summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/asn1
diff options
context:
space:
mode:
authordjm <>2008-09-06 12:17:54 +0000
committerdjm <>2008-09-06 12:17:54 +0000
commit38ce604e3cc97706b876b0525ddff0121115456d (patch)
tree7ccc28afe1789ea3dbedf72365f955d5b8e105b5 /src/lib/libcrypto/asn1
parent12867252827c8efaa8ddd1fa3b3d6e321e2bcdef (diff)
downloadopenbsd-38ce604e3cc97706b876b0525ddff0121115456d.tar.gz
openbsd-38ce604e3cc97706b876b0525ddff0121115456d.tar.bz2
openbsd-38ce604e3cc97706b876b0525ddff0121115456d.zip
resolve conflicts
Diffstat (limited to 'src/lib/libcrypto/asn1')
-rw-r--r--src/lib/libcrypto/asn1/a_bitstr.c13
-rw-r--r--src/lib/libcrypto/asn1/a_bool.c4
-rw-r--r--src/lib/libcrypto/asn1/a_bytes.c22
-rw-r--r--src/lib/libcrypto/asn1/a_d2i_fp.c32
-rw-r--r--src/lib/libcrypto/asn1/a_digest.c2
-rw-r--r--src/lib/libcrypto/asn1/a_dup.c18
-rw-r--r--src/lib/libcrypto/asn1/a_enum.c12
-rw-r--r--src/lib/libcrypto/asn1/a_gentm.c2
-rw-r--r--src/lib/libcrypto/asn1/a_hdr.c6
-rw-r--r--src/lib/libcrypto/asn1/a_i2d_fp.c8
-rw-r--r--src/lib/libcrypto/asn1/a_int.c26
-rw-r--r--src/lib/libcrypto/asn1/a_mbstr.c20
-rw-r--r--src/lib/libcrypto/asn1/a_meth.c16
-rw-r--r--src/lib/libcrypto/asn1/a_object.c100
-rw-r--r--src/lib/libcrypto/asn1/a_octet.c2
-rw-r--r--src/lib/libcrypto/asn1/a_set.c21
-rw-r--r--src/lib/libcrypto/asn1/a_sign.c23
-rw-r--r--src/lib/libcrypto/asn1/a_strex.c32
-rw-r--r--src/lib/libcrypto/asn1/a_type.c28
-rw-r--r--src/lib/libcrypto/asn1/a_utctm.c2
-rw-r--r--src/lib/libcrypto/asn1/a_verify.c12
-rw-r--r--src/lib/libcrypto/asn1/asn1.h341
-rw-r--r--src/lib/libcrypto/asn1/asn1_err.c91
-rw-r--r--src/lib/libcrypto/asn1/asn1_lib.c73
-rw-r--r--src/lib/libcrypto/asn1/asn1_mac.h39
-rw-r--r--src/lib/libcrypto/asn1/asn1_par.c58
-rw-r--r--src/lib/libcrypto/asn1/asn1t.h109
-rw-r--r--src/lib/libcrypto/asn1/asn_moid.c64
-rw-r--r--src/lib/libcrypto/asn1/asn_pack.c26
-rw-r--r--src/lib/libcrypto/asn1/d2i_pr.c24
-rw-r--r--src/lib/libcrypto/asn1/d2i_pu.c19
-rw-r--r--src/lib/libcrypto/asn1/evp_asn1.c4
-rw-r--r--src/lib/libcrypto/asn1/i2d_pr.c9
-rw-r--r--src/lib/libcrypto/asn1/i2d_pu.c7
-rw-r--r--src/lib/libcrypto/asn1/n_pkey.c49
-rw-r--r--src/lib/libcrypto/asn1/p5_pbe.c15
-rw-r--r--src/lib/libcrypto/asn1/p5_pbev2.c6
-rw-r--r--src/lib/libcrypto/asn1/t_crl.c4
-rw-r--r--src/lib/libcrypto/asn1/t_pkey.c548
-rw-r--r--src/lib/libcrypto/asn1/t_req.c22
-rw-r--r--src/lib/libcrypto/asn1/t_spki.c16
-rw-r--r--src/lib/libcrypto/asn1/t_x509.c37
-rw-r--r--src/lib/libcrypto/asn1/tasn_dec.c1059
-rw-r--r--src/lib/libcrypto/asn1/tasn_enc.c514
-rw-r--r--src/lib/libcrypto/asn1/tasn_fre.c149
-rw-r--r--src/lib/libcrypto/asn1/tasn_new.c234
-rw-r--r--src/lib/libcrypto/asn1/tasn_typ.c4
-rw-r--r--src/lib/libcrypto/asn1/tasn_utl.c128
-rw-r--r--src/lib/libcrypto/asn1/x_algor.c57
-rw-r--r--src/lib/libcrypto/asn1/x_bignum.c6
-rw-r--r--src/lib/libcrypto/asn1/x_crl.c2
-rw-r--r--src/lib/libcrypto/asn1/x_exten.c5
-rw-r--r--src/lib/libcrypto/asn1/x_long.c8
-rw-r--r--src/lib/libcrypto/asn1/x_name.c52
-rw-r--r--src/lib/libcrypto/asn1/x_pkey.c6
-rw-r--r--src/lib/libcrypto/asn1/x_pubkey.c285
-rw-r--r--src/lib/libcrypto/asn1/x_req.c2
-rw-r--r--src/lib/libcrypto/asn1/x_x509.c27
-rw-r--r--src/lib/libcrypto/asn1/x_x509a.c29
59 files changed, 3254 insertions, 1275 deletions
diff --git a/src/lib/libcrypto/asn1/a_bitstr.c b/src/lib/libcrypto/asn1/a_bitstr.c
index b81bf4fc81..0fb9ce0c2a 100644
--- a/src/lib/libcrypto/asn1/a_bitstr.c
+++ b/src/lib/libcrypto/asn1/a_bitstr.c
@@ -113,11 +113,12 @@ int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
113 return(ret); 113 return(ret);
114 } 114 }
115 115
116ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, unsigned char **pp, 116ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,
117 long len) 117 const unsigned char **pp, long len)
118 { 118 {
119 ASN1_BIT_STRING *ret=NULL; 119 ASN1_BIT_STRING *ret=NULL;
120 unsigned char *p,*s; 120 const unsigned char *p;
121 unsigned char *s;
121 int i; 122 int i;
122 123
123 if (len < 1) 124 if (len < 1)
@@ -164,7 +165,7 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, unsigned char **pp,
164 *pp=p; 165 *pp=p;
165 return(ret); 166 return(ret);
166err: 167err:
167 ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i); 168 ASN1err(ASN1_F_C2I_ASN1_BIT_STRING,i);
168 if ((ret != NULL) && ((a == NULL) || (*a != ret))) 169 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
169 M_ASN1_BIT_STRING_free(ret); 170 M_ASN1_BIT_STRING_free(ret);
170 return(NULL); 171 return(NULL);
@@ -182,9 +183,11 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value)
182 iv= ~v; 183 iv= ~v;
183 if (!value) v=0; 184 if (!value) v=0;
184 185
186 if (a == NULL)
187 return 0;
188
185 a->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear, set on write */ 189 a->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); /* clear, set on write */
186 190
187 if (a == NULL) return(0);
188 if ((a->length < (w+1)) || (a->data == NULL)) 191 if ((a->length < (w+1)) || (a->data == NULL))
189 { 192 {
190 if (!value) return(1); /* Don't need to set */ 193 if (!value) return(1); /* Don't need to set */
diff --git a/src/lib/libcrypto/asn1/a_bool.c b/src/lib/libcrypto/asn1/a_bool.c
index 24333ea4d5..331acdf053 100644
--- a/src/lib/libcrypto/asn1/a_bool.c
+++ b/src/lib/libcrypto/asn1/a_bool.c
@@ -75,10 +75,10 @@ int i2d_ASN1_BOOLEAN(int a, unsigned char **pp)
75 return(r); 75 return(r);
76 } 76 }
77 77
78int d2i_ASN1_BOOLEAN(int *a, unsigned char **pp, long length) 78int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length)
79 { 79 {
80 int ret= -1; 80 int ret= -1;
81 unsigned char *p; 81 const unsigned char *p;
82 long len; 82 long len;
83 int inf,tag,xclass; 83 int inf,tag,xclass;
84 int i=0; 84 int i=0;
diff --git a/src/lib/libcrypto/asn1/a_bytes.c b/src/lib/libcrypto/asn1/a_bytes.c
index 2407f7c87a..92d630cdba 100644
--- a/src/lib/libcrypto/asn1/a_bytes.c
+++ b/src/lib/libcrypto/asn1/a_bytes.c
@@ -60,14 +60,15 @@
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/asn1.h> 61#include <openssl/asn1.h>
62 62
63static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c); 63static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c);
64/* type is a 'bitmap' of acceptable string types. 64/* type is a 'bitmap' of acceptable string types.
65 */ 65 */
66ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, unsigned char **pp, 66ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp,
67 long length, int type) 67 long length, int type)
68 { 68 {
69 ASN1_STRING *ret=NULL; 69 ASN1_STRING *ret=NULL;
70 unsigned char *p,*s; 70 const unsigned char *p;
71 unsigned char *s;
71 long len; 72 long len;
72 int inf,tag,xclass; 73 int inf,tag,xclass;
73 int i=0; 74 int i=0;
@@ -153,11 +154,12 @@ int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass)
153 return(r); 154 return(r);
154 } 155 }
155 156
156ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, long length, 157ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
157 int Ptag, int Pclass) 158 long length, int Ptag, int Pclass)
158 { 159 {
159 ASN1_STRING *ret=NULL; 160 ASN1_STRING *ret=NULL;
160 unsigned char *p,*s; 161 const unsigned char *p;
162 unsigned char *s;
161 long len; 163 long len;
162 int inf,tag,xclass; 164 int inf,tag,xclass;
163 int i=0; 165 int i=0;
@@ -185,7 +187,7 @@ ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, long length,
185 187
186 if (inf & V_ASN1_CONSTRUCTED) 188 if (inf & V_ASN1_CONSTRUCTED)
187 { 189 {
188 ASN1_CTX c; 190 ASN1_const_CTX c;
189 191
190 c.pp=pp; 192 c.pp=pp;
191 c.p=p; 193 c.p=p;
@@ -247,7 +249,7 @@ err:
247 * them into the one structure that is then returned */ 249 * them into the one structure that is then returned */
248/* There have been a few bug fixes for this function from 250/* There have been a few bug fixes for this function from
249 * Paul Keogh <paul.keogh@sse.ie>, many thanks to him */ 251 * Paul Keogh <paul.keogh@sse.ie>, many thanks to him */
250static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c) 252static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c)
251 { 253 {
252 ASN1_STRING *os=NULL; 254 ASN1_STRING *os=NULL;
253 BUF_MEM b; 255 BUF_MEM b;
@@ -268,7 +270,7 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c)
268 { 270 {
269 if (c->inf & 1) 271 if (c->inf & 1)
270 { 272 {
271 c->eos=ASN1_check_infinite_end(&c->p, 273 c->eos=ASN1_const_check_infinite_end(&c->p,
272 (long)(c->max-c->p)); 274 (long)(c->max-c->p));
273 if (c->eos) break; 275 if (c->eos) break;
274 } 276 }
@@ -296,7 +298,7 @@ static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c)
296 num+=os->length; 298 num+=os->length;
297 } 299 }
298 300
299 if (!asn1_Finish(c)) goto err; 301 if (!asn1_const_Finish(c)) goto err;
300 302
301 a->length=num; 303 a->length=num;
302 if (a->data != NULL) OPENSSL_free(a->data); 304 if (a->data != NULL) OPENSSL_free(a->data);
diff --git a/src/lib/libcrypto/asn1/a_d2i_fp.c b/src/lib/libcrypto/asn1/a_d2i_fp.c
index b67b75e7c2..ece40bc4c0 100644
--- a/src/lib/libcrypto/asn1/a_d2i_fp.c
+++ b/src/lib/libcrypto/asn1/a_d2i_fp.c
@@ -66,11 +66,10 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb);
66#ifndef NO_OLD_ASN1 66#ifndef NO_OLD_ASN1
67#ifndef OPENSSL_NO_FP_API 67#ifndef OPENSSL_NO_FP_API
68 68
69char *ASN1_d2i_fp(char *(*xnew)(), char *(*d2i)(), FILE *in, 69void *ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x)
70 unsigned char **x)
71 { 70 {
72 BIO *b; 71 BIO *b;
73 char *ret; 72 void *ret;
74 73
75 if ((b=BIO_new(BIO_s_file())) == NULL) 74 if ((b=BIO_new(BIO_s_file())) == NULL)
76 { 75 {
@@ -84,12 +83,11 @@ char *ASN1_d2i_fp(char *(*xnew)(), char *(*d2i)(), FILE *in,
84 } 83 }
85#endif 84#endif
86 85
87char *ASN1_d2i_bio(char *(*xnew)(), char *(*d2i)(), BIO *in, 86void *ASN1_d2i_bio(void *(*xnew)(void), d2i_of_void *d2i, BIO *in, void **x)
88 unsigned char **x)
89 { 87 {
90 BUF_MEM *b = NULL; 88 BUF_MEM *b = NULL;
91 unsigned char *p; 89 const unsigned char *p;
92 char *ret=NULL; 90 void *ret=NULL;
93 int len; 91 int len;
94 92
95 len = asn1_d2i_read_bio(in, &b); 93 len = asn1_d2i_read_bio(in, &b);
@@ -107,14 +105,14 @@ err:
107void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x) 105void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x)
108 { 106 {
109 BUF_MEM *b = NULL; 107 BUF_MEM *b = NULL;
110 unsigned char *p; 108 const unsigned char *p;
111 void *ret=NULL; 109 void *ret=NULL;
112 int len; 110 int len;
113 111
114 len = asn1_d2i_read_bio(in, &b); 112 len = asn1_d2i_read_bio(in, &b);
115 if(len < 0) goto err; 113 if(len < 0) goto err;
116 114
117 p=(unsigned char *)b->data; 115 p=(const unsigned char *)b->data;
118 ret=ASN1_item_d2i(x,&p,len, it); 116 ret=ASN1_item_d2i(x,&p,len, it);
119err: 117err:
120 if (b != NULL) BUF_MEM_free(b); 118 if (b != NULL) BUF_MEM_free(b);
@@ -129,7 +127,7 @@ void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x)
129 127
130 if ((b=BIO_new(BIO_s_file())) == NULL) 128 if ((b=BIO_new(BIO_s_file())) == NULL)
131 { 129 {
132 ASN1err(ASN1_F_ASN1_D2I_FP,ERR_R_BUF_LIB); 130 ASN1err(ASN1_F_ASN1_ITEM_D2I_FP,ERR_R_BUF_LIB);
133 return(NULL); 131 return(NULL);
134 } 132 }
135 BIO_set_fp(b,in,BIO_NOCLOSE); 133 BIO_set_fp(b,in,BIO_NOCLOSE);
@@ -146,7 +144,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
146 unsigned char *p; 144 unsigned char *p;
147 int i; 145 int i;
148 int ret=-1; 146 int ret=-1;
149 ASN1_CTX c; 147 ASN1_const_CTX c;
150 int want=HEADER_SIZE; 148 int want=HEADER_SIZE;
151 int eos=0; 149 int eos=0;
152#if defined(__GNUC__) && defined(__ia64) 150#if defined(__GNUC__) && defined(__ia64)
@@ -160,7 +158,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
160 b=BUF_MEM_new(); 158 b=BUF_MEM_new();
161 if (b == NULL) 159 if (b == NULL)
162 { 160 {
163 ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); 161 ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ERR_R_MALLOC_FAILURE);
164 return -1; 162 return -1;
165 } 163 }
166 164
@@ -173,13 +171,13 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
173 171
174 if (!BUF_MEM_grow_clean(b,len+want)) 172 if (!BUF_MEM_grow_clean(b,len+want))
175 { 173 {
176 ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); 174 ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ERR_R_MALLOC_FAILURE);
177 goto err; 175 goto err;
178 } 176 }
179 i=BIO_read(in,&(b->data[len]),want); 177 i=BIO_read(in,&(b->data[len]),want);
180 if ((i < 0) && ((len-off) == 0)) 178 if ((i < 0) && ((len-off) == 0))
181 { 179 {
182 ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA); 180 ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ASN1_R_NOT_ENOUGH_DATA);
183 goto err; 181 goto err;
184 } 182 }
185 if (i > 0) 183 if (i > 0)
@@ -199,7 +197,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
199 if (e != ASN1_R_TOO_LONG) 197 if (e != ASN1_R_TOO_LONG)
200 goto err; 198 goto err;
201 else 199 else
202 ERR_get_error(); /* clear error */ 200 ERR_clear_error(); /* clear error */
203 } 201 }
204 i=c.p-p;/* header length */ 202 i=c.p-p;/* header length */
205 off+=i; /* end of data */ 203 off+=i; /* end of data */
@@ -228,7 +226,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
228 want-=(len-off); 226 want-=(len-off);
229 if (!BUF_MEM_grow_clean(b,len+want)) 227 if (!BUF_MEM_grow_clean(b,len+want))
230 { 228 {
231 ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE); 229 ASN1err(ASN1_F_ASN1_D2I_READ_BIO,ERR_R_MALLOC_FAILURE);
232 goto err; 230 goto err;
233 } 231 }
234 while (want > 0) 232 while (want > 0)
@@ -236,7 +234,7 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb)
236 i=BIO_read(in,&(b->data[len]),want); 234 i=BIO_read(in,&(b->data[len]),want);
237 if (i <= 0) 235 if (i <= 0)
238 { 236 {
239 ASN1err(ASN1_F_ASN1_D2I_BIO, 237 ASN1err(ASN1_F_ASN1_D2I_READ_BIO,
240 ASN1_R_NOT_ENOUGH_DATA); 238 ASN1_R_NOT_ENOUGH_DATA);
241 goto err; 239 goto err;
242 } 240 }
diff --git a/src/lib/libcrypto/asn1/a_digest.c b/src/lib/libcrypto/asn1/a_digest.c
index 7182e9fa5d..d00d9e22b1 100644
--- a/src/lib/libcrypto/asn1/a_digest.c
+++ b/src/lib/libcrypto/asn1/a_digest.c
@@ -72,7 +72,7 @@
72 72
73#ifndef NO_ASN1_OLD 73#ifndef NO_ASN1_OLD
74 74
75int ASN1_digest(int (*i2d)(), const EVP_MD *type, char *data, 75int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data,
76 unsigned char *md, unsigned int *len) 76 unsigned char *md, unsigned int *len)
77 { 77 {
78 int i; 78 int i;
diff --git a/src/lib/libcrypto/asn1/a_dup.c b/src/lib/libcrypto/asn1/a_dup.c
index 58a017884c..199d50f521 100644
--- a/src/lib/libcrypto/asn1/a_dup.c
+++ b/src/lib/libcrypto/asn1/a_dup.c
@@ -62,22 +62,23 @@
62 62
63#ifndef NO_OLD_ASN1 63#ifndef NO_OLD_ASN1
64 64
65char *ASN1_dup(int (*i2d)(), char *(*d2i)(), char *x) 65void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, char *x)
66 { 66 {
67 unsigned char *b,*p; 67 unsigned char *b,*p;
68 long i; 68 const unsigned char *p2;
69 int i;
69 char *ret; 70 char *ret;
70 71
71 if (x == NULL) return(NULL); 72 if (x == NULL) return(NULL);
72 73
73 i=(long)i2d(x,NULL); 74 i=i2d(x,NULL);
74 b=(unsigned char *)OPENSSL_malloc((unsigned int)i+10); 75 b=OPENSSL_malloc(i+10);
75 if (b == NULL) 76 if (b == NULL)
76 { ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); } 77 { ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); }
77 p= b; 78 p= b;
78 i=i2d(x,&p); 79 i=i2d(x,&p);
79 p= b; 80 p2= b;
80 ret=d2i(NULL,&p,i); 81 ret=d2i(NULL,&p2,i);
81 OPENSSL_free(b); 82 OPENSSL_free(b);
82 return(ret); 83 return(ret);
83 } 84 }
@@ -91,7 +92,8 @@ char *ASN1_dup(int (*i2d)(), char *(*d2i)(), char *x)
91 92
92void *ASN1_item_dup(const ASN1_ITEM *it, void *x) 93void *ASN1_item_dup(const ASN1_ITEM *it, void *x)
93 { 94 {
94 unsigned char *b = NULL, *p; 95 unsigned char *b = NULL;
96 const unsigned char *p;
95 long i; 97 long i;
96 void *ret; 98 void *ret;
97 99
@@ -99,7 +101,7 @@ void *ASN1_item_dup(const ASN1_ITEM *it, void *x)
99 101
100 i=ASN1_item_i2d(x,&b,it); 102 i=ASN1_item_i2d(x,&b,it);
101 if (b == NULL) 103 if (b == NULL)
102 { ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); } 104 { ASN1err(ASN1_F_ASN1_ITEM_DUP,ERR_R_MALLOC_FAILURE); return(NULL); }
103 p= b; 105 p= b;
104 ret=ASN1_item_d2i(NULL,&p,i, it); 106 ret=ASN1_item_d2i(NULL,&p,i, it);
105 OPENSSL_free(b); 107 OPENSSL_free(b);
diff --git a/src/lib/libcrypto/asn1/a_enum.c b/src/lib/libcrypto/asn1/a_enum.c
index 03ede68d1c..fe9aa13b9c 100644
--- a/src/lib/libcrypto/asn1/a_enum.c
+++ b/src/lib/libcrypto/asn1/a_enum.c
@@ -59,6 +59,7 @@
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/asn1.h> 61#include <openssl/asn1.h>
62#include <openssl/bn.h>
62 63
63/* 64/*
64 * Code for ENUMERATED type: identical to INTEGER apart from a different tag. 65 * Code for ENUMERATED type: identical to INTEGER apart from a different tag.
@@ -67,12 +68,13 @@
67 68
68int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v) 69int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v)
69 { 70 {
70 int i,j,k; 71 int j,k;
72 unsigned int i;
71 unsigned char buf[sizeof(long)+1]; 73 unsigned char buf[sizeof(long)+1];
72 long d; 74 long d;
73 75
74 a->type=V_ASN1_ENUMERATED; 76 a->type=V_ASN1_ENUMERATED;
75 if (a->length < (sizeof(long)+1)) 77 if (a->length < (int)(sizeof(long)+1))
76 { 78 {
77 if (a->data != NULL) 79 if (a->data != NULL)
78 OPENSSL_free(a->data); 80 OPENSSL_free(a->data);
@@ -116,7 +118,7 @@ long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a)
116 else if (i != V_ASN1_ENUMERATED) 118 else if (i != V_ASN1_ENUMERATED)
117 return -1; 119 return -1;
118 120
119 if (a->length > sizeof(long)) 121 if (a->length > (int)sizeof(long))
120 { 122 {
121 /* hmm... a bit ugly */ 123 /* hmm... a bit ugly */
122 return(0xffffffffL); 124 return(0xffffffffL);
@@ -147,7 +149,7 @@ ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai)
147 ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED,ERR_R_NESTED_ASN1_ERROR); 149 ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED,ERR_R_NESTED_ASN1_ERROR);
148 goto err; 150 goto err;
149 } 151 }
150 if(bn->neg) ret->type = V_ASN1_NEG_ENUMERATED; 152 if(BN_is_negative(bn)) ret->type = V_ASN1_NEG_ENUMERATED;
151 else ret->type=V_ASN1_ENUMERATED; 153 else ret->type=V_ASN1_ENUMERATED;
152 j=BN_num_bits(bn); 154 j=BN_num_bits(bn);
153 len=((j == 0)?0:((j/8)+1)); 155 len=((j == 0)?0:((j/8)+1));
@@ -175,6 +177,6 @@ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn)
175 177
176 if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL) 178 if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
177 ASN1err(ASN1_F_ASN1_ENUMERATED_TO_BN,ASN1_R_BN_LIB); 179 ASN1err(ASN1_F_ASN1_ENUMERATED_TO_BN,ASN1_R_BN_LIB);
178 else if(ai->type == V_ASN1_NEG_ENUMERATED) ret->neg = 1; 180 else if(ai->type == V_ASN1_NEG_ENUMERATED) BN_set_negative(ret,1);
179 return(ret); 181 return(ret);
180 } 182 }
diff --git a/src/lib/libcrypto/asn1/a_gentm.c b/src/lib/libcrypto/asn1/a_gentm.c
index 0dfd576211..def79062a5 100644
--- a/src/lib/libcrypto/asn1/a_gentm.c
+++ b/src/lib/libcrypto/asn1/a_gentm.c
@@ -181,7 +181,7 @@ err:
181 return(0); 181 return(0);
182 } 182 }
183 183
184int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str) 184int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str)
185 { 185 {
186 ASN1_GENERALIZEDTIME t; 186 ASN1_GENERALIZEDTIME t;
187 187
diff --git a/src/lib/libcrypto/asn1/a_hdr.c b/src/lib/libcrypto/asn1/a_hdr.c
index b1aad81f77..d1c2a7b9e3 100644
--- a/src/lib/libcrypto/asn1/a_hdr.c
+++ b/src/lib/libcrypto/asn1/a_hdr.c
@@ -76,17 +76,17 @@ int i2d_ASN1_HEADER(ASN1_HEADER *a, unsigned char **pp)
76 M_ASN1_I2D_finish(); 76 M_ASN1_I2D_finish();
77 } 77 }
78 78
79ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a, unsigned char **pp, 79ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a, const unsigned char **pp,
80 long length) 80 long length)
81 { 81 {
82 M_ASN1_D2I_vars(a,ASN1_HEADER *,ASN1_HEADER_new); 82 M_ASN1_D2I_vars(a,ASN1_HEADER *,ASN1_HEADER_new);
83 83
84 M_ASN1_D2I_Init(); 84 M_ASN1_D2I_Init();
85 M_ASN1_D2I_start_sequence(); 85 M_ASN1_D2I_start_sequence();
86 M_ASN1_D2I_get(ret->header,d2i_ASN1_OCTET_STRING); 86 M_ASN1_D2I_get_x(ASN1_OCTET_STRING,ret->header,d2i_ASN1_OCTET_STRING);
87 if (ret->meth != NULL) 87 if (ret->meth != NULL)
88 { 88 {
89 M_ASN1_D2I_get(ret->data,ret->meth->d2i); 89 M_ASN1_D2I_get_x(void,ret->data,ret->meth->d2i);
90 } 90 }
91 else 91 else
92 { 92 {
diff --git a/src/lib/libcrypto/asn1/a_i2d_fp.c b/src/lib/libcrypto/asn1/a_i2d_fp.c
index f4f1b73ebe..a3ad76d356 100644
--- a/src/lib/libcrypto/asn1/a_i2d_fp.c
+++ b/src/lib/libcrypto/asn1/a_i2d_fp.c
@@ -64,7 +64,7 @@
64#ifndef NO_OLD_ASN1 64#ifndef NO_OLD_ASN1
65 65
66#ifndef OPENSSL_NO_FP_API 66#ifndef OPENSSL_NO_FP_API
67int ASN1_i2d_fp(int (*i2d)(), FILE *out, unsigned char *x) 67int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x)
68 { 68 {
69 BIO *b; 69 BIO *b;
70 int ret; 70 int ret;
@@ -81,7 +81,7 @@ int ASN1_i2d_fp(int (*i2d)(), FILE *out, unsigned char *x)
81 } 81 }
82#endif 82#endif
83 83
84int ASN1_i2d_bio(int (*i2d)(), BIO *out, unsigned char *x) 84int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x)
85 { 85 {
86 char *b; 86 char *b;
87 unsigned char *p; 87 unsigned char *p;
@@ -124,7 +124,7 @@ int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x)
124 124
125 if ((b=BIO_new(BIO_s_file())) == NULL) 125 if ((b=BIO_new(BIO_s_file())) == NULL)
126 { 126 {
127 ASN1err(ASN1_F_ASN1_I2D_FP,ERR_R_BUF_LIB); 127 ASN1err(ASN1_F_ASN1_ITEM_I2D_FP,ERR_R_BUF_LIB);
128 return(0); 128 return(0);
129 } 129 }
130 BIO_set_fp(b,out,BIO_NOCLOSE); 130 BIO_set_fp(b,out,BIO_NOCLOSE);
@@ -142,7 +142,7 @@ int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x)
142 n = ASN1_item_i2d(x, &b, it); 142 n = ASN1_item_i2d(x, &b, it);
143 if (b == NULL) 143 if (b == NULL)
144 { 144 {
145 ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE); 145 ASN1err(ASN1_F_ASN1_ITEM_I2D_BIO,ERR_R_MALLOC_FAILURE);
146 return(0); 146 return(0);
147 } 147 }
148 148
diff --git a/src/lib/libcrypto/asn1/a_int.c b/src/lib/libcrypto/asn1/a_int.c
index 21cc64bb23..f8d198efb1 100644
--- a/src/lib/libcrypto/asn1/a_int.c
+++ b/src/lib/libcrypto/asn1/a_int.c
@@ -59,6 +59,7 @@
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/asn1.h> 61#include <openssl/asn1.h>
62#include <openssl/bn.h>
62 63
63ASN1_INTEGER *ASN1_INTEGER_dup(ASN1_INTEGER *x) 64ASN1_INTEGER *ASN1_INTEGER_dup(ASN1_INTEGER *x)
64{ return M_ASN1_INTEGER_dup(x);} 65{ return M_ASN1_INTEGER_dup(x);}
@@ -174,11 +175,12 @@ int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
174 175
175/* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */ 176/* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */
176 177
177ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp, 178ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp,
178 long len) 179 long len)
179 { 180 {
180 ASN1_INTEGER *ret=NULL; 181 ASN1_INTEGER *ret=NULL;
181 unsigned char *p,*to,*s, *pend; 182 const unsigned char *p, *pend;
183 unsigned char *to,*s;
182 int i; 184 int i;
183 185
184 if ((a == NULL) || ((*a) == NULL)) 186 if ((a == NULL) || ((*a) == NULL))
@@ -254,7 +256,7 @@ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp,
254 *pp=pend; 256 *pp=pend;
255 return(ret); 257 return(ret);
256err: 258err:
257 ASN1err(ASN1_F_D2I_ASN1_INTEGER,i); 259 ASN1err(ASN1_F_C2I_ASN1_INTEGER,i);
258 if ((ret != NULL) && ((a == NULL) || (*a != ret))) 260 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
259 M_ASN1_INTEGER_free(ret); 261 M_ASN1_INTEGER_free(ret);
260 return(NULL); 262 return(NULL);
@@ -266,11 +268,12 @@ err:
266 * with its MSB set as negative (it doesn't add a padding zero). 268 * with its MSB set as negative (it doesn't add a padding zero).
267 */ 269 */
268 270
269ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, unsigned char **pp, 271ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp,
270 long length) 272 long length)
271 { 273 {
272 ASN1_INTEGER *ret=NULL; 274 ASN1_INTEGER *ret=NULL;
273 unsigned char *p,*to,*s; 275 const unsigned char *p;
276 unsigned char *to,*s;
274 long len; 277 long len;
275 int inf,tag,xclass; 278 int inf,tag,xclass;
276 int i; 279 int i;
@@ -332,12 +335,13 @@ err:
332 335
333int ASN1_INTEGER_set(ASN1_INTEGER *a, long v) 336int ASN1_INTEGER_set(ASN1_INTEGER *a, long v)
334 { 337 {
335 int i,j,k; 338 int j,k;
339 unsigned int i;
336 unsigned char buf[sizeof(long)+1]; 340 unsigned char buf[sizeof(long)+1];
337 long d; 341 long d;
338 342
339 a->type=V_ASN1_INTEGER; 343 a->type=V_ASN1_INTEGER;
340 if (a->length < (sizeof(long)+1)) 344 if (a->length < (int)(sizeof(long)+1))
341 { 345 {
342 if (a->data != NULL) 346 if (a->data != NULL)
343 OPENSSL_free(a->data); 347 OPENSSL_free(a->data);
@@ -381,7 +385,7 @@ long ASN1_INTEGER_get(ASN1_INTEGER *a)
381 else if (i != V_ASN1_INTEGER) 385 else if (i != V_ASN1_INTEGER)
382 return -1; 386 return -1;
383 387
384 if (a->length > sizeof(long)) 388 if (a->length > (int)sizeof(long))
385 { 389 {
386 /* hmm... a bit ugly */ 390 /* hmm... a bit ugly */
387 return(0xffffffffL); 391 return(0xffffffffL);
@@ -412,7 +416,8 @@ ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai)
412 ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_NESTED_ASN1_ERROR); 416 ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_NESTED_ASN1_ERROR);
413 goto err; 417 goto err;
414 } 418 }
415 if(bn->neg) ret->type = V_ASN1_NEG_INTEGER; 419 if (BN_is_negative(bn))
420 ret->type = V_ASN1_NEG_INTEGER;
416 else ret->type=V_ASN1_INTEGER; 421 else ret->type=V_ASN1_INTEGER;
417 j=BN_num_bits(bn); 422 j=BN_num_bits(bn);
418 len=((j == 0)?0:((j/8)+1)); 423 len=((j == 0)?0:((j/8)+1));
@@ -445,7 +450,8 @@ BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai, BIGNUM *bn)
445 450
446 if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL) 451 if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
447 ASN1err(ASN1_F_ASN1_INTEGER_TO_BN,ASN1_R_BN_LIB); 452 ASN1err(ASN1_F_ASN1_INTEGER_TO_BN,ASN1_R_BN_LIB);
448 else if(ai->type == V_ASN1_NEG_INTEGER) ret->neg = 1; 453 else if(ai->type == V_ASN1_NEG_INTEGER)
454 BN_set_negative(ret, 1);
449 return(ret); 455 return(ret);
450 } 456 }
451 457
diff --git a/src/lib/libcrypto/asn1/a_mbstr.c b/src/lib/libcrypto/asn1/a_mbstr.c
index 208b3ec395..2d4800a22a 100644
--- a/src/lib/libcrypto/asn1/a_mbstr.c
+++ b/src/lib/libcrypto/asn1/a_mbstr.c
@@ -107,7 +107,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
107 107
108 case MBSTRING_BMP: 108 case MBSTRING_BMP:
109 if(len & 1) { 109 if(len & 1) {
110 ASN1err(ASN1_F_ASN1_MBSTRING_COPY, 110 ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
111 ASN1_R_INVALID_BMPSTRING_LENGTH); 111 ASN1_R_INVALID_BMPSTRING_LENGTH);
112 return -1; 112 return -1;
113 } 113 }
@@ -116,7 +116,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
116 116
117 case MBSTRING_UNIV: 117 case MBSTRING_UNIV:
118 if(len & 3) { 118 if(len & 3) {
119 ASN1err(ASN1_F_ASN1_MBSTRING_COPY, 119 ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
120 ASN1_R_INVALID_UNIVERSALSTRING_LENGTH); 120 ASN1_R_INVALID_UNIVERSALSTRING_LENGTH);
121 return -1; 121 return -1;
122 } 122 }
@@ -128,7 +128,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
128 /* This counts the characters and does utf8 syntax checking */ 128 /* This counts the characters and does utf8 syntax checking */
129 ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar); 129 ret = traverse_string(in, len, MBSTRING_UTF8, in_utf8, &nchar);
130 if(ret < 0) { 130 if(ret < 0) {
131 ASN1err(ASN1_F_ASN1_MBSTRING_COPY, 131 ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
132 ASN1_R_INVALID_UTF8STRING); 132 ASN1_R_INVALID_UTF8STRING);
133 return -1; 133 return -1;
134 } 134 }
@@ -139,19 +139,19 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
139 break; 139 break;
140 140
141 default: 141 default:
142 ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_UNKNOWN_FORMAT); 142 ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_UNKNOWN_FORMAT);
143 return -1; 143 return -1;
144 } 144 }
145 145
146 if((minsize > 0) && (nchar < minsize)) { 146 if((minsize > 0) && (nchar < minsize)) {
147 ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_SHORT); 147 ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_SHORT);
148 BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize); 148 BIO_snprintf(strbuf, sizeof strbuf, "%ld", minsize);
149 ERR_add_error_data(2, "minsize=", strbuf); 149 ERR_add_error_data(2, "minsize=", strbuf);
150 return -1; 150 return -1;
151 } 151 }
152 152
153 if((maxsize > 0) && (nchar > maxsize)) { 153 if((maxsize > 0) && (nchar > maxsize)) {
154 ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_STRING_TOO_LONG); 154 ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_STRING_TOO_LONG);
155 BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize); 155 BIO_snprintf(strbuf, sizeof strbuf, "%ld", maxsize);
156 ERR_add_error_data(2, "maxsize=", strbuf); 156 ERR_add_error_data(2, "maxsize=", strbuf);
157 return -1; 157 return -1;
@@ -159,7 +159,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
159 159
160 /* Now work out minimal type (if any) */ 160 /* Now work out minimal type (if any) */
161 if(traverse_string(in, len, inform, type_str, &mask) < 0) { 161 if(traverse_string(in, len, inform, type_str, &mask) < 0) {
162 ASN1err(ASN1_F_ASN1_MBSTRING_COPY, ASN1_R_ILLEGAL_CHARACTERS); 162 ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ASN1_R_ILLEGAL_CHARACTERS);
163 return -1; 163 return -1;
164 } 164 }
165 165
@@ -193,7 +193,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
193 free_out = 1; 193 free_out = 1;
194 dest = ASN1_STRING_type_new(str_type); 194 dest = ASN1_STRING_type_new(str_type);
195 if(!dest) { 195 if(!dest) {
196 ASN1err(ASN1_F_ASN1_MBSTRING_COPY, 196 ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,
197 ERR_R_MALLOC_FAILURE); 197 ERR_R_MALLOC_FAILURE);
198 return -1; 198 return -1;
199 } 199 }
@@ -202,7 +202,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
202 /* If both the same type just copy across */ 202 /* If both the same type just copy across */
203 if(inform == outform) { 203 if(inform == outform) {
204 if(!ASN1_STRING_set(dest, in, len)) { 204 if(!ASN1_STRING_set(dest, in, len)) {
205 ASN1err(ASN1_F_ASN1_MBSTRING_COPY,ERR_R_MALLOC_FAILURE); 205 ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,ERR_R_MALLOC_FAILURE);
206 return -1; 206 return -1;
207 } 207 }
208 return str_type; 208 return str_type;
@@ -233,7 +233,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len,
233 } 233 }
234 if(!(p = OPENSSL_malloc(outlen + 1))) { 234 if(!(p = OPENSSL_malloc(outlen + 1))) {
235 if(free_out) ASN1_STRING_free(dest); 235 if(free_out) ASN1_STRING_free(dest);
236 ASN1err(ASN1_F_ASN1_MBSTRING_COPY,ERR_R_MALLOC_FAILURE); 236 ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY,ERR_R_MALLOC_FAILURE);
237 return -1; 237 return -1;
238 } 238 }
239 dest->length = outlen; 239 dest->length = outlen;
diff --git a/src/lib/libcrypto/asn1/a_meth.c b/src/lib/libcrypto/asn1/a_meth.c
index 63158e9cab..50bea917e3 100644
--- a/src/lib/libcrypto/asn1/a_meth.c
+++ b/src/lib/libcrypto/asn1/a_meth.c
@@ -62,16 +62,16 @@
62#include <openssl/asn1.h> 62#include <openssl/asn1.h>
63 63
64static ASN1_METHOD ia5string_meth={ 64static ASN1_METHOD ia5string_meth={
65 (int (*)()) i2d_ASN1_IA5STRING, 65 (I2D_OF(void)) i2d_ASN1_IA5STRING,
66 (char *(*)()) d2i_ASN1_IA5STRING, 66 (D2I_OF(void)) d2i_ASN1_IA5STRING,
67 (char *(*)()) ASN1_STRING_new, 67 (void *(*)(void))ASN1_STRING_new,
68 (void (*)()) ASN1_STRING_free}; 68 (void (*)(void *))ASN1_STRING_free};
69 69
70static ASN1_METHOD bit_string_meth={ 70static ASN1_METHOD bit_string_meth={
71 (int (*)()) i2d_ASN1_BIT_STRING, 71 (I2D_OF(void)) i2d_ASN1_BIT_STRING,
72 (char *(*)()) d2i_ASN1_BIT_STRING, 72 (D2I_OF(void)) d2i_ASN1_BIT_STRING,
73 (char *(*)()) ASN1_STRING_new, 73 (void *(*)(void))ASN1_STRING_new,
74 (void (*)()) ASN1_STRING_free}; 74 (void (*)(void *))ASN1_STRING_free};
75 75
76ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void) 76ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void)
77 { 77 {
diff --git a/src/lib/libcrypto/asn1/a_object.c b/src/lib/libcrypto/asn1/a_object.c
index 0a8e6c287c..dc980421d0 100644
--- a/src/lib/libcrypto/asn1/a_object.c
+++ b/src/lib/libcrypto/asn1/a_object.c
@@ -57,10 +57,12 @@
57 */ 57 */
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include <limits.h>
60#include "cryptlib.h" 61#include "cryptlib.h"
61#include <openssl/buffer.h> 62#include <openssl/buffer.h>
62#include <openssl/asn1.h> 63#include <openssl/asn1.h>
63#include <openssl/objects.h> 64#include <openssl/objects.h>
65#include <openssl/bn.h>
64 66
65int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp) 67int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
66 { 68 {
@@ -83,10 +85,12 @@ int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp)
83 85
84int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) 86int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
85 { 87 {
86 int i,first,len=0,c; 88 int i,first,len=0,c, use_bn;
87 char tmp[24]; 89 char ftmp[24], *tmp = ftmp;
90 int tmpsize = sizeof ftmp;
88 const char *p; 91 const char *p;
89 unsigned long l; 92 unsigned long l;
93 BIGNUM *bl = NULL;
90 94
91 if (num == 0) 95 if (num == 0)
92 return(0); 96 return(0);
@@ -98,7 +102,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
98 num--; 102 num--;
99 if ((c >= '0') && (c <= '2')) 103 if ((c >= '0') && (c <= '2'))
100 { 104 {
101 first=(c-'0')*40; 105 first= c-'0';
102 } 106 }
103 else 107 else
104 { 108 {
@@ -122,6 +126,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
122 goto err; 126 goto err;
123 } 127 }
124 l=0; 128 l=0;
129 use_bn = 0;
125 for (;;) 130 for (;;)
126 { 131 {
127 if (num <= 0) break; 132 if (num <= 0) break;
@@ -134,7 +139,22 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
134 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT); 139 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT);
135 goto err; 140 goto err;
136 } 141 }
137 l=l*10L+(long)(c-'0'); 142 if (!use_bn && l > (ULONG_MAX / 10L))
143 {
144 use_bn = 1;
145 if (!bl)
146 bl = BN_new();
147 if (!bl || !BN_set_word(bl, l))
148 goto err;
149 }
150 if (use_bn)
151 {
152 if (!BN_mul_word(bl, 10L)
153 || !BN_add_word(bl, c-'0'))
154 goto err;
155 }
156 else
157 l=l*10L+(long)(c-'0');
138 } 158 }
139 if (len == 0) 159 if (len == 0)
140 { 160 {
@@ -143,14 +163,42 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
143 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_SECOND_NUMBER_TOO_LARGE); 163 ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_SECOND_NUMBER_TOO_LARGE);
144 goto err; 164 goto err;
145 } 165 }
146 l+=(long)first; 166 if (use_bn)
167 {
168 if (!BN_add_word(bl, first * 40))
169 goto err;
170 }
171 else
172 l+=(long)first*40;
147 } 173 }
148 i=0; 174 i=0;
149 for (;;) 175 if (use_bn)
176 {
177 int blsize;
178 blsize = BN_num_bits(bl);
179 blsize = (blsize + 6)/7;
180 if (blsize > tmpsize)
181 {
182 if (tmp != ftmp)
183 OPENSSL_free(tmp);
184 tmpsize = blsize + 32;
185 tmp = OPENSSL_malloc(tmpsize);
186 if (!tmp)
187 goto err;
188 }
189 while(blsize--)
190 tmp[i++] = (unsigned char)BN_div_word(bl, 0x80L);
191 }
192 else
150 { 193 {
151 tmp[i++]=(unsigned char)l&0x7f; 194
152 l>>=7L; 195 for (;;)
153 if (l == 0L) break; 196 {
197 tmp[i++]=(unsigned char)l&0x7f;
198 l>>=7L;
199 if (l == 0L) break;
200 }
201
154 } 202 }
155 if (out != NULL) 203 if (out != NULL)
156 { 204 {
@@ -166,8 +214,16 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num)
166 else 214 else
167 len+=i; 215 len+=i;
168 } 216 }
217 if (tmp != ftmp)
218 OPENSSL_free(tmp);
219 if (bl)
220 BN_free(bl);
169 return(len); 221 return(len);
170err: 222err:
223 if (tmp != ftmp)
224 OPENSSL_free(tmp);
225 if (bl)
226 BN_free(bl);
171 return(0); 227 return(0);
172 } 228 }
173 229
@@ -178,21 +234,31 @@ int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a)
178 234
179int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a) 235int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a)
180 { 236 {
181 char buf[80]; 237 char buf[80], *p = buf;
182 int i; 238 int i;
183 239
184 if ((a == NULL) || (a->data == NULL)) 240 if ((a == NULL) || (a->data == NULL))
185 return(BIO_write(bp,"NULL",4)); 241 return(BIO_write(bp,"NULL",4));
186 i=i2t_ASN1_OBJECT(buf,sizeof buf,a); 242 i=i2t_ASN1_OBJECT(buf,sizeof buf,a);
187 if (i > sizeof buf) i=sizeof buf; 243 if (i > (int)(sizeof(buf) - 1))
188 BIO_write(bp,buf,i); 244 {
245 p = OPENSSL_malloc(i + 1);
246 if (!p)
247 return -1;
248 i2t_ASN1_OBJECT(p,i + 1,a);
249 }
250 if (i <= 0)
251 return BIO_write(bp, "<INVALID>", 9);
252 BIO_write(bp,p,i);
253 if (p != buf)
254 OPENSSL_free(p);
189 return(i); 255 return(i);
190 } 256 }
191 257
192ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp, 258ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
193 long length) 259 long length)
194{ 260{
195 unsigned char *p; 261 const unsigned char *p;
196 long len; 262 long len;
197 int tag,xclass; 263 int tag,xclass;
198 int inf,i; 264 int inf,i;
@@ -219,11 +285,11 @@ err:
219 ASN1_OBJECT_free(ret); 285 ASN1_OBJECT_free(ret);
220 return(NULL); 286 return(NULL);
221} 287}
222ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp, 288ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp,
223 long len) 289 long len)
224 { 290 {
225 ASN1_OBJECT *ret=NULL; 291 ASN1_OBJECT *ret=NULL;
226 unsigned char *p; 292 const unsigned char *p;
227 int i; 293 int i;
228 294
229 /* only the ASN1_OBJECTs from the 'table' will have values 295 /* only the ASN1_OBJECTs from the 'table' will have values
@@ -255,7 +321,7 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, unsigned char **pp,
255 *pp=p; 321 *pp=p;
256 return(ret); 322 return(ret);
257err: 323err:
258 ASN1err(ASN1_F_D2I_ASN1_OBJECT,i); 324 ASN1err(ASN1_F_C2I_ASN1_OBJECT,i);
259 if ((ret != NULL) && ((a == NULL) || (*a != ret))) 325 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
260 ASN1_OBJECT_free(ret); 326 ASN1_OBJECT_free(ret);
261 return(NULL); 327 return(NULL);
diff --git a/src/lib/libcrypto/asn1/a_octet.c b/src/lib/libcrypto/asn1/a_octet.c
index 9690bae0f1..24fd0f8e5a 100644
--- a/src/lib/libcrypto/asn1/a_octet.c
+++ b/src/lib/libcrypto/asn1/a_octet.c
@@ -66,6 +66,6 @@ ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *x)
66int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b) 66int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b)
67{ return M_ASN1_OCTET_STRING_cmp(a, b); } 67{ return M_ASN1_OCTET_STRING_cmp(a, b); }
68 68
69int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, unsigned char *d, int len) 69int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, const unsigned char *d, int len)
70{ return M_ASN1_OCTET_STRING_set(x, d, len); } 70{ return M_ASN1_OCTET_STRING_set(x, d, len); }
71 71
diff --git a/src/lib/libcrypto/asn1/a_set.c b/src/lib/libcrypto/asn1/a_set.c
index e24061c545..958558c204 100644
--- a/src/lib/libcrypto/asn1/a_set.c
+++ b/src/lib/libcrypto/asn1/a_set.c
@@ -85,8 +85,8 @@ static int SetBlobCmp(const void *elem1, const void *elem2 )
85 } 85 }
86 86
87/* int is_set: if TRUE, then sort the contents (i.e. it isn't a SEQUENCE) */ 87/* int is_set: if TRUE, then sort the contents (i.e. it isn't a SEQUENCE) */
88int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag, 88int i2d_ASN1_SET(STACK *a, unsigned char **pp, i2d_of_void *i2d, int ex_tag,
89 int ex_class, int is_set) 89 int ex_class, int is_set)
90 { 90 {
91 int ret=0,r; 91 int ret=0,r;
92 int i; 92 int i;
@@ -97,7 +97,7 @@ int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag,
97 97
98 if (a == NULL) return(0); 98 if (a == NULL) return(0);
99 for (i=sk_num(a)-1; i>=0; i--) 99 for (i=sk_num(a)-1; i>=0; i--)
100 ret+=func(sk_value(a,i),NULL); 100 ret+=i2d(sk_value(a,i),NULL);
101 r=ASN1_object_size(1,ret,ex_tag); 101 r=ASN1_object_size(1,ret,ex_tag);
102 if (pp == NULL) return(r); 102 if (pp == NULL) return(r);
103 103
@@ -111,7 +111,7 @@ int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag,
111 if(!is_set || (sk_num(a) < 2)) 111 if(!is_set || (sk_num(a) < 2))
112 { 112 {
113 for (i=0; i<sk_num(a); i++) 113 for (i=0; i<sk_num(a); i++)
114 func(sk_value(a,i),&p); 114 i2d(sk_value(a,i),&p);
115 115
116 *pp=p; 116 *pp=p;
117 return(r); 117 return(r);
@@ -129,7 +129,7 @@ int i2d_ASN1_SET(STACK *a, unsigned char **pp, int (*func)(), int ex_tag,
129 for (i=0; i<sk_num(a); i++) 129 for (i=0; i<sk_num(a); i++)
130 { 130 {
131 rgSetBlob[i].pbData = p; /* catch each set encode blob */ 131 rgSetBlob[i].pbData = p; /* catch each set encode blob */
132 func(sk_value(a,i),&p); 132 i2d(sk_value(a,i),&p);
133 rgSetBlob[i].cbData = p - rgSetBlob[i].pbData; /* Length of this 133 rgSetBlob[i].cbData = p - rgSetBlob[i].pbData; /* Length of this
134SetBlob 134SetBlob
135*/ 135*/
@@ -162,10 +162,11 @@ SetBlob
162 return(r); 162 return(r);
163 } 163 }
164 164
165STACK *d2i_ASN1_SET(STACK **a, unsigned char **pp, long length, 165STACK *d2i_ASN1_SET(STACK **a, const unsigned char **pp, long length,
166 char *(*func)(), void (*free_func)(void *), int ex_tag, int ex_class) 166 d2i_of_void *d2i, void (*free_func)(void *), int ex_tag,
167 int ex_class)
167 { 168 {
168 ASN1_CTX c; 169 ASN1_const_CTX c;
169 STACK *ret=NULL; 170 STACK *ret=NULL;
170 171
171 if ((a == NULL) || ((*a) == NULL)) 172 if ((a == NULL) || ((*a) == NULL))
@@ -210,7 +211,9 @@ STACK *d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
210 char *s; 211 char *s;
211 212
212 if (M_ASN1_D2I_end_sequence()) break; 213 if (M_ASN1_D2I_end_sequence()) break;
213 if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL) 214 /* XXX: This was called with 4 arguments, incorrectly, it seems
215 if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL) */
216 if ((s=d2i(NULL,&c.p,c.slen)) == NULL)
214 { 217 {
215 ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_ERROR_PARSING_SET_ELEMENT); 218 ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_ERROR_PARSING_SET_ELEMENT);
216 asn1_add_error(*pp,(int)(c.q- *pp)); 219 asn1_add_error(*pp,(int)(c.q- *pp));
diff --git a/src/lib/libcrypto/asn1/a_sign.c b/src/lib/libcrypto/asn1/a_sign.c
index 52ce7e3974..1081950518 100644
--- a/src/lib/libcrypto/asn1/a_sign.c
+++ b/src/lib/libcrypto/asn1/a_sign.c
@@ -56,7 +56,7 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58/* ==================================================================== 58/* ====================================================================
59 * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. 59 * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved.
60 * 60 *
61 * Redistribution and use in source and binary forms, with or without 61 * Redistribution and use in source and binary forms, with or without
62 * modification, are permitted provided that the following conditions 62 * modification, are permitted provided that the following conditions
@@ -126,9 +126,9 @@
126 126
127#ifndef NO_ASN1_OLD 127#ifndef NO_ASN1_OLD
128 128
129int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2, 129int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2,
130 ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey, 130 ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey,
131 const EVP_MD *type) 131 const EVP_MD *type)
132 { 132 {
133 EVP_MD_CTX ctx; 133 EVP_MD_CTX ctx;
134 unsigned char *p,*buf_in=NULL,*buf_out=NULL; 134 unsigned char *p,*buf_in=NULL,*buf_out=NULL;
@@ -229,10 +229,11 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
229 else 229 else
230 a=algor2; 230 a=algor2;
231 if (a == NULL) continue; 231 if (a == NULL) continue;
232 if (type->pkey_type == NID_dsaWithSHA1) 232 if (type->pkey_type == NID_dsaWithSHA1 ||
233 type->pkey_type == NID_ecdsa_with_SHA1)
233 { 234 {
234 /* special case: RFC 2459 tells us to omit 'parameters' 235 /* special case: RFC 3279 tells us to omit 'parameters'
235 * with id-dsa-with-sha1 */ 236 * with id-dsa-with-sha1 and ecdsa-with-SHA1 */
236 ASN1_TYPE_free(a->parameter); 237 ASN1_TYPE_free(a->parameter);
237 a->parameter = NULL; 238 a->parameter = NULL;
238 } 239 }
@@ -247,12 +248,12 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
247 a->algorithm=OBJ_nid2obj(type->pkey_type); 248 a->algorithm=OBJ_nid2obj(type->pkey_type);
248 if (a->algorithm == NULL) 249 if (a->algorithm == NULL)
249 { 250 {
250 ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_UNKNOWN_OBJECT_TYPE); 251 ASN1err(ASN1_F_ASN1_ITEM_SIGN,ASN1_R_UNKNOWN_OBJECT_TYPE);
251 goto err; 252 goto err;
252 } 253 }
253 if (a->algorithm->length == 0) 254 if (a->algorithm->length == 0)
254 { 255 {
255 ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD); 256 ASN1err(ASN1_F_ASN1_ITEM_SIGN,ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
256 goto err; 257 goto err;
257 } 258 }
258 } 259 }
@@ -262,7 +263,7 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
262 if ((buf_in == NULL) || (buf_out == NULL)) 263 if ((buf_in == NULL) || (buf_out == NULL))
263 { 264 {
264 outl=0; 265 outl=0;
265 ASN1err(ASN1_F_ASN1_SIGN,ERR_R_MALLOC_FAILURE); 266 ASN1err(ASN1_F_ASN1_ITEM_SIGN,ERR_R_MALLOC_FAILURE);
266 goto err; 267 goto err;
267 } 268 }
268 269
@@ -272,7 +273,7 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2,
272 (unsigned int *)&outl,pkey)) 273 (unsigned int *)&outl,pkey))
273 { 274 {
274 outl=0; 275 outl=0;
275 ASN1err(ASN1_F_ASN1_SIGN,ERR_R_EVP_LIB); 276 ASN1err(ASN1_F_ASN1_ITEM_SIGN,ERR_R_EVP_LIB);
276 goto err; 277 goto err;
277 } 278 }
278 if (signature->data != NULL) OPENSSL_free(signature->data); 279 if (signature->data != NULL) OPENSSL_free(signature->data);
diff --git a/src/lib/libcrypto/asn1/a_strex.c b/src/lib/libcrypto/asn1/a_strex.c
index a07122ba47..c2dbb6f9a5 100644
--- a/src/lib/libcrypto/asn1/a_strex.c
+++ b/src/lib/libcrypto/asn1/a_strex.c
@@ -3,7 +3,7 @@
3 * project 2000. 3 * project 2000.
