226
253void ERR_load_ASN1_strings() 227void ERR_load_ASN1_strings(void)
254 { 228 {
255 static int init=1; 229 static int init=1;
256 230
257 if (init); 231 if (init)
258 {; 232 {
259 init=0; 233 init=0;
260#ifndef NO_ERR 234#ifndef OPENSSL_NO_ERR
261 ERR_load_strings(ERR_LIB_ASN1,ASN1_str_functs); 235 ERR_load_strings(ERR_LIB_ASN1,ASN1_str_functs);
262 ERR_load_strings(ERR_LIB_ASN1,ASN1_str_reasons); 236 ERR_load_strings(ERR_LIB_ASN1,ASN1_str_reasons);
263#endif 237#endif
diff --git a/src/lib/libcrypto/asn1/asn1_lib.c b/src/lib/libcrypto/asn1/asn1_lib.c
index ff30b25836..830ff2af3c 100644
--- a/src/lib/libcrypto/asn1/asn1_lib.c
+++ b/src/lib/libcrypto/asn1/asn1_lib.c
@@ -58,22 +58,13 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "asn1.h" 61#include <openssl/asn1.h>
62#include "asn1_mac.h"
63 62
64#ifndef NOPROTO
65static int asn1_get_length(unsigned char **pp,int *inf,long *rl,int max); 63static int asn1_get_length(unsigned char **pp,int *inf,long *rl,int max);
66static void asn1_put_length(unsigned char **pp, int length); 64static void asn1_put_length(unsigned char **pp, int length);
67#else 65const char *ASN1_version="ASN.1" OPENSSL_VERSION_PTEXT;
68static int asn1_get_length();
69static void asn1_put_length();
70#endif
71
72char *ASN1_version="ASN1 part of SSLeay 0.9.0b 29-Jun-1998";
73 66
74int ASN1_check_infinite_end(p,len) 67int ASN1_check_infinite_end(unsigned char **p, long len)
75unsigned char **p;
76long len;
77 { 68 {
78 /* If there is 0 or 1 byte left, the length check should pick 69 /* If there is 0 or 1 byte left, the length check should pick
79 * things up */ 70 * things up */
@@ -88,12 +79,8 @@ long len;
88 } 79 }
89 80
90 81
91int ASN1_get_object(pp, plength, ptag, pclass, omax) 82int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, int *pclass,
92unsigned char **pp; 83 long omax)
93long *plength;
94int *ptag;
95int *pclass;
96long omax;
97 { 84 {
98 int i,ret; 85 int i,ret;
99 long l; 86 long l;
@@ -104,8 +91,8 @@ long omax;
104 if (!max) goto err; 91 if (!max) goto err;
105 ret=(*p&V_ASN1_CONSTRUCTED); 92 ret=(*p&V_ASN1_CONSTRUCTED);
106 xclass=(*p&V_ASN1_PRIVATE); 93 xclass=(*p&V_ASN1_PRIVATE);
107 i= *p&V_ASN1_PRIMATIVE_TAG; 94 i= *p&V_ASN1_PRIMITIVE_TAG;
108 if (i == V_ASN1_PRIMATIVE_TAG) 95 if (i == V_ASN1_PRIMITIVE_TAG)
109 { /* high-tag */ 96 { /* high-tag */
110 p++; 97 p++;
111 if (--max == 0) goto err; 98 if (--max == 0) goto err;
@@ -130,11 +117,13 @@ long omax;
130 *pclass=xclass; 117 *pclass=xclass;
131 if (!asn1_get_length(&p,&inf,plength,(int)max)) goto err; 118 if (!asn1_get_length(&p,&inf,plength,(int)max)) goto err;
132 119
133#ifdef undef 120#if 0
134 fprintf(stderr,"p=%d + *plength=%d > omax=%d + *pp=%d (%d > %d)\n", 121 fprintf(stderr,"p=%d + *plength=%ld > omax=%ld + *pp=%d (%d > %d)\n",
135 p,*plength,omax,*pp,(p+ *plength),omax+ *pp); 122 (int)p,*plength,omax,(int)*pp,(int)(p+ *plength),
123 (int)(omax+ *pp));
136 124
137#endif 125#endif
126#if 0
138 if ((p+ *plength) > (omax+ *pp)) 127 if ((p+ *plength) > (omax+ *pp))
139 { 128 {
140 ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG); 129 ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
@@ -142,18 +131,15 @@ long omax;
142 * the values are set correctly */ 131 * the values are set correctly */
143 ret|=0x80; 132 ret|=0x80;
144 } 133 }
134#endif
145 *pp=p; 135 *pp=p;
146 return(ret+inf); 136 return(ret|inf);
147err: 137err:
148 ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_HEADER_TOO_LONG); 138 ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_HEADER_TOO_LONG);
149 return(0x80); 139 return(0x80);
150 } 140 }
151 141
152static int asn1_get_length(pp,inf,rl,max) 142static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max)
153unsigned char **pp;
154int *inf;
155long *rl;
156int max;
157 { 143 {
158 unsigned char *p= *pp; 144 unsigned char *p= *pp;
159 long ret=0; 145 long ret=0;
@@ -189,30 +175,29 @@ int max;
189 } 175 }
190 176
191/* class 0 is constructed 177/* class 0 is constructed
192 * constructed == 2 for indefinitle length constructed */ 178 * constructed == 2 for indefinite length constructed */
193void ASN1_put_object(pp,constructed,length,tag,xclass) 179void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag,
194unsigned char **pp; 180 int xclass)
195int constructed;
196int length;
197int tag;
198int xclass;
199 { 181 {
200 unsigned char *p= *pp; 182 unsigned char *p= *pp;
201 int i; 183 int i, ttag;
202 184
203 i=(constructed)?V_ASN1_CONSTRUCTED:0; 185 i=(constructed)?V_ASN1_CONSTRUCTED:0;
204 i|=(xclass&V_ASN1_PRIVATE); 186 i|=(xclass&V_ASN1_PRIVATE);
205 if (tag < 31) 187 if (tag < 31)
206 *(p++)=i|(tag&V_ASN1_PRIMATIVE_TAG); 188 *(p++)=i|(tag&V_ASN1_PRIMITIVE_TAG);
207 else 189 else
208 { 190 {
209 *(p++)=i|V_ASN1_PRIMATIVE_TAG; 191 *(p++)=i|V_ASN1_PRIMITIVE_TAG;
210 while (tag > 0x7f) 192 for(i = 0, ttag = tag; ttag > 0; i++) ttag >>=7;
193 ttag = i;
194 while(i-- > 0)
211 { 195 {
212 *(p++)=(tag&0x7f)|0x80; 196 p[i] = tag & 0x7f;
213 tag>>=7; 197 if(i != (ttag - 1)) p[i] |= 0x80;
198 tag >>= 7;
214 } 199 }
215 *(p++)=(tag&0x7f); 200 p += ttag;
216 } 201 }
217 if ((constructed == 2) && (length == 0)) 202 if ((constructed == 2) && (length == 0))
218 *(p++)=0x80; /* der_put_length would output 0 instead */ 203 *(p++)=0x80; /* der_put_length would output 0 instead */
@@ -221,9 +206,7 @@ int xclass;
221 *pp=p; 206 *pp=p;
222 } 207 }
223 208
224static void asn1_put_length(pp, length) 209static void asn1_put_length(unsigned char **pp, int length)
225unsigned char **pp;
226int length;
227 { 210 {
228 unsigned char *p= *pp; 211 unsigned char *p= *pp;
229 int i,l; 212 int i,l;
@@ -246,10 +229,7 @@ int length;
246 *pp=p; 229 *pp=p;
247 } 230 }
248 231
249int ASN1_object_size(constructed, length, tag) 232int ASN1_object_size(int constructed, int length, int tag)
250int constructed;
251int length;
252int tag;
253 { 233 {
254 int ret; 234 int ret;
255 235
@@ -277,29 +257,26 @@ int tag;
277 return(ret); 257 return(ret);
278 } 258 }
279 259
280int asn1_Finish(c) 260int asn1_Finish(ASN1_CTX *c)
281ASN1_CTX *c;
282 { 261 {
283 if ((c->inf == (1|V_ASN1_CONSTRUCTED)) && (!c->eos)) 262 if ((c->inf == (1|V_ASN1_CONSTRUCTED)) && (!c->eos))
284 { 263 {
285 if (!ASN1_check_infinite_end(&c->p,c->slen)) 264 if (!ASN1_check_infinite_end(&c->p,c->slen))
286 { 265 {
287 c->error=ASN1_R_MISSING_EOS; 266 c->error=ERR_R_MISSING_ASN1_EOS;
288 return(0); 267 return(0);
289 } 268 }
290 } 269 }
291 if ( ((c->slen != 0) && !(c->inf & 1)) || 270 if ( ((c->slen != 0) && !(c->inf & 1)) ||
292 ((c->slen < 0) && (c->inf & 1))) 271 ((c->slen < 0) && (c->inf & 1)))
293 { 272 {
294 c->error=ASN1_R_LENGTH_MISMATCH; 273 c->error=ERR_R_ASN1_LENGTH_MISMATCH;
295 return(0); 274 return(0);
296 } 275 }
297 return(1); 276 return(1);
298 } 277 }
299 278
300int asn1_GetSequence(c,length) 279int asn1_GetSequence(ASN1_CTX *c, long *length)
301ASN1_CTX *c;
302long *length;
303 { 280 {
304 unsigned char *q; 281 unsigned char *q;
305 282
@@ -308,18 +285,18 @@ long *length;
308 *length); 285 *length);
309 if (c->inf & 0x80) 286 if (c->inf & 0x80)
310 { 287 {
311 c->error=ASN1_R_BAD_GET_OBJECT; 288 c->error=ERR_R_BAD_GET_ASN1_OBJECT_CALL;
312 return(0); 289 return(0);
313 } 290 }
314 if (c->tag != V_ASN1_SEQUENCE) 291 if (c->tag != V_ASN1_SEQUENCE)
315 { 292 {
316 c->error=ASN1_R_EXPECTING_A_SEQUENCE; 293 c->error=ERR_R_EXPECTING_AN_ASN1_SEQUENCE;
317 return(0); 294 return(0);
318 } 295 }
319 (*length)-=(c->p-q); 296 (*length)-=(c->p-q);
320 if (c->max && (*length < 0)) 297 if (c->max && (*length < 0))
321 { 298 {
322 c->error=ASN1_R_LENGTH_MISMATCH; 299 c->error=ERR_R_ASN1_LENGTH_MISMATCH;
323 return(0); 300 return(0);
324 } 301 }
325 if (c->inf == (1|V_ASN1_CONSTRUCTED)) 302 if (c->inf == (1|V_ASN1_CONSTRUCTED))
@@ -328,8 +305,7 @@ long *length;
328 return(1); 305 return(1);
329 } 306 }
330 307
331ASN1_STRING *ASN1_STRING_dup(str) 308ASN1_STRING *ASN1_STRING_dup(ASN1_STRING *str)
332ASN1_STRING *str;
333 { 309 {
334 ASN1_STRING *ret; 310 ASN1_STRING *ret;
335 311
@@ -341,34 +317,33 @@ ASN1_STRING *str;
341 ASN1_STRING_free(ret); 317 ASN1_STRING_free(ret);
342 return(NULL); 318 return(NULL);
343 } 319 }
320 ret->flags = str->flags;
344 return(ret); 321 return(ret);
345 } 322 }
346 323
347int ASN1_STRING_set(str,data,len) 324int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
348ASN1_STRING *str;
349unsigned char *data;
350int len;
351 { 325 {
352 char *c; 326 unsigned char *c;
327 const char *data=_data;
353 328
354 if (len < 0) 329 if (len < 0)
355 { 330 {
356 if (data == NULL) 331 if (data == NULL)
357 return(0); 332 return(0);
358 else 333 else
359 len=strlen((char *)data); 334 len=strlen(data);
360 } 335 }
361 if ((str->length < len) || (str->data == NULL)) 336 if ((str->length < len) || (str->data == NULL))
362 { 337 {
363 c=(char *)str->data; 338 c=str->data;
364 if (c == NULL) 339 if (c == NULL)
365 str->data=(unsigned char *)Malloc(len+1); 340 str->data=OPENSSL_malloc(len+1);
366 else 341 else
367 str->data=(unsigned char *)Realloc(c,len+1); 342 str->data=OPENSSL_realloc(c,len+1);
368 343
369 if (str->data == NULL) 344 if (str->data == NULL)
370 { 345 {
371 str->data=(unsigned char *)c; 346 str->data=c;
372 return(0); 347 return(0);
373 } 348 }
374 } 349 }
@@ -376,24 +351,23 @@ int len;
376 if (data != NULL) 351 if (data != NULL)
377 { 352 {
378 memcpy(str->data,data,len); 353 memcpy(str->data,data,len);
379 /* an alowance for strings :-) */ 354 /* an allowance for strings :-) */
380 str->data[len]='\0'; 355 str->data[len]='\0';
381 } 356 }
382 return(1); 357 return(1);
383 } 358 }
384 359
385ASN1_STRING *ASN1_STRING_new() 360ASN1_STRING *ASN1_STRING_new(void)
386 { 361 {
387 return(ASN1_STRING_type_new(V_ASN1_OCTET_STRING)); 362 return(ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
388 } 363 }
389 364
390 365
391ASN1_STRING *ASN1_STRING_type_new(type) 366ASN1_STRING *ASN1_STRING_type_new(int type)
392int type;
393 { 367 {
394 ASN1_STRING *ret; 368 ASN1_STRING *ret;
395 369
396 ret=(ASN1_STRING *)Malloc(sizeof(ASN1_STRING)); 370 ret=(ASN1_STRING *)OPENSSL_malloc(sizeof(ASN1_STRING));
397 if (ret == NULL) 371 if (ret == NULL)
398 { 372 {
399 ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW,ERR_R_MALLOC_FAILURE); 373 ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW,ERR_R_MALLOC_FAILURE);
@@ -402,19 +376,18 @@ int type;
402 ret->length=0; 376 ret->length=0;
403 ret->type=type; 377 ret->type=type;
404 ret->data=NULL; 378 ret->data=NULL;
379 ret->flags=0;
405 return(ret); 380 return(ret);
406 } 381 }
407 382
408void ASN1_STRING_free(a) 383void ASN1_STRING_free(ASN1_STRING *a)
409ASN1_STRING *a;
410 { 384 {
411 if (a == NULL) return; 385 if (a == NULL) return;
412 if (a->data != NULL) Free((char *)a->data); 386 if (a->data != NULL) OPENSSL_free(a->data);
413 Free((char *)a); 387 OPENSSL_free(a);
414 } 388 }
415 389
416int ASN1_STRING_cmp(a,b) 390int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b)
417ASN1_STRING *a,*b;
418 { 391 {
419 int i; 392 int i;
420 393
@@ -431,9 +404,7 @@ ASN1_STRING *a,*b;
431 return(i); 404 return(i);
432 } 405 }
433 406
434void asn1_add_error(address,offset) 407void asn1_add_error(unsigned char *address, int offset)
435unsigned char *address;
436int offset;
437 { 408 {
438 char buf1[16],buf2[16]; 409 char buf1[16],buf2[16];
439 410
@@ -442,3 +413,14 @@ int offset;
442 ERR_add_error_data(4,"address=",buf1," offset=",buf2); 413 ERR_add_error_data(4,"address=",buf1," offset=",buf2);
443 } 414 }
444 415
416int ASN1_STRING_length(ASN1_STRING *x)
417{ return M_ASN1_STRING_length(x); }
418
419void ASN1_STRING_length_set(ASN1_STRING *x, int len)
420{ M_ASN1_STRING_length_set(x, len); return; }
421
422int ASN1_STRING_type(ASN1_STRING *x)
423{ return M_ASN1_STRING_type(x); }
424
425unsigned char * ASN1_STRING_data(ASN1_STRING *x)
426{ return M_ASN1_STRING_data(x); }
diff --git a/src/lib/libcrypto/asn1/asn1_mac.h b/src/lib/libcrypto/asn1/asn1_mac.h
index 4fba70e4bb..a48649ceeb 100644
--- a/src/lib/libcrypto/asn1/asn1_mac.h
+++ b/src/lib/libcrypto/asn1/asn1_mac.h
@@ -59,52 +59,84 @@
59#ifndef HEADER_ASN1_MAC_H 59#ifndef HEADER_ASN1_MAC_H
60#define HEADER_ASN1_MAC_H 60#define HEADER_ASN1_MAC_H
61 61
62#include <openssl/asn1.h>
63
62#ifdef __cplusplus 64#ifdef __cplusplus
63extern "C" { 65extern "C" {
64#endif 66#endif
65 67
66#include "asn1.h" 68#ifndef ASN1_MAC_ERR_LIB
67#include "x509.h" 69#define ASN1_MAC_ERR_LIB ERR_LIB_ASN1
68#include "pkcs7.h" 70#endif
71
72#define ASN1_MAC_H_err(f,r,line) \
73 ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),__FILE__,(line))
69 74
70#define M_ASN1_D2I_vars(a,type,func) \ 75#define M_ASN1_D2I_vars(a,type,func) \
71 ASN1_CTX c; \ 76 ASN1_CTX c; \
72 type ret=NULL; \ 77 type ret=NULL; \
73 \ 78 \
74 c.pp=pp; \ 79 c.pp=(unsigned char **)pp; \
75 c.error=ASN1_R_ERROR_STACK; \ 80 c.q= *(unsigned char **)pp; \
81 c.error=ERR_R_NESTED_ASN1_ERROR; \
76 if ((a == NULL) || ((*a) == NULL)) \ 82 if ((a == NULL) || ((*a) == NULL)) \
77 { if ((ret=(type)func()) == NULL) goto err; } \ 83 { if ((ret=(type)func()) == NULL) \
84 { c.line=__LINE__; goto err; } } \
78 else ret=(*a); 85 else ret=(*a);
79 86
80#define M_ASN1_D2I_Init() \ 87#define M_ASN1_D2I_Init() \
81 c.p= *pp; \ 88 c.p= *(unsigned char **)pp; \
82 c.max=(length == 0)?0:(c.p+length); 89 c.max=(length == 0)?0:(c.p+length);
83 90
84#define M_ASN1_D2I_Finish_2(a) \ 91#define M_ASN1_D2I_Finish_2(a) \
85 if (!asn1_Finish(&c)) goto err; \ 92 if (!asn1_Finish(&c)) \
86 *pp=c.p; \ 93 { c.line=__LINE__; goto err; } \
94 *(unsigned char **)pp=c.p; \
87 if (a != NULL) (*a)=ret; \ 95 if (a != NULL) (*a)=ret; \
88 return(ret); 96 return(ret);
89 97
90#define M_ASN1_D2I_Finish(a,func,e) \ 98#define M_ASN1_D2I_Finish(a,func,e) \
91 M_ASN1_D2I_Finish_2(a); \ 99 M_ASN1_D2I_Finish_2(a); \
92err:\ 100err:\
93 ASN1err((e),c.error); \ 101 ASN1_MAC_H_err((e),c.error,c.line); \
94 asn1_add_error(*pp,(int)(c.q- *pp)); \ 102 asn1_add_error(*(unsigned char **)pp,(int)(c.q- *pp)); \
95 if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \ 103 if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
96 return(NULL) 104 return(NULL)
97 105
98#define M_ASN1_D2I_start_sequence() \ 106#define M_ASN1_D2I_start_sequence() \
99 if (!asn1_GetSequence(&c,&length)) goto err; 107 if (!asn1_GetSequence(&c,&length)) \
108 { c.line=__LINE__; goto err; }
109/* Begin reading ASN1 without a surrounding sequence */
110#define M_ASN1_D2I_begin() \
111 c.slen = length;
112
113/* End reading ASN1 with no check on length */
114#define M_ASN1_D2I_Finish_nolen(a, func, e) \
115 *pp=c.p; \
116 if (a != NULL) (*a)=ret; \
117 return(ret); \
118err:\
119 ASN1_MAC_H_err((e),c.error,c.line); \
120 asn1_add_error(*pp,(int)(c.q- *pp)); \
121 if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
122 return(NULL)
100 123
101#define M_ASN1_D2I_end_sequence() \ 124#define M_ASN1_D2I_end_sequence() \
102 (((c.inf&1) == 0)?(c.slen <= 0): \ 125 (((c.inf&1) == 0)?(c.slen <= 0): \
103 (c.eos=ASN1_check_infinite_end(&c.p,c.slen))) 126 (c.eos=ASN1_check_infinite_end(&c.p,c.slen)))
104 127
128/* Don't use this with d2i_ASN1_BOOLEAN() */
105#define M_ASN1_D2I_get(b,func) \ 129#define M_ASN1_D2I_get(b,func) \
106 c.q=c.p; \ 130 c.q=c.p; \
107 if (func(&(b),&c.p,c.slen) == NULL) goto err; \ 131 if (func(&(b),&c.p,c.slen) == NULL) \
132 {c.line=__LINE__; goto err; } \
133 c.slen-=(c.p-c.q);
134
135/* use this instead () */
136#define M_ASN1_D2I_get_int(b,func) \
137 c.q=c.p; \
138 if (func(&(b),&c.p,c.slen) < 0) \
139 {c.line=__LINE__; goto err; } \
108 c.slen-=(c.p-c.q); 140 c.slen-=(c.p-c.q);
109 141
110#define M_ASN1_D2I_get_opt(b,func,type) \ 142#define M_ASN1_D2I_get_opt(b,func,type) \
@@ -114,49 +146,118 @@ err:\
114 M_ASN1_D2I_get(b,func); \ 146 M_ASN1_D2I_get(b,func); \
115 } 147 }
116 148
149#define M_ASN1_D2I_get_imp(b,func, type) \
150 M_ASN1_next=(_tmp& V_ASN1_CONSTRUCTED)|type; \
151 c.q=c.p; \
152 if (func(&(b),&c.p,c.slen) == NULL) \
153 {c.line=__LINE__; M_ASN1_next_prev = _tmp; goto err; } \
154 c.slen-=(c.p-c.q);\
155 M_ASN1_next_prev=_tmp;
156
117#define M_ASN1_D2I_get_IMP_opt(b,func,tag,type) \ 157#define M_ASN1_D2I_get_IMP_opt(b,func,tag,type) \
118 if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == \ 158 if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == \
119 (V_ASN1_CONTEXT_SPECIFIC|(tag)))) \ 159 (V_ASN1_CONTEXT_SPECIFIC|(tag)))) \
120 { \ 160 { \
121 unsigned char tmp; \ 161 unsigned char _tmp = M_ASN1_next; \
122 tmp=M_ASN1_next; \ 162 M_ASN1_D2I_get_imp(b,func, type);\
123 M_ASN1_next=(tmp& ~V_ASN1_PRIMATIVE_TAG)|type; \
124 M_ASN1_D2I_get(b,func); \
125 M_ASN1_next_prev=tmp; \
126 } 163 }
127 164
128#define M_ASN1_D2I_get_set(r,func) \ 165#define M_ASN1_D2I_get_set(r,func,free_func) \
129 M_ASN1_D2I_get_imp_set(r,func,V_ASN1_SET,V_ASN1_UNIVERSAL); 166 M_ASN1_D2I_get_imp_set(r,func,free_func, \
167 V_ASN1_SET,V_ASN1_UNIVERSAL);
168
169#define M_ASN1_D2I_get_set_type(type,r,func,free_func) \
170 M_ASN1_D2I_get_imp_set_type(type,r,func,free_func, \
171 V_ASN1_SET,V_ASN1_UNIVERSAL);
172
173#define M_ASN1_D2I_get_set_opt(r,func,free_func) \
174 if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
175 V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
176 { M_ASN1_D2I_get_set(r,func,free_func); }
177
178#define M_ASN1_D2I_get_set_opt_type(type,r,func,free_func) \
179 if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
180 V_ASN1_CONSTRUCTED|V_ASN1_SET)))\
181 { M_ASN1_D2I_get_set_type(type,r,func,free_func); }
182
183#define M_ASN1_I2D_len_SET_opt(a,f) \
184 if ((a != NULL) && (sk_num(a) != 0)) \
185 M_ASN1_I2D_len_SET(a,f);
186
187#define M_ASN1_I2D_put_SET_opt(a,f) \
188 if ((a != NULL) && (sk_num(a) != 0)) \
189 M_ASN1_I2D_put_SET(a,f);
190
191#define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
192 if ((a != NULL) && (sk_num(a) != 0)) \
193 M_ASN1_I2D_put_SEQUENCE(a,f);
130 194
131#define M_ASN1_D2I_get_IMP_set_opt(b,func,tag) \ 195#define M_ASN1_I2D_put_SEQUENCE_opt_type(type,a,f) \
196 if ((a != NULL) && (sk_##type##_num(a) != 0)) \
197 M_ASN1_I2D_put_SEQUENCE_type(type,a,f);
198
199#define M_ASN1_D2I_get_IMP_set_opt(b,func,free_func,tag) \
132 if ((c.slen != 0) && \ 200 if ((c.slen != 0) && \
133 (M_ASN1_next == \ 201 (M_ASN1_next == \
134 (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\ 202 (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
135 { \ 203 { \
136 M_ASN1_D2I_get_imp_set(b,func,tag,V_ASN1_CONTEXT_SPECIFIC); \ 204 M_ASN1_D2I_get_imp_set(b,func,free_func,\
205 tag,V_ASN1_CONTEXT_SPECIFIC); \
137 } 206 }
138 207
139#define M_ASN1_D2I_get_seq(r,func) \ 208#define M_ASN1_D2I_get_IMP_set_opt_type(type,b,func,free_func,tag) \
140 M_ASN1_D2I_get_imp_set(r,func,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); 209 if ((c.slen != 0) && \
210 (M_ASN1_next == \
211 (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
212 { \
213 M_ASN1_D2I_get_imp_set_type(type,b,func,free_func,\
214 tag,V_ASN1_CONTEXT_SPECIFIC); \
215 }
216
217#define M_ASN1_D2I_get_seq(r,func,free_func) \
218 M_ASN1_D2I_get_imp_set(r,func,free_func,\
219 V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
220
221#define M_ASN1_D2I_get_seq_type(type,r,func,free_func) \
222 M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
223 V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
141 224
142#define M_ASN1_D2I_get_seq_opt(r,func) \ 225#define M_ASN1_D2I_get_seq_opt(r,func,free_func) \
143 if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \ 226 if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
144 V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\ 227 V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
145 { M_ASN1_D2I_get_seq(r,func); } 228 { M_ASN1_D2I_get_seq(r,func,free_func); }
146 229
147#define M_ASN1_D2I_get_IMP_set(r,func,x) \ 230#define M_ASN1_D2I_get_seq_opt_type(type,r,func,free_func) \
148 M_ASN1_D2I_get_imp_set(r,func,x,V_ASN1_CONTEXT_SPECIFIC); 231 if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
232 V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
233 { M_ASN1_D2I_get_seq_type(type,r,func,free_func); }
234
235#define M_ASN1_D2I_get_IMP_set(r,func,free_func,x) \
236 M_ASN1_D2I_get_imp_set(r,func,free_func,\
237 x,V_ASN1_CONTEXT_SPECIFIC);
238
239#define M_ASN1_D2I_get_IMP_set_type(type,r,func,free_func,x) \
240 M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\
241 x,V_ASN1_CONTEXT_SPECIFIC);
242
243#define M_ASN1_D2I_get_imp_set(r,func,free_func,a,b) \
244 c.q=c.p; \
245 if (d2i_ASN1_SET(&(r),&c.p,c.slen,(char *(*)())func,\
246 (void (*)())free_func,a,b) == NULL) \
247 { c.line=__LINE__; goto err; } \
248 c.slen-=(c.p-c.q);
149 249
150#define M_ASN1_D2I_get_imp_set(r,func,a,b) \ 250#define M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,a,b) \
151 c.q=c.p; \ 251 c.q=c.p; \
152 if (d2i_ASN1_SET(&(r),&c.p,c.slen,(char *(*)())func,a,b) == NULL) \ 252 if (d2i_ASN1_SET_OF_##type(&(r),&c.p,c.slen,func,\
153 goto err; \ 253 free_func,a,b) == NULL) \
254 { c.line=__LINE__; goto err; } \
154 c.slen-=(c.p-c.q); 255 c.slen-=(c.p-c.q);
155 256
156#define M_ASN1_D2I_get_set_strings(r,func,a,b) \ 257#define M_ASN1_D2I_get_set_strings(r,func,a,b) \
157 c.q=c.p; \ 258 c.q=c.p; \
158 if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \ 259 if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \
159 goto err; \ 260 { c.line=__LINE__; goto err; } \
160 c.slen-=(c.p-c.q); 261 c.slen-=(c.p-c.q);
161 262
162#define M_ASN1_D2I_get_EXP_opt(r,func,tag) \ 263#define M_ASN1_D2I_get_EXP_opt(r,func,tag) \
@@ -169,13 +270,22 @@ err:\
169 c.q=c.p; \ 270 c.q=c.p; \
170 Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \ 271 Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
171 if (Tinf & 0x80) \ 272 if (Tinf & 0x80) \
172 { c.error=ASN1_R_BAD_OBJECT_HEADER; goto err; } \ 273 { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
274 c.line=__LINE__; goto err; } \
275 if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
276 Tlen = c.slen - (c.p - c.q) - 2; \
173 if (func(&(r),&c.p,Tlen) == NULL) \ 277 if (func(&(r),&c.p,Tlen) == NULL) \
174 goto err; \ 278 { c.line=__LINE__; goto err; } \
279 if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
280 Tlen = c.slen - (c.p - c.q); \
281 if(!ASN1_check_infinite_end(&c.p, Tlen)) \
282 { c.error=ERR_R_MISSING_ASN1_EOS; \
283 c.line=__LINE__; goto err; } \
284 }\
175 c.slen-=(c.p-c.q); \ 285 c.slen-=(c.p-c.q); \
176 } 286 }
177 287
178#define M_ASN1_D2I_get_EXP_set_opt(r,func,tag,b) \ 288#define M_ASN1_D2I_get_EXP_set_opt(r,func,free_func,tag,b) \
179 if ((c.slen != 0) && (M_ASN1_next == \ 289 if ((c.slen != 0) && (M_ASN1_next == \
180 (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \ 290 (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
181 { \ 291 { \
@@ -185,24 +295,61 @@ err:\
185 c.q=c.p; \ 295 c.q=c.p; \
186 Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \ 296 Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
187 if (Tinf & 0x80) \ 297 if (Tinf & 0x80) \
188 { c.error=ASN1_R_BAD_OBJECT_HEADER; goto err; } \ 298 { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
299 c.line=__LINE__; goto err; } \
300 if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
301 Tlen = c.slen - (c.p - c.q) - 2; \
189 if (d2i_ASN1_SET(&(r),&c.p,Tlen,(char *(*)())func, \ 302 if (d2i_ASN1_SET(&(r),&c.p,Tlen,(char *(*)())func, \
303 (void (*)())free_func, \
190 b,V_ASN1_UNIVERSAL) == NULL) \ 304 b,V_ASN1_UNIVERSAL) == NULL) \
191 goto err; \ 305 { c.line=__LINE__; goto err; } \
306 if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
307 Tlen = c.slen - (c.p - c.q); \
308 if(!ASN1_check_infinite_end(&c.p, Tlen)) \
309 { c.error=ERR_R_MISSING_ASN1_EOS; \
310 c.line=__LINE__; goto err; } \
311 }\
312 c.slen-=(c.p-c.q); \
313 }
314
315#define M_ASN1_D2I_get_EXP_set_opt_type(type,r,func,free_func,tag,b) \
316 if ((c.slen != 0) && (M_ASN1_next == \
317 (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
318 { \
319 int Tinf,Ttag,Tclass; \
320 long Tlen; \
321 \
322 c.q=c.p; \
323 Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
324 if (Tinf & 0x80) \
325 { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \
326 c.line=__LINE__; goto err; } \
327 if (Tinf == (V_ASN1_CONSTRUCTED+1)) \
328 Tlen = c.slen - (c.p - c.q) - 2; \
329 if (d2i_ASN1_SET_OF_##type(&(r),&c.p,Tlen,func, \
330 free_func,b,V_ASN1_UNIVERSAL) == NULL) \
331 { c.line=__LINE__; goto err; } \
332 if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
333 Tlen = c.slen - (c.p - c.q); \
334 if(!ASN1_check_infinite_end(&c.p, Tlen)) \
335 { c.error=ERR_R_MISSING_ASN1_EOS; \
336 c.line=__LINE__; goto err; } \
337 }\
192 c.slen-=(c.p-c.q); \ 338 c.slen-=(c.p-c.q); \
193 } 339 }
194 340
195/* New macros */ 341/* New macros */
196#define M_ASN1_New_Malloc(ret,type) \ 342#define M_ASN1_New_Malloc(ret,type) \
197 if ((ret=(type *)Malloc(sizeof(type))) == NULL) goto err2; 343 if ((ret=(type *)OPENSSL_malloc(sizeof(type))) == NULL) \
344 { c.line=__LINE__; goto err2; }
198 345
199#define M_ASN1_New(arg,func) \ 346#define M_ASN1_New(arg,func) \
200 if (((arg)=func()) == NULL) return(NULL) 347 if (((arg)=func()) == NULL) return(NULL)
201 348
202#define M_ASN1_New_Error(a) \ 349#define M_ASN1_New_Error(a) \
203/* err: ASN1err((a),ASN1_R_ERROR_STACK); \ 350/* err: ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \
204 return(NULL);*/ \ 351 return(NULL);*/ \
205 err2: ASN1err((a),ERR_R_MALLOC_FAILURE); \ 352 err2: ASN1_MAC_H_err((a),ERR_R_MALLOC_FAILURE,c.line); \
206 return(NULL) 353 return(NULL)
207 354
208 355
@@ -220,21 +367,59 @@ err:\
220#define M_ASN1_I2D_len_IMP_opt(a,f) if (a != NULL) M_ASN1_I2D_len(a,f) 367#define M_ASN1_I2D_len_IMP_opt(a,f) if (a != NULL) M_ASN1_I2D_len(a,f)
221 368
222#define M_ASN1_I2D_len_SET(a,f) \ 369#define M_ASN1_I2D_len_SET(a,f) \
223 ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SET,V_ASN1_UNIVERSAL); 370 ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
371
372#define M_ASN1_I2D_len_SET_type(type,a,f) \
373 ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SET, \
374 V_ASN1_UNIVERSAL,IS_SET);
375
376#define M_ASN1_I2D_len_SEQUENCE(a,f) \
377 ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
378 IS_SEQUENCE);
224 379
225#define M_ASN1_I2D_len_SEQ(a,f) \ 380#define M_ASN1_I2D_len_SEQUENCE_type(type,a,f) \
226 ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); 381 ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SEQUENCE, \
382 V_ASN1_UNIVERSAL,IS_SEQUENCE)
227 383
228#define M_ASN1_I2D_len_SEQ_opt(a,f) \ 384#define M_ASN1_I2D_len_SEQUENCE_opt(a,f) \
229 if ((a != NULL) && (sk_num(a) != 0)) \ 385 if ((a != NULL) && (sk_num(a) != 0)) \
230 M_ASN1_I2D_len_SEQ(a,f); 386 M_ASN1_I2D_len_SEQUENCE(a,f);
231 387
232#define M_ASN1_I2D_len_IMP_set(a,f,x) \ 388#define M_ASN1_I2D_len_SEQUENCE_opt_type(type,a,f) \
233 ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC); 389 if ((a != NULL) && (sk_##type##_num(a) != 0)) \
390 M_ASN1_I2D_len_SEQUENCE_type(type,a,f);
234 391
235#define M_ASN1_I2D_len_IMP_set_opt(a,f,x) \ 392#define M_ASN1_I2D_len_IMP_SET(a,f,x) \
393 ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET);
394
395#define M_ASN1_I2D_len_IMP_SET_type(type,a,f,x) \
396 ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
397 V_ASN1_CONTEXT_SPECIFIC,IS_SET);
398
399#define M_ASN1_I2D_len_IMP_SET_opt(a,f,x) \
400 if ((a != NULL) && (sk_num(a) != 0)) \
401 ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
402 IS_SET);
403
404#define M_ASN1_I2D_len_IMP_SET_opt_type(type,a,f,x) \
405 if ((a != NULL) && (sk_##type##_num(a) != 0)) \
406 ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
407 V_ASN1_CONTEXT_SPECIFIC,IS_SET);
408
409#define M_ASN1_I2D_len_IMP_SEQUENCE(a,f,x) \
410 ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
411 IS_SEQUENCE);
412
413#define M_ASN1_I2D_len_IMP_SEQUENCE_opt(a,f,x) \
236 if ((a != NULL) && (sk_num(a) != 0)) \ 414 if ((a != NULL) && (sk_num(a) != 0)) \
237 ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC); 415 ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \
416 IS_SEQUENCE);
417
418#define M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(type,a,f,x) \
419 if ((a != NULL) && (sk_##type##_num(a) != 0)) \
420 ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \
421 V_ASN1_CONTEXT_SPECIFIC, \
422 IS_SEQUENCE);
238 423
239#define M_ASN1_I2D_len_EXP_opt(a,f,mtag,v) \ 424#define M_ASN1_I2D_len_EXP_opt(a,f,mtag,v) \
240 if (a != NULL)\ 425 if (a != NULL)\
@@ -243,10 +428,27 @@ err:\
243 ret+=ASN1_object_size(1,v,mtag); \ 428 ret+=ASN1_object_size(1,v,mtag); \
244 } 429 }
245 430
246#define M_ASN1_I2D_len_EXP_set_opt(a,f,mtag,tag,v) \ 431#define M_ASN1_I2D_len_EXP_SET_opt(a,f,mtag,tag,v) \
432 if ((a != NULL) && (sk_num(a) != 0))\
433 { \
434 v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
435 ret+=ASN1_object_size(1,v,mtag); \
436 }
437
438#define M_ASN1_I2D_len_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
247 if ((a != NULL) && (sk_num(a) != 0))\ 439 if ((a != NULL) && (sk_num(a) != 0))\
248 { \ 440 { \
249 v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL); \ 441 v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL, \
442 IS_SEQUENCE); \
443 ret+=ASN1_object_size(1,v,mtag); \
444 }
445
446#define M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
447 if ((a != NULL) && (sk_##type##_num(a) != 0))\
448 { \
449 v=i2d_ASN1_SET_OF_##type(a,NULL,f,tag, \
450 V_ASN1_UNIVERSAL, \
451 IS_SEQUENCE); \
250 ret+=ASN1_object_size(1,v,mtag); \ 452 ret+=ASN1_object_size(1,v,mtag); \
251 } 453 }
252 454
@@ -262,20 +464,48 @@ err:\
262 } 464 }
263 465
264#define M_ASN1_I2D_put_SET(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SET,\ 466#define M_ASN1_I2D_put_SET(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SET,\
265 V_ASN1_UNIVERSAL) 467 V_ASN1_UNIVERSAL,IS_SET)
