diff options
| author | cvs2svn <admin@example.com> | 1999-10-10 21:32:03 +0000 |
|---|---|---|
| committer | cvs2svn <admin@example.com> | 1999-10-10 21:32:03 +0000 |
| commit | 14e61fef302fbc25ab63e38bd35445637ca68139 (patch) | |
| tree | dae5e50679bccd1ed8d7d4041fbb9f3d96bbc98c /src/lib/libcrypto/x509 | |
| parent | 3ef9529fbf0c1f8f1c9da1172e92ad3370d5fcfe (diff) | |
| download | openbsd-OPENBSD_2_6_BASE.tar.gz openbsd-OPENBSD_2_6_BASE.tar.bz2 openbsd-OPENBSD_2_6_BASE.zip | |
This commit was manufactured by cvs2git to create tag 'OPENBSD_2_6_BASE'.OPENBSD_2_6_BASE
Diffstat (limited to '')
41 files changed, 0 insertions, 10767 deletions
diff --git a/src/lib/libcrypto/x509/by_dir.c b/src/lib/libcrypto/x509/by_dir.c deleted file mode 100644 index 734e39ac77..0000000000 --- a/src/lib/libcrypto/x509/by_dir.c +++ /dev/null | |||
| @@ -1,342 +0,0 @@ | |||
| 1 | /* crypto/x509/by_dir.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include <time.h> | ||
| 61 | #include <errno.h> | ||
| 62 | #include <sys/types.h> | ||
| 63 | #include <sys/stat.h> | ||
| 64 | |||
| 65 | #include "cryptlib.h" | ||
| 66 | #include <openssl/lhash.h> | ||
| 67 | #include <openssl/x509.h> | ||
| 68 | |||
| 69 | typedef struct lookup_dir_st | ||
| 70 | { | ||
| 71 | BUF_MEM *buffer; | ||
| 72 | int num_dirs; | ||
| 73 | char **dirs; | ||
| 74 | int *dirs_type; | ||
| 75 | int num_dirs_alloced; | ||
| 76 | } BY_DIR; | ||
| 77 | |||
| 78 | static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, | ||
| 79 | char **ret); | ||
| 80 | static int new_dir(X509_LOOKUP *lu); | ||
| 81 | static void free_dir(X509_LOOKUP *lu); | ||
| 82 | static int add_cert_dir(BY_DIR *ctx,const char *dir,int type); | ||
| 83 | static int get_cert_by_subject(X509_LOOKUP *xl,int type,X509_NAME *name, | ||
| 84 | X509_OBJECT *ret); | ||
| 85 | X509_LOOKUP_METHOD x509_dir_lookup= | ||
| 86 | { | ||
| 87 | "Load certs from files in a directory", | ||
| 88 | new_dir, /* new */ | ||
| 89 | free_dir, /* free */ | ||
| 90 | NULL, /* init */ | ||
| 91 | NULL, /* shutdown */ | ||
| 92 | dir_ctrl, /* ctrl */ | ||
| 93 | get_cert_by_subject, /* get_by_subject */ | ||
| 94 | NULL, /* get_by_issuer_serial */ | ||
| 95 | NULL, /* get_by_fingerprint */ | ||
| 96 | NULL, /* get_by_alias */ | ||
| 97 | }; | ||
| 98 | |||
| 99 | X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void) | ||
| 100 | { | ||
| 101 | return(&x509_dir_lookup); | ||
| 102 | } | ||
| 103 | |||
| 104 | static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, | ||
| 105 | char **retp) | ||
| 106 | { | ||
| 107 | int ret=0; | ||
| 108 | BY_DIR *ld; | ||
| 109 | char *dir; | ||