4 */ 4 */
5/* ==================================================================== 5/* ====================================================================
6 * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved. 6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
7 * 7 *
8 * Redistribution and use in source and binary forms, with or without 8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions 9 * modification, are permitted provided that the following conditions
@@ -58,12 +58,12 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include <string.h> 60#include <string.h>
61#include "cryptlib.h"
61#include <openssl/crypto.h> 62#include <openssl/crypto.h>
62#include <openssl/x509.h> 63#include <openssl/x509.h>
63#include <openssl/asn1.h> 64#include <openssl/asn1.h>
64 65
65#include "charmap.h" 66#include "charmap.h"
66#include "cryptlib.h"
67 67
68/* ASN1_STRING_print_ex() and X509_NAME_print_ex(). 68/* ASN1_STRING_print_ex() and X509_NAME_print_ex().
69 * Enhanced string and name printing routines handling 69 * Enhanced string and name printing routines handling
@@ -170,7 +170,7 @@ static int do_buf(unsigned char *buf, int buflen,
170 q = buf + buflen; 170 q = buf + buflen;
171 outlen = 0; 171 outlen = 0;
172 while(p != q) { 172 while(p != q) {
173 if(p == buf) orflags = CHARTYPE_FIRST_ESC_2253; 173 if(p == buf && flags & ASN1_STRFLGS_ESC_2253) orflags = CHARTYPE_FIRST_ESC_2253;
174 else orflags = 0; 174 else orflags = 0;
175 switch(type & BUF_TYPE_WIDTH_MASK) { 175 switch(type & BUF_TYPE_WIDTH_MASK) {
176 case 4: 176 case 4:
@@ -194,8 +194,10 @@ static int do_buf(unsigned char *buf, int buflen,
194 if(i < 0) return -1; /* Invalid UTF8String */ 194 if(i < 0) return -1; /* Invalid UTF8String */
195 p += i; 195 p += i;
196 break; 196 break;
197 default:
198 return -1; /* invalid width */
197 } 199 }
198 if (p == q) orflags = CHARTYPE_LAST_ESC_2253; 200 if (p == q && flags & ASN1_STRFLGS_ESC_2253) orflags = CHARTYPE_LAST_ESC_2253;
199 if(type & BUF_TYPE_CONVUTF8) { 201 if(type & BUF_TYPE_CONVUTF8) {
200 unsigned char utfbuf[6]; 202 unsigned char utfbuf[6];
201 int utflen; 203 int utflen;
@@ -223,7 +225,7 @@ static int do_buf(unsigned char *buf, int buflen,
223 225
224static int do_hex_dump(char_io *io_ch, void *arg, unsigned char *buf, int buflen) 226static int do_hex_dump(char_io *io_ch, void *arg, unsigned char *buf, int buflen)
225{ 227{
226 const static char hexdig[] = "0123456789ABCDEF"; 228 static const char hexdig[] = "0123456789ABCDEF";
227 unsigned char *p, *q; 229 unsigned char *p, *q;
228 char hextmp[2]; 230 char hextmp[2];
229 if(arg) { 231 if(arg) {
@@ -279,7 +281,7 @@ static int do_dump(unsigned long lflags, char_io *io_ch, void *arg, ASN1_STRING
279 * otherwise it is the number of bytes per character 281 * otherwise it is the number of bytes per character
280 */ 282 */
281 283
282const static signed char tag2nbyte[] = { 284static const signed char tag2nbyte[] = {
283 -1, -1, -1, -1, -1, /* 0-4 */ 285 -1, -1, -1, -1, -1, /* 0-4 */
284 -1, -1, -1, -1, -1, /* 5-9 */ 286 -1, -1, -1, -1, -1, /* 5-9 */
285 -1, -1, 0, -1, /* 10-13 */ 287 -1, -1, 0, -1, /* 10-13 */
@@ -356,12 +358,13 @@ static int do_print_ex(char_io *io_ch, void *arg, unsigned long lflags, ASN1_STR
356 } 358 }
357 359
358 len = do_buf(str->data, str->length, type, flags, &quotes, io_ch, NULL); 360 len = do_buf(str->data, str->length, type, flags, &quotes, io_ch, NULL);
359 if(outlen < 0) return -1; 361 if(len < 0) return -1;
360 outlen += len; 362 outlen += len;
361 if(quotes) outlen += 2; 363 if(quotes) outlen += 2;
362 if(!arg) return outlen; 364 if(!arg) return outlen;
363 if(quotes && !io_ch(arg, "\"", 1)) return -1; 365 if(quotes && !io_ch(arg, "\"", 1)) return -1;
364 do_buf(str->data, str->length, type, flags, NULL, io_ch, arg); 366 if(do_buf(str->data, str->length, type, flags, NULL, io_ch, arg) < 0)
367 return -1;
365 if(quotes && !io_ch(arg, "\"", 1)) return -1; 368 if(quotes && !io_ch(arg, "\"", 1)) return -1;
366 return outlen; 369 return outlen;
367} 370}
@@ -513,7 +516,7 @@ int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, unsigned long flags)
513 return do_name_ex(send_bio_chars, out, nm, indent, flags); 516 return do_name_ex(send_bio_chars, out, nm, indent, flags);
514} 517}
515 518
516 519#ifndef OPENSSL_NO_FP_API
517int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags) 520int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long flags)
518{ 521{
519 if(flags == XN_FLAG_COMPAT) 522 if(flags == XN_FLAG_COMPAT)
@@ -528,17 +531,19 @@ int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, unsigned long fla
528 } 531 }
529 return do_name_ex(send_fp_chars, fp, nm, indent, flags); 532 return do_name_ex(send_fp_chars, fp, nm, indent, flags);
530} 533}
534#endif
531 535
532int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags) 536int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags)
533{ 537{
534 return do_print_ex(send_bio_chars, out, flags, str); 538 return do_print_ex(send_bio_chars, out, flags, str);
535} 539}
536 540
537 541#ifndef OPENSSL_NO_FP_API
538int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags) 542int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags)
539{ 543{
540 return do_print_ex(send_fp_chars, fp, flags, str); 544 return do_print_ex(send_fp_chars, fp, flags, str);
541} 545}
546#endif
542 547
543/* Utility function: convert any string type to UTF8, returns number of bytes 548/* Utility function: convert any string type to UTF8, returns number of bytes
544 * in output string or a negative error code 549 * in output string or a negative error code
@@ -553,12 +558,7 @@ int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in)
553 if((type < 0) || (type > 30)) return -1; 558 if((type < 0) || (type > 30)) return -1;
554 mbflag = tag2nbyte[type]; 559 mbflag = tag2nbyte[type];
555 if(mbflag == -1) return -1; 560 if(mbflag == -1) return -1;
556 if (mbflag == 0) 561 mbflag |= MBSTRING_FLAG;
557 mbflag = MBSTRING_UTF8;
558 else if (mbflag == 4)
559 mbflag = MBSTRING_UNIV;
560 else
561 mbflag |= MBSTRING_FLAG;
562 stmp.data = NULL; 562 stmp.data = NULL;
563 ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag, B_ASN1_UTF8STRING); 563 ret = ASN1_mbstring_copy(&str, in->data, in->length, mbflag, B_ASN1_UTF8STRING);
564 if(ret < 0) return ret; 564 if(ret < 0) return ret;
diff --git a/src/lib/libcrypto/asn1/a_type.c b/src/lib/libcrypto/asn1/a_type.c
index 2292d49b93..36beceacdb 100644
--- a/src/lib/libcrypto/asn1/a_type.c
+++ b/src/lib/libcrypto/asn1/a_type.c
@@ -57,8 +57,9 @@
57 */ 57 */
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include <openssl/asn1t.h>
61#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/asn1t.h>
62#include <openssl/objects.h>
62 63
63int ASN1_TYPE_get(ASN1_TYPE *a) 64int ASN1_TYPE_get(ASN1_TYPE *a)
64 { 65 {
@@ -79,6 +80,31 @@ void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
79 a->value.ptr=value; 80 a->value.ptr=value;
80 } 81 }
81 82
83int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value)
84 {
85 if (!value || (type == V_ASN1_BOOLEAN))
86 {
87 void *p = (void *)value;
88 ASN1_TYPE_set(a, type, p);
89 }
90 else if (type == V_ASN1_OBJECT)
91 {
92 ASN1_OBJECT *odup;
93 odup = OBJ_dup(value);
94 if (!odup)
95 return 0;
96 ASN1_TYPE_set(a, type, odup);
97 }
98 else
99 {
100 ASN1_STRING *sdup;
101 sdup = ASN1_STRING_dup((ASN1_STRING *)value);
102 if (!sdup)
103 return 0;
104 ASN1_TYPE_set(a, type, sdup);
105 }
106 return 1;
107 }
82 108
83IMPLEMENT_STACK_OF(ASN1_TYPE) 109IMPLEMENT_STACK_OF(ASN1_TYPE)
84IMPLEMENT_ASN1_SET_OF(ASN1_TYPE) 110IMPLEMENT_ASN1_SET_OF(ASN1_TYPE)
diff --git a/src/lib/libcrypto/asn1/a_utctm.c b/src/lib/libcrypto/asn1/a_utctm.c
index 7b25fed331..d31c028193 100644
--- a/src/lib/libcrypto/asn1/a_utctm.c
+++ b/src/lib/libcrypto/asn1/a_utctm.c
@@ -162,7 +162,7 @@ err:
162 return(0); 162 return(0);
163 } 163 }
164 164
165int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str) 165int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str)
166 { 166 {
167 ASN1_UTCTIME t; 167 ASN1_UTCTIME t;
168 168
diff --git a/src/lib/libcrypto/asn1/a_verify.c b/src/lib/libcrypto/asn1/a_verify.c
index 18ef0acf00..fdce6e4380 100644
--- a/src/lib/libcrypto/asn1/a_verify.c
+++ b/src/lib/libcrypto/asn1/a_verify.c
@@ -73,8 +73,8 @@
73 73
74#ifndef NO_ASN1_OLD 74#ifndef NO_ASN1_OLD
75 75
76int ASN1_verify(int (*i2d)(), X509_ALGOR *a, ASN1_BIT_STRING *signature, 76int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature,
77 char *data, EVP_PKEY *pkey) 77 char *data, EVP_PKEY *pkey)
78 { 78 {
79 EVP_MD_CTX ctx; 79 EVP_MD_CTX ctx;
80 const EVP_MD *type; 80 const EVP_MD *type;
@@ -138,13 +138,13 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
138 type=EVP_get_digestbyname(OBJ_nid2sn(i)); 138 type=EVP_get_digestbyname(OBJ_nid2sn(i));
139 if (type == NULL) 139 if (type == NULL)
140 { 140 {
141 ASN1err(ASN1_F_ASN1_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); 141 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
142 goto err; 142 goto err;
143 } 143 }
144 144
145 if (!EVP_VerifyInit_ex(&ctx,type, NULL)) 145 if (!EVP_VerifyInit_ex(&ctx,type, NULL))
146 { 146 {
147 ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB); 147 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB);
148 ret=0; 148 ret=0;
149 goto err; 149 goto err;
150 } 150 }
@@ -153,7 +153,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
153 153
154 if (buf_in == NULL) 154 if (buf_in == NULL)
155 { 155 {
156 ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE); 156 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_MALLOC_FAILURE);
157 goto err; 157 goto err;
158 } 158 }
159 159
@@ -165,7 +165,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signat
165 if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data, 165 if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data,
166 (unsigned int)signature->length,pkey) <= 0) 166 (unsigned int)signature->length,pkey) <= 0)
167 { 167 {
168 ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB); 168 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB);
169 ret=0; 169 ret=0;
170 goto err; 170 goto err;
171 } 171 }
diff --git a/src/lib/libcrypto/asn1/asn1.h b/src/lib/libcrypto/asn1/asn1.h
index 0184b475a7..424cd348bb 100644
--- a/src/lib/libcrypto/asn1/asn1.h
+++ b/src/lib/libcrypto/asn1/asn1.h
@@ -60,17 +60,19 @@
60#define HEADER_ASN1_H 60#define HEADER_ASN1_H
61 61
62#include <time.h> 62#include <time.h>
63#include <openssl/e_os2.h>
63#ifndef OPENSSL_NO_BIO 64#ifndef OPENSSL_NO_BIO
64#include <openssl/bio.h> 65#include <openssl/bio.h>
65#endif 66#endif
66#include <openssl/e_os2.h>
67#include <openssl/bn.h>
68#include <openssl/stack.h> 67#include <openssl/stack.h>
69#include <openssl/safestack.h> 68#include <openssl/safestack.h>
70 69
71#include <openssl/symhacks.h> 70#include <openssl/symhacks.h>
72 71
73#include <openssl/ossl_typ.h> 72#include <openssl/ossl_typ.h>
73#ifndef OPENSSL_NO_DEPRECATED
74#include <openssl/bn.h>
75#endif
74 76
75#ifdef OPENSSL_BUILD_SHLIBCRYPTO 77#ifdef OPENSSL_BUILD_SHLIBCRYPTO
76# undef OPENSSL_EXTERN 78# undef OPENSSL_EXTERN
@@ -147,19 +149,29 @@ extern "C" {
147#define B_ASN1_UTF8STRING 0x2000 149#define B_ASN1_UTF8STRING 0x2000
148#define B_ASN1_UTCTIME 0x4000 150#define B_ASN1_UTCTIME 0x4000
149#define B_ASN1_GENERALIZEDTIME 0x8000 151#define B_ASN1_GENERALIZEDTIME 0x8000
152#define B_ASN1_SEQUENCE 0x10000
150 153
151/* For use with ASN1_mbstring_copy() */ 154/* For use with ASN1_mbstring_copy() */
152#define MBSTRING_FLAG 0x1000 155#define MBSTRING_FLAG 0x1000
156#define MBSTRING_UTF8 (MBSTRING_FLAG)
153#define MBSTRING_ASC (MBSTRING_FLAG|1) 157#define MBSTRING_ASC (MBSTRING_FLAG|1)
154#define MBSTRING_BMP (MBSTRING_FLAG|2) 158#define MBSTRING_BMP (MBSTRING_FLAG|2)
155#define MBSTRING_UNIV (MBSTRING_FLAG|3) 159#define MBSTRING_UNIV (MBSTRING_FLAG|4)
156#define MBSTRING_UTF8 (MBSTRING_FLAG|4) 160
161#define SMIME_OLDMIME 0x400
162#define SMIME_CRLFEOL 0x800
163#define SMIME_STREAM 0x1000
157 164
158struct X509_algor_st; 165struct X509_algor_st;
166DECLARE_STACK_OF(X509_ALGOR)
159 167
160#define DECLARE_ASN1_SET_OF(type) /* filled in by mkstack.pl */ 168#define DECLARE_ASN1_SET_OF(type) /* filled in by mkstack.pl */
161#define IMPLEMENT_ASN1_SET_OF(type) /* nothing, no longer needed */ 169#define IMPLEMENT_ASN1_SET_OF(type) /* nothing, no longer needed */
162 170
171/* We MUST make sure that, except for constness, asn1_ctx_st and
172 asn1_const_ctx are exactly the same. Fortunately, as soon as
173 the old ASN1 parsing macros are gone, we can throw this away
174 as well... */
163typedef struct asn1_ctx_st 175typedef struct asn1_ctx_st
164 { 176 {
165 unsigned char *p;/* work char pointer */ 177 unsigned char *p;/* work char pointer */
@@ -175,6 +187,21 @@ typedef struct asn1_ctx_st
175 int line; /* used in error processing */ 187 int line; /* used in error processing */
176 } ASN1_CTX; 188 } ASN1_CTX;
177 189
190typedef struct asn1_const_ctx_st
191 {
192 const unsigned char *p;/* work char pointer */
193 int eos; /* end of sequence read for indefinite encoding */
194 int error; /* error code to use when returning an error */
195 int inf; /* constructed if 0x20, indefinite is 0x21 */
196 int tag; /* tag from last 'get object' */
197 int xclass; /* class from last 'get object' */
198 long slen; /* length of last 'get object' */
199 const unsigned char *max; /* largest value of p allowed */
200 const unsigned char *q;/* temporary variable */
201 const unsigned char **pp;/* variable */
202 int line; /* used in error processing */
203 } ASN1_const_CTX;
204
178/* These are used internally in the ASN1_OBJECT to keep track of 205/* These are used internally in the ASN1_OBJECT to keep track of
179 * whether the names and data need to be free()ed */ 206 * whether the names and data need to be free()ed */
180#define ASN1_OBJECT_FLAG_DYNAMIC 0x01 /* internal use */ 207#define ASN1_OBJECT_FLAG_DYNAMIC 0x01 /* internal use */
@@ -191,6 +218,18 @@ typedef struct asn1_object_st
191 } ASN1_OBJECT; 218 } ASN1_OBJECT;
192 219
193#define ASN1_STRING_FLAG_BITS_LEFT 0x08 /* Set if 0x07 has bits left value */ 220#define ASN1_STRING_FLAG_BITS_LEFT 0x08 /* Set if 0x07 has bits left value */
221/* This indicates that the ASN1_STRING is not a real value but just a place
222 * holder for the location where indefinite length constructed data should
223 * be inserted in the memory buffer
224 */
225#define ASN1_STRING_FLAG_NDEF 0x010
226
227/* This flag is used by the CMS code to indicate that a string is not
228 * complete and is a place holder for content when it had all been
229 * accessed. The flag will be reset when content has been written to it.
230 */
231#define ASN1_STRING_FLAG_CONT 0x020
232
194/* This is the base type that holds just about everything :-) */ 233/* This is the base type that holds just about everything :-) */
195typedef struct asn1_string_st 234typedef struct asn1_string_st
196 { 235 {
@@ -259,18 +298,19 @@ typedef struct ASN1_VALUE_st ASN1_VALUE;
259 298
260#define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type) 299#define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type)
261 300
301#define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \
302 DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, type)
303
262#define DECLARE_ASN1_FUNCTIONS_name(type, name) \ 304#define DECLARE_ASN1_FUNCTIONS_name(type, name) \
263 type *name##_new(void); \ 305 DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
264 void name##_free(type *a); \
265 DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) 306 DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name)
266 307
267#define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \ 308#define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \
268 type *name##_new(void); \ 309 DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
269 void name##_free(type *a); \
270 DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) 310 DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name)
271 311
272#define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \ 312#define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \
273 type *d2i_##name(type **a, unsigned char **in, long len); \ 313 type *d2i_##name(type **a, const unsigned char **in, long len); \
274 int i2d_##name(type *a, unsigned char **out); \ 314 int i2d_##name(type *a, unsigned char **out); \
275 DECLARE_ASN1_ITEM(itname) 315 DECLARE_ASN1_ITEM(itname)
276 316
@@ -279,10 +319,37 @@ typedef struct ASN1_VALUE_st ASN1_VALUE;
279 int i2d_##name(const type *a, unsigned char **out); \ 319 int i2d_##name(const type *a, unsigned char **out); \
280 DECLARE_ASN1_ITEM(name) 320 DECLARE_ASN1_ITEM(name)
281 321
322#define DECLARE_ASN1_NDEF_FUNCTION(name) \
323 int i2d_##name##_NDEF(name *a, unsigned char **out);
324
282#define DECLARE_ASN1_FUNCTIONS_const(name) \ 325#define DECLARE_ASN1_FUNCTIONS_const(name) \
283 name *name##_new(void); \ 326 DECLARE_ASN1_ALLOC_FUNCTIONS(name) \
284 void name##_free(name *a); 327 DECLARE_ASN1_ENCODE_FUNCTIONS_const(name, name)
285 328
329#define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \
330 type *name##_new(void); \
331 void name##_free(type *a);
332
333#define D2I_OF(type) type *(*)(type **,const unsigned char **,long)
334#define I2D_OF(type) int (*)(type *,unsigned char **)
335#define I2D_OF_const(type) int (*)(const type *,unsigned char **)
336
337#define CHECKED_D2I_OF(type, d2i) \
338 ((d2i_of_void*) (1 ? d2i : ((D2I_OF(type))0)))
339#define CHECKED_I2D_OF(type, i2d) \
340 ((i2d_of_void*) (1 ? i2d : ((I2D_OF(type))0)))
341#define CHECKED_NEW_OF(type, xnew) \
342 ((void *(*)(void)) (1 ? xnew : ((type *(*)(void))0)))
343#define CHECKED_PTR_OF(type, p) \
344 ((void*) (1 ? p : (type*)0))
345#define CHECKED_PPTR_OF(type, p) \
346 ((void**) (1 ? p : (type**)0))
347
348#define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long)
349#define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **)
350#define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type)
351
352TYPEDEF_D2I2D_OF(void);
286 353
287/* The following macros and typedefs allow an ASN1_ITEM 354/* The following macros and typedefs allow an ASN1_ITEM
288 * to be embedded in a structure and referenced. Since 355 * to be embedded in a structure and referenced. Since
@@ -467,6 +534,7 @@ typedef struct asn1_type_st
467 * contain the set or sequence bytes */ 534 * contain the set or sequence bytes */
468 ASN1_STRING * set; 535 ASN1_STRING * set;
469 ASN1_STRING * sequence; 536 ASN1_STRING * sequence;
537 ASN1_VALUE * asn1_value;
470 } value; 538 } value;
471 } ASN1_TYPE; 539 } ASN1_TYPE;
472 540
@@ -475,17 +543,17 @@ DECLARE_ASN1_SET_OF(ASN1_TYPE)
475 543
476typedef struct asn1_method_st 544typedef struct asn1_method_st
477 { 545 {
478 int (*i2d)(); 546 i2d_of_void *i2d;
479 char *(*d2i)(); 547 d2i_of_void *d2i;
480 char *(*create)(); 548 void *(*create)(void);
481 void (*destroy)(); 549 void (*destroy)(void *);
482 } ASN1_METHOD; 550 } ASN1_METHOD;
483 551
484/* This is used when parsing some Netscape objects */ 552/* This is used when parsing some Netscape objects */
485typedef struct asn1_header_st 553typedef struct asn1_header_st
486 { 554 {
487 ASN1_OCTET_STRING *header; 555 ASN1_OCTET_STRING *header;
488 char *data; 556 void *data;
489 ASN1_METHOD *meth; 557 ASN1_METHOD *meth;
490 } ASN1_HEADER; 558 } ASN1_HEADER;
491 559
@@ -551,6 +619,7 @@ typedef struct BIT_STRING_BITNAME_st {
551 B_ASN1_UNIVERSALSTRING|\ 619 B_ASN1_UNIVERSALSTRING|\
552 B_ASN1_BMPSTRING|\ 620 B_ASN1_BMPSTRING|\
553 B_ASN1_UTF8STRING|\ 621 B_ASN1_UTF8STRING|\
622 B_ASN1_SEQUENCE|\
554 B_ASN1_UNKNOWN 623 B_ASN1_UNKNOWN
555 624
556#define B_ASN1_DIRECTORYSTRING \ 625#define B_ASN1_DIRECTORYSTRING \
@@ -696,13 +765,14 @@ DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
696 765
697int ASN1_TYPE_get(ASN1_TYPE *a); 766int ASN1_TYPE_get(ASN1_TYPE *a);
698void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value); 767void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
768int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value);
699 769
700ASN1_OBJECT * ASN1_OBJECT_new(void ); 770ASN1_OBJECT * ASN1_OBJECT_new(void );
701void ASN1_OBJECT_free(ASN1_OBJECT *a); 771void ASN1_OBJECT_free(ASN1_OBJECT *a);
702int i2d_ASN1_OBJECT(ASN1_OBJECT *a,unsigned char **pp); 772int i2d_ASN1_OBJECT(ASN1_OBJECT *a,unsigned char **pp);
703ASN1_OBJECT * c2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp, 773ASN1_OBJECT * c2i_ASN1_OBJECT(ASN1_OBJECT **a,const unsigned char **pp,
704 long length); 774 long length);
705ASN1_OBJECT * d2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp, 775ASN1_OBJECT * d2i_ASN1_OBJECT(ASN1_OBJECT **a,const unsigned char **pp,
706 long length); 776 long length);
707 777
708DECLARE_ASN1_ITEM(ASN1_OBJECT) 778DECLARE_ASN1_ITEM(ASN1_OBJECT)
@@ -718,6 +788,7 @@ int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
718 /* Since this is used to store all sorts of things, via macros, for now, make 788 /* Since this is used to store all sorts of things, via macros, for now, make
719 its data void * */ 789 its data void * */
720int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len); 790int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);
791void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len);
721int ASN1_STRING_length(ASN1_STRING *x); 792int ASN1_STRING_length(ASN1_STRING *x);
722void ASN1_STRING_length_set(ASN1_STRING *x, int n); 793void ASN1_STRING_length_set(ASN1_STRING *x, int n);
723int ASN1_STRING_type(ASN1_STRING *x); 794int ASN1_STRING_type(ASN1_STRING *x);
@@ -725,7 +796,7 @@ unsigned char * ASN1_STRING_data(ASN1_STRING *x);
725 796
726DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING) 797DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING)
727int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp); 798int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp);
728ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp, 799ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,const unsigned char **pp,
729 long length); 800 long length);
730int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, 801int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d,
731 int length ); 802 int length );
@@ -741,13 +812,13 @@ int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value,
741 BIT_STRING_BITNAME *tbl); 812 BIT_STRING_BITNAME *tbl);
742 813
743int i2d_ASN1_BOOLEAN(int a,unsigned char **pp); 814int i2d_ASN1_BOOLEAN(int a,unsigned char **pp);
744int d2i_ASN1_BOOLEAN(int *a,unsigned char **pp,long length); 815int d2i_ASN1_BOOLEAN(int *a,const unsigned char **pp,long length);
745 816
746DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER) 817DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER)
747int i2c_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp); 818int i2c_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp);
748ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp, 819ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,const unsigned char **pp,
749 long length); 820 long length);
750ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,unsigned char **pp, 821ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,const unsigned char **pp,
751 long length); 822 long length);
752ASN1_INTEGER * ASN1_INTEGER_dup(ASN1_INTEGER *x); 823ASN1_INTEGER * ASN1_INTEGER_dup(ASN1_INTEGER *x);
753int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y); 824int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y);
@@ -756,7 +827,7 @@ DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED)
756 827
757int ASN1_UTCTIME_check(ASN1_UTCTIME *a); 828int ASN1_UTCTIME_check(ASN1_UTCTIME *a);
758ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t); 829ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t);
759int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, char *str); 830int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str);
760int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t); 831int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t);
761#if 0 832#if 0
762time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s); 833time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s);
@@ -764,12 +835,12 @@ time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s);
764 835
765int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a); 836int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a);
766ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t); 837ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t);
767int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str); 838int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str);
768 839
769DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING) 840DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
770ASN1_OCTET_STRING * ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *a); 841ASN1_OCTET_STRING * ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *a);
771int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b); 842int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b);
772int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, unsigned char *data, int len); 843int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data, int len);
773 844
774DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING) 845DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
775DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING) 846DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
@@ -792,15 +863,17 @@ DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME)
792DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME) 863DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
793DECLARE_ASN1_FUNCTIONS(ASN1_TIME) 864DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
794 865
866DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF)
867
795ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s,time_t t); 868ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s,time_t t);
796int ASN1_TIME_check(ASN1_TIME *t); 869int ASN1_TIME_check(ASN1_TIME *t);
797ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out); 870ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out);
798 871
799int i2d_ASN1_SET(STACK *a, unsigned char **pp, 872int i2d_ASN1_SET(STACK *a, unsigned char **pp,
800 int (*func)(), int ex_tag, int ex_class, int is_set); 873 i2d_of_void *i2d, int ex_tag, int ex_class, int is_set);
801STACK * d2i_ASN1_SET(STACK **a, unsigned char **pp, long length, 874STACK * d2i_ASN1_SET(STACK **a, const unsigned char **pp, long length,
802 char *(*func)(), void (*free_func)(void *), 875 d2i_of_void *d2i, void (*free_func)(void *),
803 int ex_tag, int ex_class); 876 int ex_tag, int ex_class);
804 877
805#ifndef OPENSSL_NO_BIO 878#ifndef OPENSSL_NO_BIO
806int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a); 879int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
@@ -832,33 +905,70 @@ BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai,BIGNUM *bn);
832int ASN1_PRINTABLE_type(const unsigned char *s, int max); 905int ASN1_PRINTABLE_type(const unsigned char *s, int max);
833 906
834int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass); 907int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass);
835ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, 908ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp,
836 long length, int Ptag, int Pclass); 909 long length, int Ptag, int Pclass);
837unsigned long ASN1_tag2bit(int tag); 910unsigned long ASN1_tag2bit(int tag);
838/* type is one or more of the B_ASN1_ values. */ 911/* type is one or more of the B_ASN1_ values. */
839ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a,unsigned char **pp, 912ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a,const unsigned char **pp,
840 long length,int type); 913 long length,int type);
841 914
842/* PARSING */ 915/* PARSING */
843int asn1_Finish(ASN1_CTX *c); 916int asn1_Finish(ASN1_CTX *c);
917int asn1_const_Finish(ASN1_const_CTX *c);
844 918
845/* SPECIALS */ 919/* SPECIALS */
846int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, 920int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
847 int *pclass, long omax); 921 int *pclass, long omax);
848int ASN1_check_infinite_end(unsigned char **p,long len); 922int ASN1_check_infinite_end(unsigned char **p,long len);
923int ASN1_const_check_infinite_end(const unsigned char **p,long len);
849void ASN1_put_object(unsigned char **pp, int constructed, int length, 924void ASN1_put_object(unsigned char **pp, int constructed, int length,
850 int tag, int xclass); 925 int tag, int xclass);
926int ASN1_put_eoc(unsigned char **pp);
851int ASN1_object_size(int constructed, int length, int tag); 927int ASN1_object_size(int constructed, int length, int tag);
852 928
853/* Used to implement other functions */ 929/* Used to implement other functions */
854char *ASN1_dup(int (*i2d)(),char *(*d2i)(),char *x); 930void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, char *x);
931
932#define ASN1_dup_of(type,i2d,d2i,x) \
933 ((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \
934 CHECKED_D2I_OF(type, d2i), \
935 CHECKED_PTR_OF(type, x)))
936
937#define ASN1_dup_of_const(type,i2d,d2i,x) \
938 ((type*)ASN1_dup(CHECKED_I2D_OF(const type, i2d), \
939 CHECKED_D2I_OF(type, d2i), \
940 CHECKED_PTR_OF(const type, x)))
855 941
856void *ASN1_item_dup(const ASN1_ITEM *it, void *x); 942void *ASN1_item_dup(const ASN1_ITEM *it, void *x);
857 943
944/* ASN1 alloc/free macros for when a type is only used internally */
945
946#define M_ASN1_new_of(type) (type *)ASN1_item_new(ASN1_ITEM_rptr(type))
947#define M_ASN1_free_of(x, type) \
948 ASN1_item_free(CHECKED_PTR_OF(type, x), ASN1_ITEM_rptr(type))
949
858#ifndef OPENSSL_NO_FP_API 950#ifndef OPENSSL_NO_FP_API
859char *ASN1_d2i_fp(char *(*xnew)(),char *(*d2i)(),FILE *fp,unsigned char **x); 951void *ASN1_d2i_fp(void *(*xnew)(void), d2i_of_void *d2i, FILE *in, void **x);
952
953#define ASN1_d2i_fp_of(type,xnew,d2i,in,x) \
954 ((type*)ASN1_d2i_fp(CHECKED_NEW_OF(type, xnew), \
955 CHECKED_D2I_OF(type, d2i), \
956 in, \
957 CHECKED_PPTR_OF(type, x)))
958
860void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x); 959void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x);
861int ASN1_i2d_fp(int (*i2d)(),FILE *out,unsigned char *x); 960int ASN1_i2d_fp(i2d_of_void *i2d,FILE *out,void *x);
961
962#define ASN1_i2d_fp_of(type,i2d,out,x) \
963 (ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \
964 out, \
965 CHECKED_PTR_OF(type, x)))
966
967#define ASN1_i2d_fp_of_const(type,i2d,out,x) \
968 (ASN1_i2d_fp(CHECKED_I2D_OF(const type, i2d), \
969 out, \
970 CHECKED_PTR_OF(const type, x)))
971
862int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x); 972int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x);
863int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags); 973int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags);
864#endif 974#endif
@@ -866,23 +976,41 @@ int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags);
866int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in); 976int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in);
867 977
868#ifndef OPENSSL_NO_BIO 978#ifndef OPENSSL_NO_BIO
869char *ASN1_d2i_bio(char *(*xnew)(),char *(*d2i)(),BIO *bp,unsigned char **x); 979void *ASN1_d2i_bio(void *(*xnew)(void), d2i_of_void *d2i, BIO *in, void **x);
980
981#define ASN1_d2i_bio_of(type,xnew,d2i,in,x) \
982 ((type*)ASN1_d2i_bio( CHECKED_NEW_OF(type, xnew), \
983 CHECKED_D2I_OF(type, d2i), \
984 in, \
985 CHECKED_PPTR_OF(type, x)))
986
870void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x); 987void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x);
871int ASN1_i2d_bio(int (*i2d)(),BIO *out,unsigned char *x); 988int ASN1_i2d_bio(i2d_of_void *i2d,BIO *out, unsigned char *x);
989
990#define ASN1_i2d_bio_of(type,i2d,out,x) \
991 (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \
992 out, \
993 CHECKED_PTR_OF(type, x)))
994
995#define ASN1_i2d_bio_of_const(type,i2d,out,x) \
996 (ASN1_i2d_bio(CHECKED_I2D_OF(const type, i2d), \
997 out, \
998 CHECKED_PTR_OF(const type, x)))
999
872int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x); 1000int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x);
873int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a); 1001int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a);
874int ASN1_GENERALIZEDTIME_print(BIO *fp,ASN1_GENERALIZEDTIME *a); 1002int ASN1_GENERALIZEDTIME_print(BIO *fp,ASN1_GENERALIZEDTIME *a);
875int ASN1_TIME_print(BIO *fp,ASN1_TIME *a); 1003int ASN1_TIME_print(BIO *fp,ASN1_TIME *a);
876int ASN1_STRING_print(BIO *bp,ASN1_STRING *v); 1004int ASN1_STRING_print(BIO *bp,ASN1_STRING *v);
877int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags); 1005int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags);
878int ASN1_parse(BIO *bp,unsigned char *pp,long len,int indent); 1006int ASN1_parse(BIO *bp,const unsigned char *pp,long len,int indent);
879int ASN1_parse_dump(BIO *bp,unsigned char *pp,long len,int indent,int dump); 1007int ASN1_parse_dump(BIO *bp,const unsigned char *pp,long len,int indent,int dump);
880#endif 1008#endif
881const char *ASN1_tag2str(int tag); 1009const char *ASN1_tag2str(int tag);
882 1010
883/* Used to load and write netscape format cert/key */ 1011/* Used to load and write netscape format cert/key */
884int i2d_ASN1_HEADER(ASN1_HEADER *a,unsigned char **pp); 1012int i2d_ASN1_HEADER(ASN1_HEADER *a,unsigned char **pp);
885ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a,unsigned char **pp, long length); 1013ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a,const unsigned char **pp, long length);
886ASN1_HEADER *ASN1_HEADER_new(void ); 1014ASN1_HEADER *ASN1_HEADER_new(void );
887void ASN1_HEADER_free(ASN1_HEADER *a); 1015void ASN1_HEADER_free(ASN1_HEADER *a);
888 1016
@@ -903,13 +1031,20 @@ int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num,
903int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a,long *num, 1031int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a,long *num,
904 unsigned char *data, int max_len); 1032 unsigned char *data, int max_len);
905 1033
906STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(), 1034STACK *ASN1_seq_unpack(const unsigned char *buf, int len,
907 void (*free_func)(void *) ); 1035 d2i_of_void *d2i, void (*free_func)(void *));
908unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf, 1036unsigned char *ASN1_seq_pack(STACK *safes, i2d_of_void *i2d,
909 int *len ); 1037 unsigned char **buf, int *len );
910void *ASN1_unpack_string(ASN1_STRING *oct, char *(*d2i)()); 1038void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i);
911void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it); 1039void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it);
912ASN1_STRING *ASN1_pack_string(void *obj, int (*i2d)(), ASN1_OCTET_STRING **oct); 1040ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d,
1041 ASN1_OCTET_STRING **oct);
1042
1043#define ASN1_pack_string_of(type,obj,i2d,oct) \
1044 (ASN1_pack_string(CHECKED_PTR_OF(type, obj), \
1045 CHECKED_I2D_OF(type, i2d), \
1046 oct))
1047
913ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_OCTET_STRING **oct); 1048ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_OCTET_STRING **oct);
914 1049
915void ASN1_STRING_set_default_mask(unsigned long mask); 1050void ASN1_STRING_set_default_mask(unsigned long mask);
@@ -932,11 +1067,25 @@ void ASN1_STRING_TABLE_cleanup(void);
932/* Old API compatible functions */ 1067/* Old API compatible functions */
933ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it); 1068ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it);
934void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it); 1069void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it);
935ASN1_VALUE * ASN1_item_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it); 1070ASN1_VALUE * ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it);
936int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); 1071int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
1072int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
937 1073
938void ASN1_add_oid_module(void); 1074void ASN1_add_oid_module(void);
939 1075
1076ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf);
1077ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf);
1078
1079typedef int asn1_output_data_fn(BIO *out, BIO *data, ASN1_VALUE *val, int flags,
1080 const ASN1_ITEM *it);
1081
1082int int_smime_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags,
1083 int ctype_nid, int econt_nid,
1084 STACK_OF(X509_ALGOR) *mdalgs,
1085 asn1_output_data_fn *data_fn,
1086 const ASN1_ITEM *it);
1087ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it);
1088
940/* BEGIN ERROR CODES */ 1089/* BEGIN ERROR CODES */
941/* The following lines are auto generated by the script mkerr.pl. Any changes 1090/* The following lines are auto generated by the script mkerr.pl. Any changes
942 * made after this point may be overwritten when the script is next run. 1091 * made after this point may be overwritten when the script is next run.