266#define M_ASN1_I2D_put_IMP_set(a,f,x) i2d_ASN1_SET(a,&p,f,x,\ 468#define M_ASN1_I2D_put_SET_type(type,a,f) \
267 V_ASN1_CONTEXT_SPECIFIC) 469 i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET)
268 470#define M_ASN1_I2D_put_IMP_SET(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
269#define M_ASN1_I2D_put_SEQ(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SEQUENCE,\ 471 V_ASN1_CONTEXT_SPECIFIC,IS_SET)
270 V_ASN1_UNIVERSAL) 472#define M_ASN1_I2D_put_IMP_SET_type(type,a,f,x) \
473 i2d_ASN1_SET_OF_##type(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET)
474#define M_ASN1_I2D_put_IMP_SEQUENCE(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
475 V_ASN1_CONTEXT_SPECIFIC,IS_SEQUENCE)
476
477#define M_ASN1_I2D_put_SEQUENCE(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SEQUENCE,\
478 V_ASN1_UNIVERSAL,IS_SEQUENCE)
479
480#define M_ASN1_I2D_put_SEQUENCE_type(type,a,f) \
481 i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \
482 IS_SEQUENCE)
483
484#define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \
485 if ((a != NULL) && (sk_num(a) != 0)) \
486 M_ASN1_I2D_put_SEQUENCE(a,f);
271 487
272#define M_ASN1_I2D_put_SEQ_opt(a,f) \ 488#define M_ASN1_I2D_put_IMP_SET_opt(a,f,x) \
273 if ((a != NULL) && (sk_num(a) != 0)) \ 489 if ((a != NULL) && (sk_num(a) != 0)) \
274 M_ASN1_I2D_put_SEQ(a,f); 490 { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
491 IS_SET); }
492
493#define M_ASN1_I2D_put_IMP_SET_opt_type(type,a,f,x) \
494 if ((a != NULL) && (sk_##type##_num(a) != 0)) \
495 { i2d_ASN1_SET_OF_##type(a,&p,f,x, \
496 V_ASN1_CONTEXT_SPECIFIC, \
497 IS_SET); }
275 498
276#define M_ASN1_I2D_put_IMP_set_opt(a,f,x) \ 499#define M_ASN1_I2D_put_IMP_SEQUENCE_opt(a,f,x) \
277 if ((a != NULL) && (sk_num(a) != 0)) \ 500 if ((a != NULL) && (sk_num(a) != 0)) \
278 { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC); } 501 { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \
502 IS_SEQUENCE); }
503
504#define M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(type,a,f,x) \
505 if ((a != NULL) && (sk_##type##_num(a) != 0)) \
506 { i2d_ASN1_SET_OF_##type(a,&p,f,x, \
507 V_ASN1_CONTEXT_SPECIFIC, \
508 IS_SEQUENCE); }
279 509
280#define M_ASN1_I2D_put_EXP_opt(a,f,tag,v) \ 510#define M_ASN1_I2D_put_EXP_opt(a,f,tag,v) \
281 if (a != NULL) \ 511 if (a != NULL) \
@@ -284,11 +514,26 @@ err:\
284 f(a,&p); \ 514 f(a,&p); \
285 } 515 }
286 516
287#define M_ASN1_I2D_put_EXP_set_opt(a,f,mtag,tag,v) \ 517#define M_ASN1_I2D_put_EXP_SET_opt(a,f,mtag,tag,v) \
288 if ((a != NULL) && (sk_num(a) != 0)) \ 518 if ((a != NULL) && (sk_num(a) != 0)) \
289 { \ 519 { \
290 ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \ 520 ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
291 i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL); \ 521 i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SET); \
522 }
523
524#define M_ASN1_I2D_put_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \
525 if ((a != NULL) && (sk_num(a) != 0)) \
526 { \
527 ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
528 i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SEQUENCE); \
529 }
530
531#define M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \
532 if ((a != NULL) && (sk_##type##_num(a) != 0)) \
533 { \
534 ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
535 i2d_ASN1_SET_OF_##type(a,&p,f,tag,V_ASN1_UNIVERSAL, \
536 IS_SEQUENCE); \
292 } 537 }
293 538
294#define M_ASN1_I2D_seq_total() \ 539#define M_ASN1_I2D_seq_total() \
@@ -306,14 +551,8 @@ err:\
306#define M_ASN1_I2D_finish() *pp=p; \ 551#define M_ASN1_I2D_finish() *pp=p; \
307 return(r); 552 return(r);
308 553
309#ifndef NOPROTO
310int asn1_GetSequence(ASN1_CTX *c, long *length); 554int asn1_GetSequence(ASN1_CTX *c, long *length);
311void asn1_add_error(unsigned char *address,int offset); 555void asn1_add_error(unsigned char *address,int offset);
312#else
313int asn1_GetSequence();
314void asn1_add_error();
315#endif
316
317#ifdef __cplusplus 556#ifdef __cplusplus
318} 557}
319#endif 558#endif
diff --git a/src/lib/libcrypto/asn1/asn1_par.c b/src/lib/libcrypto/asn1/asn1_par.c
index 3906227d21..facfdd27fc 100644
--- a/src/lib/libcrypto/asn1/asn1_par.c
+++ b/src/lib/libcrypto/asn1/asn1_par.c
@@ -58,30 +58,21 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "buffer.h" 61#include <openssl/buffer.h>
62#include "objects.h" 62#include <openssl/objects.h>
63#include "x509.h" 63#include <openssl/asn1.h>
64 64
65#ifndef NOPROTO
66static int asn1_print_info(BIO *bp, int tag, int xclass,int constructed, 65static int asn1_print_info(BIO *bp, int tag, int xclass,int constructed,
67 int indent); 66 int indent);
68static int asn1_parse2(BIO *bp, unsigned char **pp, long length, 67static int asn1_parse2(BIO *bp, unsigned char **pp, long length,
69 int offset, int depth, int indent); 68 int offset, int depth, int indent, int dump);
70#else 69static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
71static int asn1_print_info(); 70 int indent)
72static int asn1_parse2();
73#endif
74
75static int asn1_print_info(bp, tag, xclass, constructed,indent)
76BIO *bp;
77int tag;
78int xclass;
79int constructed;
80int indent;
81 { 71 {
82 static char *fmt="%-18s"; 72 static const char fmt[]="%-18s";
83 static char *fmt2="%2d %-15s"; 73 static const char fmt2[]="%2d %-15s";
84 char *p,str[128],*p2=NULL; 74 char str[128];
75 const char *p,*p2=NULL;
85 76
86 if (constructed & V_ASN1_CONSTRUCTED) 77 if (constructed & V_ASN1_CONSTRUCTED)
87 p="cons: "; 78 p="cons: ";
@@ -102,53 +93,8 @@ int indent;
102 sprintf(str,"cont [ %d ]",tag); 93 sprintf(str,"cont [ %d ]",tag);
103 else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION) 94 else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
104 sprintf(str,"appl [ %d ]",tag); 95 sprintf(str,"appl [ %d ]",tag);
105 else if ((tag == V_ASN1_EOC) /* && (xclass == V_ASN1_UNIVERSAL) */) 96 else p = ASN1_tag2str(tag);
106 p="EOC";
107 else if (tag == V_ASN1_BOOLEAN)
108 p="BOOLEAN";
109 else if (tag == V_ASN1_INTEGER)
110 p="INTEGER";
111 else if (tag == V_ASN1_BIT_STRING)
112 p="BIT STRING";
113 else if (tag == V_ASN1_OCTET_STRING)
114 p="OCTET STRING";
115 else if (tag == V_ASN1_NULL)
116 p="NULL";
117 else if (tag == V_ASN1_OBJECT)
118 p="OBJECT";
119 else if (tag == V_ASN1_SEQUENCE)
120 p="SEQUENCE";
121 else if (tag == V_ASN1_SET)
122 p="SET";
123 else if (tag == V_ASN1_PRINTABLESTRING)
124 p="PRINTABLESTRING";
125 else if (tag == V_ASN1_T61STRING)
126 p="T61STRING";
127 else if (tag == V_ASN1_IA5STRING)
128 p="IA5STRING";
129 else if (tag == V_ASN1_UTCTIME)
130 p="UTCTIME";
131 97
132 /* extras */
133 else if (tag == V_ASN1_NUMERICSTRING)
134 p="NUMERICSTRING";
135 else if (tag == V_ASN1_VIDEOTEXSTRING)
136 p="VIDEOTEXSTRING";
137 else if (tag == V_ASN1_GENERALIZEDTIME)
138 p="GENERALIZEDTIME";
139 else if (tag == V_ASN1_GRAPHICSTRING)
140 p="GRAPHICSTRING";
141 else if (tag == V_ASN1_ISO64STRING)
142 p="ISO64STRING";
143 else if (tag == V_ASN1_GENERALSTRING)
144 p="GENERALSTRING";
145 else if (tag == V_ASN1_UNIVERSALSTRING)
146 p="UNIVERSALSTRING";
147 else if (tag == V_ASN1_BMPSTRING)
148 p="BMPSTRING";
149 else
150 p2="(unknown)";
151
152 if (p2 != NULL) 98 if (p2 != NULL)
153 { 99 {
154 if (BIO_printf(bp,fmt2,tag,p2) <= 0) goto err; 100 if (BIO_printf(bp,fmt2,tag,p2) <= 0) goto err;
@@ -162,22 +108,18 @@ err:
162 return(0); 108 return(0);
163 } 109 }
164 110
165int ASN1_parse(bp, pp, len, indent) 111int ASN1_parse(BIO *bp, unsigned char *pp, long len, int indent)
166BIO *bp; 112 {
167unsigned char *pp; 113 return(asn1_parse2(bp,&pp,len,0,0,indent,0));
168long len; 114 }
169int indent; 115
116int ASN1_parse_dump(BIO *bp, unsigned char *pp, long len, int indent, int dump)
170 { 117 {
171 return(asn1_parse2(bp,&pp,len,0,0,indent)); 118 return(asn1_parse2(bp,&pp,len,0,0,indent,dump));
172 } 119 }
173 120
174static int asn1_parse2(bp, pp, length, offset, depth, indent) 121static int asn1_parse2(BIO *bp, unsigned char **pp, long length, int offset,
175BIO *bp; 122 int depth, int indent, int dump)
176unsigned char **pp;
177long length;
178int offset;
179int depth;
180int indent;
181 { 123 {
182 unsigned char *p,*ep,*tot,*op,*opp; 124 unsigned char *p,*ep,*tot,*op,*opp;
183 long len; 125 long len;
@@ -186,7 +128,13 @@ int indent;
186 ASN1_OBJECT *o=NULL; 128 ASN1_OBJECT *o=NULL;
187 ASN1_OCTET_STRING *os=NULL; 129 ASN1_OCTET_STRING *os=NULL;
188 /* ASN1_BMPSTRING *bmp=NULL;*/ 130 /* ASN1_BMPSTRING *bmp=NULL;*/
131 int dump_indent;
189 132
133#if 0
134 dump_indent = indent;
135#else
136 dump_indent = 6; /* Because we know BIO_dump_indent() */
137#endif
190 p= *pp; 138 p= *pp;
191 tot=p+length; 139 tot=p+length;
192 op=p-1; 140 op=p-1;
@@ -241,7 +189,7 @@ int indent;
241 { 189 {
242 r=asn1_parse2(bp,&p,(long)(tot-p), 190 r=asn1_parse2(bp,&p,(long)(tot-p),
243 offset+(p - *pp),depth+1, 191 offset+(p - *pp),depth+1,
244 indent); 192 indent,dump);
245 if (r == 0) { ret=0; goto end; } 193 if (r == 0) { ret=0; goto end; }
246 if ((r == 2) || (p >= tot)) break; 194 if ((r == 2) || (p >= tot)) break;
247 } 195 }
@@ -251,7 +199,7 @@ int indent;
251 { 199 {
252 r=asn1_parse2(bp,&p,(long)len, 200 r=asn1_parse2(bp,&p,(long)len,
253 offset+(p - *pp),depth+1, 201 offset+(p - *pp),depth+1,
254 indent); 202 indent,dump);
255 if (r == 0) { ret=0; goto end; } 203 if (r == 0) { ret=0; goto end; }
256 } 204 }
257 } 205 }
@@ -266,7 +214,9 @@ int indent;
266 if ( (tag == V_ASN1_PRINTABLESTRING) || 214 if ( (tag == V_ASN1_PRINTABLESTRING) ||
267 (tag == V_ASN1_T61STRING) || 215 (tag == V_ASN1_T61STRING) ||
268 (tag == V_ASN1_IA5STRING) || 216 (tag == V_ASN1_IA5STRING) ||
269 (tag == V_ASN1_UTCTIME)) 217 (tag == V_ASN1_VISIBLESTRING) ||
218 (tag == V_ASN1_UTCTIME) ||
219 (tag == V_ASN1_GENERALIZEDTIME))
270 { 220 {
271 if (BIO_write(bp,":",1) <= 0) goto end; 221 if (BIO_write(bp,":",1) <= 0) goto end;
272 if ((len > 0) && 222 if ((len > 0) &&
@@ -334,7 +284,21 @@ int indent;
334 os->length) <= 0) 284 os->length) <= 0)
335 goto end; 285 goto end;
336 } 286 }
337 ASN1_OCTET_STRING_free(os); 287 if (!printable && (os->length > 0)
288 && dump)
289 {
290 if (!nl)
291 {
292 if (BIO_write(bp,"\n",1) <= 0)
293 goto end;
294 }
295 if (BIO_dump_indent(bp,(char *)opp,
296 ((dump == -1 || dump > os->length)?os->length:dump),
297 dump_indent) <= 0)
298 goto end;
299 nl=1;
300 }
301 M_ASN1_OCTET_STRING_free(os);
338 os=NULL; 302 os=NULL;
339 } 303 }
340 } 304 }
@@ -368,7 +332,52 @@ int indent;
368 if (BIO_write(bp,"BAD INTEGER",11) <= 0) 332 if (BIO_write(bp,"BAD INTEGER",11) <= 0)
369 goto end; 333 goto end;
370 } 334 }
371 ASN1_INTEGER_free(bs); 335 M_ASN1_INTEGER_free(bs);
336 }
337 else if (tag == V_ASN1_ENUMERATED)
338 {
339 ASN1_ENUMERATED *bs;
340 int i;
341
342 opp=op;
343 bs=d2i_ASN1_ENUMERATED(NULL,&opp,len+hl);
344 if (bs != NULL)
345 {
346 if (BIO_write(bp,":",1) <= 0) goto end;
347 if (bs->type == V_ASN1_NEG_ENUMERATED)
348 if (BIO_write(bp,"-",1) <= 0)
349 goto end;
350 for (i=0; i<bs->length; i++)
351 {
352 if (BIO_printf(bp,"%02X",
353 bs->data[i]) <= 0)
354 goto end;
355 }
356 if (bs->length == 0)
357 {
358 if (BIO_write(bp,"00",2) <= 0)
359 goto end;
360 }
361 }
362 else
363 {
364 if (BIO_write(bp,"BAD ENUMERATED",11) <= 0)
365 goto end;
366 }
367 M_ASN1_ENUMERATED_free(bs);
368 }
369 else if (len > 0 && dump)
370 {
371 if (!nl)
372 {
373 if (BIO_write(bp,"\n",1) <= 0)
374 goto end;
375 }
376 if (BIO_dump_indent(bp,(char *)p,
377 ((dump == -1 || dump > len)?len:dump),
378 dump_indent) <= 0)
379 goto end;
380 nl=1;
372 } 381 }
373 382
374 if (!nl) 383 if (!nl)
@@ -387,7 +396,28 @@ int indent;
387 ret=1; 396 ret=1;
388end: 397end:
389 if (o != NULL) ASN1_OBJECT_free(o); 398 if (o != NULL) ASN1_OBJECT_free(o);
390 if (os != NULL) ASN1_OCTET_STRING_free(os); 399 if (os != NULL) M_ASN1_OCTET_STRING_free(os);
391 *pp=p; 400 *pp=p;
392 return(ret); 401 return(ret);
393 } 402 }
403
404const char *ASN1_tag2str(int tag)
405{
406 const static char *tag2str[] = {
407 "EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING", /* 0-4 */
408 "NULL", "OBJECT", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL", /* 5-9 */
409 "ENUMERATED", "<ASN1 11>", "UTF8STRING", "<ASN1 13>", /* 10-13 */
410 "<ASN1 14>", "<ASN1 15>", "SEQUENCE", "SET", /* 15-17 */
411 "NUMERICSTRING", "PRINTABLESTRING", "T61STRING", /* 18-20 */
412 "VIDEOTEXSTRING", "IA5STRING", "UTCTIME","GENERALIZEDTIME", /* 21-24 */
413 "GRAPHICSTRING", "VISIBLESTRING", "GENERALSTRING", /* 25-27 */
414 "UNIVERSALSTRING", "<ASN1 29>", "BMPSTRING" /* 28-30 */
415 };
416
417 if((tag == V_ASN1_NEG_INTEGER) || (tag == V_ASN1_NEG_ENUMERATED))
418 tag &= ~0x100;
419
420 if(tag < 0 || tag > 30) return "(unknown)";
421 return tag2str[tag];
422}
423
diff --git a/src/lib/libcrypto/asn1/asn_pack.c b/src/lib/libcrypto/asn1/asn_pack.c
index 662a2626a1..e6051db2dc 100644
--- a/src/lib/libcrypto/asn1/asn_pack.c
+++ b/src/lib/libcrypto/asn1/asn_pack.c
@@ -60,12 +60,14 @@
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/asn1.h> 61#include <openssl/asn1.h>
62 62
63#ifndef NO_ASN1_OLD
64
63/* ASN1 packing and unpacking functions */ 65/* ASN1 packing and unpacking functions */
64 66
65/* Turn an ASN1 encoded SEQUENCE OF into a STACK of structures */ 67/* Turn an ASN1 encoded SEQUENCE OF into a STACK of structures */
66 68
67STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(), 69STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(),
68 void (*free_func)()) 70 void (*free_func)(void *))
69{ 71{
70 STACK *sk; 72 STACK *sk;
71 unsigned char *pbuf; 73 unsigned char *pbuf;
@@ -77,7 +79,7 @@ STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(),
77} 79}
78 80
79/* Turn a STACK structures into an ASN1 encoded SEQUENCE OF structure in a 81/* Turn a STACK structures into an ASN1 encoded SEQUENCE OF structure in a
80 * Malloc'ed buffer 82 * OPENSSL_malloc'ed buffer
81 */ 83 */
82 84
83unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf, 85unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf,
@@ -90,7 +92,7 @@ unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf,
90 ASN1err(ASN1_F_ASN1_SEQ_PACK,ASN1_R_ENCODE_ERROR); 92 ASN1err(ASN1_F_ASN1_SEQ_PACK,ASN1_R_ENCODE_ERROR);
91 return NULL; 93 return NULL;
92 } 94 }
93 if (!(safe = Malloc (safelen))) { 95 if (!(safe = OPENSSL_malloc (safelen))) {
94 ASN1err(ASN1_F_ASN1_SEQ_PACK,ERR_R_MALLOC_FAILURE); 96 ASN1err(ASN1_F_ASN1_SEQ_PACK,ERR_R_MALLOC_FAILURE);
95 return NULL; 97 return NULL;
96 } 98 }
@@ -117,7 +119,7 @@ void *ASN1_unpack_string (ASN1_STRING *oct, char *(*d2i)())
117 119
118/* Pack an ASN1 object into an ASN1_STRING */ 120/* Pack an ASN1 object into an ASN1_STRING */
119 121
120ASN1_STRING *ASN1_pack_string (void *obj, int (*i2d)(), ASN1_STRING **oct) 122ASN1_STRING *ASN1_pack_string(void *obj, int (*i2d)(), ASN1_STRING **oct)
121{ 123{
122 unsigned char *p; 124 unsigned char *p;
123 ASN1_STRING *octmp; 125 ASN1_STRING *octmp;
@@ -134,7 +136,7 @@ ASN1_STRING *ASN1_pack_string (void *obj, int (*i2d)(), ASN1_STRING **oct)
134 ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR); 136 ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR);
135 return NULL; 137 return NULL;
136 } 138 }
137 if (!(p = Malloc (octmp->length))) { 139 if (!(p = OPENSSL_malloc (octmp->length))) {
138 ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE); 140 ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE);
139 return NULL; 141 return NULL;
140 } 142 }
@@ -143,3 +145,47 @@ ASN1_STRING *ASN1_pack_string (void *obj, int (*i2d)(), ASN1_STRING **oct)
143 return octmp; 145 return octmp;
144} 146}
145 147
148#endif
149
150/* ASN1_ITEM versions of the above */
151
152ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct)
153{
154 ASN1_STRING *octmp;
155
156 if (!oct || !*oct) {
157 if (!(octmp = ASN1_STRING_new ())) {
158 ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE);
159 return NULL;
160 }
161 if (oct) *oct = octmp;
162 } else octmp = *oct;
163
164 if(octmp->data) {
165 OPENSSL_free(octmp->data);
166 octmp->data = NULL;
167 }
168
169 if (!(octmp->length = ASN1_item_i2d(obj, &octmp->data, it))) {
170 ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR);
171 return NULL;
172 }
173 if (!octmp->data) {
174 ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE);
175 return NULL;
176 }
177 return octmp;
178}
179
180/* Extract an ASN1 object from an ASN1_STRING */
181
182void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it)
183{
184 unsigned char *p;
185 void *ret;
186
187 p = oct->data;
188 if(!(ret = ASN1_item_d2i(NULL, &p, oct->length, it)))
189 ASN1err(ASN1_F_ASN1_UNPACK_STRING,ASN1_R_DECODE_ERROR);
190 return ret;
191}
diff --git a/src/lib/libcrypto/asn1/d2i_pr.c b/src/lib/libcrypto/asn1/d2i_pr.c
index b9eaa9629b..2e7d96af90 100644
--- a/src/lib/libcrypto/asn1/d2i_pr.c
+++ b/src/lib/libcrypto/asn1/d2i_pr.c
@@ -58,16 +58,19 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "bn.h" 61#include <openssl/bn.h>
62#include "evp.h" 62#include <openssl/evp.h>
63#include "objects.h" 63#include <openssl/objects.h>
64#include "x509.h" 64#include <openssl/asn1.h>
65#ifndef OPENSSL_NO_RSA
66#include <openssl/rsa.h>
67#endif
68#ifndef OPENSSL_NO_DSA
69#include <openssl/dsa.h>
70#endif
65 71
66EVP_PKEY *d2i_PrivateKey(type,a,pp,length) 72EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp,
67int type; 73 long length)
68EVP_PKEY **a;
69unsigned char **pp;
70long length;
71 { 74 {
72 EVP_PKEY *ret; 75 EVP_PKEY *ret;
73 76
@@ -85,18 +88,20 @@ long length;
85 ret->type=EVP_PKEY_type(type); 88 ret->type=EVP_PKEY_type(type);
86 switch (ret->type) 89 switch (ret->type)
87 { 90 {
88#ifndef NO_RSA 91#ifndef OPENSSL_NO_RSA
89 case EVP_PKEY_RSA: 92 case EVP_PKEY_RSA:
90 if ((ret->pkey.rsa=d2i_RSAPrivateKey(NULL,pp,length)) == NULL) 93 if ((ret->pkey.rsa=d2i_RSAPrivateKey(NULL,
94 (const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */
91 { 95 {
92 ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB); 96 ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
93 goto err; 97 goto err;
94 } 98 }
95 break; 99 break;
96#endif 100#endif
97#ifndef NO_DSA 101#ifndef OPENSSL_NO_DSA
98 case EVP_PKEY_DSA: 102 case EVP_PKEY_DSA:
99 if ((ret->pkey.dsa=d2i_DSAPrivateKey(NULL,pp,length)) == NULL) 103 if ((ret->pkey.dsa=d2i_DSAPrivateKey(NULL,
104 (const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */
100 { 105 {
101 ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB); 106 ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
102 goto err; 107 goto err;
@@ -106,7 +111,7 @@ long length;
106 default: 111 default:
107 ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); 112 ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
108 goto err; 113 goto err;
109 break; 114 /* break; */
110 } 115 }
111 if (a != NULL) (*a)=ret; 116 if (a != NULL) (*a)=ret;
112 return(ret); 117 return(ret);
@@ -115,3 +120,26 @@ err:
115 return(NULL); 120 return(NULL);
116 } 121 }
117 122
123/* This works like d2i_PrivateKey() except it automatically works out the type */
124
125EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp,
126 long length)
127{
128 STACK_OF(ASN1_TYPE) *inkey;
129 unsigned char *p;
130 int keytype;
131 p = *pp;
132 /* Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE):
133 * by analyzing it we can determine the passed structure: this
134 * assumes the input is surrounded by an ASN1 SEQUENCE.
135 */
136 inkey = d2i_ASN1_SET_OF_ASN1_TYPE(NULL, &p, length, d2i_ASN1_TYPE,
137 ASN1_TYPE_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
138 /* Since we only need to discern "traditional format" RSA and DSA
139 * keys we can just count the elements.
140 */
141 if(sk_ASN1_TYPE_num(inkey) == 6) keytype = EVP_PKEY_DSA;
142 else keytype = EVP_PKEY_RSA;
143 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
144 return d2i_PrivateKey(keytype, a, pp, length);
145}
diff --git a/src/lib/libcrypto/asn1/d2i_pu.c b/src/lib/libcrypto/asn1/d2i_pu.c
index 5d6192f1e5..71f2eb361b 100644
--- a/src/lib/libcrypto/asn1/d2i_pu.c
+++ b/src/lib/libcrypto/asn1/d2i_pu.c
@@ -58,16 +58,19 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "bn.h" 61#include <openssl/bn.h>
62#include "evp.h" 62#include <openssl/evp.h>
63#include "objects.h" 63#include <openssl/objects.h>
64#include "x509.h" 64#include <openssl/asn1.h>
65#ifndef OPENSSL_NO_RSA
66#include <openssl/rsa.h>
67#endif
68#ifndef OPENSSL_NO_DSA
69#include <openssl/dsa.h>
70#endif
65 71
66EVP_PKEY *d2i_PublicKey(type,a,pp,length) 72EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp,
67int type; 73 long length)
68EVP_PKEY **a;
69unsigned char **pp;
70long length;
71 { 74 {
72 EVP_PKEY *ret; 75 EVP_PKEY *ret;
73 76
@@ -85,18 +88,20 @@ long length;
85 ret->type=EVP_PKEY_type(type); 88 ret->type=EVP_PKEY_type(type);
86 switch (ret->type) 89 switch (ret->type)
87 { 90 {
88#ifndef NO_RSA 91#ifndef OPENSSL_NO_RSA
89 case EVP_PKEY_RSA: 92 case EVP_PKEY_RSA:
90 if ((ret->pkey.rsa=d2i_RSAPublicKey(NULL,pp,length)) == NULL) 93 if ((ret->pkey.rsa=d2i_RSAPublicKey(NULL,
94 (const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */
91 { 95 {
92 ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB); 96 ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB);
93 goto err; 97 goto err;
94 } 98 }
95 break; 99 break;
96#endif 100#endif
97#ifndef NO_DSA 101#ifndef OPENSSL_NO_DSA
98 case EVP_PKEY_DSA: 102 case EVP_PKEY_DSA:
99 if ((ret->pkey.dsa=d2i_DSAPublicKey(NULL,pp,length)) == NULL) 103 if ((ret->pkey.dsa=d2i_DSAPublicKey(NULL,
104 (const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */
100 { 105 {
101 ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB); 106 ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB);
102 goto err; 107 goto err;
@@ -106,7 +111,7 @@ long length;
106 default: 111 default:
107 ASN1err(ASN1_F_D2I_PUBLICKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); 112 ASN1err(ASN1_F_D2I_PUBLICKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
108 goto err; 113 goto err;
109 break; 114 /* break; */
110 } 115 }
111 if (a != NULL) (*a)=ret; 116 if (a != NULL) (*a)=ret;
112 return(ret); 117 return(ret);
diff --git a/src/lib/libcrypto/asn1/evp_asn1.c b/src/lib/libcrypto/asn1/evp_asn1.c
index ebe34a3362..3506005a71 100644
--- a/src/lib/libcrypto/asn1/evp_asn1.c
+++ b/src/lib/libcrypto/asn1/evp_asn1.c
@@ -58,26 +58,22 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "asn1.h" 61#include <openssl/asn1.h>
62#include "asn1_mac.h" 62#include <openssl/asn1_mac.h>
63 63
64int ASN1_TYPE_set_octetstring(a,data,len) 64int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len)
65ASN1_TYPE *a;
66unsigned char *data;
67int len;
68 { 65 {
69 ASN1_STRING *os; 66 ASN1_STRING *os;
70 67
71 if ((os=ASN1_OCTET_STRING_new()) == NULL) return(0); 68 if ((os=M_ASN1_OCTET_STRING_new()) == NULL) return(0);
72 if (!ASN1_OCTET_STRING_set(os,data,len)) return(0); 69 if (!M_ASN1_OCTET_STRING_set(os,data,len)) return(0);
73 ASN1_TYPE_set(a,V_ASN1_OCTET_STRING,(char *)os); 70 ASN1_TYPE_set(a,V_ASN1_OCTET_STRING,os);
74 return(1); 71 return(1);
75 } 72 }
76 73
77int ASN1_TYPE_get_octetstring(a,data,max_len) 74/* int max_len: for returned value */
78ASN1_TYPE *a; 75int ASN1_TYPE_get_octetstring(ASN1_TYPE *a, unsigned char *data,
79unsigned char *data; 76 int max_len)
80int max_len; /* for returned value */
81 { 77 {
82 int ret,num; 78 int ret,num;
83 unsigned char *p; 79 unsigned char *p;
@@ -87,8 +83,8 @@ int max_len; /* for returned value */
87 ASN1err(ASN1_F_ASN1_TYPE_GET_OCTETSTRING,ASN1_R_DATA_IS_WRONG); 83 ASN1err(ASN1_F_ASN1_TYPE_GET_OCTETSTRING,ASN1_R_DATA_IS_WRONG);
88 return(-1); 84 return(-1);
89 } 85 }
90 p=ASN1_STRING_data(a->value.octet_string); 86 p=M_ASN1_STRING_data(a->value.octet_string);
91 ret=ASN1_STRING_length(a->value.octet_string); 87 ret=M_ASN1_STRING_length(a->value.octet_string);
92 if (ret < max_len) 88 if (ret < max_len)
93 num=ret; 89 num=ret;
94 else 90 else
@@ -97,11 +93,8 @@ int max_len; /* for returned value */
97 return(ret); 93 return(ret);
98 } 94 }
99 95
100int ASN1_TYPE_set_int_octetstring(a,num,data,len) 96int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data,
101ASN1_TYPE *a; 97 int len)
102long num;
103unsigned char *data;
104int len;
105 { 98 {
106 int n,size; 99 int n,size;
107 ASN1_OCTET_STRING os,*osp; 100 ASN1_OCTET_STRING os,*osp;
@@ -124,23 +117,22 @@ int len;
124 /* Grow the 'string' */ 117 /* Grow the 'string' */
125 ASN1_STRING_set(osp,NULL,size); 118 ASN1_STRING_set(osp,NULL,size);
126 119
127 ASN1_STRING_length(osp)=size; 120 M_ASN1_STRING_length_set(osp, size);
128 p=ASN1_STRING_data(osp); 121 p=M_ASN1_STRING_data(osp);
129 122
130 ASN1_put_object(&p,1,n,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); 123 ASN1_put_object(&p,1,n,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
131 i2d_ASN1_INTEGER(&in,&p); 124 i2d_ASN1_INTEGER(&in,&p);
132 M_i2d_ASN1_OCTET_STRING(&os,&p); 125 M_i2d_ASN1_OCTET_STRING(&os,&p);
133 126
134 ASN1_TYPE_set(a,V_ASN1_SEQUENCE,(char *)osp); 127 ASN1_TYPE_set(a,V_ASN1_SEQUENCE,osp);
135 return(1); 128 return(1);
136 } 129 }
137 130
138/* we return the actual length... */ 131/* we return the actual length..., num may be missing, in which
139int ASN1_TYPE_get_int_octetstring(a,num,data,max_len) 132 * case, set it to zero */
140ASN1_TYPE *a; 133/* int max_len: for returned value */
141long *num; 134int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num, unsigned char *data,
142unsigned char *data; 135 int max_len)
143int max_len; /* for returned value */
144 { 136 {
145 int ret= -1,n; 137 int ret= -1,n;
146 ASN1_INTEGER *ai=NULL; 138 ASN1_INTEGER *ai=NULL;
@@ -153,8 +145,8 @@ int max_len; /* for returned value */
153 { 145 {
154 goto err; 146 goto err;
155 } 147 }
156 p=ASN1_STRING_data(a->value.sequence); 148 p=M_ASN1_STRING_data(a->value.sequence);
157 length=ASN1_STRING_length(a->value.sequence); 149 length=M_ASN1_STRING_length(a->value.sequence);
158 150
159 c.pp= &p; 151 c.pp= &p;
160 c.p=p; 152 c.p=p;
@@ -173,21 +165,21 @@ int max_len; /* for returned value */
173 if (num != NULL) 165 if (num != NULL)
174 *num=ASN1_INTEGER_get(ai); 166 *num=ASN1_INTEGER_get(ai);
175 167
176 ret=ASN1_STRING_length(os); 168 ret=M_ASN1_STRING_length(os);
177 if (max_len > ret) 169 if (max_len > ret)
178 n=ret; 170 n=ret;
179 else 171 else
180 n=max_len; 172 n=max_len;
181 173
182 if (data != NULL) 174 if (data != NULL)
183 memcpy(data,ASN1_STRING_data(os),n); 175 memcpy(data,M_ASN1_STRING_data(os),n);
184 if (0) 176 if (0)
185 { 177 {
186err: 178err:
187 ASN1err(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,ASN1_R_DATA_IS_WRONG); 179 ASN1err(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,ASN1_R_DATA_IS_WRONG);
188 } 180 }
189 if (os != NULL) ASN1_OCTET_STRING_free(os); 181 if (os != NULL) M_ASN1_OCTET_STRING_free(os);
190 if (ai != NULL) ASN1_INTEGER_free(ai); 182 if (ai != NULL) M_ASN1_INTEGER_free(ai);
191 return(ret); 183 return(ret);
192 } 184 }
193 185
diff --git a/src/lib/libcrypto/asn1/f_enum.c b/src/lib/libcrypto/asn1/f_enum.c
index 3bcceecdb8..56e3cc8df2 100644
--- a/src/lib/libcrypto/asn1/f_enum.c
+++ b/src/lib/libcrypto/asn1/f_enum.c
@@ -153,15 +153,15 @@ int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size)
153 if (num+i > slen) 153 if (num+i > slen)
154 { 154 {
155 if (s == NULL) 155 if (s == NULL)
156 sp=(unsigned char *)Malloc( 156 sp=(unsigned char *)OPENSSL_malloc(
157 (unsigned int)num+i*2); 157 (unsigned int)num+i*2);
158 else 158 else
159 sp=(unsigned char *)Realloc(s, 159 sp=(unsigned char *)OPENSSL_realloc(s,
160 (unsigned int)num+i*2); 160 (unsigned int)num+i*2);
161 if (sp == NULL) 161 if (sp == NULL)
162 { 162 {
163 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE); 163 ASN1err(ASN1_F_A2I_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE);
164 if (s != NULL) Free((char *)s); 164 if (s != NULL) OPENSSL_free(s);
165 goto err; 165 goto err;
166 } 166 }
167 s=sp; 167 s=sp;
diff --git a/src/lib/libcrypto/asn1/f_int.c b/src/lib/libcrypto/asn1/f_int.c
index 4817c45cb7..48cc3bfb90 100644
--- a/src/lib/libcrypto/asn1/f_int.c
+++ b/src/lib/libcrypto/asn1/f_int.c
@@ -58,23 +58,27 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "buffer.h" 61#include <openssl/buffer.h>
62#include "x509.h" 62#include <openssl/asn1.h>
63 63
64int i2a_ASN1_INTEGER(bp, a) 64int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a)
65BIO *bp;
66ASN1_INTEGER *a;
67 { 65 {
68 int i,n=0; 66 int i,n=0;
69 static char *h="0123456789ABCDEF"; 67 static const char *h="0123456789ABCDEF";
70 char buf[2]; 68 char buf[2];
71 69
72 if (a == NULL) return(0); 70 if (a == NULL) return(0);
73 71
72 if (a->type & V_ASN1_NEG)
73 {
74 if (BIO_write(bp, "-", 1) != 1) goto err;
75 n = 1;
76 }
77
74 if (a->length == 0) 78 if (a->length == 0)
75 { 79 {
76 if (BIO_write(bp,"00",2) != 2) goto err; 80 if (BIO_write(bp,"00",2) != 2) goto err;
77 n=2; 81 n += 2;
78 } 82 }
79 else 83 else
80 { 84 {
@@ -96,11 +100,7 @@ err:
96 return(-1); 100 return(-1);
97 } 101 }
98 102
99int a2i_ASN1_INTEGER(bp,bs,buf,size) 103int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size)
100BIO *bp;
101ASN1_INTEGER *bs;
102char *buf;
103int size;
104 { 104 {
105 int ret=0; 105 int ret=0;
106 int i,j,k,m,n,again,bufsize; 106 int i,j,k,m,n,again,bufsize;
@@ -123,9 +123,18 @@ int size;
123 123
124 for (j=0; j<i; j++) 124 for (j=0; j<i; j++)
125 { 125 {
126#ifndef CHARSET_EBCDIC
126 if (!( ((buf[j] >= '0') && (buf[j] <= '9')) || 127 if (!( ((buf[j] >= '0') && (buf[j] <= '9')) ||
127 ((buf[j] >= 'a') && (buf[j] <= 'f')) || 128 ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
128 ((buf[j] >= 'A') && (buf[j] <= 'F')))) 129 ((buf[j] >= 'A') && (buf[j] <= 'F'))))
130#else
131 /* This #ifdef is not strictly necessary, since
132 * the characters A...F a...f 0...9 are contiguous
133 * (yes, even in EBCDIC - but not the whole alphabet).