| 110 | |||
| 111 | ld=(BY_DIR *)ctx->method_data; | ||
| 112 | |||
| 113 | switch (cmd) | ||
| 114 | { | ||
| 115 | case X509_L_ADD_DIR: | ||
| 116 | if (argl == X509_FILETYPE_DEFAULT) | ||
| 117 | { | ||
| 118 | ret=add_cert_dir(ld,X509_get_default_cert_dir(), | ||
| 119 | X509_FILETYPE_PEM); | ||
| 120 | if (!ret) | ||
| 121 | { | ||
| 122 | X509err(X509_F_DIR_CTRL,X509_R_LOADING_CERT_DIR); | ||
| 123 | } | ||
| 124 | else | ||
| 125 | { | ||
| 126 | dir=(char *)Getenv(X509_get_default_cert_dir_env()); | ||
| 127 | ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM); | ||
| 128 | } | ||
| 129 | } | ||
| 130 | else | ||
| 131 | ret=add_cert_dir(ld,argp,(int)argl); | ||
| 132 | break; | ||
| 133 | } | ||
| 134 | return(ret); | ||
| 135 | } | ||
| 136 | |||
| 137 | static int new_dir(X509_LOOKUP *lu) | ||
| 138 | { | ||
| 139 | BY_DIR *a; | ||
| 140 | |||
| 141 | if ((a=(BY_DIR *)Malloc(sizeof(BY_DIR))) == NULL) | ||
| 142 | return(0); | ||
| 143 | if ((a->buffer=BUF_MEM_new()) == NULL) | ||
| 144 | { | ||
| 145 | Free(a); | ||
| 146 | return(0); | ||
| 147 | } | ||
| 148 | a->num_dirs=0; | ||
| 149 | a->dirs=NULL; | ||
| 150 | a->dirs_type=NULL; | ||
| 151 | a->num_dirs_alloced=0; | ||
| 152 | lu->method_data=(char *)a; | ||
| 153 | return(1); | ||
| 154 | } | ||
| 155 | |||
| 156 | static void free_dir(X509_LOOKUP *lu) | ||
| 157 | { | ||
| 158 | BY_DIR *a; | ||
| 159 | int i; | ||
| 160 | |||
| 161 | a=(BY_DIR *)lu->method_data; | ||
| 162 | for (i=0; i<a->num_dirs; i++) | ||
| 163 | if (a->dirs[i] != NULL) Free(a->dirs[i]); | ||
| 164 | if (a->dirs != NULL) Free(a->dirs); | ||
| 165 | if (a->dirs_type != NULL) Free(a->dirs_type); | ||
| 166 | if (a->buffer != NULL) BUF_MEM_free(a->buffer); | ||
| 167 | Free(a); | ||
| 168 | } | ||
| 169 | |||
| 170 | static int add_cert_dir(BY_DIR *ctx, const char *dir, int type) | ||
| 171 | { | ||
| 172 | int j,len; | ||
| 173 | int *ip; | ||
| 174 | const char *s,*ss,*p; | ||
| 175 | char **pp; | ||
| 176 | |||
| 177 | if (dir == NULL || !*dir) | ||
| 178 | { | ||
| 179 | X509err(X509_F_ADD_CERT_DIR,X509_R_INVALID_DIRECTORY); | ||
| 180 | return 0; | ||
| 181 | } | ||
| 182 | |||
| 183 | s=dir; | ||
| 184 | p=s; | ||
| 185 | for (;;) | ||
| 186 | { | ||
| 187 | if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0')) | ||
| 188 | { | ||
| 189 | ss=s; | ||
| 190 | s=p+1; | ||
| 191 | len=(int)(p-ss); | ||
| 192 | if (len == 0) continue; | ||
| 193 | for (j=0; j<ctx->num_dirs; j++) | ||
| 194 | if (strncmp(ctx->dirs[j],ss,(unsigned int)len) == 0) | ||
| 195 | continue; | ||
| 196 | if (ctx->num_dirs_alloced < (ctx->num_dirs+1)) | ||