@@ -950,49 +1099,70 @@ void ERR_load_ASN1_strings(void);
950#define ASN1_F_A2I_ASN1_ENUMERATED 101 1099#define ASN1_F_A2I_ASN1_ENUMERATED 101
951#define ASN1_F_A2I_ASN1_INTEGER 102 1100#define ASN1_F_A2I_ASN1_INTEGER 102
952#define ASN1_F_A2I_ASN1_STRING 103 1101#define ASN1_F_A2I_ASN1_STRING 103
953#define ASN1_F_ASN1_BIT_STRING_SET_BIT 176 1102#define ASN1_F_APPEND_EXP 176
1103#define ASN1_F_ASN1_BIT_STRING_SET_BIT 183
1104#define ASN1_F_ASN1_CB 177
954#define ASN1_F_ASN1_CHECK_TLEN 104 1105#define ASN1_F_ASN1_CHECK_TLEN 104
955#define ASN1_F_ASN1_COLLATE_PRIMITIVE 105 1106#define ASN1_F_ASN1_COLLATE_PRIMITIVE 105
956#define ASN1_F_ASN1_COLLECT 106 1107#define ASN1_F_ASN1_COLLECT 106
957#define ASN1_F_ASN1_D2I_BIO 107
958#define ASN1_F_ASN1_D2I_EX_PRIMITIVE 108 1108#define ASN1_F_ASN1_D2I_EX_PRIMITIVE 108
959#define ASN1_F_ASN1_D2I_FP 109 1109#define ASN1_F_ASN1_D2I_FP 109
960#define ASN1_F_ASN1_DIGEST 177 1110#define ASN1_F_ASN1_D2I_READ_BIO 107
1111#define ASN1_F_ASN1_DIGEST 184
961#define ASN1_F_ASN1_DO_ADB 110 1112#define ASN1_F_ASN1_DO_ADB 110
962#define ASN1_F_ASN1_DUP 111 1113#define ASN1_F_ASN1_DUP 111
963#define ASN1_F_ASN1_ENUMERATED_SET 112 1114#define ASN1_F_ASN1_ENUMERATED_SET 112
964#define ASN1_F_ASN1_ENUMERATED_TO_BN 113 1115#define ASN1_F_ASN1_ENUMERATED_TO_BN 113
965#define ASN1_F_ASN1_FIND_END 182 1116#define ASN1_F_ASN1_EX_C2I 204
966#define ASN1_F_ASN1_GENERALIZEDTIME_SET 178 1117#define ASN1_F_ASN1_FIND_END 190
1118#define ASN1_F_ASN1_GENERALIZEDTIME_SET 185
1119#define ASN1_F_ASN1_GENERATE_V3 178
967#define ASN1_F_ASN1_GET_OBJECT 114 1120#define ASN1_F_ASN1_GET_OBJECT 114
968#define ASN1_F_ASN1_HEADER_NEW 115 1121#define ASN1_F_ASN1_HEADER_NEW 115
969#define ASN1_F_ASN1_I2D_BIO 116 1122#define ASN1_F_ASN1_I2D_BIO 116
970#define ASN1_F_ASN1_I2D_FP 117 1123#define ASN1_F_ASN1_I2D_FP 117
971#define ASN1_F_ASN1_INTEGER_SET 118 1124#define ASN1_F_ASN1_INTEGER_SET 118
972#define ASN1_F_ASN1_INTEGER_TO_BN 119 1125#define ASN1_F_ASN1_INTEGER_TO_BN 119
1126#define ASN1_F_ASN1_ITEM_D2I_FP 206
1127#define ASN1_F_ASN1_ITEM_DUP 191
1128#define ASN1_F_ASN1_ITEM_EX_COMBINE_NEW 121
973#define ASN1_F_ASN1_ITEM_EX_D2I 120 1129#define ASN1_F_ASN1_ITEM_EX_D2I 120
974#define ASN1_F_ASN1_ITEM_NEW 121 1130#define ASN1_F_ASN1_ITEM_I2D_BIO 192
975#define ASN1_F_ASN1_MBSTRING_COPY 122 1131#define ASN1_F_ASN1_ITEM_I2D_FP 193
1132#define ASN1_F_ASN1_ITEM_PACK 198
1133#define ASN1_F_ASN1_ITEM_SIGN 195
1134#define ASN1_F_ASN1_ITEM_UNPACK 199
1135#define ASN1_F_ASN1_ITEM_VERIFY 197
1136#define ASN1_F_ASN1_MBSTRING_NCOPY 122
976#define ASN1_F_ASN1_OBJECT_NEW 123 1137#define ASN1_F_ASN1_OBJECT_NEW 123
1138#define ASN1_F_ASN1_OUTPUT_DATA 207
977#define ASN1_F_ASN1_PACK_STRING 124 1139#define ASN1_F_ASN1_PACK_STRING 124
978#define ASN1_F_ASN1_PBE_SET 125 1140#define ASN1_F_ASN1_PCTX_NEW 205
1141#define ASN1_F_ASN1_PKCS5_PBE_SET 125
979#define ASN1_F_ASN1_SEQ_PACK 126 1142#define ASN1_F_ASN1_SEQ_PACK 126
980#define ASN1_F_ASN1_SEQ_UNPACK 127 1143#define ASN1_F_ASN1_SEQ_UNPACK 127
981#define ASN1_F_ASN1_SIGN 128 1144#define ASN1_F_ASN1_SIGN 128
982#define ASN1_F_ASN1_STRING_SET 179 1145#define ASN1_F_ASN1_STR2TYPE 179
1146#define ASN1_F_ASN1_STRING_SET 186
983#define ASN1_F_ASN1_STRING_TABLE_ADD 129 1147#define ASN1_F_ASN1_STRING_TABLE_ADD 129
984#define ASN1_F_ASN1_STRING_TYPE_NEW 130 1148#define ASN1_F_ASN1_STRING_TYPE_NEW 130
985#define ASN1_F_ASN1_TEMPLATE_D2I 131
986#define ASN1_F_ASN1_TEMPLATE_EX_D2I 132 1149#define ASN1_F_ASN1_TEMPLATE_EX_D2I 132
987#define ASN1_F_ASN1_TEMPLATE_NEW 133 1150#define ASN1_F_ASN1_TEMPLATE_NEW 133
1151#define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I 131
988#define ASN1_F_ASN1_TIME_SET 175 1152#define ASN1_F_ASN1_TIME_SET 175
989#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134 1153#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134
990#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135 1154#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135
991#define ASN1_F_ASN1_UNPACK_STRING 136 1155#define ASN1_F_ASN1_UNPACK_STRING 136
992#define ASN1_F_ASN1_UTCTIME_SET 180 1156#define ASN1_F_ASN1_UTCTIME_SET 187
993#define ASN1_F_ASN1_VERIFY 137 1157#define ASN1_F_ASN1_VERIFY 137
1158#define ASN1_F_B64_READ_ASN1 208
1159#define ASN1_F_B64_WRITE_ASN1 209
1160#define ASN1_F_BITSTR_CB 180
994#define ASN1_F_BN_TO_ASN1_ENUMERATED 138 1161#define ASN1_F_BN_TO_ASN1_ENUMERATED 138
995#define ASN1_F_BN_TO_ASN1_INTEGER 139 1162#define ASN1_F_BN_TO_ASN1_INTEGER 139
1163#define ASN1_F_C2I_ASN1_BIT_STRING 189
1164#define ASN1_F_C2I_ASN1_INTEGER 194
1165#define ASN1_F_C2I_ASN1_OBJECT 196
996#define ASN1_F_COLLECT_DATA 140 1166#define ASN1_F_COLLECT_DATA 140
997#define ASN1_F_D2I_ASN1_BIT_STRING 141 1167#define ASN1_F_D2I_ASN1_BIT_STRING 141
998#define ASN1_F_D2I_ASN1_BOOLEAN 142 1168#define ASN1_F_D2I_ASN1_BOOLEAN 142
@@ -1009,29 +1179,39 @@ void ERR_load_ASN1_strings(void);
1009#define ASN1_F_D2I_NETSCAPE_RSA_2 153 1179#define ASN1_F_D2I_NETSCAPE_RSA_2 153
1010#define ASN1_F_D2I_PRIVATEKEY 154 1180#define ASN1_F_D2I_PRIVATEKEY 154
1011#define ASN1_F_D2I_PUBLICKEY 155 1181#define ASN1_F_D2I_PUBLICKEY 155
1182#define ASN1_F_D2I_RSA_NET 200
1183#define ASN1_F_D2I_RSA_NET_2 201
1012#define ASN1_F_D2I_X509 156 1184#define ASN1_F_D2I_X509 156
1013#define ASN1_F_D2I_X509_CINF 157 1185#define ASN1_F_D2I_X509_CINF 157
1014#define ASN1_F_D2I_X509_NAME 158
1015#define ASN1_F_D2I_X509_PKEY 159 1186#define ASN1_F_D2I_X509_PKEY 159
1016#define ASN1_F_I2D_ASN1_SET 181 1187#define ASN1_F_I2D_ASN1_SET 188
1017#define ASN1_F_I2D_ASN1_TIME 160 1188#define ASN1_F_I2D_ASN1_TIME 160
1018#define ASN1_F_I2D_DSA_PUBKEY 161 1189#define ASN1_F_I2D_DSA_PUBKEY 161
1019#define ASN1_F_I2D_NETSCAPE_RSA 162 1190#define ASN1_F_I2D_EC_PUBKEY 181
1020#define ASN1_F_I2D_PRIVATEKEY 163 1191#define ASN1_F_I2D_PRIVATEKEY 163
1021#define ASN1_F_I2D_PUBLICKEY 164 1192#define ASN1_F_I2D_PUBLICKEY 164
1193#define ASN1_F_I2D_RSA_NET 162
1022#define ASN1_F_I2D_RSA_PUBKEY 165 1194#define ASN1_F_I2D_RSA_PUBKEY 165
1023#define ASN1_F_LONG_C2I 166 1195#define ASN1_F_LONG_C2I 166
1024#define ASN1_F_OID_MODULE_INIT 174 1196#define ASN1_F_OID_MODULE_INIT 174
1197#define ASN1_F_PARSE_TAGGING 182
1025#define ASN1_F_PKCS5_PBE2_SET 167 1198#define ASN1_F_PKCS5_PBE2_SET 167
1199#define ASN1_F_PKCS5_PBE_SET 202
1200#define ASN1_F_SMIME_READ_ASN1 210
1201#define ASN1_F_SMIME_TEXT 211
1026#define ASN1_F_X509_CINF_NEW 168 1202#define ASN1_F_X509_CINF_NEW 168
1027#define ASN1_F_X509_CRL_ADD0_REVOKED 169 1203#define ASN1_F_X509_CRL_ADD0_REVOKED 169
1028#define ASN1_F_X509_INFO_NEW 170 1204#define ASN1_F_X509_INFO_NEW 170
1029#define ASN1_F_X509_NAME_NEW 171 1205#define ASN1_F_X509_NAME_ENCODE 203
1206#define ASN1_F_X509_NAME_EX_D2I 158
1207#define ASN1_F_X509_NAME_EX_NEW 171
1030#define ASN1_F_X509_NEW 172 1208#define ASN1_F_X509_NEW 172
1031#define ASN1_F_X509_PKEY_NEW 173 1209#define ASN1_F_X509_PKEY_NEW 173
1032 1210
1033/* Reason codes. */ 1211/* Reason codes. */
1034#define ASN1_R_ADDING_OBJECT 171 1212#define ASN1_R_ADDING_OBJECT 171
1213#define ASN1_R_ASN1_PARSE_ERROR 198
1214#define ASN1_R_ASN1_SIG_PARSE_ERROR 199
1035#define ASN1_R_AUX_ERROR 100 1215#define ASN1_R_AUX_ERROR 100
1036#define ASN1_R_BAD_CLASS 101 1216#define ASN1_R_BAD_CLASS 101
1037#define ASN1_R_BAD_OBJECT_HEADER 102 1217#define ASN1_R_BAD_OBJECT_HEADER 102
@@ -1044,6 +1224,7 @@ void ERR_load_ASN1_strings(void);
1044#define ASN1_R_DATA_IS_WRONG 109 1224#define ASN1_R_DATA_IS_WRONG 109
1045#define ASN1_R_DECODE_ERROR 110 1225#define ASN1_R_DECODE_ERROR 110
1046#define ASN1_R_DECODING_ERROR 111 1226#define ASN1_R_DECODING_ERROR 111
1227#define ASN1_R_DEPTH_EXCEEDED 174
1047#define ASN1_R_ENCODE_ERROR 112 1228#define ASN1_R_ENCODE_ERROR 112
1048#define ASN1_R_ERROR_GETTING_TIME 173 1229#define ASN1_R_ERROR_GETTING_TIME 173
1049#define ASN1_R_ERROR_LOADING_SECTION 172 1230#define ASN1_R_ERROR_LOADING_SECTION 172
@@ -1058,39 +1239,68 @@ void ERR_load_ASN1_strings(void);
1058#define ASN1_R_FIELD_MISSING 121 1239#define ASN1_R_FIELD_MISSING 121
1059#define ASN1_R_FIRST_NUM_TOO_LARGE 122 1240#define ASN1_R_FIRST_NUM_TOO_LARGE 122
1060#define ASN1_R_HEADER_TOO_LONG 123 1241#define ASN1_R_HEADER_TOO_LONG 123
1242#define ASN1_R_ILLEGAL_BITSTRING_FORMAT 175
1243#define ASN1_R_ILLEGAL_BOOLEAN 176
1061#define ASN1_R_ILLEGAL_CHARACTERS 124 1244#define ASN1_R_ILLEGAL_CHARACTERS 124
1245#define ASN1_R_ILLEGAL_FORMAT 177
1246#define ASN1_R_ILLEGAL_HEX 178
1247#define ASN1_R_ILLEGAL_IMPLICIT_TAG 179
1248#define ASN1_R_ILLEGAL_INTEGER 180
1249#define ASN1_R_ILLEGAL_NESTED_TAGGING 181
1062#define ASN1_R_ILLEGAL_NULL 125 1250#define ASN1_R_ILLEGAL_NULL 125
1251#define ASN1_R_ILLEGAL_NULL_VALUE 182
1252#define ASN1_R_ILLEGAL_OBJECT 183
1063#define ASN1_R_ILLEGAL_OPTIONAL_ANY 126 1253#define ASN1_R_ILLEGAL_OPTIONAL_ANY 126
1064#define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE 170 1254#define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE 170
1065#define ASN1_R_ILLEGAL_TAGGED_ANY 127 1255#define ASN1_R_ILLEGAL_TAGGED_ANY 127
1256#define ASN1_R_ILLEGAL_TIME_VALUE 184
1257#define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185
1066#define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128 1258#define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128
1067#define ASN1_R_INVALID_BMPSTRING_LENGTH 129 1259#define ASN1_R_INVALID_BMPSTRING_LENGTH 129
1068#define ASN1_R_INVALID_DIGIT 130 1260#define ASN1_R_INVALID_DIGIT 130
1261#define ASN1_R_INVALID_MIME_TYPE 200
1262#define ASN1_R_INVALID_MODIFIER 186
1263#define ASN1_R_INVALID_NUMBER 187
1069#define ASN1_R_INVALID_SEPARATOR 131 1264#define ASN1_R_INVALID_SEPARATOR 131
1070#define ASN1_R_INVALID_TIME_FORMAT 132 1265#define ASN1_R_INVALID_TIME_FORMAT 132
1071#define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133 1266#define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133
1072#define ASN1_R_INVALID_UTF8STRING 134 1267#define ASN1_R_INVALID_UTF8STRING 134
1073#define ASN1_R_IV_TOO_LARGE 135 1268#define ASN1_R_IV_TOO_LARGE 135
1074#define ASN1_R_LENGTH_ERROR 136 1269#define ASN1_R_LENGTH_ERROR 136
1270#define ASN1_R_LIST_ERROR 188
1271#define ASN1_R_MIME_NO_CONTENT_TYPE 201
1272#define ASN1_R_MIME_PARSE_ERROR 202
1273#define ASN1_R_MIME_SIG_PARSE_ERROR 203
1075#define ASN1_R_MISSING_EOC 137 1274#define ASN1_R_MISSING_EOC 137
1076#define ASN1_R_MISSING_SECOND_NUMBER 138 1275#define ASN1_R_MISSING_SECOND_NUMBER 138
1276#define ASN1_R_MISSING_VALUE 189
1077#define ASN1_R_MSTRING_NOT_UNIVERSAL 139 1277#define ASN1_R_MSTRING_NOT_UNIVERSAL 139
1078#define ASN1_R_MSTRING_WRONG_TAG 140 1278#define ASN1_R_MSTRING_WRONG_TAG 140
1079#define ASN1_R_NESTED_ASN1_STRING 174 1279#define ASN1_R_NESTED_ASN1_STRING 197
1080#define ASN1_R_NON_HEX_CHARACTERS 141 1280#define ASN1_R_NON_HEX_CHARACTERS 141
1281#define ASN1_R_NOT_ASCII_FORMAT 190
1081#define ASN1_R_NOT_ENOUGH_DATA 142 1282#define ASN1_R_NOT_ENOUGH_DATA 142
1283#define ASN1_R_NO_CONTENT_TYPE 204
1082#define ASN1_R_NO_MATCHING_CHOICE_TYPE 143 1284#define ASN1_R_NO_MATCHING_CHOICE_TYPE 143
1285#define ASN1_R_NO_MULTIPART_BODY_FAILURE 205
1286#define ASN1_R_NO_MULTIPART_BOUNDARY 206
1287#define ASN1_R_NO_SIG_CONTENT_TYPE 207
1083#define ASN1_R_NULL_IS_WRONG_LENGTH 144 1288#define ASN1_R_NULL_IS_WRONG_LENGTH 144
1289#define ASN1_R_OBJECT_NOT_ASCII_FORMAT 191
1084#define ASN1_R_ODD_NUMBER_OF_CHARS 145 1290#define ASN1_R_ODD_NUMBER_OF_CHARS 145
1085#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 146 1291#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 146
1086#define ASN1_R_SECOND_NUMBER_TOO_LARGE 147 1292#define ASN1_R_SECOND_NUMBER_TOO_LARGE 147
1087#define ASN1_R_SEQUENCE_LENGTH_MISMATCH 148 1293#define ASN1_R_SEQUENCE_LENGTH_MISMATCH 148
1088#define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149 1294#define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149
1295#define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG 192
1089#define ASN1_R_SHORT_LINE 150 1296#define ASN1_R_SHORT_LINE 150
1297#define ASN1_R_SIG_INVALID_MIME_TYPE 208
1298#define ASN1_R_STREAMING_NOT_SUPPORTED 209
1090#define ASN1_R_STRING_TOO_LONG 151 1299#define ASN1_R_STRING_TOO_LONG 151
1091#define ASN1_R_STRING_TOO_SHORT 152 1300#define ASN1_R_STRING_TOO_SHORT 152
1092#define ASN1_R_TAG_VALUE_TOO_HIGH 153 1301#define ASN1_R_TAG_VALUE_TOO_HIGH 153
1093#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154 1302#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154
1303#define ASN1_R_TIME_NOT_ASCII_FORMAT 193
1094#define ASN1_R_TOO_LONG 155 1304#define ASN1_R_TOO_LONG 155
1095#define ASN1_R_TYPE_NOT_CONSTRUCTED 156 1305#define ASN1_R_TYPE_NOT_CONSTRUCTED 156
1096#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157 1306#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157
@@ -1100,10 +1310,13 @@ void ERR_load_ASN1_strings(void);
1100#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161 1310#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161
1101#define ASN1_R_UNKNOWN_OBJECT_TYPE 162 1311#define ASN1_R_UNKNOWN_OBJECT_TYPE 162
1102#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163 1312#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163
1313#define ASN1_R_UNKNOWN_TAG 194
1314#define ASN1_R_UNKOWN_FORMAT 195
1103#define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164 1315#define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164
1104#define ASN1_R_UNSUPPORTED_CIPHER 165 1316#define ASN1_R_UNSUPPORTED_CIPHER 165
1105#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 166 1317#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 166
1106#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167 1318#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167
1319#define ASN1_R_UNSUPPORTED_TYPE 196
1107#define ASN1_R_WRONG_TAG 168 1320#define ASN1_R_WRONG_TAG 168
1108#define ASN1_R_WRONG_TYPE 169 1321#define ASN1_R_WRONG_TYPE 169
1109 1322
diff --git a/src/lib/libcrypto/asn1/asn1_err.c b/src/lib/libcrypto/asn1/asn1_err.c
index 315d0a0807..f8a3e2e6cd 100644
--- a/src/lib/libcrypto/asn1/asn1_err.c
+++ b/src/lib/libcrypto/asn1/asn1_err.c
@@ -1,6 +1,6 @@
1/* crypto/asn1/asn1_err.c */ 1/* crypto/asn1/asn1_err.c */
2/* ==================================================================== 2/* ====================================================================
3 * Copyright (c) 1999-2005 The OpenSSL Project. All rights reserved. 3 * Copyright (c) 1999-2008 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
@@ -74,49 +74,70 @@ static ERR_STRING_DATA ASN1_str_functs[]=
74{ERR_FUNC(ASN1_F_A2I_ASN1_ENUMERATED), "a2i_ASN1_ENUMERATED"}, 74{ERR_FUNC(ASN1_F_A2I_ASN1_ENUMERATED), "a2i_ASN1_ENUMERATED"},
75{ERR_FUNC(ASN1_F_A2I_ASN1_INTEGER), "a2i_ASN1_INTEGER"}, 75{ERR_FUNC(ASN1_F_A2I_ASN1_INTEGER), "a2i_ASN1_INTEGER"},
76{ERR_FUNC(ASN1_F_A2I_ASN1_STRING), "a2i_ASN1_STRING"}, 76{ERR_FUNC(ASN1_F_A2I_ASN1_STRING), "a2i_ASN1_STRING"},
77{ERR_FUNC(ASN1_F_APPEND_EXP), "APPEND_EXP"},
77{ERR_FUNC(ASN1_F_ASN1_BIT_STRING_SET_BIT), "ASN1_BIT_STRING_set_bit"}, 78{ERR_FUNC(ASN1_F_ASN1_BIT_STRING_SET_BIT), "ASN1_BIT_STRING_set_bit"},
79{ERR_FUNC(ASN1_F_ASN1_CB), "ASN1_CB"},
78{ERR_FUNC(ASN1_F_ASN1_CHECK_TLEN), "ASN1_CHECK_TLEN"}, 80{ERR_FUNC(ASN1_F_ASN1_CHECK_TLEN), "ASN1_CHECK_TLEN"},
79{ERR_FUNC(ASN1_F_ASN1_COLLATE_PRIMITIVE), "ASN1_COLLATE_PRIMITIVE"}, 81{ERR_FUNC(ASN1_F_ASN1_COLLATE_PRIMITIVE), "ASN1_COLLATE_PRIMITIVE"},
80{ERR_FUNC(ASN1_F_ASN1_COLLECT), "ASN1_COLLECT"}, 82{ERR_FUNC(ASN1_F_ASN1_COLLECT), "ASN1_COLLECT"},
81{ERR_FUNC(ASN1_F_ASN1_D2I_BIO), "ASN1_d2i_bio"},
82{ERR_FUNC(ASN1_F_ASN1_D2I_EX_PRIMITIVE), "ASN1_D2I_EX_PRIMITIVE"}, 83{ERR_FUNC(ASN1_F_ASN1_D2I_EX_PRIMITIVE), "ASN1_D2I_EX_PRIMITIVE"},
83{ERR_FUNC(ASN1_F_ASN1_D2I_FP), "ASN1_d2i_fp"}, 84{ERR_FUNC(ASN1_F_ASN1_D2I_FP), "ASN1_d2i_fp"},
85{ERR_FUNC(ASN1_F_ASN1_D2I_READ_BIO), "ASN1_D2I_READ_BIO"},
84{ERR_FUNC(ASN1_F_ASN1_DIGEST), "ASN1_digest"}, 86{ERR_FUNC(ASN1_F_ASN1_DIGEST), "ASN1_digest"},
85{ERR_FUNC(ASN1_F_ASN1_DO_ADB), "ASN1_DO_ADB"}, 87{ERR_FUNC(ASN1_F_ASN1_DO_ADB), "ASN1_DO_ADB"},
86{ERR_FUNC(ASN1_F_ASN1_DUP), "ASN1_dup"}, 88{ERR_FUNC(ASN1_F_ASN1_DUP), "ASN1_dup"},
87{ERR_FUNC(ASN1_F_ASN1_ENUMERATED_SET), "ASN1_ENUMERATED_set"}, 89{ERR_FUNC(ASN1_F_ASN1_ENUMERATED_SET), "ASN1_ENUMERATED_set"},
88{ERR_FUNC(ASN1_F_ASN1_ENUMERATED_TO_BN), "ASN1_ENUMERATED_to_BN"}, 90{ERR_FUNC(ASN1_F_ASN1_ENUMERATED_TO_BN), "ASN1_ENUMERATED_to_BN"},
91{ERR_FUNC(ASN1_F_ASN1_EX_C2I), "ASN1_EX_C2I"},
89{ERR_FUNC(ASN1_F_ASN1_FIND_END), "ASN1_FIND_END"}, 92{ERR_FUNC(ASN1_F_ASN1_FIND_END), "ASN1_FIND_END"},
90{ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_SET), "ASN1_GENERALIZEDTIME_set"}, 93{ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_SET), "ASN1_GENERALIZEDTIME_set"},
94{ERR_FUNC(ASN1_F_ASN1_GENERATE_V3), "ASN1_generate_v3"},
91{ERR_FUNC(ASN1_F_ASN1_GET_OBJECT), "ASN1_get_object"}, 95{ERR_FUNC(ASN1_F_ASN1_GET_OBJECT), "ASN1_get_object"},
92{ERR_FUNC(ASN1_F_ASN1_HEADER_NEW), "ASN1_HEADER_new"}, 96{ERR_FUNC(ASN1_F_ASN1_HEADER_NEW), "ASN1_HEADER_new"},
93{ERR_FUNC(ASN1_F_ASN1_I2D_BIO), "ASN1_i2d_bio"}, 97{ERR_FUNC(ASN1_F_ASN1_I2D_BIO), "ASN1_i2d_bio"},
94{ERR_FUNC(ASN1_F_ASN1_I2D_FP), "ASN1_i2d_fp"}, 98{ERR_FUNC(ASN1_F_ASN1_I2D_FP), "ASN1_i2d_fp"},
95{ERR_FUNC(ASN1_F_ASN1_INTEGER_SET), "ASN1_INTEGER_set"}, 99{ERR_FUNC(ASN1_F_ASN1_INTEGER_SET), "ASN1_INTEGER_set"},
96{ERR_FUNC(ASN1_F_ASN1_INTEGER_TO_BN), "ASN1_INTEGER_to_BN"}, 100{ERR_FUNC(ASN1_F_ASN1_INTEGER_TO_BN), "ASN1_INTEGER_to_BN"},
101{ERR_FUNC(ASN1_F_ASN1_ITEM_D2I_FP), "ASN1_item_d2i_fp"},
102{ERR_FUNC(ASN1_F_ASN1_ITEM_DUP), "ASN1_item_dup"},
103{ERR_FUNC(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW), "ASN1_ITEM_EX_COMBINE_NEW"},
97{ERR_FUNC(ASN1_F_ASN1_ITEM_EX_D2I), "ASN1_ITEM_EX_D2I"}, 104{ERR_FUNC(ASN1_F_ASN1_ITEM_EX_D2I), "ASN1_ITEM_EX_D2I"},
98{ERR_FUNC(ASN1_F_ASN1_ITEM_NEW), "ASN1_item_new"}, 105{ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_BIO), "ASN1_item_i2d_bio"},
99{ERR_FUNC(ASN1_F_ASN1_MBSTRING_COPY), "ASN1_mbstring_copy"}, 106{ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_FP), "ASN1_item_i2d_fp"},
107{ERR_FUNC(ASN1_F_ASN1_ITEM_PACK), "ASN1_item_pack"},
108{ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN), "ASN1_item_sign"},
109{ERR_FUNC(ASN1_F_ASN1_ITEM_UNPACK), "ASN1_item_unpack"},
110{ERR_FUNC(ASN1_F_ASN1_ITEM_VERIFY), "ASN1_item_verify"},
111{ERR_FUNC(ASN1_F_ASN1_MBSTRING_NCOPY), "ASN1_mbstring_ncopy"},
100{ERR_FUNC(ASN1_F_ASN1_OBJECT_NEW), "ASN1_OBJECT_new"}, 112{ERR_FUNC(ASN1_F_ASN1_OBJECT_NEW), "ASN1_OBJECT_new"},
113{ERR_FUNC(ASN1_F_ASN1_OUTPUT_DATA), "ASN1_OUTPUT_DATA"},
101{ERR_FUNC(ASN1_F_ASN1_PACK_STRING), "ASN1_pack_string"}, 114{ERR_FUNC(ASN1_F_ASN1_PACK_STRING), "ASN1_pack_string"},
102{ERR_FUNC(ASN1_F_ASN1_PBE_SET), "ASN1_PBE_SET"}, 115{ERR_FUNC(ASN1_F_ASN1_PCTX_NEW), "ASN1_PCTX_NEW"},
116{ERR_FUNC(ASN1_F_ASN1_PKCS5_PBE_SET), "ASN1_PKCS5_PBE_SET"},
103{ERR_FUNC(ASN1_F_ASN1_SEQ_PACK), "ASN1_seq_pack"}, 117{ERR_FUNC(ASN1_F_ASN1_SEQ_PACK), "ASN1_seq_pack"},
104{ERR_FUNC(ASN1_F_ASN1_SEQ_UNPACK), "ASN1_seq_unpack"}, 118{ERR_FUNC(ASN1_F_ASN1_SEQ_UNPACK), "ASN1_seq_unpack"},
105{ERR_FUNC(ASN1_F_ASN1_SIGN), "ASN1_sign"}, 119{ERR_FUNC(ASN1_F_ASN1_SIGN), "ASN1_sign"},
120{ERR_FUNC(ASN1_F_ASN1_STR2TYPE), "ASN1_STR2TYPE"},
106{ERR_FUNC(ASN1_F_ASN1_STRING_SET), "ASN1_STRING_set"}, 121{ERR_FUNC(ASN1_F_ASN1_STRING_SET), "ASN1_STRING_set"},
107{ERR_FUNC(ASN1_F_ASN1_STRING_TABLE_ADD), "ASN1_STRING_TABLE_add"}, 122{ERR_FUNC(ASN1_F_ASN1_STRING_TABLE_ADD), "ASN1_STRING_TABLE_add"},
108{ERR_FUNC(ASN1_F_ASN1_STRING_TYPE_NEW), "ASN1_STRING_type_new"}, 123{ERR_FUNC(ASN1_F_ASN1_STRING_TYPE_NEW), "ASN1_STRING_type_new"},
109{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_D2I), "ASN1_TEMPLATE_D2I"},
110{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_EX_D2I), "ASN1_TEMPLATE_EX_D2I"}, 124{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_EX_D2I), "ASN1_TEMPLATE_EX_D2I"},
111{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NEW), "ASN1_TEMPLATE_NEW"}, 125{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NEW), "ASN1_TEMPLATE_NEW"},
126{ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I), "ASN1_TEMPLATE_NOEXP_D2I"},
112{ERR_FUNC(ASN1_F_ASN1_TIME_SET), "ASN1_TIME_set"}, 127{ERR_FUNC(ASN1_F_ASN1_TIME_SET), "ASN1_TIME_set"},
113{ERR_FUNC(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING), "ASN1_TYPE_get_int_octetstring"}, 128{ERR_FUNC(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING), "ASN1_TYPE_get_int_octetstring"},
114{ERR_FUNC(ASN1_F_ASN1_TYPE_GET_OCTETSTRING), "ASN1_TYPE_get_octetstring"}, 129{ERR_FUNC(ASN1_F_ASN1_TYPE_GET_OCTETSTRING), "ASN1_TYPE_get_octetstring"},
115{ERR_FUNC(ASN1_F_ASN1_UNPACK_STRING), "ASN1_unpack_string"}, 130{ERR_FUNC(ASN1_F_ASN1_UNPACK_STRING), "ASN1_unpack_string"},
116{ERR_FUNC(ASN1_F_ASN1_UTCTIME_SET), "ASN1_UTCTIME_set"}, 131{ERR_FUNC(ASN1_F_ASN1_UTCTIME_SET), "ASN1_UTCTIME_set"},
117{ERR_FUNC(ASN1_F_ASN1_VERIFY), "ASN1_verify"}, 132{ERR_FUNC(ASN1_F_ASN1_VERIFY), "ASN1_verify"},
133{ERR_FUNC(ASN1_F_B64_READ_ASN1), "B64_READ_ASN1"},
134{ERR_FUNC(ASN1_F_B64_WRITE_ASN1), "B64_WRITE_ASN1"},
135{ERR_FUNC(ASN1_F_BITSTR_CB), "BITSTR_CB"},
118{ERR_FUNC(ASN1_F_BN_TO_ASN1_ENUMERATED), "BN_to_ASN1_ENUMERATED"}, 136{ERR_FUNC(ASN1_F_BN_TO_ASN1_ENUMERATED), "BN_to_ASN1_ENUMERATED"},
119{ERR_FUNC(ASN1_F_BN_TO_ASN1_INTEGER), "BN_to_ASN1_INTEGER"}, 137{ERR_FUNC(ASN1_F_BN_TO_ASN1_INTEGER), "BN_to_ASN1_INTEGER"},
138{ERR_FUNC(ASN1_F_C2I_ASN1_BIT_STRING), "c2i_ASN1_BIT_STRING"},
139{ERR_FUNC(ASN1_F_C2I_ASN1_INTEGER), "c2i_ASN1_INTEGER"},
140{ERR_FUNC(ASN1_F_C2I_ASN1_OBJECT), "c2i_ASN1_OBJECT"},
120{ERR_FUNC(ASN1_F_COLLECT_DATA), "COLLECT_DATA"}, 141{ERR_FUNC(ASN1_F_COLLECT_DATA), "COLLECT_DATA"},
121{ERR_FUNC(ASN1_F_D2I_ASN1_BIT_STRING), "D2I_ASN1_BIT_STRING"}, 142{ERR_FUNC(ASN1_F_D2I_ASN1_BIT_STRING), "D2I_ASN1_BIT_STRING"},
122{ERR_FUNC(ASN1_F_D2I_ASN1_BOOLEAN), "d2i_ASN1_BOOLEAN"}, 143{ERR_FUNC(ASN1_F_D2I_ASN1_BOOLEAN), "d2i_ASN1_BOOLEAN"},
@@ -133,24 +154,32 @@ static ERR_STRING_DATA ASN1_str_functs[]=
133{ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA_2), "D2I_NETSCAPE_RSA_2"}, 154{ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA_2), "D2I_NETSCAPE_RSA_2"},
134{ERR_FUNC(ASN1_F_D2I_PRIVATEKEY), "d2i_PrivateKey"}, 155{ERR_FUNC(ASN1_F_D2I_PRIVATEKEY), "d2i_PrivateKey"},
135{ERR_FUNC(ASN1_F_D2I_PUBLICKEY), "d2i_PublicKey"}, 156{ERR_FUNC(ASN1_F_D2I_PUBLICKEY), "d2i_PublicKey"},
157{ERR_FUNC(ASN1_F_D2I_RSA_NET), "d2i_RSA_NET"},
158{ERR_FUNC(ASN1_F_D2I_RSA_NET_2), "D2I_RSA_NET_2"},
136{ERR_FUNC(ASN1_F_D2I_X509), "D2I_X509"}, 159{ERR_FUNC(ASN1_F_D2I_X509), "D2I_X509"},
137{ERR_FUNC(ASN1_F_D2I_X509_CINF), "D2I_X509_CINF"}, 160{ERR_FUNC(ASN1_F_D2I_X509_CINF), "D2I_X509_CINF"},
138{ERR_FUNC(ASN1_F_D2I_X509_NAME), "D2I_X509_NAME"},
139{ERR_FUNC(ASN1_F_D2I_X509_PKEY), "d2i_X509_PKEY"}, 161{ERR_FUNC(ASN1_F_D2I_X509_PKEY), "d2i_X509_PKEY"},
140{ERR_FUNC(ASN1_F_I2D_ASN1_SET), "i2d_ASN1_SET"}, 162{ERR_FUNC(ASN1_F_I2D_ASN1_SET), "i2d_ASN1_SET"},
141{ERR_FUNC(ASN1_F_I2D_ASN1_TIME), "I2D_ASN1_TIME"}, 163{ERR_FUNC(ASN1_F_I2D_ASN1_TIME), "I2D_ASN1_TIME"},
142{ERR_FUNC(ASN1_F_I2D_DSA_PUBKEY), "i2d_DSA_PUBKEY"}, 164{ERR_FUNC(ASN1_F_I2D_DSA_PUBKEY), "i2d_DSA_PUBKEY"},
143{ERR_FUNC(ASN1_F_I2D_NETSCAPE_RSA), "i2d_Netscape_RSA"}, 165{ERR_FUNC(ASN1_F_I2D_EC_PUBKEY), "i2d_EC_PUBKEY"},
144{ERR_FUNC(ASN1_F_I2D_PRIVATEKEY), "i2d_PrivateKey"}, 166{ERR_FUNC(ASN1_F_I2D_PRIVATEKEY), "i2d_PrivateKey"},
145{ERR_FUNC(ASN1_F_I2D_PUBLICKEY), "i2d_PublicKey"}, 167{ERR_FUNC(ASN1_F_I2D_PUBLICKEY), "i2d_PublicKey"},
168{ERR_FUNC(ASN1_F_I2D_RSA_NET), "i2d_RSA_NET"},
146{ERR_FUNC(ASN1_F_I2D_RSA_PUBKEY), "i2d_RSA_PUBKEY"}, 169{ERR_FUNC(ASN1_F_I2D_RSA_PUBKEY), "i2d_RSA_PUBKEY"},
147{ERR_FUNC(ASN1_F_LONG_C2I), "LONG_C2I"}, 170{ERR_FUNC(ASN1_F_LONG_C2I), "LONG_C2I"},
148{ERR_FUNC(ASN1_F_OID_MODULE_INIT), "OID_MODULE_INIT"}, 171{ERR_FUNC(ASN1_F_OID_MODULE_INIT), "OID_MODULE_INIT"},
172{ERR_FUNC(ASN1_F_PARSE_TAGGING), "PARSE_TAGGING"},
149{ERR_FUNC(ASN1_F_PKCS5_PBE2_SET), "PKCS5_pbe2_set"}, 173{ERR_FUNC(ASN1_F_PKCS5_PBE2_SET), "PKCS5_pbe2_set"},
174{ERR_FUNC(ASN1_F_PKCS5_PBE_SET), "PKCS5_pbe_set"},
175{ERR_FUNC(ASN1_F_SMIME_READ_ASN1), "SMIME_read_ASN1"},
176{ERR_FUNC(ASN1_F_SMIME_TEXT), "SMIME_text"},
150{ERR_FUNC(ASN1_F_X509_CINF_NEW), "X509_CINF_NEW"}, 177{ERR_FUNC(ASN1_F_X509_CINF_NEW), "X509_CINF_NEW"},
151{ERR_FUNC(ASN1_F_X509_CRL_ADD0_REVOKED), "X509_CRL_add0_revoked"}, 178{ERR_FUNC(ASN1_F_X509_CRL_ADD0_REVOKED), "X509_CRL_add0_revoked"},
152{ERR_FUNC(ASN1_F_X509_INFO_NEW), "X509_INFO_new"}, 179{ERR_FUNC(ASN1_F_X509_INFO_NEW), "X509_INFO_new"},
153{ERR_FUNC(ASN1_F_X509_NAME_NEW), "X509_NAME_NEW"}, 180{ERR_FUNC(ASN1_F_X509_NAME_ENCODE), "X509_NAME_ENCODE"},
181{ERR_FUNC(ASN1_F_X509_NAME_EX_D2I), "X509_NAME_EX_D2I"},
182{ERR_FUNC(ASN1_F_X509_NAME_EX_NEW), "X509_NAME_EX_NEW"},
154{ERR_FUNC(ASN1_F_X509_NEW), "X509_NEW"}, 183{ERR_FUNC(ASN1_F_X509_NEW), "X509_NEW"},
155{ERR_FUNC(ASN1_F_X509_PKEY_NEW), "X509_PKEY_new"}, 184{ERR_FUNC(ASN1_F_X509_PKEY_NEW), "X509_PKEY_new"},
156{0,NULL} 185{0,NULL}
@@ -159,6 +188,8 @@ static ERR_STRING_DATA ASN1_str_functs[]=
159static ERR_STRING_DATA ASN1_str_reasons[]= 188static ERR_STRING_DATA ASN1_str_reasons[]=
160 { 189 {
161{ERR_REASON(ASN1_R_ADDING_OBJECT) ,"adding object"}, 190{ERR_REASON(ASN1_R_ADDING_OBJECT) ,"adding object"},
191{ERR_REASON(ASN1_R_ASN1_PARSE_ERROR) ,"asn1 parse error"},
192{ERR_REASON(ASN1_R_ASN1_SIG_PARSE_ERROR) ,"asn1 sig parse error"},
162{ERR_REASON(ASN1_R_AUX_ERROR) ,"aux error"}, 193{ERR_REASON(ASN1_R_AUX_ERROR) ,"aux error"},
163{ERR_REASON(ASN1_R_BAD_CLASS) ,"bad class"}, 194{ERR_REASON(ASN1_R_BAD_CLASS) ,"bad class"},
164{ERR_REASON(ASN1_R_BAD_OBJECT_HEADER) ,"bad object header"}, 195{ERR_REASON(ASN1_R_BAD_OBJECT_HEADER) ,"bad object header"},
@@ -171,6 +202,7 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
171{ERR_REASON(ASN1_R_DATA_IS_WRONG) ,"data is wrong"}, 202{ERR_REASON(ASN1_R_DATA_IS_WRONG) ,"data is wrong"},
172{ERR_REASON(ASN1_R_DECODE_ERROR) ,"decode error"}, 203{ERR_REASON(ASN1_R_DECODE_ERROR) ,"decode error"},
173{ERR_REASON(ASN1_R_DECODING_ERROR) ,"decoding error"}, 204{ERR_REASON(ASN1_R_DECODING_ERROR) ,"decoding error"},
205{ERR_REASON(ASN1_R_DEPTH_EXCEEDED) ,"depth exceeded"},
174{ERR_REASON(ASN1_R_ENCODE_ERROR) ,"encode error"}, 206{ERR_REASON(ASN1_R_ENCODE_ERROR) ,"encode error"},
175{ERR_REASON(ASN1_R_ERROR_GETTING_TIME) ,"error getting time"}, 207{ERR_REASON(ASN1_R_ERROR_GETTING_TIME) ,"error getting time"},
176{ERR_REASON(ASN1_R_ERROR_LOADING_SECTION),"error loading section"}, 208{ERR_REASON(ASN1_R_ERROR_LOADING_SECTION),"error loading section"},
@@ -185,39 +217,68 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
185{ERR_REASON(ASN1_R_FIELD_MISSING) ,"field missing"}, 217{ERR_REASON(ASN1_R_FIELD_MISSING) ,"field missing"},
186{ERR_REASON(ASN1_R_FIRST_NUM_TOO_LARGE) ,"first num too large"}, 218{ERR_REASON(ASN1_R_FIRST_NUM_TOO_LARGE) ,"first num too large"},
187{ERR_REASON(ASN1_R_HEADER_TOO_LONG) ,"header too long"}, 219{ERR_REASON(ASN1_R_HEADER_TOO_LONG) ,"header too long"},
220{ERR_REASON(ASN1_R_ILLEGAL_BITSTRING_FORMAT),"illegal bitstring format"},
221{ERR_REASON(ASN1_R_ILLEGAL_BOOLEAN) ,"illegal boolean"},
188{ERR_REASON(ASN1_R_ILLEGAL_CHARACTERS) ,"illegal characters"}, 222{ERR_REASON(ASN1_R_ILLEGAL_CHARACTERS) ,"illegal characters"},
223{ERR_REASON(ASN1_R_ILLEGAL_FORMAT) ,"illegal format"},
224{ERR_REASON(ASN1_R_ILLEGAL_HEX) ,"illegal hex"},
225{ERR_REASON(ASN1_R_ILLEGAL_IMPLICIT_TAG) ,"illegal implicit tag"},
226{ERR_REASON(ASN1_R_ILLEGAL_INTEGER) ,"illegal integer"},
227{ERR_REASON(ASN1_R_ILLEGAL_NESTED_TAGGING),"illegal nested tagging"},
189{ERR_REASON(ASN1_R_ILLEGAL_NULL) ,"illegal null"}, 228{ERR_REASON(ASN1_R_ILLEGAL_NULL) ,"illegal null"},
229{ERR_REASON(ASN1_R_ILLEGAL_NULL_VALUE) ,"illegal null value"},
230{ERR_REASON(ASN1_R_ILLEGAL_OBJECT) ,"illegal object"},
190{ERR_REASON(ASN1_R_ILLEGAL_OPTIONAL_ANY) ,"illegal optional any"}, 231{ERR_REASON(ASN1_R_ILLEGAL_OPTIONAL_ANY) ,"illegal optional any"},
191{ERR_REASON(ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE),"illegal options on item template"}, 232{ERR_REASON(ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE),"illegal options on item template"},
192{ERR_REASON(ASN1_R_ILLEGAL_TAGGED_ANY) ,"illegal tagged any"}, 233{ERR_REASON(ASN1_R_ILLEGAL_TAGGED_ANY) ,"illegal tagged any"},
234{ERR_REASON(ASN1_R_ILLEGAL_TIME_VALUE) ,"illegal time value"},
235{ERR_REASON(ASN1_R_INTEGER_NOT_ASCII_FORMAT),"integer not ascii format"},
193{ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG),"integer too large for long"}, 236{ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG),"integer too large for long"},
194{ERR_REASON(ASN1_R_INVALID_BMPSTRING_LENGTH),"invalid bmpstring length"}, 237{ERR_REASON(ASN1_R_INVALID_BMPSTRING_LENGTH),"invalid bmpstring length"},
195{ERR_REASON(ASN1_R_INVALID_DIGIT) ,"invalid digit"}, 238{ERR_REASON(ASN1_R_INVALID_DIGIT) ,"invalid digit"},
239{ERR_REASON(ASN1_R_INVALID_MIME_TYPE) ,"invalid mime type"},
240{ERR_REASON(ASN1_R_INVALID_MODIFIER) ,"invalid modifier"},
241{ERR_REASON(ASN1_R_INVALID_NUMBER) ,"invalid number"},
196{ERR_REASON(ASN1_R_INVALID_SEPARATOR) ,"invalid separator"}, 242{ERR_REASON(ASN1_R_INVALID_SEPARATOR) ,"invalid separator"},
197{ERR_REASON(ASN1_R_INVALID_TIME_FORMAT) ,"invalid time format"}, 243{ERR_REASON(ASN1_R_INVALID_TIME_FORMAT) ,"invalid time format"},
198{ERR_REASON(ASN1_R_INVALID_UNIVERSALSTRING_LENGTH),"invalid universalstring length"}, 244{ERR_REASON(ASN1_R_INVALID_UNIVERSALSTRING_LENGTH),"invalid universalstring length"},
199{ERR_REASON(ASN1_R_INVALID_UTF8STRING) ,"invalid utf8string"}, 245{ERR_REASON(ASN1_R_INVALID_UTF8STRING) ,"invalid utf8string"},
200{ERR_REASON(ASN1_R_IV_TOO_LARGE) ,"iv too large"}, 246{ERR_REASON(ASN1_R_IV_TOO_LARGE) ,"iv too large"},
201{ERR_REASON(ASN1_R_LENGTH_ERROR) ,"length error"}, 247{ERR_REASON(ASN1_R_LENGTH_ERROR) ,"length error"},
248{ERR_REASON(ASN1_R_LIST_ERROR) ,"list error"},
249{ERR_REASON(ASN1_R_MIME_NO_CONTENT_TYPE) ,"mime no content type"},
250{ERR_REASON(ASN1_R_MIME_PARSE_ERROR) ,"mime parse error"},
251{ERR_REASON(ASN1_R_MIME_SIG_PARSE_ERROR) ,"mime sig parse error"},
202{ERR_REASON(ASN1_R_MISSING_EOC) ,"missing eoc"}, 252{ERR_REASON(ASN1_R_MISSING_EOC) ,"missing eoc"},
203{ERR_REASON(ASN1_R_MISSING_SECOND_NUMBER),"missing second number"}, 253{ERR_REASON(ASN1_R_MISSING_SECOND_NUMBER),"missing second number"},
254{ERR_REASON(ASN1_R_MISSING_VALUE) ,"missing value"},
204{ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL),"mstring not universal"}, 255{ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL),"mstring not universal"},
205{ERR_REASON(ASN1_R_MSTRING_WRONG_TAG) ,"mstring wrong tag"}, 256{ERR_REASON(ASN1_R_MSTRING_WRONG_TAG) ,"mstring wrong tag"},
206{ERR_REASON(ASN1_R_NESTED_ASN1_STRING) ,"nested asn1 string"}, 257{ERR_REASON(ASN1_R_NESTED_ASN1_STRING) ,"nested asn1 string"},
207{ERR_REASON(ASN1_R_NON_HEX_CHARACTERS) ,"non hex characters"}, 258{ERR_REASON(ASN1_R_NON_HEX_CHARACTERS) ,"non hex characters"},
259{ERR_REASON(ASN1_R_NOT_ASCII_FORMAT) ,"not ascii format"},
208{ERR_REASON(ASN1_R_NOT_ENOUGH_DATA) ,"not enough data"}, 260{ERR_REASON(ASN1_R_NOT_ENOUGH_DATA) ,"not enough data"},
261{ERR_REASON(ASN1_R_NO_CONTENT_TYPE) ,"no content type"},
209{ERR_REASON(ASN1_R_NO_MATCHING_CHOICE_TYPE),"no matching choice type"}, 262{ERR_REASON(ASN1_R_NO_MATCHING_CHOICE_TYPE),"no matching choice type"},
263{ERR_REASON(ASN1_R_NO_MULTIPART_BODY_FAILURE),"no multipart body failure"},
264{ERR_REASON(ASN1_R_NO_MULTIPART_BOUNDARY),"no multipart boundary"},
265{ERR_REASON(ASN1_R_NO_SIG_CONTENT_TYPE) ,"no sig content type"},
210{ERR_REASON(ASN1_R_NULL_IS_WRONG_LENGTH) ,"null is wrong length"}, 266{ERR_REASON(ASN1_R_NULL_IS_WRONG_LENGTH) ,"null is wrong length"},
267{ERR_REASON(ASN1_R_OBJECT_NOT_ASCII_FORMAT),"object not ascii format"},
211{ERR_REASON(ASN1_R_ODD_NUMBER_OF_CHARS) ,"odd number of chars"}, 268{ERR_REASON(ASN1_R_ODD_NUMBER_OF_CHARS) ,"odd number of chars"},
212{ERR_REASON(ASN1_R_PRIVATE_KEY_HEADER_MISSING),"private key header missing"}, 269{ERR_REASON(ASN1_R_PRIVATE_KEY_HEADER_MISSING),"private key header missing"},
213{ERR_REASON(ASN1_R_SECOND_NUMBER_TOO_LARGE),"second number too large"}, 270{ERR_REASON(ASN1_R_SECOND_NUMBER_TOO_LARGE),"second number too large"},
214{ERR_REASON(ASN1_R_SEQUENCE_LENGTH_MISMATCH),"sequence length mismatch"}, 271{ERR_REASON(ASN1_R_SEQUENCE_LENGTH_MISMATCH),"sequence length mismatch"},
215{ERR_REASON(ASN1_R_SEQUENCE_NOT_CONSTRUCTED),"sequence not constructed"}, 272{ERR_REASON(ASN1_R_SEQUENCE_NOT_CONSTRUCTED),"sequence not constructed"},
273{ERR_REASON(ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG),"sequence or set needs config"},
216{ERR_REASON(ASN1_R_SHORT_LINE) ,"short line"}, 274{ERR_REASON(ASN1_R_SHORT_LINE) ,"short line"},
275{ERR_REASON(ASN1_R_SIG_INVALID_MIME_TYPE),"sig invalid mime type"},
276{ERR_REASON(ASN1_R_STREAMING_NOT_SUPPORTED),"streaming not supported"},
217{ERR_REASON(ASN1_R_STRING_TOO_LONG) ,"string too long"}, 277{ERR_REASON(ASN1_R_STRING_TOO_LONG) ,"string too long"},
218{ERR_REASON(ASN1_R_STRING_TOO_SHORT) ,"string too short"}, 278{ERR_REASON(ASN1_R_STRING_TOO_SHORT) ,"string too short"},
219{ERR_REASON(ASN1_R_TAG_VALUE_TOO_HIGH) ,"tag value too high"}, 279{ERR_REASON(ASN1_R_TAG_VALUE_TOO_HIGH) ,"tag value too high"},
220{ERR_REASON(ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),"the asn1 object identifier is not known for this md"}, 280{ERR_REASON(ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD),"the asn1 object identifier is not known for this md"},
281{ERR_REASON(ASN1_R_TIME_NOT_ASCII_FORMAT),"time not ascii format"},
221{ERR_REASON(ASN1_R_TOO_LONG) ,"too long"}, 282{ERR_REASON(ASN1_R_TOO_LONG) ,"too long"},
222{ERR_REASON(ASN1_R_TYPE_NOT_CONSTRUCTED) ,"type not constructed"}, 283{ERR_REASON(ASN1_R_TYPE_NOT_CONSTRUCTED) ,"type not constructed"},
223{ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY),"unable to decode rsa key"}, 284{ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY),"unable to decode rsa key"},
@@ -227,10 +288,13 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
227{ERR_REASON(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM),"unknown message digest algorithm"}, 288{ERR_REASON(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM),"unknown message digest algorithm"},
228{ERR_REASON(ASN1_R_UNKNOWN_OBJECT_TYPE) ,"unknown object type"}, 289{ERR_REASON(ASN1_R_UNKNOWN_OBJECT_TYPE) ,"unknown object type"},
229{ERR_REASON(ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE),"unknown public key type"}, 290{ERR_REASON(ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE),"unknown public key type"},
291{ERR_REASON(ASN1_R_UNKNOWN_TAG) ,"unknown tag"},
292{ERR_REASON(ASN1_R_UNKOWN_FORMAT) ,"unkown format"},
230{ERR_REASON(ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE),"unsupported any defined by type"}, 293{ERR_REASON(ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE),"unsupported any defined by type"},
231{ERR_REASON(ASN1_R_UNSUPPORTED_CIPHER) ,"unsupported cipher"}, 294{ERR_REASON(ASN1_R_UNSUPPORTED_CIPHER) ,"unsupported cipher"},
232{ERR_REASON(ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM),"unsupported encryption algorithm"}, 295{ERR_REASON(ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM),"unsupported encryption algorithm"},
233{ERR_REASON(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE),"unsupported public key type"}, 296{ERR_REASON(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE),"unsupported public key type"},
297{ERR_REASON(ASN1_R_UNSUPPORTED_TYPE) ,"unsupported type"},
234{ERR_REASON(ASN1_R_WRONG_TAG) ,"wrong tag"}, 298{ERR_REASON(ASN1_R_WRONG_TAG) ,"wrong tag"},
235{ERR_REASON(ASN1_R_WRONG_TYPE) ,"wrong type"}, 299{ERR_REASON(ASN1_R_WRONG_TYPE) ,"wrong type"},
236{0,NULL} 300{0,NULL}
@@ -240,15 +304,12 @@ static ERR_STRING_DATA ASN1_str_reasons[]=
240 304
241void ERR_load_ASN1_strings(void) 305void ERR_load_ASN1_strings(void)
242 { 306 {
243 static int init=1; 307#ifndef OPENSSL_NO_ERR
244 308
245 if (init) 309 if (ERR_func_error_string(ASN1_str_functs[0].error) == NULL)
246 { 310 {
247 init=0;
248#ifndef OPENSSL_NO_ERR
249 ERR_load_strings(0,ASN1_str_functs); 311 ERR_load_strings(0,ASN1_str_functs);
250 ERR_load_strings(0,ASN1_str_reasons); 312 ERR_load_strings(0,ASN1_str_reasons);
251#endif
252
253 } 313 }
314#endif
254 } 315 }
diff --git a/src/lib/libcrypto/asn1/asn1_lib.c b/src/lib/libcrypto/asn1/asn1_lib.c
index 97b9b35f4b..5af559ef8d 100644
--- a/src/lib/libcrypto/asn1/asn1_lib.c
+++ b/src/lib/libcrypto/asn1/asn1_lib.c
@@ -62,11 +62,11 @@
62#include <openssl/asn1.h> 62#include <openssl/asn1.h>
63#include <openssl/asn1_mac.h> 63#include <openssl/asn1_mac.h>
64 64
65static int asn1_get_length(unsigned char **pp,int *inf,long *rl,int max); 65static int asn1_get_length(const unsigned char **pp,int *inf,long *rl,int max);
66static void asn1_put_length(unsigned char **pp, int length); 66static void asn1_put_length(unsigned char **pp, int length);
67const char *ASN1_version="ASN.1" OPENSSL_VERSION_PTEXT; 67const char ASN1_version[]="ASN.1" OPENSSL_VERSION_PTEXT;
68 68
69int ASN1_check_infinite_end(unsigned char **p, long len) 69static int _asn1_check_infinite_end(const unsigned char **p, long len)
70 { 70 {
71 /* If there is 0 or 1 byte left, the length check should pick 71 /* If there is 0 or 1 byte left, the length check should pick
72 * things up */ 72 * things up */
@@ -80,13 +80,23 @@ int ASN1_check_infinite_end(unsigned char **p, long len)
80 return(0); 80 return(0);
81 } 81 }
82 82
83int ASN1_check_infinite_end(unsigned char **p, long len)
84 {
85 return _asn1_check_infinite_end((const unsigned char **)p, len);
86 }
83 87
84int ASN1_get_object(unsigned char **pp, long *plength, int *ptag, int *pclass, 88int ASN1_const_check_infinite_end(const unsigned char **p, long len)
85 long omax) 89 {
90 return _asn1_check_infinite_end(p, len);
91 }
92
93
94int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag,
95 int *pclass, long omax)
86 { 96 {
87 int i,ret; 97 int i,ret;
88 long l; 98 long l;
89 unsigned char *p= *pp; 99 const unsigned char *p= *pp;
90 int tag,xclass,inf; 100 int tag,xclass,inf;
91 long max=omax; 101 long max=omax;
92 102
@@ -141,11 +151,11 @@ err:
141 return(0x80); 151 return(0x80);
142 } 152 }
143 153
144static int asn1_get_length(unsigned char **pp, int *inf, long *rl, int max) 154static int asn1_get_length(const unsigned char **pp, int *inf, long *rl, int max)
145 { 155 {
146 unsigned char *p= *pp; 156 const unsigned char *p= *pp;
147 unsigned long ret=0; 157 unsigned long ret=0;
148 int i; 158 unsigned int i;
149 159
150 if (max-- < 1) return(0); 160 if (max-- < 1) return(0);
151 if (*p == 0x80) 161 if (*p == 0x80)
@@ -205,13 +215,22 @@ void ASN1_put_object(unsigned char **pp, int constructed, int length, int tag,
205 } 215 }
206 p += ttag; 216 p += ttag;
207 } 217 }
208 if ((constructed == 2) && (length == 0)) 218 if (constructed == 2)
209 *(p++)=0x80; /* der_put_length would output 0 instead */ 219 *(p++)=0x80;
210 else 220 else
211 asn1_put_length(&p,length); 221 asn1_put_length(&p,length);
212 *pp=p; 222 *pp=p;
213 } 223 }
214 224
225int ASN1_put_eoc(unsigned char **pp)
226 {
227 unsigned char *p = *pp;
228 *p++ = 0;
229 *p++ = 0;
230 *pp = p;
231 return 2;
232 }
233
215static void asn1_put_length(unsigned char **pp, int length) 234static void asn1_put_length(unsigned char **pp, int length)
216 { 235 {
217 unsigned char *p= *pp; 236 unsigned char *p= *pp;
@@ -249,8 +268,8 @@ int ASN1_object_size(int constructed, int length, int tag)
249 ret++; 268 ret++;
250 } 269 }
251 } 270 }
252 if ((length == 0) && (constructed == 2)) 271 if (constructed == 2)
253 ret+=2; 272 return ret + 3;
254 ret++; 273 ret++;
255 if (length > 127) 274 if (length > 127)
256 { 275 {
@@ -263,11 +282,11 @@ int ASN1_object_size(int constructed, int length, int tag)
263 return(ret); 282 return(ret);
264 } 283 }
265 284
266int asn1_Finish(ASN1_CTX *c) 285static int _asn1_Finish(ASN1_const_CTX *c)
267 { 286 {
268 if ((c->inf == (1|V_ASN1_CONSTRUCTED)) && (!c->eos)) 287 if ((c->inf == (1|V_ASN1_CONSTRUCTED)) && (!c->eos))
269 { 288 {
270 if (!ASN1_check_infinite_end(&c->p,c->slen)) 289 if (!ASN1_const_check_infinite_end(&c->p,c->slen))
271 { 290 {
272 c->error=ERR_R_MISSING_ASN1_EOS; 291 c->error=ERR_R_MISSING_ASN1_EOS;
273 return(0); 292 return(0);
@@ -282,9 +301,19 @@ int asn1_Finish(ASN1_CTX *c)
282 return(1); 301 return(1);
283 } 302 }
284 303
285int asn1_GetSequence(ASN1_CTX *c, long *length) 304int asn1_Finish(ASN1_CTX *c)
305 {
306 return _asn1_Finish((ASN1_const_CTX *)c);
307 }
308
309int asn1_const_Finish(ASN1_const_CTX *c)
286 { 310 {
287 unsigned char *q; 311 return _asn1_Finish(c);
312 }
313
314int asn1_GetSequence(ASN1_const_CTX *c, long *length)
315 {
316 const unsigned char *q;
288 317
289 q=c->p; 318 q=c->p;
290 c->inf=ASN1_get_object(&(c->p),&(c->slen),&(c->tag),&(c->xclass), 319 c->inf=ASN1_get_object(&(c->p),&(c->slen),&(c->tag),&(c->xclass),
@@ -364,6 +393,14 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len)
364 return(1); 393 return(1);
365 } 394 }
366 395
396void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len)
397 {
398 if (str->data)
399 OPENSSL_free(str->data);
400 str->data = data;
401 str->length = len;
402 }
403
367ASN1_STRING *ASN1_STRING_new(void) 404ASN1_STRING *ASN1_STRING_new(void)
368 { 405 {
369 return(ASN1_STRING_type_new(V_ASN1_OCTET_STRING)); 406 return(ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
@@ -411,7 +448,7 @@ int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b)
411 return(i); 448 return(i);
412 } 449 }
413 450
414void asn1_add_error(unsigned char *address, int offset) 451void asn1_add_error(const unsigned char *address, int offset)
415 { 452 {
416 char buf1[DECIMAL_SIZE(address)+1],buf2[DECIMAL_SIZE(offset)+1]; 453 char buf1[DECIMAL_SIZE(address)+1],buf2[DECIMAL_SIZE(offset)+1];
417 454
diff --git a/src/lib/libcrypto/asn1/asn1_mac.h b/src/lib/libcrypto/asn1/asn1_mac.h
index a48649ceeb..d958ca60d9 100644
--- a/src/lib/libcrypto/asn1/asn1_mac.h
+++ b/src/lib/libcrypto/asn1/asn1_mac.h
@@ -73,11 +73,11 @@ extern "C" {
73 ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),__FILE__,(line)) 73 ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),__FILE__,(line))
74 74
75#define M_ASN1_D2I_vars(a,type,func) \ 75#define M_ASN1_D2I_vars(a,type,func) \
76 ASN1_CTX c; \ 76 ASN1_const_CTX c; \
77 type ret=NULL; \ 77 type ret=NULL; \
78 \ 78 \
79 c.pp=(unsigned char **)pp; \ 79 c.pp=(const unsigned char **)pp; \
80 c.q= *(unsigned char **)pp; \ 80 c.q= *(const unsigned char **)pp; \
81 c.error=ERR_R_NESTED_ASN1_ERROR; \ 81 c.error=ERR_R_NESTED_ASN1_ERROR; \
82 if ((a == NULL) || ((*a) == NULL)) \ 82 if ((a == NULL) || ((*a) == NULL)) \
83 { if ((ret=(type)func()) == NULL) \ 83 { if ((ret=(type)func()) == NULL) \
@@ -85,13 +85,13 @@ extern "C" {
85 else ret=(*a); 85 else ret=(*a);
86 86
87#define M_ASN1_D2I_Init() \ 87#define M_ASN1_D2I_Init() \
88 c.p= *(unsigned char **)pp; \ 88 c.p= *(const unsigned char **)pp; \
89 c.max=(length == 0)?0:(c.p+length); 89 c.max=(length == 0)?0:(c.p+length);
90 90
91#define M_ASN1_D2I_Finish_2(a) \ 91#define M_ASN1_D2I_Finish_2(a) \
92 if (!asn1_Finish(&c)) \ 92 if (!asn1_const_Finish(&c)) \
93 { c.line=__LINE__; goto err; } \ 93 { c.line=__LINE__; goto err; } \
94 *(unsigned char **)pp=c.p; \ 94 *(const unsigned char **)pp=c.p; \
95 if (a != NULL) (*a)=ret; \ 95 if (a != NULL) (*a)=ret; \
96 return(ret); 96 return(ret);
97 97
@@ -99,7 +99,7 @@ extern "C" {
99 M_ASN1_D2I_Finish_2(a); \ 99 M_ASN1_D2I_Finish_2(a); \
100err:\ 100err:\
101 ASN1_MAC_H_err((e),c.error,c.line); \ 101 ASN1_MAC_H_err((e),c.error,c.line); \
102 asn1_add_error(*(unsigned char **)pp,(int)(c.q- *pp)); \ 102 asn1_add_error(*(const unsigned char **)pp,(int)(c.q- *pp)); \
103 if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \ 103 if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
104 return(NULL) 104 return(NULL)
105 105
@@ -123,15 +123,22 @@ err:\
123 123
124#define M_ASN1_D2I_end_sequence() \ 124#define M_ASN1_D2I_end_sequence() \
125 (((c.inf&1) == 0)?(c.slen <= 0): \ 125 (((c.inf&1) == 0)?(c.slen <= 0): \
126 (c.eos=ASN1_check_infinite_end(&c.p,c.slen))) 126 (c.eos=ASN1_const_check_infinite_end(&c.p,c.slen)))
127 127
128/* Don't use this with d2i_ASN1_BOOLEAN() */ 128/* Don't use this with d2i_ASN1_BOOLEAN() */
129#define M_ASN1_D2I_get(b,func) \ 129#define M_ASN1_D2I_get(b, func) \
130 c.q=c.p; \ 130 c.q=c.p; \
131 if (func(&(b),&c.p,c.slen) == NULL) \ 131 if (func(&(b),&c.p,c.slen) == NULL) \
132 {c.line=__LINE__; goto err; } \ 132 {c.line=__LINE__; goto err; } \
133 c.slen-=(c.p-c.q); 133 c.slen-=(c.p-c.q);
134 134
135/* Don't use this with d2i_ASN1_BOOLEAN() */
136#define M_ASN1_D2I_get_x(type,b,func) \
137 c.q=c.p; \
138 if (((D2I_OF(type))func)(&(b),&c.p,c.slen) == NULL) \
139 {c.line=__LINE__; goto err; } \
140 c.slen-=(c.p-c.q);
141
135/* use this instead () */ 142/* use this instead () */
136#define M_ASN1_D2I_get_int(b,func) \ 143#define M_ASN1_D2I_get_int(b,func) \
137 c.q=c.p; \ 144 c.q=c.p; \
@@ -278,7 +285,7 @@ err:\
278 { c.line=__LINE__; goto err; } \ 285 { c.line=__LINE__; goto err; } \
279 if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \ 286 if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \
280 Tlen = c.slen - (c.p - c.q); \ 287 Tlen = c.slen - (c.p - c.q); \
281 if(!ASN1_check_infinite_end(&c.p, Tlen)) \ 288 if(!ASN1_const_check_infinite_end(&c.p, Tlen)) \
282 { c.error=ERR_R_MISSING_ASN1_EOS; \ 289 { c.error=ERR_R_MISSING_ASN1_EOS; \
283 c.line=__LINE__; goto err; } \ 290 c.line=__LINE__; goto err; } \
284 }\ 291 }\
@@ -353,8 +360,12 @@ err:\
353 return(NULL) 360 return(NULL)
354 361
355 362
356#define M_ASN1_next (*c.p) 363/* BIG UGLY WARNING! This is so damn ugly I wanna puke. Unfortunately,
357#define M_ASN1_next_prev (*c.q) 364 some macros that use ASN1_const_CTX still insist on writing in the input
365 stream. ARGH! ARGH! ARGH! Let's get rid of this macro package.