134 * Nevertheless, isxdigit() is faster.
135 */
136 if (!isxdigit(buf[j]))
137#endif
129 { 138 {
130 i=j; 139 i=j;
131 break; 140 break;
@@ -157,15 +166,15 @@ int size;
157 if (num+i > slen) 166 if (num+i > slen)
158 { 167 {
159 if (s == NULL) 168 if (s == NULL)
160 sp=(unsigned char *)Malloc( 169 sp=(unsigned char *)OPENSSL_malloc(
161 (unsigned int)num+i*2); 170 (unsigned int)num+i*2);
162 else 171 else
163 sp=(unsigned char *)Realloc(s, 172 sp=(unsigned char *)OPENSSL_realloc(s,
164 (unsigned int)num+i*2); 173 (unsigned int)num+i*2);
165 if (sp == NULL) 174 if (sp == NULL)
166 { 175 {
167 ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE); 176 ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
168 if (s != NULL) Free((char *)s); 177 if (s != NULL) OPENSSL_free(s);
169 goto err; 178 goto err;
170 } 179 }
171 s=sp; 180 s=sp;
diff --git a/src/lib/libcrypto/asn1/f_string.c b/src/lib/libcrypto/asn1/f_string.c
index ab2837824e..968698a798 100644
--- a/src/lib/libcrypto/asn1/f_string.c
+++ b/src/lib/libcrypto/asn1/f_string.c
@@ -58,16 +58,13 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "buffer.h" 61#include <openssl/buffer.h>
62#include "x509.h" 62#include <openssl/asn1.h>
63 63
64int i2a_ASN1_STRING(bp, a, type) 64int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type)
65BIO *bp;
66ASN1_STRING *a;
67int type;
68 { 65 {
69 int i,n=0; 66 int i,n=0;
70 static char *h="0123456789ABCDEF"; 67 static const char *h="0123456789ABCDEF";
71 char buf[2]; 68 char buf[2];
72 69
73 if (a == NULL) return(0); 70 if (a == NULL) return(0);
@@ -97,11 +94,7 @@ err:
97 return(-1); 94 return(-1);
98 } 95 }
99 96
100int a2i_ASN1_STRING(bp,bs,buf,size) 97int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size)
101BIO *bp;
102ASN1_STRING *bs;
103char *buf;
104int size;
105 { 98 {
106 int ret=0; 99 int ret=0;
107 int i,j,k,m,n,again,bufsize; 100 int i,j,k,m,n,again,bufsize;
@@ -130,9 +123,18 @@ int size;
130 123
131 for (j=i-1; j>0; j--) 124 for (j=i-1; j>0; j--)
132 { 125 {
126#ifndef CHARSET_EBCDIC
133 if (!( ((buf[j] >= '0') && (buf[j] <= '9')) || 127 if (!( ((buf[j] >= '0') && (buf[j] <= '9')) ||
134 ((buf[j] >= 'a') && (buf[j] <= 'f')) || 128 ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
135 ((buf[j] >= 'A') && (buf[j] <= 'F')))) 129 ((buf[j] >= 'A') && (buf[j] <= 'F'))))
130#else
131 /* This #ifdef is not strictly necessary, since
132 * the characters A...F a...f 0...9 are contiguous
133 * (yes, even in EBCDIC - but not the whole alphabet).
134 * Nevertheless, isxdigit() is faster.
135 */
136 if (!isxdigit(buf[j]))
137#endif
136 { 138 {
137 i=j; 139 i=j;
138 break; 140 break;
@@ -156,15 +158,15 @@ int size;
156 if (num+i > slen) 158 if (num+i > slen)
157 { 159 {
158 if (s == NULL) 160 if (s == NULL)
159 sp=(unsigned char *)Malloc( 161 sp=(unsigned char *)OPENSSL_malloc(
160 (unsigned int)num+i*2); 162 (unsigned int)num+i*2);
161 else 163 else
162 sp=(unsigned char *)Realloc(s, 164 sp=(unsigned char *)OPENSSL_realloc(s,
163 (unsigned int)num+i*2); 165 (unsigned int)num+i*2);
164 if (sp == NULL) 166 if (sp == NULL)
165 { 167 {
166 ASN1err(ASN1_F_A2I_ASN1_STRING,ERR_R_MALLOC_FAILURE); 168 ASN1err(ASN1_F_A2I_ASN1_STRING,ERR_R_MALLOC_FAILURE);
167 if (s != NULL) Free((char *)s); 169 if (s != NULL) OPENSSL_free(s);
168 goto err; 170 goto err;
169 } 171 }
170 s=sp; 172 s=sp;
diff --git a/src/lib/libcrypto/asn1/i2d_pr.c b/src/lib/libcrypto/asn1/i2d_pr.c
index b6b821d73c..1e951ae01d 100644
--- a/src/lib/libcrypto/asn1/i2d_pr.c
+++ b/src/lib/libcrypto/asn1/i2d_pr.c
@@ -58,22 +58,26 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "bn.h" 61#include <openssl/bn.h>
62#include "evp.h" 62#include <openssl/evp.h>
63#include "objects.h" 63#include <openssl/objects.h>
64#ifndef OPENSSL_NO_RSA
65#include <openssl/rsa.h>
66#endif
67#ifndef OPENSSL_NO_DSA
68#include <openssl/dsa.h>
69#endif
64 70
65int i2d_PrivateKey(a,pp) 71int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
66EVP_PKEY *a;
67unsigned char **pp;
68 { 72 {
69#ifndef NO_RSA 73#ifndef OPENSSL_NO_RSA
70 if (a->type == EVP_PKEY_RSA) 74 if (a->type == EVP_PKEY_RSA)
71 { 75 {
72 return(i2d_RSAPrivateKey(a->pkey.rsa,pp)); 76 return(i2d_RSAPrivateKey(a->pkey.rsa,pp));
73 } 77 }
74 else 78 else
75#endif 79#endif
76#ifndef NO_DSA 80#ifndef OPENSSL_NO_DSA
77 if (a->type == EVP_PKEY_DSA) 81 if (a->type == EVP_PKEY_DSA)
78 { 82 {
79 return(i2d_DSAPrivateKey(a->pkey.dsa,pp)); 83 return(i2d_DSAPrivateKey(a->pkey.dsa,pp));
diff --git a/src/lib/libcrypto/asn1/i2d_pu.c b/src/lib/libcrypto/asn1/i2d_pu.c
index 1b854252b7..013d19bbf4 100644
--- a/src/lib/libcrypto/asn1/i2d_pu.c
+++ b/src/lib/libcrypto/asn1/i2d_pu.c
@@ -58,21 +58,25 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "bn.h" 61#include <openssl/bn.h>
62#include "evp.h" 62#include <openssl/evp.h>
63#include "objects.h" 63#include <openssl/objects.h>
64#ifndef OPENSSL_NO_RSA
65#include <openssl/rsa.h>
66#endif
67#ifndef OPENSSL_NO_DSA
68#include <openssl/dsa.h>
69#endif
64 70
65int i2d_PublicKey(a,pp) 71int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp)
66EVP_PKEY *a;
67unsigned char **pp;
68 { 72 {
69 switch (a->type) 73 switch (a->type)
70 { 74 {
71#ifndef NO_RSA 75#ifndef OPENSSL_NO_RSA
72 case EVP_PKEY_RSA: 76 case EVP_PKEY_RSA:
73 return(i2d_RSAPublicKey(a->pkey.rsa,pp)); 77 return(i2d_RSAPublicKey(a->pkey.rsa,pp));
74#endif 78#endif
75#ifndef NO_DSA 79#ifndef OPENSSL_NO_DSA
76 case EVP_PKEY_DSA: 80 case EVP_PKEY_DSA:
77 return(i2d_DSAPublicKey(a->pkey.dsa,pp)); 81 return(i2d_DSAPublicKey(a->pkey.dsa,pp));
78#endif 82#endif
diff --git a/src/lib/libcrypto/asn1/n_pkey.c b/src/lib/libcrypto/asn1/n_pkey.c
index 5110c91bec..49f80fffd2 100644
--- a/src/lib/libcrypto/asn1/n_pkey.c
+++ b/src/lib/libcrypto/asn1/n_pkey.c
@@ -56,118 +56,134 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59#ifndef OPENSSL_NO_RSA
59#include <stdio.h> 60#include <stdio.h>
60#include "cryptlib.h" 61#include "cryptlib.h"
61#include "rsa.h" 62#include <openssl/rsa.h>
62#include "objects.h" 63#include <openssl/objects.h>
63#include "asn1_mac.h" 64#include <openssl/asn1t.h>
64#include "evp.h" 65#include <openssl/asn1_mac.h>
65#include "x509.h" 66#include <openssl/evp.h>
67#include <openssl/x509.h>
66 68
67 69
68#ifndef NO_RC4 70#ifndef OPENSSL_NO_RC4
69 71
70typedef struct netscape_pkey_st 72typedef struct netscape_pkey_st
71 { 73 {
72 ASN1_INTEGER *version; 74 long version;
73 X509_ALGOR *algor; 75 X509_ALGOR *algor;
74 ASN1_OCTET_STRING *private_key; 76 ASN1_OCTET_STRING *private_key;
75 } NETSCAPE_PKEY; 77 } NETSCAPE_PKEY;
76 78
77/* 79typedef struct netscape_encrypted_pkey_st
78 * ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_LENGTH_MISMATCH); 80 {
79 * ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_DECODING_ERROR); 81 ASN1_OCTET_STRING *os;
80 * ASN1err(ASN1_F_D2I_NETSCAPE_PKEY,ASN1_R_DECODING_ERROR); 82 /* This is the same structure as DigestInfo so use it:
81 * ASN1err(ASN1_F_NETSCAPE_PKEY_NEW,ASN1_R_DECODING_ERROR); 83 * although this isn't really anything to do with
82 */ 84 * digests.
83#ifndef NOPROTO 85 */
84static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp); 86 X509_SIG *enckey;
85static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a,unsigned char **pp, long length); 87 } NETSCAPE_ENCRYPTED_PKEY;
86static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void); 88
87static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *); 89
88#else 90ASN1_BROKEN_SEQUENCE(NETSCAPE_ENCRYPTED_PKEY) = {
89static int i2d_NETSCAPE_PKEY(); 91 ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY, os, ASN1_OCTET_STRING),
90static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(); 92 ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY, enckey, X509_SIG)
91static NETSCAPE_PKEY *NETSCAPE_PKEY_new(); 93} ASN1_BROKEN_SEQUENCE_END(NETSCAPE_ENCRYPTED_PKEY)
92static void NETSCAPE_PKEY_free(); 94
93#endif 95IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY)
96
97ASN1_SEQUENCE(NETSCAPE_PKEY) = {
98 ASN1_SIMPLE(NETSCAPE_PKEY, version, LONG),
99 ASN1_SIMPLE(NETSCAPE_PKEY, algor, X509_ALGOR),
100 ASN1_SIMPLE(NETSCAPE_PKEY, private_key, ASN1_OCTET_STRING)
101} ASN1_SEQUENCE_END(NETSCAPE_PKEY)
102
103IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_PKEY)
104
105static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
106 int (*cb)(), int sgckey);
94 107
95int i2d_Netscape_RSA(a,pp,cb) 108int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)())
96RSA *a; 109{
97unsigned char **pp; 110 return i2d_RSA_NET(a, pp, cb, 0);
98int (*cb)(); 111}
112
113int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
99 { 114 {
100 int i,j,l[6]; 115 int i, j, ret = 0;
101 NETSCAPE_PKEY *pkey; 116 int rsalen, pkeylen, olen;
117 NETSCAPE_PKEY *pkey = NULL;
118 NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
102 unsigned char buf[256],*zz; 119 unsigned char buf[256],*zz;
103 unsigned char key[EVP_MAX_KEY_LENGTH]; 120 unsigned char key[EVP_MAX_KEY_LENGTH];
104 EVP_CIPHER_CTX ctx; 121 EVP_CIPHER_CTX ctx;
105 X509_ALGOR *alg=NULL;
106 ASN1_OCTET_STRING os,os2;
107 M_ASN1_I2D_vars(a);
108 122
109 if (a == NULL) return(0); 123 if (a == NULL) return(0);
110 124
111#ifdef WIN32
112 r=r; /* shut the damn compiler up :-) */
113#endif
114
115 os.data=os2.data=NULL;
116 if ((pkey=NETSCAPE_PKEY_new()) == NULL) goto err; 125 if ((pkey=NETSCAPE_PKEY_new()) == NULL) goto err;
117 if (!ASN1_INTEGER_set(pkey->version,0)) goto err; 126 if ((enckey=NETSCAPE_ENCRYPTED_PKEY_new()) == NULL) goto err;
127 pkey->version = 0;
118 128
119 if (pkey->algor->algorithm != NULL)
120 ASN1_OBJECT_free(pkey->algor->algorithm);
121 pkey->algor->algorithm=OBJ_nid2obj(NID_rsaEncryption); 129 pkey->algor->algorithm=OBJ_nid2obj(NID_rsaEncryption);
122 if ((pkey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err; 130 if ((pkey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err;
123 pkey->algor->parameter->type=V_ASN1_NULL; 131 pkey->algor->parameter->type=V_ASN1_NULL;
124 132
125 l[0]=i2d_RSAPrivateKey(a,NULL); 133 rsalen = i2d_RSAPrivateKey(a, NULL);
126 pkey->private_key->length=l[0]; 134
135 /* Fake some octet strings just for the initial length
136 * calculation.
137 */
127 138
128 os2.length=i2d_NETSCAPE_PKEY(pkey,NULL); 139 pkey->private_key->length=rsalen;
129 l[1]=i2d_ASN1_OCTET_STRING(&os2,NULL);
130 140
131 if ((alg=X509_ALGOR_new()) == NULL) goto err; 141 pkeylen=i2d_NETSCAPE_PKEY(pkey,NULL);
132 if (alg->algorithm != NULL)
133 ASN1_OBJECT_free(alg->algorithm);
134 alg->algorithm=OBJ_nid2obj(NID_rc4);
135 if ((alg->parameter=ASN1_TYPE_new()) == NULL) goto err;
136 alg->parameter->type=V_ASN1_NULL;
137 142
138 l[2]=i2d_X509_ALGOR(alg,NULL); 143 enckey->enckey->digest->length = pkeylen;
139 l[3]=ASN1_object_size(1,l[2]+l[1],V_ASN1_SEQUENCE);
140 144
141 os.data=(unsigned char *)"private-key"; 145 enckey->os->length = 11; /* "private-key" */
142 os.length=11;
143 l[4]=i2d_ASN1_OCTET_STRING(&os,NULL);
144 146
145 l[5]=ASN1_object_size(1,l[4]+l[3],V_ASN1_SEQUENCE); 147 enckey->enckey->algor->algorithm=OBJ_nid2obj(NID_rc4);
148 if ((enckey->enckey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err;
149 enckey->enckey->algor->parameter->type=V_ASN1_NULL;
146 150
147 if (pp == NULL) 151 if (pp == NULL)
148 { 152 {
149 if (pkey != NULL) NETSCAPE_PKEY_free(pkey); 153 olen = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, NULL);
150 if (alg != NULL) X509_ALGOR_free(alg); 154 NETSCAPE_PKEY_free(pkey);
151 return(l[5]); 155 NETSCAPE_ENCRYPTED_PKEY_free(enckey);
156 return olen;
152 } 157 }
153 158
154 if (pkey->private_key->data != NULL) 159
155 Free((char *)pkey->private_key->data); 160 /* Since its RC4 encrypted length is actual length */
156 if ((pkey->private_key->data=(unsigned char *)Malloc(l[0])) == NULL) 161 if ((zz=(unsigned char *)OPENSSL_malloc(rsalen)) == NULL)
157 { 162 {
158 ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); 163 ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
159 goto err; 164 goto err;
160 } 165 }
161 zz=pkey->private_key->data; 166
167 pkey->private_key->data = zz;
168 /* Write out private key encoding */
162 i2d_RSAPrivateKey(a,&zz); 169 i2d_RSAPrivateKey(a,&zz);
163 170
164 if ((os2.data=(unsigned char *)Malloc(os2.length)) == NULL) 171 if ((zz=OPENSSL_malloc(pkeylen)) == NULL)
165 { 172 {
166 ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); 173 ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
167 goto err; 174 goto err;
168 } 175 }
169 zz=os2.data; 176
177 if (!ASN1_STRING_set(enckey->os, "private-key", -1))
178 {
179 ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
180 goto err;
181 }
182 enckey->enckey->digest->data = zz;
170 i2d_NETSCAPE_PKEY(pkey,&zz); 183 i2d_NETSCAPE_PKEY(pkey,&zz);
184
185 /* Wipe the private key encoding */
186 memset(pkey->private_key->data, 0, rsalen);
171 187
172 if (cb == NULL) 188 if (cb == NULL)
173 cb=EVP_read_pw_string; 189 cb=EVP_read_pw_string;
@@ -177,92 +193,88 @@ int (*cb)();
177 ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ASN1_R_BAD_PASSWORD_READ); 193 ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ASN1_R_BAD_PASSWORD_READ);
178 goto err; 194 goto err;
179 } 195 }
180 EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf, 196 i = strlen((char *)buf);
181 strlen((char *)buf),1,key,NULL); 197 /* If the key is used for SGC the algorithm is modified a little. */
198 if(sgckey) {
199 EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL);
200 memcpy(buf + 16, "SGCKEYSALT", 10);
201 i = 26;
202 }
203
204 EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
182 memset(buf,0,256); 205 memset(buf,0,256);
183 206
207 /* Encrypt private key in place */
208 zz = enckey->enckey->digest->data;
184 EVP_CIPHER_CTX_init(&ctx); 209 EVP_CIPHER_CTX_init(&ctx);
185 EVP_EncryptInit(&ctx,EVP_rc4(),key,NULL); 210 EVP_EncryptInit_ex(&ctx,EVP_rc4(),NULL,key,NULL);
186 EVP_EncryptUpdate(&ctx,os2.data,&i,os2.data,os2.length); 211 EVP_EncryptUpdate(&ctx,zz,&i,zz,pkeylen);
187 EVP_EncryptFinal(&ctx,&(os2.data[i]),&j); 212 EVP_EncryptFinal_ex(&ctx,zz + i,&j);
188 EVP_CIPHER_CTX_cleanup(&ctx); 213 EVP_CIPHER_CTX_cleanup(&ctx);
189 214
190 p= *pp; 215 ret = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, pp);
191 ASN1_put_object(&p,1,l[4]+l[3],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
192 i2d_ASN1_OCTET_STRING(&os,&p);
193 ASN1_put_object(&p,1,l[2]+l[1],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
194 i2d_X509_ALGOR(alg,&p);
195 i2d_ASN1_OCTET_STRING(&os2,&p);
196 ret=l[5];
197err: 216err:
198 if (os2.data != NULL) Free((char *)os2.data); 217 NETSCAPE_ENCRYPTED_PKEY_free(enckey);
199 if (alg != NULL) X509_ALGOR_free(alg); 218 NETSCAPE_PKEY_free(pkey);
200 if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
201 r=r;
202 return(ret); 219 return(ret);
203 } 220 }
204 221
205RSA *d2i_Netscape_RSA(a,pp,length,cb) 222
206RSA **a; 223RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)())
207unsigned char **pp; 224{
208long length; 225 return d2i_RSA_NET(a, pp, length, cb, 0);
209int (*cb)(); 226}
227
228RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey)
210 { 229 {
211 RSA *ret=NULL; 230 RSA *ret=NULL;
212 ASN1_OCTET_STRING *os=NULL; 231 const unsigned char *p, *kp;
213 ASN1_CTX c; 232 NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
233
234 p = *pp;
214 235
215 c.pp=pp; 236 enckey = d2i_NETSCAPE_ENCRYPTED_PKEY(NULL, &p, length);
216 c.error=ASN1_R_DECODING_ERROR; 237 if(!enckey) {
238 ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_DECODING_ERROR);
239 return NULL;
240 }
217 241
218 M_ASN1_D2I_Init(); 242 if ((enckey->os->length != 11) || (strncmp("private-key",
219 M_ASN1_D2I_start_sequence(); 243 (char *)enckey->os->data,11) != 0))
220 M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING);
221 if ((os->length != 11) || (strncmp("private-key",
222 (char *)os->data,os->length) != 0))
223 { 244 {
224 ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_PRIVATE_KEY_HEADER_MISSING); 245 ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_PRIVATE_KEY_HEADER_MISSING);
225 ASN1_BIT_STRING_free(os); 246 NETSCAPE_ENCRYPTED_PKEY_free(enckey);
226 goto err; 247 return NULL;
227 } 248 }
228 ASN1_BIT_STRING_free(os); 249 if (OBJ_obj2nid(enckey->enckey->algor->algorithm) != NID_rc4)
229 c.q=c.p; 250 {
230 if ((ret=d2i_Netscape_RSA_2(a,&c.p,c.slen,cb)) == NULL) goto err; 251 ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
231 c.slen-=(c.p-c.q); 252 goto err;
253 }
254 kp = enckey->enckey->digest->data;
255 if (cb == NULL)
256 cb=EVP_read_pw_string;
257 if ((ret=d2i_RSA_NET_2(a, enckey->enckey->digest,cb, sgckey)) == NULL) goto err;
258
259 *pp = p;
260
261 err:
262 NETSCAPE_ENCRYPTED_PKEY_free(enckey);
263 return ret;
232 264
233 M_ASN1_D2I_Finish(a,RSA_free,ASN1_F_D2I_NETSCAPE_RSA);
234 } 265 }
235 266
236RSA *d2i_Netscape_RSA_2(a,pp,length,cb) 267static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
237RSA **a; 268 int (*cb)(), int sgckey)
238unsigned char **pp;
239long length;
240int (*cb)();
241 { 269 {
242 NETSCAPE_PKEY *pkey=NULL; 270 NETSCAPE_PKEY *pkey=NULL;
243 RSA *ret=NULL; 271 RSA *ret=NULL;
244 int i,j; 272 int i,j;
245 unsigned char buf[256],*zz; 273 unsigned char buf[256];
274 const unsigned char *zz;
246 unsigned char key[EVP_MAX_KEY_LENGTH]; 275 unsigned char key[EVP_MAX_KEY_LENGTH];
247 EVP_CIPHER_CTX ctx; 276 EVP_CIPHER_CTX ctx;
248 X509_ALGOR *alg=NULL;
249 ASN1_OCTET_STRING *os=NULL;
250 ASN1_CTX c;
251
252 c.error=ASN1_R_ERROR_STACK;
253 c.pp=pp;
254 277
255 M_ASN1_D2I_Init();
256 M_ASN1_D2I_start_sequence();
257 M_ASN1_D2I_get(alg,d2i_X509_ALGOR);
258 if (OBJ_obj2nid(alg->algorithm) != NID_rc4)
259 {
260 ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
261 goto err;
262 }
263 M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING);
264 if (cb == NULL)
265 cb=EVP_read_pw_string;
266 i=cb(buf,256,"Enter Private Key password:",0); 278 i=cb(buf,256,"Enter Private Key password:",0);
267 if (i != 0) 279 if (i != 0)
268 { 280 {
@@ -270,14 +282,20 @@ int (*cb)();
270 goto err; 282 goto err;
271 } 283 }
272 284
273 EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf, 285 i = strlen((char *)buf);
274 strlen((char *)buf),1,key,NULL); 286 if(sgckey){
287 EVP_Digest(buf, i, buf, NULL, EVP_md5(), NULL);
288 memcpy(buf + 16, "SGCKEYSALT", 10);
289 i = 26;
290 }
291
292 EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
275 memset(buf,0,256); 293 memset(buf,0,256);
276 294
277 EVP_CIPHER_CTX_init(&ctx); 295 EVP_CIPHER_CTX_init(&ctx);
278 EVP_DecryptInit(&ctx,EVP_rc4(),key,NULL); 296 EVP_DecryptInit_ex(&ctx,EVP_rc4(),NULL, key,NULL);
279 EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length); 297 EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length);
280 EVP_DecryptFinal(&ctx,&(os->data[i]),&j); 298 EVP_DecryptFinal_ex(&ctx,&(os->data[i]),&j);
281 EVP_CIPHER_CTX_cleanup(&ctx); 299 EVP_CIPHER_CTX_cleanup(&ctx);
282 os->length=i+j; 300 os->length=i+j;
283 301
@@ -295,71 +313,17 @@ int (*cb)();
295 ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY); 313 ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY);
296 goto err; 314 goto err;
297 } 315 }
298 if (!asn1_Finish(&c)) goto err;
299 *pp=c.p;
300err: 316err:
301 if (pkey != NULL) NETSCAPE_PKEY_free(pkey); 317 NETSCAPE_PKEY_free(pkey);
302 if (os != NULL) ASN1_BIT_STRING_free(os);
303 if (alg != NULL) X509_ALGOR_free(alg);
304 return(ret); 318 return(ret);
305 } 319 }
306 320
307static int i2d_NETSCAPE_PKEY(a,pp) 321#endif /* OPENSSL_NO_RC4 */
308NETSCAPE_PKEY *a;
309unsigned char **pp;
310 {
311 M_ASN1_I2D_vars(a);
312
313
314 M_ASN1_I2D_len(a->version, i2d_ASN1_INTEGER);
315 M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR);
316 M_ASN1_I2D_len(a->private_key, i2d_ASN1_OCTET_STRING);
317
318 M_ASN1_I2D_seq_total();
319
320 M_ASN1_I2D_put(a->version, i2d_ASN1_INTEGER);
321 M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR);
322 M_ASN1_I2D_put(a->private_key, i2d_ASN1_OCTET_STRING);
323
324 M_ASN1_I2D_finish();
325 }
326
327static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(a,pp,length)
328NETSCAPE_PKEY **a;
329unsigned char **pp;
330long length;
331 {
332 M_ASN1_D2I_vars(a,NETSCAPE_PKEY *,NETSCAPE_PKEY_new);
333
334 M_ASN1_D2I_Init();
335 M_ASN1_D2I_start_sequence();
336 M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
337 M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
338 M_ASN1_D2I_get(ret->private_key,d2i_ASN1_OCTET_STRING);
339 M_ASN1_D2I_Finish(a,NETSCAPE_PKEY_free,ASN1_F_D2I_NETSCAPE_PKEY);
340 }
341
342static NETSCAPE_PKEY *NETSCAPE_PKEY_new()
343 {
344 NETSCAPE_PKEY *ret=NULL;
345
346 M_ASN1_New_Malloc(ret,NETSCAPE_PKEY);
347 M_ASN1_New(ret->version,ASN1_INTEGER_new);
348 M_ASN1_New(ret->algor,X509_ALGOR_new);
349 M_ASN1_New(ret->private_key,ASN1_OCTET_STRING_new);
350 return(ret);
351 M_ASN1_New_Error(ASN1_F_NETSCAPE_PKEY_NEW);
352 }
353 322
354static void NETSCAPE_PKEY_free(a) 323#else /* !OPENSSL_NO_RSA */
355NETSCAPE_PKEY *a;
356 {
357 if (a == NULL) return;
358 ASN1_INTEGER_free(a->version);
359 X509_ALGOR_free(a->algor);
360 ASN1_OCTET_STRING_free(a->private_key);
361 Free((char *)a);
362 }
363 324
364#endif /* NO_RC4 */ 325# if PEDANTIC
326static void *dummy=&dummy;
327# endif
365 328
329#endif
diff --git a/src/lib/libcrypto/asn1/nsseq.c b/src/lib/libcrypto/asn1/nsseq.c
index 417d024b81..50e2d4d07a 100644
--- a/src/lib/libcrypto/asn1/nsseq.c
+++ b/src/lib/libcrypto/asn1/nsseq.c
@@ -58,61 +58,25 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include <stdlib.h> 60#include <stdlib.h>
61#include <openssl/asn1_mac.h> 61#include <openssl/asn1t.h>
62#include <openssl/err.h>
63#include <openssl/x509.h> 62#include <openssl/x509.h>
64#include <openssl/objects.h> 63#include <openssl/objects.h>
65 64
66/* Netscape certificate sequence structure */ 65static int nsseq_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
67
68int i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **pp)
69{ 66{
70 int v = 0; 67 if(operation == ASN1_OP_NEW_POST) {
71 M_ASN1_I2D_vars(a); 68 NETSCAPE_CERT_SEQUENCE *nsseq;
72 M_ASN1_I2D_len (a->type, i2d_ASN1_OBJECT); 69 nsseq = (NETSCAPE_CERT_SEQUENCE *)*pval;
73 M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(X509,a->certs,i2d_X509,0, 70 nsseq->type = OBJ_nid2obj(NID_netscape_cert_sequence);
74 V_ASN1_SEQUENCE,v); 71 }
75 72 return 1;
76 M_ASN1_I2D_seq_total();
77
78 M_ASN1_I2D_put (a->type, i2d_ASN1_OBJECT);
79 M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(X509,a->certs,i2d_X509,0,
80 V_ASN1_SEQUENCE,v);
81
82 M_ASN1_I2D_finish();
83} 73}
84 74
85NETSCAPE_CERT_SEQUENCE *NETSCAPE_CERT_SEQUENCE_new(void) 75/* Netscape certificate sequence structure */
86{
87 NETSCAPE_CERT_SEQUENCE *ret=NULL;
88 ASN1_CTX c;
89 M_ASN1_New_Malloc(ret, NETSCAPE_CERT_SEQUENCE);
90 /* Note hardcoded object type */
91 ret->type = OBJ_nid2obj(NID_netscape_cert_sequence);
92 ret->certs = NULL;
93 return (ret);
94 M_ASN1_New_Error(ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW);
95}
96 76
97NETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a, 77ASN1_SEQUENCE_cb(NETSCAPE_CERT_SEQUENCE, nsseq_cb) = {
98 unsigned char **pp, long length) 78 ASN1_SIMPLE(NETSCAPE_CERT_SEQUENCE, type, ASN1_OBJECT),
99{ 79 ASN1_EXP_SEQUENCE_OF_OPT(NETSCAPE_CERT_SEQUENCE, certs, X509, 0)
100 M_ASN1_D2I_vars(a,NETSCAPE_CERT_SEQUENCE *, 80} ASN1_SEQUENCE_END_cb(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE)
101 NETSCAPE_CERT_SEQUENCE_new);
102 M_ASN1_D2I_Init();
103 M_ASN1_D2I_start_sequence();
104 M_ASN1_D2I_get (ret->type, d2i_ASN1_OBJECT);
105 M_ASN1_D2I_get_EXP_set_opt_type(X509,ret->certs,d2i_X509,X509_free,0,
106 V_ASN1_SEQUENCE);
107 M_ASN1_D2I_Finish(a, NETSCAPE_CERT_SEQUENCE_free,
108 ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE);
109}
110 81
111void NETSCAPE_CERT_SEQUENCE_free (NETSCAPE_CERT_SEQUENCE *a) 82IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE)
112{
113 if (a == NULL) return;
114 ASN1_OBJECT_free(a->type);
115 if(a->certs)
116 sk_X509_pop_free(a->certs, X509_free);
117 Free (a);
118}
diff --git a/src/lib/libcrypto/asn1/p5_pbe.c b/src/lib/libcrypto/asn1/p5_pbe.c
index b831836e7b..891150638e 100644
--- a/src/lib/libcrypto/asn1/p5_pbe.c
+++ b/src/lib/libcrypto/asn1/p5_pbe.c
@@ -58,53 +58,18 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/asn1_mac.h> 61#include <openssl/asn1t.h>
62#include <openssl/x509.h> 62#include <openssl/x509.h>
63#include <openssl/rand.h> 63#include <openssl/rand.h>
64 64
65/* PKCS#5 password based encryption structure */ 65/* PKCS#5 password based encryption structure */
66 66
67int i2d_PBEPARAM(PBEPARAM *a, unsigned char **pp) 67ASN1_SEQUENCE(PBEPARAM) = {
68{ 68 ASN1_SIMPLE(PBEPARAM, salt, ASN1_OCTET_STRING),
69 M_ASN1_I2D_vars(a); 69 ASN1_SIMPLE(PBEPARAM, iter, ASN1_INTEGER)
70 M_ASN1_I2D_len (a->salt, i2d_ASN1_OCTET_STRING); 70} ASN1_SEQUENCE_END(PBEPARAM)
71 M_ASN1_I2D_len (a->iter, i2d_ASN1_INTEGER);
72
73 M_ASN1_I2D_seq_total ();
74 71
75 M_ASN1_I2D_put (a->salt, i2d_ASN1_OCTET_STRING); 72IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM)
76 M_ASN1_I2D_put (a->iter, i2d_ASN1_INTEGER);
77 M_ASN1_I2D_finish();
78}
79
80PBEPARAM *PBEPARAM_new(void)
81{
82 PBEPARAM *ret=NULL;
83 ASN1_CTX c;
84 M_ASN1_New_Malloc(ret, PBEPARAM);
85 M_ASN1_New(ret->iter,ASN1_INTEGER_new);
86 M_ASN1_New(ret->salt,ASN1_OCTET_STRING_new);
87 return (ret);
88 M_ASN1_New_Error(ASN1_F_PBEPARAM_NEW);
89}
90
91PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, unsigned char **pp, long length)
92{
93 M_ASN1_D2I_vars(a,PBEPARAM *,PBEPARAM_new);
94 M_ASN1_D2I_Init();
95 M_ASN1_D2I_start_sequence();
96 M_ASN1_D2I_get (ret->salt, d2i_ASN1_OCTET_STRING);
97 M_ASN1_D2I_get (ret->iter, d2i_ASN1_INTEGER);
98 M_ASN1_D2I_Finish(a, PBEPARAM_free, ASN1_F_D2I_PBEPARAM);
99}
100
101void PBEPARAM_free (PBEPARAM *a)
102{
103 if(a==NULL) return;
104 ASN1_OCTET_STRING_free(a->salt);
105 ASN1_INTEGER_free (a->iter);
106 Free ((char *)a);
107}
108 73
109/* Return an algorithm identifier for a PKCS#5 PBE algorithm */ 74/* Return an algorithm identifier for a PKCS#5 PBE algorithm */
110 75
@@ -123,13 +88,14 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt,
123 if(iter <= 0) iter = PKCS5_DEFAULT_ITER; 88 if(iter <= 0) iter = PKCS5_DEFAULT_ITER;
124 ASN1_INTEGER_set (pbe->iter, iter); 89 ASN1_INTEGER_set (pbe->iter, iter);
125 if (!saltlen) saltlen = PKCS5_SALT_LEN; 90 if (!saltlen) saltlen = PKCS5_SALT_LEN;
126 if (!(pbe->salt->data = Malloc (saltlen))) { 91 if (!(pbe->salt->data = OPENSSL_malloc (saltlen))) {
127 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); 92 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
128 return NULL; 93 return NULL;
129 } 94 }
130 pbe->salt->length = saltlen; 95 pbe->salt->length = saltlen;
131 if (salt) memcpy (pbe->salt->data, salt, saltlen); 96 if (salt) memcpy (pbe->salt->data, salt, saltlen);
132 else RAND_bytes (pbe->salt->data, saltlen); 97 else if (RAND_pseudo_bytes (pbe->salt->data, saltlen) < 0)
98 return NULL;
133 99
134 if (!(astype = ASN1_TYPE_new())) { 100 if (!(astype = ASN1_TYPE_new())) {
135 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); 101 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE);
diff --git a/src/lib/libcrypto/asn1/p5_pbev2.c b/src/lib/libcrypto/asn1/p5_pbev2.c
index 09f4bf6112..91e1c8987d 100644
--- a/src/lib/libcrypto/asn1/p5_pbev2.c
+++ b/src/lib/libcrypto/asn1/p5_pbev2.c
@@ -58,108 +58,27 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/asn1_mac.h> 61#include <openssl/asn1t.h>
62#include <openssl/x509.h> 62#include <openssl/x509.h>
63#include <openssl/rand.h> 63#include <openssl/rand.h>
64 64
65/* PKCS#5 v2.0 password based encryption structures */ 65/* PKCS#5 v2.0 password based encryption structures */
66 66
67int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **pp) 67ASN1_SEQUENCE(PBE2PARAM) = {
68{ 68 ASN1_SIMPLE(PBE2PARAM, keyfunc, X509_ALGOR),
69 M_ASN1_I2D_vars(a); 69 ASN1_SIMPLE(PBE2PARAM, encryption, X509_ALGOR)
70 M_ASN1_I2D_len (a->keyfunc, i2d_X509_ALGOR); 70} ASN1_SEQUENCE_END(PBE2PARAM)
71 M_ASN1_I2D_len (a->encryption, i2d_X509_ALGOR);
72
73 M_ASN1_I2D_seq_total ();
74
75 M_ASN1_I2D_put (a->keyfunc, i2d_X509_ALGOR);
76 M_ASN1_I2D_put (a->encryption, i2d_X509_ALGOR);
77
78 M_ASN1_I2D_finish();
79}
80
81PBE2PARAM *PBE2PARAM_new(void)
82{
83 PBE2PARAM *ret=NULL;
84 ASN1_CTX c;
85 M_ASN1_New_Malloc(ret, PBE2PARAM);
86 M_ASN1_New(ret->keyfunc,X509_ALGOR_new);
87 M_ASN1_New(ret->encryption,X509_ALGOR_new);
88 return (ret);
89 M_ASN1_New_Error(ASN1_F_PBE2PARAM_NEW);
90}
91
92PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, unsigned char **pp, long length)
93{
94 M_ASN1_D2I_vars(a,PBE2PARAM *,PBE2PARAM_new);
95 M_ASN1_D2I_Init();
96 M_ASN1_D2I_start_sequence();
97 M_ASN1_D2I_get (ret->keyfunc, d2i_X509_ALGOR);
98 M_ASN1_D2I_get (ret->encryption, d2i_X509_ALGOR);
99 M_ASN1_D2I_Finish(a, PBE2PARAM_free, ASN1_F_D2I_PBE2PARAM);
100}
101 71
102void PBE2PARAM_free (PBE2PARAM *a) 72IMPLEMENT_ASN1_FUNCTIONS(PBE2PARAM)
103{
104 if(a==NULL) return;
105 X509_ALGOR_free(a->keyfunc);
106 X509_ALGOR_free(a->encryption);
107 Free ((char *)a);
108}
109 73
110int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **pp) 74ASN1_SEQUENCE(PBKDF2PARAM) = {
111{ 75 ASN1_SIMPLE(PBKDF2PARAM, salt, ASN1_ANY),
112 M_ASN1_I2D_vars(a); 76 ASN1_SIMPLE(PBKDF2PARAM, iter, ASN1_INTEGER),
113 M_ASN1_I2D_len (a->salt, i2d_ASN1_TYPE); 77 ASN1_OPT(PBKDF2PARAM, keylength, ASN1_INTEGER),
114 M_ASN1_I2D_len (a->iter, i2d_ASN1_INTEGER); 78 ASN1_OPT(PBKDF2PARAM, prf, X509_ALGOR)
115 M_ASN1_I2D_len (a->keylength, i2d_ASN1_INTEGER); 79} ASN1_SEQUENCE_END(PBKDF2PARAM)
116 M_ASN1_I2D_len (a->prf, i2d_X509_ALGOR);
117 80
118 M_ASN1_I2D_seq_total (); 81IMPLEMENT_ASN1_FUNCTIONS(PBKDF2PARAM)
119
120 M_ASN1_I2D_put (a->salt, i2d_ASN1_TYPE);
121 M_ASN1_I2D_put (a->iter, i2d_ASN1_INTEGER);
122 M_ASN1_I2D_put (a->keylength, i2d_ASN1_INTEGER);
123 M_ASN1_I2D_put (a->prf, i2d_X509_ALGOR);
124
125 M_ASN1_I2D_finish();
126}
127
128PBKDF2PARAM *PBKDF2PARAM_new(void)
129{
130 PBKDF2PARAM *ret=NULL;
131 ASN1_CTX c;
132 M_ASN1_New_Malloc(ret, PBKDF2PARAM);
133 M_ASN1_New(ret->salt, ASN1_TYPE_new);
134 M_ASN1_New(ret->iter, ASN1_INTEGER_new);
135 ret->keylength = NULL;
136 ret->prf = NULL;
137 return (ret);
138 M_ASN1_New_Error(ASN1_F_PBKDF2PARAM_NEW);
139}
140
141PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, unsigned char **pp,
142 long length)
143{
144 M_ASN1_D2I_vars(a,PBKDF2PARAM *,PBKDF2PARAM_new);
145 M_ASN1_D2I_Init();
146 M_ASN1_D2I_start_sequence();
147 M_ASN1_D2I_get (ret->salt, d2i_ASN1_TYPE);
148 M_ASN1_D2I_get (ret->iter, d2i_ASN1_INTEGER);
149 M_ASN1_D2I_get_opt (ret->keylength, d2i_ASN1_INTEGER, V_ASN1_INTEGER);
150 M_ASN1_D2I_get_opt (ret->prf, d2i_X509_ALGOR, V_ASN1_SEQUENCE);
151 M_ASN1_D2I_Finish(a, PBKDF2PARAM_free, ASN1_F_D2I_PBKDF2PARAM);
152}
153
154void PBKDF2PARAM_free (PBKDF2PARAM *a)
155{
156 if(a==NULL) return;
157 ASN1_TYPE_free(a->salt);
158 ASN1_INTEGER_free(a->iter);
159 ASN1_INTEGER_free(a->keylength);
160 X509_ALGOR_free(a->prf);
161 Free ((char *)a);
162}
163 82
164/* Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm: 83/* Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm:
165 * yes I know this is horrible! 84 * yes I know this is horrible!
@@ -175,22 +94,32 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
175 PBKDF2PARAM *kdf = NULL; 94 PBKDF2PARAM *kdf = NULL;
176 PBE2PARAM *pbe2 = NULL; 95 PBE2PARAM *pbe2 = NULL;
177 ASN1_OCTET_STRING *osalt = NULL; 96 ASN1_OCTET_STRING *osalt = NULL;
97 ASN1_OBJECT *obj;
98
99 alg_nid = EVP_CIPHER_type(cipher);
100 if(alg_nid == NID_undef) {
101 ASN1err(ASN1_F_PKCS5_PBE2_SET,
102 ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER);
103 goto err;
104 }
105 obj = OBJ_nid2obj(alg_nid);
178 106
179 if(!(pbe2 = PBE2PARAM_new())) goto merr; 107 if(!(pbe2 = PBE2PARAM_new())) goto merr;
180 108
181 /* Setup the AlgorithmIdentifier for the encryption scheme */ 109 /* Setup the AlgorithmIdentifier for the encryption scheme */
182 scheme = pbe2->encryption; 110 scheme = pbe2->encryption;
183 111
184 alg_nid = EVP_CIPHER_type(cipher); 112 scheme->algorithm = obj;
185
186 scheme->algorithm = OBJ_nid2obj(alg_nid);
187 if(!(scheme->parameter = ASN1_TYPE_new())) goto merr; 113 if(!(scheme->parameter = ASN1_TYPE_new())) goto merr;
188 114
189 /* Create random IV */ 115 /* Create random IV */
190 RAND_bytes(iv, EVP_CIPHER_iv_length(cipher)); 116 if (RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
117 goto err;
118
119 EVP_CIPHER_CTX_init(&ctx);
191 120
192 /* Dummy cipherinit to just setup the IV */ 121 /* Dummy cipherinit to just setup the IV */
193 EVP_CipherInit(&ctx, cipher, NULL, iv, 0); 122 EVP_CipherInit_ex(&ctx, cipher, NULL, NULL, iv, 0);
194 if(EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) { 123 if(EVP_CIPHER_param_to_asn1(&ctx, scheme->parameter) < 0) {
195 ASN1err(ASN1_F_PKCS5_PBE2_SET, 124 ASN1err(ASN1_F_PKCS5_PBE2_SET,
196 ASN1_R_ERROR_SETTING_CIPHER_PARAMS); 125 ASN1_R_ERROR_SETTING_CIPHER_PARAMS);
@@ -199,13 +128,13 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
199 EVP_CIPHER_CTX_cleanup(&ctx); 128 EVP_CIPHER_CTX_cleanup(&ctx);
200 129
201 if(!(kdf = PBKDF2PARAM_new())) goto merr; 130 if(!(kdf = PBKDF2PARAM_new())) goto merr;
202 if(!(osalt = ASN1_OCTET_STRING_new())) goto merr; 131 if(!(osalt = M_ASN1_OCTET_STRING_new())) goto merr;
203 132
204 if (!saltlen) saltlen = PKCS5_SALT_LEN; 133 if (!saltlen) saltlen = PKCS5_SALT_LEN;
205 if (!(osalt->data = Malloc (saltlen))) goto merr; 134 if (!(osalt->data = OPENSSL_malloc (saltlen))) goto merr;
206 osalt->length = saltlen; 135 osalt->length = saltlen;
207 if (salt) memcpy (osalt->data, salt, saltlen); 136 if (salt) memcpy (osalt->data, salt, saltlen);
208 else RAND_bytes (osalt->data, saltlen); 137 else if (RAND_pseudo_bytes (osalt->data, saltlen) < 0) goto merr;
209 138
210 if(iter <= 0) iter = PKCS5_DEFAULT_ITER; 139 if(iter <= 0) iter = PKCS5_DEFAULT_ITER;
211 if(!ASN1_INTEGER_set(kdf->iter, iter)) goto merr; 140 if(!ASN1_INTEGER_set(kdf->iter, iter)) goto merr;
@@ -218,7 +147,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
218 /* If its RC2 then we'd better setup the key length */ 147 /* If its RC2 then we'd better setup the key length */
219 148
220 if(alg_nid == NID_rc2_cbc) { 149 if(alg_nid == NID_rc2_cbc) {
221 if(!(kdf->keylength = ASN1_INTEGER_new())) goto merr; 150 if(!(kdf->keylength = M_ASN1_INTEGER_new())) goto merr;
222 if(!ASN1_INTEGER_set (kdf->keylength, 151 if(!ASN1_INTEGER_set (kdf->keylength,
223 EVP_CIPHER_key_length(cipher))) goto merr; 152 EVP_CIPHER_key_length(cipher))) goto merr;
224 } 153 }
@@ -264,7 +193,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
264 err: 193 err:
265 PBE2PARAM_free(pbe2); 194 PBE2PARAM_free(pbe2);
266 /* Note 'scheme' is freed as part of pbe2 */ 195 /* Note 'scheme' is freed as part of pbe2 */
267 ASN1_OCTET_STRING_free(osalt); 196 M_ASN1_OCTET_STRING_free(osalt);
268 PBKDF2PARAM_free(kdf); 197 PBKDF2PARAM_free(kdf);
269 X509_ALGOR_free(kalg); 198 X509_ALGOR_free(kalg);
270 X509_ALGOR_free(ret); 199 X509_ALGOR_free(ret);
diff --git a/src/lib/libcrypto/asn1/p8_pkey.c b/src/lib/libcrypto/asn1/p8_pkey.c
index aa9a4f6c96..b634d5bc85 100644
--- a/src/lib/libcrypto/asn1/p8_pkey.c
+++ b/src/lib/libcrypto/asn1/p8_pkey.c
@@ -58,72 +58,27 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/asn1_mac.h> 61#include <openssl/asn1t.h>
62#include <openssl/x509.h> 62#include <openssl/x509.h>
63 63
64int i2d_PKCS8_PRIV_KEY_INFO (PKCS8_PRIV_KEY_INFO *a, unsigned char **pp) 64/* Minor tweak to operation: zero private key data */
65static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
65{ 66{
66 67 /* Since the structure must still be valid use ASN1_OP_FREE_PRE */
67 M_ASN1_I2D_vars(a); 68 if(operation == ASN1_OP_FREE_PRE) {
68 69 PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval;
69 M_ASN1_I2D_len (a->version, i2d_ASN1_INTEGER); 70 if (key->pkey->value.octet_string)
70 M_ASN1_I2D_len (a->pkeyalg, i2d_X509_ALGOR); 71 memset(key->pkey->value.octet_string->data,
71 M_ASN1_I2D_len (a->pkey, i2d_ASN1_TYPE); 72 0, key->pkey->value.octet_string->length);
72 M_ASN1_I2D_len_IMP_SET_opt_type (X509_ATTRIBUTE, a->attributes, 73 }
73 i2d_X509_ATTRIBUTE, 0); 74 return 1;
74
75 M_ASN1_I2D_seq_total ();
76
77 M_ASN1_I2D_put (a->version, i2d_ASN1_INTEGER);
78 M_ASN1_I2D_put (a->pkeyalg, i2d_X509_ALGOR);
79 M_ASN1_I2D_put (a->pkey, i2d_ASN1_TYPE);
80 M_ASN1_I2D_put_IMP_SET_opt_type (X509_ATTRIBUTE, a->attributes,
81 i2d_X509_ATTRIBUTE, 0);
82
83 M_ASN1_I2D_finish();
84} 75}
85 76
86PKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new(void) 77ASN1_SEQUENCE_cb(PKCS8_PRIV_KEY_INFO, pkey_cb) = {
87{ 78 ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, version, ASN1_INTEGER),
88 PKCS8_PRIV_KEY_INFO *ret=NULL; 79 ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkeyalg, X509_ALGOR),
89 ASN1_CTX c; 80 ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkey, ASN1_ANY),
90 M_ASN1_New_Malloc(ret, PKCS8_PRIV_KEY_INFO); 81 ASN1_IMP_SET_OF_OPT(PKCS8_PRIV_KEY_INFO, attributes, X509_ATTRIBUTE, 0)
91 M_ASN1_New (ret->version, ASN1_INTEGER_new); 82} ASN1_SEQUENCE_END_cb(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO)
92 M_ASN1_New (ret->pkeyalg, X509_ALGOR_new);
93 M_ASN1_New (ret->pkey, ASN1_TYPE_new);
94 ret->attributes = NULL;
95 ret->broken = PKCS8_OK;
96 return (ret);
97 M_ASN1_New_Error(ASN1_F_PKCS8_PRIV_KEY_INFO_NEW);
98}
99 83
100PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a, 84IMPLEMENT_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
101 unsigned char **pp, long length)
102{
103 M_ASN1_D2I_vars(a,PKCS8_PRIV_KEY_INFO *,PKCS8_PRIV_KEY_INFO_new);
104 M_ASN1_D2I_Init();
105 M_ASN1_D2I_start_sequence();
106 M_ASN1_D2I_get (ret->version, d2i_ASN1_INTEGER);
107 M_ASN1_D2I_get (ret->pkeyalg, d2i_X509_ALGOR);
108 M_ASN1_D2I_get (ret->pkey, d2i_ASN1_TYPE);
109 M_ASN1_D2I_get_IMP_set_opt_type(X509_ATTRIBUTE, ret->attributes,
110 d2i_X509_ATTRIBUTE,
111 X509_ATTRIBUTE_free, 0);
112 if (ASN1_TYPE_get(ret->pkey) == V_ASN1_SEQUENCE)
113 ret->broken = PKCS8_NO_OCTET;
114 M_ASN1_D2I_Finish(a, PKCS8_PRIV_KEY_INFO_free, ASN1_F_D2I_PKCS8_PRIV_KEY_INFO);
115}
116
117void PKCS8_PRIV_KEY_INFO_free (PKCS8_PRIV_KEY_INFO *a)
118{
119 if (a == NULL) return;
120 ASN1_INTEGER_free (a->version);
121 X509_ALGOR_free(a->pkeyalg);
122 /* Clear sensitive data */
123 if (a->pkey->value.octet_string)
124 memset (a->pkey->value.octet_string->data,
125 0, a->pkey->value.octet_string->length);
126 ASN1_TYPE_free (a->pkey);
127 sk_X509_ATTRIBUTE_pop_free (a->attributes, X509_ATTRIBUTE_free);
128 Free (a);
129}
diff --git a/src/lib/libcrypto/asn1/t_crl.c b/src/lib/libcrypto/asn1/t_crl.c
index c2e447ce6f..60db305756 100644
--- a/src/lib/libcrypto/asn1/t_crl.c
+++ b/src/lib/libcrypto/asn1/t_crl.c
@@ -64,8 +64,7 @@
64#include <openssl/x509.h> 64#include <openssl/x509.h>
65#include <openssl/x509v3.h> 65#include <openssl/x509v3.h>
66 66
67static void ext_print(BIO *out, X509_EXTENSION *ex); 67#ifndef OPENSSL_NO_FP_API
68#ifndef NO_FP_API
69int X509_CRL_print_fp(FILE *fp, X509_CRL *x) 68int X509_CRL_print_fp(FILE *fp, X509_CRL *x)
70 { 69 {
71 BIO *b; 70 BIO *b;
@@ -86,11 +85,10 @@ int X509_CRL_print_fp(FILE *fp, X509_CRL *x)
86int X509_CRL_print(BIO *out, X509_CRL *x) 85int X509_CRL_print(BIO *out, X509_CRL *x)
87{ 86{
88 char buf[256]; 87 char buf[256];
89 unsigned char *s;
90 STACK_OF(X509_REVOKED) *rev; 88 STACK_OF(X509_REVOKED) *rev;
91 X509_REVOKED *r; 89 X509_REVOKED *r;
92 long l; 90 long l;
93 int i, j, n; 91 int i, n;
94 92
95 BIO_printf(out, "Certificate Revocation List (CRL):\n"); 93 BIO_printf(out, "Certificate Revocation List (CRL):\n");
96 l = X509_CRL_get_version(x); 94 l = X509_CRL_get_version(x);
@@ -109,15 +107,12 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
109 BIO_printf(out,"\n"); 107 BIO_printf(out,"\n");
110 108
111 n=X509_CRL_get_ext_count(x); 109 n=X509_CRL_get_ext_count(x);
112 if (n > 0) { 110 X509V3_extensions_print(out, "CRL extensions",
113 BIO_printf(out,"%8sCRL extensions:\n",""); 111 x->crl->extensions, 0, 8);
114 for (i=0; i<n; i++) ext_print(out, X509_CRL_get_ext(x, i));
115 }
116
117 112
118 rev = X509_CRL_get_REVOKED(x); 113 rev = X509_CRL_get_REVOKED(x);
119 114
120 if(sk_X509_REVOKED_num(rev)) 115 if(sk_X509_REVOKED_num(rev) > 0)
121 BIO_printf(out, "Revoked Certificates:\n"); 116 BIO_printf(out, "Revoked Certificates:\n");
122 else BIO_printf(out, "No Revoked Certificates.\n"); 117 else BIO_printf(out, "No Revoked Certificates.\n");
123 118
@@ -128,39 +123,11 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
128 BIO_printf(out,"\n Revocation Date: ",""); 123 BIO_printf(out,"\n Revocation Date: ","");
129 ASN1_TIME_print(out,r->revocationDate); 124 ASN1_TIME_print(out,r->revocationDate);
130 BIO_printf(out,"\n"); 125 BIO_printf(out,"\n");
131 for(j = 0; j < X509_REVOKED_get_ext_count(r); j++) 126 X509V3_extensions_print(out, "CRL entry extensions",
132 ext_print(out, X509_REVOKED_get_ext(r, j)); 127 r->extensions, 0, 8);
133 }
134
135 i=OBJ_obj2nid(x->sig_alg->algorithm);
136 BIO_printf(out," Signature Algorithm: %s",
137 (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i));
138
139 s = x->signature->data;
140 n = x->signature->length;
141 for (i=0; i<n; i++, s++)
142 {
143 if ((i%18) == 0) BIO_write(out,"\n ",9);
144 BIO_printf(out,"%02x%s",*s, ((i+1) == n)?"":":");
145 } 128 }
146 BIO_write(out,"\n",1); 129 X509_signature_print(out, x->sig_alg, x->signature);
147 130
148 return 1; 131 return 1;
149 132
150} 133}
151
152static void ext_print(BIO *out, X509_EXTENSION *ex)
153{
154 ASN1_OBJECT *obj;
155 int j;
156 BIO_printf(out,"%12s","");
157 obj=X509_EXTENSION_get_object(ex);
158 i2a_ASN1_OBJECT(out,obj);
159 j=X509_EXTENSION_get_critical(ex);
160 BIO_printf(out, ": %s\n", j ? "critical":"","");
161 if(!X509V3_EXT_print(out, ex, 0, 16)) {
162 BIO_printf(out, "%16s", "");
163 ASN1_OCTET_STRING_print(out,ex->value);
164 }
165 BIO_write(out,"\n",1);
166}
diff --git a/src/lib/libcrypto/asn1/t_pkey.c b/src/lib/libcrypto/asn1/t_pkey.c
index bc518d59a2..8060115202 100644
--- a/src/lib/libcrypto/asn1/t_pkey.c
+++ b/src/lib/libcrypto/asn1/t_pkey.c
@@ -58,35 +58,23 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "buffer.h" 61#include <openssl/buffer.h>
62#include "bn.h" 62#include <openssl/bn.h>
63#ifndef NO_RSA 63#ifndef OPENSSL_NO_RSA
64#include "rsa.h" 64#include <openssl/rsa.h>
65#endif 65#endif
66#ifndef NO_DH 66#ifndef OPENSSL_NO_DH
67#include "dh.h" 67#include <openssl/dh.h>
68#endif 68#endif
69#ifndef NO_DSA 69#ifndef OPENSSL_NO_DSA
70#include "dsa.h" 70#include <openssl/dsa.h>
71#endif 71#endif
72 72
73/* DHerr(DH_F_DHPARAMS_PRINT,ERR_R_MALLOC_FAILURE); 73static int print(BIO *fp,const char *str,BIGNUM *num,
74 * DSAerr(DSA_F_DSAPARAMS_PRINT,ERR_R_MALLOC_FAILURE);
75 */
76
77#ifndef NOPROTO
78static int print(BIO *fp,char *str,BIGNUM *num,
79 unsigned char *buf,int off); 74 unsigned char *buf,int off);
80#else 75#ifndef OPENSSL_NO_RSA
81static int print(); 76#ifndef OPENSSL_NO_FP_API
82#endif 77int RSA_print_fp(FILE *fp, const RSA *x, int off)
83
84#ifndef NO_RSA
85#ifndef NO_FP_API
86int RSA_print_fp(fp,x,off)
87FILE *fp;
88RSA *x;
89int off;
90 { 78 {
91 BIO *b; 79 BIO *b;
92 int ret; 80 int ret;
@@ -103,17 +91,15 @@ int off;
103 } 91 }
104#endif 92#endif
105 93
106int RSA_print(bp,x,off) 94int RSA_print(BIO *bp, const RSA *x, int off)
107BIO *bp;
108RSA *x;
109int off;
110 { 95 {
111 char str[128],*s; 96 char str[128];
97 const char *s;
112 unsigned char *m=NULL; 98 unsigned char *m=NULL;
113 int i,ret=0; 99 int i,ret=0;
114 100
115 i=RSA_size(x); 101 i=RSA_size(x);
116 m=(unsigned char *)Malloc((unsigned int)i+10); 102 m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
117 if (m == NULL) 103 if (m == NULL)
118 { 104 {
119 RSAerr(RSA_F_RSA_PRINT,ERR_R_MALLOC_FAILURE); 105 RSAerr(RSA_F_RSA_PRINT,ERR_R_MALLOC_FAILURE);
@@ -147,17 +133,14 @@ int off;
147 if (!print(bp,"coefficient:",x->iqmp,m,off)) goto err; 133 if (!print(bp,"coefficient:",x->iqmp,m,off)) goto err;
148 ret=1; 134 ret=1;
149err: 135err:
150 if (m != NULL) Free((char *)m); 136 if (m != NULL) OPENSSL_free(m);
151 return(ret); 137 return(ret);
152 } 138 }
153#endif /* NO_RSA */ 139#endif /* OPENSSL_NO_RSA */
154 140
155#ifndef NO_DSA 141#ifndef OPENSSL_NO_DSA
156#ifndef NO_FP_API 142#ifndef OPENSSL_NO_FP_API
157int DSA_print_fp(fp,x,off) 143int DSA_print_fp(FILE *fp, const DSA *x, int off)
158FILE *fp;
159DSA *x;
160int off;
161 { 144 {
162 BIO *b; 145 BIO *b;
163 int ret; 146 int ret;
@@ -174,10 +157,7 @@ int off;
174 } 157 }
175#endif 158#endif
176 159
177int DSA_print(bp,x,off) 160int DSA_print(BIO *bp, const DSA *x, int off)
178BIO *bp;
179DSA *x;
180int off;
181 { 161 {
182 char str[128]; 162 char str[128];
183 unsigned char *m=NULL; 163 unsigned char *m=NULL;
@@ -196,7 +176,7 @@ int off;
196 i=BN_num_bytes(bn)*2; 176 i=BN_num_bytes(bn)*2;
197 else 177 else
198 i=256; 178 i=256;
199 m=(unsigned char *)Malloc((unsigned int)i+10); 179 m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
200 if (m == NULL) 180 if (m == NULL)
201 { 181 {
202 DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE); 182 DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE);
@@ -224,20 +204,17 @@ int off;
224 if ((x->g != NULL) && !print(bp,"G: ",x->g,m,off)) goto err; 204 if ((x->g != NULL) && !print(bp,"G: ",x->g,m,off)) goto err;
225 ret=1; 205 ret=1;
226err: 206err:
227 if (m != NULL) Free((char *)m); 207 if (m != NULL) OPENSSL_free(m);
228 return(ret); 208 return(ret);
229 } 209 }
230#endif /* !NO_DSA */ 210#endif /* !OPENSSL_NO_DSA */
231 211
232static int print(bp,number,num,buf,off) 212static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf,
233BIO *bp; 213 int off)
234char *number;
235BIGNUM *num;
236unsigned char *buf;
237int off;
238 { 214 {
239 int n,i; 215 int n,i;
240 char str[128],*neg; 216 char str[128];
217 const char *neg;
241 218
242 if (num == NULL) return(1); 219 if (num == NULL) return(1);
243 neg=(num->neg)?"-":""; 220 neg=(num->neg)?"-":"";
@@ -282,11 +259,9 @@ int off;
282 return(1); 259 return(1);
283 } 260 }
284 261
285#ifndef NO_DH 262#ifndef OPENSSL_NO_DH
286#ifndef NO_FP_API 263#ifndef OPENSSL_NO_FP_API
287int DHparams_print_fp(fp,x) 264int DHparams_print_fp(FILE *fp, const DH *x)
288FILE *fp;
289DH *x;
290 { 265 {
291 BIO *b; 266 BIO *b;
292 int ret; 267 int ret;
@@ -303,15 +278,13 @@ DH *x;
303 } 278 }
304#endif 279#endif
305 280
306int DHparams_print(bp,x) 281int DHparams_print(BIO *bp, const DH *x)
307BIO *bp;
308DH *x;
309 { 282 {
310 unsigned char *m=NULL; 283 unsigned char *m=NULL;
311 int reason=ERR_R_BUF_LIB,i,ret=0; 284 int reason=ERR_R_BUF_LIB,i,ret=0;
312 285
313 i=BN_num_bytes(x->p); 286 i=BN_num_bytes(x->p);
314 m=(unsigned char *)Malloc((unsigned int)i+10); 287 m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
315 if (m == NULL) 288 if (m == NULL)
316 { 289 {
317 reason=ERR_R_MALLOC_FAILURE; 290 reason=ERR_R_MALLOC_FAILURE;
@@ -325,7 +298,7 @@ DH *x;
325 if (!print(bp,"generator:",x->g,m,4)) goto err; 298 if (!print(bp,"generator:",x->g,m,4)) goto err;
326 if (x->length != 0) 299 if (x->length != 0)
327 { 300 {
328 if (BIO_printf(bp," recomented-private-length: %d bits\n", 301 if (BIO_printf(bp," recommended-private-length: %d bits\n",
329 (int)x->length) <= 0) goto err; 302 (int)x->length) <= 0) goto err;
330 } 303 }
331 ret=1; 304 ret=1;
@@ -334,16 +307,14 @@ DH *x;
334err: 307err:
335 DHerr(DH_F_DHPARAMS_PRINT,reason); 308 DHerr(DH_F_DHPARAMS_PRINT,reason);
336 } 309 }
337 if (m != NULL) Free((char *)m); 310 if (m != NULL) OPENSSL_free(m);
338 return(ret); 311 return(ret);
339 } 312 }
340#endif 313#endif
341 314
342#ifndef NO_DSA 315#ifndef OPENSSL_NO_DSA
343#ifndef NO_FP_API 316#ifndef OPENSSL_NO_FP_API
344int DSAparams_print_fp(fp,x) 317int DSAparams_print_fp(FILE *fp, const DSA *x)
345FILE *fp;
346DSA *x;
347 { 318 {
348 BIO *b; 319 BIO *b;
349 int ret; 320 int ret;
@@ -360,15 +331,13 @@ DSA *x;
360 } 331 }
361#endif 332#endif
362 333
363int DSAparams_print(bp,x) 334int DSAparams_print(BIO *bp, const DSA *x)
364BIO *bp;
365DSA *x;
366 { 335 {
367 unsigned char *m=NULL; 336 unsigned char *m=NULL;
368 int reason=ERR_R_BUF_LIB,i,ret=0; 337 int reason=ERR_R_BUF_LIB,i,ret=0;
369 338
370 i=BN_num_bytes(x->p); 339 i=BN_num_bytes(x->p);
371 m=(unsigned char *)Malloc((unsigned int)i+10); 340 m=(unsigned char *)OPENSSL_malloc((unsigned int)i+10);
372 if (m == NULL) 341 if (m == NULL)
373 { 342 {
374 reason=ERR_R_MALLOC_FAILURE; 343 reason=ERR_R_MALLOC_FAILURE;
@@ -383,10 +352,10 @@ DSA *x;
383 if (!print(bp,"g:",x->g,m,4)) goto err; 352 if (!print(bp,"g:",x->g,m,4)) goto err;
384 ret=1; 353 ret=1;
385err: 354err:
386 if (m != NULL) Free((char *)m); 355 if (m != NULL) OPENSSL_free(m);
387 DSAerr(DSA_F_DSAPARAMS_PRINT,reason); 356 DSAerr(DSA_F_DSAPARAMS_PRINT,reason);
388 return(ret); 357 return(ret);
389 } 358 }
390 359
391#endif /* !NO_DSA */ 360#endif /* !OPENSSL_NO_DSA */
392 361
diff --git a/src/lib/libcrypto/asn1/t_req.c b/src/lib/libcrypto/asn1/t_req.c
index 7df749a48f..848c29a2dd 100644
--- a/src/lib/libcrypto/asn1/t_req.c
+++ b/src/lib/libcrypto/asn1/t_req.c
@@ -58,15 +58,14 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "buffer.h" 61#include <openssl/buffer.h>
62#include "bn.h" 62#include <openssl/bn.h>
63#include "objects.h" 63#include <openssl/objects.h>
64#include "x509.h" 64#include <openssl/x509.h>
65#include <openssl/x509v3.h>
65 66
66#ifndef NO_FP_API 67#ifndef OPENSSL_NO_FP_API
67int X509_REQ_print_fp(fp,x) 68int X509_REQ_print_fp(FILE *fp, X509_REQ *x)
68FILE *fp;
69X509_REQ *x;
70 { 69 {
71 BIO *b; 70 BIO *b;
72 int ret; 71 int ret;
@@ -83,16 +82,15 @@ X509_REQ *x;
83 } 82 }
84#endif 83#endif
85 84
86int X509_REQ_print(bp,x) 85int X509_REQ_print(BIO *bp, X509_REQ *x)
87BIO *bp;
88X509_REQ *x;
89 { 86 {
90 unsigned long l; 87 unsigned long l;
91 int i,n; 88 int i;
92 char *s,*neg; 89 const char *neg;
93 X509_REQ_INFO *ri; 90 X509_REQ_INFO *ri;
94 EVP_PKEY *pkey; 91 EVP_PKEY *pkey;
95 STACK *sk; 92 STACK_OF(X509_ATTRIBUTE) *sk;
93 STACK_OF(X509_EXTENSION) *exts;
96 char str[128]; 94 char str[128];
97 95
98 ri=x->req_info; 96 ri=x->req_info;
@@ -119,8 +117,8 @@ X509_REQ *x;
119 if (BIO_puts(bp,str) <= 0) goto err; 117 if (BIO_puts(bp,str) <= 0) goto err;
120 118
121 pkey=X509_REQ_get_pubkey(x); 119 pkey=X509_REQ_get_pubkey(x);
122#ifndef NO_RSA 120#ifndef OPENSSL_NO_RSA
123 if (pkey->type == EVP_PKEY_RSA) 121 if (pkey != NULL && pkey->type == EVP_PKEY_RSA)
124 { 122 {
125 BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","", 123 BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
126 BN_num_bits(pkey->pkey.rsa->n)); 124 BN_num_bits(pkey->pkey.rsa->n));
@@ -128,8 +126,8 @@ X509_REQ *x;
128 } 126 }
129 else 127 else
130#endif 128#endif
131#ifndef NO_DSA 129#ifndef OPENSSL_NO_DSA