| 197 | { | ||
| 198 | ctx->num_dirs_alloced+=10; | ||
| 199 | pp=(char **)Malloc(ctx->num_dirs_alloced* | ||
| 200 | sizeof(char *)); | ||
| 201 | ip=(int *)Malloc(ctx->num_dirs_alloced* | ||
| 202 | sizeof(int)); | ||
| 203 | if ((pp == NULL) || (ip == NULL)) | ||
| 204 | { | ||
| 205 | X509err(X509_F_ADD_CERT_DIR,ERR_R_MALLOC_FAILURE); | ||
| 206 | return(0); | ||
| 207 | } | ||
| 208 | memcpy(pp,ctx->dirs,(ctx->num_dirs_alloced-10)* | ||
| 209 | sizeof(char *)); | ||
| 210 | memcpy(ip,ctx->dirs_type,(ctx->num_dirs_alloced-10)* | ||
| 211 | sizeof(int)); | ||
| 212 | if (ctx->dirs != NULL) | ||
| 213 | Free((char *)ctx->dirs); | ||
| 214 | if (ctx->dirs_type != NULL) | ||
| 215 | Free((char *)ctx->dirs_type); | ||
| 216 | ctx->dirs=pp; | ||
| 217 | ctx->dirs_type=ip; | ||
| 218 | } | ||
| 219 | ctx->dirs_type[ctx->num_dirs]=type; | ||
| 220 | ctx->dirs[ctx->num_dirs]=(char *)Malloc((unsigned int)len+1); | ||
| 221 | if (ctx->dirs[ctx->num_dirs] == NULL) return(0); | ||
| 222 | strncpy(ctx->dirs[ctx->num_dirs],ss,(unsigned int)len); | ||
| 223 | ctx->dirs[ctx->num_dirs][len]='\0'; | ||
| 224 | ctx->num_dirs++; | ||
| 225 | } | ||
| 226 | if (*p == '\0') break; | ||
| 227 | p++; | ||
| 228 | } | ||
| 229 | return(1); | ||
| 230 | } | ||
| 231 | |||
| 232 | static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name, | ||
| 233 | X509_OBJECT *ret) | ||
| 234 | { | ||
| 235 | BY_DIR *ctx; | ||
| 236 | union { | ||
| 237 | struct { | ||
| 238 | X509 st_x509; | ||
| 239 | X509_CINF st_x509_cinf; | ||
| 240 | } x509; | ||
| 241 | struct { | ||
| 242 | X509_CRL st_crl; | ||
| 243 | X509_CRL_INFO st_crl_info; | ||
| 244 | } crl; | ||
| 245 | } data; | ||
| 246 | int ok=0; | ||
| 247 | int i,j,k; | ||
| 248 | unsigned long h; | ||
| 249 | BUF_MEM *b=NULL; | ||
| 250 | struct stat st; | ||
| 251 | X509_OBJECT stmp,*tmp; | ||
| 252 | const char *postfix=""; | ||
| 253 | |||
| 254 | if (name == NULL) return(0); | ||
| 255 | |||
| 256 | stmp.type=type; | ||
| 257 | if (type == X509_LU_X509) | ||
| 258 | { | ||
| 259 | data.x509.st_x509.cert_info= &data.x509.st_x509_cinf; | ||
| 260 | data.x509.st_x509_cinf.subject=name; | ||
| 261 | stmp.data.x509= &data.x509.st_x509; | ||
| 262 | postfix=""; | ||
| 263 | } | ||
| 264 | else if (type == X509_LU_CRL) | ||
| 265 | { | ||
| 266 | data.crl.st_crl.crl= &data.crl.st_crl_info; | ||
| 267 | data.crl.st_crl_info.issuer=name; | ||
| 268 | stmp.data.crl= &data.crl.st_crl; | ||
| 269 | postfix="r"; | ||
| 270 | } | ||
| 271 | else | ||
| 272 | { | ||
| 273 | X509err(X509_F_GET_CERT_BY_SUBJECT,X509_R_WRONG_LOOKUP_TYPE); | ||
| 274 | goto finish; | ||