366 Please? -- Richard Levitte */
367#define M_ASN1_next (*((unsigned char *)(c.p)))
368#define M_ASN1_next_prev (*((unsigned char *)(c.q)))
358 369
359/*************************************************/ 370/*************************************************/
360 371
@@ -551,8 +562,8 @@ err:\
551#define M_ASN1_I2D_finish() *pp=p; \ 562#define M_ASN1_I2D_finish() *pp=p; \
552 return(r); 563 return(r);
553 564
554int asn1_GetSequence(ASN1_CTX *c, long *length); 565int asn1_GetSequence(ASN1_const_CTX *c, long *length);
555void asn1_add_error(unsigned char *address,int offset); 566void asn1_add_error(const unsigned char *address,int offset);
556#ifdef __cplusplus 567#ifdef __cplusplus
557} 568}
558#endif 569#endif
diff --git a/src/lib/libcrypto/asn1/asn1_par.c b/src/lib/libcrypto/asn1/asn1_par.c
index 676d434f03..501b62a4b1 100644
--- a/src/lib/libcrypto/asn1/asn1_par.c
+++ b/src/lib/libcrypto/asn1/asn1_par.c
@@ -64,7 +64,7 @@
64 64
65static int asn1_print_info(BIO *bp, int tag, int xclass,int constructed, 65static int asn1_print_info(BIO *bp, int tag, int xclass,int constructed,
66 int indent); 66 int indent);
67static int asn1_parse2(BIO *bp, unsigned char **pp, long length, 67static int asn1_parse2(BIO *bp, const unsigned char **pp, long length,
68 int offset, int depth, int indent, int dump); 68 int offset, int depth, int indent, int dump);
69static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed, 69static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
70 int indent) 70 int indent)
@@ -88,7 +88,10 @@ static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed,
88 BIO_snprintf(str,sizeof str,"cont [ %d ]",tag); 88 BIO_snprintf(str,sizeof str,"cont [ %d ]",tag);
89 else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION) 89 else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
90 BIO_snprintf(str,sizeof str,"appl [ %d ]",tag); 90 BIO_snprintf(str,sizeof str,"appl [ %d ]",tag);
91 else p = ASN1_tag2str(tag); 91 else if (tag > 30)
92 BIO_snprintf(str,sizeof str,"<ASN1 %d>",tag);
93 else
94 p = ASN1_tag2str(tag);
92 95
93 if (p2 != NULL) 96 if (p2 != NULL)
94 { 97 {
@@ -103,20 +106,20 @@ err:
103 return(0); 106 return(0);
104 } 107 }
105 108
106int ASN1_parse(BIO *bp, unsigned char *pp, long len, int indent) 109int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent)
107 { 110 {
108 return(asn1_parse2(bp,&pp,len,0,0,indent,0)); 111 return(asn1_parse2(bp,&pp,len,0,0,indent,0));
109 } 112 }
110 113
111int ASN1_parse_dump(BIO *bp, unsigned char *pp, long len, int indent, int dump) 114int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent, int dump)
112 { 115 {
113 return(asn1_parse2(bp,&pp,len,0,0,indent,dump)); 116 return(asn1_parse2(bp,&pp,len,0,0,indent,dump));
114 } 117 }
115 118
116static int asn1_parse2(BIO *bp, unsigned char **pp, long length, int offset, 119static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, int offset,
117 int depth, int indent, int dump) 120 int depth, int indent, int dump)
118 { 121 {
119 unsigned char *p,*ep,*tot,*op,*opp; 122 const unsigned char *p,*ep,*tot,*op,*opp;
120 long len; 123 long len;
121 int tag,xclass,ret=0; 124 int tag,xclass,ret=0;
122 int nl,hl,j,r; 125 int nl,hl,j,r;
@@ -215,7 +218,7 @@ static int asn1_parse2(BIO *bp, unsigned char **pp, long length, int offset,
215 { 218 {
216 if (BIO_write(bp,":",1) <= 0) goto end; 219 if (BIO_write(bp,":",1) <= 0) goto end;
217 if ((len > 0) && 220 if ((len > 0) &&
218 BIO_write(bp,(char *)p,(int)len) 221 BIO_write(bp,(const char *)p,(int)len)
219 != (int)len) 222 != (int)len)
220 goto end; 223 goto end;
221 } 224 }
@@ -256,9 +259,11 @@ static int asn1_parse2(BIO *bp, unsigned char **pp, long length, int offset,
256 259
257 opp=op; 260 opp=op;
258 os=d2i_ASN1_OCTET_STRING(NULL,&opp,len+hl); 261 os=d2i_ASN1_OCTET_STRING(NULL,&opp,len+hl);
259 if (os != NULL) 262 if (os != NULL && os->length > 0)
260 { 263 {
261 opp=os->data; 264 opp = os->data;
265 /* testing whether the octet string is
266 * printable */
262 for (i=0; i<os->length; i++) 267 for (i=0; i<os->length; i++)
263 { 268 {
264 if (( (opp[i] < ' ') && 269 if (( (opp[i] < ' ') &&
@@ -271,28 +276,47 @@ static int asn1_parse2(BIO *bp, unsigned char **pp, long length, int offset,
271 break; 276 break;
272 } 277 }
273 } 278 }
274 if (printable && (os->length > 0)) 279 if (printable)
280 /* printable string */
275 { 281 {
276 if (BIO_write(bp,":",1) <= 0) 282 if (BIO_write(bp,":",1) <= 0)
277 goto end; 283 goto end;
278 if (BIO_write(bp,(char *)opp, 284 if (BIO_write(bp,(const char *)opp,
279 os->length) <= 0) 285 os->length) <= 0)
280 goto end; 286 goto end;
281 } 287 }
282 if (!printable && (os->length > 0) 288 else if (!dump)
283 && dump) 289 /* not printable => print octet string
290 * as hex dump */
291 {
292 if (BIO_write(bp,"[HEX DUMP]:",11) <= 0)
293 goto end;
294 for (i=0; i<os->length; i++)
295 {
296 if (BIO_printf(bp,"%02X"
297 , opp[i]) <= 0)
298 goto end;
299 }
300 }
301 else
302 /* print the normal dump */
284 { 303 {
285 if (!nl) 304 if (!nl)
286 { 305 {
287 if (BIO_write(bp,"\n",1) <= 0) 306 if (BIO_write(bp,"\n",1) <= 0)
288 goto end; 307 goto end;
289 } 308 }
290 if (BIO_dump_indent(bp,(char *)opp, 309 if (BIO_dump_indent(bp,
291 ((dump == -1 || dump > os->length)?os->length:dump), 310 (const char *)opp,
311 ((dump == -1 || dump >
312 os->length)?os->length:dump),
292 dump_indent) <= 0) 313 dump_indent) <= 0)
293 goto end; 314 goto end;
294 nl=1; 315 nl=1;
295 } 316 }
317 }
318 if (os != NULL)
319 {
296 M_ASN1_OCTET_STRING_free(os); 320 M_ASN1_OCTET_STRING_free(os);
297 os=NULL; 321 os=NULL;
298 } 322 }
@@ -368,7 +392,7 @@ static int asn1_parse2(BIO *bp, unsigned char **pp, long length, int offset,
368 if (BIO_write(bp,"\n",1) <= 0) 392 if (BIO_write(bp,"\n",1) <= 0)
369 goto end; 393 goto end;
370 } 394 }
371 if (BIO_dump_indent(bp,(char *)p, 395 if (BIO_dump_indent(bp,(const char *)p,
372 ((dump == -1 || dump > len)?len:dump), 396 ((dump == -1 || dump > len)?len:dump),
373 dump_indent) <= 0) 397 dump_indent) <= 0)
374 goto end; 398 goto end;
@@ -398,7 +422,7 @@ end:
398 422
399const char *ASN1_tag2str(int tag) 423const char *ASN1_tag2str(int tag)
400{ 424{
401 const static char *tag2str[] = { 425 static const char *tag2str[] = {
402 "EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING", /* 0-4 */ 426 "EOC", "BOOLEAN", "INTEGER", "BIT STRING", "OCTET STRING", /* 0-4 */
403 "NULL", "OBJECT", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL", /* 5-9 */ 427 "NULL", "OBJECT", "OBJECT DESCRIPTOR", "EXTERNAL", "REAL", /* 5-9 */
404 "ENUMERATED", "<ASN1 11>", "UTF8STRING", "<ASN1 13>", /* 10-13 */ 428 "ENUMERATED", "<ASN1 11>", "UTF8STRING", "<ASN1 13>", /* 10-13 */
diff --git a/src/lib/libcrypto/asn1/asn1t.h b/src/lib/libcrypto/asn1/asn1t.h
index ed372f8554..bf315e65ed 100644
--- a/src/lib/libcrypto/asn1/asn1t.h
+++ b/src/lib/libcrypto/asn1/asn1t.h
@@ -99,7 +99,7 @@ extern "C" {
99#define ASN1_ITEM_start(itname) \ 99#define ASN1_ITEM_start(itname) \
100 const ASN1_ITEM * itname##_it(void) \ 100 const ASN1_ITEM * itname##_it(void) \
101 { \ 101 { \
102 static const ASN1_ITEM local_it = { \ 102 static const ASN1_ITEM local_it = {
103 103
104#define ASN1_ITEM_end(itname) \ 104#define ASN1_ITEM_end(itname) \
105 }; \ 105 }; \
@@ -112,7 +112,7 @@ extern "C" {
112/* Macros to aid ASN1 template writing */ 112/* Macros to aid ASN1 template writing */
113 113
114#define ASN1_ITEM_TEMPLATE(tname) \ 114#define ASN1_ITEM_TEMPLATE(tname) \
115 const static ASN1_TEMPLATE tname##_item_tt 115 static const ASN1_TEMPLATE tname##_item_tt
116 116
117#define ASN1_ITEM_TEMPLATE_END(tname) \ 117#define ASN1_ITEM_TEMPLATE_END(tname) \
118 ;\ 118 ;\
@@ -150,7 +150,7 @@ extern "C" {
150 */ 150 */
151 151
152#define ASN1_SEQUENCE(tname) \ 152#define ASN1_SEQUENCE(tname) \
153 const static ASN1_TEMPLATE tname##_seq_tt[] 153 static const ASN1_TEMPLATE tname##_seq_tt[]
154 154
155#define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname) 155#define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname)
156 156
@@ -166,22 +166,40 @@ extern "C" {
166 #stname \ 166 #stname \
167 ASN1_ITEM_end(tname) 167 ASN1_ITEM_end(tname)
168 168
169#define ASN1_NDEF_SEQUENCE(tname) \
170 ASN1_SEQUENCE(tname)
171
172#define ASN1_NDEF_SEQUENCE_cb(tname, cb) \
173 ASN1_SEQUENCE_cb(tname, cb)
174
169#define ASN1_SEQUENCE_cb(tname, cb) \ 175#define ASN1_SEQUENCE_cb(tname, cb) \
170 const static ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \ 176 static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
171 ASN1_SEQUENCE(tname) 177 ASN1_SEQUENCE(tname)
172 178
173#define ASN1_BROKEN_SEQUENCE(tname) \ 179#define ASN1_BROKEN_SEQUENCE(tname) \
174 const static ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \ 180 static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \
175 ASN1_SEQUENCE(tname) 181 ASN1_SEQUENCE(tname)
176 182
177#define ASN1_SEQUENCE_ref(tname, cb, lck) \ 183#define ASN1_SEQUENCE_ref(tname, cb, lck) \
178 const static ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \ 184 static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \
179 ASN1_SEQUENCE(tname) 185 ASN1_SEQUENCE(tname)
180 186
181#define ASN1_SEQUENCE_enc(tname, enc, cb) \ 187#define ASN1_SEQUENCE_enc(tname, enc, cb) \
182 const static ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \ 188 static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \
183 ASN1_SEQUENCE(tname) 189 ASN1_SEQUENCE(tname)
184 190
191#define ASN1_NDEF_SEQUENCE_END(tname) \
192 ;\
193 ASN1_ITEM_start(tname) \
194 ASN1_ITYPE_NDEF_SEQUENCE,\
195 V_ASN1_SEQUENCE,\
196 tname##_seq_tt,\
197 sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
198 NULL,\
199 sizeof(tname),\
200 #tname \
201 ASN1_ITEM_end(tname)
202
185#define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname) 203#define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname)
186 204
187#define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname) 205#define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
@@ -224,10 +242,10 @@ extern "C" {
224 */ 242 */
225 243
226#define ASN1_CHOICE(tname) \ 244#define ASN1_CHOICE(tname) \
227 const static ASN1_TEMPLATE tname##_ch_tt[] 245 static const ASN1_TEMPLATE tname##_ch_tt[]
228 246
229#define ASN1_CHOICE_cb(tname, cb) \ 247#define ASN1_CHOICE_cb(tname, cb) \
230 const static ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \ 248 static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
231 ASN1_CHOICE(tname) 249 ASN1_CHOICE(tname)
232 250
233#define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname) 251#define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname)
@@ -353,16 +371,24 @@ extern "C" {
353#define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \ 371#define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \
354 ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL) 372 ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
355 373
374/* EXPLICIT using indefinite length constructed form */
375#define ASN1_NDEF_EXP(stname, field, type, tag) \
376 ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF)
377
378/* EXPLICIT OPTIONAL using indefinite length constructed form */
379#define ASN1_NDEF_EXP_OPT(stname, field, type, tag) \
380 ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF)
381
356/* Macros for the ASN1_ADB structure */ 382/* Macros for the ASN1_ADB structure */
357 383
358#define ASN1_ADB(name) \ 384#define ASN1_ADB(name) \
359 const static ASN1_ADB_TABLE name##_adbtbl[] 385 static const ASN1_ADB_TABLE name##_adbtbl[]
360 386
361#ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION 387#ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION
362 388
363#define ASN1_ADB_END(name, flags, field, app_table, def, none) \ 389#define ASN1_ADB_END(name, flags, field, app_table, def, none) \
364 ;\ 390 ;\
365 const static ASN1_ADB name##_adb = {\ 391 static const ASN1_ADB name##_adb = {\
366 flags,\ 392 flags,\
367 offsetof(name, field),\ 393 offsetof(name, field),\
368 app_table,\ 394 app_table,\
@@ -376,9 +402,9 @@ extern "C" {
376 402
377#define ASN1_ADB_END(name, flags, field, app_table, def, none) \ 403#define ASN1_ADB_END(name, flags, field, app_table, def, none) \
378 ;\ 404 ;\
379 const static ASN1_ITEM *name##_adb(void) \ 405 static const ASN1_ITEM *name##_adb(void) \
380 { \ 406 { \
381 const static ASN1_ADB internal_adb = \ 407 static const ASN1_ADB internal_adb = \
382 {\ 408 {\
383 flags,\ 409 flags,\
384 offsetof(name, field),\ 410 offsetof(name, field),\
@@ -397,7 +423,7 @@ extern "C" {
397#define ADB_ENTRY(val, template) {val, template} 423#define ADB_ENTRY(val, template) {val, template}
398 424
399#define ASN1_ADB_TEMPLATE(name) \ 425#define ASN1_ADB_TEMPLATE(name) \
400 const static ASN1_TEMPLATE name##_tt 426 static const ASN1_TEMPLATE name##_tt
401 427
402/* This is the ASN1 template structure that defines 428/* This is the ASN1 template structure that defines
403 * a wrapper round the actual type. It determines the 429 * a wrapper round the actual type. It determines the
@@ -410,7 +436,7 @@ unsigned long flags; /* Various flags */
410long tag; /* tag, not used if no tagging */ 436long tag; /* tag, not used if no tagging */
411unsigned long offset; /* Offset of this field in structure */ 437unsigned long offset; /* Offset of this field in structure */
412#ifndef NO_ASN1_FIELD_NAMES 438#ifndef NO_ASN1_FIELD_NAMES
413char *field_name; /* Field name */ 439const char *field_name; /* Field name */
414#endif 440#endif
415ASN1_ITEM_EXP *item; /* Relevant ASN1_ITEM or ASN1_ADB */ 441ASN1_ITEM_EXP *item; /* Relevant ASN1_ITEM or ASN1_ADB */
416}; 442};
@@ -518,6 +544,13 @@ struct ASN1_ADB_TABLE_st {
518 544
519#define ASN1_TFLG_COMBINE (0x1<<10) 545#define ASN1_TFLG_COMBINE (0x1<<10)
520 546
547/* This flag when present in a SEQUENCE OF, SET OF
548 * or EXPLICIT causes indefinite length constructed
549 * encoding to be used if required.
550 */
551
552#define ASN1_TFLG_NDEF (0x1<<11)
553
521/* This is the actual ASN1 item itself */ 554/* This is the actual ASN1 item itself */
522 555
523struct ASN1_ITEM_st { 556struct ASN1_ITEM_st {
@@ -570,19 +603,25 @@ const char *sname; /* Structure name */
570 * has a special meaning, it is used as a mask 603 * has a special meaning, it is used as a mask
571 * of acceptable types using the B_ASN1 constants. 604 * of acceptable types using the B_ASN1 constants.
572 * 605 *
606 * NDEF_SEQUENCE is the same as SEQUENCE except
607 * that it will use indefinite length constructed
608 * encoding if requested.
609 *
573 */ 610 */
574 611
575#define ASN1_ITYPE_PRIMITIVE 0x0 612#define ASN1_ITYPE_PRIMITIVE 0x0
613
614#define ASN1_ITYPE_SEQUENCE 0x1
576 615
577#define ASN1_ITYPE_SEQUENCE 0x1 616#define ASN1_ITYPE_CHOICE 0x2
578 617
579#define ASN1_ITYPE_CHOICE 0x2 618#define ASN1_ITYPE_COMPAT 0x3
580 619
581#define ASN1_ITYPE_COMPAT 0x3 620#define ASN1_ITYPE_EXTERN 0x4
582 621
583#define ASN1_ITYPE_EXTERN 0x4 622#define ASN1_ITYPE_MSTRING 0x5
584 623
585#define ASN1_ITYPE_MSTRING 0x5 624#define ASN1_ITYPE_NDEF_SEQUENCE 0x6
586 625
587/* Cache for ASN1 tag and length, so we 626/* Cache for ASN1 tag and length, so we
588 * don't keep re-reading it for things 627 * don't keep re-reading it for things
@@ -602,10 +641,10 @@ struct ASN1_TLC_st{
602 641
603typedef ASN1_VALUE * ASN1_new_func(void); 642typedef ASN1_VALUE * ASN1_new_func(void);
604typedef void ASN1_free_func(ASN1_VALUE *a); 643typedef void ASN1_free_func(ASN1_VALUE *a);
605typedef ASN1_VALUE * ASN1_d2i_func(ASN1_VALUE **a, unsigned char ** in, long length); 644typedef ASN1_VALUE * ASN1_d2i_func(ASN1_VALUE **a, const unsigned char ** in, long length);
606typedef int ASN1_i2d_func(ASN1_VALUE * a, unsigned char **in); 645typedef int ASN1_i2d_func(ASN1_VALUE * a, unsigned char **in);
607 646
608typedef int ASN1_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it, 647typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it,
609 int tag, int aclass, char opt, ASN1_TLC *ctx); 648 int tag, int aclass, char opt, ASN1_TLC *ctx);
610 649
611typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); 650typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
@@ -613,7 +652,7 @@ typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
613typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it); 652typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
614 653
615typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); 654typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
616typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); 655typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
617 656
618typedef struct ASN1_COMPAT_FUNCS_st { 657typedef struct ASN1_COMPAT_FUNCS_st {
619 ASN1_new_func *asn1_new; 658 ASN1_new_func *asn1_new;
@@ -743,6 +782,9 @@ typedef struct ASN1_AUX_st {
743#define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \ 782#define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
744 IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname) 783 IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
745 784
785#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \
786 IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname)
787
746#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \ 788#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
747 stname *fname##_new(void) \ 789 stname *fname##_new(void) \
748 { \ 790 { \
@@ -758,7 +800,7 @@ typedef struct ASN1_AUX_st {
758 IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) 800 IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
759 801
760#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \ 802#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
761 stname *d2i_##fname(stname **a, unsigned char **in, long len) \ 803 stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
762 { \ 804 { \
763 return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\ 805 return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
764 } \ 806 } \
@@ -767,13 +809,19 @@ typedef struct ASN1_AUX_st {
767 return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\ 809 return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\
768 } 810 }
769 811
812#define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \
813 int i2d_##stname##_NDEF(stname *a, unsigned char **out) \
814 { \
815 return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\
816 }
817
770/* This includes evil casts to remove const: they will go away when full 818/* This includes evil casts to remove const: they will go away when full
771 * ASN1 constification is done. 819 * ASN1 constification is done.
772 */ 820 */
773#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ 821#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
774 stname *d2i_##fname(stname **a, const unsigned char **in, long len) \ 822 stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
775 { \ 823 { \
776 return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, (unsigned char **)in, len, ASN1_ITEM_rptr(itname));\ 824 return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\
777 } \ 825 } \
778 int i2d_##fname(const stname *a, unsigned char **out) \ 826 int i2d_##fname(const stname *a, unsigned char **out) \
779 { \ 827 { \
@@ -798,7 +846,6 @@ typedef struct ASN1_AUX_st {
798DECLARE_ASN1_ITEM(ASN1_BOOLEAN) 846DECLARE_ASN1_ITEM(ASN1_BOOLEAN)
799DECLARE_ASN1_ITEM(ASN1_TBOOLEAN) 847DECLARE_ASN1_ITEM(ASN1_TBOOLEAN)
800DECLARE_ASN1_ITEM(ASN1_FBOOLEAN) 848DECLARE_ASN1_ITEM(ASN1_FBOOLEAN)
801DECLARE_ASN1_ITEM(ASN1_ANY)
802DECLARE_ASN1_ITEM(ASN1_SEQUENCE) 849DECLARE_ASN1_ITEM(ASN1_SEQUENCE)
803DECLARE_ASN1_ITEM(CBIGNUM) 850DECLARE_ASN1_ITEM(CBIGNUM)
804DECLARE_ASN1_ITEM(BIGNUM) 851DECLARE_ASN1_ITEM(BIGNUM)
@@ -815,8 +862,8 @@ int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
815int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it); 862int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
816 863
817void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); 864void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
818int ASN1_template_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt); 865int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_TEMPLATE *tt);
819int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it, 866int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, const ASN1_ITEM *it,
820 int tag, int aclass, char opt, ASN1_TLC *ctx); 867 int tag, int aclass, char opt, ASN1_TLC *ctx);
821 868
822int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); 869int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
@@ -824,7 +871,7 @@ int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLAT
824void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it); 871void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
825 872
826int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); 873int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
827int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); 874int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
828 875
829int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it); 876int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it);
830int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it); 877int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it);
@@ -838,7 +885,7 @@ int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it);
838void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it); 885void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it);
839void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it); 886void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
840int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it); 887int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it);
841int asn1_enc_save(ASN1_VALUE **pval, unsigned char *in, int inlen, const ASN1_ITEM *it); 888int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen, const ASN1_ITEM *it);
842 889
843#ifdef __cplusplus 890#ifdef __cplusplus
844} 891}
diff --git a/src/lib/libcrypto/asn1/asn_moid.c b/src/lib/libcrypto/asn1/asn_moid.c
index edb44c988f..9132350f10 100644
--- a/src/lib/libcrypto/asn1/asn_moid.c
+++ b/src/lib/libcrypto/asn1/asn_moid.c
@@ -3,7 +3,7 @@
3 * project 2001. 3 * project 2001.
4 */ 4 */
5/* ==================================================================== 5/* ====================================================================
6 * Copyright (c) 2001 The OpenSSL Project. All rights reserved. 6 * Copyright (c) 2001-2004 The OpenSSL Project. All rights reserved.
7 * 7 *
8 * Redistribution and use in source and binary forms, with or without 8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions 9 * modification, are permitted provided that the following conditions
@@ -57,6 +57,7 @@
57 */ 57 */
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include <ctype.h>
60#include <openssl/crypto.h> 61#include <openssl/crypto.h>
61#include "cryptlib.h" 62#include "cryptlib.h"
62#include <openssl/conf.h> 63#include <openssl/conf.h>
@@ -65,6 +66,8 @@
65 66
66/* Simple ASN1 OID module: add all objects in a given section */ 67/* Simple ASN1 OID module: add all objects in a given section */
67 68
69static int do_create(char *value, char *name);
70
68static int oid_module_init(CONF_IMODULE *md, const CONF *cnf) 71static int oid_module_init(CONF_IMODULE *md, const CONF *cnf)
69 { 72 {
70 int i; 73 int i;
@@ -80,7 +83,7 @@ static int oid_module_init(CONF_IMODULE *md, const CONF *cnf)
80 for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++) 83 for(i = 0; i < sk_CONF_VALUE_num(sktmp); i++)
81 { 84 {
82 oval = sk_CONF_VALUE_value(sktmp, i); 85 oval = sk_CONF_VALUE_value(sktmp, i);
83 if(OBJ_create(oval->value, oval->name, oval->name) == NID_undef) 86 if(!do_create(oval->value, oval->name))
84 { 87 {
85 ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ADDING_OBJECT); 88 ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ADDING_OBJECT);
86 return 0; 89 return 0;
@@ -98,3 +101,60 @@ void ASN1_add_oid_module(void)
98 { 101 {
99 CONF_module_add("oid_section", oid_module_init, oid_module_finish); 102 CONF_module_add("oid_section", oid_module_init, oid_module_finish);
100 } 103 }
104
105/* Create an OID based on a name value pair. Accept two formats.
106 * shortname = 1.2.3.4
107 * shortname = some long name, 1.2.3.4
108 */
109
110
111static int do_create(char *value, char *name)
112 {
113 int nid;
114 ASN1_OBJECT *oid;
115 char *ln, *ostr, *p, *lntmp;
116 p = strrchr(value, ',');
117 if (!p)
118 {
119 ln = name;
120 ostr = value;
121 }
122 else
123 {
124 ln = NULL;
125 ostr = p + 1;
126 if (!*ostr)
127 return 0;
128 while(isspace((unsigned char)*ostr)) ostr++;
129 }
130
131 nid = OBJ_create(ostr, name, ln);
132
133 if (nid == NID_undef)
134 return 0;
135
136 if (p)
137 {
138 ln = value;
139 while(isspace((unsigned char)*ln)) ln++;
140 p--;
141 while(isspace((unsigned char)*p))
142 {
143 if (p == ln)
144 return 0;
145 p--;
146 }
147 p++;
148 lntmp = OPENSSL_malloc((p - ln) + 1);
149 if (lntmp == NULL)
150 return 0;
151 memcpy(lntmp, ln, p - ln);
152 lntmp[p - ln] = 0;
153 oid = OBJ_nid2obj(nid);
154 oid->ln = lntmp;
155 }
156
157 return 1;
158 }
159
160
diff --git a/src/lib/libcrypto/asn1/asn_pack.c b/src/lib/libcrypto/asn1/asn_pack.c
index e6051db2dc..e8b671b7b5 100644
--- a/src/lib/libcrypto/asn1/asn_pack.c
+++ b/src/lib/libcrypto/asn1/asn_pack.c
@@ -66,11 +66,11 @@
66 66
67/* Turn an ASN1 encoded SEQUENCE OF into a STACK of structures */ 67/* Turn an ASN1 encoded SEQUENCE OF into a STACK of structures */
68 68
69STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(), 69STACK *ASN1_seq_unpack(const unsigned char *buf, int len,
70 void (*free_func)(void *)) 70 d2i_of_void *d2i,void (*free_func)(void *))
71{ 71{
72 STACK *sk; 72 STACK *sk;
73 unsigned char *pbuf; 73 const unsigned char *pbuf;
74 pbuf = buf; 74 pbuf = buf;
75 if (!(sk = d2i_ASN1_SET(NULL, &pbuf, len, d2i, free_func, 75 if (!(sk = d2i_ASN1_SET(NULL, &pbuf, len, d2i, free_func,
76 V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL))) 76 V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL)))
@@ -82,8 +82,8 @@ STACK *ASN1_seq_unpack(unsigned char *buf, int len, char *(*d2i)(),
82 * OPENSSL_malloc'ed buffer 82 * OPENSSL_malloc'ed buffer
83 */ 83 */
84 84
85unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf, 85unsigned char *ASN1_seq_pack(STACK *safes, i2d_of_void *i2d,
86 int *len) 86 unsigned char **buf, int *len)
87{ 87{
88 int safelen; 88 int safelen;
89 unsigned char *safe, *p; 89 unsigned char *safe, *p;
@@ -106,9 +106,9 @@ unsigned char *ASN1_seq_pack(STACK *safes, int (*i2d)(), unsigned char **buf,
106 106
107/* Extract an ASN1 object from an ASN1_STRING */ 107/* Extract an ASN1 object from an ASN1_STRING */
108 108
109void *ASN1_unpack_string (ASN1_STRING *oct, char *(*d2i)()) 109void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i)
110{ 110{
111 unsigned char *p; 111 const unsigned char *p;
112 char *ret; 112 char *ret;
113 113
114 p = oct->data; 114 p = oct->data;
@@ -119,7 +119,7 @@ void *ASN1_unpack_string (ASN1_STRING *oct, char *(*d2i)())
119 119
120/* Pack an ASN1 object into an ASN1_STRING */ 120/* Pack an ASN1 object into an ASN1_STRING */
121 121
122ASN1_STRING *ASN1_pack_string(void *obj, int (*i2d)(), ASN1_STRING **oct) 122ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d, ASN1_STRING **oct)
123{ 123{
124 unsigned char *p; 124 unsigned char *p;
125 ASN1_STRING *octmp; 125 ASN1_STRING *octmp;
@@ -155,7 +155,7 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct)
155 155
156 if (!oct || !*oct) { 156 if (!oct || !*oct) {
157 if (!(octmp = ASN1_STRING_new ())) { 157 if (!(octmp = ASN1_STRING_new ())) {
158 ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE); 158 ASN1err(ASN1_F_ASN1_ITEM_PACK,ERR_R_MALLOC_FAILURE);
159 return NULL; 159 return NULL;
160 } 160 }
161 if (oct) *oct = octmp; 161 if (oct) *oct = octmp;
@@ -167,11 +167,11 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct)
167 } 167 }
168 168
169 if (!(octmp->length = ASN1_item_i2d(obj, &octmp->data, it))) { 169 if (!(octmp->length = ASN1_item_i2d(obj, &octmp->data, it))) {
170 ASN1err(ASN1_F_ASN1_PACK_STRING,ASN1_R_ENCODE_ERROR); 170 ASN1err(ASN1_F_ASN1_ITEM_PACK,ASN1_R_ENCODE_ERROR);
171 return NULL; 171 return NULL;
172 } 172 }
173 if (!octmp->data) { 173 if (!octmp->data) {
174 ASN1err(ASN1_F_ASN1_PACK_STRING,ERR_R_MALLOC_FAILURE); 174 ASN1err(ASN1_F_ASN1_ITEM_PACK,ERR_R_MALLOC_FAILURE);
175 return NULL; 175 return NULL;
176 } 176 }
177 return octmp; 177 return octmp;
@@ -181,11 +181,11 @@ ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct)
181 181
182void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it) 182void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it)
183{ 183{
184 unsigned char *p; 184 const unsigned char *p;
185 void *ret; 185 void *ret;
186 186
187 p = oct->data; 187 p = oct->data;
188 if(!(ret = ASN1_item_d2i(NULL, &p, oct->length, it))) 188 if(!(ret = ASN1_item_d2i(NULL, &p, oct->length, it)))
189 ASN1err(ASN1_F_ASN1_UNPACK_STRING,ASN1_R_DECODE_ERROR); 189 ASN1err(ASN1_F_ASN1_ITEM_UNPACK,ASN1_R_DECODE_ERROR);
190 return ret; 190 return ret;
191} 191}
diff --git a/src/lib/libcrypto/asn1/d2i_pr.c b/src/lib/libcrypto/asn1/d2i_pr.c
index 2e7d96af90..207ccda5ac 100644
--- a/src/lib/libcrypto/asn1/d2i_pr.c
+++ b/src/lib/libcrypto/asn1/d2i_pr.c
@@ -68,8 +68,11 @@
68#ifndef OPENSSL_NO_DSA 68#ifndef OPENSSL_NO_DSA
69#include <openssl/dsa.h> 69#include <openssl/dsa.h>
70#endif 70#endif
71#ifndef OPENSSL_NO_EC
72#include <openssl/ec.h>
73#endif
71 74
72EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp, 75EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp,
73 long length) 76 long length)
74 { 77 {
75 EVP_PKEY *ret; 78 EVP_PKEY *ret;
@@ -108,6 +111,16 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, unsigned char **pp,
108 } 111 }
109 break; 112 break;
110#endif 113#endif
114#ifndef OPENSSL_NO_EC
115 case EVP_PKEY_EC:
116 if ((ret->pkey.ec = d2i_ECPrivateKey(NULL,
117 (const unsigned char **)pp, length)) == NULL)
118 {
119 ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_ASN1_LIB);
120 goto err;
121 }
122 break;
123#endif
111 default: 124 default:
112 ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); 125 ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
113 goto err; 126 goto err;
@@ -122,11 +135,11 @@ err:
122 135
123/* This works like d2i_PrivateKey() except it automatically works out the type */ 136/* This works like d2i_PrivateKey() except it automatically works out the type */
124 137
125EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp, 138EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, const unsigned char **pp,
126 long length) 139 long length)
127{ 140{
128 STACK_OF(ASN1_TYPE) *inkey; 141 STACK_OF(ASN1_TYPE) *inkey;
129 unsigned char *p; 142 const unsigned char *p;
130 int keytype; 143 int keytype;
131 p = *pp; 144 p = *pp;
132 /* Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE): 145 /* Dirty trick: read in the ASN1 data into a STACK_OF(ASN1_TYPE):
@@ -138,7 +151,10 @@ EVP_PKEY *d2i_AutoPrivateKey(EVP_PKEY **a, unsigned char **pp,
138 /* Since we only need to discern "traditional format" RSA and DSA 151 /* Since we only need to discern "traditional format" RSA and DSA
139 * keys we can just count the elements. 152 * keys we can just count the elements.
140 */ 153 */
141 if(sk_ASN1_TYPE_num(inkey) == 6) keytype = EVP_PKEY_DSA; 154 if(sk_ASN1_TYPE_num(inkey) == 6)
155 keytype = EVP_PKEY_DSA;
156 else if (sk_ASN1_TYPE_num(inkey) == 4)
157 keytype = EVP_PKEY_EC;
142 else keytype = EVP_PKEY_RSA; 158 else keytype = EVP_PKEY_RSA;
143 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free); 159 sk_ASN1_TYPE_pop_free(inkey, ASN1_TYPE_free);
144 return d2i_PrivateKey(keytype, a, pp, length); 160 return d2i_PrivateKey(keytype, a, pp, length);
diff --git a/src/lib/libcrypto/asn1/d2i_pu.c b/src/lib/libcrypto/asn1/d2i_pu.c
index 71f2eb361b..3694f51a8c 100644
--- a/src/lib/libcrypto/asn1/d2i_pu.c
+++ b/src/lib/libcrypto/asn1/d2i_pu.c
@@ -68,8 +68,11 @@
68#ifndef OPENSSL_NO_DSA 68#ifndef OPENSSL_NO_DSA
69#include <openssl/dsa.h> 69#include <openssl/dsa.h>
70#endif 70#endif
71#ifndef OPENSSL_NO_EC
72#include <openssl/ec.h>
73#endif
71 74
72EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp, 75EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
73 long length) 76 long length)
74 { 77 {
75 EVP_PKEY *ret; 78 EVP_PKEY *ret;
@@ -100,14 +103,24 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, unsigned char **pp,
100#endif 103#endif
101#ifndef OPENSSL_NO_DSA 104#ifndef OPENSSL_NO_DSA
102 case EVP_PKEY_DSA: 105 case EVP_PKEY_DSA:
103 if ((ret->pkey.dsa=d2i_DSAPublicKey(NULL, 106 if (!d2i_DSAPublicKey(&(ret->pkey.dsa),
104 (const unsigned char **)pp,length)) == NULL) /* TMP UGLY CAST */ 107 (const unsigned char **)pp,length)) /* TMP UGLY CAST */
105 { 108 {
106 ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB); 109 ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB);
107 goto err; 110 goto err;
108 } 111 }
109 break; 112 break;
110#endif 113#endif
114#ifndef OPENSSL_NO_EC
115 case EVP_PKEY_EC:
116 if (!o2i_ECPublicKey(&(ret->pkey.ec),
117 (const unsigned char **)pp, length))
118 {
119 ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB);
120 goto err;
121 }
122 break;
123#endif
111 default: 124 default:
112 ASN1err(ASN1_F_D2I_PUBLICKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); 125 ASN1err(ASN1_F_D2I_PUBLICKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
113 goto err; 126 goto err;
diff --git a/src/lib/libcrypto/asn1/evp_asn1.c b/src/lib/libcrypto/asn1/evp_asn1.c
index f92ce6cb5d..f3d9804860 100644
--- a/src/lib/libcrypto/asn1/evp_asn1.c
+++ b/src/lib/libcrypto/asn1/evp_asn1.c
@@ -141,9 +141,9 @@ int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num, unsigned char *data,
141 int ret= -1,n; 141 int ret= -1,n;
142 ASN1_INTEGER *ai=NULL; 142 ASN1_INTEGER *ai=NULL;
143 ASN1_OCTET_STRING *os=NULL; 143 ASN1_OCTET_STRING *os=NULL;
144 unsigned char *p; 144 const unsigned char *p;
145 long length; 145 long length;
146 ASN1_CTX c; 146 ASN1_const_CTX c;
147 147
148 if ((a->type != V_ASN1_SEQUENCE) || (a->value.sequence == NULL)) 148 if ((a->type != V_ASN1_SEQUENCE) || (a->value.sequence == NULL))
149 { 149 {
diff --git a/src/lib/libcrypto/asn1/i2d_pr.c b/src/lib/libcrypto/asn1/i2d_pr.c
index 1e951ae01d..0be52c5b76 100644
--- a/src/lib/libcrypto/asn1/i2d_pr.c
+++ b/src/lib/libcrypto/asn1/i2d_pr.c
@@ -67,6 +67,9 @@
67#ifndef OPENSSL_NO_DSA 67#ifndef OPENSSL_NO_DSA
68#include <openssl/dsa.h> 68#include <openssl/dsa.h>
69#endif 69#endif
70#ifndef OPENSSL_NO_EC
71#include <openssl/ec.h>
72#endif
70 73
71int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp) 74int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
72 { 75 {
@@ -83,6 +86,12 @@ int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp)
83 return(i2d_DSAPrivateKey(a->pkey.dsa,pp)); 86 return(i2d_DSAPrivateKey(a->pkey.dsa,pp));
84 } 87 }
85#endif 88#endif
89#ifndef OPENSSL_NO_EC
90 if (a->type == EVP_PKEY_EC)
91 {
92 return(i2d_ECPrivateKey(a->pkey.ec, pp));
93 }
94#endif
86 95
87 ASN1err(ASN1_F_I2D_PRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); 96 ASN1err(ASN1_F_I2D_PRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
88 return(-1); 97 return(-1);
diff --git a/src/lib/libcrypto/asn1/i2d_pu.c b/src/lib/libcrypto/asn1/i2d_pu.c
index 013d19bbf4..34286dbd35 100644
--- a/src/lib/libcrypto/asn1/i2d_pu.c
+++ b/src/lib/libcrypto/asn1/i2d_pu.c
@@ -67,6 +67,9 @@
67#ifndef OPENSSL_NO_DSA 67#ifndef OPENSSL_NO_DSA
68#include <openssl/dsa.h> 68#include <openssl/dsa.h>
69#endif 69#endif
70#ifndef OPENSSL_NO_EC
71#include <openssl/ec.h>
72#endif
70 73
71int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp) 74int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp)
72 { 75 {
@@ -80,6 +83,10 @@ int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp)
80 case EVP_PKEY_DSA: 83 case EVP_PKEY_DSA:
81 return(i2d_DSAPublicKey(a->pkey.dsa,pp)); 84 return(i2d_DSAPublicKey(a->pkey.dsa,pp));
82#endif 85#endif
86#ifndef OPENSSL_NO_EC
87 case EVP_PKEY_EC:
88 return(i2o_ECPublicKey(a->pkey.ec, pp));
89#endif
83 default: 90 default:
84 ASN1err(ASN1_F_I2D_PUBLICKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE); 91 ASN1err(ASN1_F_I2D_PUBLICKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
85 return(-1); 92 return(-1);
diff --git a/src/lib/libcrypto/asn1/n_pkey.c b/src/lib/libcrypto/asn1/n_pkey.c
index 766b51c538..60bc437938 100644
--- a/src/lib/libcrypto/asn1/n_pkey.c
+++ b/src/lib/libcrypto/asn1/n_pkey.c
@@ -56,9 +56,9 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59#ifndef OPENSSL_NO_RSA
60#include <stdio.h> 59#include <stdio.h>
61#include "cryptlib.h" 60#include "cryptlib.h"
61#ifndef OPENSSL_NO_RSA
62#include <openssl/rsa.h> 62#include <openssl/rsa.h>
63#include <openssl/objects.h> 63#include <openssl/objects.h>
64#include <openssl/asn1t.h> 64#include <openssl/asn1t.h>
@@ -107,14 +107,20 @@ DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_PKEY,NETSCAPE_PKEY)
107IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_PKEY) 107IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_PKEY)
108 108
109static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, 109static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
110 int (*cb)(), int sgckey); 110 int (*cb)(char *buf, int len, const char *prompt,
111 int verify),
112 int sgckey);
111 113
112int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)()) 114int i2d_Netscape_RSA(const RSA *a, unsigned char **pp,
115 int (*cb)(char *buf, int len, const char *prompt,
116 int verify))
113{ 117{
114 return i2d_RSA_NET(a, pp, cb, 0); 118 return i2d_RSA_NET(a, pp, cb, 0);
115} 119}
116 120
117int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey) 121int i2d_RSA_NET(const RSA *a, unsigned char **pp,
122 int (*cb)(char *buf, int len, const char *prompt, int verify),
123 int sgckey)
118 { 124 {
119 int i, j, ret = 0; 125 int i, j, ret = 0;
120 int rsalen, pkeylen, olen; 126 int rsalen, pkeylen, olen;
@@ -164,7 +170,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
164 /* Since its RC4 encrypted length is actual length */ 170 /* Since its RC4 encrypted length is actual length */
165 if ((zz=(unsigned char *)OPENSSL_malloc(rsalen)) == NULL) 171 if ((zz=(unsigned char *)OPENSSL_malloc(rsalen)) == NULL)
166 { 172 {
167 ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); 173 ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE);
168 goto err; 174 goto err;
169 } 175 }
170 176
@@ -174,13 +180,13 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
174 180
175 if ((zz=OPENSSL_malloc(pkeylen)) == NULL) 181 if ((zz=OPENSSL_malloc(pkeylen)) == NULL)
176 { 182 {
177 ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); 183 ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE);
178 goto err; 184 goto err;
179 } 185 }
180 186
181 if (!ASN1_STRING_set(enckey->os, "private-key", -1)) 187 if (!ASN1_STRING_set(enckey->os, "private-key", -1))
182 { 188 {
183 ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); 189 ASN1err(ASN1_F_I2D_RSA_NET,ERR_R_MALLOC_FAILURE);
184 goto err; 190 goto err;
185 } 191 }
186 enckey->enckey->digest->data = zz; 192 enckey->enckey->digest->data = zz;
@@ -191,10 +197,10 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
191 197
192 if (cb == NULL) 198 if (cb == NULL)
193 cb=EVP_read_pw_string; 199 cb=EVP_read_pw_string;
194 i=cb(buf,256,"Enter Private Key password:",1); 200 i=cb((char *)buf,256,"Enter Private Key password:",1);
195 if (i != 0) 201 if (i != 0)
196 { 202 {
197 ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ASN1_R_BAD_PASSWORD_READ); 203 ASN1err(ASN1_F_I2D_RSA_NET,ASN1_R_BAD_PASSWORD_READ);
198 goto err; 204 goto err;
199 } 205 }
200 i = strlen((char *)buf); 206 i = strlen((char *)buf);
@@ -224,12 +230,16 @@ err:
224 } 230 }
225 231
226 232
227RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)()) 233RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length,
234 int (*cb)(char *buf, int len, const char *prompt,
235 int verify))
228{ 236{
229 return d2i_RSA_NET(a, pp, length, cb, 0); 237 return d2i_RSA_NET(a, pp, length, cb, 0);
230} 238}
231 239
232RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey) 240RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length,
241 int (*cb)(char *buf, int len, const char *prompt, int verify),
242 int sgckey)
233 { 243 {
234 RSA *ret=NULL; 244 RSA *ret=NULL;
235 const unsigned char *p, *kp; 245 const unsigned char *p, *kp;
@@ -239,20 +249,20 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), in
239 249
240 enckey = d2i_NETSCAPE_ENCRYPTED_PKEY(NULL, &p, length); 250 enckey = d2i_NETSCAPE_ENCRYPTED_PKEY(NULL, &p, length);
241 if(!enckey) { 251 if(!enckey) {
242 ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_DECODING_ERROR); 252 ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_DECODING_ERROR);
243 return NULL; 253 return NULL;
244 } 254 }
245 255
246 if ((enckey->os->length != 11) || (strncmp("private-key", 256 if ((enckey->os->length != 11) || (strncmp("private-key",
247 (char *)enckey->os->data,11) != 0)) 257 (char *)enckey->os->data,11) != 0))
248 { 258 {
249 ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_PRIVATE_KEY_HEADER_MISSING); 259 ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_PRIVATE_KEY_HEADER_MISSING);
250 NETSCAPE_ENCRYPTED_PKEY_free(enckey); 260 NETSCAPE_ENCRYPTED_PKEY_free(enckey);
251 return NULL; 261 return NULL;
252 } 262 }
253 if (OBJ_obj2nid(enckey->enckey->algor->algorithm) != NID_rc4) 263 if (OBJ_obj2nid(enckey->enckey->algor->algorithm) != NID_rc4)
254 { 264 {
255 ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM); 265 ASN1err(ASN1_F_D2I_RSA_NET,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
256 goto err; 266 goto err;
257 } 267 }
258 kp = enckey->enckey->digest->data; 268 kp = enckey->enckey->digest->data;
@@ -269,7 +279,8 @@ RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), in
269 } 279 }
270 280
271static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, 281static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
272 int (*cb)(), int sgckey) 282 int (*cb)(char *buf, int len, const char *prompt,
283 int verify), int sgckey)
273 { 284 {
274 NETSCAPE_PKEY *pkey=NULL; 285 NETSCAPE_PKEY *pkey=NULL;
275 RSA *ret=NULL; 286 RSA *ret=NULL;
@@ -279,10 +290,10 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
279 unsigned char key[EVP_MAX_KEY_LENGTH]; 290 unsigned char key[EVP_MAX_KEY_LENGTH];
280 EVP_CIPHER_CTX ctx; 291 EVP_CIPHER_CTX ctx;
281 292
282 i=cb(buf,256,"Enter Private Key password:",0); 293 i=cb((char *)buf,256,"Enter Private Key password:",0);
283 if (i != 0) 294 if (i != 0)
284 { 295 {
285 ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_BAD_PASSWORD_READ); 296 ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_BAD_PASSWORD_READ);
286 goto err; 297 goto err;
287 } 298 }
288 299
@@ -307,14 +318,14 @@ static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
307 318
308 if ((pkey=d2i_NETSCAPE_PKEY(NULL,&zz,os->length)) == NULL) 319 if ((pkey=d2i_NETSCAPE_PKEY(NULL,&zz,os->length)) == NULL)
309 { 320 {
310 ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY); 321 ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY);
311 goto err; 322 goto err;
312 } 323 }
313 324
314 zz=pkey->private_key->data; 325 zz=pkey->private_key->data;
315 if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL) 326 if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL)
316 { 327 {
317 ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY); 328 ASN1err(ASN1_F_D2I_RSA_NET_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY);
318 goto err; 329 goto err;
319 } 330 }
320err: 331err:
diff --git a/src/lib/libcrypto/asn1/p5_pbe.c b/src/lib/libcrypto/asn1/p5_pbe.c
index ec788267e0..da91170094 100644
--- a/src/lib/libcrypto/asn1/p5_pbe.c
+++ b/src/lib/libcrypto/asn1/p5_pbe.c
@@ -82,17 +82,17 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt,
82 ASN1_TYPE *astype=NULL; 82 ASN1_TYPE *astype=NULL;
83 83
84 if (!(pbe = PBEPARAM_new ())) { 84 if (!(pbe = PBEPARAM_new ())) {
85 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); 85 ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE);
86 goto err; 86 goto err;
87 } 87 }
88 if(iter <= 0) iter = PKCS5_DEFAULT_ITER; 88 if(iter <= 0) iter = PKCS5_DEFAULT_ITER;
89 if (!ASN1_INTEGER_set(pbe->iter, iter)) { 89 if (!ASN1_INTEGER_set(pbe->iter, iter)) {
90 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); 90 ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE);
91 goto err; 91 goto err;
92 } 92 }
93 if (!saltlen) saltlen = PKCS5_SALT_LEN; 93 if (!saltlen) saltlen = PKCS5_SALT_LEN;
94 if (!(pbe->salt->data = OPENSSL_malloc (saltlen))) { 94 if (!(pbe->salt->data = OPENSSL_malloc (saltlen))) {
95 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); 95 ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE);
96 goto err; 96 goto err;
97 } 97 }
98 pbe->salt->length = saltlen; 98 pbe->salt->length = saltlen;
@@ -101,13 +101,14 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt,
101 goto err; 101 goto err;
102 102
103 if (!(astype = ASN1_TYPE_new())) { 103 if (!(astype = ASN1_TYPE_new())) {
104 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); 104 ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE);
105 goto err; 105 goto err;
106 } 106 }
107 107
108 astype->type = V_ASN1_SEQUENCE; 108 astype->type = V_ASN1_SEQUENCE;
109 if(!ASN1_pack_string(pbe, i2d_PBEPARAM, &astype->value.sequence)) { 109 if(!ASN1_pack_string_of(PBEPARAM, pbe, i2d_PBEPARAM,
110 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); 110 &astype->value.sequence)) {
111 ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE);
111 goto err; 112 goto err;
112 } 113 }
113 PBEPARAM_free (pbe); 114 PBEPARAM_free (pbe);
@@ -115,7 +116,7 @@ X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt,
115 116
116 al = OBJ_nid2obj(alg); /* never need to free al */ 117 al = OBJ_nid2obj(alg); /* never need to free al */
117 if (!(algor = X509_ALGOR_new())) { 118 if (!(algor = X509_ALGOR_new())) {
118 ASN1err(ASN1_F_ASN1_PBE_SET,ERR_R_MALLOC_FAILURE); 119 ASN1err(ASN1_F_PKCS5_PBE_SET,ERR_R_MALLOC_FAILURE);
119 goto err; 120 goto err;
120 } 121 }
121 ASN1_OBJECT_free(algor->algorithm); 122 ASN1_OBJECT_free(algor->algorithm);
diff --git a/src/lib/libcrypto/asn1/p5_pbev2.c b/src/lib/libcrypto/asn1/p5_pbev2.c
index e0dc0ec4ee..c834a38ddf 100644
--- a/src/lib/libcrypto/asn1/p5_pbev2.c
+++ b/src/lib/libcrypto/asn1/p5_pbev2.c
@@ -115,7 +115,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
115 /* Create random IV */ 115 /* Create random IV */
116 if (EVP_CIPHER_iv_length(cipher) && 116 if (EVP_CIPHER_iv_length(cipher) &&
117 RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0) 117 RAND_pseudo_bytes(iv, EVP_CIPHER_iv_length(cipher)) < 0)
118 goto err; 118 goto err;
119 119
120 EVP_CIPHER_CTX_init(&ctx); 120 EVP_CIPHER_CTX_init(&ctx);
121 121