132 if (pkey->type == EVP_PKEY_DSA) 130 if (pkey != NULL && pkey->type == EVP_PKEY_DSA)
133 { 131 {
134 BIO_printf(bp,"%12sDSA Public Key:\n",""); 132 BIO_printf(bp,"%12sDSA Public Key:\n","");
135 DSA_print(bp,pkey->pkey.dsa,16); 133 DSA_print(bp,pkey->pkey.dsa,16);
@@ -138,22 +136,22 @@ X509_REQ *x;
138#endif 136#endif
139 BIO_printf(bp,"%12sUnknown Public Key:\n",""); 137 BIO_printf(bp,"%12sUnknown Public Key:\n","");
140 138
139 if (pkey != NULL)
140 EVP_PKEY_free(pkey);
141
141 /* may not be */ 142 /* may not be */
142 sprintf(str,"%8sAttributes:\n",""); 143 sprintf(str,"%8sAttributes:\n","");
143 if (BIO_puts(bp,str) <= 0) goto err; 144 if (BIO_puts(bp,str) <= 0) goto err;
144 145
145 sk=x->req_info->attributes; 146 sk=x->req_info->attributes;
146 if ((sk == NULL) || (sk_num(sk) == 0)) 147 if (sk_X509_ATTRIBUTE_num(sk) == 0)
147 { 148 {
148 if (!x->req_info->req_kludge) 149 sprintf(str,"%12sa0:00\n","");
149 { 150 if (BIO_puts(bp,str) <= 0) goto err;
150 sprintf(str,"%12sa0:00\n","");
151 if (BIO_puts(bp,str) <= 0) goto err;
152 }
153 } 151 }
154 else 152 else
155 { 153 {
156 for (i=0; i<sk_num(sk); i++) 154 for (i=0; i<sk_X509_ATTRIBUTE_num(sk); i++)
157 { 155 {
158 ASN1_TYPE *at; 156 ASN1_TYPE *at;
159 X509_ATTRIBUTE *a; 157 X509_ATTRIBUTE *a;
@@ -161,26 +159,29 @@ X509_REQ *x;
161 ASN1_TYPE *t; 159 ASN1_TYPE *t;
162 int j,type=0,count=1,ii=0; 160 int j,type=0,count=1,ii=0;
163 161
164 a=(X509_ATTRIBUTE *)sk_value(sk,i); 162 a=sk_X509_ATTRIBUTE_value(sk,i);
163 if(X509_REQ_extension_nid(OBJ_obj2nid(a->object)))
164 continue;
165 sprintf(str,"%12s",""); 165 sprintf(str,"%12s","");
166 if (BIO_puts(bp,str) <= 0) goto err; 166 if (BIO_puts(bp,str) <= 0) goto err;
167 if ((j=i2a_ASN1_OBJECT(bp,a->object)) > 0) 167 if ((j=i2a_ASN1_OBJECT(bp,a->object)) > 0)
168 168 {
169 if (a->set) 169 if (a->single)
170 {
171 t=a->value.single;
172 type=t->type;
173 bs=t->value.bit_string;
174 }
175 else
170 { 176 {
171 ii=0; 177 ii=0;
172 count=sk_num(a->value.set); 178 count=sk_ASN1_TYPE_num(a->value.set);
173get_next: 179get_next:
174 at=(ASN1_TYPE *)sk_value(a->value.set,ii); 180 at=sk_ASN1_TYPE_value(a->value.set,ii);
175 type=at->type; 181 type=at->type;
176 bs=at->value.asn1_string; 182 bs=at->value.asn1_string;
177 } 183 }
178 else 184 }
179 {
180 t=a->value.single;
181 type=t->type;
182 bs=t->value.bit_string;
183 }
184 for (j=25-j; j>0; j--) 185 for (j=25-j; j>0; j--)
185 if (BIO_write(bp," ",1) != 1) goto err; 186 if (BIO_write(bp," ",1) != 1) goto err;
186 if (BIO_puts(bp,":") <= 0) goto err; 187 if (BIO_puts(bp,":") <= 0) goto err;
@@ -201,24 +202,31 @@ get_next:
201 } 202 }
202 } 203 }
203 204
204 i=OBJ_obj2nid(x->sig_alg->algorithm); 205 exts = X509_REQ_get_extensions(x);
205 sprintf(str,"%4sSignature Algorithm: %s","", 206 if(exts) {
206 (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)); 207 BIO_printf(bp,"%8sRequested Extensions:\n","");
207 if (BIO_puts(bp,str) <= 0) goto err; 208 for (i=0; i<sk_X509_EXTENSION_num(exts); i++) {
208 209 ASN1_OBJECT *obj;
209 n=x->signature->length; 210 X509_EXTENSION *ex;
210 s=(char *)x->signature->data; 211 int j;
211 for (i=0; i<n; i++) 212 ex=sk_X509_EXTENSION_value(exts, i);
212 { 213 if (BIO_printf(bp,"%12s","") <= 0) goto err;
213 if ((i%18) == 0) 214 obj=X509_EXTENSION_get_object(ex);
214 { 215 i2a_ASN1_OBJECT(bp,obj);
215 sprintf(str,"\n%8s",""); 216 j=X509_EXTENSION_get_critical(ex);
216 if (BIO_puts(bp,str) <= 0) goto err; 217 if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0)
218 goto err;
219 if(!X509V3_EXT_print(bp, ex, 0, 16)) {
220 BIO_printf(bp, "%16s", "");
221 M_ASN1_OCTET_STRING_print(bp,ex->value);
217 } 222 }
218 sprintf(str,"%02x%s",(unsigned char)s[i],((i+1) == n)?"":":"); 223 if (BIO_write(bp,"\n",1) <= 0) goto err;
219 if (BIO_puts(bp,str) <= 0) goto err;
220 } 224 }
221 if (BIO_puts(bp,"\n") <= 0) goto err; 225 sk_X509_EXTENSION_pop_free(exts, X509_EXTENSION_free);
226 }
227
228 if(!X509_signature_print(bp, x->sig_alg, x->signature)) goto err;
229
222 return(1); 230 return(1);
223err: 231err:
224 X509err(X509_F_X509_REQ_PRINT,ERR_R_BUF_LIB); 232 X509err(X509_F_X509_REQ_PRINT,ERR_R_BUF_LIB);
diff --git a/src/lib/libcrypto/asn1/t_spki.c b/src/lib/libcrypto/asn1/t_spki.c
index d708434fca..5abfbc815e 100644
--- a/src/lib/libcrypto/asn1/t_spki.c
+++ b/src/lib/libcrypto/asn1/t_spki.c
@@ -59,7 +59,7 @@
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/x509.h> 61#include <openssl/x509.h>
62#include <openssl/asn1_mac.h> 62#include <openssl/asn1.h>
63 63
64/* Print out an SPKI */ 64/* Print out an SPKI */
65 65
@@ -76,7 +76,7 @@ int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki)
76 pkey = X509_PUBKEY_get(spki->spkac->pubkey); 76 pkey = X509_PUBKEY_get(spki->spkac->pubkey);
77 if(!pkey) BIO_printf(out, " Unable to load public key\n"); 77 if(!pkey) BIO_printf(out, " Unable to load public key\n");
78 else { 78 else {
79#ifndef NO_RSA 79#ifndef OPENSSL_NO_RSA
80 if (pkey->type == EVP_PKEY_RSA) 80 if (pkey->type == EVP_PKEY_RSA)
81 { 81 {
82 BIO_printf(out," RSA Public Key: (%d bit)\n", 82 BIO_printf(out," RSA Public Key: (%d bit)\n",
@@ -85,7 +85,7 @@ int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki)
85 } 85 }
86 else 86 else
87#endif 87#endif
88#ifndef NO_DSA 88#ifndef OPENSSL_NO_DSA
89 if (pkey->type == EVP_PKEY_DSA) 89 if (pkey->type == EVP_PKEY_DSA)
90 { 90 {
91 BIO_printf(out," DSA Public Key:\n"); 91 BIO_printf(out," DSA Public Key:\n");
diff --git a/src/lib/libcrypto/asn1/t_x509.c b/src/lib/libcrypto/asn1/t_x509.c
index b10fbbb992..5de4833ed0 100644
--- a/src/lib/libcrypto/asn1/t_x509.c
+++ b/src/lib/libcrypto/asn1/t_x509.c
@@ -58,21 +58,25 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "buffer.h" 61#include <openssl/buffer.h>
62#include "bn.h" 62#include <openssl/bn.h>
63#ifndef NO_RSA 63#ifndef OPENSSL_NO_RSA
64#include "rsa.h" 64#include <openssl/rsa.h>
65#endif 65#endif
66#ifndef NO_DSA 66#ifndef OPENSSL_NO_DSA
67#include "dsa.h" 67#include <openssl/dsa.h>
68#endif 68#endif
69#include "objects.h" 69#include <openssl/objects.h>
70#include "x509.h" 70#include <openssl/x509.h>
71#include <openssl/x509v3.h>
71 72
72#ifndef NO_FP_API 73#ifndef OPENSSL_NO_FP_API
73int X509_print_fp(fp,x) 74int X509_print_fp(FILE *fp, X509 *x)
74FILE *fp; 75 {
75X509 *x; 76 return X509_print_ex_fp(fp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
77 }
78
79int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag, unsigned long cflag)
76 { 80 {
77 BIO *b; 81 BIO *b;
78 int ret; 82 int ret;
@@ -83,179 +87,238 @@ X509 *x;
83 return(0); 87 return(0);
84 } 88 }
85 BIO_set_fp(b,fp,BIO_NOCLOSE); 89 BIO_set_fp(b,fp,BIO_NOCLOSE);
86 ret=X509_print(b, x); 90 ret=X509_print_ex(b, x, nmflag, cflag);
87 BIO_free(b); 91 BIO_free(b);
88 return(ret); 92 return(ret);
89 } 93 }
90#endif 94#endif
91 95
92int X509_print(bp,x) 96int X509_print(BIO *bp, X509 *x)
93BIO *bp; 97{
94X509 *x; 98 return X509_print_ex(bp, x, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
99}
100
101int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
95 { 102 {
96 long l; 103 long l;
97 int ret=0,i,j,n; 104 int ret=0,i;
98 char *m=NULL,*s; 105 char *m=NULL,mlch = ' ';
106 int nmindent = 0;
99 X509_CINF *ci; 107 X509_CINF *ci;
100 ASN1_INTEGER *bs; 108 ASN1_INTEGER *bs;
101 EVP_PKEY *pkey=NULL; 109 EVP_PKEY *pkey=NULL;
102 char *neg; 110 const char *neg;
103 X509_EXTENSION *ex;
104 ASN1_STRING *str=NULL; 111 ASN1_STRING *str=NULL;
105 112
113 if((nmflags & XN_FLAG_SEP_MASK) == XN_FLAG_SEP_MULTILINE) {
114 mlch = '\n';
115 nmindent = 12;
116 }
117
118 if(nmflags == X509_FLAG_COMPAT)
119 nmindent = 16;
120
106 ci=x->cert_info; 121 ci=x->cert_info;
107 if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err; 122 if(!(cflag & X509_FLAG_NO_HEADER))
108 if (BIO_write(bp," Data:\n",10) <= 0) goto err;
109 l=X509_get_version(x);
110 if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
111 if (BIO_write(bp," Serial Number:",22) <= 0) goto err;
112
113 bs=X509_get_serialNumber(x);
114 if (bs->length <= 4)
115 { 123 {
116 l=ASN1_INTEGER_get(bs); 124 if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err;
117 if (l < 0) 125 if (BIO_write(bp," Data:\n",10) <= 0) goto err;
118 {
119 l= -l;
120 neg="-";
121 }
122 else
123 neg="";
124 if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0)
125 goto err;
126 } 126 }
127 else 127 if(!(cflag & X509_FLAG_NO_VERSION))
128 {
129 l=X509_get_version(x);
130 if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
131 }
132 if(!(cflag & X509_FLAG_NO_SERIAL))
128 { 133 {
129 neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":"";
130 if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err;
131 134
132 for (i=0; i<bs->length; i++) 135 if (BIO_write(bp," Serial Number:",22) <= 0) goto err;
136
137 bs=X509_get_serialNumber(x);
138 if (bs->length <= 4)
133 { 139 {
134 if (BIO_printf(bp,"%02x%c",bs->data[i], 140 l=ASN1_INTEGER_get(bs);
135 ((i+1 == bs->length)?'\n':':')) <= 0) 141 if (l < 0)
142 {
143 l= -l;
144 neg="-";
145 }
146 else
147 neg="";
148 if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0)
136 goto err; 149 goto err;
137 } 150 }
138 } 151 else
152 {
153 neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":"";
154 if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err;
139 155
140 i=OBJ_obj2nid(ci->signature->algorithm); 156 for (i=0; i<bs->length; i++)
141 if (BIO_printf(bp,"%8sSignature Algorithm: %s\n","", 157 {
142 (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) 158 if (BIO_printf(bp,"%02x%c",bs->data[i],
143 goto err; 159 ((i+1 == bs->length)?'\n':':')) <= 0)
160 goto err;
161 }
162 }
144 163
145 if (BIO_write(bp," Issuer: ",16) <= 0) goto err; 164 }
146 if (!X509_NAME_print(bp,X509_get_issuer_name(x),16)) goto err;
147 if (BIO_write(bp,"\n Validity\n",18) <= 0) goto err;
148 if (BIO_write(bp," Not Before: ",24) <= 0) goto err;
149 if (!ASN1_UTCTIME_print(bp,X509_get_notBefore(x))) goto err;
150 if (BIO_write(bp,"\n Not After : ",25) <= 0) goto err;
151 if (!ASN1_UTCTIME_print(bp,X509_get_notAfter(x))) goto err;
152 if (BIO_write(bp,"\n Subject: ",18) <= 0) goto err;
153 if (!X509_NAME_print(bp,X509_get_subject_name(x),16)) goto err;
154 if (BIO_write(bp,"\n Subject Public Key Info:\n",34) <= 0)
155 goto err;
156 i=OBJ_obj2nid(ci->key->algor->algorithm);
157 if (BIO_printf(bp,"%12sPublic Key Algorithm: %s\n","",
158 (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;
159 165
160 pkey=X509_get_pubkey(x); 166 if(!(cflag & X509_FLAG_NO_SIGNAME))
161#ifndef NO_RSA
162 if (pkey->type == EVP_PKEY_RSA)
163 { 167 {
164 BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","", 168 if (BIO_printf(bp,"%8sSignature Algorithm: ","") <= 0)
165 BN_num_bits(pkey->pkey.rsa->n)); 169 goto err;
166 RSA_print(bp,pkey->pkey.rsa,16); 170 if (i2a_ASN1_OBJECT(bp, ci->signature->algorithm) <= 0)
171 goto err;
172 if (BIO_puts(bp, "\n") <= 0)
173 goto err;
167 } 174 }
168 else 175
169#endif 176 if(!(cflag & X509_FLAG_NO_ISSUER))
170#ifndef NO_DSA
171 if (pkey->type == EVP_PKEY_DSA)
172 { 177 {
173 BIO_printf(bp,"%12sDSA Public Key:\n",""); 178 if (BIO_printf(bp," Issuer:%c",mlch) <= 0) goto err;
174 DSA_print(bp,pkey->pkey.dsa,16); 179 if (X509_NAME_print_ex(bp,X509_get_issuer_name(x),nmindent, nmflags) < 0) goto err;
180 if (BIO_write(bp,"\n",1) <= 0) goto err;
175 } 181 }
176 else 182 if(!(cflag & X509_FLAG_NO_VALIDITY))
177#endif
178 BIO_printf(bp,"%12sDSA Public Key:\n","");
179
180 n=X509_get_ext_count(x);
181 if (n > 0)
182 { 183 {
183 BIO_printf(bp,"%8sX509v3 extensions:\n",""); 184 if (BIO_write(bp," Validity\n",17) <= 0) goto err;
184 for (i=0; i<n; i++) 185 if (BIO_write(bp," Not Before: ",24) <= 0) goto err;
185 { 186 if (!ASN1_TIME_print(bp,X509_get_notBefore(x))) goto err;
186 int data_type,pack_type; 187 if (BIO_write(bp,"\n Not After : ",25) <= 0) goto err;
187 ASN1_OBJECT *obj; 188 if (!ASN1_TIME_print(bp,X509_get_notAfter(x))) goto err;
188 189 if (BIO_write(bp,"\n",1) <= 0) goto err;
189 ex=X509_get_ext(x,i); 190 }
190 if (BIO_printf(bp,"%12s","") <= 0) goto err; 191 if(!(cflag & X509_FLAG_NO_SUBJECT))
191 obj=X509_EXTENSION_get_object(ex); 192 {
192 i2a_ASN1_OBJECT(bp,obj); 193 if (BIO_printf(bp," Subject:%c",mlch) <= 0) goto err;
193 j=X509_EXTENSION_get_critical(ex); 194 if (X509_NAME_print_ex(bp,X509_get_subject_name(x),nmindent, nmflags) < 0) goto err;
194 if (BIO_printf(bp,": %s\n%16s",j?"critical":"","") <= 0) 195 if (BIO_write(bp,"\n",1) <= 0) goto err;
195 goto err; 196 }
197 if(!(cflag & X509_FLAG_NO_PUBKEY))
198 {
199 if (BIO_write(bp," Subject Public Key Info:\n",33) <= 0)
200 goto err;
201 if (BIO_printf(bp,"%12sPublic Key Algorithm: ","") <= 0)
202 goto err;
203 if (i2a_ASN1_OBJECT(bp, ci->key->algor->algorithm) <= 0)
204 goto err;
205 if (BIO_puts(bp, "\n") <= 0)
206 goto err;
196 207
197 pack_type=X509v3_pack_type_by_OBJ(obj); 208 pkey=X509_get_pubkey(x);
198 data_type=X509v3_data_type_by_OBJ(obj); 209 if (pkey == NULL)
199 210 {
200 if (pack_type == X509_EXT_PACK_STRING) 211 BIO_printf(bp,"%12sUnable to load Public Key\n","");
201 { 212 ERR_print_errors(bp);
202 if (X509v3_unpack_string( 213 }
203 &str,data_type, 214 else
204 X509_EXTENSION_get_data(ex)) == NULL) 215#ifndef OPENSSL_NO_RSA
205 { 216 if (pkey->type == EVP_PKEY_RSA)
206 /* hmm... */ 217 {
207 goto err; 218 BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
208 } 219 BN_num_bits(pkey->pkey.rsa->n));
209 if ( (data_type == V_ASN1_IA5STRING) || 220 RSA_print(bp,pkey->pkey.rsa,16);
210 (data_type == V_ASN1_PRINTABLESTRING) || 221 }
211 (data_type == V_ASN1_T61STRING)) 222 else
212 { 223#endif
213 if (BIO_write(bp,(char *)str->data, 224#ifndef OPENSSL_NO_DSA
214 str->length) <= 0) 225 if (pkey->type == EVP_PKEY_DSA)
215 goto err; 226 {
216 } 227 BIO_printf(bp,"%12sDSA Public Key:\n","");
217 else if (data_type == V_ASN1_BIT_STRING) 228 DSA_print(bp,pkey->pkey.dsa,16);
218 {
219 BIO_printf(bp,"0x");
220 for (j=0; j<str->length; j++)
221 {
222 BIO_printf(bp,"%02X",
223 str->data[j]);
224 }
225 }
226 }
227 else
228 {
229 ASN1_OCTET_STRING_print(bp,ex->value);
230 }
231 if (BIO_write(bp,"\n",1) <= 0) goto err;
232 } 229 }
230 else
231#endif
232 BIO_printf(bp,"%12sUnknown Public Key:\n","");
233
234 EVP_PKEY_free(pkey);
233 } 235 }
234 236
235 i=OBJ_obj2nid(x->sig_alg->algorithm); 237 if (!(cflag & X509_FLAG_NO_EXTENSIONS))
236 if (BIO_printf(bp,"%4sSignature Algorithm: %s","", 238 X509V3_extensions_print(bp, "X509v3 extensions",
237 (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err; 239 ci->extensions, cflag, 8);
238 240
239 n=x->signature->length; 241 if(!(cflag & X509_FLAG_NO_SIGDUMP))
240 s=(char *)x->signature->data;
241 for (i=0; i<n; i++)
242 { 242 {
243 if ((i%18) == 0) 243 if(X509_signature_print(bp, x->sig_alg, x->signature) <= 0) goto err;
244 if (BIO_write(bp,"\n ",9) <= 0) goto err; 244 }
245 if (BIO_printf(bp,"%02x%s",(unsigned char)s[i], 245 if(!(cflag & X509_FLAG_NO_AUX))
246 ((i+1) == n)?"":":") <= 0) goto err; 246 {
247 if (!X509_CERT_AUX_print(bp, x->aux, 0)) goto err;
247 } 248 }
248 if (BIO_write(bp,"\n",1) != 1) goto err;
249 ret=1; 249 ret=1;
250err: 250err:
251 if (str != NULL) ASN1_STRING_free(str); 251 if (str != NULL) ASN1_STRING_free(str);
252 if (m != NULL) Free((char *)m); 252 if (m != NULL) OPENSSL_free(m);
253 return(ret); 253 return(ret);
254 } 254 }
255 255
256int ASN1_STRING_print(bp,v) 256int X509_ocspid_print (BIO *bp, X509 *x)
257BIO *bp; 257 {
258ASN1_STRING *v; 258 unsigned char *der=NULL ;
259 unsigned char *dertmp;
260 int derlen;
261 int i;
262 unsigned char SHA1md[SHA_DIGEST_LENGTH];
263
264 /* display the hash of the subject as it would appear
265 in OCSP requests */
266 if (BIO_printf(bp," Subject OCSP hash: ") <= 0)
267 goto err;
268 derlen = i2d_X509_NAME(x->cert_info->subject, NULL);
269 if ((der = dertmp = (unsigned char *)OPENSSL_malloc (derlen)) == NULL)
270 goto err;
271 i2d_X509_NAME(x->cert_info->subject, &dertmp);
272
273 EVP_Digest(der, derlen, SHA1md, NULL, EVP_sha1(), NULL);
274 for (i=0; i < SHA_DIGEST_LENGTH; i++)
275 {
276 if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0) goto err;
277 }
278 OPENSSL_free (der);
279 der=NULL;
280
281 /* display the hash of the public key as it would appear
282 in OCSP requests */
283 if (BIO_printf(bp,"\n Public key OCSP hash: ") <= 0)
284 goto err;
285
286 EVP_Digest(x->cert_info->key->public_key->data,
287 x->cert_info->key->public_key->length, SHA1md, NULL, EVP_sha1(), NULL);
288 for (i=0; i < SHA_DIGEST_LENGTH; i++)
289 {
290 if (BIO_printf(bp,"%02X",SHA1md[i]) <= 0)
291 goto err;
292 }
293 BIO_printf(bp,"\n");
294
295 return (1);
296err:
297 if (der != NULL) OPENSSL_free(der);
298 return(0);
299 }
300
301int X509_signature_print(BIO *bp, X509_ALGOR *sigalg, ASN1_STRING *sig)
302{
303 unsigned char *s;
304 int i, n;
305 if (BIO_puts(bp," Signature Algorithm: ") <= 0) return 0;
306 if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0) return 0;
307
308 n=sig->length;
309 s=sig->data;
310 for (i=0; i<n; i++)
311 {
312 if ((i%18) == 0)
313 if (BIO_write(bp,"\n ",9) <= 0) return 0;
314 if (BIO_printf(bp,"%02x%s",s[i],
315 ((i+1) == n)?"":":") <= 0) return 0;
316 }
317 if (BIO_write(bp,"\n",1) != 1) return 0;
318 return 1;
319}
320
321int ASN1_STRING_print(BIO *bp, ASN1_STRING *v)
259 { 322 {
260 int i,n; 323 int i,n;
261 char buf[80],*p;; 324 char buf[80],*p;;
@@ -284,15 +347,59 @@ ASN1_STRING *v;
284 return(1); 347 return(1);
285 } 348 }
286 349
287int ASN1_UTCTIME_print(bp,tm) 350int ASN1_TIME_print(BIO *bp, ASN1_TIME *tm)
288BIO *bp; 351{
289ASN1_UTCTIME *tm; 352 if(tm->type == V_ASN1_UTCTIME) return ASN1_UTCTIME_print(bp, tm);
353 if(tm->type == V_ASN1_GENERALIZEDTIME)
354 return ASN1_GENERALIZEDTIME_print(bp, tm);
355 BIO_write(bp,"Bad time value",14);
356 return(0);
357}
358
359static const char *mon[12]=
360 {
361 "Jan","Feb","Mar","Apr","May","Jun",
362 "Jul","Aug","Sep","Oct","Nov","Dec"
363 };
364
365int ASN1_GENERALIZEDTIME_print(BIO *bp, ASN1_GENERALIZEDTIME *tm)
366 {
367 char *v;
368 int gmt=0;
369 int i;
370 int y=0,M=0,d=0,h=0,m=0,s=0;
371
372 i=tm->length;
373 v=(char *)tm->data;
374
375 if (i < 12) goto err;
376 if (v[i-1] == 'Z') gmt=1;
377 for (i=0; i<12; i++)
378 if ((v[i] > '9') || (v[i] < '0')) goto err;
379 y= (v[0]-'0')*1000+(v[1]-'0')*100 + (v[2]-'0')*10+(v[3]-'0');
380 M= (v[4]-'0')*10+(v[5]-'0');
381 if ((M > 12) || (M < 1)) goto err;
382 d= (v[6]-'0')*10+(v[7]-'0');
383 h= (v[8]-'0')*10+(v[9]-'0');
384 m= (v[10]-'0')*10+(v[11]-'0');
385 if ( (v[12] >= '0') && (v[12] <= '9') &&
386 (v[13] >= '0') && (v[13] <= '9'))
387 s= (v[12]-'0')*10+(v[13]-'0');
388
389 if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s",
390 mon[M-1],d,h,m,s,y,(gmt)?" GMT":"") <= 0)
391 return(0);
392 else
393 return(1);
394err:
395 BIO_write(bp,"Bad time value",14);
396 return(0);
397 }
398
399int ASN1_UTCTIME_print(BIO *bp, ASN1_UTCTIME *tm)
290 { 400 {
291 char *v; 401 char *v;
292 int gmt=0; 402 int gmt=0;
293 static char *mon[12]={
294 "Jan","Feb","Mar","Apr","May","Jun",
295 "Jul","Aug","Sep","Oct","Nov","Dec"};
296 int i; 403 int i;
297 int y=0,M=0,d=0,h=0,m=0,s=0; 404 int y=0,M=0,d=0,h=0,m=0,s=0;
298 405
@@ -324,10 +431,7 @@ err:
324 return(0); 431 return(0);
325 } 432 }
326 433
327int X509_NAME_print(bp,name,obase) 434int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
328BIO *bp;
329X509_NAME *name;
330int obase;
331 { 435 {
332 char *s,*c; 436 char *s,*c;
333 int ret=0,l,ll,i,first=1; 437 int ret=0,l,ll,i,first=1;
@@ -336,12 +440,15 @@ int obase;
336 ll=80-2-obase; 440 ll=80-2-obase;
337 441
338 s=X509_NAME_oneline(name,buf,256); 442 s=X509_NAME_oneline(name,buf,256);
443 if (!*s)
444 return 1;
339 s++; /* skip the first slash */ 445 s++; /* skip the first slash */
340 446
341 l=ll; 447 l=ll;
342 c=s; 448 c=s;
343 for (;;) 449 for (;;)
344 { 450 {
451#ifndef CHARSET_EBCDIC
345 if ( ((*s == '/') && 452 if ( ((*s == '/') &&
346 ((s[1] >= 'A') && (s[1] <= 'Z') && ( 453 ((s[1] >= 'A') && (s[1] <= 'Z') && (
347 (s[2] == '=') || 454 (s[2] == '=') ||
@@ -349,6 +456,15 @@ int obase;
349 (s[3] == '=')) 456 (s[3] == '='))
350 ))) || 457 ))) ||
351 (*s == '\0')) 458 (*s == '\0'))
459#else
460 if ( ((*s == '/') &&
461 (isupper(s[1]) && (
462 (s[2] == '=') ||
463 (isupper(s[2]) &&
464 (s[3] == '='))
465 ))) ||
466 (*s == '\0'))
467#endif
352 { 468 {
353 if ((l <= 0) && !first) 469 if ((l <= 0) && !first)
354 { 470 {
diff --git a/src/lib/libcrypto/asn1/t_x509a.c b/src/lib/libcrypto/asn1/t_x509a.c
index a18ebb586c..7d4a6e6084 100644
--- a/src/lib/libcrypto/asn1/t_x509a.c
+++ b/src/lib/libcrypto/asn1/t_x509a.c
@@ -59,7 +59,7 @@
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/evp.h> 61#include <openssl/evp.h>
62#include <openssl/asn1_mac.h> 62#include <openssl/asn1.h>
63#include <openssl/x509.h> 63#include <openssl/x509.h>
64 64
65/* X509_CERT_AUX and string set routines 65/* X509_CERT_AUX and string set routines
@@ -98,5 +98,13 @@ int X509_CERT_AUX_print(BIO *out, X509_CERT_AUX *aux, int indent)
98 } else BIO_printf(out, "%*sNo Rejected Uses.\n", indent, ""); 98 } else BIO_printf(out, "%*sNo Rejected Uses.\n", indent, "");
99 if(aux->alias) BIO_printf(out, "%*sAlias: %s\n", indent, "", 99 if(aux->alias) BIO_printf(out, "%*sAlias: %s\n", indent, "",
100 aux->alias->data); 100 aux->alias->data);
101 if(aux->keyid) {
102 BIO_printf(out, "%*sKey Id: ", indent, "");
103 for(i = 0; i < aux->keyid->length; i++)
104 BIO_printf(out, "%s%02X",
105 i ? ":" : "",
106 aux->keyid->data[i]);
107 BIO_write(out,"\n",1);
108 }
101 return 1; 109 return 1;
102} 110}
diff --git a/src/lib/libcrypto/asn1/x_algor.c b/src/lib/libcrypto/asn1/x_algor.c
index 0ed2c87b64..00b9ea54a1 100644
--- a/src/lib/libcrypto/asn1/x_algor.c
+++ b/src/lib/libcrypto/asn1/x_algor.c
@@ -1,126 +1,73 @@
1/* crypto/asn1/x_algor.c */ 1/* x_algor.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * All rights reserved. 3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
4 * 7 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without 8 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 9 * modification, are permitted provided that the following conditions
25 * are met: 10 * are met:
26 * 1. Redistributions of source code must retain the copyright 11 *
27 * notice, this list of conditions and the following disclaimer. 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
28 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the 16 * notice, this list of conditions and the following disclaimer in
30 * documentation and/or other materials provided with the distribution. 17 * the documentation and/or other materials provided with the
31 * 3. All advertising materials mentioning features or use of this software 18 * distribution.
32 * must display the following acknowledgement: 19 *
33 * "This product includes cryptographic software written by 20 * 3. All advertising materials mentioning features or use of this
34 * Eric Young (eay@cryptsoft.com)" 21 * software must display the following acknowledgment:
35 * The word 'cryptographic' can be left out if the rouines from the library 22 * "This product includes software developed by the OpenSSL Project
36 * being used are not cryptographic related :-). 23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
37 * 4. If you include any Windows specific code (or a derivative thereof) from 24 *
38 * the apps directory (application code) you must include an acknowledgement: 25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 26 * endorse or promote products derived from this software without
40 * 27 * prior written permission. For written permission, please contact
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 28 * licensing@OpenSSL.org.
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 29 *
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 30 * 5. Products derived from this software may not be called "OpenSSL"
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 31 * nor may "OpenSSL" appear in their names without prior written
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 * permission of the OpenSSL Project.
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 *
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 * 6. Redistributions of any form whatsoever must retain the following
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 35 * acknowledgment:
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 36 * "This product includes software developed by the OpenSSL Project
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
51 * SUCH DAMAGE. 38 *
52 * 39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
53 * The licence and distribution terms for any publically available version or 40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
55 * copied and put under another distribution licence 42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
56 * [including the GNU Public Licence.] 43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
57 */ 44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
58 45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
59#include <stdio.h> 46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
60#include "cryptlib.h" 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
61#include "asn1_mac.h" 48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
62 49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
63/* 50 * OF THE POSSIBILITY OF SUCH DAMAGE.