| 275 | } | ||
| 276 | |||
| 277 | if ((b=BUF_MEM_new()) == NULL) | ||
| 278 | { | ||
| 279 | X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_BUF_LIB); | ||
| 280 | goto finish; | ||
| 281 | } | ||
| 282 | |||
| 283 | ctx=(BY_DIR *)xl->method_data; | ||
| 284 | |||
| 285 | h=X509_NAME_hash(name); | ||
| 286 | for (i=0; i<ctx->num_dirs; i++) | ||
| 287 | { | ||
| 288 | j=strlen(ctx->dirs[i])+1+8+6+1+1; | ||
| 289 | if (!BUF_MEM_grow(b,j)) | ||
| 290 | { | ||
| 291 | X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_MALLOC_FAILURE); | ||
| 292 | goto finish; | ||
| 293 | } | ||
| 294 | k=0; | ||
| 295 | for (;;) | ||
| 296 | { | ||
| 297 | sprintf(b->data,"%s/%08lx.%s%d",ctx->dirs[i],h, | ||
| 298 | postfix,k); | ||
| 299 | k++; | ||
| 300 | if (stat(b->data,&st) < 0) | ||
| 301 | break; | ||
| 302 | /* found one. */ | ||
| 303 | if (type == X509_LU_X509) | ||
| 304 | { | ||
| 305 | if ((X509_load_cert_file(xl,b->data, | ||
| 306 | ctx->dirs_type[i])) == 0) | ||
| 307 | break; | ||
| 308 | } | ||
| 309 | else if (type == X509_LU_CRL) | ||
| 310 | { | ||
| 311 | if ((X509_load_crl_file(xl,b->data, | ||
| 312 | ctx->dirs_type[i])) == 0) | ||
| 313 | break; | ||
| 314 | } | ||
| 315 | /* else case will caught higher up */ | ||
| 316 | } | ||
| 317 | |||
| 318 | /* we have added it to the cache so now pull | ||
| 319 | * it out again */ | ||
| 320 | CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE); | ||
| 321 | tmp=(X509_OBJECT *)lh_retrieve(xl->store_ctx->certs, | ||
| 322 | (char *)&stmp); | ||
| 323 | CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE); | ||
| 324 | |||
| 325 | if (tmp != NULL) | ||
| 326 | { | ||
| 327 | ok=1; | ||
| 328 | ret->type=tmp->type; | ||
| 329 | memcpy(&ret->data,&tmp->data,sizeof(ret->data)); | ||
| 330 | /* If we were going to up the reference count, | ||
| 331 | * we would need to do it on a perl 'type' | ||
| 332 | * basis */ | ||
| 333 | /* CRYPTO_add(&tmp->data.x509->references,1, | ||
| 334 | CRYPTO_LOCK_X509);*/ | ||
| 335 | goto finish; | ||
| 336 | } | ||
| 337 | } | ||
| 338 | finish: | ||
| 339 | if (b != NULL) BUF_MEM_free(b); | ||
| 340 | return(ok); | ||
| 341 | } | ||
| 342 | |||
diff --git a/src/lib/libcrypto/x509/by_file.c b/src/lib/libcrypto/x509/by_file.c deleted file mode 100644 index 00ee5e8bbc..0000000000 --- a/src/lib/libcrypto/x509/by_file.c +++ /dev/null | |||
| @@ -1,267 +0,0 @@ | |||
| 1 | /* crypto/x509/by_file.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include <time.h> | ||
| 61 | #include <errno.h> | ||
| 62 | #include <sys/types.h> | ||
| 63 | #include <sys/stat.h> | ||
| 64 | |||