@@ -164,7 +164,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
164 164
165 if(!(pbe2->keyfunc->parameter = ASN1_TYPE_new())) goto merr; 165 if(!(pbe2->keyfunc->parameter = ASN1_TYPE_new())) goto merr;
166 166
167 if(!ASN1_pack_string(kdf, i2d_PBKDF2PARAM, 167 if(!ASN1_pack_string_of(PBKDF2PARAM, kdf, i2d_PBKDF2PARAM,
168 &pbe2->keyfunc->parameter->value.sequence)) goto merr; 168 &pbe2->keyfunc->parameter->value.sequence)) goto merr;
169 pbe2->keyfunc->parameter->type = V_ASN1_SEQUENCE; 169 pbe2->keyfunc->parameter->type = V_ASN1_SEQUENCE;
170 170
@@ -180,7 +180,7 @@ X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
180 180
181 /* Encode PBE2PARAM into parameter */ 181 /* Encode PBE2PARAM into parameter */
182 182
183 if(!ASN1_pack_string(pbe2, i2d_PBE2PARAM, 183 if(!ASN1_pack_string_of(PBE2PARAM, pbe2, i2d_PBE2PARAM,
184 &ret->parameter->value.sequence)) goto merr; 184 &ret->parameter->value.sequence)) goto merr;
185 ret->parameter->type = V_ASN1_SEQUENCE; 185 ret->parameter->type = V_ASN1_SEQUENCE;
186 186
diff --git a/src/lib/libcrypto/asn1/t_crl.c b/src/lib/libcrypto/asn1/t_crl.c
index 757c148df8..929b3e5904 100644
--- a/src/lib/libcrypto/asn1/t_crl.c
+++ b/src/lib/libcrypto/asn1/t_crl.c
@@ -72,7 +72,7 @@ int X509_CRL_print_fp(FILE *fp, X509_CRL *x)
72 72
73 if ((b=BIO_new(BIO_s_file())) == NULL) 73 if ((b=BIO_new(BIO_s_file())) == NULL)
74 { 74 {
75 X509err(X509_F_X509_PRINT_FP,ERR_R_BUF_LIB); 75 X509err(X509_F_X509_CRL_PRINT_FP,ERR_R_BUF_LIB);
76 return(0); 76 return(0);
77 } 77 }
78 BIO_set_fp(b,fp,BIO_NOCLOSE); 78 BIO_set_fp(b,fp,BIO_NOCLOSE);
@@ -121,7 +121,7 @@ int X509_CRL_print(BIO *out, X509_CRL *x)
121 r = sk_X509_REVOKED_value(rev, i); 121 r = sk_X509_REVOKED_value(rev, i);
122 BIO_printf(out," Serial Number: "); 122 BIO_printf(out," Serial Number: ");
123 i2a_ASN1_INTEGER(out,r->serialNumber); 123 i2a_ASN1_INTEGER(out,r->serialNumber);
124 BIO_printf(out,"\n Revocation Date: ",""); 124 BIO_printf(out,"\n Revocation Date: ");
125 ASN1_TIME_print(out,r->revocationDate); 125 ASN1_TIME_print(out,r->revocationDate);
126 BIO_printf(out,"\n"); 126 BIO_printf(out,"\n");
127 X509V3_extensions_print(out, "CRL entry extensions", 127 X509V3_extensions_print(out, "CRL entry extensions",
diff --git a/src/lib/libcrypto/asn1/t_pkey.c b/src/lib/libcrypto/asn1/t_pkey.c
index d15006e654..afb95d6712 100644
--- a/src/lib/libcrypto/asn1/t_pkey.c
+++ b/src/lib/libcrypto/asn1/t_pkey.c
@@ -55,9 +55,15 @@
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58/* ====================================================================
59 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
60 * Binary polynomial ECC support in OpenSSL originally developed by
61 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
62 */
58 63
59#include <stdio.h> 64#include <stdio.h>
60#include "cryptlib.h" 65#include "cryptlib.h"
66#include <openssl/objects.h>
61#include <openssl/buffer.h> 67#include <openssl/buffer.h>
62#include <openssl/bn.h> 68#include <openssl/bn.h>
63#ifndef OPENSSL_NO_RSA 69#ifndef OPENSSL_NO_RSA
@@ -69,26 +75,33 @@
69#ifndef OPENSSL_NO_DSA 75#ifndef OPENSSL_NO_DSA
70#include <openssl/dsa.h> 76#include <openssl/dsa.h>
71#endif 77#endif
78#ifndef OPENSSL_NO_EC
79#include <openssl/ec.h>
80#endif
72 81
73static int print(BIO *fp,const char *str,BIGNUM *num, 82static int print(BIO *fp,const char *str, const BIGNUM *num,
74 unsigned char *buf,int off); 83 unsigned char *buf,int off);
84#ifndef OPENSSL_NO_EC
85static int print_bin(BIO *fp, const char *str, const unsigned char *num,
86 size_t len, int off);
87#endif
75#ifndef OPENSSL_NO_RSA 88#ifndef OPENSSL_NO_RSA
76#ifndef OPENSSL_NO_FP_API 89#ifndef OPENSSL_NO_FP_API
77int RSA_print_fp(FILE *fp, const RSA *x, int off) 90int RSA_print_fp(FILE *fp, const RSA *x, int off)
78 { 91 {
79 BIO *b; 92 BIO *b;
80 int ret; 93 int ret;
81 94
82 if ((b=BIO_new(BIO_s_file())) == NULL) 95 if ((b=BIO_new(BIO_s_file())) == NULL)
83 { 96 {
84 RSAerr(RSA_F_RSA_PRINT_FP,ERR_R_BUF_LIB); 97 RSAerr(RSA_F_RSA_PRINT_FP,ERR_R_BUF_LIB);
85 return(0); 98 return(0);
86 } 99 }
87 BIO_set_fp(b,fp,BIO_NOCLOSE); 100 BIO_set_fp(b,fp,BIO_NOCLOSE);
88 ret=RSA_print(b,x,off); 101 ret=RSA_print(b,x,off);
89 BIO_free(b); 102 BIO_free(b);
90 return(ret); 103 return(ret);
91 } 104 }
92#endif 105#endif
93 106
94int RSA_print(BIO *bp, const RSA *x, int off) 107int RSA_print(BIO *bp, const RSA *x, int off)
@@ -96,7 +109,7 @@ int RSA_print(BIO *bp, const RSA *x, int off)
96 char str[128]; 109 char str[128];
97 const char *s; 110 const char *s;
98 unsigned char *m=NULL; 111 unsigned char *m=NULL;
99 int ret=0; 112 int ret=0, mod_len = 0;
100 size_t buf_len=0, i; 113 size_t buf_len=0, i;
101 114
102 if (x->n) 115 if (x->n)
@@ -130,27 +143,37 @@ int RSA_print(BIO *bp, const RSA *x, int off)
130 goto err; 143 goto err;
131 } 144 }
132 145
146 if (x->n != NULL)
147 mod_len = BN_num_bits(x->n);
148
133 if (x->d != NULL) 149 if (x->d != NULL)
134 { 150 {
135 if(!BIO_indent(bp,off,128)) 151 if(!BIO_indent(bp,off,128))
136 goto err; 152 goto err;
137 if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->n)) 153 if (BIO_printf(bp,"Private-Key: (%d bit)\n", mod_len)
138 <= 0) goto err; 154 <= 0) goto err;
139 } 155 }
140 156
141 if (x->d == NULL) 157 if (x->d == NULL)
142 BIO_snprintf(str,sizeof str,"Modulus (%d bit):",BN_num_bits(x->n)); 158 BIO_snprintf(str,sizeof str,"Modulus (%d bit):", mod_len);
143 else 159 else
144 BUF_strlcpy(str,"modulus:",sizeof str); 160 BUF_strlcpy(str,"modulus:",sizeof str);
145 if (!print(bp,str,x->n,m,off)) goto err; 161 if (!print(bp,str,x->n,m,off)) goto err;
146 s=(x->d == NULL)?"Exponent:":"publicExponent:"; 162 s=(x->d == NULL)?"Exponent:":"publicExponent:";
147 if (!print(bp,s,x->e,m,off)) goto err; 163 if ((x->e != NULL) && !print(bp,s,x->e,m,off))
148 if (!print(bp,"privateExponent:",x->d,m,off)) goto err; 164 goto err;
149 if (!print(bp,"prime1:",x->p,m,off)) goto err; 165 if ((x->d != NULL) && !print(bp,"privateExponent:",x->d,m,off))
150 if (!print(bp,"prime2:",x->q,m,off)) goto err; 166 goto err;
151 if (!print(bp,"exponent1:",x->dmp1,m,off)) goto err; 167 if ((x->p != NULL) && !print(bp,"prime1:",x->p,m,off))
152 if (!print(bp,"exponent2:",x->dmq1,m,off)) goto err; 168 goto err;
153 if (!print(bp,"coefficient:",x->iqmp,m,off)) goto err; 169 if ((x->q != NULL) && !print(bp,"prime2:",x->q,m,off))
170 goto err;
171 if ((x->dmp1 != NULL) && !print(bp,"exponent1:",x->dmp1,m,off))
172 goto err;
173 if ((x->dmq1 != NULL) && !print(bp,"exponent2:",x->dmq1,m,off))
174 goto err;
175 if ((x->iqmp != NULL) && !print(bp,"coefficient:",x->iqmp,m,off))
176 goto err;
154 ret=1; 177 ret=1;
155err: 178err:
156 if (m != NULL) OPENSSL_free(m); 179 if (m != NULL) OPENSSL_free(m);
@@ -185,6 +208,11 @@ int DSA_print(BIO *bp, const DSA *x, int off)
185 208
186 if (x->p) 209 if (x->p)
187 buf_len = (size_t)BN_num_bytes(x->p); 210 buf_len = (size_t)BN_num_bytes(x->p);
211 else
212 {
213 DSAerr(DSA_F_DSA_PRINT,DSA_R_MISSING_PARAMETERS);
214 goto err;
215 }
188 if (x->q) 216 if (x->q)
189 if (buf_len < (i = (size_t)BN_num_bytes(x->q))) 217 if (buf_len < (i = (size_t)BN_num_bytes(x->q)))
190 buf_len = i; 218 buf_len = i;
@@ -227,16 +255,334 @@ err:
227 } 255 }
228#endif /* !OPENSSL_NO_DSA */ 256#endif /* !OPENSSL_NO_DSA */
229 257
230static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf, 258#ifndef OPENSSL_NO_EC
259#ifndef OPENSSL_NO_FP_API
260int ECPKParameters_print_fp(FILE *fp, const EC_GROUP *x, int off)
261 {
262 BIO *b;
263 int ret;
264
265 if ((b=BIO_new(BIO_s_file())) == NULL)
266 {
267 ECerr(EC_F_ECPKPARAMETERS_PRINT_FP,ERR_R_BUF_LIB);
268 return(0);
269 }
270 BIO_set_fp(b, fp, BIO_NOCLOSE);
271 ret = ECPKParameters_print(b, x, off);
272 BIO_free(b);
273 return(ret);
274 }
275
276int EC_KEY_print_fp(FILE *fp, const EC_KEY *x, int off)
277 {
278 BIO *b;
279 int ret;
280
281 if ((b=BIO_new(BIO_s_file())) == NULL)
282 {
283 ECerr(EC_F_EC_KEY_PRINT_FP, ERR_R_BIO_LIB);
284 return(0);
285 }
286 BIO_set_fp(b, fp, BIO_NOCLOSE);
287 ret = EC_KEY_print(b, x, off);
288 BIO_free(b);
289 return(ret);
290 }
291#endif
292
293int ECPKParameters_print(BIO *bp, const EC_GROUP *x, int off)
294 {
295 unsigned char *buffer=NULL;
296 size_t buf_len=0, i;
297 int ret=0, reason=ERR_R_BIO_LIB;
298 BN_CTX *ctx=NULL;
299 const EC_POINT *point=NULL;
300 BIGNUM *p=NULL, *a=NULL, *b=NULL, *gen=NULL,
301 *order=NULL, *cofactor=NULL;
302 const unsigned char *seed;
303 size_t seed_len=0;
304
305 static const char *gen_compressed = "Generator (compressed):";
306 static const char *gen_uncompressed = "Generator (uncompressed):";
307 static const char *gen_hybrid = "Generator (hybrid):";
308
309 if (!x)
310 {
311 reason = ERR_R_PASSED_NULL_PARAMETER;
312 goto err;
313 }
314
315 if (EC_GROUP_get_asn1_flag(x))
316 {
317 /* the curve parameter are given by an asn1 OID */
318 int nid;
319
320 if (!BIO_indent(bp, off, 128))
321 goto err;
322
323 nid = EC_GROUP_get_curve_name(x);
324 if (nid == 0)
325 goto err;
326
327 if (BIO_printf(bp, "ASN1 OID: %s", OBJ_nid2sn(nid)) <= 0)
328 goto err;
329 if (BIO_printf(bp, "\n") <= 0)
330 goto err;
331 }
332 else
333 {
334 /* explicit parameters */
335 int is_char_two = 0;
336 point_conversion_form_t form;
337 int tmp_nid = EC_METHOD_get_field_type(EC_GROUP_method_of(x));
338
339 if (tmp_nid == NID_X9_62_characteristic_two_field)
340 is_char_two = 1;
341
342 if ((p = BN_new()) == NULL || (a = BN_new()) == NULL ||
343 (b = BN_new()) == NULL || (order = BN_new()) == NULL ||
344 (cofactor = BN_new()) == NULL)
345 {
346 reason = ERR_R_MALLOC_FAILURE;
347 goto err;
348 }
349
350 if (is_char_two)
351 {
352 if (!EC_GROUP_get_curve_GF2m(x, p, a, b, ctx))
353 {
354 reason = ERR_R_EC_LIB;
355 goto err;
356 }
357 }
358 else /* prime field */
359 {
360 if (!EC_GROUP_get_curve_GFp(x, p, a, b, ctx))
361 {
362 reason = ERR_R_EC_LIB;
363 goto err;
364 }
365 }
366
367 if ((point = EC_GROUP_get0_generator(x)) == NULL)
368 {
369 reason = ERR_R_EC_LIB;
370 goto err;
371 }
372 if (!EC_GROUP_get_order(x, order, NULL) ||
373 !EC_GROUP_get_cofactor(x, cofactor, NULL))
374 {
375 reason = ERR_R_EC_LIB;
376 goto err;
377 }
378
379 form = EC_GROUP_get_point_conversion_form(x);
380
381 if ((gen = EC_POINT_point2bn(x, point,
382 form, NULL, ctx)) == NULL)
383 {
384 reason = ERR_R_EC_LIB;
385 goto err;
386 }
387
388 buf_len = (size_t)BN_num_bytes(p);
389 if (buf_len < (i = (size_t)BN_num_bytes(a)))
390 buf_len = i;
391 if (buf_len < (i = (size_t)BN_num_bytes(b)))
392 buf_len = i;
393 if (buf_len < (i = (size_t)BN_num_bytes(gen)))
394 buf_len = i;
395 if (buf_len < (i = (size_t)BN_num_bytes(order)))
396 buf_len = i;
397 if (buf_len < (i = (size_t)BN_num_bytes(cofactor)))
398 buf_len = i;
399
400 if ((seed = EC_GROUP_get0_seed(x)) != NULL)
401 seed_len = EC_GROUP_get_seed_len(x);
402
403 buf_len += 10;
404 if ((buffer = OPENSSL_malloc(buf_len)) == NULL)
405 {
406 reason = ERR_R_MALLOC_FAILURE;
407 goto err;
408 }
409
410 if (!BIO_indent(bp, off, 128))
411 goto err;
412
413 /* print the 'short name' of the field type */
414 if (BIO_printf(bp, "Field Type: %s\n", OBJ_nid2sn(tmp_nid))
415 <= 0)
416 goto err;
417
418 if (is_char_two)
419 {
420 /* print the 'short name' of the base type OID */
421 int basis_type = EC_GROUP_get_basis_type(x);
422 if (basis_type == 0)
423 goto err;
424
425 if (!BIO_indent(bp, off, 128))
426 goto err;
427
428 if (BIO_printf(bp, "Basis Type: %s\n",
429 OBJ_nid2sn(basis_type)) <= 0)
430 goto err;
431
432 /* print the polynomial */
433 if ((p != NULL) && !print(bp, "Polynomial:", p, buffer,
434 off))
435 goto err;
436 }
437 else
438 {
439 if ((p != NULL) && !print(bp, "Prime:", p, buffer,off))
440 goto err;
441 }
442 if ((a != NULL) && !print(bp, "A: ", a, buffer, off))
443 goto err;
444 if ((b != NULL) && !print(bp, "B: ", b, buffer, off))
445 goto err;
446 if (form == POINT_CONVERSION_COMPRESSED)
447 {
448 if ((gen != NULL) && !print(bp, gen_compressed, gen,
449 buffer, off))
450 goto err;
451 }
452 else if (form == POINT_CONVERSION_UNCOMPRESSED)
453 {
454 if ((gen != NULL) && !print(bp, gen_uncompressed, gen,
455 buffer, off))
456 goto err;
457 }
458 else /* form == POINT_CONVERSION_HYBRID */
459 {
460 if ((gen != NULL) && !print(bp, gen_hybrid, gen,
461 buffer, off))
462 goto err;
463 }
464 if ((order != NULL) && !print(bp, "Order: ", order,
465 buffer, off)) goto err;
466 if ((cofactor != NULL) && !print(bp, "Cofactor: ", cofactor,
467 buffer, off)) goto err;
468 if (seed && !print_bin(bp, "Seed:", seed, seed_len, off))
469 goto err;
470 }
471 ret=1;
472err:
473 if (!ret)
474 ECerr(EC_F_ECPKPARAMETERS_PRINT, reason);
475 if (p)
476 BN_free(p);
477 if (a)
478 BN_free(a);
479 if (b)
480 BN_free(b);
481 if (gen)
482 BN_free(gen);
483 if (order)
484 BN_free(order);
485 if (cofactor)
486 BN_free(cofactor);
487 if (ctx)
488 BN_CTX_free(ctx);
489 if (buffer != NULL)
490 OPENSSL_free(buffer);
491 return(ret);
492 }
493
494int EC_KEY_print(BIO *bp, const EC_KEY *x, int off)
495 {
496 unsigned char *buffer=NULL;
497 size_t buf_len=0, i;
498 int ret=0, reason=ERR_R_BIO_LIB;
499 BIGNUM *pub_key=NULL, *order=NULL;
500 BN_CTX *ctx=NULL;
501 const EC_GROUP *group;
502 const EC_POINT *public_key;
503 const BIGNUM *priv_key;
504
505 if (x == NULL || (group = EC_KEY_get0_group(x)) == NULL)
506 {
507 reason = ERR_R_PASSED_NULL_PARAMETER;
508 goto err;
509 }
510
511 public_key = EC_KEY_get0_public_key(x);
512 if ((pub_key = EC_POINT_point2bn(group, public_key,
513 EC_KEY_get_conv_form(x), NULL, ctx)) == NULL)
514 {
515 reason = ERR_R_EC_LIB;
516 goto err;
517 }
518
519 buf_len = (size_t)BN_num_bytes(pub_key);
520 priv_key = EC_KEY_get0_private_key(x);
521 if (priv_key != NULL)
522 {
523 if ((i = (size_t)BN_num_bytes(priv_key)) > buf_len)
524 buf_len = i;
525 }
526
527 buf_len += 10;
528 if ((buffer = OPENSSL_malloc(buf_len)) == NULL)
529 {
530 reason = ERR_R_MALLOC_FAILURE;
531 goto err;
532 }
533
534 if (priv_key != NULL)
535 {
536 if (!BIO_indent(bp, off, 128))
537 goto err;
538 if ((order = BN_new()) == NULL)
539 goto err;
540 if (!EC_GROUP_get_order(group, order, NULL))
541 goto err;
542 if (BIO_printf(bp, "Private-Key: (%d bit)\n",
543 BN_num_bits(order)) <= 0) goto err;
544 }
545
546 if ((priv_key != NULL) && !print(bp, "priv:", priv_key,
547 buffer, off))
548 goto err;
549 if ((pub_key != NULL) && !print(bp, "pub: ", pub_key,
550 buffer, off))
551 goto err;
552 if (!ECPKParameters_print(bp, group, off))
553 goto err;
554 ret=1;
555err:
556 if (!ret)
557 ECerr(EC_F_EC_KEY_PRINT, reason);
558 if (pub_key)
559 BN_free(pub_key);
560 if (order)
561 BN_free(order);
562 if (ctx)
563 BN_CTX_free(ctx);
564 if (buffer != NULL)
565 OPENSSL_free(buffer);
566 return(ret);
567 }
568#endif /* OPENSSL_NO_EC */
569
570static int print(BIO *bp, const char *number, const BIGNUM *num, unsigned char *buf,
231 int off) 571 int off)
232 { 572 {
233 int n,i; 573 int n,i;
234 const char *neg; 574 const char *neg;
235 575
236 if (num == NULL) return(1); 576 if (num == NULL) return(1);
237 neg=(num->neg)?"-":""; 577 neg = (BN_is_negative(num))?"-":"";
238 if(!BIO_indent(bp,off,128)) 578 if(!BIO_indent(bp,off,128))
239 return 0; 579 return 0;
580 if (BN_is_zero(num))
581 {
582 if (BIO_printf(bp, "%s 0\n", number) <= 0)
583 return 0;
584 return 1;
585 }
240 586
241 if (BN_num_bytes(num) <= BN_BYTES) 587 if (BN_num_bytes(num) <= BN_BYTES)
242 { 588 {
@@ -272,23 +618,63 @@ static int print(BIO *bp, const char *number, BIGNUM *num, unsigned char *buf,
272 return(1); 618 return(1);
273 } 619 }
274 620
621#ifndef OPENSSL_NO_EC
622static int print_bin(BIO *fp, const char *name, const unsigned char *buf,
623 size_t len, int off)
624 {
625 size_t i;
626 char str[128];
627
628 if (buf == NULL)
629 return 1;
630 if (off)
631 {
632 if (off > 128)
633 off=128;
634 memset(str,' ',off);
635 if (BIO_write(fp, str, off) <= 0)
636 return 0;
637 }
638
639 if (BIO_printf(fp,"%s", name) <= 0)
640 return 0;
641
642 for (i=0; i<len; i++)
643 {
644 if ((i%15) == 0)
645 {
646 str[0]='\n';
647 memset(&(str[1]),' ',off+4);
648 if (BIO_write(fp, str, off+1+4) <= 0)
649 return 0;
650 }
651 if (BIO_printf(fp,"%02x%s",buf[i],((i+1) == len)?"":":") <= 0)
652 return 0;
653 }
654 if (BIO_write(fp,"\n",1) <= 0)
655 return 0;
656
657 return 1;
658 }
659#endif
660
275#ifndef OPENSSL_NO_DH 661#ifndef OPENSSL_NO_DH
276#ifndef OPENSSL_NO_FP_API 662#ifndef OPENSSL_NO_FP_API
277int DHparams_print_fp(FILE *fp, const DH *x) 663int DHparams_print_fp(FILE *fp, const DH *x)
278 { 664 {
279 BIO *b; 665 BIO *b;
280 int ret; 666 int ret;
281 667
282 if ((b=BIO_new(BIO_s_file())) == NULL) 668 if ((b=BIO_new(BIO_s_file())) == NULL)
283 { 669 {
284 DHerr(DH_F_DHPARAMS_PRINT_FP,ERR_R_BUF_LIB); 670 DHerr(DH_F_DHPARAMS_PRINT_FP,ERR_R_BUF_LIB);
285 return(0); 671 return(0);
286 } 672 }
287 BIO_set_fp(b,fp,BIO_NOCLOSE); 673 BIO_set_fp(b,fp,BIO_NOCLOSE);
288 ret=DHparams_print(b, x); 674 ret=DHparams_print(b, x);
289 BIO_free(b); 675 BIO_free(b);
290 return(ret); 676 return(ret);
291 } 677 }
292#endif 678#endif
293 679
294int DHparams_print(BIO *bp, const DH *x) 680int DHparams_print(BIO *bp, const DH *x)
@@ -299,6 +685,11 @@ int DHparams_print(BIO *bp, const DH *x)
299 685
300 if (x->p) 686 if (x->p)
301 buf_len = (size_t)BN_num_bytes(x->p); 687 buf_len = (size_t)BN_num_bytes(x->p);
688 else
689 {
690 reason = ERR_R_PASSED_NULL_PARAMETER;
691 goto err;
692 }
302 if (x->g) 693 if (x->g)
303 if (buf_len < (i = (size_t)BN_num_bytes(x->g))) 694 if (buf_len < (i = (size_t)BN_num_bytes(x->g)))
304 buf_len = i; 695 buf_len = i;
@@ -333,30 +724,35 @@ err:
333#ifndef OPENSSL_NO_DSA 724#ifndef OPENSSL_NO_DSA
334#ifndef OPENSSL_NO_FP_API 725#ifndef OPENSSL_NO_FP_API
335int DSAparams_print_fp(FILE *fp, const DSA *x) 726int DSAparams_print_fp(FILE *fp, const DSA *x)
336 { 727 {
337 BIO *b; 728 BIO *b;
338 int ret; 729 int ret;
339 730
340 if ((b=BIO_new(BIO_s_file())) == NULL) 731 if ((b=BIO_new(BIO_s_file())) == NULL)
341 { 732 {
342 DSAerr(DSA_F_DSAPARAMS_PRINT_FP,ERR_R_BUF_LIB); 733 DSAerr(DSA_F_DSAPARAMS_PRINT_FP,ERR_R_BUF_LIB);
343 return(0); 734 return(0);
344 } 735 }
345 BIO_set_fp(b,fp,BIO_NOCLOSE); 736 BIO_set_fp(b,fp,BIO_NOCLOSE);
346 ret=DSAparams_print(b, x); 737 ret=DSAparams_print(b, x);
347 BIO_free(b); 738 BIO_free(b);
348 return(ret); 739 return(ret);
349 } 740 }
350#endif 741#endif
351 742
352int DSAparams_print(BIO *bp, const DSA *x) 743int DSAparams_print(BIO *bp, const DSA *x)
353 { 744 {
354 unsigned char *m=NULL; 745 unsigned char *m=NULL;
355 int reason=ERR_R_BUF_LIB,ret=0; 746 int ret=0;
356 size_t buf_len=0,i; 747 size_t buf_len=0,i;
357 748
358 if (x->p) 749 if (x->p)
359 buf_len = (size_t)BN_num_bytes(x->p); 750 buf_len = (size_t)BN_num_bytes(x->p);
751 else
752 {
753 DSAerr(DSA_F_DSAPARAMS_PRINT,DSA_R_MISSING_PARAMETERS);
754 goto err;
755 }
360 if (x->q) 756 if (x->q)
361 if (buf_len < (i = (size_t)BN_num_bytes(x->q))) 757 if (buf_len < (i = (size_t)BN_num_bytes(x->q)))
362 buf_len = i; 758 buf_len = i;
@@ -366,7 +762,7 @@ int DSAparams_print(BIO *bp, const DSA *x)
366 m=(unsigned char *)OPENSSL_malloc(buf_len+10); 762 m=(unsigned char *)OPENSSL_malloc(buf_len+10);
367 if (m == NULL) 763 if (m == NULL)
368 { 764 {
369 reason=ERR_R_MALLOC_FAILURE; 765 DSAerr(DSA_F_DSAPARAMS_PRINT,ERR_R_MALLOC_FAILURE);
370 goto err; 766 goto err;
371 } 767 }
372 768
@@ -374,14 +770,70 @@ int DSAparams_print(BIO *bp, const DSA *x)
374 BN_num_bits(x->p)) <= 0) 770 BN_num_bits(x->p)) <= 0)
375 goto err; 771 goto err;
376 if (!print(bp,"p:",x->p,m,4)) goto err; 772 if (!print(bp,"p:",x->p,m,4)) goto err;
377 if (!print(bp,"q:",x->q,m,4)) goto err; 773 if ((x->q != NULL) && !print(bp,"q:",x->q,m,4)) goto err;
378 if (!print(bp,"g:",x->g,m,4)) goto err; 774 if ((x->g != NULL) && !print(bp,"g:",x->g,m,4)) goto err;
379 ret=1; 775 ret=1;
380err: 776err:
381 if (m != NULL) OPENSSL_free(m); 777 if (m != NULL) OPENSSL_free(m);
382 DSAerr(DSA_F_DSAPARAMS_PRINT,reason);
383 return(ret); 778 return(ret);
384 } 779 }
385 780
386#endif /* !OPENSSL_NO_DSA */ 781#endif /* !OPENSSL_NO_DSA */
387 782
783#ifndef OPENSSL_NO_EC
784#ifndef OPENSSL_NO_FP_API
785int ECParameters_print_fp(FILE *fp, const EC_KEY *x)
786 {
787 BIO *b;
788 int ret;
789
790 if ((b=BIO_new(BIO_s_file())) == NULL)
791 {
792 ECerr(EC_F_ECPARAMETERS_PRINT_FP, ERR_R_BIO_LIB);
793 return(0);
794 }
795 BIO_set_fp(b, fp, BIO_NOCLOSE);
796 ret = ECParameters_print(b, x);
797 BIO_free(b);
798 return(ret);
799 }
800#endif
801
802int ECParameters_print(BIO *bp, const EC_KEY *x)
803 {
804 int reason=ERR_R_EC_LIB, ret=0;
805 BIGNUM *order=NULL;
806 const EC_GROUP *group;
807
808 if (x == NULL || (group = EC_KEY_get0_group(x)) == NULL)
809 {
810 reason = ERR_R_PASSED_NULL_PARAMETER;;
811 goto err;
812 }
813
814 if ((order = BN_new()) == NULL)
815 {
816 reason = ERR_R_MALLOC_FAILURE;
817 goto err;
818 }
819
820 if (!EC_GROUP_get_order(group, order, NULL))
821 {
822 reason = ERR_R_EC_LIB;
823 goto err;
824 }
825
826 if (BIO_printf(bp, "ECDSA-Parameters: (%d bit)\n",
827 BN_num_bits(order)) <= 0)
828 goto err;
829 if (!ECPKParameters_print(bp, group, 4))
830 goto err;
831 ret=1;
832err:
833 if (order)
834 BN_free(order);
835 ECerr(EC_F_ECPARAMETERS_PRINT, reason);
836 return(ret);
837 }
838
839#endif
diff --git a/src/lib/libcrypto/asn1/t_req.c b/src/lib/libcrypto/asn1/t_req.c
index 740cee80c0..5557e06584 100644
--- a/src/lib/libcrypto/asn1/t_req.c
+++ b/src/lib/libcrypto/asn1/t_req.c
@@ -63,6 +63,12 @@
63#include <openssl/objects.h> 63#include <openssl/objects.h>
64#include <openssl/x509.h> 64#include <openssl/x509.h>
65#include <openssl/x509v3.h> 65#include <openssl/x509v3.h>
66#ifndef OPENSSL_NO_RSA
67#include <openssl/rsa.h>
68#endif
69#ifndef OPENSSL_NO_DSA
70#include <openssl/dsa.h>
71#endif
66 72
67#ifndef OPENSSL_NO_FP_API 73#ifndef OPENSSL_NO_FP_API
68int X509_REQ_print_fp(FILE *fp, X509_REQ *x) 74int X509_REQ_print_fp(FILE *fp, X509_REQ *x)
@@ -160,6 +166,14 @@ int X509_REQ_print_ex(BIO *bp, X509_REQ *x, unsigned long nmflags, unsigned long
160 } 166 }
161 else 167 else
162#endif 168#endif
169#ifndef OPENSSL_NO_EC
170 if (pkey->type == EVP_PKEY_EC)
171 {
172 BIO_printf(bp, "%12sEC Public Key: \n","");
173 EC_KEY_print(bp, pkey->pkey.ec, 16);
174 }
175 else
176#endif
163 BIO_printf(bp,"%12sUnknown Public Key:\n",""); 177 BIO_printf(bp,"%12sUnknown Public Key:\n","");
164 178
165 EVP_PKEY_free(pkey); 179 EVP_PKEY_free(pkey);
@@ -230,7 +244,7 @@ get_next:
230 } 244 }
231 } 245 }
232 } 246 }
233 if(!(cflag & X509_FLAG_NO_ATTRIBUTES)) 247 if(!(cflag & X509_FLAG_NO_EXTENSIONS))
234 { 248 {
235 exts = X509_REQ_get_extensions(x); 249 exts = X509_REQ_get_extensions(x);
236 if(exts) 250 if(exts)
@@ -246,9 +260,9 @@ get_next:
246 obj=X509_EXTENSION_get_object(ex); 260 obj=X509_EXTENSION_get_object(ex);
247 i2a_ASN1_OBJECT(bp,obj); 261 i2a_ASN1_OBJECT(bp,obj);
248 j=X509_EXTENSION_get_critical(ex); 262 j=X509_EXTENSION_get_critical(ex);
249 if (BIO_printf(bp,": %s\n",j?"critical":"","") <= 0) 263 if (BIO_printf(bp,": %s\n",j?"critical":"") <= 0)
250 goto err; 264 goto err;
251 if(!X509V3_EXT_print(bp, ex, 0, 16)) 265 if(!X509V3_EXT_print(bp, ex, cflag, 16))
252 { 266 {
253 BIO_printf(bp, "%16s", ""); 267 BIO_printf(bp, "%16s", "");
254 M_ASN1_OCTET_STRING_print(bp,ex->value); 268 M_ASN1_OCTET_STRING_print(bp,ex->value);
@@ -266,7 +280,7 @@ get_next:
266 280
267 return(1); 281 return(1);
268err: 282err:
269 X509err(X509_F_X509_REQ_PRINT,ERR_R_BUF_LIB); 283 X509err(X509_F_X509_REQ_PRINT_EX,ERR_R_BUF_LIB);
270 return(0); 284 return(0);
271 } 285 }
272 286
diff --git a/src/lib/libcrypto/asn1/t_spki.c b/src/lib/libcrypto/asn1/t_spki.c
index 5abfbc815e..c2a5797dd8 100644
--- a/src/lib/libcrypto/asn1/t_spki.c
+++ b/src/lib/libcrypto/asn1/t_spki.c
@@ -60,6 +60,13 @@
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/x509.h> 61#include <openssl/x509.h>
62#include <openssl/asn1.h> 62#include <openssl/asn1.h>
63#ifndef OPENSSL_NO_RSA
64#include <openssl/rsa.h>
65#endif
66#ifndef OPENSSL_NO_DSA
67#include <openssl/dsa.h>
68#endif
69#include <openssl/bn.h>
63 70
64/* Print out an SPKI */ 71/* Print out an SPKI */
65 72
@@ -93,6 +100,15 @@ int NETSCAPE_SPKI_print(BIO *out, NETSCAPE_SPKI *spki)
93 } 100 }
94 else 101 else
95#endif 102#endif
103#ifndef OPENSSL_NO_EC
104 if (pkey->type == EVP_PKEY_EC)
105 {
106 BIO_printf(out, " EC Public Key:\n");
107 EC_KEY_print(out, pkey->pkey.ec,2);
108 }
109 else
110#endif
111
96 BIO_printf(out," Unknown Public Key:\n"); 112 BIO_printf(out," Unknown Public Key:\n");
97 EVP_PKEY_free(pkey); 113 EVP_PKEY_free(pkey);
98 } 114 }
diff --git a/src/lib/libcrypto/asn1/t_x509.c b/src/lib/libcrypto/asn1/t_x509.c
index 30f68561b7..26d3361722 100644
--- a/src/lib/libcrypto/asn1/t_x509.c
+++ b/src/lib/libcrypto/asn1/t_x509.c
@@ -66,6 +66,9 @@
66#ifndef OPENSSL_NO_DSA 66#ifndef OPENSSL_NO_DSA
67#include <openssl/dsa.h> 67#include <openssl/dsa.h>
68#endif 68#endif
69#ifndef OPENSSL_NO_EC
70#include <openssl/ec.h>
71#endif
69#include <openssl/objects.h> 72#include <openssl/objects.h>
70#include <openssl/x509.h> 73#include <openssl/x509.h>
71#include <openssl/x509v3.h> 74#include <openssl/x509v3.h>
@@ -83,7 +86,7 @@ int X509_print_ex_fp(FILE *fp, X509 *x, unsigned long nmflag, unsigned long cfla
83 86
84 if ((b=BIO_new(BIO_s_file())) == NULL) 87 if ((b=BIO_new(BIO_s_file())) == NULL)
85 { 88 {
86 X509err(X509_F_X509_PRINT_FP,ERR_R_BUF_LIB); 89 X509err(X509_F_X509_PRINT_EX_FP,ERR_R_BUF_LIB);
87 return(0); 90 return(0);
88 } 91 }
89 BIO_set_fp(b,fp,BIO_NOCLOSE); 92 BIO_set_fp(b,fp,BIO_NOCLOSE);
@@ -229,6 +232,14 @@ int X509_print_ex(BIO *bp, X509 *x, unsigned long nmflags, unsigned long cflag)
229 } 232 }
230 else 233 else
231#endif 234#endif
235#ifndef OPENSSL_NO_EC
236 if (pkey->type == EVP_PKEY_EC)
237 {
238 BIO_printf(bp, "%12sEC Public Key:\n","");
239 EC_KEY_print(bp, pkey->pkey.ec, 16);
240 }
241 else
242#endif
232 BIO_printf(bp,"%12sUnknown Public Key:\n",""); 243 BIO_printf(bp,"%12sUnknown Public Key:\n","");
233 244
234 EVP_PKEY_free(pkey); 245 EVP_PKEY_free(pkey);
@@ -434,19 +445,18 @@ err:
434int X509_NAME_print(BIO *bp, X509_NAME *name, int obase) 445int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
435 { 446 {
436 char *s,*c,*b; 447 char *s,*c,*b;
437 int ret=0,l,ll,i,first=1; 448 int ret=0,l,i;
438 449
439 ll=80-2-obase; 450 l=80-2-obase;
440 451
441 b=s=X509_NAME_oneline(name,NULL,0); 452 b=X509_NAME_oneline(name,NULL,0);
442 if (!*s) 453 if (!*b)
443 { 454 {
444 OPENSSL_free(b); 455 OPENSSL_free(b);
445 return 1; 456 return 1;
446 } 457 }
447 s++; /* skip the first slash */ 458 s=b+1; /* skip the first slash */
448 459
449 l=ll;
450 c=s; 460 c=s;
451 for (;;) 461 for (;;)
452 { 462 {
@@ -468,20 +478,9 @@ int X509_NAME_print(BIO *bp, X509_NAME *name, int obase)
468 (*s == '\0')) 478 (*s == '\0'))
469#endif 479#endif
470 { 480 {
471 if ((l <= 0) && !first)
472 {
473 first=0;
474 if (BIO_write(bp,"\n",1) != 1) goto err;
475 for (i=0; i<obase; i++)
476 {
477 if (BIO_write(bp," ",1) != 1) goto err;
478 }
479 l=ll;
480 }
481 i=s-c; 481 i=s-c;
482 if (BIO_write(bp,c,i) != i) goto err; 482 if (BIO_write(bp,c,i) != i) goto err;
483 c+=i; 483 c=s+1; /* skip following slash */
484 c++;
485 if (*s != '\0') 484 if (*s != '\0')
486 { 485 {
487 if (BIO_write(bp,", ",2) != 2) goto err; 486 if (BIO_write(bp,", ",2) != 2) goto err;
diff --git a/src/lib/libcrypto/asn1/tasn_dec.c b/src/lib/libcrypto/asn1/tasn_dec.c
index b7e916ef36..0ee406231e 100644
--- a/src/lib/libcrypto/asn1/tasn_dec.c
+++ b/src/lib/libcrypto/asn1/tasn_dec.c
@@ -3,7 +3,7 @@
3 * project 2000. 3 * project 2000.
4 */ 4 */
5/* ==================================================================== 5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved. 6 * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved.
7 * 7 *
8 * Redistribution and use in source and binary forms, with or without 8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions 9 * modification, are permitted provided that the following conditions
@@ -65,24 +65,40 @@
65#include <openssl/buffer.h> 65#include <openssl/buffer.h>
66#include <openssl/err.h> 66#include <openssl/err.h>
67 67
68static int asn1_check_eoc(unsigned char **in, long len); 68static int asn1_check_eoc(const unsigned char **in, long len);
69static int asn1_find_end(unsigned char **in, long len, char inf); 69static int asn1_find_end(const unsigned char **in, long len, char inf);
70static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass); 70
71static int collect_data(BUF_MEM *buf, unsigned char **p, long plen); 71static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
72static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf, char *cst, 72 char inf, int tag, int aclass);
73 unsigned char **in, long len, int exptag, int expclass, char opt, ASN1_TLC *ctx); 73
74static int asn1_template_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx); 74static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen);
75static int asn1_template_noexp_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx); 75
76static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long len, 76static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
77 const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx); 77 char *inf, char *cst,
78 const unsigned char **in, long len,
79 int exptag, int expclass, char opt,
80 ASN1_TLC *ctx);
81
82static int asn1_template_ex_d2i(ASN1_VALUE **pval,
83 const unsigned char **in, long len,
84 const ASN1_TEMPLATE *tt, char opt,
85 ASN1_TLC *ctx);
86static int asn1_template_noexp_d2i(ASN1_VALUE **val,
87 const unsigned char **in, long len,
88 const ASN1_TEMPLATE *tt, char opt,
89 ASN1_TLC *ctx);
90static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
91 const unsigned char **in, long len,
92 const ASN1_ITEM *it,
93 int tag, int aclass, char opt, ASN1_TLC *ctx);
78 94
79/* Table to convert tags to bit values, used for MSTRING type */ 95/* Table to convert tags to bit values, used for MSTRING type */
80static unsigned long tag2bit[32]={ 96static const unsigned long tag2bit[32] = {
810, 0, 0, B_ASN1_BIT_STRING, /* tags 0 - 3 */ 970, 0, 0, B_ASN1_BIT_STRING, /* tags 0 - 3 */
82B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,/* tags 4- 7 */ 98B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,/* tags 4- 7 */
83B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 8-11 */ 99B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 8-11 */
84B_ASN1_UTF8STRING,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,/* tags 12-15 */ 100B_ASN1_UTF8STRING,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,/* tags 12-15 */
850, 0, B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING, /* tags 16-19 */ 101B_ASN1_SEQUENCE,0,B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING, /* tags 16-19 */
86B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING, /* tags 20-22 */ 102B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING, /* tags 20-22 */
87B_ASN1_UTCTIME, B_ASN1_GENERALIZEDTIME, /* tags 23-24 */ 103B_ASN1_UTCTIME, B_ASN1_GENERALIZEDTIME, /* tags 23-24 */
88B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING, /* tags 25-27 */ 104B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING, /* tags 25-27 */
@@ -90,14 +106,14 @@ B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_BMPSTRING,B_ASN1_UNKNOWN, /* tags 2
90 }; 106 };
91 107
92unsigned long ASN1_tag2bit(int tag) 108unsigned long ASN1_tag2bit(int tag)
93{ 109 {
94 if((tag < 0) || (tag > 30)) return 0; 110 if ((tag < 0) || (tag > 30)) return 0;
95 return tag2bit[tag]; 111 return tag2bit[tag];
96} 112 }
97 113
98/* Macro to initialize and invalidate the cache */ 114/* Macro to initialize and invalidate the cache */
99 115
100#define asn1_tlc_clear(c) if(c) (c)->valid = 0 116#define asn1_tlc_clear(c) if (c) (c)->valid = 0
101 117
102/* Decode an ASN1 item, this currently behaves just 118/* Decode an ASN1 item, this currently behaves just
103 * like a standard 'd2i' function. 'in' points to 119 * like a standard 'd2i' function. 'in' points to
@@ -107,113 +123,147 @@ unsigned long ASN1_tag2bit(int tag)
107 * case. 123 * case.
108 */ 124 */
109 125
110ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it) 126ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval,
111{ 127 const unsigned char **in, long len, const ASN1_ITEM *it)
128 {
112 ASN1_TLC c; 129 ASN1_TLC c;
113 ASN1_VALUE *ptmpval = NULL; 130 ASN1_VALUE *ptmpval = NULL;
114 if(!pval) pval = &ptmpval; 131 if (!pval)
115 asn1_tlc_clear(&c); 132 pval = &ptmpval;
116 if(ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0) 133 c.valid = 0;
134 if (ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0)
117 return *pval; 135 return *pval;
118 return NULL; 136 return NULL;
119} 137 }
120 138
121int ASN1_template_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt) 139int ASN1_template_d2i(ASN1_VALUE **pval,
122{ 140 const unsigned char **in, long len, const ASN1_TEMPLATE *tt)
141 {
123 ASN1_TLC c; 142 ASN1_TLC c;
124 asn1_tlc_clear(&c); 143 c.valid = 0;
125 return asn1_template_ex_d2i(pval, in, len, tt, 0, &c); 144 return asn1_template_ex_d2i(pval, in, len, tt, 0, &c);
126} 145 }
127 146
128 147
129/* Decode an item, taking care of IMPLICIT tagging, if any. 148/* Decode an item, taking care of IMPLICIT tagging, if any.
130 * If 'opt' set and tag mismatch return -1 to handle OPTIONAL 149 * If 'opt' set and tag mismatch return -1 to handle OPTIONAL
131 */ 150 */
132 151
133int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it, 152int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len,
134 int tag, int aclass, char opt, ASN1_TLC *ctx) 153 const ASN1_ITEM *it,
135{ 154 int tag, int aclass, char opt, ASN1_TLC *ctx)
155 {
136 const ASN1_TEMPLATE *tt, *errtt = NULL; 156 const ASN1_TEMPLATE *tt, *errtt = NULL;
137 const ASN1_COMPAT_FUNCS *cf; 157 const ASN1_COMPAT_FUNCS *cf;
138 const ASN1_EXTERN_FUNCS *ef; 158 const ASN1_EXTERN_FUNCS *ef;
139 const ASN1_AUX *aux = it->funcs; 159 const ASN1_AUX *aux = it->funcs;
140 ASN1_aux_cb *asn1_cb; 160 ASN1_aux_cb *asn1_cb;
141 unsigned char *p, *q, imphack = 0, oclass; 161 const unsigned char *p = NULL, *q;
162 unsigned char *wp=NULL; /* BIG FAT WARNING! BREAKS CONST WHERE USED */
163 unsigned char imphack = 0, oclass;
142 char seq_eoc, seq_nolen, cst, isopt; 164 char seq_eoc, seq_nolen, cst, isopt;
143 long tmplen; 165 long tmplen;
144 int i; 166 int i;
145 int otag; 167 int otag;
146 int ret = 0; 168 int ret = 0;
147 ASN1_VALUE *pchval, **pchptr, *ptmpval; 169 ASN1_VALUE *pchval, **pchptr, *ptmpval;
148 if(!pval) return 0; 170 if (!pval)
149 if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb; 171 return 0;
172 if (aux && aux->asn1_cb)
173 asn1_cb = aux->asn1_cb;
150 else asn1_cb = 0; 174 else asn1_cb = 0;
151 175
152 switch(it->itype) { 176 switch(it->itype)
153 177 {
154 case ASN1_ITYPE_PRIMITIVE: 178 case ASN1_ITYPE_PRIMITIVE:
155 if(it->templates) { 179 if (it->templates)
156 /* tagging or OPTIONAL is currently illegal on an item template 180 {
157 * because the flags can't get passed down. In practice this isn't 181 /* tagging or OPTIONAL is currently illegal on an item
158 * a problem: we include the relevant flags from the item template 182 * template because the flags can't get passed down.
159 * in the template itself. 183 * In practice this isn't a problem: we include the
184 * relevant flags from the item template in the
185 * template itself.
160 */ 186 */
161 if ((tag != -1) || opt) { 187 if ((tag != -1) || opt)
162 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE); 188 {
189 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
190 ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE);
163 goto err; 191 goto err;
164 } 192 }
165 return asn1_template_ex_d2i(pval, in, len, it->templates, opt, ctx); 193 return asn1_template_ex_d2i(pval, in, len,
194 it->templates, opt, ctx);
166 } 195 }
167 return asn1_d2i_ex_primitive(pval, in, len, it, tag, aclass, opt, ctx); 196 return asn1_d2i_ex_primitive(pval, in, len, it,
197 tag, aclass, opt, ctx);
168 break; 198 break;
169 199
170 case ASN1_ITYPE_MSTRING: 200 case ASN1_ITYPE_MSTRING:
171 p = *in; 201 p = *in;
172 /* Just read in tag and class */ 202 /* Just read in tag and class */
173 ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL, &p, len, -1, 0, 1, ctx); 203 ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL,
174 if(!ret) { 204 &p, len, -1, 0, 1, ctx);
175 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); 205 if (!ret)
206 {
207 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
208 ERR_R_NESTED_ASN1_ERROR);
176 goto err; 209 goto err;
177 } 210 }
211
178 /* Must be UNIVERSAL class */ 212 /* Must be UNIVERSAL class */
179 if(oclass != V_ASN1_UNIVERSAL) { 213 if (oclass != V_ASN1_UNIVERSAL)
214 {
180 /* If OPTIONAL, assume this is OK */ 215 /* If OPTIONAL, assume this is OK */
181 if(opt) return -1; 216 if (opt) return -1;
182 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_NOT_UNIVERSAL); 217 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
218 ASN1_R_MSTRING_NOT_UNIVERSAL);
183 goto err; 219 goto err;
184 } 220 }
185 /* Check tag matches bit map */ 221 /* Check tag matches bit map */
186 if(!(ASN1_tag2bit(otag) & it->utype)) { 222 if (!(ASN1_tag2bit(otag) & it->utype))
223 {
187 /* If OPTIONAL, assume this is OK */ 224 /* If OPTIONAL, assume this is OK */
188 if(opt) return -1; 225 if (opt)
189 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_WRONG_TAG); 226 return -1;
227 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
228 ASN1_R_MSTRING_WRONG_TAG);
190 goto err; 229 goto err;
191 } 230 }
192 return asn1_d2i_ex_primitive(pval, in, len, it, otag, 0, 0, ctx); 231 return asn1_d2i_ex_primitive(pval, in, len,
232 it, otag, 0, 0, ctx);
193 233
194 case ASN1_ITYPE_EXTERN: 234 case ASN1_ITYPE_EXTERN:
195 /* Use new style d2i */ 235 /* Use new style d2i */
196 ef = it->funcs; 236 ef = it->funcs;
197 return ef->asn1_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx); 237 return ef->asn1_ex_d2i(pval, in, len,
238 it, tag, aclass, opt, ctx);
198 239
199 case ASN1_ITYPE_COMPAT: 240 case ASN1_ITYPE_COMPAT:
200 /* we must resort to old style evil hackery */ 241 /* we must resort to old style evil hackery */
201 cf = it->funcs; 242 cf = it->funcs;
202 243
203 /* If OPTIONAL see if it is there */ 244 /* If OPTIONAL see if it is there */
204 if(opt) { 245 if (opt)
246 {
205 int exptag; 247 int exptag;
206 p = *in; 248 p = *in;
207 if(tag == -1) exptag = it->utype; 249 if (tag == -1)
250 exptag = it->utype;
208 else exptag = tag; 251 else exptag = tag;
209 /* Don't care about anything other than presence of expected tag */ 252 /* Don't care about anything other than presence
210 ret = asn1_check_tlen(NULL, NULL, NULL, NULL, NULL, &p, len, exptag, aclass, 1, ctx); 253 * of expected tag */
211 if(!ret) { 254
212 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); 255 ret = asn1_check_tlen(NULL, NULL, NULL, NULL, NULL,
256 &p, len, exptag, aclass, 1, ctx);
257 if (!ret)
258 {
259 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
260 ERR_R_NESTED_ASN1_ERROR);
213 goto err; 261 goto err;
262 }
263 if (ret == -1)
264 return -1;
214 } 265 }
215 if(ret == -1) return -1; 266
216 }
217 /* This is the old style evil hack IMPLICIT handling: 267 /* This is the old style evil hack IMPLICIT handling:
218 * since the underlying code is expecting a tag and 268 * since the underlying code is expecting a tag and
219 * class other than the one present we change the 269 * class other than the one present we change the
@@ -229,245 +279,332 @@ int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1
229 * buffer. 279 * buffer.
230 */ 280 */
231 281
232 if(tag != -1) { 282 if (tag != -1)
233 p = *in; 283 {
234 imphack = *p; 284 wp = *(unsigned char **)in;
235 *p = (unsigned char)((*p & V_ASN1_CONSTRUCTED) | it->utype); 285 imphack = *wp;
236 } 286 if (p == NULL)
287 {
288 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
289 ERR_R_NESTED_ASN1_ERROR);
290 goto err;
291 }
292 *wp = (unsigned char)((*p & V_ASN1_CONSTRUCTED)
293 | it->utype);
294 }
237 295
238 ptmpval = cf->asn1_d2i(pval, in, len); 296 ptmpval = cf->asn1_d2i(pval, in, len);
239 297
240 if(tag != -1) *p = imphack; 298 if (tag != -1)
299 *wp = imphack;
300
301 if (ptmpval)
302 return 1;
241 303
242 if(ptmpval) return 1;
243 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); 304 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
244 goto err; 305 goto err;
245 306
246 307
247 case ASN1_ITYPE_CHOICE: 308 case ASN1_ITYPE_CHOICE:
248 if(asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it)) 309 if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it))
249 goto auxerr; 310 goto auxerr;
250 311
251 /* Allocate structure */ 312 /* Allocate structure */
252 if(!*pval) { 313 if (!*pval && !ASN1_item_ex_new(pval, it))
253 if(!ASN1_item_ex_new(pval, it)) { 314 {
254 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); 315 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
255 goto err; 316 ERR_R_NESTED_ASN1_ERROR);
317 goto err;
256 } 318 }
257 }
258 /* CHOICE type, try each possibility in turn */ 319 /* CHOICE type, try each possibility in turn */
259 pchval = NULL; 320 pchval = NULL;
260 p = *in; 321 p = *in;
261 for(i = 0, tt=it->templates; i < it->tcount; i++, tt++) { 322 for (i = 0, tt=it->templates; i < it->tcount; i++, tt++)
323 {
262 pchptr = asn1_get_field_ptr(pval, tt); 324 pchptr = asn1_get_field_ptr(pval, tt);
263 /* We mark field as OPTIONAL so its absence 325 /* We mark field as OPTIONAL so its absence
264 * can be recognised. 326 * can be recognised.
265 */ 327 */
266 ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx); 328 ret = asn1_template_ex_d2i(pchptr, &p, len, tt, 1, ctx);
267 /* If field not present, try the next one */ 329 /* If field not present, try the next one */
268 if(ret == -1) continue; 330 if (ret == -1)
331 continue;
269 /* If positive return, read OK, break loop */ 332 /* If positive return, read OK, break loop */
270 if(ret > 0) break; 333 if (ret > 0)
334 break;
271 /* Otherwise must be an ASN1 parsing error */ 335 /* Otherwise must be an ASN1 parsing error */
272 errtt = tt; 336 errtt = tt;
273 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); 337 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
338 ERR_R_NESTED_ASN1_ERROR);
274 goto err; 339 goto err;
275 } 340 }
341
276 /* Did we fall off the end without reading anything? */ 342 /* Did we fall off the end without reading anything? */
277 if(i == it->tcount) { 343 if (i == it->tcount)
344 {
278 /* If OPTIONAL, this is OK */ 345 /* If OPTIONAL, this is OK */
279 if(opt) { 346 if (opt)
347 {
280 /* Free and zero it */ 348 /* Free and zero it */
281 ASN1_item_ex_free(pval, it); 349 ASN1_item_ex_free(pval, it);
282 return -1; 350 return -1;
283 } 351 }
284 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_NO_MATCHING_CHOICE_TYPE); 352 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
353 ASN1_R_NO_MATCHING_CHOICE_TYPE);
285 goto err; 354 goto err;
286 } 355 }
356
287 asn1_set_choice_selector(pval, i, it); 357 asn1_set_choice_selector(pval, i, it);
288 *in = p; 358 *in = p;
289 if(asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it)) 359 if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it))
290 goto auxerr; 360 goto auxerr;
291 return 1; 361 return 1;
292 362
363 case ASN1_ITYPE_NDEF_SEQUENCE:
293 case ASN1_ITYPE_SEQUENCE: 364 case ASN1_ITYPE_SEQUENCE:
294 p = *in; 365 p = *in;
295 tmplen = len; 366 tmplen = len;
296 367
297 /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */ 368 /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
298 if(tag == -1) { 369 if (tag == -1)
370 {
299 tag = V_ASN1_SEQUENCE; 371 tag = V_ASN1_SEQUENCE;
300 aclass = V_ASN1_UNIVERSAL; 372 aclass = V_ASN1_UNIVERSAL;
301 } 373 }
302 /* Get SEQUENCE length and update len, p */ 374 /* Get SEQUENCE length and update len, p */
303 ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst, &p, len, tag, aclass, opt, ctx); 375 ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst,
304 if(!ret) { 376 &p, len, tag, aclass, opt, ctx);
305 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); 377 if (!ret)
378 {
379 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
380 ERR_R_NESTED_ASN1_ERROR);
306 goto err; 381 goto err;
307 } else if(ret == -1) return -1; 382 }
308 if(aux && (aux->flags & ASN1_AFLG_BROKEN)) { 383 else if (ret == -1)
384 return -1;
385 if (aux && (aux->flags & ASN1_AFLG_BROKEN))
386 {
309 len = tmplen - (p - *in); 387 len = tmplen - (p - *in);
310 seq_nolen = 1; 388 seq_nolen = 1;
311 } else seq_nolen = seq_eoc; /* If indefinite we don't do a length check */ 389 }
312 if(!cst) { 390 /* If indefinite we don't do a length check */
313 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_NOT_CONSTRUCTED); 391 else seq_nolen = seq_eoc;
392 if (!cst)
393 {
394 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
395 ASN1_R_SEQUENCE_NOT_CONSTRUCTED);
314 goto err; 396 goto err;
315 } 397 }
316 398
317 if(!*pval) { 399 if (!*pval && !ASN1_item_ex_new(pval, it))
318 if(!ASN1_item_ex_new(pval, it)) { 400 {
319 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); 401 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
320 goto err; 402 ERR_R_NESTED_ASN1_ERROR);
403 goto err;
321 } 404 }
322 } 405
323 if(asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it)) 406 if (asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it))
324 goto auxerr; 407 goto auxerr;
325 408
326 /* Get each field entry */ 409 /* Get each field entry */
327 for(i = 0, tt = it->templates; i < it->tcount; i++, tt++) { 410 for (i = 0, tt = it->templates; i < it->tcount; i++, tt++)
411 {
328 const ASN1_TEMPLATE *seqtt; 412 const ASN1_TEMPLATE *seqtt;
329 ASN1_VALUE **pseqval; 413 ASN1_VALUE **pseqval;
330 seqtt = asn1_do_adb(pval, tt, 1); 414 seqtt = asn1_do_adb(pval, tt, 1);
331 if(!seqtt) goto err; 415 if (!seqtt)
416 goto err;
332 pseqval = asn1_get_field_ptr(pval, seqtt); 417 pseqval = asn1_get_field_ptr(pval, seqtt);
333 /* Have we ran out of data? */ 418 /* Have we ran out of data? */
334 if(!len) break; 419 if (!len)
420 break;
335 q = p; 421 q = p;
336 if(asn1_check_eoc(&p, len)) { 422 if (asn1_check_eoc(&p, len))
337 if(!seq_eoc) { 423 {
338 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_UNEXPECTED_EOC); 424 if (!seq_eoc)
425 {
426 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
427 ASN1_R_UNEXPECTED_EOC);
339 goto err; 428 goto err;
340 } 429 }
341 len -= p - q; 430 len -= p - q;
342 seq_eoc = 0; 431 seq_eoc = 0;
343 q = p; 432 q = p;
344 break; 433 break;
345 } 434 }
346 /* This determines the OPTIONAL flag value. The field cannot 435 /* This determines the OPTIONAL flag value. The field
347 * be omitted if it is the last of a SEQUENCE and there is 436 * cannot be omitted if it is the last of a SEQUENCE
348 * still data to be read. This isn't strictly necessary but 437 * and there is still data to be read. This isn't
349 * it increases efficiency in some cases. 438 * strictly necessary but it increases efficiency in
439 * some cases.