64 * ASN1err(ASN1_F_D2I_X509_ALGOR,ASN1_R_LENGTH_MISMATCH); 51 * ====================================================================
65 * ASN1err(ASN1_F_X509_ALGOR_NEW,ASN1_R_EXPECTING_A_SEQUENCE); 52 *
66 * ASN1err(ASN1_F_D2I_X509_ALGOR,ASN1_R_LENGTH_MISMATCH); 53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
67 */ 57 */
68 58
69int i2d_X509_ALGOR(a,pp) 59#include <stddef.h>
70X509_ALGOR *a; 60#include <openssl/x509.h>
71unsigned char **pp; 61#include <openssl/asn1.h>
72 { 62#include <openssl/asn1t.h>
73 M_ASN1_I2D_vars(a);
74
75 M_ASN1_I2D_len(a->algorithm,i2d_ASN1_OBJECT);
76 if (a->parameter != NULL)
77 { M_ASN1_I2D_len(a->parameter,i2d_ASN1_TYPE); }
78
79 M_ASN1_I2D_seq_total();
80 M_ASN1_I2D_put(a->algorithm,i2d_ASN1_OBJECT);
81 if (a->parameter != NULL)
82 { M_ASN1_I2D_put(a->parameter,i2d_ASN1_TYPE); }
83
84 M_ASN1_I2D_finish();
85 }
86
87X509_ALGOR *d2i_X509_ALGOR(a,pp,length)
88X509_ALGOR **a;
89unsigned char **pp;
90long length;
91 {
92 M_ASN1_D2I_vars(a,X509_ALGOR *,X509_ALGOR_new);
93
94 M_ASN1_D2I_Init();
95 M_ASN1_D2I_start_sequence();
96 M_ASN1_D2I_get(ret->algorithm,d2i_ASN1_OBJECT);
97 if (!M_ASN1_D2I_end_sequence())
98 { M_ASN1_D2I_get(ret->parameter,d2i_ASN1_TYPE); }
99 else
100 {
101 ASN1_TYPE_free(ret->parameter);
102 ret->parameter=NULL;
103 }
104 M_ASN1_D2I_Finish(a,X509_ALGOR_free,ASN1_F_D2I_X509_ALGOR);
105 }
106
107X509_ALGOR *X509_ALGOR_new()
108 {
109 X509_ALGOR *ret=NULL;
110 63
111 M_ASN1_New_Malloc(ret,X509_ALGOR); 64ASN1_SEQUENCE(X509_ALGOR) = {
112 M_ASN1_New(ret->algorithm,ASN1_OBJECT_new); 65 ASN1_SIMPLE(X509_ALGOR, algorithm, ASN1_OBJECT),
113 ret->parameter=NULL; 66 ASN1_OPT(X509_ALGOR, parameter, ASN1_ANY)
114 return(ret); 67} ASN1_SEQUENCE_END(X509_ALGOR)
115 M_ASN1_New_Error(ASN1_F_X509_ALGOR_NEW);
116 }
117 68
118void X509_ALGOR_free(a) 69IMPLEMENT_ASN1_FUNCTIONS(X509_ALGOR)
119X509_ALGOR *a; 70IMPLEMENT_ASN1_DUP_FUNCTION(X509_ALGOR)
120 {
121 if (a == NULL) return;
122 ASN1_OBJECT_free(a->algorithm);
123 ASN1_TYPE_free(a->parameter);
124 Free((char *)a);
125 }
126 71
72IMPLEMENT_STACK_OF(X509_ALGOR)
73IMPLEMENT_ASN1_SET_OF(X509_ALGOR)
diff --git a/src/lib/libcrypto/asn1/x_attrib.c b/src/lib/libcrypto/asn1/x_attrib.c
index e52ced8627..1e3713f18f 100644
--- a/src/lib/libcrypto/asn1/x_attrib.c
+++ b/src/lib/libcrypto/asn1/x_attrib.c
@@ -58,95 +58,61 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "objects.h" 61#include <openssl/objects.h>
62#include "asn1_mac.h" 62#include <openssl/asn1t.h>
63#include <openssl/x509.h>
63 64
64/* 65/* X509_ATTRIBUTE: this has the following form:
65 * ASN1err(ASN1_F_D2I_X509_ATTRIBUTE,ASN1_R_LENGTH_MISMATCH); 66 *
66 * ASN1err(ASN1_F_X509_ATTRIBUTE_NEW,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE); 67 * typedef struct x509_attributes_st
67 * ASN1err(ASN1_F_I2D_X509_ATTRIBUTE,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE); 68 * {
69 * ASN1_OBJECT *object;
70 * int single;
71 * union {
72 * char *ptr;
73 * STACK_OF(ASN1_TYPE) *set;
74 * ASN1_TYPE *single;
75 * } value;
76 * } X509_ATTRIBUTE;
77 *
78 * this needs some extra thought because the CHOICE type is
79 * merged with the main structure and because the value can
80 * be anything at all we *must* try the SET OF first because
81 * the ASN1_ANY type will swallow anything including the whole
82 * SET OF structure.
68 */ 83 */
69 84
70/* sequence */ 85ASN1_CHOICE(X509_ATTRIBUTE_SET) = {
71int i2d_X509_ATTRIBUTE(a,pp) 86 ASN1_SET_OF(X509_ATTRIBUTE, value.set, ASN1_ANY),
72X509_ATTRIBUTE *a; 87 ASN1_SIMPLE(X509_ATTRIBUTE, value.single, ASN1_ANY)
73unsigned char **pp; 88} ASN1_CHOICE_END_selector(X509_ATTRIBUTE, X509_ATTRIBUTE_SET, single)
74 {
75 int k=0;
76 int r=0,ret=0;
77 unsigned char **p=NULL;
78
79 if (a == NULL) return(0);
80 89
81 p=NULL; 90ASN1_SEQUENCE(X509_ATTRIBUTE) = {
82 for (;;) 91 ASN1_SIMPLE(X509_ATTRIBUTE, object, ASN1_OBJECT),
83 { 92 /* CHOICE type merged with parent */
84 if (k) 93 ASN1_EX_COMBINE(0, 0, X509_ATTRIBUTE_SET)
85 { 94} ASN1_SEQUENCE_END(X509_ATTRIBUTE)
86 r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
87 if (pp == NULL) return(r);
88 p=pp;
89 ASN1_put_object(p,1,ret,V_ASN1_SEQUENCE,
90 V_ASN1_UNIVERSAL);
91 }
92 95
93 ret+=i2d_ASN1_OBJECT(a->object,p); 96IMPLEMENT_ASN1_FUNCTIONS(X509_ATTRIBUTE)
94 if (a->set) 97IMPLEMENT_ASN1_DUP_FUNCTION(X509_ATTRIBUTE)
95 ret+=i2d_ASN1_SET(a->value.set,p,i2d_ASN1_TYPE,
96 V_ASN1_SET,V_ASN1_UNIVERSAL);
97 else
98 ret+=i2d_ASN1_TYPE(a->value.single,p);
99 if (k++) return(r);
100 }
101 }
102 98
103X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(a,pp,length) 99X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value)
104X509_ATTRIBUTE **a;
105unsigned char **pp;
106long length;
107 {
108 M_ASN1_D2I_vars(a,X509_ATTRIBUTE *,X509_ATTRIBUTE_new);
109
110 M_ASN1_D2I_Init();
111 M_ASN1_D2I_start_sequence();
112 M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
113
114 if ((c.slen != 0) &&
115 (M_ASN1_next == (V_ASN1_CONSTRUCTED|V_ASN1_UNIVERSAL|V_ASN1_SET)))
116 {
117 ret->set=1;
118 M_ASN1_D2I_get_set(ret->value.set,d2i_ASN1_TYPE);
119 }
120 else
121 {
122 ret->set=0;
123 M_ASN1_D2I_get(ret->value.single,d2i_ASN1_TYPE);
124 }
125
126 M_ASN1_D2I_Finish(a,X509_ATTRIBUTE_free,ASN1_F_D2I_X509_ATTRIBUTE);
127 }
128
129X509_ATTRIBUTE *X509_ATTRIBUTE_new()
130 { 100 {
131 X509_ATTRIBUTE *ret=NULL; 101 X509_ATTRIBUTE *ret=NULL;
102 ASN1_TYPE *val=NULL;
103
104 if ((ret=X509_ATTRIBUTE_new()) == NULL)
105 return(NULL);
106 ret->object=OBJ_nid2obj(nid);
107 ret->single=0;
108 if ((ret->value.set=sk_ASN1_TYPE_new_null()) == NULL) goto err;
109 if ((val=ASN1_TYPE_new()) == NULL) goto err;
110 if (!sk_ASN1_TYPE_push(ret->value.set,val)) goto err;
132 111
133 M_ASN1_New_Malloc(ret,X509_ATTRIBUTE); 112 ASN1_TYPE_set(val,atrtype,value);
134 M_ASN1_New(ret->object,ASN1_OBJECT_new);
135 ret->set=0;
136 ret->value.ptr=NULL;
137 return(ret); 113 return(ret);
138 M_ASN1_New_Error(ASN1_F_X509_ATTRIBUTE_NEW); 114err:
115 if (ret != NULL) X509_ATTRIBUTE_free(ret);
116 if (val != NULL) ASN1_TYPE_free(val);
117 return(NULL);
139 } 118 }
140
141void X509_ATTRIBUTE_free(a)
142X509_ATTRIBUTE *a;
143 {
144 if (a == NULL) return;
145 ASN1_OBJECT_free(a->object);
146 if (a->set)
147 sk_pop_free(a->value.set,ASN1_TYPE_free);
148 else
149 ASN1_TYPE_free(a->value.single);
150 Free((char *)a);
151 }
152
diff --git a/src/lib/libcrypto/asn1/x_crl.c b/src/lib/libcrypto/asn1/x_crl.c
index 13acdab427..11fce96825 100644
--- a/src/lib/libcrypto/asn1/x_crl.c
+++ b/src/lib/libcrypto/asn1/x_crl.c
@@ -58,296 +58,105 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "asn1_mac.h" 61#include <openssl/asn1t.h>
62#include "x509.h" 62#include <openssl/x509.h>
63 63
64/* 64static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
65 * ASN1err(ASN1_F_D2I_X509_CRL,ASN1_R_LENGTH_MISMATCH); 65 const X509_REVOKED * const *b);
66 * ASN1err(ASN1_F_D2I_X509_CRL_INFO,ASN1_R_EXPECTING_A_SEQUENCE); 66static int X509_REVOKED_seq_cmp(const X509_REVOKED * const *a,
67 * ASN1err(ASN1_F_D2I_X509_REVOKED,ASN1_R_LENGTH_MISMATCH); 67 const X509_REVOKED * const *b);
68 * ASN1err(ASN1_F_X509_CRL_NEW,ASN1_R_LENGTH_MISMATCH); 68
69 * ASN1err(ASN1_F_X509_CRL_INFO_NEW,ASN1_R_EXPECTING_A_SEQUENCE); 69ASN1_SEQUENCE(X509_REVOKED) = {
70 * ASN1err(ASN1_F_X509_REVOKED_NEW,ASN1_R_LENGTH_MISMATCH); 70 ASN1_SIMPLE(X509_REVOKED,serialNumber, ASN1_INTEGER),
71 ASN1_SIMPLE(X509_REVOKED,revocationDate, ASN1_TIME),
72 ASN1_SEQUENCE_OF_OPT(X509_REVOKED,extensions, X509_EXTENSION)
73} ASN1_SEQUENCE_END(X509_REVOKED)
74
75/* The X509_CRL_INFO structure needs a bit of customisation. This is actually
76 * mirroring the old behaviour: its purpose is to allow the use of
77 * sk_X509_REVOKED_find to lookup revoked certificates. Unfortunately
78 * this will zap the original order and the signature so we keep a copy
79 * of the original positions and reorder appropriately before encoding.
80 *
81 * Might want to see if there's a better way of doing this later...
71 */ 82 */
72 83static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
73#ifndef NOPROTO 84{
74static int X509_REVOKED_cmp(X509_REVOKED **a,X509_REVOKED **b); 85 X509_CRL_INFO *a = (X509_CRL_INFO *)*pval;
75static int X509_REVOKED_seq_cmp(X509_REVOKED **a,X509_REVOKED **b);
76#else
77static int X509_REVOKED_cmp();
78static int X509_REVOKED_seq_cmp();
79#endif
80
81int i2d_X509_REVOKED(a,pp)
82X509_REVOKED *a;
83unsigned char **pp;
84 {
85 M_ASN1_I2D_vars(a);
86
87 M_ASN1_I2D_len(a->serialNumber,i2d_ASN1_INTEGER);
88 M_ASN1_I2D_len(a->revocationDate,i2d_ASN1_UTCTIME);
89 M_ASN1_I2D_len_SEQ_opt(a->extensions,i2d_X509_EXTENSION);
90
91 M_ASN1_I2D_seq_total();
92
93 M_ASN1_I2D_put(a->serialNumber,i2d_ASN1_INTEGER);
94 M_ASN1_I2D_put(a->revocationDate,i2d_ASN1_UTCTIME);
95 M_ASN1_I2D_put_SEQ_opt(a->extensions,i2d_X509_EXTENSION);
96
97 M_ASN1_I2D_finish();
98 }
99
100X509_REVOKED *d2i_X509_REVOKED(a,pp,length)
101X509_REVOKED **a;
102unsigned char **pp;
103long length;
104 {
105 M_ASN1_D2I_vars(a,X509_REVOKED *,X509_REVOKED_new);
106
107 M_ASN1_D2I_Init();
108 M_ASN1_D2I_start_sequence();
109 M_ASN1_D2I_get(ret->serialNumber,d2i_ASN1_INTEGER);
110 M_ASN1_D2I_get(ret->revocationDate,d2i_ASN1_UTCTIME);
111 M_ASN1_D2I_get_seq_opt(ret->extensions,d2i_X509_EXTENSION);
112 M_ASN1_D2I_Finish(a,X509_REVOKED_free,ASN1_F_D2I_X509_REVOKED);
113 }
114
115int i2d_X509_CRL_INFO(a,pp)
116X509_CRL_INFO *a;
117unsigned char **pp;
118 {
119 int v1=0;
120 long l=0;
121 M_ASN1_I2D_vars(a);
122
123 if (sk_num(a->revoked) != 0)
124 qsort((char *)a->revoked->data,sk_num(a->revoked),
125 sizeof(X509_REVOKED *),(int (*)(P_CC_CC))X509_REVOKED_seq_cmp);
126 if ((a->version != NULL) && ((l=ASN1_INTEGER_get(a->version)) != 0))
127 {
128 M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
129 }
130 M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR);
131 M_ASN1_I2D_len(a->issuer,i2d_X509_NAME);
132 M_ASN1_I2D_len(a->lastUpdate,i2d_ASN1_UTCTIME);
133 if (a->nextUpdate != NULL)
134 { M_ASN1_I2D_len(a->nextUpdate,i2d_ASN1_UTCTIME); }
135 M_ASN1_I2D_len_SEQ_opt(a->revoked,i2d_X509_REVOKED);
136 M_ASN1_I2D_len_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,0,
137 V_ASN1_SEQUENCE,v1);
138
139 M_ASN1_I2D_seq_total();
140
141 if ((a->version != NULL) && (l != 0))
142 {
143 M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
144 }
145 M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR);
146 M_ASN1_I2D_put(a->issuer,i2d_X509_NAME);
147 M_ASN1_I2D_put(a->lastUpdate,i2d_ASN1_UTCTIME);
148 if (a->nextUpdate != NULL)
149 { M_ASN1_I2D_put(a->nextUpdate,i2d_ASN1_UTCTIME); }
150 M_ASN1_I2D_put_SEQ_opt(a->revoked,i2d_X509_REVOKED);
151 M_ASN1_I2D_put_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,0,
152 V_ASN1_SEQUENCE,v1);
153
154 M_ASN1_I2D_finish();
155 }
156
157X509_CRL_INFO *d2i_X509_CRL_INFO(a,pp,length)
158X509_CRL_INFO **a;
159unsigned char **pp;
160long length;
161 {
162 int i,ver=0;
163 M_ASN1_D2I_vars(a,X509_CRL_INFO *,X509_CRL_INFO_new);
164
165
166 M_ASN1_D2I_Init();
167 M_ASN1_D2I_start_sequence();
168 M_ASN1_D2I_get_opt(ret->version,d2i_ASN1_INTEGER,V_ASN1_INTEGER);
169 if (ret->version != NULL)
170 ver=ret->version->data[0];
171
172 if ((ver == 0) && (ret->version != NULL))
173 {
174 ASN1_INTEGER_free(ret->version);
175 ret->version=NULL;
176 }
177 M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
178 M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME);
179 M_ASN1_D2I_get(ret->lastUpdate,d2i_ASN1_UTCTIME);
180 M_ASN1_D2I_get_opt(ret->nextUpdate,d2i_ASN1_UTCTIME,V_ASN1_UTCTIME);
181 if (ret->revoked != NULL)
182 {
183 while (sk_num(ret->revoked))
184 X509_REVOKED_free((X509_REVOKED *)sk_pop(ret->revoked));
185 }
186 M_ASN1_D2I_get_seq_opt(ret->revoked,d2i_X509_REVOKED);
187
188 if (ret->revoked != NULL)
189 {
190 for (i=0; i<sk_num(ret->revoked); i++)
191 {
192 ((X509_REVOKED *)sk_value(ret->revoked,i))->sequence=i;
193 }
194 }
195
196 if (ver >= 1)
197 {
198 if (ret->extensions != NULL)
199 {
200 while (sk_num(ret->extensions))
201 X509_EXTENSION_free((X509_EXTENSION *)
202 sk_pop(ret->extensions));
203 }
204
205 M_ASN1_D2I_get_EXP_set_opt(ret->extensions,d2i_X509_EXTENSION,
206 0,V_ASN1_SEQUENCE);
207 }
208
209 M_ASN1_D2I_Finish(a,X509_CRL_INFO_free,ASN1_F_D2I_X509_CRL_INFO);
210 }
211
212int i2d_X509_CRL(a,pp)
213X509_CRL *a;
214unsigned char **pp;
215 {
216 M_ASN1_I2D_vars(a);
217
218 M_ASN1_I2D_len(a->crl,i2d_X509_CRL_INFO);
219 M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR);
220 M_ASN1_I2D_len(a->signature,i2d_ASN1_BIT_STRING);
221
222 M_ASN1_I2D_seq_total();
223
224 M_ASN1_I2D_put(a->crl,i2d_X509_CRL_INFO);
225 M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR);
226 M_ASN1_I2D_put(a->signature,i2d_ASN1_BIT_STRING);
227
228 M_ASN1_I2D_finish();
229 }
230
231X509_CRL *d2i_X509_CRL(a,pp,length)
232X509_CRL **a;
233unsigned char **pp;
234long length;
235 {
236 M_ASN1_D2I_vars(a,X509_CRL *,X509_CRL_new);
237
238 M_ASN1_D2I_Init();
239 M_ASN1_D2I_start_sequence();
240 M_ASN1_D2I_get(ret->crl,d2i_X509_CRL_INFO);
241 M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
242 M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
243
244 M_ASN1_D2I_Finish(a,X509_CRL_free,ASN1_F_D2I_X509_CRL);
245 }
246
247
248X509_REVOKED *X509_REVOKED_new()
249 {
250 X509_REVOKED *ret=NULL;
251
252 M_ASN1_New_Malloc(ret,X509_REVOKED);
253 M_ASN1_New(ret->serialNumber,ASN1_INTEGER_new);
254 M_ASN1_New(ret->revocationDate,ASN1_UTCTIME_new);
255 ret->extensions=NULL;
256 return(ret);
257 M_ASN1_New_Error(ASN1_F_X509_REVOKED_NEW);
258 }
259
260X509_CRL_INFO *X509_CRL_INFO_new()
261 {
262 X509_CRL_INFO *ret=NULL;
263
264 M_ASN1_New_Malloc(ret,X509_CRL_INFO);
265 ret->version=NULL;
266 M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
267 M_ASN1_New(ret->issuer,X509_NAME_new);
268 M_ASN1_New(ret->lastUpdate,ASN1_UTCTIME_new);
269 ret->nextUpdate=NULL;
270 M_ASN1_New(ret->revoked,sk_new_null);
271 M_ASN1_New(ret->extensions,sk_new_null);
272 ret->revoked->comp=(int (*)())X509_REVOKED_cmp;
273 return(ret);
274 M_ASN1_New_Error(ASN1_F_X509_CRL_INFO_NEW);
275 }
276
277X509_CRL *X509_CRL_new()
278 {
279 X509_CRL *ret=NULL;
280
281 M_ASN1_New_Malloc(ret,X509_CRL);
282 ret->references=1;
283 M_ASN1_New(ret->crl,X509_CRL_INFO_new);
284 M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
285 M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
286 return(ret);
287 M_ASN1_New_Error(ASN1_F_X509_CRL_NEW);
288 }
289
290void X509_REVOKED_free(a)
291X509_REVOKED *a;
292 {
293 if (a == NULL) return;
294 ASN1_INTEGER_free(a->serialNumber);
295 ASN1_UTCTIME_free(a->revocationDate);
296 sk_pop_free(a->extensions,X509_EXTENSION_free);
297 Free((char *)a);
298 }
299
300void X509_CRL_INFO_free(a)
301X509_CRL_INFO *a;
302 {
303 if (a == NULL) return;
304 ASN1_INTEGER_free(a->version);
305 X509_ALGOR_free(a->sig_alg);
306 X509_NAME_free(a->issuer);
307 ASN1_UTCTIME_free(a->lastUpdate);
308 if (a->nextUpdate)
309 ASN1_UTCTIME_free(a->nextUpdate);
310 sk_pop_free(a->revoked,X509_REVOKED_free);
311 sk_pop_free(a->extensions,X509_EXTENSION_free);
312 Free((char *)a);
313 }
314
315void X509_CRL_free(a)
316X509_CRL *a;
317 {
318 int i; 86 int i;
319 87 int (*old_cmp)(const X509_REVOKED * const *,
320 if (a == NULL) return; 88 const X509_REVOKED * const *);
321 89
322 i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_CRL); 90 if(!a || !a->revoked) return 1;
323#ifdef REF_PRINT 91 switch(operation) {
324 REF_PRINT("X509_CRL",a); 92
325#endif 93 /* Save original order */
326 if (i > 0) return; 94 case ASN1_OP_D2I_POST:
327#ifdef REF_CHECK 95 for (i=0; i<sk_X509_REVOKED_num(a->revoked); i++)
328 if (i < 0) 96 sk_X509_REVOKED_value(a->revoked,i)->sequence=i;
329 { 97 sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_cmp);
330 fprintf(stderr,"X509_CRL_free, bad reference count\n"); 98 break;
331 abort(); 99
332 } 100 /* Restore original order */
333#endif 101 case ASN1_OP_I2D_PRE:
334 102 old_cmp=sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_seq_cmp);
335 X509_CRL_INFO_free(a->crl); 103 sk_X509_REVOKED_sort(a->revoked);
336 X509_ALGOR_free(a->sig_alg); 104 sk_X509_REVOKED_set_cmp_func(a->revoked,old_cmp);
337 ASN1_BIT_STRING_free(a->signature); 105 break;
338 Free((char *)a);
339 } 106 }
340 107 return 1;
341static int X509_REVOKED_cmp(a,b) 108}
342X509_REVOKED **a,**b; 109
110
111ASN1_SEQUENCE_cb(X509_CRL_INFO, crl_inf_cb) = {
112 ASN1_OPT(X509_CRL_INFO, version, ASN1_INTEGER),
113 ASN1_SIMPLE(X509_CRL_INFO, sig_alg, X509_ALGOR),
114 ASN1_SIMPLE(X509_CRL_INFO, issuer, X509_NAME),
115 ASN1_SIMPLE(X509_CRL_INFO, lastUpdate, ASN1_TIME),
116 ASN1_OPT(X509_CRL_INFO, nextUpdate, ASN1_TIME),
117 ASN1_SEQUENCE_OF_OPT(X509_CRL_INFO, revoked, X509_REVOKED),
118 ASN1_EXP_SEQUENCE_OF_OPT(X509_CRL_INFO, extensions, X509_EXTENSION, 0)
119} ASN1_SEQUENCE_END_cb(X509_CRL_INFO, X509_CRL_INFO)
120
121ASN1_SEQUENCE_ref(X509_CRL, 0, CRYPTO_LOCK_X509_CRL) = {
122 ASN1_SIMPLE(X509_CRL, crl, X509_CRL_INFO),
123 ASN1_SIMPLE(X509_CRL, sig_alg, X509_ALGOR),
124 ASN1_SIMPLE(X509_CRL, signature, ASN1_BIT_STRING)
125} ASN1_SEQUENCE_END_ref(X509_CRL, X509_CRL)
126
127IMPLEMENT_ASN1_FUNCTIONS(X509_REVOKED)
128IMPLEMENT_ASN1_FUNCTIONS(X509_CRL_INFO)
129IMPLEMENT_ASN1_FUNCTIONS(X509_CRL)
130IMPLEMENT_ASN1_DUP_FUNCTION(X509_CRL)
131
132static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
133 const X509_REVOKED * const *b)
343 { 134 {
344 return(ASN1_STRING_cmp( 135 return(ASN1_STRING_cmp(
345 (ASN1_STRING *)(*a)->serialNumber, 136 (ASN1_STRING *)(*a)->serialNumber,
346 (ASN1_STRING *)(*b)->serialNumber)); 137 (ASN1_STRING *)(*b)->serialNumber));
347 } 138 }
348 139
349static int X509_REVOKED_seq_cmp(a,b) 140static int X509_REVOKED_seq_cmp(const X509_REVOKED * const *a,
350X509_REVOKED **a,**b; 141 const X509_REVOKED * const *b)
351 { 142 {
352 return((*a)->sequence-(*b)->sequence); 143 return((*a)->sequence-(*b)->sequence);
353 } 144 }
145
146int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
147{
148 X509_CRL_INFO *inf;
149 inf = crl->crl;
150 if(!inf->revoked)
151 inf->revoked = sk_X509_REVOKED_new(X509_REVOKED_cmp);
152 if(!inf->revoked || !sk_X509_REVOKED_push(inf->revoked, rev)) {
153 ASN1err(ASN1_F_X509_CRL_ADD0_REVOKED, ERR_R_MALLOC_FAILURE);
154 return 0;
155 }
156 return 1;
157}
158
159IMPLEMENT_STACK_OF(X509_REVOKED)
160IMPLEMENT_ASN1_SET_OF(X509_REVOKED)
161IMPLEMENT_STACK_OF(X509_CRL)
162IMPLEMENT_ASN1_SET_OF(X509_CRL)
diff --git a/src/lib/libcrypto/asn1/x_exten.c b/src/lib/libcrypto/asn1/x_exten.c
index 54ffe2f00b..702421b6c8 100644
--- a/src/lib/libcrypto/asn1/x_exten.c
+++ b/src/lib/libcrypto/asn1/x_exten.c
@@ -1,156 +1,71 @@
1/* crypto/asn1/x_exten.c */ 1/* x_exten.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
3 * All rights reserved. 3 * project 2000.
4 */
5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
4 * 7 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without 8 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 9 * modification, are permitted provided that the following conditions
25 * are met: 10 * are met:
26 * 1. Redistributions of source code must retain the copyright 11 *
27 * notice, this list of conditions and the following disclaimer. 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
28 * 2. Redistributions in binary form must reproduce the above copyright 15 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the 16 * notice, this list of conditions and the following disclaimer in
30 * documentation and/or other materials provided with the distribution. 17 * the documentation and/or other materials provided with the
31 * 3. All advertising materials mentioning features or use of this software 18 * distribution.
32 * must display the following acknowledgement: 19 *
33 * "This product includes cryptographic software written by 20 * 3. All advertising materials mentioning features or use of this
34 * Eric Young (eay@cryptsoft.com)" 21 * software must display the following acknowledgment:
35 * The word 'cryptographic' can be left out if the rouines from the library 22 * "This product includes software developed by the OpenSSL Project
36 * being used are not cryptographic related :-). 23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
37 * 4. If you include any Windows specific code (or a derivative thereof) from 24 *
38 * the apps directory (application code) you must include an acknowledgement: 25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 26 * endorse or promote products derived from this software without
40 * 27 * prior written permission. For written permission, please contact
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 28 * licensing@OpenSSL.org.
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 29 *
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 30 * 5. Products derived from this software may not be called "OpenSSL"
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 31 * nor may "OpenSSL" appear in their names without prior written
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 32 * permission of the OpenSSL Project.
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 *
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 * 6. Redistributions of any form whatsoever must retain the following
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 35 * acknowledgment:
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 36 * "This product includes software developed by the OpenSSL Project
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
51 * SUCH DAMAGE. 38 *
52 * 39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
53 * The licence and distribution terms for any publically available version or 40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
55 * copied and put under another distribution licence 42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
56 * [including the GNU Public Licence.] 43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
57 */ 44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
58 45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
59#include <stdio.h> 46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
60#include "cryptlib.h" 47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
61#include "objects.h" 48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
62#include "asn1_mac.h" 49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
63 50 * OF THE POSSIBILITY OF SUCH DAMAGE.