| 65 | #include "cryptlib.h" | ||
| 66 | #include <openssl/lhash.h> | ||
| 67 | #include <openssl/buffer.h> | ||
| 68 | #include <openssl/x509.h> | ||
| 69 | #include <openssl/pem.h> | ||
| 70 | |||
| 71 | #ifndef NO_STDIO | ||
| 72 | |||
| 73 | static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, | ||
| 74 | long argl, char **ret); | ||
| 75 | X509_LOOKUP_METHOD x509_file_lookup= | ||
| 76 | { | ||
| 77 | "Load file into cache", | ||
| 78 | NULL, /* new */ | ||
| 79 | NULL, /* free */ | ||
| 80 | NULL, /* init */ | ||
| 81 | NULL, /* shutdown */ | ||
| 82 | by_file_ctrl, /* ctrl */ | ||
| 83 | NULL, /* get_by_subject */ | ||
| 84 | NULL, /* get_by_issuer_serial */ | ||
| 85 | NULL, /* get_by_fingerprint */ | ||
| 86 | NULL, /* get_by_alias */ | ||
| 87 | }; | ||
| 88 | |||
| 89 | X509_LOOKUP_METHOD *X509_LOOKUP_file(void) | ||
| 90 | { | ||
| 91 | return(&x509_file_lookup); | ||
| 92 | } | ||
| 93 | |||
| 94 | static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl, | ||
| 95 | char **ret) | ||
| 96 | { | ||
| 97 | int ok=0,ok2=0; | ||
| 98 | char *file; | ||
| 99 | |||
| 100 | switch (cmd) | ||
| 101 | { | ||
| 102 | case X509_L_FILE_LOAD: | ||
| 103 | if (argl == X509_FILETYPE_DEFAULT) | ||
| 104 | { | ||
| 105 | ok=X509_load_cert_file(ctx,X509_get_default_cert_file(), | ||
| 106 | X509_FILETYPE_PEM); | ||
| 107 | ok2=X509_load_crl_file(ctx,X509_get_default_cert_file(), | ||
| 108 | X509_FILETYPE_PEM); | ||
| 109 | if (!ok || !ok2) | ||
| 110 | { | ||
| 111 | X509err(X509_F_BY_FILE_CTRL,X509_R_LOADING_DEFAULTS); | ||
| 112 | } | ||
| 113 | else | ||
| 114 | { | ||
| 115 | file=(char *)Getenv(X509_get_default_cert_file_env()); | ||
| 116 | ok=X509_load_cert_file(ctx,file, | ||
| 117 | X509_FILETYPE_PEM); | ||
| 118 | ok2=X509_load_crl_file(ctx,file, | ||
| 119 | X509_FILETYPE_PEM); | ||
| 120 | } | ||
| 121 | } | ||
| 122 | else | ||
| 123 | { | ||
| 124 | ok=X509_load_cert_file(ctx,argp,(int)argl); | ||
| 125 | ok2=X509_load_crl_file(ctx,argp,(int)argl); | ||
| 126 | } | ||
| 127 | break; | ||
| 128 | } | ||
| 129 | return((ok && ok2)?ok:0); | ||
| 130 | } | ||
| 131 | |||
| 132 | int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type) | ||
| 133 | { | ||
| 134 | int ret=0; | ||
| 135 | BIO *in=NULL; | ||
| 136 | int i,count=0; | ||
| 137 | X509 *x=NULL; | ||
| 138 | |||
| 139 | if (file == NULL) return(1); | ||
| 140 | in=BIO_new(BIO_s_file_internal()); | ||
| 141 | |||
| 142 | if ((in == NULL) || (BIO_read_filename(in,file) <= 0)) | ||
| 143 | { | ||
| 144 | X509err(X509_F_X509_LOAD_CERT_FILE,ERR_R_SYS_LIB); | ||
| 145 | goto err; | ||
| 146 | } | ||
| 147 | |||