350 */ 440 */
351 if(i == (it->tcount - 1)) isopt = 0; 441 if (i == (it->tcount - 1))
442 isopt = 0;
352 else isopt = (char)(seqtt->flags & ASN1_TFLG_OPTIONAL); 443 else isopt = (char)(seqtt->flags & ASN1_TFLG_OPTIONAL);
353 /* attempt to read in field, allowing each to be OPTIONAL */ 444 /* attempt to read in field, allowing each to be
354 ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx); 445 * OPTIONAL */
355 if(!ret) { 446
447 ret = asn1_template_ex_d2i(pseqval, &p, len,
448 seqtt, isopt, ctx);
449 if (!ret)
450 {
356 errtt = seqtt; 451 errtt = seqtt;
357 goto err; 452 goto err;
358 } else if(ret == -1) { 453 }
359 /* OPTIONAL component absent. Free and zero the field 454 else if (ret == -1)
455 {
456 /* OPTIONAL component absent.
457 * Free and zero the field.
360 */ 458 */
361 ASN1_template_free(pseqval, seqtt); 459 ASN1_template_free(pseqval, seqtt);
362 continue; 460 continue;
363 } 461 }
364 /* Update length */ 462 /* Update length */
365 len -= p - q; 463 len -= p - q;
366 } 464 }
465
367 /* Check for EOC if expecting one */ 466 /* Check for EOC if expecting one */
368 if(seq_eoc && !asn1_check_eoc(&p, len)) { 467 if (seq_eoc && !asn1_check_eoc(&p, len))
468 {
369 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MISSING_EOC); 469 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MISSING_EOC);
370 goto err; 470 goto err;
371 } 471 }
372 /* Check all data read */ 472 /* Check all data read */
373 if(!seq_nolen && len) { 473 if (!seq_nolen && len)
374 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_LENGTH_MISMATCH); 474 {
475 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
476 ASN1_R_SEQUENCE_LENGTH_MISMATCH);
375 goto err; 477 goto err;
376 } 478 }
377 479
378 /* If we get here we've got no more data in the SEQUENCE, 480 /* If we get here we've got no more data in the SEQUENCE,
379 * however we may not have read all fields so check all 481 * however we may not have read all fields so check all
380 * remaining are OPTIONAL and clear any that are. 482 * remaining are OPTIONAL and clear any that are.
381 */ 483 */
382 for(; i < it->tcount; tt++, i++) { 484 for (; i < it->tcount; tt++, i++)
485 {
383 const ASN1_TEMPLATE *seqtt; 486 const ASN1_TEMPLATE *seqtt;
384 seqtt = asn1_do_adb(pval, tt, 1); 487 seqtt = asn1_do_adb(pval, tt, 1);
385 if(!seqtt) goto err; 488 if (!seqtt)
386 if(seqtt->flags & ASN1_TFLG_OPTIONAL) { 489 goto err;
490 if (seqtt->flags & ASN1_TFLG_OPTIONAL)
491 {
387 ASN1_VALUE **pseqval; 492 ASN1_VALUE **pseqval;
388 pseqval = asn1_get_field_ptr(pval, seqtt); 493 pseqval = asn1_get_field_ptr(pval, seqtt);
389 ASN1_template_free(pseqval, seqtt); 494 ASN1_template_free(pseqval, seqtt);
390 } else { 495 }
496 else
497 {
391 errtt = seqtt; 498 errtt = seqtt;
392 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_FIELD_MISSING); 499 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I,
500 ASN1_R_FIELD_MISSING);
393 goto err; 501 goto err;
502 }
394 } 503 }
395 }
396 /* Save encoding */ 504 /* Save encoding */
397 if(!asn1_enc_save(pval, *in, p - *in, it)) goto auxerr; 505 if (!asn1_enc_save(pval, *in, p - *in, it))
506 goto auxerr;
398 *in = p; 507 *in = p;
399 if(asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it)) 508 if (asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it))
400 goto auxerr; 509 goto auxerr;
401 return 1; 510 return 1;
402 511
403 default: 512 default:
404 return 0; 513 return 0;
405 } 514 }
406 auxerr: 515 auxerr:
407 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR); 516 ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR);
408 err: 517 err:
409 ASN1_item_ex_free(pval, it); 518 ASN1_item_ex_free(pval, it);
410 if(errtt) ERR_add_error_data(4, "Field=", errtt->field_name, ", Type=", it->sname); 519 if (errtt)
411 else ERR_add_error_data(2, "Type=", it->sname); 520 ERR_add_error_data(4, "Field=", errtt->field_name,
521 ", Type=", it->sname);
522 else
523 ERR_add_error_data(2, "Type=", it->sname);
412 return 0; 524 return 0;
413} 525 }
414 526
415/* Templates are handled with two separate functions. One handles any EXPLICIT tag and the other handles the 527/* Templates are handled with two separate functions.
416 * rest. 528 * One handles any EXPLICIT tag and the other handles the rest.
417 */ 529 */
418 530
419static int asn1_template_ex_d2i(ASN1_VALUE **val, unsigned char **in, long inlen, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx) 531static int asn1_template_ex_d2i(ASN1_VALUE **val,
420{ 532 const unsigned char **in, long inlen,
533 const ASN1_TEMPLATE *tt, char opt,
534 ASN1_TLC *ctx)
535 {
421 int flags, aclass; 536 int flags, aclass;
422 int ret; 537 int ret;
423 long len; 538 long len;
424 unsigned char *p, *q; 539 const unsigned char *p, *q;
425 char exp_eoc; 540 char exp_eoc;
426 if(!val) return 0; 541 if (!val)
542 return 0;
427 flags = tt->flags; 543 flags = tt->flags;
428 aclass = flags & ASN1_TFLG_TAG_CLASS; 544 aclass = flags & ASN1_TFLG_TAG_CLASS;
429 545
430 p = *in; 546 p = *in;
431 547
432 /* Check if EXPLICIT tag expected */ 548 /* Check if EXPLICIT tag expected */
433 if(flags & ASN1_TFLG_EXPTAG) { 549 if (flags & ASN1_TFLG_EXPTAG)
550 {
434 char cst; 551 char cst;
435 /* Need to work out amount of data available to the inner content and where it 552 /* Need to work out amount of data available to the inner
436 * starts: so read in EXPLICIT header to get the info. 553 * content and where it starts: so read in EXPLICIT header to
554 * get the info.
437 */ 555 */
438 ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst, &p, inlen, tt->tag, aclass, opt, ctx); 556 ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst,
557 &p, inlen, tt->tag, aclass, opt, ctx);
439 q = p; 558 q = p;
440 if(!ret) { 559 if (!ret)
441 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR); 560 {
561 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
562 ERR_R_NESTED_ASN1_ERROR);
442 return 0; 563 return 0;
443 } else if(ret == -1) return -1; 564 }
444 if(!cst) { 565 else if (ret == -1)
445 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED); 566 return -1;
567 if (!cst)
568 {
569 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
570 ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED);
446 return 0; 571 return 0;
447 } 572 }
448 /* We've found the field so it can't be OPTIONAL now */ 573 /* We've found the field so it can't be OPTIONAL now */
449 ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx); 574 ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx);
450 if(!ret) { 575 if (!ret)
451 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR); 576 {
577 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
578 ERR_R_NESTED_ASN1_ERROR);
452 return 0; 579 return 0;
453 } 580 }
454 /* We read the field in OK so update length */ 581 /* We read the field in OK so update length */
455 len -= p - q; 582 len -= p - q;
456 if(exp_eoc) { 583 if (exp_eoc)
584 {
457 /* If NDEF we must have an EOC here */ 585 /* If NDEF we must have an EOC here */
458 if(!asn1_check_eoc(&p, len)) { 586 if (!asn1_check_eoc(&p, len))
459 ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_MISSING_EOC); 587 {
588 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
589 ASN1_R_MISSING_EOC);
460 goto err; 590 goto err;
591 }
461 } 592 }
462 } else { 593 else
463 /* Otherwise we must hit the EXPLICIT tag end or its an error */ 594 {
464 if(len) { 595 /* Otherwise we must hit the EXPLICIT tag end or its
465 ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_EXPLICIT_LENGTH_MISMATCH); 596 * an error */
597 if (len)
598 {
599 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I,
600 ASN1_R_EXPLICIT_LENGTH_MISMATCH);
466 goto err; 601 goto err;
602 }
467 } 603 }
468 } 604 }
469 } else 605 else
470 return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx); 606 return asn1_template_noexp_d2i(val, in, inlen,
607 tt, opt, ctx);
471 608
472 *in = p; 609 *in = p;
473 return 1; 610 return 1;
@@ -476,98 +613,145 @@ static int asn1_template_ex_d2i(ASN1_VALUE **val, unsigned char **in, long inlen
476 ASN1_template_free(val, tt); 613 ASN1_template_free(val, tt);
477 *val = NULL; 614 *val = NULL;
478 return 0; 615 return 0;
479} 616 }
480 617
481static int asn1_template_noexp_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx) 618static int asn1_template_noexp_d2i(ASN1_VALUE **val,
482{ 619 const unsigned char **in, long len,
620 const ASN1_TEMPLATE *tt, char opt,
621 ASN1_TLC *ctx)
622 {
483 int flags, aclass; 623 int flags, aclass;
484 int ret; 624 int ret;
485 unsigned char *p, *q; 625 const unsigned char *p, *q;
486 if(!val) return 0; 626 if (!val)
627 return 0;
487 flags = tt->flags; 628 flags = tt->flags;
488 aclass = flags & ASN1_TFLG_TAG_CLASS; 629 aclass = flags & ASN1_TFLG_TAG_CLASS;
489 630
490 p = *in; 631 p = *in;
491 q = p; 632 q = p;
492 633
493 if(flags & ASN1_TFLG_SK_MASK) { 634 if (flags & ASN1_TFLG_SK_MASK)
635 {
494 /* SET OF, SEQUENCE OF */ 636 /* SET OF, SEQUENCE OF */
495 int sktag, skaclass; 637 int sktag, skaclass;
496 char sk_eoc; 638 char sk_eoc;
497 /* First work out expected inner tag value */ 639 /* First work out expected inner tag value */
498 if(flags & ASN1_TFLG_IMPTAG) { 640 if (flags & ASN1_TFLG_IMPTAG)
641 {
499 sktag = tt->tag; 642 sktag = tt->tag;
500 skaclass = aclass; 643 skaclass = aclass;
501 } else { 644 }
645 else
646 {
502 skaclass = V_ASN1_UNIVERSAL; 647 skaclass = V_ASN1_UNIVERSAL;
503 if(flags & ASN1_TFLG_SET_OF) sktag = V_ASN1_SET; 648 if (flags & ASN1_TFLG_SET_OF)
504 else sktag = V_ASN1_SEQUENCE; 649 sktag = V_ASN1_SET;
505 } 650 else
651 sktag = V_ASN1_SEQUENCE;
652 }
506 /* Get the tag */ 653 /* Get the tag */
507 ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL, &p, len, sktag, skaclass, opt, ctx); 654 ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL,
508 if(!ret) { 655 &p, len, sktag, skaclass, opt, ctx);
509 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR); 656 if (!ret)
657 {
658 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
659 ERR_R_NESTED_ASN1_ERROR);
510 return 0; 660 return 0;
511 } else if(ret == -1) return -1; 661 }
512 if(!*val) *val = (ASN1_VALUE *)sk_new_null(); 662 else if (ret == -1)
513 else { 663 return -1;
664 if (!*val)
665 *val = (ASN1_VALUE *)sk_new_null();
666 else
667 {
514 /* We've got a valid STACK: free up any items present */ 668 /* We've got a valid STACK: free up any items present */
515 STACK *sktmp = (STACK *)*val; 669 STACK *sktmp = (STACK *)*val;
516 ASN1_VALUE *vtmp; 670 ASN1_VALUE *vtmp;
517 while(sk_num(sktmp) > 0) { 671 while(sk_num(sktmp) > 0)
672 {
518 vtmp = (ASN1_VALUE *)sk_pop(sktmp); 673 vtmp = (ASN1_VALUE *)sk_pop(sktmp);
519 ASN1_item_ex_free(&vtmp, ASN1_ITEM_ptr(tt->item)); 674 ASN1_item_ex_free(&vtmp,
675 ASN1_ITEM_ptr(tt->item));
676 }
520 } 677 }
521 }
522 678
523 if(!*val) { 679 if (!*val)
524 ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_MALLOC_FAILURE); 680 {
681 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
682 ERR_R_MALLOC_FAILURE);
525 goto err; 683 goto err;
526 } 684 }
685
527 /* Read as many items as we can */ 686 /* Read as many items as we can */
528 while(len > 0) { 687 while(len > 0)
688 {
529 ASN1_VALUE *skfield; 689 ASN1_VALUE *skfield;
530 q = p; 690 q = p;
531 /* See if EOC found */ 691 /* See if EOC found */
532 if(asn1_check_eoc(&p, len)) { 692 if (asn1_check_eoc(&p, len))
533 if(!sk_eoc) { 693 {
534 ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_UNEXPECTED_EOC); 694 if (!sk_eoc)
695 {
696 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
697 ASN1_R_UNEXPECTED_EOC);
535 goto err; 698 goto err;
536 } 699 }
537 len -= p - q; 700 len -= p - q;
538 sk_eoc = 0; 701 sk_eoc = 0;
539 break; 702 break;
540 } 703 }
541 skfield = NULL; 704 skfield = NULL;
542 if(!ASN1_item_ex_d2i(&skfield, &p, len, ASN1_ITEM_ptr(tt->item), -1, 0, 0, ctx)) { 705 if (!ASN1_item_ex_d2i(&skfield, &p, len,
543 ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR); 706 ASN1_ITEM_ptr(tt->item),
707 -1, 0, 0, ctx))
708 {
709 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
710 ERR_R_NESTED_ASN1_ERROR);
544 goto err; 711 goto err;
545 } 712 }
546 len -= p - q; 713 len -= p - q;
547 if(!sk_push((STACK *)*val, (char *)skfield)) { 714 if (!sk_push((STACK *)*val, (char *)skfield))
548 ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_MALLOC_FAILURE); 715 {
716 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
717 ERR_R_MALLOC_FAILURE);
549 goto err; 718 goto err;
719 }
550 } 720 }
551 } 721 if (sk_eoc)
552 if(sk_eoc) { 722 {
553 ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_MISSING_EOC); 723 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, ASN1_R_MISSING_EOC);
554 goto err; 724 goto err;
725 }
555 } 726 }
556 } else if(flags & ASN1_TFLG_IMPTAG) { 727 else if (flags & ASN1_TFLG_IMPTAG)
728 {
557 /* IMPLICIT tagging */ 729 /* IMPLICIT tagging */
558 ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, ctx); 730 ret = ASN1_item_ex_d2i(val, &p, len,
559 if(!ret) { 731 ASN1_ITEM_ptr(tt->item), tt->tag, aclass, opt, ctx);
560 ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR); 732 if (!ret)
733 {
734 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
735 ERR_R_NESTED_ASN1_ERROR);
561 goto err; 736 goto err;
562 } else if(ret == -1) return -1; 737 }
563 } else { 738 else if (ret == -1)
739 return -1;
740 }
741 else
742 {
564 /* Nothing special */ 743 /* Nothing special */
565 ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item), -1, 0, opt, ctx); 744 ret = ASN1_item_ex_d2i(val, &p, len, ASN1_ITEM_ptr(tt->item),
566 if(!ret) { 745 -1, 0, opt, ctx);
567 ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR); 746 if (!ret)
747 {
748 ASN1err(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I,
749 ERR_R_NESTED_ASN1_ERROR);
568 goto err; 750 goto err;
569 } else if(ret == -1) return -1; 751 }
570 } 752 else if (ret == -1)
753 return -1;
754 }
571 755
572 *in = p; 756 *in = p;
573 return 1; 757 return 1;
@@ -576,85 +760,115 @@ static int asn1_template_noexp_d2i(ASN1_VALUE **val, unsigned char **in, long le
576 ASN1_template_free(val, tt); 760 ASN1_template_free(val, tt);
577 *val = NULL; 761 *val = NULL;
578 return 0; 762 return 0;
579} 763 }
580 764
581static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inlen, 765static int asn1_d2i_ex_primitive(ASN1_VALUE **pval,
582 const ASN1_ITEM *it, 766 const unsigned char **in, long inlen,
583 int tag, int aclass, char opt, ASN1_TLC *ctx) 767 const ASN1_ITEM *it,
584{ 768 int tag, int aclass, char opt, ASN1_TLC *ctx)
769 {
585 int ret = 0, utype; 770 int ret = 0, utype;
586 long plen; 771 long plen;
587 char cst, inf, free_cont = 0; 772 char cst, inf, free_cont = 0;
588 unsigned char *p; 773 const unsigned char *p;
589 BUF_MEM buf; 774 BUF_MEM buf;
590 unsigned char *cont = NULL; 775 const unsigned char *cont = NULL;
591 long len; 776 long len;
592 if(!pval) { 777 if (!pval)
778 {
593 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_NULL); 779 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_NULL);
594 return 0; /* Should never happen */ 780 return 0; /* Should never happen */
595 } 781 }
596 782
597 if(it->itype == ASN1_ITYPE_MSTRING) { 783 if (it->itype == ASN1_ITYPE_MSTRING)
784 {
598 utype = tag; 785 utype = tag;
599 tag = -1; 786 tag = -1;
600 } else utype = it->utype; 787 }
788 else
789 utype = it->utype;
601 790
602 if(utype == V_ASN1_ANY) { 791 if (utype == V_ASN1_ANY)
792 {
603 /* If type is ANY need to figure out type from tag */ 793 /* If type is ANY need to figure out type from tag */
604 unsigned char oclass; 794 unsigned char oclass;
605 if(tag >= 0) { 795 if (tag >= 0)
606 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_TAGGED_ANY); 796 {
797 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
798 ASN1_R_ILLEGAL_TAGGED_ANY);
607 return 0; 799 return 0;
608 } 800 }
609 if(opt) { 801 if (opt)
610 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_OPTIONAL_ANY); 802 {
803 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
804 ASN1_R_ILLEGAL_OPTIONAL_ANY);
611 return 0; 805 return 0;
612 } 806 }
613 p = *in; 807 p = *in;
614 ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL, &p, inlen, -1, 0, 0, ctx); 808 ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL,
615 if(!ret) { 809 &p, inlen, -1, 0, 0, ctx);
616 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR); 810 if (!ret)
811 {
812 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
813 ERR_R_NESTED_ASN1_ERROR);
617 return 0; 814 return 0;
815 }
816 if (oclass != V_ASN1_UNIVERSAL)
817 utype = V_ASN1_OTHER;
618 } 818 }
619 if(oclass != V_ASN1_UNIVERSAL) utype = V_ASN1_OTHER; 819 if (tag == -1)
620 } 820 {
621 if(tag == -1) {
622 tag = utype; 821 tag = utype;
623 aclass = V_ASN1_UNIVERSAL; 822 aclass = V_ASN1_UNIVERSAL;
624 } 823 }
625 p = *in; 824 p = *in;
626 /* Check header */ 825 /* Check header */
627 ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst, &p, inlen, tag, aclass, opt, ctx); 826 ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst,
628 if(!ret) { 827 &p, inlen, tag, aclass, opt, ctx);
828 if (!ret)
829 {
629 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR); 830 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR);
630 return 0; 831 return 0;
631 } else if(ret == -1) return -1; 832 }
632 833 else if (ret == -1)
633 ret = 0; 834 return -1;
835 ret = 0;
634 /* SEQUENCE, SET and "OTHER" are left in encoded form */ 836 /* SEQUENCE, SET and "OTHER" are left in encoded form */
635 if((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) { 837 if ((utype == V_ASN1_SEQUENCE)
636 /* Clear context cache for type OTHER because the auto clear when 838 || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER))
637 * we have a exact match wont work 839 {
840 /* Clear context cache for type OTHER because the auto clear
841 * when we have a exact match wont work
638 */ 842 */
639 if(utype == V_ASN1_OTHER) { 843 if (utype == V_ASN1_OTHER)
844 {
640 asn1_tlc_clear(ctx); 845 asn1_tlc_clear(ctx);
846 }
641 /* SEQUENCE and SET must be constructed */ 847 /* SEQUENCE and SET must be constructed */
642 } else if(!cst) { 848 else if (!cst)
643 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_TYPE_NOT_CONSTRUCTED); 849 {
850 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
851 ASN1_R_TYPE_NOT_CONSTRUCTED);
644 return 0; 852 return 0;
645 } 853 }
646 854
647 cont = *in; 855 cont = *in;
648 /* If indefinite length constructed find the real end */ 856 /* If indefinite length constructed find the real end */
649 if(inf) { 857 if (inf)
650 if(!asn1_find_end(&p, plen, inf)) goto err; 858 {
859 if (!asn1_find_end(&p, plen, inf))
860 goto err;
651 len = p - cont; 861 len = p - cont;
652 } else { 862 }
863 else
864 {
653 len = p - cont + plen; 865 len = p - cont + plen;
654 p += plen; 866 p += plen;
655 buf.data = NULL; 867 buf.data = NULL;
868 }
656 } 869 }
657 } else if(cst) { 870 else if (cst)
871 {
658 buf.length = 0; 872 buf.length = 0;
659 buf.max = 0; 873 buf.max = 0;
660 buf.data = NULL; 874 buf.data = NULL;
@@ -664,36 +878,46 @@ static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inl
664 * internally irrespective of the type. So instead just check 878 * internally irrespective of the type. So instead just check
665 * for UNIVERSAL class and ignore the tag. 879 * for UNIVERSAL class and ignore the tag.
666 */ 880 */
667 if(!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL)) goto err; 881 if (!asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL))
882 {
883 free_cont = 1;
884 goto err;
885 }
668 len = buf.length; 886 len = buf.length;
669 /* Append a final null to string */ 887 /* Append a final null to string */
670 if(!BUF_MEM_grow_clean(&buf, len + 1)) { 888 if (!BUF_MEM_grow_clean(&buf, len + 1))
671 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE); 889 {
890 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE,
891 ERR_R_MALLOC_FAILURE);
672 return 0; 892 return 0;
673 } 893 }
674 buf.data[len] = 0; 894 buf.data[len] = 0;
675 cont = (unsigned char *)buf.data; 895 cont = (const unsigned char *)buf.data;
676 free_cont = 1; 896 free_cont = 1;
677 } else { 897 }
898 else
899 {
678 cont = p; 900 cont = p;
679 len = plen; 901 len = plen;
680 p += plen; 902 p += plen;
681 } 903 }
682 904
683 /* We now have content length and type: translate into a structure */ 905 /* We now have content length and type: translate into a structure */
684 if(!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it)) goto err; 906 if (!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it))
907 goto err;
685 908
686 *in = p; 909 *in = p;
687 ret = 1; 910 ret = 1;
688 err: 911 err:
689 if(free_cont && buf.data) OPENSSL_free(buf.data); 912 if (free_cont && buf.data) OPENSSL_free(buf.data);
690 return ret; 913 return ret;
691} 914 }
692 915
693/* Translate ASN1 content octets into a structure */ 916/* Translate ASN1 content octets into a structure */
694 917
695int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it) 918int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
696{ 919 int utype, char *free_cont, const ASN1_ITEM *it)
920 {
697 ASN1_VALUE **opval = NULL; 921 ASN1_VALUE **opval = NULL;
698 ASN1_STRING *stmp; 922 ASN1_STRING *stmp;
699 ASN1_TYPE *typ = NULL; 923 ASN1_TYPE *typ = NULL;
@@ -701,43 +925,62 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char
701 const ASN1_PRIMITIVE_FUNCS *pf; 925 const ASN1_PRIMITIVE_FUNCS *pf;
702 ASN1_INTEGER **tint; 926 ASN1_INTEGER **tint;
703 pf = it->funcs; 927 pf = it->funcs;
704 if(pf && pf->prim_c2i) return pf->prim_c2i(pval, cont, len, utype, free_cont, it); 928
929 if (pf && pf->prim_c2i)
930 return pf->prim_c2i(pval, cont, len, utype, free_cont, it);
705 /* If ANY type clear type and set pointer to internal value */ 931 /* If ANY type clear type and set pointer to internal value */
706 if(it->utype == V_ASN1_ANY) { 932 if (it->utype == V_ASN1_ANY)
707 if(!*pval) { 933 {
934 if (!*pval)
935 {
708 typ = ASN1_TYPE_new(); 936 typ = ASN1_TYPE_new();
937 if (typ == NULL)
938 goto err;
709 *pval = (ASN1_VALUE *)typ; 939 *pval = (ASN1_VALUE *)typ;
710 } else typ = (ASN1_TYPE *)*pval; 940 }
711 if(utype != typ->type) ASN1_TYPE_set(typ, utype, NULL); 941 else
942 typ = (ASN1_TYPE *)*pval;
943
944 if (utype != typ->type)
945 ASN1_TYPE_set(typ, utype, NULL);
712 opval = pval; 946 opval = pval;
713 pval = (ASN1_VALUE **)&typ->value.ptr; 947 pval = &typ->value.asn1_value;
714 } 948 }
715 switch(utype) { 949 switch(utype)
950 {
716 case V_ASN1_OBJECT: 951 case V_ASN1_OBJECT:
717 if(!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len)) goto err; 952 if (!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len))
953 goto err;
718 break; 954 break;
719 955
720 case V_ASN1_NULL: 956 case V_ASN1_NULL:
721 if(len) { 957 if (len)
722 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_NULL_IS_WRONG_LENGTH); 958 {
959 ASN1err(ASN1_F_ASN1_EX_C2I,
960 ASN1_R_NULL_IS_WRONG_LENGTH);
723 goto err; 961 goto err;
724 } 962 }
725 *pval = (ASN1_VALUE *)1; 963 *pval = (ASN1_VALUE *)1;
726 break; 964 break;
727 965
728 case V_ASN1_BOOLEAN: 966 case V_ASN1_BOOLEAN:
729 if(len != 1) { 967 if (len != 1)
730 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_BOOLEAN_IS_WRONG_LENGTH); 968 {
969 ASN1err(ASN1_F_ASN1_EX_C2I,
970 ASN1_R_BOOLEAN_IS_WRONG_LENGTH);
731 goto err; 971 goto err;
732 } else { 972 }
973 else
974 {
733 ASN1_BOOLEAN *tbool; 975 ASN1_BOOLEAN *tbool;
734 tbool = (ASN1_BOOLEAN *)pval; 976 tbool = (ASN1_BOOLEAN *)pval;
735 *tbool = *cont; 977 *tbool = *cont;
736 } 978 }
737 break; 979 break;
738 980
739 case V_ASN1_BIT_STRING: 981 case V_ASN1_BIT_STRING:
740 if(!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len)) goto err; 982 if (!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len))
983 goto err;
741 break; 984 break;
742 985
743 case V_ASN1_INTEGER: 986 case V_ASN1_INTEGER:
@@ -745,7 +988,8 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char
745 case V_ASN1_ENUMERATED: 988 case V_ASN1_ENUMERATED:
746 case V_ASN1_NEG_ENUMERATED: 989 case V_ASN1_NEG_ENUMERATED:
747 tint = (ASN1_INTEGER **)pval; 990 tint = (ASN1_INTEGER **)pval;
748 if(!c2i_ASN1_INTEGER(tint, &cont, len)) goto err; 991 if (!c2i_ASN1_INTEGER(tint, &cont, len))
992 goto err;
749 /* Fixup type to match the expected form */ 993 /* Fixup type to match the expected form */
750 (*tint)->type = utype | ((*tint)->type & V_ASN1_NEG); 994 (*tint)->type = utype | ((*tint)->type & V_ASN1_NEG);
751 break; 995 break;
@@ -769,46 +1013,59 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char
769 case V_ASN1_SEQUENCE: 1013 case V_ASN1_SEQUENCE:
770 default: 1014 default:
771 /* All based on ASN1_STRING and handled the same */ 1015 /* All based on ASN1_STRING and handled the same */
772 if(!*pval) { 1016 if (!*pval)
1017 {
773 stmp = ASN1_STRING_type_new(utype); 1018 stmp = ASN1_STRING_type_new(utype);
774 if(!stmp) { 1019 if (!stmp)
775 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE); 1020 {
1021 ASN1err(ASN1_F_ASN1_EX_C2I,
1022 ERR_R_MALLOC_FAILURE);
776 goto err; 1023 goto err;
777 } 1024 }
778 *pval = (ASN1_VALUE *)stmp; 1025 *pval = (ASN1_VALUE *)stmp;
779 } else { 1026 }
1027 else
1028 {
780 stmp = (ASN1_STRING *)*pval; 1029 stmp = (ASN1_STRING *)*pval;
781 stmp->type = utype; 1030 stmp->type = utype;
782 } 1031 }
783 /* If we've already allocated a buffer use it */ 1032 /* If we've already allocated a buffer use it */
784 if(*free_cont) { 1033 if (*free_cont)
785 if(stmp->data) OPENSSL_free(stmp->data); 1034 {
786 stmp->data = cont; 1035 if (stmp->data)
1036 OPENSSL_free(stmp->data);
1037 stmp->data = (unsigned char *)cont; /* UGLY CAST! RL */
787 stmp->length = len; 1038 stmp->length = len;
788 *free_cont = 0; 1039 *free_cont = 0;
789 } else { 1040 }
790 if(!ASN1_STRING_set(stmp, cont, len)) { 1041 else
791 ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE); 1042 {
1043 if (!ASN1_STRING_set(stmp, cont, len))
1044 {
1045 ASN1err(ASN1_F_ASN1_EX_C2I,
1046 ERR_R_MALLOC_FAILURE);
792 ASN1_STRING_free(stmp); 1047 ASN1_STRING_free(stmp);
793 *pval = NULL; 1048 *pval = NULL;
794 goto err; 1049 goto err;
1050 }
795 } 1051 }
796 }
797 break; 1052 break;
798 } 1053 }
799 /* If ASN1_ANY and NULL type fix up value */ 1054 /* If ASN1_ANY and NULL type fix up value */
800 if(typ && utype==V_ASN1_NULL) typ->value.ptr = NULL; 1055 if (typ && (utype == V_ASN1_NULL))
1056 typ->value.ptr = NULL;
801 1057
802 ret = 1; 1058 ret = 1;
803 err: 1059 err:
804 if(!ret) 1060 if (!ret)
805 { 1061 {
806 ASN1_TYPE_free(typ); 1062 ASN1_TYPE_free(typ);
807 if (opval) 1063 if (opval)
808 *opval = NULL; 1064 *opval = NULL;
809 } 1065 }
810 return ret; 1066 return ret;
811} 1067 }
1068
812 1069
813/* This function finds the end of an ASN1 structure when passed its maximum 1070/* This function finds the end of an ASN1 structure when passed its maximum
814 * length, whether it is indefinite length and a pointer to the content. 1071 * length, whether it is indefinite length and a pointer to the content.
@@ -816,11 +1073,11 @@ int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char
816 * recurse on each indefinite length header. 1073 * recurse on each indefinite length header.
817 */ 1074 */
818 1075
819static int asn1_find_end(unsigned char **in, long len, char inf) 1076static int asn1_find_end(const unsigned char **in, long len, char inf)
820 { 1077 {
821 int expected_eoc; 1078 int expected_eoc;
822 long plen; 1079 long plen;
823 unsigned char *p = *in, *q; 1080 const unsigned char *p = *in, *q;
824 /* If not indefinite length constructed just add length */ 1081 /* If not indefinite length constructed just add length */
825 if (inf == 0) 1082 if (inf == 0)
826 { 1083 {
@@ -830,7 +1087,7 @@ static int asn1_find_end(unsigned char **in, long len, char inf)
830 expected_eoc = 1; 1087 expected_eoc = 1;
831 /* Indefinite length constructed form. Find the end when enough EOCs 1088 /* Indefinite length constructed form. Find the end when enough EOCs
832 * are found. If more indefinite length constructed headers 1089 * are found. If more indefinite length constructed headers
833 * are encountered increment the expected eoc count otherwise justi 1090 * are encountered increment the expected eoc count otherwise just
834 * skip to the end of the data. 1091 * skip to the end of the data.
835 */ 1092 */
836 while (len > 0) 1093 while (len > 0)
@@ -865,38 +1122,55 @@ static int asn1_find_end(unsigned char **in, long len, char inf)
865 *in = p; 1122 *in = p;
866 return 1; 1123 return 1;
867 } 1124 }
868
869/* This function collects the asn1 data from a constructred string 1125/* This function collects the asn1 data from a constructred string
870 * type into a buffer. The values of 'in' and 'len' should refer 1126 * type into a buffer. The values of 'in' and 'len' should refer
871 * to the contents of the constructed type and 'inf' should be set 1127 * to the contents of the constructed type and 'inf' should be set
872 * if it is indefinite length. 1128 * if it is indefinite length.
873 */ 1129 */
874 1130
875static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass) 1131static int asn1_collect(BUF_MEM *buf, const unsigned char **in, long len,
876{ 1132 char inf, int tag, int aclass)
877 unsigned char *p, *q; 1133 {
1134 const unsigned char *p, *q;
878 long plen; 1135 long plen;
879 char cst, ininf; 1136 char cst, ininf;
880 p = *in; 1137 p = *in;
881 inf &= 1; 1138 inf &= 1;
882 while(len > 0) { 1139 /* If no buffer and not indefinite length constructed just pass over
1140 * the encoded data */
1141 if (!buf && !inf)
1142 {
1143 *in += len;
1144 return 1;
1145 }
1146 while(len > 0)
1147 {
883 q = p; 1148 q = p;
884 /* Check for EOC */ 1149 /* Check for EOC */
885 if(asn1_check_eoc(&p, len)) { 1150 if (asn1_check_eoc(&p, len))
886 /* EOC is illegal outside indefinite length constructed form */ 1151 {
887 if(!inf) { 1152 /* EOC is illegal outside indefinite length
888 ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_UNEXPECTED_EOC); 1153 * constructed form */
1154 if (!inf)
1155 {
1156 ASN1err(ASN1_F_ASN1_COLLECT,
1157 ASN1_R_UNEXPECTED_EOC);
889 return 0; 1158 return 0;
890 } 1159 }
891 inf = 0; 1160 inf = 0;
892 break; 1161 break;
893 } 1162 }
894 if(!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p, len, tag, aclass, 0, NULL)) { 1163
1164 if (!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p,
1165 len, tag, aclass, 0, NULL))
1166 {
895 ASN1err(ASN1_F_ASN1_COLLECT, ERR_R_NESTED_ASN1_ERROR); 1167 ASN1err(ASN1_F_ASN1_COLLECT, ERR_R_NESTED_ASN1_ERROR);
896 return 0; 1168 return 0;
897 } 1169 }
1170
898 /* If indefinite length constructed update max length */ 1171 /* If indefinite length constructed update max length */
899 if(cst) { 1172 if (cst)
1173 {
900#ifdef OPENSSL_ALLOW_NESTED_ASN1_STRINGS 1174#ifdef OPENSSL_ALLOW_NESTED_ASN1_STRINGS
901 if (!asn1_collect(buf, &p, plen, ininf, tag, aclass)) 1175 if (!asn1_collect(buf, &p, plen, ininf, tag, aclass))
902 return 0; 1176 return 0;
@@ -904,47 +1178,51 @@ static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, in
904 ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_NESTED_ASN1_STRING); 1178 ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_NESTED_ASN1_STRING);
905 return 0; 1179 return 0;
906#endif 1180#endif
907 } else { 1181 }
908 if(plen && !collect_data(buf, &p, plen)) return 0; 1182 else if (plen && !collect_data(buf, &p, plen))
909 } 1183 return 0;
910 len -= p - q; 1184 len -= p - q;
911 } 1185 }
912 if(inf) { 1186 if (inf)
1187 {
913 ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_MISSING_EOC); 1188 ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_MISSING_EOC);
914 return 0; 1189 return 0;
915 } 1190 }
916 *in = p; 1191 *in = p;
917 return 1; 1192 return 1;
918} 1193 }
919 1194
920static int collect_data(BUF_MEM *buf, unsigned char **p, long plen) 1195static int collect_data(BUF_MEM *buf, const unsigned char **p, long plen)
921{ 1196 {
922 int len; 1197 int len;
923 if(buf) { 1198 if (buf)
924 len = buf->length; 1199 {
925 if(!BUF_MEM_grow_clean(buf, len + plen)) { 1200 len = buf->length;
926 ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE); 1201 if (!BUF_MEM_grow_clean(buf, len + plen))
927 return 0; 1202 {
1203 ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE);
1204 return 0;
928 } 1205 }
929 memcpy(buf->data + len, *p, plen); 1206 memcpy(buf->data + len, *p, plen);
930 } 1207 }
931 *p += plen; 1208 *p += plen;
932 return 1; 1209 return 1;
933} 1210 }
934 1211
935/* Check for ASN1 EOC and swallow it if found */ 1212/* Check for ASN1 EOC and swallow it if found */
936 1213
937static int asn1_check_eoc(unsigned char **in, long len) 1214static int asn1_check_eoc(const unsigned char **in, long len)
938{ 1215 {
939 unsigned char *p; 1216 const unsigned char *p;
940 if(len < 2) return 0; 1217 if (len < 2) return 0;
941 p = *in; 1218 p = *in;
942 if(!p[0] && !p[1]) { 1219 if (!p[0] && !p[1])
1220 {
943 *in += 2; 1221 *in += 2;
944 return 1; 1222 return 1;
945 } 1223 }
946 return 0; 1224 return 0;
947} 1225 }
948 1226
949/* Check an ASN1 tag and length: a bit like ASN1_get_object 1227/* Check an ASN1 tag and length: a bit like ASN1_get_object
950 * but it sets the length for indefinite length constructed 1228 * but it sets the length for indefinite length constructed
@@ -953,25 +1231,32 @@ static int asn1_check_eoc(unsigned char **in, long len)
953 * header length just read. 1231 * header length just read.
954 */ 1232 */
955 1233
956static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf, char *cst, 1234static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass,
957 unsigned char **in, long len, int exptag, int expclass, char opt, ASN1_TLC *ctx) 1235 char *inf, char *cst,
958{ 1236 const unsigned char **in, long len,
1237 int exptag, int expclass, char opt,
1238 ASN1_TLC *ctx)
1239 {
959 int i; 1240 int i;
960 int ptag, pclass; 1241 int ptag, pclass;
961 long plen; 1242 long plen;
962 unsigned char *p, *q; 1243 const unsigned char *p, *q;
963 p = *in; 1244 p = *in;
964 q = p; 1245 q = p;
965 1246
966 if(ctx && ctx->valid) { 1247 if (ctx && ctx->valid)
1248 {
967 i = ctx->ret; 1249 i = ctx->ret;
968 plen = ctx->plen; 1250 plen = ctx->plen;
969 pclass = ctx->pclass; 1251 pclass = ctx->pclass;
970 ptag = ctx->ptag; 1252 ptag = ctx->ptag;
971 p += ctx->hdrlen; 1253 p += ctx->hdrlen;
972 } else { 1254 }
1255 else
1256 {
973 i = ASN1_get_object(&p, &plen, &ptag, &pclass, len); 1257 i = ASN1_get_object(&p, &plen, &ptag, &pclass, len);
974 if(ctx) { 1258 if (ctx)
1259 {
975 ctx->ret = i; 1260 ctx->ret = i;
976 ctx->plen = plen; 1261 ctx->plen = plen;
977 ctx->pclass = pclass; 1262 ctx->pclass = pclass;
@@ -981,43 +1266,57 @@ static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *i
981 /* If definite length, and no error, length + 1266 /* If definite length, and no error, length +
982 * header can't exceed total amount of data available. 1267 * header can't exceed total amount of data available.
983 */ 1268 */
984 if(!(i & 0x81) && ((plen + ctx->hdrlen) > len)) { 1269 if (!(i & 0x81) && ((plen + ctx->hdrlen) > len))
985 ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_TOO_LONG); 1270 {
1271 ASN1err(ASN1_F_ASN1_CHECK_TLEN,
1272 ASN1_R_TOO_LONG);
986 asn1_tlc_clear(ctx); 1273 asn1_tlc_clear(ctx);
987 return 0; 1274 return 0;
1275 }
988 } 1276 }
989 } 1277 }
990 }
991 1278
992 if(i & 0x80) { 1279 if (i & 0x80)
1280 {
993 ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_BAD_OBJECT_HEADER); 1281 ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_BAD_OBJECT_HEADER);
994 asn1_tlc_clear(ctx); 1282 asn1_tlc_clear(ctx);
995 return 0; 1283 return 0;
996 } 1284 }
997 if(exptag >= 0) { 1285 if (exptag >= 0)
998 if((exptag != ptag) || (expclass != pclass)) { 1286 {
999 /* If type is OPTIONAL, not an error, but indicate missing 1287 if ((exptag != ptag) || (expclass != pclass))
1000 * type. 1288 {
1289 /* If type is OPTIONAL, not an error:
1290 * indicate missing type.
1001 */ 1291 */
1002 if(opt) return -1; 1292 if (opt) return -1;
1003 asn1_tlc_clear(ctx); 1293 asn1_tlc_clear(ctx);
1004 ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_WRONG_TAG); 1294 ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_WRONG_TAG);
1005 return 0; 1295 return 0;
1006 } 1296 }
1007 /* We have a tag and class match, so assume we are going to do something with it */ 1297 /* We have a tag and class match:
1298 * assume we are going to do something with it */
1008 asn1_tlc_clear(ctx); 1299 asn1_tlc_clear(ctx);
1009 } 1300 }
1301
1302 if (i & 1)
1303 plen = len - (p - q);
1010 1304
1011 if(i & 1) plen = len - (p - q); 1305 if (inf)
1306 *inf = i & 1;
1012 1307
1013 if(inf) *inf = i & 1; 1308 if (cst)
1309 *cst = i & V_ASN1_CONSTRUCTED;
1014 1310
1015 if(cst) *cst = i & V_ASN1_CONSTRUCTED; 1311 if (olen)
1312 *olen = plen;
1016 1313
1017 if(olen) *olen = plen; 1314 if (oclass)
1018 if(oclass) *oclass = pclass; 1315 *oclass = pclass;
1019 if(otag) *otag = ptag; 1316
1317 if (otag)
1318 *otag = ptag;
1020 1319
1021 *in = p; 1320 *in = p;
1022 return 1; 1321 return 1;
1023} 1322 }
diff --git a/src/lib/libcrypto/asn1/tasn_enc.c b/src/lib/libcrypto/asn1/tasn_enc.c
index c675c3c832..be19b36acd 100644
--- a/src/lib/libcrypto/asn1/tasn_enc.c
+++ b/src/lib/libcrypto/asn1/tasn_enc.c
@@ -3,7 +3,7 @@
3 * project 2000. 3 * project 2000.
4 */ 4 */
5/* ==================================================================== 5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved. 6 * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved.
7 * 7 *
8 * Redistribution and use in source and binary forms, with or without 8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions 9 * modification, are permitted provided that the following conditions
@@ -59,88 +59,119 @@
59 59
60#include <stddef.h> 60#include <stddef.h>
61#include <string.h> 61#include <string.h>
62#include "cryptlib.h"
62#include <openssl/asn1.h> 63#include <openssl/asn1.h>
63#include <openssl/asn1t.h> 64#include <openssl/asn1t.h>
64#include <openssl/objects.h> 65#include <openssl/objects.h>
65 66
66static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); 67static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
67static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *seq, unsigned char **out, int skcontlen, const ASN1_ITEM *item, int isset); 68 const ASN1_ITEM *it,
69 int tag, int aclass);
70static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
71 int skcontlen, const ASN1_ITEM *item,
72 int do_sort, int iclass);
73static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
74 const ASN1_TEMPLATE *tt,
75 int tag, int aclass);
76static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out,
77 const ASN1_ITEM *it, int flags);
78
79/* Top level i2d equivalents: the 'ndef' variant instructs the encoder
80 * to use indefinite length constructed encoding, where appropriate
81 */
82
83int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out,
84 const ASN1_ITEM *it)
85 {
86 return asn1_item_flags_i2d(val, out, it, ASN1_TFLG_NDEF);
87 }
88
89int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it)
90 {
91 return asn1_item_flags_i2d(val, out, it, 0);
92 }
68 93
69/* Encode an ASN1 item, this is compatible with the 94/* Encode an ASN1 item, this is use by the
70 * standard 'i2d' function. 'out' points to 95 * standard 'i2d' function. 'out' points to
71 * a buffer to output the data to, in future we will 96 * a buffer to output the data to.
72 * have more advanced versions that can output data
73 * a piece at a time and this will simply be a special
74 * case.
75 * 97 *
76 * The new i2d has one additional feature. If the output 98 * The new i2d has one additional feature. If the output
77 * buffer is NULL (i.e. *out == NULL) then a buffer is 99 * buffer is NULL (i.e. *out == NULL) then a buffer is
78 * allocated and populated with the encoding. 100 * allocated and populated with the encoding.
79 */ 101 */
80 102
81 103static int asn1_item_flags_i2d(ASN1_VALUE *val, unsigned char **out,
82int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it) 104 const ASN1_ITEM *it, int flags)
83{ 105 {
84 if(out && !*out) { 106 if (out && !*out)
107 {
85 unsigned char *p, *buf; 108 unsigned char *p, *buf;
86 int len; 109 int len;
87 len = ASN1_item_ex_i2d(&val, NULL, it, -1, 0); 110 len = ASN1_item_ex_i2d(&val, NULL, it, -1, flags);
88 if(len <= 0) return len; 111 if (len <= 0)
112 return len;
89 buf = OPENSSL_malloc(len); 113 buf = OPENSSL_malloc(len);
90 if(!buf) return -1; 114 if (!buf)
115 return -1;
91 p = buf; 116 p = buf;
92 ASN1_item_ex_i2d(&val, &p, it, -1, 0); 117 ASN1_item_ex_i2d(&val, &p, it, -1, flags);
93 *out = buf; 118 *out = buf;
94 return len; 119 return len;
120 }
121
122 return ASN1_item_ex_i2d(&val, out, it, -1, flags);
95 } 123 }
96
97 return ASN1_item_ex_i2d(&val, out, it, -1, 0);
98}
99 124
100/* Encode an item, taking care of IMPLICIT tagging (if any). 125/* Encode an item, taking care of IMPLICIT tagging (if any).
101 * This function performs the normal item handling: it can be 126 * This function performs the normal item handling: it can be
102 * used in external types. 127 * used in external types.
103 */ 128 */
104 129
105int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass) 130int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
106{ 131 const ASN1_ITEM *it, int tag, int aclass)
132 {
107 const ASN1_TEMPLATE *tt = NULL; 133 const ASN1_TEMPLATE *tt = NULL;
108 unsigned char *p = NULL; 134 unsigned char *p = NULL;
109 int i, seqcontlen, seqlen; 135 int i, seqcontlen, seqlen, ndef = 1;
110 ASN1_STRING *strtmp;
111 const ASN1_COMPAT_FUNCS *cf; 136 const ASN1_COMPAT_FUNCS *cf;
112 const ASN1_EXTERN_FUNCS *ef; 137 const ASN1_EXTERN_FUNCS *ef;
113 const ASN1_AUX *aux = it->funcs; 138 const ASN1_AUX *aux = it->funcs;
114 ASN1_aux_cb *asn1_cb; 139 ASN1_aux_cb *asn1_cb = 0;
115 if((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval) return 0; 140
116 if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb; 141 if ((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval)
117 else asn1_cb = 0; 142 return 0;
118 143
119 switch(it->itype) { 144 if (aux && aux->asn1_cb)
145 asn1_cb = aux->asn1_cb;
146
147 switch(it->itype)
148 {
120 149
121 case ASN1_ITYPE_PRIMITIVE: 150 case ASN1_ITYPE_PRIMITIVE:
122 if(it->templates) 151 if (it->templates)
123 return ASN1_template_i2d(pval, out, it->templates); 152 return asn1_template_ex_i2d(pval, out, it->templates,
153 tag, aclass);
124 return asn1_i2d_ex_primitive(pval, out, it, tag, aclass); 154 return asn1_i2d_ex_primitive(pval, out, it, tag, aclass);
125 break; 155 break;
126 156
127 case ASN1_ITYPE_MSTRING: 157 case ASN1_ITYPE_MSTRING:
128 strtmp = (ASN1_STRING *)*pval; 158 return asn1_i2d_ex_primitive(pval, out, it, -1, aclass);
129 return asn1_i2d_ex_primitive(pval, out, it, -1, 0);
130 159
131 case ASN1_ITYPE_CHOICE: 160 case ASN1_ITYPE_CHOICE:
132 if(asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it)) 161 if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it))
133 return 0; 162 return 0;
134 i = asn1_get_choice_selector(pval, it); 163 i = asn1_get_choice_selector(pval, it);
135 if((i >= 0) && (i < it->tcount)) { 164 if ((i >= 0) && (i < it->tcount))
165 {
136 ASN1_VALUE **pchval; 166 ASN1_VALUE **pchval;
137 const ASN1_TEMPLATE *chtt; 167 const ASN1_TEMPLATE *chtt;
138 chtt = it->templates + i; 168 chtt = it->templates + i;
139 pchval = asn1_get_field_ptr(pval, chtt); 169 pchval = asn1_get_field_ptr(pval, chtt);
140 return ASN1_template_i2d(pchval, out, chtt); 170 return asn1_template_ex_i2d(pchval, out, chtt,
141 } 171 -1, aclass);
172 }
142 /* Fixme: error condition if selector out of range */ 173 /* Fixme: error condition if selector out of range */
143 if(asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it)) 174 if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it))
144 return 0; 175 return 0;
145 break; 176 break;
146 177
@@ -152,136 +183,236 @@ int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it
152 case ASN1_ITYPE_COMPAT: 183 case ASN1_ITYPE_COMPAT:
153 /* old style hackery... */ 184 /* old style hackery... */
154 cf = it->funcs; 185 cf = it->funcs;
155 if(out) p = *out; 186 if (out)
187 p = *out;
156 i = cf->asn1_i2d(*pval, out); 188 i = cf->asn1_i2d(*pval, out);
157 /* Fixup for IMPLICIT tag: note this messes up for tags > 30, 189 /* Fixup for IMPLICIT tag: note this messes up for tags > 30,
158 * but so did the old code. Tags > 30 are very rare anyway. 190 * but so did the old code. Tags > 30 are very rare anyway.