64/* 51 * ====================================================================
65 * ASN1err(ASN1_F_D2I_X509_EXTENSION,ASN1_R_LENGTH_MISMATCH); 52 *
66 * ASN1err(ASN1_F_X509_EXTENSION_NEW,ASN1_R_LENGTH_MISMATCH); 53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
67 */ 57 */
68 58
69int i2d_X509_EXTENSION(a,pp) 59#include <stddef.h>
70X509_EXTENSION *a; 60#include <openssl/x509.h>
71unsigned char **pp; 61#include <openssl/asn1.h>
72 { 62#include <openssl/asn1t.h>
73 int k=0;
74 int r=0,ret=0;
75 unsigned char **p=NULL;
76
77 if (a == NULL) return(0);
78
79 p=NULL;
80 for (;;)
81 {
82 if (k)
83 {
84 r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
85 if (pp == NULL) return(r);
86 p=pp;
87 ASN1_put_object(p,1,ret,V_ASN1_SEQUENCE,
88 V_ASN1_UNIVERSAL);
89 }
90
91 ret+=i2d_ASN1_OBJECT(a->object,p);
92 if ((a->critical) || a->netscape_hack)
93 ret+=i2d_ASN1_BOOLEAN(a->critical,p);
94 ret+=i2d_ASN1_OCTET_STRING(a->value,p);
95 if (k++) return(r);
96 }
97 }
98
99X509_EXTENSION *d2i_X509_EXTENSION(a,pp,length)
100X509_EXTENSION **a;
101unsigned char **pp;
102long length;
103 {
104 int i;
105 M_ASN1_D2I_vars(a,X509_EXTENSION *,X509_EXTENSION_new);
106
107 M_ASN1_D2I_Init();
108 M_ASN1_D2I_start_sequence();
109 M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
110
111 if ((ret->argp != NULL) && (ret->ex_free != NULL))
112 ret->ex_free(ret);
113 ret->argl=0;
114 ret->argp=NULL;
115 ret->netscape_hack=0;
116 if ((c.slen != 0) &&
117 (M_ASN1_next == (V_ASN1_UNIVERSAL|V_ASN1_BOOLEAN)))
118 {
119 c.q=c.p;
120 if (d2i_ASN1_BOOLEAN(&i,&c.p,c.slen) < 0) goto err;
121 ret->critical=i;
122 c.slen-=(c.p-c.q);
123 if (ret->critical == 0) ret->netscape_hack=1;
124 }
125 M_ASN1_D2I_get(ret->value,d2i_ASN1_OCTET_STRING);
126
127 M_ASN1_D2I_Finish(a,X509_EXTENSION_free,ASN1_F_D2I_X509_EXTENSION);
128 }
129
130X509_EXTENSION *X509_EXTENSION_new()
131 {
132 X509_EXTENSION *ret=NULL;
133 63
134 M_ASN1_New_Malloc(ret,X509_EXTENSION); 64ASN1_SEQUENCE(X509_EXTENSION) = {
135 M_ASN1_New(ret->object,ASN1_OBJECT_new); 65 ASN1_SIMPLE(X509_EXTENSION, object, ASN1_OBJECT),
136 M_ASN1_New(ret->value,ASN1_OCTET_STRING_new); 66 ASN1_OPT(X509_EXTENSION, critical, ASN1_BOOLEAN),
137 ret->critical=0; 67 ASN1_SIMPLE(X509_EXTENSION, value, ASN1_OCTET_STRING)
138 ret->netscape_hack=0; 68} ASN1_SEQUENCE_END(X509_EXTENSION)
139 ret->argl=0L;
140 ret->argp=NULL;
141 ret->ex_free=NULL;
142 return(ret);
143 M_ASN1_New_Error(ASN1_F_X509_EXTENSION_NEW);
144 }
145
146void X509_EXTENSION_free(a)
147X509_EXTENSION *a;
148 {
149 if (a == NULL) return;
150 if ((a->argp != NULL) && (a->ex_free != NULL))
151 a->ex_free(a);
152 ASN1_OBJECT_free(a->object);
153 ASN1_OCTET_STRING_free(a->value);
154 Free((char *)a);
155 }
156 69
70IMPLEMENT_ASN1_FUNCTIONS(X509_EXTENSION)
71IMPLEMENT_ASN1_DUP_FUNCTION(X509_EXTENSION)
diff --git a/src/lib/libcrypto/asn1/x_info.c b/src/lib/libcrypto/asn1/x_info.c
index b55f0ce77a..d44f6cdb01 100644
--- a/src/lib/libcrypto/asn1/x_info.c
+++ b/src/lib/libcrypto/asn1/x_info.c
@@ -58,15 +58,15 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "evp.h" 61#include <openssl/evp.h>
62#include "asn1_mac.h" 62#include <openssl/asn1.h>
63#include "x509.h" 63#include <openssl/x509.h>
64 64
65X509_INFO *X509_INFO_new() 65X509_INFO *X509_INFO_new(void)
66 { 66 {
67 X509_INFO *ret=NULL; 67 X509_INFO *ret=NULL;
68 68
69 ret=(X509_INFO *)Malloc(sizeof(X509_INFO)); 69 ret=(X509_INFO *)OPENSSL_malloc(sizeof(X509_INFO));
70 if (ret == NULL) 70 if (ret == NULL)
71 { 71 {
72 ASN1err(ASN1_F_X509_INFO_NEW,ERR_R_MALLOC_FAILURE); 72 ASN1err(ASN1_F_X509_INFO_NEW,ERR_R_MALLOC_FAILURE);
@@ -84,8 +84,7 @@ X509_INFO *X509_INFO_new()
84 return(ret); 84 return(ret);
85 } 85 }
86 86
87void X509_INFO_free(x) 87void X509_INFO_free(X509_INFO *x)
88X509_INFO *x;
89 { 88 {
90 int i; 89 int i;
91 90
@@ -107,5 +106,9 @@ X509_INFO *x;
107 if (x->x509 != NULL) X509_free(x->x509); 106 if (x->x509 != NULL) X509_free(x->x509);
108 if (x->crl != NULL) X509_CRL_free(x->crl); 107 if (x->crl != NULL) X509_CRL_free(x->crl);
109 if (x->x_pkey != NULL) X509_PKEY_free(x->x_pkey); 108 if (x->x_pkey != NULL) X509_PKEY_free(x->x_pkey);
110 Free((char *)x); 109 if (x->enc_data != NULL) OPENSSL_free(x->enc_data);
110 OPENSSL_free(x);
111 } 111 }
112
113IMPLEMENT_STACK_OF(X509_INFO)
114
diff --git a/src/lib/libcrypto/asn1/x_long.c b/src/lib/libcrypto/asn1/x_long.c
index c5f25956cb..c04b192794 100644
--- a/src/lib/libcrypto/asn1/x_long.c
+++ b/src/lib/libcrypto/asn1/x_long.c
@@ -104,12 +104,7 @@ static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const A
104 long ltmp; 104 long ltmp;
105 unsigned long utmp; 105 unsigned long utmp;
106 int clen, pad, i; 106 int clen, pad, i;
107 /* this exists to bypass broken gcc optimization */ 107 ltmp = *(long *)pval;
108 char *cp = (char *)pval;
109
110 /* use memcpy, because we may not be long aligned */
111 memcpy(&ltmp, cp, sizeof(long));
112
113 if(ltmp == it->size) return -1; 108 if(ltmp == it->size) return -1;
114 /* Convert the long to positive: we subtract one if negative so 109 /* Convert the long to positive: we subtract one if negative so
115 * we can cleanly handle the padding if only the MSB of the leading 110 * we can cleanly handle the padding if only the MSB of the leading
@@ -141,7 +136,6 @@ static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype,
141 int neg, i; 136 int neg, i;
142 long ltmp; 137 long ltmp;
143 unsigned long utmp = 0; 138 unsigned long utmp = 0;
144 char *cp = (char *)pval;
145 if(len > sizeof(long)) { 139 if(len > sizeof(long)) {
146 ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); 140 ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
147 return 0; 141 return 0;
@@ -164,6 +158,6 @@ static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype,
164 ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); 158 ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
165 return 0; 159 return 0;
166 } 160 }
167 memcpy(cp, &ltmp, sizeof(long)); 161 *(long *)pval = ltmp;
168 return 1; 162 return 1;
169} 163}
diff --git a/src/lib/libcrypto/asn1/x_name.c b/src/lib/libcrypto/asn1/x_name.c
index 28b9c34b58..caece0f158 100644
--- a/src/lib/libcrypto/asn1/x_name.c
+++ b/src/lib/libcrypto/asn1/x_name.c
@@ -58,228 +58,203 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "objects.h" 61#include <openssl/asn1t.h>
62#include "asn1_mac.h" 62#include <openssl/x509.h>
63 63
64/* 64static int x509_name_ex_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it,
65 * ASN1err(ASN1_F_D2I_X509_NAME,ASN1_R_LENGTH_MISMATCH); 65 int tag, int aclass, char opt, ASN1_TLC *ctx);
66 * ASN1err(ASN1_F_X509_NAME_NEW,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
67 * ASN1err(ASN1_F_D2I_X509_NAME_ENTRY,ASN1_R_LENGTH_MISMATCH);
68 * ASN1err(ASN1_F_X509_NAME_ENTRY_NEW,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
69 */
70
71#ifndef NOPROTO
72static int i2d_X509_NAME_entries(X509_NAME *a);
73#else
74static int i2d_X509_NAME_entries();
75#endif
76
77int i2d_X509_NAME_ENTRY(a,pp)
78X509_NAME_ENTRY *a;
79unsigned char **pp;
80 {
81 M_ASN1_I2D_vars(a);
82
83 M_ASN1_I2D_len(a->object,i2d_ASN1_OBJECT);
84 M_ASN1_I2D_len(a->value,i2d_ASN1_PRINTABLE);
85
86 M_ASN1_I2D_seq_total();
87
88 M_ASN1_I2D_put(a->object,i2d_ASN1_OBJECT);
89 M_ASN1_I2D_put(a->value,i2d_ASN1_PRINTABLE);
90
91 M_ASN1_I2D_finish();
92 }
93 66
94X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(a,pp,length) 67static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
95X509_NAME_ENTRY **a; 68static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it);
96unsigned char **pp; 69static void x509_name_ex_free(ASN1_VALUE **val, const ASN1_ITEM *it);
97long length;
98 {
99 M_ASN1_D2I_vars(a,X509_NAME_ENTRY *,X509_NAME_ENTRY_new);
100 70
101 M_ASN1_D2I_Init(); 71static int x509_name_encode(X509_NAME *a);
102 M_ASN1_D2I_start_sequence();
103 M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
104 M_ASN1_D2I_get(ret->value,d2i_ASN1_PRINTABLE);
105 ret->set=0;
106 M_ASN1_D2I_Finish(a,X509_NAME_ENTRY_free,ASN1_F_D2I_X509_NAME_ENTRY);
107 }
108 72
109int i2d_X509_NAME(a,pp) 73ASN1_SEQUENCE(X509_NAME_ENTRY) = {
110X509_NAME *a; 74 ASN1_SIMPLE(X509_NAME_ENTRY, object, ASN1_OBJECT),
111unsigned char **pp; 75 ASN1_SIMPLE(X509_NAME_ENTRY, value, ASN1_PRINTABLE)
112 { 76} ASN1_SEQUENCE_END(X509_NAME_ENTRY)
113 int ret;
114 77
115 if (a == NULL) return(0); 78IMPLEMENT_ASN1_FUNCTIONS(X509_NAME_ENTRY)
116 if (a->modified) 79IMPLEMENT_ASN1_DUP_FUNCTION(X509_NAME_ENTRY)
117 {
118 ret=i2d_X509_NAME_entries(a);
119 if (ret < 0) return(ret);
120 }
121 80
122 ret=a->bytes->length; 81/* For the "Name" type we need a SEQUENCE OF { SET OF X509_NAME_ENTRY }
123 if (pp != NULL) 82 * so declare two template wrappers for this
124 { 83 */
125 memcpy(*pp,a->bytes->data,ret);
126 *pp+=ret;
127 }
128 return(ret);
129 }
130
131static int i2d_X509_NAME_entries(a)
132X509_NAME *a;
133 {
134 X509_NAME_ENTRY *ne,*fe=NULL;
135 STACK *sk;
136 BUF_MEM *buf=NULL;
137 int set=0,r,ret=0;
138 int i;
139 unsigned char *p;
140 int size=0;
141
142 sk=a->entries;
143 for (i=0; i<sk_num(sk); i++)
144 {
145 ne=(X509_NAME_ENTRY *)sk_value(sk,i);
146 if (fe == NULL)
147 {
148 fe=ne;
149 size=0;
150 }
151
152 if (ne->set != set)
153 {
154 ret+=ASN1_object_size(1,size,V_ASN1_SET);
155 fe->size=size;
156 fe=ne;
157 size=0;
158 set=ne->set;
159 }
160 size+=i2d_X509_NAME_ENTRY(ne,NULL);
161 }
162 84
163 ret+=ASN1_object_size(1,size,V_ASN1_SET); 85ASN1_ITEM_TEMPLATE(X509_NAME_ENTRIES) =
164 if (fe != NULL) 86 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, RDNS, X509_NAME_ENTRY)
165 fe->size=size; 87ASN1_ITEM_TEMPLATE_END(X509_NAME_ENTRIES)
166 88
167 r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); 89ASN1_ITEM_TEMPLATE(X509_NAME_INTERNAL) =
90 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Name, X509_NAME_ENTRIES)
91ASN1_ITEM_TEMPLATE_END(X509_NAME_INTERNAL)
168 92
169 buf=a->bytes; 93/* Normally that's where it would end: we'd have two nested STACK structures
170 if (!BUF_MEM_grow(buf,r)) goto err; 94 * representing the ASN1. Unfortunately X509_NAME uses a completely different
171 p=(unsigned char *)buf->data; 95 * form and caches encodings so we have to process the internal form and convert
96 * to the external form.
97 */
172 98
173 ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); 99const ASN1_EXTERN_FUNCS x509_name_ff = {
100 NULL,
101 x509_name_ex_new,
102 x509_name_ex_free,
103 0, /* Default clear behaviour is OK */
104 x509_name_ex_d2i,
105 x509_name_ex_i2d
106};
107
108IMPLEMENT_EXTERN_ASN1(X509_NAME, V_ASN1_SEQUENCE, x509_name_ff)
109
110IMPLEMENT_ASN1_FUNCTIONS(X509_NAME)
111IMPLEMENT_ASN1_DUP_FUNCTION(X509_NAME)
112
113static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it)
114{
115 X509_NAME *ret = NULL;
116 ret = OPENSSL_malloc(sizeof(X509_NAME));
117 if(!ret) goto memerr;
118 if ((ret->entries=sk_X509_NAME_ENTRY_new_null()) == NULL)
119 goto memerr;
120 if((ret->bytes = BUF_MEM_new()) == NULL) goto memerr;
121 ret->modified=1;
122 *val = (ASN1_VALUE *)ret;
123 return 1;
174 124
175 set= -1; 125 memerr:
176 for (i=0; i<sk_num(sk); i++) 126 ASN1err(ASN1_F_X509_NAME_NEW, ERR_R_MALLOC_FAILURE);
127 if (ret)
177 { 128 {
178 ne=(X509_NAME_ENTRY *)sk_value(sk,i); 129 if (ret->entries)
179 if (set != ne->set) 130 sk_X509_NAME_ENTRY_free(ret->entries);
180 { 131 OPENSSL_free(ret);
181 set=ne->set;
182 ASN1_put_object(&p,1,ne->size,
183 V_ASN1_SET,V_ASN1_UNIVERSAL);
184 }
185 i2d_X509_NAME_ENTRY(ne,&p);
186 } 132 }
187 a->modified=0; 133 return 0;
188 return(r); 134}
189err:
190 return(-1);
191 }
192 135
193X509_NAME *d2i_X509_NAME(a,pp,length) 136static void x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
194X509_NAME **a; 137{
195unsigned char **pp; 138 X509_NAME *a;
196long length; 139 if(!pval || !*pval)
197 { 140 return;
198 int set=0,i; 141 a = (X509_NAME *)*pval;
199 int idx=0;
200 unsigned char *orig;
201 M_ASN1_D2I_vars(a,X509_NAME *,X509_NAME_new);
202 142
203 orig= *pp; 143 BUF_MEM_free(a->bytes);
204 if (sk_num(ret->entries) > 0) 144 sk_X509_NAME_ENTRY_pop_free(a->entries,X509_NAME_ENTRY_free);
205 { 145 OPENSSL_free(a);
206 while (sk_num(ret->entries) > 0) 146 *pval = NULL;
207 X509_NAME_ENTRY_free((X509_NAME_ENTRY *) 147}
208 sk_pop(ret->entries)); 148
209 } 149/* Used with sk_pop_free() to free up the internal representation.
150 * NB: we only free the STACK and not its contents because it is
151 * already present in the X509_NAME structure.
152 */
210 153
211 M_ASN1_D2I_Init(); 154static void sk_internal_free(void *a)
212 M_ASN1_D2I_start_sequence(); 155{
213 for (;;) 156 sk_free(a);
214 { 157}
215 if (M_ASN1_D2I_end_sequence()) break; 158
216 M_ASN1_D2I_get_set(ret->entries,d2i_X509_NAME_ENTRY); 159static int x509_name_ex_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it,
217 for (; idx < sk_num(ret->entries); idx++) 160 int tag, int aclass, char opt, ASN1_TLC *ctx)
218 { 161{
219 ((X509_NAME_ENTRY *)sk_value(ret->entries,idx))->set= 162 unsigned char *p = *in, *q;
220 set; 163 STACK *intname = NULL;
221 } 164 int i, j, ret;
222 set++; 165 X509_NAME *nm = NULL;
166 STACK_OF(X509_NAME_ENTRY) *entries;
167 X509_NAME_ENTRY *entry;
168 q = p;
169
170 /* Get internal representation of Name */
171 ret = ASN1_item_ex_d2i((ASN1_VALUE **)&intname, &p, len, ASN1_ITEM_rptr(X509_NAME_INTERNAL),
172 tag, aclass, opt, ctx);
173
174 if(ret <= 0) return ret;
175
176 if(*val) x509_name_ex_free(val, NULL);
177 if(!x509_name_ex_new((ASN1_VALUE **)&nm, NULL)) goto err;
178 /* We've decoded it: now cache encoding */
179 if(!BUF_MEM_grow(nm->bytes, p - q)) goto err;
180 memcpy(nm->bytes->data, q, p - q);
181
182 /* Convert internal representation to X509_NAME structure */
183 for(i = 0; i < sk_num(intname); i++) {
184 entries = (STACK_OF(X509_NAME_ENTRY) *)sk_value(intname, i);
185 for(j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) {
186 entry = sk_X509_NAME_ENTRY_value(entries, j);
187 entry->set = i;
188 if(!sk_X509_NAME_ENTRY_push(nm->entries, entry))
189 goto err;
223 } 190 }
224 191 sk_X509_NAME_ENTRY_free(entries);
225 i=(int)(c.p-orig);
226 if (!BUF_MEM_grow(ret->bytes,i)) goto err;
227 memcpy(ret->bytes->data,orig,i);
228 ret->bytes->length=i;
229 ret->modified=0;
230
231 M_ASN1_D2I_Finish(a,X509_NAME_free,ASN1_F_D2I_X509_NAME);
232 } 192 }
233 193 sk_free(intname);
234X509_NAME *X509_NAME_new() 194 nm->modified = 0;
235 { 195 *val = (ASN1_VALUE *)nm;
236 X509_NAME *ret=NULL; 196 *in = p;
237 197 return ret;
238 M_ASN1_New_Malloc(ret,X509_NAME); 198 err:
239 if ((ret->entries=sk_new(NULL)) == NULL) goto err2; 199 ASN1err(ASN1_F_D2I_X509_NAME, ERR_R_NESTED_ASN1_ERROR);
240 M_ASN1_New(ret->bytes,BUF_MEM_new); 200 return 0;
241 ret->modified=1; 201}
242 return(ret); 202
243 M_ASN1_New_Error(ASN1_F_X509_NAME_NEW); 203static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass)
204{
205 int ret;
206 X509_NAME *a = (X509_NAME *)*val;
207 if(a->modified) {
208 ret = x509_name_encode((X509_NAME *)a);
209 if(ret < 0) return ret;
244 } 210 }
245 211 ret = a->bytes->length;
246X509_NAME_ENTRY *X509_NAME_ENTRY_new() 212 if(out != NULL) {
247 { 213 memcpy(*out,a->bytes->data,ret);
248 X509_NAME_ENTRY *ret=NULL; 214 *out+=ret;
249
250 M_ASN1_New_Malloc(ret,X509_NAME_ENTRY);
251/* M_ASN1_New(ret->object,ASN1_OBJECT_new);*/
252 ret->object=NULL;
253 ret->set=0;
254 M_ASN1_New(ret->value,ASN1_STRING_new);
255 return(ret);
256 M_ASN1_New_Error(ASN1_F_X509_NAME_ENTRY_NEW);
257 } 215 }
216 return ret;
217}
258 218
259void X509_NAME_free(a) 219static int x509_name_encode(X509_NAME *a)
260X509_NAME *a; 220{
261 { 221 STACK *intname = NULL;
262 BUF_MEM_free(a->bytes); 222 int len;
263 sk_pop_free(a->entries,X509_NAME_ENTRY_free); 223 unsigned char *p;
264 Free((char *)a); 224 STACK_OF(X509_NAME_ENTRY) *entries = NULL;
265 } 225 X509_NAME_ENTRY *entry;
266 226 int i, set = -1;
267void X509_NAME_ENTRY_free(a) 227 intname = sk_new_null();
268X509_NAME_ENTRY *a; 228 if(!intname) goto memerr;
269 { 229 for(i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
270 if (a == NULL) return; 230 entry = sk_X509_NAME_ENTRY_value(a->entries, i);
271 ASN1_OBJECT_free(a->object); 231 if(entry->set != set) {
272 ASN1_BIT_STRING_free(a->value); 232 entries = sk_X509_NAME_ENTRY_new_null();
273 Free((char *)a); 233 if(!entries) goto memerr;
234 if(!sk_push(intname, (char *)entries)) goto memerr;
235 set = entry->set;
236 }
237 if(!sk_X509_NAME_ENTRY_push(entries, entry)) goto memerr;
274 } 238 }
275 239 len = ASN1_item_ex_i2d((ASN1_VALUE **)&intname, NULL, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
276int X509_NAME_set(xn,name) 240 if (!BUF_MEM_grow(a->bytes,len)) goto memerr;
277X509_NAME **xn; 241 p=(unsigned char *)a->bytes->data;
278X509_NAME *name; 242 ASN1_item_ex_i2d((ASN1_VALUE **)&intname, &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
243 sk_pop_free(intname, sk_internal_free);
244 a->modified = 0;
245 return len;
246 memerr:
247 sk_pop_free(intname, sk_internal_free);
248 ASN1err(ASN1_F_D2I_X509_NAME, ERR_R_MALLOC_FAILURE);
249 return -1;
250}
251
252
253int X509_NAME_set(X509_NAME **xn, X509_NAME *name)
279 { 254 {
280 X509_NAME *in; 255 X509_NAME *in;
281 256
282 if (*xn == NULL) return(0); 257 if (!xn || !name) return(0);
283 258
284 if (*xn != name) 259 if (*xn != name)
285 { 260 {
@@ -293,3 +268,5 @@ X509_NAME *name;
293 return(*xn != NULL); 268 return(*xn != NULL);
294 } 269 }
295 270
271IMPLEMENT_STACK_OF(X509_NAME_ENTRY)
272IMPLEMENT_ASN1_SET_OF(X509_NAME_ENTRY)
diff --git a/src/lib/libcrypto/asn1/x_pkey.c b/src/lib/libcrypto/asn1/x_pkey.c
index 1d4d926129..f1c6221ac3 100644
--- a/src/lib/libcrypto/asn1/x_pkey.c
+++ b/src/lib/libcrypto/asn1/x_pkey.c
@@ -58,25 +58,18 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "evp.h" 61#include <openssl/evp.h>
62#include "objects.h" 62#include <openssl/objects.h>
63#include "asn1_mac.h" 63#include <openssl/asn1_mac.h>
64 64#include <openssl/x509.h>
65/* ASN1err(ASN1_F_D2I_X509_PKEY,ASN1_R_UNSUPPORTED_CIPHER); */
66/* ASN1err(ASN1_F_X509_PKEY_NEW,ASN1_R_IV_TOO_LARGE); */
67 65
68/* need to implement */ 66/* need to implement */
69int i2d_X509_PKEY(a,pp) 67int i2d_X509_PKEY(X509_PKEY *a, unsigned char **pp)
70X509_PKEY *a;
71unsigned char **pp;
72 { 68 {
73 return(0); 69 return(0);
74 } 70 }
75 71
76X509_PKEY *d2i_X509_PKEY(a,pp,length) 72X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, unsigned char **pp, long length)
77X509_PKEY **a;
78unsigned char **pp;
79long length;
80 { 73 {
81 int i; 74 int i;
82 M_ASN1_D2I_vars(a,X509_PKEY *,X509_PKEY_new); 75 M_ASN1_D2I_vars(a,X509_PKEY *,X509_PKEY_new);
@@ -91,6 +84,7 @@ long length;
91 if (ret->cipher.cipher == NULL) 84 if (ret->cipher.cipher == NULL)
92 { 85 {
93 c.error=ASN1_R_UNSUPPORTED_CIPHER; 86 c.error=ASN1_R_UNSUPPORTED_CIPHER;
87 c.line=__LINE__;
94 goto err; 88 goto err;
95 } 89 }
96 if (ret->enc_algor->parameter->type == V_ASN1_OCTET_STRING) 90 if (ret->enc_algor->parameter->type == V_ASN1_OCTET_STRING)
@@ -99,6 +93,7 @@ long length;
99 if (i > EVP_MAX_IV_LENGTH) 93 if (i > EVP_MAX_IV_LENGTH)
100 { 94 {
101 c.error=ASN1_R_IV_TOO_LARGE; 95 c.error=ASN1_R_IV_TOO_LARGE;
96 c.line=__LINE__;
102 goto err; 97 goto err;
103 } 98 }
104 memcpy(ret->cipher.iv, 99 memcpy(ret->cipher.iv,
@@ -109,14 +104,15 @@ long length;
109 M_ASN1_D2I_Finish(a,X509_PKEY_free,ASN1_F_D2I_X509_PKEY); 104 M_ASN1_D2I_Finish(a,X509_PKEY_free,ASN1_F_D2I_X509_PKEY);
110 } 105 }
111 106
112X509_PKEY *X509_PKEY_new() 107X509_PKEY *X509_PKEY_new(void)
113 { 108 {
114 X509_PKEY *ret=NULL; 109 X509_PKEY *ret=NULL;
110 ASN1_CTX c;
115 111
116 M_ASN1_New_Malloc(ret,X509_PKEY); 112 M_ASN1_New_Malloc(ret,X509_PKEY);
117 ret->version=0; 113 ret->version=0;
118 M_ASN1_New(ret->enc_algor,X509_ALGOR_new); 114 M_ASN1_New(ret->enc_algor,X509_ALGOR_new);
119 M_ASN1_New(ret->enc_pkey,ASN1_OCTET_STRING_new); 115 M_ASN1_New(ret->enc_pkey,M_ASN1_OCTET_STRING_new);
120 ret->dec_pkey=NULL; 116 ret->dec_pkey=NULL;
121 ret->key_length=0; 117 ret->key_length=0;
122 ret->key_data=NULL; 118 ret->key_data=NULL;
@@ -128,8 +124,7 @@ X509_PKEY *X509_PKEY_new()
128 M_ASN1_New_Error(ASN1_F_X509_PKEY_NEW); 124 M_ASN1_New_Error(ASN1_F_X509_PKEY_NEW);
129 } 125 }
130 126
131void X509_PKEY_free(x) 127void X509_PKEY_free(X509_PKEY *x)
132X509_PKEY *x;
133 { 128 {
134 int i; 129 int i;
135 130
@@ -149,8 +144,8 @@ X509_PKEY *x;
149#endif 144#endif
150 145
151 if (x->enc_algor != NULL) X509_ALGOR_free(x->enc_algor); 146 if (x->enc_algor != NULL) X509_ALGOR_free(x->enc_algor);
152 if (x->enc_pkey != NULL) ASN1_OCTET_STRING_free(x->enc_pkey); 147 if (x->enc_pkey != NULL) M_ASN1_OCTET_STRING_free(x->enc_pkey);
153 if (x->dec_pkey != NULL)EVP_PKEY_free(x->dec_pkey); 148 if (x->dec_pkey != NULL)EVP_PKEY_free(x->dec_pkey);
154 if ((x->key_data != NULL) && (x->key_free)) Free((char *)x->key_data); 149 if ((x->key_data != NULL) && (x->key_free)) OPENSSL_free(x->key_data);
155 Free((char *)(char *)x); 150 OPENSSL_free(x);
156 } 151 }
diff --git a/src/lib/libcrypto/asn1/x_pubkey.c b/src/lib/libcrypto/asn1/x_pubkey.c
index a309cf74a7..d958540120 100644
--- a/src/lib/libcrypto/asn1/x_pubkey.c
+++ b/src/lib/libcrypto/asn1/x_pubkey.c
@@ -58,80 +58,33 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "asn1_mac.h" 61#include <openssl/asn1t.h>
62#include <openssl/x509.h>
62 63
63/* 64/* Minor tweak to operation: free up EVP_PKEY */
64 * ASN1err(ASN1_F_D2I_X509_PUBKEY,ASN1_R_LENGTH_MISMATCH); 65static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
65 * ASN1err(ASN1_F_X509_PUBKEY_NEW,ASN1_R_LENGTH_MISMATCH); 66{
66 */ 67 if(operation == ASN1_OP_FREE_POST) {
67 68 X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
68int i2d_X509_PUBKEY(a,pp) 69 EVP_PKEY_free(pubkey->pkey);
69X509_PUBKEY *a;
70unsigned char **pp;
71 {
72 M_ASN1_I2D_vars(a);
73
74 M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR);
75 M_ASN1_I2D_len(a->public_key, i2d_ASN1_BIT_STRING);
76
77 M_ASN1_I2D_seq_total();
78
79 M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR);
80 M_ASN1_I2D_put(a->public_key, i2d_ASN1_BIT_STRING);
81
82 M_ASN1_I2D_finish();
83 }
84
85X509_PUBKEY *d2i_X509_PUBKEY(a,pp,length)
86X509_PUBKEY **a;
87unsigned char **pp;
88long length;
89 {
90 M_ASN1_D2I_vars(a,X509_PUBKEY *,X509_PUBKEY_new);
91
92 M_ASN1_D2I_Init();
93 M_ASN1_D2I_start_sequence();
94 M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
95 M_ASN1_D2I_get(ret->public_key,d2i_ASN1_BIT_STRING);
96 if (ret->pkey != NULL)
97 {
98 EVP_PKEY_free(ret->pkey);
99 ret->pkey=NULL;
100 }
101 M_ASN1_D2I_Finish(a,X509_PUBKEY_free,ASN1_F_D2I_X509_PUBKEY);
102 } 70 }
71 return 1;
72}
103 73
104X509_PUBKEY *X509_PUBKEY_new() 74ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = {
105 { 75 ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR),
106 X509_PUBKEY *ret=NULL; 76 ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING)
107 77} ASN1_SEQUENCE_END_cb(X509_PUBKEY, X509_PUBKEY)
108 M_ASN1_New_Malloc(ret,X509_PUBKEY);
109 M_ASN1_New(ret->algor,X509_ALGOR_new);
110 M_ASN1_New(ret->public_key,ASN1_BIT_STRING_new);
111 ret->pkey=NULL;
112 return(ret);
113 M_ASN1_New_Error(ASN1_F_X509_PUBKEY_NEW);
114 }
115 78
116void X509_PUBKEY_free(a) 79IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY)
117X509_PUBKEY *a;
118 {
119 if (a == NULL) return;
120 X509_ALGOR_free(a->algor);
121 ASN1_BIT_STRING_free(a->public_key);
122 if (a->pkey != NULL) EVP_PKEY_free(a->pkey);
123 Free((char *)a);
124 }
125 80
126int X509_PUBKEY_set(x,pkey) 81int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
127X509_PUBKEY **x;
128EVP_PKEY *pkey;
129 { 82 {
130 int ok=0; 83 int ok=0;
131 X509_PUBKEY *pk; 84 X509_PUBKEY *pk;
132 X509_ALGOR *a; 85 X509_ALGOR *a;
133 ASN1_OBJECT *o; 86 ASN1_OBJECT *o;
134 unsigned char *s,*p; 87 unsigned char *s,*p = NULL;
135 int i; 88 int i;
136 89
137 if (x == NULL) return(0); 90 if (x == NULL) return(0);
@@ -156,7 +109,7 @@ EVP_PKEY *pkey;
156 } 109 }
157 } 110 }
158 else 111 else
159#ifndef NO_DSA 112#ifndef OPENSSL_NO_DSA
160 if (pkey->type == EVP_PKEY_DSA) 113 if (pkey->type == EVP_PKEY_DSA)
161 { 114 {
162 unsigned char *pp; 115 unsigned char *pp;
@@ -166,14 +119,14 @@ EVP_PKEY *pkey;
166 dsa->write_params=0; 119 dsa->write_params=0;
167 ASN1_TYPE_free(a->parameter); 120 ASN1_TYPE_free(a->parameter);
168 i=i2d_DSAparams(dsa,NULL); 121 i=i2d_DSAparams(dsa,NULL);
169 p=(unsigned char *)Malloc(i); 122 if ((p=(unsigned char *)OPENSSL_malloc(i)) == NULL) goto err;
170 pp=p; 123 pp=p;
171 i2d_DSAparams(dsa,&pp); 124 i2d_DSAparams(dsa,&pp);
172 a->parameter=ASN1_TYPE_new(); 125 a->parameter=ASN1_TYPE_new();
173 a->parameter->type=V_ASN1_SEQUENCE; 126 a->parameter->type=V_ASN1_SEQUENCE;
174 a->parameter->value.sequence=ASN1_STRING_new(); 127 a->parameter->value.sequence=ASN1_STRING_new();
175 ASN1_STRING_set(a->parameter->value.sequence,p,i); 128 ASN1_STRING_set(a->parameter->value.sequence,p,i);
176 Free(p); 129 OPENSSL_free(p);
177 } 130 }
178 else 131 else
179#endif 132#endif
@@ -182,15 +135,25 @@ EVP_PKEY *pkey;
182 goto err; 135 goto err;
183 } 136 }
184 137
185 i=i2d_PublicKey(pkey,NULL); 138 if ((i=i2d_PublicKey(pkey,NULL)) <= 0) goto err;
186 if ((s=(unsigned char *)Malloc(i+1)) == NULL) goto err; 139 if ((s=(unsigned char *)OPENSSL_malloc(i+1)) == NULL)
140 {
141 X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
142 goto err;
143 }
187 p=s; 144 p=s;
188 i2d_PublicKey(pkey,&p); 145 i2d_PublicKey(pkey,&p);
189 if (!ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err; 146 if (!M_ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err;
190 Free(s); 147 /* Set number of unused bits to zero */
148 pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
149 pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT;
150
151 OPENSSL_free(s);
191 152
153#if 0
192 CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY); 154 CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
193 pk->pkey=pkey; 155 pk->pkey=pkey;
156#endif
194 157
195 if (*x != NULL) 158 if (*x != NULL)
196 X509_PUBKEY_free(*x); 159 X509_PUBKEY_free(*x);
@@ -204,20 +167,24 @@ err:
204 return(ok); 167 return(ok);
205 } 168 }
206 169
207EVP_PKEY *X509_PUBKEY_get(key) 170EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
208X509_PUBKEY *key;
209 { 171 {
210 EVP_PKEY *ret=NULL; 172 EVP_PKEY *ret=NULL;
211 long j; 173 long j;
212 int type; 174 int type;
213 unsigned char *p; 175 unsigned char *p;
214#ifndef NO_DSA 176#ifndef OPENSSL_NO_DSA
177 const unsigned char *cp;
215 X509_ALGOR *a; 178 X509_ALGOR *a;
216#endif 179#endif
217 180
218 if (key == NULL) goto err; 181 if (key == NULL) goto err;
219 182
220 if (key->pkey != NULL) return(key->pkey); 183 if (key->pkey != NULL)
184 {
185 CRYPTO_add(&key->pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
186 return(key->pkey);
187 }
221 188
222 if (key->public_key == NULL) goto err; 189 if (key->public_key == NULL) goto err;
223 190
@@ -231,22 +198,23 @@ X509_PUBKEY *key;
231 } 198 }
232 ret->save_parameters=0; 199 ret->save_parameters=0;
233 200
234#ifndef NO_DSA 201#ifndef OPENSSL_NO_DSA
235 a=key->algor; 202 a=key->algor;
236 if (ret->type == EVP_PKEY_DSA) 203 if (ret->type == EVP_PKEY_DSA)
237 { 204 {
238 if (a->parameter->type == V_ASN1_SEQUENCE) 205 if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE))
239 { 206 {
240 ret->pkey.dsa->write_params=0; 207 ret->pkey.dsa->write_params=0;
241 p=a->parameter->value.sequence->data; 208 cp=p=a->parameter->value.sequence->data;
242 j=a->parameter->value.sequence->length; 209 j=a->parameter->value.sequence->length;
243 if (!d2i_DSAparams(&ret->pkey.dsa,&p,(long)j)) 210 if (!d2i_DSAparams(&ret->pkey.dsa,&cp,(long)j))
244 goto err; 211 goto err;
245 } 212 }
246 ret->save_parameters=1; 213 ret->save_parameters=1;
247 } 214 }
248#endif 215#endif
249 key->pkey=ret; 216 key->pkey=ret;
217 CRYPTO_add(&ret->references,1,CRYPTO_LOCK_EVP_PKEY);
250 return(ret); 218 return(ret);
251err: 219err:
252 if (ret != NULL) 220 if (ret != NULL)
@@ -254,3 +222,113 @@ err:
254 return(NULL); 222 return(NULL);
255 } 223 }
256 224
225/* Now two pseudo ASN1 routines that take an EVP_PKEY structure
226 * and encode or decode as X509_PUBKEY
227 */
228
229EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, unsigned char **pp,
230 long length)
231{
232 X509_PUBKEY *xpk;
233 EVP_PKEY *pktmp;
234 xpk = d2i_X509_PUBKEY(NULL, pp, length);
235 if(!xpk) return NULL;
236 pktmp = X509_PUBKEY_get(xpk);
237 X509_PUBKEY_free(xpk);
238 if(!pktmp) return NULL;
239 if(a) {
240 EVP_PKEY_free(*a);
241 *a = pktmp;
242 }
243 return pktmp;
244}
245
246int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp)
247{
248 X509_PUBKEY *xpk=NULL;
249 int ret;
250 if(!a) return 0;
251 if(!X509_PUBKEY_set(&xpk, a)) return 0;
252 ret = i2d_X509_PUBKEY(xpk, pp);
253 X509_PUBKEY_free(xpk);
254 return ret;
255}
256
257/* The following are equivalents but which return RSA and DSA
258 * keys
259 */
260#ifndef OPENSSL_NO_RSA
261RSA *d2i_RSA_PUBKEY(RSA **a, unsigned char **pp,
262 long length)
263{
264 EVP_PKEY *pkey;
265 RSA *key;
266 unsigned char *q;
267 q = *pp;
268 pkey = d2i_PUBKEY(NULL, &q, length);
269 if(!pkey) return NULL;
270 key = EVP_PKEY_get1_RSA(pkey);
271 EVP_PKEY_free(pkey);
272 if(!key) return NULL;
273 *pp = q;
274 if(a) {
275 RSA_free(*a);
276 *a = key;
277 }
278 return key;
279}
280
281int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp)
282{
283 EVP_PKEY *pktmp;
284 int ret;
285 if(!a) return 0;
286 pktmp = EVP_PKEY_new();
287 if(!pktmp) {
288 ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE);
289 return 0;
290 }
291 EVP_PKEY_set1_RSA(pktmp, a);
292 ret = i2d_PUBKEY(pktmp, pp);
293 EVP_PKEY_free(pktmp);
294 return ret;
295}
296#endif
297
298#ifndef OPENSSL_NO_DSA
299DSA *d2i_DSA_PUBKEY(DSA **a, unsigned char **pp,
300 long length)
301{
302 EVP_PKEY *pkey;
303 DSA *key;
304 unsigned char *q;
305 q = *pp;
306 pkey = d2i_PUBKEY(NULL, &q, length);
307 if(!pkey) return NULL;
308 key = EVP_PKEY_get1_DSA(pkey);
309 EVP_PKEY_free(pkey);
310 if(!key) return NULL;
311 *pp = q;
312 if(a) {
313 DSA_free(*a);
314 *a = key;
315 }
316 return key;
317}
318
319int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
320{
321 EVP_PKEY *pktmp;
322 int ret;
323 if(!a) return 0;
324 pktmp = EVP_PKEY_new();
325 if(!pktmp) {
326 ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE);
327 return 0;
328 }
329 EVP_PKEY_set1_DSA(pktmp, a);
330 ret = i2d_PUBKEY(pktmp, pp);
331 EVP_PKEY_free(pktmp);
332 return ret;
333}
334#endif
diff --git a/src/lib/libcrypto/asn1/x_req.c b/src/lib/libcrypto/asn1/x_req.c
index ff0be13d37..b3f18ebc12 100644
--- a/src/lib/libcrypto/asn1/x_req.c
+++ b/src/lib/libcrypto/asn1/x_req.c
@@ -58,190 +58,55 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "asn1_mac.h" 61#include <openssl/asn1t.h>
62#include "x509.h" 62#include <openssl/x509.h>
63 63
64/* 64/* X509_REQ_INFO is handled in an unusual way to get round
65 * ASN1err(ASN1_F_D2I_X509_REQ,ASN1_R_LENGTH_MISMATCH); 65 * invalid encodings. Some broken certificate requests don't
66 * ASN1err(ASN1_F_D2I_X509_REQ_INFO,ASN1_R_LENGTH_MISMATCH); 66 * encode the attributes field if it is empty. This is in
67 * ASN1err(ASN1_F_X509_REQ_NEW,ASN1_R_LENGTH_MISMATCH); 67 * violation of PKCS#10 but we need to tolerate it. We do
68 * ASN1err(ASN1_F_X509_REQ_INFO_NEW,ASN1_R_LENGTH_MISMATCH); 68 * this by making the attributes field OPTIONAL then using
69 * the callback to initialise it to an empty STACK.