| 148 | if (type == X509_FILETYPE_PEM) | ||
| 149 | { | ||
| 150 | for (;;) | ||
| 151 | { | ||
| 152 | x=PEM_read_bio_X509(in,NULL,NULL,NULL); | ||
| 153 | if (x == NULL) | ||
| 154 | { | ||
| 155 | if ((ERR_GET_REASON(ERR_peek_error()) == | ||
| 156 | PEM_R_NO_START_LINE) && (count > 0)) | ||
| 157 | { | ||
| 158 | ERR_clear_error(); | ||
| 159 | break; | ||
| 160 | } | ||
| 161 | else | ||
| 162 | { | ||
| 163 | X509err(X509_F_X509_LOAD_CERT_FILE, | ||
| 164 | ERR_R_PEM_LIB); | ||
| 165 | goto err; | ||
| 166 | } | ||
| 167 | } | ||
| 168 | i=X509_STORE_add_cert(ctx->store_ctx,x); | ||
| 169 | if (!i) goto err; | ||
| 170 | count++; | ||
| 171 | X509_free(x); | ||
| 172 | x=NULL; | ||
| 173 | } | ||
| 174 | ret=count; | ||
| 175 | } | ||
| 176 | else if (type == X509_FILETYPE_ASN1) | ||
| 177 | { | ||
| 178 | x=d2i_X509_bio(in,NULL); | ||
| 179 | if (x == NULL) | ||
| 180 | { | ||
| 181 | X509err(X509_F_X509_LOAD_CERT_FILE,ERR_R_ASN1_LIB); | ||
| 182 | goto err; | ||
| 183 | } | ||
| 184 | i=X509_STORE_add_cert(ctx->store_ctx,x); | ||
| 185 | if (!i) goto err; | ||
| 186 | ret=i; | ||
| 187 | } | ||
| 188 | else | ||
| 189 | { | ||
| 190 | X509err(X509_F_X509_LOAD_CERT_FILE,X509_R_BAD_X509_FILETYPE); | ||
| 191 | goto err; | ||
| 192 | } | ||
| 193 | err: | ||
| 194 | if (x != NULL) X509_free(x); | ||
| 195 | if (in != NULL) BIO_free(in); | ||
| 196 | return(ret); | ||
| 197 | } | ||
| 198 | |||
| 199 | int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type) | ||
| 200 | { | ||
| 201 | int ret=0; | ||
| 202 | BIO *in=NULL; | ||
| 203 | int i,count=0; | ||
| 204 | X509_CRL *x=NULL; | ||
| 205 | |||
| 206 | if (file == NULL) return(1); | ||
| 207 | in=BIO_new(BIO_s_file_internal()); | ||
| 208 | |||
| 209 | if ((in == NULL) || (BIO_read_filename(in,file) <= 0)) | ||
| 210 | { | ||
| 211 | X509err(X509_F_X509_LOAD_CRL_FILE,ERR_R_SYS_LIB); | ||
| 212 | goto err; | ||
| 213 | } | ||
| 214 | |||
| 215 | if (type == X509_FILETYPE_PEM) | ||
| 216 | { | ||
| 217 | for (;;) | ||
| 218 | { | ||
| 219 | x=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL); | ||
| 220 | if (x == NULL) | ||
| 221 | { | ||
| 222 | if ((ERR_GET_REASON(ERR_peek_error()) == | ||
| 223 | PEM_R_NO_START_LINE) && (count > 0)) | ||
| 224 | { | ||
| 225 | ERR_clear_error(); | ||
| 226 | break; | ||
| 227 | } | ||
| 228 | else | ||
| 229 | { | ||
| 230 | X509err(X509_F_X509_LOAD_CRL_FILE, | ||
| 231 | ERR_R_PEM_LIB); | ||
| 232 | goto err; | ||
| 233 | } | ||
| 234 | } | ||
| 235 | i=X509_STORE_add_crl(ctx->store_ctx,x); | ||
| 236 | if (!i) goto err; | ||
| 237 | count++; | ||
| 238 | X509_CRL_free(x); | ||