159 */ 191 */
160 if(out && (tag != -1)) 192 if (out && (tag != -1))
161 *p = aclass | tag | (*p & V_ASN1_CONSTRUCTED); 193 *p = aclass | tag | (*p & V_ASN1_CONSTRUCTED);
162 return i; 194 return i;
163 195
196 case ASN1_ITYPE_NDEF_SEQUENCE:
197 /* Use indefinite length constructed if requested */
198 if (aclass & ASN1_TFLG_NDEF) ndef = 2;
199 /* fall through */
200
164 case ASN1_ITYPE_SEQUENCE: 201 case ASN1_ITYPE_SEQUENCE:
165 i = asn1_enc_restore(&seqcontlen, out, pval, it); 202 i = asn1_enc_restore(&seqcontlen, out, pval, it);
166 /* An error occurred */ 203 /* An error occurred */
167 if(i < 0) return 0; 204 if (i < 0)
205 return 0;
168 /* We have a valid cached encoding... */ 206 /* We have a valid cached encoding... */
169 if(i > 0) return seqcontlen; 207 if (i > 0)
208 return seqcontlen;
170 /* Otherwise carry on */ 209 /* Otherwise carry on */
171 seqcontlen = 0; 210 seqcontlen = 0;
172 /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */ 211 /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
173 if(tag == -1) { 212 if (tag == -1)
213 {
174 tag = V_ASN1_SEQUENCE; 214 tag = V_ASN1_SEQUENCE;
175 aclass = V_ASN1_UNIVERSAL; 215 /* Retain any other flags in aclass */
176 } 216 aclass = (aclass & ~ASN1_TFLG_TAG_CLASS)
177 if(asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it)) 217 | V_ASN1_UNIVERSAL;
218 }
219 if (asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it))
178 return 0; 220 return 0;
179 /* First work out sequence content length */ 221 /* First work out sequence content length */
180 for(i = 0, tt = it->templates; i < it->tcount; tt++, i++) { 222 for (i = 0, tt = it->templates; i < it->tcount; tt++, i++)
223 {
181 const ASN1_TEMPLATE *seqtt; 224 const ASN1_TEMPLATE *seqtt;
182 ASN1_VALUE **pseqval; 225 ASN1_VALUE **pseqval;
183 seqtt = asn1_do_adb(pval, tt, 1); 226 seqtt = asn1_do_adb(pval, tt, 1);
184 if(!seqtt) return 0; 227 if (!seqtt)
228 return 0;
185 pseqval = asn1_get_field_ptr(pval, seqtt); 229 pseqval = asn1_get_field_ptr(pval, seqtt);
186 /* FIXME: check for errors in enhanced version */ 230 /* FIXME: check for errors in enhanced version */
187 /* FIXME: special handling of indefinite length encoding */ 231 seqcontlen += asn1_template_ex_i2d(pseqval, NULL, seqtt,
188 seqcontlen += ASN1_template_i2d(pseqval, NULL, seqtt); 232 -1, aclass);
189 } 233 }
190 seqlen = ASN1_object_size(1, seqcontlen, tag); 234
191 if(!out) return seqlen; 235 seqlen = ASN1_object_size(ndef, seqcontlen, tag);
236 if (!out)
237 return seqlen;
192 /* Output SEQUENCE header */ 238 /* Output SEQUENCE header */
193 ASN1_put_object(out, 1, seqcontlen, tag, aclass); 239 ASN1_put_object(out, ndef, seqcontlen, tag, aclass);
194 for(i = 0, tt = it->templates; i < it->tcount; tt++, i++) { 240 for (i = 0, tt = it->templates; i < it->tcount; tt++, i++)
241 {
195 const ASN1_TEMPLATE *seqtt; 242 const ASN1_TEMPLATE *seqtt;
196 ASN1_VALUE **pseqval; 243 ASN1_VALUE **pseqval;
197 seqtt = asn1_do_adb(pval, tt, 1); 244 seqtt = asn1_do_adb(pval, tt, 1);
198 if(!seqtt) return 0; 245 if (!seqtt)
246 return 0;
199 pseqval = asn1_get_field_ptr(pval, seqtt); 247 pseqval = asn1_get_field_ptr(pval, seqtt);
200 /* FIXME: check for errors in enhanced version */ 248 /* FIXME: check for errors in enhanced version */
201 ASN1_template_i2d(pseqval, out, seqtt); 249 asn1_template_ex_i2d(pseqval, out, seqtt, -1, aclass);
202 } 250 }
203 if(asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it)) 251 if (ndef == 2)
252 ASN1_put_eoc(out);
253 if (asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it))
204 return 0; 254 return 0;
205 return seqlen; 255 return seqlen;
206 256
207 default: 257 default:
208 return 0; 258 return 0;
209 } 259
260 }
210 return 0; 261 return 0;
211} 262 }
212 263
213int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt) 264int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out,
214{ 265 const ASN1_TEMPLATE *tt)
215 int i, ret, flags, aclass; 266 {
267 return asn1_template_ex_i2d(pval, out, tt, -1, 0);
268 }
269
270static int asn1_template_ex_i2d(ASN1_VALUE **pval, unsigned char **out,
271 const ASN1_TEMPLATE *tt, int tag, int iclass)
272 {
273 int i, ret, flags, ttag, tclass, ndef;
216 flags = tt->flags; 274 flags = tt->flags;
217 aclass = flags & ASN1_TFLG_TAG_CLASS; 275 /* Work out tag and class to use: tagging may come
218 if(flags & ASN1_TFLG_SK_MASK) { 276 * either from the template or the arguments, not both
277 * because this would create ambiguity. Additionally
278 * the iclass argument may contain some additional flags
279 * which should be noted and passed down to other levels.
280 */
281 if (flags & ASN1_TFLG_TAG_MASK)
282 {
283 /* Error if argument and template tagging */
284 if (tag != -1)
285 /* FIXME: error code here */
286 return -1;
287 /* Get tagging from template */
288 ttag = tt->tag;
289 tclass = flags & ASN1_TFLG_TAG_CLASS;
290 }
291 else if (tag != -1)
292 {
293 /* No template tagging, get from arguments */
294 ttag = tag;
295 tclass = iclass & ASN1_TFLG_TAG_CLASS;
296 }
297 else
298 {
299 ttag = -1;
300 tclass = 0;
301 }
302 /*
303 * Remove any class mask from iflag.
304 */
305 iclass &= ~ASN1_TFLG_TAG_CLASS;
306
307 /* At this point 'ttag' contains the outer tag to use,
308 * 'tclass' is the class and iclass is any flags passed
309 * to this function.
310 */
311
312 /* if template and arguments require ndef, use it */
313 if ((flags & ASN1_TFLG_NDEF) && (iclass & ASN1_TFLG_NDEF))
314 ndef = 2;
315 else ndef = 1;
316
317 if (flags & ASN1_TFLG_SK_MASK)
318 {
219 /* SET OF, SEQUENCE OF */ 319 /* SET OF, SEQUENCE OF */
220 STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval; 320 STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
221 int isset, sktag, skaclass; 321 int isset, sktag, skaclass;
222 int skcontlen, sklen; 322 int skcontlen, sklen;
223 ASN1_VALUE *skitem; 323 ASN1_VALUE *skitem;
224 if(!*pval) return 0; 324
225 if(flags & ASN1_TFLG_SET_OF) { 325 if (!*pval)
326 return 0;
327
328 if (flags & ASN1_TFLG_SET_OF)
329 {
226 isset = 1; 330 isset = 1;
227 /* 2 means we reorder */ 331 /* 2 means we reorder */
228 if(flags & ASN1_TFLG_SEQUENCE_OF) isset = 2; 332 if (flags & ASN1_TFLG_SEQUENCE_OF)
229 } else isset = 0; 333 isset = 2;
230 /* First work out inner tag value */ 334 }
231 if(flags & ASN1_TFLG_IMPTAG) { 335 else isset = 0;
232 sktag = tt->tag; 336
233 skaclass = aclass; 337 /* Work out inner tag value: if EXPLICIT
234 } else { 338 * or no tagging use underlying type.
339 */
340 if ((ttag != -1) && !(flags & ASN1_TFLG_EXPTAG))
341 {
342 sktag = ttag;
343 skaclass = tclass;
344 }
345 else
346 {
235 skaclass = V_ASN1_UNIVERSAL; 347 skaclass = V_ASN1_UNIVERSAL;
236 if(isset) sktag = V_ASN1_SET; 348 if (isset)
349 sktag = V_ASN1_SET;
237 else sktag = V_ASN1_SEQUENCE; 350 else sktag = V_ASN1_SEQUENCE;
238 } 351 }
239 /* Now work out length of items */ 352
353 /* Determine total length of items */
240 skcontlen = 0; 354 skcontlen = 0;
241 for(i = 0; i < sk_ASN1_VALUE_num(sk); i++) { 355 for (i = 0; i < sk_ASN1_VALUE_num(sk); i++)
356 {
242 skitem = sk_ASN1_VALUE_value(sk, i); 357 skitem = sk_ASN1_VALUE_value(sk, i);
243 skcontlen += ASN1_item_ex_i2d(&skitem, NULL, ASN1_ITEM_ptr(tt->item), -1, 0); 358 skcontlen += ASN1_item_ex_i2d(&skitem, NULL,
244 } 359 ASN1_ITEM_ptr(tt->item),
245 sklen = ASN1_object_size(1, skcontlen, sktag); 360 -1, iclass);
361 }
362 sklen = ASN1_object_size(ndef, skcontlen, sktag);
246 /* If EXPLICIT need length of surrounding tag */ 363 /* If EXPLICIT need length of surrounding tag */
247 if(flags & ASN1_TFLG_EXPTAG) 364 if (flags & ASN1_TFLG_EXPTAG)
248 ret = ASN1_object_size(1, sklen, tt->tag); 365 ret = ASN1_object_size(ndef, sklen, ttag);
249 else ret = sklen; 366 else ret = sklen;
250 367
251 if(!out) return ret; 368 if (!out)
369 return ret;
252 370
253 /* Now encode this lot... */ 371 /* Now encode this lot... */
254 /* EXPLICIT tag */ 372 /* EXPLICIT tag */
255 if(flags & ASN1_TFLG_EXPTAG) 373 if (flags & ASN1_TFLG_EXPTAG)
256 ASN1_put_object(out, 1, sklen, tt->tag, aclass); 374 ASN1_put_object(out, ndef, sklen, ttag, tclass);
257 /* SET or SEQUENCE and IMPLICIT tag */ 375 /* SET or SEQUENCE and IMPLICIT tag */
258 ASN1_put_object(out, 1, skcontlen, sktag, skaclass); 376 ASN1_put_object(out, ndef, skcontlen, sktag, skaclass);
259 /* And finally the stuff itself */ 377 /* And the stuff itself */
260 asn1_set_seq_out(sk, out, skcontlen, ASN1_ITEM_ptr(tt->item), isset); 378 asn1_set_seq_out(sk, out, skcontlen, ASN1_ITEM_ptr(tt->item),
379 isset, iclass);
380 if (ndef == 2)
381 {
382 ASN1_put_eoc(out);
383 if (flags & ASN1_TFLG_EXPTAG)
384 ASN1_put_eoc(out);
385 }
261 386
262 return ret; 387 return ret;
263 } 388 }
264 389
265 if(flags & ASN1_TFLG_EXPTAG) { 390 if (flags & ASN1_TFLG_EXPTAG)
391 {
266 /* EXPLICIT tagging */ 392 /* EXPLICIT tagging */
267 /* Find length of tagged item */ 393 /* Find length of tagged item */
268 i = ASN1_item_ex_i2d(pval, NULL, ASN1_ITEM_ptr(tt->item), -1, 0); 394 i = ASN1_item_ex_i2d(pval, NULL, ASN1_ITEM_ptr(tt->item),
269 if(!i) return 0; 395 -1, iclass);
396 if (!i)
397 return 0;
270 /* Find length of EXPLICIT tag */ 398 /* Find length of EXPLICIT tag */
271 ret = ASN1_object_size(1, i, tt->tag); 399 ret = ASN1_object_size(ndef, i, ttag);
272 if(out) { 400 if (out)
401 {
273 /* Output tag and item */ 402 /* Output tag and item */
274 ASN1_put_object(out, 1, i, tt->tag, aclass); 403 ASN1_put_object(out, ndef, i, ttag, tclass);
275 ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), -1, 0); 404 ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item),
276 } 405 -1, iclass);
406 if (ndef == 2)
407 ASN1_put_eoc(out);
408 }
277 return ret; 409 return ret;
278 } 410 }
279 if(flags & ASN1_TFLG_IMPTAG) { 411
280 /* IMPLICIT tagging */ 412 /* Either normal or IMPLICIT tagging: combine class and flags */
281 return ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), tt->tag, aclass); 413 return ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item),
282 } 414 ttag, tclass | iclass);
283 /* Nothing special: treat as normal */ 415
284 return ASN1_item_ex_i2d(pval, out, ASN1_ITEM_ptr(tt->item), -1, 0);
285} 416}
286 417
287/* Temporary structure used to hold DER encoding of items for SET OF */ 418/* Temporary structure used to hold DER encoding of items for SET OF */
@@ -293,72 +424,90 @@ typedef struct {
293} DER_ENC; 424} DER_ENC;
294 425
295static int der_cmp(const void *a, const void *b) 426static int der_cmp(const void *a, const void *b)
296{ 427 {
297 const DER_ENC *d1 = a, *d2 = b; 428 const DER_ENC *d1 = a, *d2 = b;
298 int cmplen, i; 429 int cmplen, i;
299 cmplen = (d1->length < d2->length) ? d1->length : d2->length; 430 cmplen = (d1->length < d2->length) ? d1->length : d2->length;
300 i = memcmp(d1->data, d2->data, cmplen); 431 i = memcmp(d1->data, d2->data, cmplen);
301 if(i) return i; 432 if (i)
433 return i;
302 return d1->length - d2->length; 434 return d1->length - d2->length;
303} 435 }
304 436
305/* Output the content octets of SET OF or SEQUENCE OF */ 437/* Output the content octets of SET OF or SEQUENCE OF */
306 438
307static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, int skcontlen, const ASN1_ITEM *item, int do_sort) 439static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out,
308{ 440 int skcontlen, const ASN1_ITEM *item,
441 int do_sort, int iclass)
442 {
309 int i; 443 int i;
310 ASN1_VALUE *skitem; 444 ASN1_VALUE *skitem;
311 unsigned char *tmpdat = NULL, *p = NULL; 445 unsigned char *tmpdat = NULL, *p = NULL;
312 DER_ENC *derlst = NULL, *tder; 446 DER_ENC *derlst = NULL, *tder;
313 if(do_sort) { 447 if (do_sort)
448 {
314 /* Don't need to sort less than 2 items */ 449 /* Don't need to sort less than 2 items */
315 if(sk_ASN1_VALUE_num(sk) < 2) do_sort = 0; 450 if (sk_ASN1_VALUE_num(sk) < 2)
316 else { 451 do_sort = 0;
317 derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk) * sizeof(*derlst)); 452 else
453 {
454 derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk)
455 * sizeof(*derlst));
318 tmpdat = OPENSSL_malloc(skcontlen); 456 tmpdat = OPENSSL_malloc(skcontlen);
319 if(!derlst || !tmpdat) return 0; 457 if (!derlst || !tmpdat)
458 return 0;
459 }
320 } 460 }
321 }
322 /* If not sorting just output each item */ 461 /* If not sorting just output each item */
323 if(!do_sort) { 462 if (!do_sort)
324 for(i = 0; i < sk_ASN1_VALUE_num(sk); i++) { 463 {
464 for (i = 0; i < sk_ASN1_VALUE_num(sk); i++)
465 {
325 skitem = sk_ASN1_VALUE_value(sk, i); 466 skitem = sk_ASN1_VALUE_value(sk, i);
326 ASN1_item_i2d(skitem, out, item); 467 ASN1_item_ex_i2d(&skitem, out, item, -1, iclass);
327 } 468 }
328 return 1; 469 return 1;
329 } 470 }
330 p = tmpdat; 471 p = tmpdat;
472
331 /* Doing sort: build up a list of each member's DER encoding */ 473 /* Doing sort: build up a list of each member's DER encoding */
332 for(i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) { 474 for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++)
475 {
333 skitem = sk_ASN1_VALUE_value(sk, i); 476 skitem = sk_ASN1_VALUE_value(sk, i);
334 tder->data = p; 477 tder->data = p;
335 tder->length = ASN1_item_i2d(skitem, &p, item); 478 tder->length = ASN1_item_ex_i2d(&skitem, &p, item, -1, iclass);
336 tder->field = skitem; 479 tder->field = skitem;
337 } 480 }
481
338 /* Now sort them */ 482 /* Now sort them */
339 qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp); 483 qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp);
340 /* Output sorted DER encoding */ 484 /* Output sorted DER encoding */
341 p = *out; 485 p = *out;
342 for(i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) { 486 for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++)
487 {
343 memcpy(p, tder->data, tder->length); 488 memcpy(p, tder->data, tder->length);
344 p += tder->length; 489 p += tder->length;
345 } 490 }
346 *out = p; 491 *out = p;
347 /* If do_sort is 2 then reorder the STACK */ 492 /* If do_sort is 2 then reorder the STACK */
348 if(do_sort == 2) { 493 if (do_sort == 2)
349 for(i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) 494 {
350 sk_ASN1_VALUE_set(sk, i, tder->field); 495 for (i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk);
351 } 496 i++, tder++)
497 (void)sk_ASN1_VALUE_set(sk, i, tder->field);
498 }
352 OPENSSL_free(derlst); 499 OPENSSL_free(derlst);
353 OPENSSL_free(tmpdat); 500 OPENSSL_free(tmpdat);
354 return 1; 501 return 1;
355} 502 }
356 503
357static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass) 504static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out,
358{ 505 const ASN1_ITEM *it, int tag, int aclass)
506 {
359 int len; 507 int len;
360 int utype; 508 int utype;
361 int usetag; 509 int usetag;
510 int ndef = 0;
362 511
363 utype = it->utype; 512 utype = it->utype;
364 513
@@ -374,33 +523,48 @@ static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, const A
374 * because the call to asn1_ex_i2c() could change 523 * because the call to asn1_ex_i2c() could change
375 * utype. 524 * utype.
376 */ 525 */
377 if((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || 526 if ((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) ||
378 (utype == V_ASN1_OTHER)) 527 (utype == V_ASN1_OTHER))
379 usetag = 0; 528 usetag = 0;
380 else usetag = 1; 529 else usetag = 1;
381 530
382 /* -1 means omit type */ 531 /* -1 means omit type */
383 532
384 if(len == -1) return 0; 533 if (len == -1)
534 return 0;
535
536 /* -2 return is special meaning use ndef */
537 if (len == -2)
538 {
539 ndef = 2;
540 len = 0;
541 }
385 542
386 /* If not implicitly tagged get tag from underlying type */ 543 /* If not implicitly tagged get tag from underlying type */
387 if(tag == -1) tag = utype; 544 if (tag == -1) tag = utype;
388 545
389 /* Output tag+length followed by content octets */ 546 /* Output tag+length followed by content octets */
390 if(out) { 547 if (out)
391 if(usetag) ASN1_put_object(out, 0, len, tag, aclass); 548 {
549 if (usetag)
550 ASN1_put_object(out, ndef, len, tag, aclass);
392 asn1_ex_i2c(pval, *out, &utype, it); 551 asn1_ex_i2c(pval, *out, &utype, it);
393 *out += len; 552 if (ndef)
394 } 553 ASN1_put_eoc(out);
554 else
555 *out += len;
556 }
395 557
396 if(usetag) return ASN1_object_size(0, len, tag); 558 if (usetag)
559 return ASN1_object_size(ndef, len, tag);
397 return len; 560 return len;
398} 561 }
399 562
400/* Produce content octets from a structure */ 563/* Produce content octets from a structure */
401 564
402int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_ITEM *it) 565int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype,
403{ 566 const ASN1_ITEM *it)
567 {
404 ASN1_BOOLEAN *tbool = NULL; 568 ASN1_BOOLEAN *tbool = NULL;
405 ASN1_STRING *strtmp; 569 ASN1_STRING *strtmp;
406 ASN1_OBJECT *otmp; 570 ASN1_OBJECT *otmp;
@@ -409,28 +573,36 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_
409 int len; 573 int len;
410 const ASN1_PRIMITIVE_FUNCS *pf; 574 const ASN1_PRIMITIVE_FUNCS *pf;
411 pf = it->funcs; 575 pf = it->funcs;
412 if(pf && pf->prim_i2c) return pf->prim_i2c(pval, cout, putype, it); 576 if (pf && pf->prim_i2c)
577 return pf->prim_i2c(pval, cout, putype, it);
413 578
414 /* Should type be omitted? */ 579 /* Should type be omitted? */
415 if((it->itype != ASN1_ITYPE_PRIMITIVE) || (it->utype != V_ASN1_BOOLEAN)) { 580 if ((it->itype != ASN1_ITYPE_PRIMITIVE)
416 if(!*pval) return -1; 581 || (it->utype != V_ASN1_BOOLEAN))
417 } 582 {
583 if (!*pval) return -1;
584 }
418 585
419 if(it->itype == ASN1_ITYPE_MSTRING) { 586 if (it->itype == ASN1_ITYPE_MSTRING)
587 {
420 /* If MSTRING type set the underlying type */ 588 /* If MSTRING type set the underlying type */
421 strtmp = (ASN1_STRING *)*pval; 589 strtmp = (ASN1_STRING *)*pval;
422 utype = strtmp->type; 590 utype = strtmp->type;
423 *putype = utype; 591 *putype = utype;
424 } else if(it->utype == V_ASN1_ANY) { 592 }
593 else if (it->utype == V_ASN1_ANY)
594 {
425 /* If ANY set type and pointer to value */ 595 /* If ANY set type and pointer to value */
426 ASN1_TYPE *typ; 596 ASN1_TYPE *typ;
427 typ = (ASN1_TYPE *)*pval; 597 typ = (ASN1_TYPE *)*pval;
428 utype = typ->type; 598 utype = typ->type;
429 *putype = utype; 599 *putype = utype;
430 pval = (ASN1_VALUE **)&typ->value.ptr; 600 pval = &typ->value.asn1_value;
431 } else utype = *putype; 601 }
602 else utype = *putype;
432 603
433 switch(utype) { 604 switch(utype)
605 {
434 case V_ASN1_OBJECT: 606 case V_ASN1_OBJECT:
435 otmp = (ASN1_OBJECT *)*pval; 607 otmp = (ASN1_OBJECT *)*pval;
436 cont = otmp->data; 608 cont = otmp->data;
@@ -444,12 +616,15 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_
444 616
445 case V_ASN1_BOOLEAN: 617 case V_ASN1_BOOLEAN:
446 tbool = (ASN1_BOOLEAN *)pval; 618 tbool = (ASN1_BOOLEAN *)pval;
447 if(*tbool == -1) return -1; 619 if (*tbool == -1)
620 return -1;
448 if (it->utype != V_ASN1_ANY) 621 if (it->utype != V_ASN1_ANY)
449 { 622 {
450 /* Default handling if value == size field then omit */ 623 /* Default handling if value == size field then omit */
451 if(*tbool && (it->size > 0)) return -1; 624 if (*tbool && (it->size > 0))
452 if(!*tbool && !it->size) return -1; 625 return -1;
626 if (!*tbool && !it->size)
627 return -1;
453 } 628 }
454 c = (unsigned char)*tbool; 629 c = (unsigned char)*tbool;
455 cont = &c; 630 cont = &c;
@@ -457,7 +632,8 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_
457 break; 632 break;
458 633
459 case V_ASN1_BIT_STRING: 634 case V_ASN1_BIT_STRING:
460 return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval, cout ? &cout : NULL); 635 return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval,
636 cout ? &cout : NULL);
461 break; 637 break;
462 638
463 case V_ASN1_INTEGER: 639 case V_ASN1_INTEGER:
@@ -467,7 +643,8 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_
467 /* These are all have the same content format 643 /* These are all have the same content format
468 * as ASN1_INTEGER 644 * as ASN1_INTEGER
469 */ 645 */
470 return i2c_ASN1_INTEGER((ASN1_INTEGER *)*pval, cout ? &cout : NULL); 646 return i2c_ASN1_INTEGER((ASN1_INTEGER *)*pval,
647 cout ? &cout : NULL);
471 break; 648 break;
472 649
473 case V_ASN1_OCTET_STRING: 650 case V_ASN1_OCTET_STRING:
@@ -489,12 +666,25 @@ int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_
489 default: 666 default:
490 /* All based on ASN1_STRING and handled the same */ 667 /* All based on ASN1_STRING and handled the same */
491 strtmp = (ASN1_STRING *)*pval; 668 strtmp = (ASN1_STRING *)*pval;
669 /* Special handling for NDEF */
670 if ((it->size == ASN1_TFLG_NDEF)
671 && (strtmp->flags & ASN1_STRING_FLAG_NDEF))
672 {
673 if (cout)
674 {
675 strtmp->data = cout;
676 strtmp->length = 0;
677 }
678 /* Special return code */
679 return -2;
680 }
492 cont = strtmp->data; 681 cont = strtmp->data;
493 len = strtmp->length; 682 len = strtmp->length;
494 683
495 break; 684 break;
496 685
497 } 686 }
498 if(cout && len) memcpy(cout, cont, len); 687 if (cout && len)
688 memcpy(cout, cont, len);
499 return len; 689 return len;
500} 690 }
diff --git a/src/lib/libcrypto/asn1/tasn_fre.c b/src/lib/libcrypto/asn1/tasn_fre.c
index 2dd844159e..bb7c1e2af4 100644
--- a/src/lib/libcrypto/asn1/tasn_fre.c
+++ b/src/lib/libcrypto/asn1/tasn_fre.c
@@ -67,33 +67,40 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c
67/* Free up an ASN1 structure */ 67/* Free up an ASN1 structure */
68 68
69void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it) 69void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it)
70{ 70 {
71 asn1_item_combine_free(&val, it, 0); 71 asn1_item_combine_free(&val, it, 0);
72} 72 }
73 73
74void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it) 74void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
75{ 75 {
76 asn1_item_combine_free(pval, it, 0); 76 asn1_item_combine_free(pval, it, 0);
77} 77 }
78 78
79static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine) 79static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine)
80{ 80 {
81 const ASN1_TEMPLATE *tt = NULL, *seqtt; 81 const ASN1_TEMPLATE *tt = NULL, *seqtt;
82 const ASN1_EXTERN_FUNCS *ef; 82 const ASN1_EXTERN_FUNCS *ef;
83 const ASN1_COMPAT_FUNCS *cf; 83 const ASN1_COMPAT_FUNCS *cf;
84 const ASN1_AUX *aux = it->funcs; 84 const ASN1_AUX *aux = it->funcs;
85 ASN1_aux_cb *asn1_cb; 85 ASN1_aux_cb *asn1_cb;
86 int i; 86 int i;
87 if(!pval) return; 87 if (!pval)
88 if((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval) return; 88 return;
89 if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb; 89 if ((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval)
90 else asn1_cb = 0; 90 return;
91 if (aux && aux->asn1_cb)
92 asn1_cb = aux->asn1_cb;
93 else
94 asn1_cb = 0;
91 95
92 switch(it->itype) { 96 switch(it->itype)
97 {
93 98
94 case ASN1_ITYPE_PRIMITIVE: 99 case ASN1_ITYPE_PRIMITIVE:
95 if(it->templates) ASN1_template_free(pval, it->templates); 100 if (it->templates)
96 else ASN1_primitive_free(pval, it); 101 ASN1_template_free(pval, it->templates);
102 else
103 ASN1_primitive_free(pval, it);
97 break; 104 break;
98 105
99 case ASN1_ITYPE_MSTRING: 106 case ASN1_ITYPE_MSTRING:
@@ -101,41 +108,51 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c
101 break; 108 break;
102 109
103 case ASN1_ITYPE_CHOICE: 110 case ASN1_ITYPE_CHOICE:
104 if(asn1_cb) { 111 if (asn1_cb)
112 {
105 i = asn1_cb(ASN1_OP_FREE_PRE, pval, it); 113 i = asn1_cb(ASN1_OP_FREE_PRE, pval, it);
106 if(i == 2) return; 114 if (i == 2)
107 } 115 return;
116 }
108 i = asn1_get_choice_selector(pval, it); 117 i = asn1_get_choice_selector(pval, it);
109 if(asn1_cb) asn1_cb(ASN1_OP_FREE_PRE, pval, it); 118 if ((i >= 0) && (i < it->tcount))
110 if((i >= 0) && (i < it->tcount)) { 119 {
111 ASN1_VALUE **pchval; 120 ASN1_VALUE **pchval;
112 tt = it->templates + i; 121 tt = it->templates + i;
113 pchval = asn1_get_field_ptr(pval, tt); 122 pchval = asn1_get_field_ptr(pval, tt);
114 ASN1_template_free(pchval, tt); 123 ASN1_template_free(pchval, tt);
115 } 124 }
116 if(asn1_cb) asn1_cb(ASN1_OP_FREE_POST, pval, it); 125 if (asn1_cb)
117 if(!combine) { 126 asn1_cb(ASN1_OP_FREE_POST, pval, it);
127 if (!combine)
128 {
118 OPENSSL_free(*pval); 129 OPENSSL_free(*pval);
119 *pval = NULL; 130 *pval = NULL;
120 } 131 }
121 break; 132 break;
122 133
123 case ASN1_ITYPE_COMPAT: 134 case ASN1_ITYPE_COMPAT:
124 cf = it->funcs; 135 cf = it->funcs;
125 if(cf && cf->asn1_free) cf->asn1_free(*pval); 136 if (cf && cf->asn1_free)
137 cf->asn1_free(*pval);
126 break; 138 break;
127 139
128 case ASN1_ITYPE_EXTERN: 140 case ASN1_ITYPE_EXTERN:
129 ef = it->funcs; 141 ef = it->funcs;
130 if(ef && ef->asn1_ex_free) ef->asn1_ex_free(pval, it); 142 if (ef && ef->asn1_ex_free)
143 ef->asn1_ex_free(pval, it);
131 break; 144 break;
132 145
146 case ASN1_ITYPE_NDEF_SEQUENCE:
133 case ASN1_ITYPE_SEQUENCE: 147 case ASN1_ITYPE_SEQUENCE:
134 if(asn1_do_lock(pval, -1, it) > 0) return; 148 if (asn1_do_lock(pval, -1, it) > 0)
135 if(asn1_cb) { 149 return;
150 if (asn1_cb)
151 {
136 i = asn1_cb(ASN1_OP_FREE_PRE, pval, it); 152 i = asn1_cb(ASN1_OP_FREE_PRE, pval, it);
137 if(i == 2) return; 153 if (i == 2)
138 } 154 return;
155 }
139 asn1_enc_free(pval, it); 156 asn1_enc_free(pval, it);
140 /* If we free up as normal we will invalidate any 157 /* If we free up as normal we will invalidate any
141 * ANY DEFINED BY field and we wont be able to 158 * ANY DEFINED BY field and we wont be able to
@@ -143,64 +160,84 @@ static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int c
143 * free up in reverse order. 160 * free up in reverse order.
144 */ 161 */
145 tt = it->templates + it->tcount - 1; 162 tt = it->templates + it->tcount - 1;
146 for(i = 0; i < it->tcount; tt--, i++) { 163 for (i = 0; i < it->tcount; tt--, i++)
164 {
147 ASN1_VALUE **pseqval; 165 ASN1_VALUE **pseqval;
148 seqtt = asn1_do_adb(pval, tt, 0); 166 seqtt = asn1_do_adb(pval, tt, 0);
149 if(!seqtt) continue; 167 if (!seqtt)
168 continue;
150 pseqval = asn1_get_field_ptr(pval, seqtt); 169 pseqval = asn1_get_field_ptr(pval, seqtt);
151 ASN1_template_free(pseqval, seqtt); 170 ASN1_template_free(pseqval, seqtt);
152 } 171 }
153 if(asn1_cb) asn1_cb(ASN1_OP_FREE_POST, pval, it); 172 if (asn1_cb)
154 if(!combine) { 173 asn1_cb(ASN1_OP_FREE_POST, pval, it);
174 if (!combine)
175 {
155 OPENSSL_free(*pval); 176 OPENSSL_free(*pval);
156 *pval = NULL; 177 *pval = NULL;
157 } 178 }
158 break; 179 break;
180 }
159 } 181 }
160}
161 182
162void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) 183void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
163{ 184 {
164 int i; 185 int i;
165 if(tt->flags & ASN1_TFLG_SK_MASK) { 186 if (tt->flags & ASN1_TFLG_SK_MASK)
187 {
166 STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval; 188 STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
167 for(i = 0; i < sk_ASN1_VALUE_num(sk); i++) { 189 for (i = 0; i < sk_ASN1_VALUE_num(sk); i++)
190 {
168 ASN1_VALUE *vtmp; 191 ASN1_VALUE *vtmp;
169 vtmp = sk_ASN1_VALUE_value(sk, i); 192 vtmp = sk_ASN1_VALUE_value(sk, i);
170 asn1_item_combine_free(&vtmp, ASN1_ITEM_ptr(tt->item), 0); 193 asn1_item_combine_free(&vtmp, ASN1_ITEM_ptr(tt->item),
171 } 194 0);
195 }
172 sk_ASN1_VALUE_free(sk); 196 sk_ASN1_VALUE_free(sk);
173 *pval = NULL; 197 *pval = NULL;
174 } else asn1_item_combine_free(pval, ASN1_ITEM_ptr(tt->item), 198 }
199 else
200 asn1_item_combine_free(pval, ASN1_ITEM_ptr(tt->item),
175 tt->flags & ASN1_TFLG_COMBINE); 201 tt->flags & ASN1_TFLG_COMBINE);
176} 202 }
177 203
178void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it) 204void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
179{ 205 {
180 int utype; 206 int utype;
181 if(it) { 207 if (it)
208 {
182 const ASN1_PRIMITIVE_FUNCS *pf; 209 const ASN1_PRIMITIVE_FUNCS *pf;
183 pf = it->funcs; 210 pf = it->funcs;
184 if(pf && pf->prim_free) { 211 if (pf && pf->prim_free)
212 {
185 pf->prim_free(pval, it); 213 pf->prim_free(pval, it);
186 return; 214 return;
215 }
187 } 216 }
188 }
189 /* Special case: if 'it' is NULL free contents of ASN1_TYPE */ 217 /* Special case: if 'it' is NULL free contents of ASN1_TYPE */
190 if(!it) { 218 if (!it)
219 {
191 ASN1_TYPE *typ = (ASN1_TYPE *)*pval; 220 ASN1_TYPE *typ = (ASN1_TYPE *)*pval;
192 utype = typ->type; 221 utype = typ->type;
193 pval = (ASN1_VALUE **)&typ->value.ptr; 222 pval = &typ->value.asn1_value;
194 if(!*pval) return; 223 if (!*pval)
195 } else if(it->itype == ASN1_ITYPE_MSTRING) { 224 return;
225 }
226 else if (it->itype == ASN1_ITYPE_MSTRING)
227 {
196 utype = -1; 228 utype = -1;
197 if(!*pval) return; 229 if (!*pval)
198 } else { 230 return;
231 }
232 else
233 {
199 utype = it->utype; 234 utype = it->utype;
200 if((utype != V_ASN1_BOOLEAN) && !*pval) return; 235 if ((utype != V_ASN1_BOOLEAN) && !*pval)
201 } 236 return;
237 }
202 238
203 switch(utype) { 239 switch(utype)
240 {
204 case V_ASN1_OBJECT: 241 case V_ASN1_OBJECT:
205 ASN1_OBJECT_free((ASN1_OBJECT *)*pval); 242 ASN1_OBJECT_free((ASN1_OBJECT *)*pval);
206 break; 243 break;
@@ -224,6 +261,6 @@ void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
224 ASN1_STRING_free((ASN1_STRING *)*pval); 261 ASN1_STRING_free((ASN1_STRING *)*pval);
225 *pval = NULL; 262 *pval = NULL;
226 break; 263 break;
227 } 264 }
228 *pval = NULL; 265 *pval = NULL;
229} 266 }
diff --git a/src/lib/libcrypto/asn1/tasn_new.c b/src/lib/libcrypto/asn1/tasn_new.c
index a0e3db574f..531dad365c 100644
--- a/src/lib/libcrypto/asn1/tasn_new.c
+++ b/src/lib/libcrypto/asn1/tasn_new.c
@@ -3,7 +3,7 @@
3 * project 2000. 3 * project 2000.
4 */ 4 */
5/* ==================================================================== 5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved. 6 * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved.
7 * 7 *
8 * Redistribution and use in source and binary forms, with or without 8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions 9 * modification, are permitted provided that the following conditions
@@ -64,27 +64,30 @@
64#include <openssl/asn1t.h> 64#include <openssl/asn1t.h>
65#include <string.h> 65#include <string.h>
66 66
67static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine); 67static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
68 int combine);
68static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it); 69static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
69static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); 70static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
70void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it); 71void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
71 72
72ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it) 73ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it)
73{ 74 {
74 ASN1_VALUE *ret = NULL; 75 ASN1_VALUE *ret = NULL;
75 if(ASN1_item_ex_new(&ret, it) > 0) return ret; 76 if (ASN1_item_ex_new(&ret, it) > 0)
77 return ret;
76 return NULL; 78 return NULL;
77} 79 }
78 80
79/* Allocate an ASN1 structure */ 81/* Allocate an ASN1 structure */
80 82
81int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it) 83int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
82{ 84 {
83 return asn1_item_ex_combine_new(pval, it, 0); 85 return asn1_item_ex_combine_new(pval, it, 0);
84} 86 }
85 87
86static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine) 88static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it,
87{ 89 int combine)
90 {
88 const ASN1_TEMPLATE *tt = NULL; 91 const ASN1_TEMPLATE *tt = NULL;
89 const ASN1_COMPAT_FUNCS *cf; 92 const ASN1_COMPAT_FUNCS *cf;
90 const ASN1_EXTERN_FUNCS *ef; 93 const ASN1_EXTERN_FUNCS *ef;
@@ -92,133 +95,155 @@ static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int
92 ASN1_aux_cb *asn1_cb; 95 ASN1_aux_cb *asn1_cb;
93 ASN1_VALUE **pseqval; 96 ASN1_VALUE **pseqval;
94 int i; 97 int i;
95 if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb; 98 if (aux && aux->asn1_cb)
96 else asn1_cb = 0; 99 asn1_cb = aux->asn1_cb;
100 else
101 asn1_cb = 0;
97 102
98 if(!combine) *pval = NULL; 103 if (!combine) *pval = NULL;
99 104
100#ifdef CRYPTO_MDEBUG 105#ifdef CRYPTO_MDEBUG
101 if(it->sname) CRYPTO_push_info(it->sname); 106 if (it->sname)
107 CRYPTO_push_info(it->sname);
102#endif 108#endif
103 109
104 switch(it->itype) { 110 switch(it->itype)
111 {
105 112
106 case ASN1_ITYPE_EXTERN: 113 case ASN1_ITYPE_EXTERN:
107 ef = it->funcs; 114 ef = it->funcs;
108 if(ef && ef->asn1_ex_new) { 115 if (ef && ef->asn1_ex_new)
109 if(!ef->asn1_ex_new(pval, it)) 116 {
117 if (!ef->asn1_ex_new(pval, it))
110 goto memerr; 118 goto memerr;
111 } 119 }
112 break; 120 break;
113 121
114 case ASN1_ITYPE_COMPAT: 122 case ASN1_ITYPE_COMPAT:
115 cf = it->funcs; 123 cf = it->funcs;
116 if(cf && cf->asn1_new) { 124 if (cf && cf->asn1_new) {
117 *pval = cf->asn1_new(); 125 *pval = cf->asn1_new();
118 if(!*pval) goto memerr; 126 if (!*pval)
127 goto memerr;
119 } 128 }
120 break; 129 break;
121 130
122 case ASN1_ITYPE_PRIMITIVE: 131 case ASN1_ITYPE_PRIMITIVE:
123 if(it->templates) { 132 if (it->templates)
124 if(!ASN1_template_new(pval, it->templates)) 133 {
134 if (!ASN1_template_new(pval, it->templates))
125 goto memerr; 135 goto memerr;
126 } else { 136 }
127 if(!ASN1_primitive_new(pval, it)) 137 else if (!ASN1_primitive_new(pval, it))
128 goto memerr; 138 goto memerr;
129 }
130 break; 139 break;
131 140
132 case ASN1_ITYPE_MSTRING: 141 case ASN1_ITYPE_MSTRING:
133 if(!ASN1_primitive_new(pval, it)) 142 if (!ASN1_primitive_new(pval, it))
134 goto memerr; 143 goto memerr;
135 break; 144 break;
136 145
137 case ASN1_ITYPE_CHOICE: 146 case ASN1_ITYPE_CHOICE:
138 if(asn1_cb) { 147 if (asn1_cb)
148 {
139 i = asn1_cb(ASN1_OP_NEW_PRE, pval, it); 149 i = asn1_cb(ASN1_OP_NEW_PRE, pval, it);
140 if(!i) goto auxerr; 150 if (!i)
141 if(i==2) { 151 goto auxerr;
152 if (i==2)
153 {
142#ifdef CRYPTO_MDEBUG 154#ifdef CRYPTO_MDEBUG
143 if(it->sname) CRYPTO_pop_info(); 155 if (it->sname)
156 CRYPTO_pop_info();
144#endif 157#endif
145 return 1; 158 return 1;
159 }
146 } 160 }
147 } 161 if (!combine)
148 if(!combine) { 162 {
149 *pval = OPENSSL_malloc(it->size); 163 *pval = OPENSSL_malloc(it->size);
150 if(!*pval) goto memerr; 164 if (!*pval)
165 goto memerr;
151 memset(*pval, 0, it->size); 166 memset(*pval, 0, it->size);
152 } 167 }
153 asn1_set_choice_selector(pval, -1, it); 168 asn1_set_choice_selector(pval, -1, it);
154 if(asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it)) 169 if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it))
155 goto auxerr; 170 goto auxerr;
156 break; 171 break;
157 172
173 case ASN1_ITYPE_NDEF_SEQUENCE:
158 case ASN1_ITYPE_SEQUENCE: 174 case ASN1_ITYPE_SEQUENCE:
159 if(asn1_cb) { 175 if (asn1_cb)
176 {
160 i = asn1_cb(ASN1_OP_NEW_PRE, pval, it); 177 i = asn1_cb(ASN1_OP_NEW_PRE, pval, it);
161 if(!i) goto auxerr; 178 if (!i)
162 if(i==2) { 179 goto auxerr;
180 if (i==2)
181 {
163#ifdef CRYPTO_MDEBUG 182#ifdef CRYPTO_MDEBUG
164 if(it->sname) CRYPTO_pop_info(); 183 if (it->sname)
184 CRYPTO_pop_info();
165#endif 185#endif
166 return 1; 186 return 1;
187 }
167 } 188 }
168 } 189 if (!combine)
169 if(!combine) { 190 {
170 *pval = OPENSSL_malloc(it->size); 191 *pval = OPENSSL_malloc(it->size);
171 if(!*pval) goto memerr; 192 if (!*pval)
193 goto memerr;
172 memset(*pval, 0, it->size); 194 memset(*pval, 0, it->size);
173 asn1_do_lock(pval, 0, it); 195 asn1_do_lock(pval, 0, it);
174 asn1_enc_init(pval, it); 196 asn1_enc_init(pval, it);
175 } 197 }
176 for(i = 0, tt = it->templates; i < it->tcount; tt++, i++) { 198 for (i = 0, tt = it->templates; i < it->tcount; tt++, i++)
199 {
177 pseqval = asn1_get_field_ptr(pval, tt); 200 pseqval = asn1_get_field_ptr(pval, tt);
178 if(!ASN1_template_new(pseqval, tt)) goto memerr; 201 if (!ASN1_template_new(pseqval, tt))
179 } 202 goto memerr;
180 if(asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it)) 203 }
204 if (asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it))
181 goto auxerr; 205 goto auxerr;
182 break; 206 break;
183 } 207 }
184#ifdef CRYPTO_MDEBUG 208#ifdef CRYPTO_MDEBUG
185 if(it->sname) CRYPTO_pop_info(); 209 if (it->sname) CRYPTO_pop_info();
186#endif 210#endif
187 return 1; 211 return 1;
188 212
189 memerr: 213 memerr:
190 ASN1err(ASN1_F_ASN1_ITEM_NEW, ERR_R_MALLOC_FAILURE); 214 ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ERR_R_MALLOC_FAILURE);
191#ifdef CRYPTO_MDEBUG 215#ifdef CRYPTO_MDEBUG
192 if(it->sname) CRYPTO_pop_info(); 216 if (it->sname) CRYPTO_pop_info();
193#endif 217#endif
194 return 0; 218 return 0;
195 219
196 auxerr: 220 auxerr:
197 ASN1err(ASN1_F_ASN1_ITEM_NEW, ASN1_R_AUX_ERROR); 221 ASN1err(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW, ASN1_R_AUX_ERROR);
198 ASN1_item_ex_free(pval, it); 222 ASN1_item_ex_free(pval, it);
199#ifdef CRYPTO_MDEBUG 223#ifdef CRYPTO_MDEBUG
200 if(it->sname) CRYPTO_pop_info(); 224 if (it->sname) CRYPTO_pop_info();
201#endif 225#endif
202 return 0; 226 return 0;
203 227
204} 228 }
205 229
206static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) 230static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
207{ 231 {
208 const ASN1_EXTERN_FUNCS *ef; 232 const ASN1_EXTERN_FUNCS *ef;
209 233
210 switch(it->itype) { 234 switch(it->itype)
235 {
211 236
212 case ASN1_ITYPE_EXTERN: 237 case ASN1_ITYPE_EXTERN:
213 ef = it->funcs; 238 ef = it->funcs;
214 if(ef && ef->asn1_ex_clear) 239 if (ef && ef->asn1_ex_clear)
215 ef->asn1_ex_clear(pval, it); 240 ef->asn1_ex_clear(pval, it);
216 else *pval = NULL; 241 else *pval = NULL;
217 break; 242 break;
218 243
219 244
220 case ASN1_ITYPE_PRIMITIVE: 245 case ASN1_ITYPE_PRIMITIVE:
221 if(it->templates) 246 if (it->templates)
222 asn1_template_clear(pval, it->templates); 247 asn1_template_clear(pval, it->templates);
223 else 248 else
224 asn1_primitive_clear(pval, it); 249 asn1_primitive_clear(pval, it);
@@ -231,75 +256,90 @@ static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
231 case ASN1_ITYPE_COMPAT: 256 case ASN1_ITYPE_COMPAT:
232 case ASN1_ITYPE_CHOICE: 257 case ASN1_ITYPE_CHOICE:
233 case ASN1_ITYPE_SEQUENCE: 258 case ASN1_ITYPE_SEQUENCE:
259 case ASN1_ITYPE_NDEF_SEQUENCE:
234 *pval = NULL; 260 *pval = NULL;
235 break; 261 break;
262 }
236 } 263 }
237}
238 264
239 265
240int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) 266int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
241{ 267 {
242 const ASN1_ITEM *it = ASN1_ITEM_ptr(tt->item); 268 const ASN1_ITEM *it = ASN1_ITEM_ptr(tt->item);
243 int ret; 269 int ret;
244 if(tt->flags & ASN1_TFLG_OPTIONAL) { 270 if (tt->flags & ASN1_TFLG_OPTIONAL)
271 {
245 asn1_template_clear(pval, tt); 272 asn1_template_clear(pval, tt);
246 return 1; 273 return 1;
247 } 274 }
248 /* If ANY DEFINED BY nothing to do */ 275 /* If ANY DEFINED BY nothing to do */
249 276
250 if(tt->flags & ASN1_TFLG_ADB_MASK) { 277 if (tt->flags & ASN1_TFLG_ADB_MASK)
278 {
251 *pval = NULL; 279 *pval = NULL;
252 return 1; 280 return 1;
253 } 281 }
254#ifdef CRYPTO_MDEBUG 282#ifdef CRYPTO_MDEBUG
255 if(tt->field_name) CRYPTO_push_info(tt->field_name); 283 if (tt->field_name)
284 CRYPTO_push_info(tt->field_name);
256#endif 285#endif
257 /* If SET OF or SEQUENCE OF, its a STACK */ 286 /* If SET OF or SEQUENCE OF, its a STACK */
258 if(tt->flags & ASN1_TFLG_SK_MASK) { 287 if (tt->flags & ASN1_TFLG_SK_MASK)
288 {
259 STACK_OF(ASN1_VALUE) *skval; 289 STACK_OF(ASN1_VALUE) *skval;
260 skval = sk_ASN1_VALUE_new_null(); 290 skval = sk_ASN1_VALUE_new_null();
261 if(!skval) { 291 if (!skval)
292 {
262 ASN1err(ASN1_F_ASN1_TEMPLATE_NEW, ERR_R_MALLOC_FAILURE); 293 ASN1err(ASN1_F_ASN1_TEMPLATE_NEW, ERR_R_MALLOC_FAILURE);
263 ret = 0; 294 ret = 0;
264 goto done; 295 goto done;
265 } 296 }
266 *pval = (ASN1_VALUE *)skval; 297 *pval = (ASN1_VALUE *)skval;
267 ret = 1; 298 ret = 1;
268 goto done; 299 goto done;
269 } 300 }
270 /* Otherwise pass it back to the item routine */ 301 /* Otherwise pass it back to the item routine */
271 ret = asn1_item_ex_combine_new(pval, it, tt->flags & ASN1_TFLG_COMBINE); 302 ret = asn1_item_ex_combine_new(pval, it, tt->flags & ASN1_TFLG_COMBINE);
272 done: 303 done:
273#ifdef CRYPTO_MDEBUG 304#ifdef CRYPTO_MDEBUG
274 if(it->sname) CRYPTO_pop_info(); 305 if (it->sname)
306 CRYPTO_pop_info();
275#endif 307#endif
276 return ret; 308 return ret;
277} 309 }
278 310
279static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) 311static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
280{ 312 {
281 /* If ADB or STACK just NULL the field */ 313 /* If ADB or STACK just NULL the field */
282 if(tt->flags & (ASN1_TFLG_ADB_MASK|ASN1_TFLG_SK_MASK)) 314 if (tt->flags & (ASN1_TFLG_ADB_MASK|ASN1_TFLG_SK_MASK))
283 *pval = NULL; 315 *pval = NULL;
284 else 316 else
285 asn1_item_clear(pval, ASN1_ITEM_ptr(tt->item)); 317 asn1_item_clear(pval, ASN1_ITEM_ptr(tt->item));
286} 318 }
287 319
288 320
289/* NB: could probably combine most of the real XXX_new() behaviour and junk all the old 321/* NB: could probably combine most of the real XXX_new() behaviour and junk
290 * functions. 322 * all the old functions.
291 */ 323 */
292 324
293int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it) 325int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
294{ 326 {
295 ASN1_TYPE *typ; 327 ASN1_TYPE *typ;
296 int utype; 328 int utype;
297 const ASN1_PRIMITIVE_FUNCS *pf; 329
298 pf = it->funcs; 330 if (it && it->funcs)
299 if(pf && pf->prim_new) return pf->prim_new(pval, it); 331 {
300 if(!it || (it->itype == ASN1_ITYPE_MSTRING)) utype = -1; 332 const ASN1_PRIMITIVE_FUNCS *pf = it->funcs;
301 else utype = it->utype; 333 if (pf->prim_new)
302 switch(utype) { 334 return pf->prim_new(pval, it);
335 }
336
337 if (!it || (it->itype == ASN1_ITYPE_MSTRING))
338 utype = -1;
339 else
340 utype = it->utype;
341 switch(utype)
342 {
303 case V_ASN1_OBJECT: 343 case V_ASN1_OBJECT:
304 *pval = (ASN1_VALUE *)OBJ_nid2obj(NID_undef); 344 *pval = (ASN1_VALUE *)OBJ_nid2obj(NID_undef);
305 return 1; 345 return 1;
@@ -317,7 +357,8 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
317 357
318 case V_ASN1_ANY: 358 case V_ASN1_ANY:
319 typ = OPENSSL_malloc(sizeof(ASN1_TYPE)); 359 typ = OPENSSL_malloc(sizeof(ASN1_TYPE));
320 if(!typ) return 0; 360 if (!typ)
361 return 0;
321 typ->value.ptr = NULL; 362 typ->value.ptr = NULL;
322 typ->type = -1; 363 typ->type = -1;
323 *pval = (ASN1_VALUE *)typ; 364 *pval = (ASN1_VALUE *)typ;
@@ -326,26 +367,29 @@ int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
326 default: 367 default:
327 *pval = (ASN1_VALUE *)ASN1_STRING_type_new(utype); 368 *pval = (ASN1_VALUE *)ASN1_STRING_type_new(utype);
328 break; 369 break;
329 } 370 }
330 if(*pval) return 1; 371 if (*pval)
372 return 1;
331 return 0; 373 return 0;
332} 374 }
333 375
334void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) 376void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
335{ 377 {
336 int utype; 378 int utype;
337 const ASN1_PRIMITIVE_FUNCS *pf; 379 if (it && it->funcs)
338 pf = it->funcs; 380 {
339 if(pf) { 381 const ASN1_PRIMITIVE_FUNCS *pf = it->funcs;
340 if(pf->prim_clear) 382 if (pf->prim_clear)
341 pf->prim_clear(pval, it); 383 pf->prim_clear(pval, it);
342 else 384 else
343 *pval = NULL; 385 *pval = NULL;
344 return; 386 return;
345 } 387 }
346 if(!it || (it->itype == ASN1_ITYPE_MSTRING)) utype = -1; 388 if (!it || (it->itype == ASN1_ITYPE_MSTRING))
347 else utype = it->utype; 389 utype = -1;
348 if(utype == V_ASN1_BOOLEAN) 390 else
391 utype = it->utype;
392 if (utype == V_ASN1_BOOLEAN)
349 *(ASN1_BOOLEAN *)pval = it->size; 393 *(ASN1_BOOLEAN *)pval = it->size;
350 else *pval = NULL; 394 else *pval = NULL;
351} 395 }
diff --git a/src/lib/libcrypto/asn1/tasn_typ.c b/src/lib/libcrypto/asn1/tasn_typ.c
index 804d2eeba2..6f17f1bec7 100644
--- a/src/lib/libcrypto/asn1/tasn_typ.c
+++ b/src/lib/libcrypto/asn1/tasn_typ.c
@@ -131,3 +131,7 @@ IMPLEMENT_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING)
131IMPLEMENT_ASN1_TYPE_ex(ASN1_BOOLEAN, ASN1_BOOLEAN, -1) 131IMPLEMENT_ASN1_TYPE_ex(ASN1_BOOLEAN, ASN1_BOOLEAN, -1)
132IMPLEMENT_ASN1_TYPE_ex(ASN1_TBOOLEAN, ASN1_BOOLEAN, 1) 132IMPLEMENT_ASN1_TYPE_ex(ASN1_TBOOLEAN, ASN1_BOOLEAN, 1)
133IMPLEMENT_ASN1_TYPE_ex(ASN1_FBOOLEAN, ASN1_BOOLEAN, 0) 133IMPLEMENT_ASN1_TYPE_ex(ASN1_FBOOLEAN, ASN1_BOOLEAN, 0)
134
135/* Special, OCTET STRING with indefinite length constructed support */
136
137IMPLEMENT_ASN1_TYPE_ex(ASN1_OCTET_STRING_NDEF, ASN1_OCTET_STRING, ASN1_TFLG_NDEF)
diff --git a/src/lib/libcrypto/asn1/tasn_utl.c b/src/lib/libcrypto/asn1/tasn_utl.c
index 8996ce8c13..34d520b180 100644
--- a/src/lib/libcrypto/asn1/tasn_utl.c
+++ b/src/lib/libcrypto/asn1/tasn_utl.c
@@ -3,7 +3,7 @@
3 * project 2000. 3 * project 2000.
4 */ 4 */
5/* ==================================================================== 5/* ====================================================================
6 * Copyright (c) 2000 The OpenSSL Project. All rights reserved. 6 * Copyright (c) 2000-2004 The OpenSSL Project. All rights reserved.
7 * 7 *
8 * Redistribution and use in source and binary forms, with or without 8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions 9 * modification, are permitted provided that the following conditions
@@ -74,23 +74,23 @@
74 */ 74 */
75 75
76int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it) 76int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it)
77{ 77 {
78 int *sel = offset2ptr(*pval, it->utype); 78 int *sel = offset2ptr(*pval, it->utype);
79 return *sel; 79 return *sel;
80} 80 }
81 81
82/* Given an ASN1_ITEM CHOICE type set 82/* Given an ASN1_ITEM CHOICE type set
83 * the selector value, return old value. 83 * the selector value, return old value.
84 */ 84 */
85 85
86int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it) 86int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it)
87{ 87 {
88 int *sel, ret; 88 int *sel, ret;
89 sel = offset2ptr(*pval, it->utype); 89 sel = offset2ptr(*pval, it->utype);
90 ret = *sel; 90 ret = *sel;
91 *sel = value; 91 *sel = value;
92 return ret; 92 return ret;
93} 93 }
94 94
95/* Do reference counting. The value 'op' decides what to do. 95/* Do reference counting. The value 'op' decides what to do.