70 *
71 * This means that the field will be correctly encoded unless
72 * we NULL out the field.
73 *
74 * As a result we no longer need the req_kludge field because
75 * the information is now contained in the attributes field:
76 * 1. If it is NULL then it's the invalid omission.
77 * 2. If it is empty it is the correct encoding.
78 * 3. If it is not empty then some attributes are present.
79 *
69 */ 80 */
70 81
71int i2d_X509_REQ_INFO(a,pp) 82static int rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
72X509_REQ_INFO *a; 83{
73unsigned char **pp; 84 X509_REQ_INFO *rinf = (X509_REQ_INFO *)*pval;
74 {
75 M_ASN1_I2D_vars(a);
76
77 M_ASN1_I2D_len(a->version, i2d_ASN1_INTEGER);
78 M_ASN1_I2D_len(a->subject, i2d_X509_NAME);
79 M_ASN1_I2D_len(a->pubkey, i2d_X509_PUBKEY);
80
81 /* this is a *nasty* hack reported to be required to
82 * allow some CA Software to accept the cert request.
83 * It is not following the PKCS standards ...
84 * PKCS#10 pg 5
85 * attributes [0] IMPLICIT Attibutes
86 * NOTE: no OPTIONAL ... so it *must* be there
87 */
88 if (a->req_kludge)
89 {
90 M_ASN1_I2D_len_IMP_set_opt(a->attributes,i2d_X509_ATTRIBUTE,0);
91 }
92 else
93 {
94 M_ASN1_I2D_len_IMP_set(a->attributes, i2d_X509_ATTRIBUTE,0);
95 }
96
97 M_ASN1_I2D_seq_total();
98 M_ASN1_I2D_put(a->version, i2d_ASN1_INTEGER);
99 M_ASN1_I2D_put(a->subject, i2d_X509_NAME);
100 M_ASN1_I2D_put(a->pubkey, i2d_X509_PUBKEY);
101
102 /* this is a *nasty* hack reported to be required by some CA's.
103 * It is not following the PKCS standards ...
104 * PKCS#10 pg 5
105 * attributes [0] IMPLICIT Attibutes
106 * NOTE: no OPTIONAL ... so it *must* be there
107 */
108 if (a->req_kludge)
109 {
110 M_ASN1_I2D_put_IMP_set_opt(a->attributes,i2d_X509_ATTRIBUTE,0);
111 }
112 else
113 {
114 M_ASN1_I2D_put_IMP_set(a->attributes,i2d_X509_ATTRIBUTE,0);
115 }
116 85
117 M_ASN1_I2D_finish(); 86 if(operation == ASN1_OP_NEW_POST) {
87 rinf->attributes = sk_X509_ATTRIBUTE_new_null();
88 if(!rinf->attributes) return 0;
118 } 89 }
119 90 return 1;
120X509_REQ_INFO *d2i_X509_REQ_INFO(a,pp,length) 91}
121X509_REQ_INFO **a; 92
122unsigned char **pp; 93ASN1_SEQUENCE_enc(X509_REQ_INFO, enc, rinf_cb) = {
123long length; 94 ASN1_SIMPLE(X509_REQ_INFO, version, ASN1_INTEGER),
124 { 95 ASN1_SIMPLE(X509_REQ_INFO, subject, X509_NAME),
125 M_ASN1_D2I_vars(a,X509_REQ_INFO *,X509_REQ_INFO_new); 96 ASN1_SIMPLE(X509_REQ_INFO, pubkey, X509_PUBKEY),
126 97 /* This isn't really OPTIONAL but it gets round invalid
127 M_ASN1_D2I_Init(); 98 * encodings
128 M_ASN1_D2I_start_sequence();
129 M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
130 M_ASN1_D2I_get(ret->subject,d2i_X509_NAME);
131 M_ASN1_D2I_get(ret->pubkey,d2i_X509_PUBKEY);
132
133 /* this is a *nasty* hack to allow for some CA's that
134 * have been reported as requiring it.
135 * It is not following the PKCS standards ...
136 * PKCS#10 pg 5
137 * attributes [0] IMPLICIT Attibutes
138 * NOTE: no OPTIONAL ... so it *must* be there
139 */ 99 */
140 if (asn1_Finish(&c)) 100 ASN1_IMP_SET_OF_OPT(X509_REQ_INFO, attributes, X509_ATTRIBUTE, 0)
141 ret->req_kludge=1; 101} ASN1_SEQUENCE_END_enc(X509_REQ_INFO, X509_REQ_INFO)
142 else
143 {
144 M_ASN1_D2I_get_IMP_set(ret->attributes,d2i_X509_ATTRIBUTE,0);
145 }
146
147 M_ASN1_D2I_Finish(a,X509_REQ_INFO_free,ASN1_F_D2I_X509_REQ_INFO);
148 }
149
150X509_REQ_INFO *X509_REQ_INFO_new()
151 {
152 X509_REQ_INFO *ret=NULL;
153 102
154 M_ASN1_New_Malloc(ret,X509_REQ_INFO); 103IMPLEMENT_ASN1_FUNCTIONS(X509_REQ_INFO)
155 M_ASN1_New(ret->version,ASN1_INTEGER_new);
156 M_ASN1_New(ret->subject,X509_NAME_new);
157 M_ASN1_New(ret->pubkey,X509_PUBKEY_new);
158 M_ASN1_New(ret->attributes,sk_new_null);
159 ret->req_kludge=0;
160 return(ret);
161 M_ASN1_New_Error(ASN1_F_X509_REQ_INFO_NEW);
162 }
163
164void X509_REQ_INFO_free(a)
165X509_REQ_INFO *a;
166 {
167 if (a == NULL) return;
168 ASN1_INTEGER_free(a->version);
169 X509_NAME_free(a->subject);
170 X509_PUBKEY_free(a->pubkey);
171 sk_pop_free(a->attributes,X509_ATTRIBUTE_free);
172 Free((char *)a);
173 }
174
175int i2d_X509_REQ(a,pp)
176X509_REQ *a;
177unsigned char **pp;
178 {
179 M_ASN1_I2D_vars(a);
180 M_ASN1_I2D_len(a->req_info, i2d_X509_REQ_INFO);
181 M_ASN1_I2D_len(a->sig_alg, i2d_X509_ALGOR);
182 M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING);
183
184 M_ASN1_I2D_seq_total();
185
186 M_ASN1_I2D_put(a->req_info, i2d_X509_REQ_INFO);
187 M_ASN1_I2D_put(a->sig_alg, i2d_X509_ALGOR);
188 M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING);
189
190 M_ASN1_I2D_finish();
191 }
192
193X509_REQ *d2i_X509_REQ(a,pp,length)
194X509_REQ **a;
195unsigned char **pp;
196long length;
197 {
198 M_ASN1_D2I_vars(a,X509_REQ *,X509_REQ_new);
199
200 M_ASN1_D2I_Init();
201 M_ASN1_D2I_start_sequence();
202 M_ASN1_D2I_get(ret->req_info,d2i_X509_REQ_INFO);
203 M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
204 M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
205 M_ASN1_D2I_Finish(a,X509_REQ_free,ASN1_F_D2I_X509_REQ);
206 }
207
208X509_REQ *X509_REQ_new()
209 {
210 X509_REQ *ret=NULL;
211
212 M_ASN1_New_Malloc(ret,X509_REQ);
213 ret->references=1;
214 M_ASN1_New(ret->req_info,X509_REQ_INFO_new);
215 M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
216 M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
217 return(ret);
218 M_ASN1_New_Error(ASN1_F_X509_REQ_NEW);
219 }
220
221void X509_REQ_free(a)
222X509_REQ *a;
223 {
224 int i;
225
226 if (a == NULL) return;
227
228 i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_REQ);
229#ifdef REF_PRINT
230 REF_PRINT("X509_REQ",a);
231#endif
232 if (i > 0) return;
233#ifdef REF_CHECK
234 if (i < 0)
235 {
236 fprintf(stderr,"X509_REQ_free, bad reference count\n");
237 abort();
238 }
239#endif
240
241 X509_REQ_INFO_free(a->req_info);
242 X509_ALGOR_free(a->sig_alg);
243 ASN1_BIT_STRING_free(a->signature);
244 Free((char *)a);
245 }
246 104
105ASN1_SEQUENCE_ref(X509_REQ, 0, CRYPTO_LOCK_X509_INFO) = {
106 ASN1_SIMPLE(X509_REQ, req_info, X509_REQ_INFO),
107 ASN1_SIMPLE(X509_REQ, sig_alg, X509_ALGOR),
108 ASN1_SIMPLE(X509_REQ, signature, ASN1_BIT_STRING)
109} ASN1_SEQUENCE_END_ref(X509_REQ, X509_REQ)
247 110
111IMPLEMENT_ASN1_FUNCTIONS(X509_REQ)
112IMPLEMENT_ASN1_DUP_FUNCTION(X509_REQ)
diff --git a/src/lib/libcrypto/asn1/x_sig.c b/src/lib/libcrypto/asn1/x_sig.c
index f0a2e4c27a..42efa86c1c 100644
--- a/src/lib/libcrypto/asn1/x_sig.c
+++ b/src/lib/libcrypto/asn1/x_sig.c
@@ -58,62 +58,12 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "asn1_mac.h" 61#include <openssl/asn1t.h>
62 62#include <openssl/x509.h>
63/*
64 * ASN1err(ASN1_F_D2I_X509_SIG,ASN1_R_LENGTH_MISMATCH);
65 * ASN1err(ASN1_F_X509_SIG_NEW,ASN1_R_LENGTH_MISMATCH);
66 */
67
68int i2d_X509_SIG(a,pp)
69X509_SIG *a;
70unsigned char **pp;
71 {
72 M_ASN1_I2D_vars(a);
73
74 M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR);
75 M_ASN1_I2D_len(a->digest, i2d_ASN1_OCTET_STRING);
76
77 M_ASN1_I2D_seq_total();
78
79 M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR);
80 M_ASN1_I2D_put(a->digest, i2d_ASN1_OCTET_STRING);
81
82 M_ASN1_I2D_finish();
83 }
84
85X509_SIG *d2i_X509_SIG(a,pp,length)
86X509_SIG **a;
87unsigned char **pp;
88long length;
89 {
90 M_ASN1_D2I_vars(a,X509_SIG *,X509_SIG_new);
91
92 M_ASN1_D2I_Init();
93 M_ASN1_D2I_start_sequence();
94 M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
95 M_ASN1_D2I_get(ret->digest,d2i_ASN1_OCTET_STRING);
96 M_ASN1_D2I_Finish(a,X509_SIG_free,ASN1_F_D2I_X509_SIG);
97 }
98
99X509_SIG *X509_SIG_new()
100 {
101 X509_SIG *ret=NULL;
102
103 M_ASN1_New_Malloc(ret,X509_SIG);
104 M_ASN1_New(ret->algor,X509_ALGOR_new);
105 M_ASN1_New(ret->digest,ASN1_OCTET_STRING_new);
106 return(ret);
107 M_ASN1_New_Error(ASN1_F_X509_SIG_NEW);
108 }
109
110void X509_SIG_free(a)
111X509_SIG *a;
112 {
113 if (a == NULL) return;
114 X509_ALGOR_free(a->algor);
115 ASN1_OCTET_STRING_free(a->digest);
116 Free((char *)a);
117 }
118 63
64ASN1_SEQUENCE(X509_SIG) = {
65 ASN1_SIMPLE(X509_SIG, algor, X509_ALGOR),
66 ASN1_SIMPLE(X509_SIG, digest, ASN1_OCTET_STRING)
67} ASN1_SEQUENCE_END(X509_SIG)
119 68
69IMPLEMENT_ASN1_FUNCTIONS(X509_SIG)
diff --git a/src/lib/libcrypto/asn1/x_spki.c b/src/lib/libcrypto/asn1/x_spki.c
index 4a80df44b8..2aece077c5 100644
--- a/src/lib/libcrypto/asn1/x_spki.c
+++ b/src/lib/libcrypto/asn1/x_spki.c
@@ -57,125 +57,25 @@
57 */ 57 */
58 58
59 /* This module was send to me my Pat Richards <patr@x509.com> who 59 /* This module was send to me my Pat Richards <patr@x509.com> who
60 * wrote it. It is under my Copyright with his permision 60 * wrote it. It is under my Copyright with his permission
61 */ 61 */
62 62
63#include <stdio.h> 63#include <stdio.h>
64#include "cryptlib.h" 64#include "cryptlib.h"
65#include "x509.h" 65#include <openssl/x509.h>
66#include "asn1_mac.h" 66#include <openssl/asn1t.h>
67 67
68/* 68ASN1_SEQUENCE(NETSCAPE_SPKAC) = {
69 * ASN1err(ASN1_F_D2I_NETSCAPE_SPKAC,ASN1_R_LENGTH_MISMATCH); 69 ASN1_SIMPLE(NETSCAPE_SPKAC, pubkey, X509_PUBKEY),
70 * ASN1err(ASN1_F_NETSCAPE_SPKAC_NEW,ASN1_R_LENGTH_MISMATCH); 70 ASN1_SIMPLE(NETSCAPE_SPKAC, challenge, ASN1_IA5STRING)
71 * ASN1err(ASN1_F_D2I_NETSCAPE_SPKI,ASN1_R_LENGTH_MISMATCH); 71} ASN1_SEQUENCE_END(NETSCAPE_SPKAC)
72 * ASN1err(ASN1_F_NETSCAPE_SPKI_NEW,ASN1_R_LENGTH_MISMATCH);
73 */
74
75int i2d_NETSCAPE_SPKAC(a,pp)
76NETSCAPE_SPKAC *a;
77unsigned char **pp;
78 {
79 M_ASN1_I2D_vars(a);
80
81 M_ASN1_I2D_len(a->pubkey, i2d_X509_PUBKEY);
82 M_ASN1_I2D_len(a->challenge, i2d_ASN1_IA5STRING);
83
84 M_ASN1_I2D_seq_total();
85
86 M_ASN1_I2D_put(a->pubkey, i2d_X509_PUBKEY);
87 M_ASN1_I2D_put(a->challenge, i2d_ASN1_IA5STRING);
88
89 M_ASN1_I2D_finish();
90 }
91
92NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(a,pp,length)
93NETSCAPE_SPKAC **a;
94unsigned char **pp;
95long length;
96 {
97 M_ASN1_D2I_vars(a,NETSCAPE_SPKAC *,NETSCAPE_SPKAC_new);
98
99 M_ASN1_D2I_Init();
100 M_ASN1_D2I_start_sequence();
101 M_ASN1_D2I_get(ret->pubkey,d2i_X509_PUBKEY);
102 M_ASN1_D2I_get(ret->challenge,d2i_ASN1_IA5STRING);
103 M_ASN1_D2I_Finish(a,NETSCAPE_SPKAC_free,ASN1_F_D2I_NETSCAPE_SPKAC);
104 }
105
106NETSCAPE_SPKAC *NETSCAPE_SPKAC_new()
107 {
108 NETSCAPE_SPKAC *ret=NULL;
109
110 M_ASN1_New_Malloc(ret,NETSCAPE_SPKAC);
111 M_ASN1_New(ret->pubkey,X509_PUBKEY_new);
112 M_ASN1_New(ret->challenge,ASN1_IA5STRING_new);
113 return(ret);
114 M_ASN1_New_Error(ASN1_F_NETSCAPE_SPKAC_NEW);
115 }
116
117void NETSCAPE_SPKAC_free(a)
118NETSCAPE_SPKAC *a;
119 {
120 if (a == NULL) return;
121 X509_PUBKEY_free(a->pubkey);
122 ASN1_IA5STRING_free(a->challenge);
123 Free((char *)a);
124 }
125
126int i2d_NETSCAPE_SPKI(a,pp)
127NETSCAPE_SPKI *a;
128unsigned char **pp;
129 {
130 M_ASN1_I2D_vars(a);
131
132 M_ASN1_I2D_len(a->spkac, i2d_NETSCAPE_SPKAC);
133 M_ASN1_I2D_len(a->sig_algor, i2d_X509_ALGOR);
134 M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING);
135
136 M_ASN1_I2D_seq_total();
137
138 M_ASN1_I2D_put(a->spkac, i2d_NETSCAPE_SPKAC);
139 M_ASN1_I2D_put(a->sig_algor, i2d_X509_ALGOR);
140 M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING);
141
142 M_ASN1_I2D_finish();
143 }
144
145NETSCAPE_SPKI *d2i_NETSCAPE_SPKI(a,pp,length)
146NETSCAPE_SPKI **a;
147unsigned char **pp;
148long length;
149 {
150 M_ASN1_D2I_vars(a,NETSCAPE_SPKI *,NETSCAPE_SPKI_new);
151
152 M_ASN1_D2I_Init();
153 M_ASN1_D2I_start_sequence();
154 M_ASN1_D2I_get(ret->spkac,d2i_NETSCAPE_SPKAC);
155 M_ASN1_D2I_get(ret->sig_algor,d2i_X509_ALGOR);
156 M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
157 M_ASN1_D2I_Finish(a,NETSCAPE_SPKI_free,ASN1_F_D2I_NETSCAPE_SPKI);
158 }
159
160NETSCAPE_SPKI *NETSCAPE_SPKI_new()
161 {
162 NETSCAPE_SPKI *ret=NULL;
163 72
164 M_ASN1_New_Malloc(ret,NETSCAPE_SPKI); 73IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
165 M_ASN1_New(ret->spkac,NETSCAPE_SPKAC_new);
166 M_ASN1_New(ret->sig_algor,X509_ALGOR_new);
167 M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
168 return(ret);
169 M_ASN1_New_Error(ASN1_F_NETSCAPE_SPKI_NEW);
170 }
171 74
172void NETSCAPE_SPKI_free(a) 75ASN1_SEQUENCE(NETSCAPE_SPKI) = {
173NETSCAPE_SPKI *a; 76 ASN1_SIMPLE(NETSCAPE_SPKI, spkac, NETSCAPE_SPKAC),
174 { 77 ASN1_SIMPLE(NETSCAPE_SPKI, sig_algor, X509_ALGOR),
175 if (a == NULL) return; 78 ASN1_SIMPLE(NETSCAPE_SPKI, signature, ASN1_BIT_STRING)
176 NETSCAPE_SPKAC_free(a->spkac); 79} ASN1_SEQUENCE_END(NETSCAPE_SPKI)
177 X509_ALGOR_free(a->sig_algor);
178 ASN1_BIT_STRING_free(a->signature);
179 Free((char *)a);
180 }
181 80
81IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_SPKI)
diff --git a/src/lib/libcrypto/asn1/x_val.c b/src/lib/libcrypto/asn1/x_val.c
index a9c390f88c..dc17c67758 100644
--- a/src/lib/libcrypto/asn1/x_val.c
+++ b/src/lib/libcrypto/asn1/x_val.c
@@ -58,61 +58,12 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "asn1_mac.h" 61#include <openssl/asn1t.h>
62#include <openssl/x509.h>
62 63
63/* ASN1err(ASN1_F_X509_VAL_NEW,ERR_R_MALLOC_FAILURE); 64ASN1_SEQUENCE(X509_VAL) = {
64 * ASN1err(ASN1_F_X509_VAL_FREE,ERR_R_MALLOC_FAILURE); 65 ASN1_SIMPLE(X509_VAL, notBefore, ASN1_TIME),
65 * ASN1err(ASN1_F_D2I_X509_VAL,ERR_R_MALLOC_FAILURE); 66 ASN1_SIMPLE(X509_VAL, notAfter, ASN1_TIME)
66 */ 67} ASN1_SEQUENCE_END(X509_VAL)
67
68int i2d_X509_VAL(a,pp)
69X509_VAL *a;
70unsigned char **pp;
71 {
72 M_ASN1_I2D_vars(a);
73
74 M_ASN1_I2D_len(a->notBefore,i2d_ASN1_UTCTIME);
75 M_ASN1_I2D_len(a->notAfter,i2d_ASN1_UTCTIME);
76
77 M_ASN1_I2D_seq_total();
78
79 M_ASN1_I2D_put(a->notBefore,i2d_ASN1_UTCTIME);
80 M_ASN1_I2D_put(a->notAfter,i2d_ASN1_UTCTIME);
81
82 M_ASN1_I2D_finish();
83 }
84
85X509_VAL *d2i_X509_VAL(a,pp,length)
86X509_VAL **a;
87unsigned char **pp;
88long length;
89 {
90 M_ASN1_D2I_vars(a,X509_VAL *,X509_VAL_new);
91
92 M_ASN1_D2I_Init();
93 M_ASN1_D2I_start_sequence();
94 M_ASN1_D2I_get(ret->notBefore,d2i_ASN1_UTCTIME);
95 M_ASN1_D2I_get(ret->notAfter,d2i_ASN1_UTCTIME);
96 M_ASN1_D2I_Finish(a,X509_VAL_free,ASN1_F_D2I_X509_VAL);
97 }
98
99X509_VAL *X509_VAL_new()
100 {
101 X509_VAL *ret=NULL;
102
103 M_ASN1_New_Malloc(ret,X509_VAL);
104 M_ASN1_New(ret->notBefore,ASN1_UTCTIME_new);
105 M_ASN1_New(ret->notAfter,ASN1_UTCTIME_new);
106 return(ret);
107 M_ASN1_New_Error(ASN1_F_X509_VAL_NEW);
108 }
109
110void X509_VAL_free(a)
111X509_VAL *a;
112 {
113 if (a == NULL) return;
114 ASN1_UTCTIME_free(a->notBefore);
115 ASN1_UTCTIME_free(a->notAfter);
116 Free((char *)a);
117 }
118 68
69IMPLEMENT_ASN1_FUNCTIONS(X509_VAL)
diff --git a/src/lib/libcrypto/asn1/x_x509.c b/src/lib/libcrypto/asn1/x_x509.c
index bc466ce0f6..b50167ce43 100644
--- a/src/lib/libcrypto/asn1/x_x509.c
+++ b/src/lib/libcrypto/asn1/x_x509.c
@@ -58,13 +58,72 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "evp.h" 61#include <openssl/evp.h>
62#include "asn1_mac.h" 62#include <openssl/asn1t.h>
63#include <openssl/x509.h>
64#include <openssl/x509v3.h>
65
66ASN1_SEQUENCE(X509_CINF) = {
67 ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0),
68 ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER),
69 ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR),
70 ASN1_SIMPLE(X509_CINF, issuer, X509_NAME),
71 ASN1_SIMPLE(X509_CINF, validity, X509_VAL),
72 ASN1_SIMPLE(X509_CINF, subject, X509_NAME),
73 ASN1_SIMPLE(X509_CINF, key, X509_PUBKEY),
74 ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1),
75 ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2),
76 ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3)
77} ASN1_SEQUENCE_END(X509_CINF)
78
79IMPLEMENT_ASN1_FUNCTIONS(X509_CINF)
80/* X509 top level structure needs a bit of customisation */
81
82static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
83{
84 X509 *ret = (X509 *)*pval;
85
86 switch(operation) {
87
88 case ASN1_OP_NEW_POST:
89 ret->valid=0;
90 ret->name = NULL;
91 ret->ex_flags = 0;
92 ret->ex_pathlen = -1;
93 ret->skid = NULL;
94 ret->akid = NULL;
95 ret->aux = NULL;
96 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
97 break;
98
99 case ASN1_OP_D2I_POST:
100 if (ret->name != NULL) OPENSSL_free(ret->name);
101 ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0);
102 break;
103
104 case ASN1_OP_FREE_POST:
105 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
106 X509_CERT_AUX_free(ret->aux);
107 ASN1_OCTET_STRING_free(ret->skid);
108 AUTHORITY_KEYID_free(ret->akid);
109
110 if (ret->name != NULL) OPENSSL_free(ret->name);
111 break;
63 112
64/* 113 }
65 * ASN1err(ASN1_F_D2I_X509,ASN1_R_LENGTH_MISMATCH); 114
66 * ASN1err(ASN1_F_X509_NEW,ASN1_R_BAD_GET_OBJECT); 115 return 1;
67 */ 116
117}
118
119ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = {
120 ASN1_SIMPLE(X509, cert_info, X509_CINF),
121 ASN1_SIMPLE(X509, sig_alg, X509_ALGOR),
122 ASN1_SIMPLE(X509, signature, ASN1_BIT_STRING)
123} ASN1_SEQUENCE_END_ref(X509, X509)
124
125IMPLEMENT_ASN1_FUNCTIONS(X509)
126IMPLEMENT_ASN1_DUP_FUNCTION(X509)
68 127
69static ASN1_METHOD meth={ 128static ASN1_METHOD meth={
70 (int (*)()) i2d_X509, 129 (int (*)()) i2d_X509,
@@ -72,87 +131,59 @@ static ASN1_METHOD meth={
72 (char *(*)())X509_new, 131 (char *(*)())X509_new,
73 (void (*)()) X509_free}; 132 (void (*)()) X509_free};
74 133
75ASN1_METHOD *X509_asn1_meth() 134ASN1_METHOD *X509_asn1_meth(void)
76 { 135 {
77 return(&meth); 136 return(&meth);
78 } 137 }
79 138
80int i2d_X509(a,pp) 139int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
81X509 *a; 140 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
82unsigned char **pp; 141 {
83 { 142 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, argl, argp,
84 M_ASN1_I2D_vars(a); 143 new_func, dup_func, free_func);
85 144 }
86 M_ASN1_I2D_len(a->cert_info, i2d_X509_CINF);
87 M_ASN1_I2D_len(a->sig_alg, i2d_X509_ALGOR);
88 M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING);
89
90 M_ASN1_I2D_seq_total();
91 145
92 M_ASN1_I2D_put(a->cert_info, i2d_X509_CINF); 146int X509_set_ex_data(X509 *r, int idx, void *arg)
93 M_ASN1_I2D_put(a->sig_alg, i2d_X509_ALGOR);
94 M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING);
95
96 M_ASN1_I2D_finish();
97 }
98
99X509 *d2i_X509(a,pp,length)
100X509 **a;
101unsigned char **pp;
102long length;
103 { 147 {
104 M_ASN1_D2I_vars(a,X509 *,X509_new); 148 return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
105
106 M_ASN1_D2I_Init();
107 M_ASN1_D2I_start_sequence();
108 M_ASN1_D2I_get(ret->cert_info,d2i_X509_CINF);
109 M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
110 M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
111if (ret->name != NULL) Free(ret->name);
112ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0);
113
114 M_ASN1_D2I_Finish(a,X509_free,ASN1_F_D2I_X509);
115 } 149 }
116 150
117X509 *X509_new() 151void *X509_get_ex_data(X509 *r, int idx)
118 { 152 {
119 X509 *ret=NULL; 153 return(CRYPTO_get_ex_data(&r->ex_data,idx));
120
121 M_ASN1_New_Malloc(ret,X509);
122 ret->references=1;
123 ret->valid=0;
124 ret->name=NULL;
125 M_ASN1_New(ret->cert_info,X509_CINF_new);
126 M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
127 M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
128 return(ret);
129 M_ASN1_New_Error(ASN1_F_X509_NEW);
130 } 154 }
131 155
132void X509_free(a) 156/* X509_AUX ASN1 routines. X509_AUX is the name given to
133X509 *a; 157 * a certificate with extra info tagged on the end. Since these
134 { 158 * functions set how a certificate is trusted they should only
135 int i; 159 * be used when the certificate comes from a reliable source
136 160 * such as local storage.
137 if (a == NULL) return; 161 *
138 162 */
139 i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509);
140#ifdef REF_PRINT
141 REF_PRINT("X509",a);
142#endif
143 if (i > 0) return;
144#ifdef REF_CHECK
145 if (i < 0)
146 {
147 fprintf(stderr,"X509_free, bad reference count\n");
148 abort();
149 }
150#endif
151
152 X509_CINF_free(a->cert_info);
153 X509_ALGOR_free(a->sig_alg);
154 ASN1_BIT_STRING_free(a->signature);
155 if (a->name != NULL) Free(a->name);
156 Free((char *)a);
157 }
158 163
164X509 *d2i_X509_AUX(X509 **a, unsigned char **pp, long length)
165{
166 unsigned char *q;
167 X509 *ret;
168 /* Save start position */
169 q = *pp;
170 ret = d2i_X509(a, pp, length);
171 /* If certificate unreadable then forget it */
172 if(!ret) return NULL;
173 /* update length */
174 length -= *pp - q;
175 if(!length) return ret;
176 if(!d2i_X509_CERT_AUX(&ret->aux, pp, length)) goto err;
177 return ret;
178 err:
179 X509_free(ret);
180 return NULL;
181}
182
183int i2d_X509_AUX(X509 *a, unsigned char **pp)
184{
185 int length;
186 length = i2d_X509(a, pp);
187 if(a) length += i2d_X509_CERT_AUX(a->aux, pp);
188 return length;
189}
diff --git a/src/lib/libcrypto/asn1/x_x509a.c b/src/lib/libcrypto/asn1/x_x509a.c
index b9987ea968..f244768b7e 100644
--- a/src/lib/libcrypto/asn1/x_x509a.c
+++ b/src/lib/libcrypto/asn1/x_x509a.c
@@ -59,7 +59,7 @@
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/evp.h> 61#include <openssl/evp.h>
62#include <openssl/asn1_mac.h> 62#include <openssl/asn1t.h>
63#include <openssl/x509.h> 63#include <openssl/x509.h>
64 64
65/* X509_CERT_AUX routines. These are used to encode additional 65/* X509_CERT_AUX routines. These are used to encode additional
@@ -71,72 +71,15 @@
71 71
72static X509_CERT_AUX *aux_get(X509 *x); 72static X509_CERT_AUX *aux_get(X509 *x);
73 73
74X509_CERT_AUX *d2i_X509_CERT_AUX(X509_CERT_AUX **a, unsigned char **pp, long length) 74ASN1_SEQUENCE(X509_CERT_AUX) = {
75{ 75 ASN1_SEQUENCE_OF_OPT(X509_CERT_AUX, trust, ASN1_OBJECT),
76 M_ASN1_D2I_vars(a, X509_CERT_AUX *, X509_CERT_AUX_new); 76 ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, reject, ASN1_OBJECT, 0),
77 77 ASN1_OPT(X509_CERT_AUX, alias, ASN1_UTF8STRING),
78 M_ASN1_D2I_Init(); 78 ASN1_OPT(X509_CERT_AUX, keyid, ASN1_OCTET_STRING),
79 M_ASN1_D2I_start_sequence(); 79 ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, other, X509_ALGOR, 1)
80 80} ASN1_SEQUENCE_END(X509_CERT_AUX)
81 M_ASN1_D2I_get_seq_opt_type(ASN1_OBJECT, ret->trust,
82 d2i_ASN1_OBJECT, ASN1_OBJECT_free);
83 M_ASN1_D2I_get_IMP_set_opt_type(ASN1_OBJECT, ret->reject,
84 d2i_ASN1_OBJECT, ASN1_OBJECT_free, 0);
85 M_ASN1_D2I_get_opt(ret->alias, d2i_ASN1_UTF8STRING, V_ASN1_UTF8STRING);
86 M_ASN1_D2I_get_opt(ret->keyid, d2i_ASN1_OCTET_STRING, V_ASN1_OCTET_STRING);
87 M_ASN1_D2I_get_IMP_set_opt_type(X509_ALGOR, ret->other,
88 d2i_X509_ALGOR, X509_ALGOR_free, 1);
89
90 M_ASN1_D2I_Finish(a, X509_CERT_AUX_free, ASN1_F_D2I_X509_CERT_AUX);
91}
92
93X509_CERT_AUX *X509_CERT_AUX_new()
94{
95 X509_CERT_AUX *ret = NULL;
96 ASN1_CTX c;
97 M_ASN1_New_Malloc(ret, X509_CERT_AUX);
98 ret->trust = NULL;
99 ret->reject = NULL;
100 ret->alias = NULL;
101 ret->keyid = NULL;
102 ret->other = NULL;
103 return(ret);
104 M_ASN1_New_Error(ASN1_F_X509_CERT_AUX_NEW);
105}
106
107void X509_CERT_AUX_free(X509_CERT_AUX *a)
108{
109 if(a == NULL) return;
110 sk_ASN1_OBJECT_pop_free(a->trust, ASN1_OBJECT_free);
111 sk_ASN1_OBJECT_pop_free(a->reject, ASN1_OBJECT_free);
112 ASN1_UTF8STRING_free(a->alias);
113 ASN1_OCTET_STRING_free(a->keyid);
114 sk_X509_ALGOR_pop_free(a->other, X509_ALGOR_free);
115 Free(a);
116}
117
118int i2d_X509_CERT_AUX(X509_CERT_AUX *a, unsigned char **pp)
119{
120 M_ASN1_I2D_vars(a);
121 81
122 M_ASN1_I2D_len_SEQUENCE_opt_type(ASN1_OBJECT, a->trust, i2d_ASN1_OBJECT); 82IMPLEMENT_ASN1_FUNCTIONS(X509_CERT_AUX)
123 M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(ASN1_OBJECT, a->reject, i2d_ASN1_OBJECT, 0);
124
125 M_ASN1_I2D_len(a->alias, i2d_ASN1_UTF8STRING);
126 M_ASN1_I2D_len(a->keyid, i2d_ASN1_OCTET_STRING);
127 M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(X509_ALGOR, a->other, i2d_X509_ALGOR, 1);
128
129 M_ASN1_I2D_seq_total();
130
131 M_ASN1_I2D_put_SEQUENCE_opt_type(ASN1_OBJECT, a->trust, i2d_ASN1_OBJECT);
132 M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(ASN1_OBJECT, a->reject, i2d_ASN1_OBJECT, 0);
133
134 M_ASN1_I2D_put(a->alias, i2d_ASN1_UTF8STRING);
135 M_ASN1_I2D_put(a->keyid, i2d_ASN1_OCTET_STRING);
136 M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(X509_ALGOR, a->other, i2d_X509_ALGOR, 1);
137
138 M_ASN1_I2D_finish();
139}
140 83
141static X509_CERT_AUX *aux_get(X509 *x) 84static X509_CERT_AUX *aux_get(X509 *x)
142{ 85{
@@ -153,6 +96,14 @@ int X509_alias_set1(X509 *x, unsigned char *name, int len)
153 return ASN1_STRING_set(aux->alias, name, len); 96 return ASN1_STRING_set(aux->alias, name, len);
154} 97}
155 98
99int X509_keyid_set1(X509 *x, unsigned char *id, int len)
100{
101 X509_CERT_AUX *aux;
102 if(!(aux = aux_get(x))) return 0;
103 if(!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new())) return 0;
104 return ASN1_STRING_set(aux->keyid, id, len);
105}
106
156unsigned char *X509_alias_get0(X509 *x, int *len) 107unsigned char *X509_alias_get0(X509 *x, int *len)
157{ 108{
158 if(!x->aux || !x->aux->alias) return NULL; 109 if(!x->aux || !x->aux->alias) return NULL;