96 * if it is +1 then the count is incremented. If op is 0 count is 96 * if it is +1 then the count is incremented. If op is 0 count is
@@ -99,114 +99,134 @@ int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it)
99 */ 99 */
100 100
101int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it) 101int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it)
102{ 102 {
103 const ASN1_AUX *aux; 103 const ASN1_AUX *aux;
104 int *lck, ret; 104 int *lck, ret;
105 if(it->itype != ASN1_ITYPE_SEQUENCE) return 0; 105 if ((it->itype != ASN1_ITYPE_SEQUENCE)
106 && (it->itype != ASN1_ITYPE_NDEF_SEQUENCE))
107 return 0;
106 aux = it->funcs; 108 aux = it->funcs;
107 if(!aux || !(aux->flags & ASN1_AFLG_REFCOUNT)) return 0; 109 if (!aux || !(aux->flags & ASN1_AFLG_REFCOUNT))
110 return 0;
108 lck = offset2ptr(*pval, aux->ref_offset); 111 lck = offset2ptr(*pval, aux->ref_offset);
109 if(op == 0) { 112 if (op == 0)
113 {
110 *lck = 1; 114 *lck = 1;
111 return 1; 115 return 1;
112 } 116 }
113 ret = CRYPTO_add(lck, op, aux->ref_lock); 117 ret = CRYPTO_add(lck, op, aux->ref_lock);
114#ifdef REF_PRINT 118#ifdef REF_PRINT
115 fprintf(stderr, "%s: Reference Count: %d\n", it->sname, *lck); 119 fprintf(stderr, "%s: Reference Count: %d\n", it->sname, *lck);
116#endif 120#endif
117#ifdef REF_CHECK 121#ifdef REF_CHECK
118 if(ret < 0) 122 if (ret < 0)
119 fprintf(stderr, "%s, bad reference count\n", it->sname); 123 fprintf(stderr, "%s, bad reference count\n", it->sname);
120#endif 124#endif
121 return ret; 125 return ret;
122} 126 }
123 127
124static ASN1_ENCODING *asn1_get_enc_ptr(ASN1_VALUE **pval, const ASN1_ITEM *it) 128static ASN1_ENCODING *asn1_get_enc_ptr(ASN1_VALUE **pval, const ASN1_ITEM *it)
125{ 129 {
126 const ASN1_AUX *aux; 130 const ASN1_AUX *aux;
127 if(!pval || !*pval) return NULL; 131 if (!pval || !*pval)
132 return NULL;
128 aux = it->funcs; 133 aux = it->funcs;
129 if(!aux || !(aux->flags & ASN1_AFLG_ENCODING)) return NULL; 134 if (!aux || !(aux->flags & ASN1_AFLG_ENCODING))
135 return NULL;
130 return offset2ptr(*pval, aux->enc_offset); 136 return offset2ptr(*pval, aux->enc_offset);
131} 137 }
132 138
133void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it) 139void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it)
134{ 140 {
135 ASN1_ENCODING *enc; 141 ASN1_ENCODING *enc;
136 enc = asn1_get_enc_ptr(pval, it); 142 enc = asn1_get_enc_ptr(pval, it);
137 if(enc) { 143 if (enc)
144 {
138 enc->enc = NULL; 145 enc->enc = NULL;
139 enc->len = 0; 146 enc->len = 0;
140 enc->modified = 1; 147 enc->modified = 1;
148 }
141 } 149 }
142}
143 150
144void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it) 151void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
145{ 152 {
146 ASN1_ENCODING *enc; 153 ASN1_ENCODING *enc;
147 enc = asn1_get_enc_ptr(pval, it); 154 enc = asn1_get_enc_ptr(pval, it);
148 if(enc) { 155 if (enc)
149 if(enc->enc) OPENSSL_free(enc->enc); 156 {
157 if (enc->enc)
158 OPENSSL_free(enc->enc);
150 enc->enc = NULL; 159 enc->enc = NULL;
151 enc->len = 0; 160 enc->len = 0;
152 enc->modified = 1; 161 enc->modified = 1;
162 }
153 } 163 }
154}
155 164
156int asn1_enc_save(ASN1_VALUE **pval, unsigned char *in, int inlen, const ASN1_ITEM *it) 165int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen,
157{ 166 const ASN1_ITEM *it)
167 {
158 ASN1_ENCODING *enc; 168 ASN1_ENCODING *enc;
159 enc = asn1_get_enc_ptr(pval, it); 169 enc = asn1_get_enc_ptr(pval, it);
160 if(!enc) return 1; 170 if (!enc)
171 return 1;
161 172
162 if(enc->enc) OPENSSL_free(enc->enc); 173 if (enc->enc)
174 OPENSSL_free(enc->enc);
163 enc->enc = OPENSSL_malloc(inlen); 175 enc->enc = OPENSSL_malloc(inlen);
164 if(!enc->enc) return 0; 176 if (!enc->enc)
177 return 0;
165 memcpy(enc->enc, in, inlen); 178 memcpy(enc->enc, in, inlen);
166 enc->len = inlen; 179 enc->len = inlen;
167 enc->modified = 0; 180 enc->modified = 0;
168 181
169 return 1; 182 return 1;
170} 183 }
171 184
172int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it) 185int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval,
173{ 186 const ASN1_ITEM *it)
187 {
174 ASN1_ENCODING *enc; 188 ASN1_ENCODING *enc;
175 enc = asn1_get_enc_ptr(pval, it); 189 enc = asn1_get_enc_ptr(pval, it);
176 if(!enc || enc->modified) return 0; 190 if (!enc || enc->modified)
177 if(out) { 191 return 0;
192 if (out)
193 {
178 memcpy(*out, enc->enc, enc->len); 194 memcpy(*out, enc->enc, enc->len);
179 *out += enc->len; 195 *out += enc->len;
180 } 196 }
181 if(len) *len = enc->len; 197 if (len)
198 *len = enc->len;
182 return 1; 199 return 1;
183} 200 }
184 201
185/* Given an ASN1_TEMPLATE get a pointer to a field */ 202/* Given an ASN1_TEMPLATE get a pointer to a field */
186ASN1_VALUE ** asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) 203ASN1_VALUE ** asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
187{ 204 {
188 ASN1_VALUE **pvaltmp; 205 ASN1_VALUE **pvaltmp;
189 if(tt->flags & ASN1_TFLG_COMBINE) return pval; 206 if (tt->flags & ASN1_TFLG_COMBINE)
207 return pval;
190 pvaltmp = offset2ptr(*pval, tt->offset); 208 pvaltmp = offset2ptr(*pval, tt->offset);
191 /* NOTE for BOOLEAN types the field is just a plain 209 /* NOTE for BOOLEAN types the field is just a plain
192 * int so we can't return int **, so settle for 210 * int so we can't return int **, so settle for
193 * (int *). 211 * (int *).
194 */ 212 */
195 return pvaltmp; 213 return pvaltmp;
196} 214 }
197 215
198/* Handle ANY DEFINED BY template, find the selector, look up 216/* Handle ANY DEFINED BY template, find the selector, look up
199 * the relevant ASN1_TEMPLATE in the table and return it. 217 * the relevant ASN1_TEMPLATE in the table and return it.
200 */ 218 */
201 219
202const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr) 220const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt,
203{ 221 int nullerr)
222 {
204 const ASN1_ADB *adb; 223 const ASN1_ADB *adb;
205 const ASN1_ADB_TABLE *atbl; 224 const ASN1_ADB_TABLE *atbl;
206 long selector; 225 long selector;
207 ASN1_VALUE **sfld; 226 ASN1_VALUE **sfld;
208 int i; 227 int i;
209 if(!(tt->flags & ASN1_TFLG_ADB_MASK)) return tt; 228 if (!(tt->flags & ASN1_TFLG_ADB_MASK))
229 return tt;
210 230
211 /* Else ANY DEFINED BY ... get the table */ 231 /* Else ANY DEFINED BY ... get the table */
212 adb = ASN1_ADB_ptr(tt->item); 232 adb = ASN1_ADB_ptr(tt->item);
@@ -215,16 +235,18 @@ const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int
215 sfld = offset2ptr(*pval, adb->offset); 235 sfld = offset2ptr(*pval, adb->offset);
216 236
217 /* Check if NULL */ 237 /* Check if NULL */
218 if(!sfld) { 238 if (!sfld)
219 if(!adb->null_tt) goto err; 239 {
240 if (!adb->null_tt)
241 goto err;
220 return adb->null_tt; 242 return adb->null_tt;
221 } 243 }
222 244
223 /* Convert type to a long: 245 /* Convert type to a long:
224 * NB: don't check for NID_undef here because it 246 * NB: don't check for NID_undef here because it
225 * might be a legitimate value in the table 247 * might be a legitimate value in the table
226 */ 248 */
227 if(tt->flags & ASN1_TFLG_ADB_OID) 249 if (tt->flags & ASN1_TFLG_ADB_OID)
228 selector = OBJ_obj2nid((ASN1_OBJECT *)*sfld); 250 selector = OBJ_obj2nid((ASN1_OBJECT *)*sfld);
229 else 251 else
230 selector = ASN1_INTEGER_get((ASN1_INTEGER *)*sfld); 252 selector = ASN1_INTEGER_get((ASN1_INTEGER *)*sfld);
@@ -237,17 +259,21 @@ const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int
237 * linear search. 259 * linear search.
238 */ 260 */
239 261
240 for(atbl = adb->tbl, i = 0; i < adb->tblcount; i++, atbl++) 262 for (atbl = adb->tbl, i = 0; i < adb->tblcount; i++, atbl++)
241 if(atbl->value == selector) return &atbl->tt; 263 if (atbl->value == selector)
264 return &atbl->tt;
242 265
243 /* FIXME: need to search application table too */ 266 /* FIXME: need to search application table too */
244 267
245 /* No match, return default type */ 268 /* No match, return default type */
246 if(!adb->default_tt) goto err; 269 if (!adb->default_tt)
270 goto err;
247 return adb->default_tt; 271 return adb->default_tt;
248 272
249 err: 273 err:
250 /* FIXME: should log the value or OID of unsupported type */ 274 /* FIXME: should log the value or OID of unsupported type */
251 if(nullerr) ASN1err(ASN1_F_ASN1_DO_ADB, ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE); 275 if (nullerr)
276 ASN1err(ASN1_F_ASN1_DO_ADB,
277 ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE);
252 return NULL; 278 return NULL;
253} 279 }
diff --git a/src/lib/libcrypto/asn1/x_algor.c b/src/lib/libcrypto/asn1/x_algor.c
index 00b9ea54a1..33533aba86 100644
--- a/src/lib/libcrypto/asn1/x_algor.c
+++ b/src/lib/libcrypto/asn1/x_algor.c
@@ -66,8 +66,65 @@ ASN1_SEQUENCE(X509_ALGOR) = {
66 ASN1_OPT(X509_ALGOR, parameter, ASN1_ANY) 66 ASN1_OPT(X509_ALGOR, parameter, ASN1_ANY)
67} ASN1_SEQUENCE_END(X509_ALGOR) 67} ASN1_SEQUENCE_END(X509_ALGOR)
68 68
69ASN1_ITEM_TEMPLATE(X509_ALGORS) =
70 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, algorithms, X509_ALGOR)
71ASN1_ITEM_TEMPLATE_END(X509_ALGORS)
72
69IMPLEMENT_ASN1_FUNCTIONS(X509_ALGOR) 73IMPLEMENT_ASN1_FUNCTIONS(X509_ALGOR)
74IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(X509_ALGORS, X509_ALGORS, X509_ALGORS)
70IMPLEMENT_ASN1_DUP_FUNCTION(X509_ALGOR) 75IMPLEMENT_ASN1_DUP_FUNCTION(X509_ALGOR)
71 76
72IMPLEMENT_STACK_OF(X509_ALGOR) 77IMPLEMENT_STACK_OF(X509_ALGOR)
73IMPLEMENT_ASN1_SET_OF(X509_ALGOR) 78IMPLEMENT_ASN1_SET_OF(X509_ALGOR)
79
80int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval)
81 {
82 if (!alg)
83 return 0;
84 if (ptype != V_ASN1_UNDEF)
85 {
86 if (alg->parameter == NULL)
87 alg->parameter = ASN1_TYPE_new();
88 if (alg->parameter == NULL)
89 return 0;
90 }
91 if (alg)
92 {
93 if (alg->algorithm)
94 ASN1_OBJECT_free(alg->algorithm);
95 alg->algorithm = aobj;
96 }
97 if (ptype == 0)
98 return 1;
99 if (ptype == V_ASN1_UNDEF)
100 {
101 if (alg->parameter)
102 {
103 ASN1_TYPE_free(alg->parameter);
104 alg->parameter = NULL;
105 }
106 }
107 else
108 ASN1_TYPE_set(alg->parameter, ptype, pval);
109 return 1;
110 }
111
112void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
113 X509_ALGOR *algor)
114 {
115 if (paobj)
116 *paobj = algor->algorithm;
117 if (pptype)
118 {
119 if (algor->parameter == NULL)
120 {
121 *pptype = V_ASN1_UNDEF;
122 return;
123 }
124 else
125 *pptype = algor->parameter->type;
126 if (ppval)
127 *ppval = algor->parameter->value.ptr;
128 }
129 }
130
diff --git a/src/lib/libcrypto/asn1/x_bignum.c b/src/lib/libcrypto/asn1/x_bignum.c
index 848c7a0877..869c05d931 100644
--- a/src/lib/libcrypto/asn1/x_bignum.c
+++ b/src/lib/libcrypto/asn1/x_bignum.c
@@ -59,6 +59,7 @@
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/asn1t.h> 61#include <openssl/asn1t.h>
62#include <openssl/bn.h>
62 63
63/* Custom primitive type for BIGNUM handling. This reads in an ASN1_INTEGER as a 64/* Custom primitive type for BIGNUM handling. This reads in an ASN1_INTEGER as a
64 * BIGNUM directly. Currently it ignores the sign which isn't a problem since all 65 * BIGNUM directly. Currently it ignores the sign which isn't a problem since all
@@ -72,7 +73,7 @@ static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
72static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it); 73static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
73 74
74static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); 75static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
75static int bn_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); 76static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
76 77
77static ASN1_PRIMITIVE_FUNCS bignum_pf = { 78static ASN1_PRIMITIVE_FUNCS bignum_pf = {
78 NULL, 0, 79 NULL, 0,
@@ -122,7 +123,8 @@ static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN
122 return pad + BN_num_bytes(bn); 123 return pad + BN_num_bytes(bn);
123} 124}
124 125
125static int bn_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it) 126static int bn_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
127 int utype, char *free_cont, const ASN1_ITEM *it)
126{ 128{
127 BIGNUM *bn; 129 BIGNUM *bn;
128 if(!*pval) bn_new(pval, it); 130 if(!*pval) bn_new(pval, it);
diff --git a/src/lib/libcrypto/asn1/x_crl.c b/src/lib/libcrypto/asn1/x_crl.c
index b99f8fc522..70d56a67f2 100644
--- a/src/lib/libcrypto/asn1/x_crl.c
+++ b/src/lib/libcrypto/asn1/x_crl.c
@@ -84,7 +84,7 @@ static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
84 * would affect the output of X509_CRL_print(). 84 * would affect the output of X509_CRL_print().
85 */ 85 */
86 case ASN1_OP_D2I_POST: 86 case ASN1_OP_D2I_POST:
87 sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_cmp); 87 (void)sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_cmp);
88 break; 88 break;
89 } 89 }
90 return 1; 90 return 1;
diff --git a/src/lib/libcrypto/asn1/x_exten.c b/src/lib/libcrypto/asn1/x_exten.c
index 702421b6c8..1732e66712 100644
--- a/src/lib/libcrypto/asn1/x_exten.c
+++ b/src/lib/libcrypto/asn1/x_exten.c
@@ -67,5 +67,10 @@ ASN1_SEQUENCE(X509_EXTENSION) = {
67 ASN1_SIMPLE(X509_EXTENSION, value, ASN1_OCTET_STRING) 67 ASN1_SIMPLE(X509_EXTENSION, value, ASN1_OCTET_STRING)
68} ASN1_SEQUENCE_END(X509_EXTENSION) 68} ASN1_SEQUENCE_END(X509_EXTENSION)
69 69
70ASN1_ITEM_TEMPLATE(X509_EXTENSIONS) =
71 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Extension, X509_EXTENSION)
72ASN1_ITEM_TEMPLATE_END(X509_EXTENSIONS)
73
70IMPLEMENT_ASN1_FUNCTIONS(X509_EXTENSION) 74IMPLEMENT_ASN1_FUNCTIONS(X509_EXTENSION)
75IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS)
71IMPLEMENT_ASN1_DUP_FUNCTION(X509_EXTENSION) 76IMPLEMENT_ASN1_DUP_FUNCTION(X509_EXTENSION)
diff --git a/src/lib/libcrypto/asn1/x_long.c b/src/lib/libcrypto/asn1/x_long.c
index c5f25956cb..0db233cb95 100644
--- a/src/lib/libcrypto/asn1/x_long.c
+++ b/src/lib/libcrypto/asn1/x_long.c
@@ -59,6 +59,7 @@
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/asn1t.h> 61#include <openssl/asn1t.h>
62#include <openssl/bn.h>
62 63
63/* Custom primitive type for long handling. This converts between an ASN1_INTEGER 64/* Custom primitive type for long handling. This converts between an ASN1_INTEGER
64 * and a long directly. 65 * and a long directly.
@@ -69,7 +70,7 @@ static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
69static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it); 70static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
70 71
71static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); 72static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
72static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); 73static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
73 74
74static ASN1_PRIMITIVE_FUNCS long_pf = { 75static ASN1_PRIMITIVE_FUNCS long_pf = {
75 NULL, 0, 76 NULL, 0,
@@ -136,13 +137,14 @@ static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const A
136 return clen + pad; 137 return clen + pad;
137} 138}
138 139
139static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it) 140static int long_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len,
141 int utype, char *free_cont, const ASN1_ITEM *it)
140{ 142{
141 int neg, i; 143 int neg, i;
142 long ltmp; 144 long ltmp;
143 unsigned long utmp = 0; 145 unsigned long utmp = 0;
144 char *cp = (char *)pval; 146 char *cp = (char *)pval;
145 if(len > sizeof(long)) { 147 if(len > (int)sizeof(long)) {
146 ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); 148 ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
147 return 0; 149 return 0;
148 } 150 }
diff --git a/src/lib/libcrypto/asn1/x_name.c b/src/lib/libcrypto/asn1/x_name.c
index 31f3377b64..04380abc3f 100644
--- a/src/lib/libcrypto/asn1/x_name.c
+++ b/src/lib/libcrypto/asn1/x_name.c
@@ -61,7 +61,7 @@
61#include <openssl/asn1t.h> 61#include <openssl/asn1t.h>
62#include <openssl/x509.h> 62#include <openssl/x509.h>
63 63
64static int x509_name_ex_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it, 64static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it,
65 int tag, int aclass, char opt, ASN1_TLC *ctx); 65 int tag, int aclass, char opt, ASN1_TLC *ctx);
66 66
67static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); 67static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
@@ -123,7 +123,7 @@ static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it)
123 return 1; 123 return 1;
124 124
125 memerr: 125 memerr:
126 ASN1err(ASN1_F_X509_NAME_NEW, ERR_R_MALLOC_FAILURE); 126 ASN1err(ASN1_F_X509_NAME_EX_NEW, ERR_R_MALLOC_FAILURE);
127 if (ret) 127 if (ret)
128 { 128 {
129 if (ret->entries) 129 if (ret->entries)
@@ -156,48 +156,48 @@ static void sk_internal_free(void *a)
156 sk_free(a); 156 sk_free(a);
157} 157}
158 158
159static int x509_name_ex_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it, 159static int x509_name_ex_d2i(ASN1_VALUE **val, const unsigned char **in, long len, const ASN1_ITEM *it,
160 int tag, int aclass, char opt, ASN1_TLC *ctx) 160 int tag, int aclass, char opt, ASN1_TLC *ctx)
161{ 161{
162 unsigned char *p = *in, *q; 162 const unsigned char *p = *in, *q;
163 STACK *intname = NULL, **intname_pp = &intname; 163 union { STACK *s; ASN1_VALUE *a; } intname = {NULL};
164 union { X509_NAME *x; ASN1_VALUE *a; } nm = {NULL};
164 int i, j, ret; 165 int i, j, ret;
165 X509_NAME *nm = NULL, **nm_pp = &nm;
166 STACK_OF(X509_NAME_ENTRY) *entries; 166 STACK_OF(X509_NAME_ENTRY) *entries;
167 X509_NAME_ENTRY *entry; 167 X509_NAME_ENTRY *entry;
168 q = p; 168 q = p;
169 169
170 /* Get internal representation of Name */ 170 /* Get internal representation of Name */
171 ret = ASN1_item_ex_d2i((ASN1_VALUE **)intname_pp, 171 ret = ASN1_item_ex_d2i(&intname.a,
172 &p, len, ASN1_ITEM_rptr(X509_NAME_INTERNAL), 172 &p, len, ASN1_ITEM_rptr(X509_NAME_INTERNAL),
173 tag, aclass, opt, ctx); 173 tag, aclass, opt, ctx);
174 174
175 if(ret <= 0) return ret; 175 if(ret <= 0) return ret;
176 176
177 if(*val) x509_name_ex_free(val, NULL); 177 if(*val) x509_name_ex_free(val, NULL);
178 if(!x509_name_ex_new((ASN1_VALUE **)nm_pp, NULL)) goto err; 178 if(!x509_name_ex_new(&nm.a, NULL)) goto err;
179 /* We've decoded it: now cache encoding */ 179 /* We've decoded it: now cache encoding */
180 if(!BUF_MEM_grow(nm->bytes, p - q)) goto err; 180 if(!BUF_MEM_grow(nm.x->bytes, p - q)) goto err;
181 memcpy(nm->bytes->data, q, p - q); 181 memcpy(nm.x->bytes->data, q, p - q);
182 182
183 /* Convert internal representation to X509_NAME structure */ 183 /* Convert internal representation to X509_NAME structure */
184 for(i = 0; i < sk_num(intname); i++) { 184 for(i = 0; i < sk_num(intname.s); i++) {
185 entries = (STACK_OF(X509_NAME_ENTRY) *)sk_value(intname, i); 185 entries = (STACK_OF(X509_NAME_ENTRY) *)sk_value(intname.s, i);
186 for(j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) { 186 for(j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) {
187 entry = sk_X509_NAME_ENTRY_value(entries, j); 187 entry = sk_X509_NAME_ENTRY_value(entries, j);
188 entry->set = i; 188 entry->set = i;
189 if(!sk_X509_NAME_ENTRY_push(nm->entries, entry)) 189 if(!sk_X509_NAME_ENTRY_push(nm.x->entries, entry))
190 goto err; 190 goto err;
191 } 191 }
192 sk_X509_NAME_ENTRY_free(entries); 192 sk_X509_NAME_ENTRY_free(entries);
193 } 193 }
194 sk_free(intname); 194 sk_free(intname.s);
195 nm->modified = 0; 195 nm.x->modified = 0;
196 *val = (ASN1_VALUE *)nm; 196 *val = nm.a;
197 *in = p; 197 *in = p;
198 return ret; 198 return ret;
199 err: 199 err:
200 ASN1err(ASN1_F_D2I_X509_NAME, ERR_R_NESTED_ASN1_ERROR); 200 ASN1err(ASN1_F_X509_NAME_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
201 return 0; 201 return 0;
202} 202}
203 203
@@ -219,36 +219,36 @@ static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_IT
219 219
220static int x509_name_encode(X509_NAME *a) 220static int x509_name_encode(X509_NAME *a)
221{ 221{
222 STACK *intname = NULL, **intname_pp = &intname; 222 union { STACK *s; ASN1_VALUE *a; } intname = {NULL};
223 int len; 223 int len;
224 unsigned char *p; 224 unsigned char *p;
225 STACK_OF(X509_NAME_ENTRY) *entries = NULL; 225 STACK_OF(X509_NAME_ENTRY) *entries = NULL;
226 X509_NAME_ENTRY *entry; 226 X509_NAME_ENTRY *entry;
227 int i, set = -1; 227 int i, set = -1;
228 intname = sk_new_null(); 228 intname.s = sk_new_null();
229 if(!intname) goto memerr; 229 if(!intname.s) goto memerr;
230 for(i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) { 230 for(i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
231 entry = sk_X509_NAME_ENTRY_value(a->entries, i); 231 entry = sk_X509_NAME_ENTRY_value(a->entries, i);
232 if(entry->set != set) { 232 if(entry->set != set) {
233 entries = sk_X509_NAME_ENTRY_new_null(); 233 entries = sk_X509_NAME_ENTRY_new_null();
234 if(!entries) goto memerr; 234 if(!entries) goto memerr;
235 if(!sk_push(intname, (char *)entries)) goto memerr; 235 if(!sk_push(intname.s, (char *)entries)) goto memerr;
236 set = entry->set; 236 set = entry->set;
237 } 237 }
238 if(!sk_X509_NAME_ENTRY_push(entries, entry)) goto memerr; 238 if(!sk_X509_NAME_ENTRY_push(entries, entry)) goto memerr;
239 } 239 }
240 len = ASN1_item_ex_i2d((ASN1_VALUE **)intname_pp, NULL, 240 len = ASN1_item_ex_i2d(&intname.a, NULL,
241 ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1); 241 ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
242 if (!BUF_MEM_grow(a->bytes,len)) goto memerr; 242 if (!BUF_MEM_grow(a->bytes,len)) goto memerr;
243 p=(unsigned char *)a->bytes->data; 243 p=(unsigned char *)a->bytes->data;
244 ASN1_item_ex_i2d((ASN1_VALUE **)intname_pp, 244 ASN1_item_ex_i2d(&intname.a,
245 &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1); 245 &p, ASN1_ITEM_rptr(X509_NAME_INTERNAL), -1, -1);
246 sk_pop_free(intname, sk_internal_free); 246 sk_pop_free(intname.s, sk_internal_free);
247 a->modified = 0; 247 a->modified = 0;
248 return len; 248 return len;
249 memerr: 249 memerr:
250 sk_pop_free(intname, sk_internal_free); 250 sk_pop_free(intname.s, sk_internal_free);
251 ASN1err(ASN1_F_D2I_X509_NAME, ERR_R_MALLOC_FAILURE); 251 ASN1err(ASN1_F_X509_NAME_ENCODE, ERR_R_MALLOC_FAILURE);
252 return -1; 252 return -1;
253} 253}
254 254
diff --git a/src/lib/libcrypto/asn1/x_pkey.c b/src/lib/libcrypto/asn1/x_pkey.c
index f1c6221ac3..8453618426 100644
--- a/src/lib/libcrypto/asn1/x_pkey.c
+++ b/src/lib/libcrypto/asn1/x_pkey.c
@@ -69,15 +69,15 @@ int i2d_X509_PKEY(X509_PKEY *a, unsigned char **pp)
69 return(0); 69 return(0);
70 } 70 }
71 71
72X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, unsigned char **pp, long length) 72X509_PKEY *d2i_X509_PKEY(X509_PKEY **a, const unsigned char **pp, long length)
73 { 73 {
74 int i; 74 int i;
75 M_ASN1_D2I_vars(a,X509_PKEY *,X509_PKEY_new); 75 M_ASN1_D2I_vars(a,X509_PKEY *,X509_PKEY_new);
76 76
77 M_ASN1_D2I_Init(); 77 M_ASN1_D2I_Init();
78 M_ASN1_D2I_start_sequence(); 78 M_ASN1_D2I_start_sequence();
79 M_ASN1_D2I_get(ret->enc_algor,d2i_X509_ALGOR); 79 M_ASN1_D2I_get_x(X509_ALGOR,ret->enc_algor,d2i_X509_ALGOR);
80 M_ASN1_D2I_get(ret->enc_pkey,d2i_ASN1_OCTET_STRING); 80 M_ASN1_D2I_get_x(ASN1_OCTET_STRING,ret->enc_pkey,d2i_ASN1_OCTET_STRING);
81 81
82 ret->cipher.cipher=EVP_get_cipherbyname( 82 ret->cipher.cipher=EVP_get_cipherbyname(
83 OBJ_nid2ln(OBJ_obj2nid(ret->enc_algor->algorithm))); 83 OBJ_nid2ln(OBJ_obj2nid(ret->enc_algor->algorithm)));
diff --git a/src/lib/libcrypto/asn1/x_pubkey.c b/src/lib/libcrypto/asn1/x_pubkey.c
index 7d6d71af88..91c2756116 100644
--- a/src/lib/libcrypto/asn1/x_pubkey.c
+++ b/src/lib/libcrypto/asn1/x_pubkey.c
@@ -60,16 +60,23 @@
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include <openssl/asn1t.h> 61#include <openssl/asn1t.h>
62#include <openssl/x509.h> 62#include <openssl/x509.h>
63#ifndef OPENSSL_NO_RSA
64#include <openssl/rsa.h>
65#endif
66#ifndef OPENSSL_NO_DSA
67#include <openssl/dsa.h>
68#endif
63 69
64/* Minor tweak to operation: free up EVP_PKEY */ 70/* Minor tweak to operation: free up EVP_PKEY */
65static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) 71static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
66{ 72 {
67 if(operation == ASN1_OP_FREE_POST) { 73 if (operation == ASN1_OP_FREE_POST)
74 {
68 X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval; 75 X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
69 EVP_PKEY_free(pubkey->pkey); 76 EVP_PKEY_free(pubkey->pkey);
70 } 77 }
71 return 1; 78 return 1;
72} 79 }
73 80
74ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = { 81ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = {
75 ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR), 82 ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR),
@@ -111,13 +118,12 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
111 a->parameter->type=V_ASN1_NULL; 118 a->parameter->type=V_ASN1_NULL;
112 } 119 }
113 } 120 }
114 else
115#ifndef OPENSSL_NO_DSA 121#ifndef OPENSSL_NO_DSA
116 if (pkey->type == EVP_PKEY_DSA) 122 else if (pkey->type == EVP_PKEY_DSA)
117 { 123 {
118 unsigned char *pp; 124 unsigned char *pp;
119 DSA *dsa; 125 DSA *dsa;
120 126
121 dsa=pkey->pkey.dsa; 127 dsa=pkey->pkey.dsa;
122 dsa->write_params=0; 128 dsa->write_params=0;
123 ASN1_TYPE_free(a->parameter); 129 ASN1_TYPE_free(a->parameter);
@@ -151,8 +157,64 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
151 } 157 }
152 OPENSSL_free(p); 158 OPENSSL_free(p);
153 } 159 }
154 else
155#endif 160#endif
161#ifndef OPENSSL_NO_EC
162 else if (pkey->type == EVP_PKEY_EC)
163 {
164 int nid=0;
165 unsigned char *pp;
166 EC_KEY *ec_key;
167 const EC_GROUP *group;
168
169 ec_key = pkey->pkey.ec;
170 ASN1_TYPE_free(a->parameter);
171
172 if ((a->parameter = ASN1_TYPE_new()) == NULL)
173 {
174 X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB);
175 goto err;
176 }
177
178 group = EC_KEY_get0_group(ec_key);
179 if (EC_GROUP_get_asn1_flag(group)
180 && (nid = EC_GROUP_get_curve_name(group)))
181 {
182 /* just set the OID */
183 a->parameter->type = V_ASN1_OBJECT;
184 a->parameter->value.object = OBJ_nid2obj(nid);
185 }
186 else /* explicit parameters */
187 {
188 if ((i = i2d_ECParameters(ec_key, NULL)) == 0)
189 {
190 X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB);
191 goto err;
192 }
193 if ((p = (unsigned char *) OPENSSL_malloc(i)) == NULL)
194 {
195 X509err(X509_F_X509_PUBKEY_SET, ERR_R_MALLOC_FAILURE);
196 goto err;
197 }
198 pp = p;
199 if (!i2d_ECParameters(ec_key, &pp))
200 {
201 X509err(X509_F_X509_PUBKEY_SET, ERR_R_EC_LIB);
202 OPENSSL_free(p);
203 goto err;
204 }
205 a->parameter->type = V_ASN1_SEQUENCE;
206 if ((a->parameter->value.sequence = ASN1_STRING_new()) == NULL)
207 {
208 X509err(X509_F_X509_PUBKEY_SET, ERR_R_ASN1_LIB);
209 OPENSSL_free(p);
210 goto err;
211 }
212 ASN1_STRING_set(a->parameter->value.sequence, p, i);
213 OPENSSL_free(p);
214 }
215 }
216#endif
217 else if (1)
156 { 218 {
157 X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM); 219 X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM);
158 goto err; 220 goto err;
@@ -171,7 +233,7 @@ int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
171 X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE); 233 X509err(X509_F_X509_PUBKEY_SET,ERR_R_MALLOC_FAILURE);
172 goto err; 234 goto err;
173 } 235 }
174 /* Set number of unused bits to zero */ 236 /* Set number of unused bits to zero */
175 pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07); 237 pk->public_key->flags&= ~(ASN1_STRING_FLAG_BITS_LEFT|0x07);
176 pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT; 238 pk->public_key->flags|=ASN1_STRING_FLAG_BITS_LEFT;
177 239
@@ -198,8 +260,8 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
198 EVP_PKEY *ret=NULL; 260 EVP_PKEY *ret=NULL;
199 long j; 261 long j;
200 int type; 262 int type;
201 unsigned char *p; 263 const unsigned char *p;
202#ifndef OPENSSL_NO_DSA 264#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
203 const unsigned char *cp; 265 const unsigned char *cp;
204 X509_ALGOR *a; 266 X509_ALGOR *a;
205#endif 267#endif
@@ -207,40 +269,106 @@ EVP_PKEY *X509_PUBKEY_get(X509_PUBKEY *key)
207 if (key == NULL) goto err; 269 if (key == NULL) goto err;
208 270
209 if (key->pkey != NULL) 271 if (key->pkey != NULL)
210 { 272 {
211 CRYPTO_add(&key->pkey->references,1,CRYPTO_LOCK_EVP_PKEY); 273 CRYPTO_add(&key->pkey->references, 1, CRYPTO_LOCK_EVP_PKEY);
212 return(key->pkey); 274 return(key->pkey);
213 } 275 }
214 276
215 if (key->public_key == NULL) goto err; 277 if (key->public_key == NULL) goto err;
216 278
217 type=OBJ_obj2nid(key->algor->algorithm); 279 type=OBJ_obj2nid(key->algor->algorithm);
218 p=key->public_key->data; 280 if ((ret = EVP_PKEY_new()) == NULL)
219 j=key->public_key->length;
220 if ((ret=d2i_PublicKey(type,NULL,&p,(long)j)) == NULL)
221 { 281 {
222 X509err(X509_F_X509_PUBKEY_GET,X509_R_ERR_ASN1_LIB); 282 X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
223 goto err; 283 goto err;
224 } 284 }
225 ret->save_parameters=0; 285 ret->type = EVP_PKEY_type(type);
226 286
227#ifndef OPENSSL_NO_DSA 287 /* the parameters must be extracted before the public key (ECDSA!) */
288
289#if !defined(OPENSSL_NO_DSA) || !defined(OPENSSL_NO_ECDSA)
228 a=key->algor; 290 a=key->algor;
229 if (ret->type == EVP_PKEY_DSA) 291#endif
292
293 if (0)
294 ;
295#ifndef OPENSSL_NO_DSA
296 else if (ret->type == EVP_PKEY_DSA)
230 { 297 {
231 if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE)) 298 if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE))
232 { 299 {
300 if ((ret->pkey.dsa = DSA_new()) == NULL)
301 {
302 X509err(X509_F_X509_PUBKEY_GET, ERR_R_MALLOC_FAILURE);
303 goto err;
304 }
233 ret->pkey.dsa->write_params=0; 305 ret->pkey.dsa->write_params=0;
234 cp=p=a->parameter->value.sequence->data; 306 cp=p=a->parameter->value.sequence->data;
235 j=a->parameter->value.sequence->length; 307 j=a->parameter->value.sequence->length;
236 if (!d2i_DSAparams(&ret->pkey.dsa,&cp,(long)j)) 308 if (!d2i_DSAparams(&ret->pkey.dsa, &cp, (long)j))
237 goto err; 309 goto err;
238 } 310 }
239 ret->save_parameters=1; 311 ret->save_parameters=1;
240 } 312 }
241#endif 313#endif
242 key->pkey=ret; 314#ifndef OPENSSL_NO_EC
243 CRYPTO_add(&ret->references,1,CRYPTO_LOCK_EVP_PKEY); 315 else if (ret->type == EVP_PKEY_EC)
316 {
317 if (a->parameter && (a->parameter->type == V_ASN1_SEQUENCE))
318 {
319 /* type == V_ASN1_SEQUENCE => we have explicit parameters
320 * (e.g. parameters in the X9_62_EC_PARAMETERS-structure )
321 */
322 if ((ret->pkey.ec= EC_KEY_new()) == NULL)
323 {
324 X509err(X509_F_X509_PUBKEY_GET,
325 ERR_R_MALLOC_FAILURE);
326 goto err;
327 }
328 cp = p = a->parameter->value.sequence->data;
329 j = a->parameter->value.sequence->length;
330 if (!d2i_ECParameters(&ret->pkey.ec, &cp, (long)j))
331 {
332 X509err(X509_F_X509_PUBKEY_GET, ERR_R_EC_LIB);
333 goto err;
334 }
335 }
336 else if (a->parameter && (a->parameter->type == V_ASN1_OBJECT))
337 {
338 /* type == V_ASN1_OBJECT => the parameters are given
339 * by an asn1 OID
340 */
341 EC_KEY *ec_key;
342 EC_GROUP *group;
343
344 if (ret->pkey.ec == NULL)
345 ret->pkey.ec = EC_KEY_new();
346 ec_key = ret->pkey.ec;
347 if (ec_key == NULL)
348 goto err;
349 group = EC_GROUP_new_by_curve_name(OBJ_obj2nid(a->parameter->value.object));
350 if (group == NULL)
351 goto err;
352 EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE);
353 if (EC_KEY_set_group(ec_key, group) == 0)
354 goto err;
355 EC_GROUP_free(group);
356 }
357 /* the case implicitlyCA is currently not implemented */
358 ret->save_parameters = 1;
359 }
360#endif
361
362 p=key->public_key->data;
363 j=key->public_key->length;
364 if (!d2i_PublicKey(type, &ret, &p, (long)j))
365 {
366 X509err(X509_F_X509_PUBKEY_GET, X509_R_ERR_ASN1_LIB);
367 goto err;
368 }
369
370 key->pkey = ret;
371 CRYPTO_add(&ret->references, 1, CRYPTO_LOCK_EVP_PKEY);
244 return(ret); 372 return(ret);
245err: 373err:
246 if (ret != NULL) 374 if (ret != NULL)
@@ -252,9 +380,9 @@ err:
252 * and encode or decode as X509_PUBKEY 380 * and encode or decode as X509_PUBKEY
253 */ 381 */
254 382
255EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, unsigned char **pp, 383EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, const unsigned char **pp,
256 long length) 384 long length)
257{ 385 {
258 X509_PUBKEY *xpk; 386 X509_PUBKEY *xpk;
259 EVP_PKEY *pktmp; 387 EVP_PKEY *pktmp;
260 xpk = d2i_X509_PUBKEY(NULL, pp, length); 388 xpk = d2i_X509_PUBKEY(NULL, pp, length);
@@ -262,15 +390,16 @@ EVP_PKEY *d2i_PUBKEY(EVP_PKEY **a, unsigned char **pp,
262 pktmp = X509_PUBKEY_get(xpk); 390 pktmp = X509_PUBKEY_get(xpk);
263 X509_PUBKEY_free(xpk); 391 X509_PUBKEY_free(xpk);
264 if(!pktmp) return NULL; 392 if(!pktmp) return NULL;
265 if(a) { 393 if(a)
394 {
266 EVP_PKEY_free(*a); 395 EVP_PKEY_free(*a);
267 *a = pktmp; 396 *a = pktmp;
268 } 397 }
269 return pktmp; 398 return pktmp;
270} 399 }
271 400
272int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp) 401int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp)
273{ 402 {
274 X509_PUBKEY *xpk=NULL; 403 X509_PUBKEY *xpk=NULL;
275 int ret; 404 int ret;
276 if(!a) return 0; 405 if(!a) return 0;
@@ -278,83 +407,125 @@ int i2d_PUBKEY(EVP_PKEY *a, unsigned char **pp)
278 ret = i2d_X509_PUBKEY(xpk, pp); 407 ret = i2d_X509_PUBKEY(xpk, pp);
279 X509_PUBKEY_free(xpk); 408 X509_PUBKEY_free(xpk);
280 return ret; 409 return ret;
281} 410 }
282 411
283/* The following are equivalents but which return RSA and DSA 412/* The following are equivalents but which return RSA and DSA
284 * keys 413 * keys
285 */ 414 */
286#ifndef OPENSSL_NO_RSA 415#ifndef OPENSSL_NO_RSA
287RSA *d2i_RSA_PUBKEY(RSA **a, unsigned char **pp, 416RSA *d2i_RSA_PUBKEY(RSA **a, const unsigned char **pp,
288 long length) 417 long length)
289{ 418 {
290 EVP_PKEY *pkey; 419 EVP_PKEY *pkey;
291 RSA *key; 420 RSA *key;
292 unsigned char *q; 421 const unsigned char *q;
293 q = *pp; 422 q = *pp;
294 pkey = d2i_PUBKEY(NULL, &q, length); 423 pkey = d2i_PUBKEY(NULL, &q, length);
295 if(!pkey) return NULL; 424 if (!pkey) return NULL;
296 key = EVP_PKEY_get1_RSA(pkey); 425 key = EVP_PKEY_get1_RSA(pkey);
297 EVP_PKEY_free(pkey); 426 EVP_PKEY_free(pkey);
298 if(!key) return NULL; 427 if (!key) return NULL;
299 *pp = q; 428 *pp = q;
300 if(a) { 429 if (a)
430 {
301 RSA_free(*a); 431 RSA_free(*a);
302 *a = key; 432 *a = key;
303 } 433 }
304 return key; 434 return key;
305} 435 }
306 436
307int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp) 437int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp)
308{ 438 {
309 EVP_PKEY *pktmp; 439 EVP_PKEY *pktmp;
310 int ret; 440 int ret;
311 if(!a) return 0; 441 if (!a) return 0;
312 pktmp = EVP_PKEY_new(); 442 pktmp = EVP_PKEY_new();
313 if(!pktmp) { 443 if (!pktmp)
444 {
314 ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE); 445 ASN1err(ASN1_F_I2D_RSA_PUBKEY, ERR_R_MALLOC_FAILURE);
315 return 0; 446 return 0;
316 } 447 }
317 EVP_PKEY_set1_RSA(pktmp, a); 448 EVP_PKEY_set1_RSA(pktmp, a);
318 ret = i2d_PUBKEY(pktmp, pp); 449 ret = i2d_PUBKEY(pktmp, pp);
319 EVP_PKEY_free(pktmp); 450 EVP_PKEY_free(pktmp);
320 return ret; 451 return ret;
321} 452 }
322#endif 453#endif
323 454
324#ifndef OPENSSL_NO_DSA 455#ifndef OPENSSL_NO_DSA
325DSA *d2i_DSA_PUBKEY(DSA **a, unsigned char **pp, 456DSA *d2i_DSA_PUBKEY(DSA **a, const unsigned char **pp,
326 long length) 457 long length)
327{ 458 {
328 EVP_PKEY *pkey; 459 EVP_PKEY *pkey;
329 DSA *key; 460 DSA *key;
330 unsigned char *q; 461 const unsigned char *q;
331 q = *pp; 462 q = *pp;
332 pkey = d2i_PUBKEY(NULL, &q, length); 463 pkey = d2i_PUBKEY(NULL, &q, length);
333 if(!pkey) return NULL; 464 if (!pkey) return NULL;
334 key = EVP_PKEY_get1_DSA(pkey); 465 key = EVP_PKEY_get1_DSA(pkey);
335 EVP_PKEY_free(pkey); 466 EVP_PKEY_free(pkey);
336 if(!key) return NULL; 467 if (!key) return NULL;
337 *pp = q; 468 *pp = q;
338 if(a) { 469 if (a)
470 {
339 DSA_free(*a); 471 DSA_free(*a);
340 *a = key; 472 *a = key;
341 } 473 }
342 return key; 474 return key;
343} 475 }
344 476
345int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp) 477int i2d_DSA_PUBKEY(DSA *a, unsigned char **pp)
346{ 478 {
347 EVP_PKEY *pktmp; 479 EVP_PKEY *pktmp;
348 int ret; 480 int ret;
349 if(!a) return 0; 481 if(!a) return 0;
350 pktmp = EVP_PKEY_new(); 482 pktmp = EVP_PKEY_new();
351 if(!pktmp) { 483 if(!pktmp)
484 {
352 ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE); 485 ASN1err(ASN1_F_I2D_DSA_PUBKEY, ERR_R_MALLOC_FAILURE);
353 return 0; 486 return 0;
354 } 487 }
355 EVP_PKEY_set1_DSA(pktmp, a); 488 EVP_PKEY_set1_DSA(pktmp, a);
356 ret = i2d_PUBKEY(pktmp, pp); 489 ret = i2d_PUBKEY(pktmp, pp);
357 EVP_PKEY_free(pktmp); 490 EVP_PKEY_free(pktmp);
358 return ret; 491 return ret;
359} 492 }
493#endif
494
495#ifndef OPENSSL_NO_EC
496EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp, long length)
497 {
498 EVP_PKEY *pkey;
499 EC_KEY *key;
500 const unsigned char *q;
501 q = *pp;
502 pkey = d2i_PUBKEY(NULL, &q, length);
503 if (!pkey) return(NULL);
504 key = EVP_PKEY_get1_EC_KEY(pkey);
505 EVP_PKEY_free(pkey);
506 if (!key) return(NULL);
507 *pp = q;
508 if (a)
509 {
510 EC_KEY_free(*a);
511 *a = key;
512 }
513 return(key);
514 }
515
516int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp)
517 {
518 EVP_PKEY *pktmp;
519 int ret;
520 if (!a) return(0);
521 if ((pktmp = EVP_PKEY_new()) == NULL)
522 {
523 ASN1err(ASN1_F_I2D_EC_PUBKEY, ERR_R_MALLOC_FAILURE);
524 return(0);
525 }
526 EVP_PKEY_set1_EC_KEY(pktmp, a);
527 ret = i2d_PUBKEY(pktmp, pp);
528 EVP_PKEY_free(pktmp);
529 return(ret);
530 }
360#endif 531#endif
diff --git a/src/lib/libcrypto/asn1/x_req.c b/src/lib/libcrypto/asn1/x_req.c
index b3f18ebc12..59ca8ce329 100644
--- a/src/lib/libcrypto/asn1/x_req.c
+++ b/src/lib/libcrypto/asn1/x_req.c
@@ -102,7 +102,7 @@ ASN1_SEQUENCE_enc(X509_REQ_INFO, enc, rinf_cb) = {
102 102
103IMPLEMENT_ASN1_FUNCTIONS(X509_REQ_INFO) 103IMPLEMENT_ASN1_FUNCTIONS(X509_REQ_INFO)
104 104
105ASN1_SEQUENCE_ref(X509_REQ, 0, CRYPTO_LOCK_X509_INFO) = { 105ASN1_SEQUENCE_ref(X509_REQ, 0, CRYPTO_LOCK_X509_REQ) = {
106 ASN1_SIMPLE(X509_REQ, req_info, X509_REQ_INFO), 106 ASN1_SIMPLE(X509_REQ, req_info, X509_REQ_INFO),
107 ASN1_SIMPLE(X509_REQ, sig_alg, X509_ALGOR), 107 ASN1_SIMPLE(X509_REQ, sig_alg, X509_ALGOR),
108 ASN1_SIMPLE(X509_REQ, signature, ASN1_BIT_STRING) 108 ASN1_SIMPLE(X509_REQ, signature, ASN1_BIT_STRING)
diff --git a/src/lib/libcrypto/asn1/x_x509.c b/src/lib/libcrypto/asn1/x_x509.c
index b50167ce43..e118696625 100644
--- a/src/lib/libcrypto/asn1/x_x509.c
+++ b/src/lib/libcrypto/asn1/x_x509.c
@@ -79,6 +79,8 @@ ASN1_SEQUENCE(X509_CINF) = {
79IMPLEMENT_ASN1_FUNCTIONS(X509_CINF) 79IMPLEMENT_ASN1_FUNCTIONS(X509_CINF)
80/* X509 top level structure needs a bit of customisation */ 80/* X509 top level structure needs a bit of customisation */
81 81
82extern void policy_cache_free(X509_POLICY_CACHE *cache);
83
82static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) 84static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
83{ 85{
84 X509 *ret = (X509 *)*pval; 86 X509 *ret = (X509 *)*pval;
@@ -92,6 +94,10 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
92 ret->ex_pathlen = -1; 94 ret->ex_pathlen = -1;
93 ret->skid = NULL; 95 ret->skid = NULL;
94 ret->akid = NULL; 96 ret->akid = NULL;
97#ifndef OPENSSL_NO_RFC3779
98 ret->rfc3779_addr = NULL;
99 ret->rfc3779_asid = NULL;
100#endif
95 ret->aux = NULL; 101 ret->aux = NULL;
96 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data); 102 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
97 break; 103 break;
@@ -106,6 +112,11 @@ static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
106 X509_CERT_AUX_free(ret->aux); 112 X509_CERT_AUX_free(ret->aux);
107 ASN1_OCTET_STRING_free(ret->skid); 113 ASN1_OCTET_STRING_free(ret->skid);
108 AUTHORITY_KEYID_free(ret->akid); 114 AUTHORITY_KEYID_free(ret->akid);
115 policy_cache_free(ret->policy_cache);
116#ifndef OPENSSL_NO_RFC3779
117 sk_IPAddressFamily_pop_free(ret->rfc3779_addr, IPAddressFamily_free);
118 ASIdentifiers_free(ret->rfc3779_asid);
119#endif
109 120
110 if (ret->name != NULL) OPENSSL_free(ret->name); 121 if (ret->name != NULL) OPENSSL_free(ret->name);
111 break; 122 break;
@@ -125,11 +136,13 @@ ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = {
125IMPLEMENT_ASN1_FUNCTIONS(X509) 136IMPLEMENT_ASN1_FUNCTIONS(X509)
126IMPLEMENT_ASN1_DUP_FUNCTION(X509) 137IMPLEMENT_ASN1_DUP_FUNCTION(X509)
127 138
128static ASN1_METHOD meth={ 139static ASN1_METHOD meth=
129 (int (*)()) i2d_X509, 140 {
130 (char *(*)())d2i_X509, 141 (I2D_OF(void)) i2d_X509,
131 (char *(*)())X509_new, 142 (D2I_OF(void)) d2i_X509,
132 (void (*)()) X509_free}; 143 (void *(*)(void))X509_new,
144 (void (*)(void *)) X509_free
145 };
133 146
134ASN1_METHOD *X509_asn1_meth(void) 147ASN1_METHOD *X509_asn1_meth(void)
135 { 148 {
@@ -161,9 +174,9 @@ void *X509_get_ex_data(X509 *r, int idx)
161 * 174 *
162 */ 175 */
163 176
164X509 *d2i_X509_AUX(X509 **a, unsigned char **pp, long length) 177X509 *d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
165{ 178{
166 unsigned char *q; 179 const unsigned char *q;
167 X509 *ret; 180 X509 *ret;
168 /* Save start position */ 181 /* Save start position */
169 q = *pp; 182 q = *pp;
diff --git a/src/lib/libcrypto/asn1/x_x509a.c b/src/lib/libcrypto/asn1/x_x509a.c
index f244768b7e..13db5fd03f 100644
--- a/src/lib/libcrypto/asn1/x_x509a.c
+++ b/src/lib/libcrypto/asn1/x_x509a.c
@@ -91,6 +91,14 @@ static X509_CERT_AUX *aux_get(X509 *x)
91int X509_alias_set1(X509 *x, unsigned char *name, int len) 91int X509_alias_set1(X509 *x, unsigned char *name, int len)
92{ 92{
93 X509_CERT_AUX *aux; 93 X509_CERT_AUX *aux;
94 if (!name)
95 {
96 if (!x || !x->aux || !x->aux->alias)
97 return 1;
98 ASN1_UTF8STRING_free(x->aux->alias);
99 x->aux->alias = NULL;
100 return 1;
101 }
94 if(!(aux = aux_get(x))) return 0; 102 if(!(aux = aux_get(x))) return 0;
95 if(!aux->alias && !(aux->alias = ASN1_UTF8STRING_new())) return 0; 103 if(!aux->alias && !(aux->alias = ASN1_UTF8STRING_new())) return 0;
96 return ASN1_STRING_set(aux->alias, name, len); 104 return ASN1_STRING_set(aux->alias, name, len);
@@ -99,6 +107,14 @@ int X509_alias_set1(X509 *x, unsigned char *name, int len)
99int X509_keyid_set1(X509 *x, unsigned char *id, int len) 107int X509_keyid_set1(X509 *x, unsigned char *id, int len)
100{ 108{
101 X509_CERT_AUX *aux; 109 X509_CERT_AUX *aux;
110 if (!id)
111 {
112 if (!x || !x->aux || !x->aux->keyid)
113 return 1;
114 ASN1_OCTET_STRING_free(x->aux->keyid);
115 x->aux->keyid = NULL;
116 return 1;
117 }
102 if(!(aux = aux_get(x))) return 0; 118 if(!(aux = aux_get(x))) return 0;
103 if(!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new())) return 0; 119 if(!aux->keyid && !(aux->keyid = ASN1_OCTET_STRING_new())) return 0;
104 return ASN1_STRING_set(aux->keyid, id, len); 120 return ASN1_STRING_set(aux->keyid, id, len);
@@ -111,6 +127,13 @@ unsigned char *X509_alias_get0(X509 *x, int *len)
111 return x->aux->alias->data; 127 return x->aux->alias->data;
112} 128}
113 129
130unsigned char *X509_keyid_get0(X509 *x, int *len)
131{
132 if(!x->aux || !x->aux->keyid) return NULL;
133 if(len) *len = x->aux->keyid->length;
134 return x->aux->keyid->data;
135}
136
114int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj) 137int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj)
115{ 138{
116 X509_CERT_AUX *aux; 139 X509_CERT_AUX *aux;
@@ -149,3 +172,9 @@ void X509_reject_clear(X509 *x)
149 } 172 }
150} 173}
151 174
175ASN1_SEQUENCE(X509_CERT_PAIR) = {
176 ASN1_EXP_OPT(X509_CERT_PAIR, forward, X509, 0),
177 ASN1_EXP_OPT(X509_CERT_PAIR, reverse, X509, 1)
178} ASN1_SEQUENCE_END(X509_CERT_PAIR)
179
180IMPLEMENT_ASN1_FUNCTIONS(X509_CERT_PAIR)
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 12:29:14 +0000