| 239 | x=NULL; | ||
| 240 | } | ||
| 241 | ret=count; | ||
| 242 | } | ||
| 243 | else if (type == X509_FILETYPE_ASN1) | ||
| 244 | { | ||
| 245 | x=d2i_X509_CRL_bio(in,NULL); | ||
| 246 | if (x == NULL) | ||
| 247 | { | ||
| 248 | X509err(X509_F_X509_LOAD_CRL_FILE,ERR_R_ASN1_LIB); | ||
| 249 | goto err; | ||
| 250 | } | ||
| 251 | i=X509_STORE_add_crl(ctx->store_ctx,x); | ||
| 252 | if (!i) goto err; | ||
| 253 | ret=i; | ||
| 254 | } | ||
| 255 | else | ||
| 256 | { | ||
| 257 | X509err(X509_F_X509_LOAD_CRL_FILE,X509_R_BAD_X509_FILETYPE); | ||
| 258 | goto err; | ||
| 259 | } | ||
| 260 | err: | ||
| 261 | if (x != NULL) X509_CRL_free(x); | ||
| 262 | if (in != NULL) BIO_free(in); | ||
| 263 | return(ret); | ||
| 264 | } | ||
| 265 | |||
| 266 | #endif /* NO_STDIO */ | ||
| 267 | |||
diff --git a/src/lib/libcrypto/x509/x509.h b/src/lib/libcrypto/x509/x509.h deleted file mode 100644 index 35f9484f8b..0000000000 --- a/src/lib/libcrypto/x509/x509.h +++ /dev/null | |||
| @@ -1,989 +0,0 @@ | |||
| 1 | /* crypto/x509/x509.h */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #ifndef HEADER_X509_H | ||
| 60 | #define HEADER_X509_H | ||
| 61 | |||
| 62 | #ifdef __cplusplus | ||
| 63 | extern "C" { | ||
| 64 | #endif | ||
| 65 | |||
| 66 | #ifdef VMS | ||
| 67 | #undef X509_REVOKED_get_ext_by_critical | ||
| 68 | #define X509_REVOKED_get_ext_by_critical X509_REVOKED_get_ext_by_critic | ||
| 69 | #endif | ||
| 70 | |||
| 71 | #include <openssl/stack.h> | ||
| 72 | #include <openssl/asn1.h> | ||
| 73 | #include <openssl/safestack.h> | ||
| 74 | |||
| 75 | #ifndef NO_RSA | ||
| 76 | #include <openssl/rsa.h> | ||
| 77 | #endif | ||
| 78 | |||
| 79 | #ifndef NO_DSA | ||
| 80 | #include <openssl/dsa.h> | ||
| 81 | #endif | ||
| 82 | |||
| 83 | #ifndef NO_DH | ||
| 84 | #include <openssl/dh.h> | ||
| 85 | #endif | ||
| 86 | |||
| 87 | #include <openssl/evp.h> | ||
| 88 | |||
| 89 | |||
| 90 | #ifdef WIN32 | ||
| 91 | /* Under Win32 this is defined in wincrypt.h */ | ||
| 92 | #undef X509_NAME | ||
| 93 | #endif | ||
| 94 | |||
| 95 | #define X509_FILETYPE_PEM 1 | ||
| 96 | #define X509_FILETYPE_ASN1 2 | ||
| 97 | #define X509_FILETYPE_DEFAULT 3 | ||
| 98 | |||
| 99 | #define X509v3_KU_DIGITAL_SIGNATURE 0x0080 | ||
| 100 | #define X509v3_KU_NON_REPUDIATION 0x0040 | ||
| 101 | #define X509v3_KU_KEY_ENCIPHERMENT 0x0020 | ||
| 102 | #define X509v3_KU_DATA_ENCIPHERMENT 0x0010 | ||
| 103 | #define X509v3_KU_KEY_AGREEMENT 0x0008 | ||
| 104 | #define X509v3_KU_KEY_CERT_SIGN 0x0004 | ||
| 105 | #define X509v3_KU_CRL_SIGN 0x0002 | ||
| 106 | #define X509v3_KU_ENCIPHER_ONLY 0x0001 | ||
| 107 | #define X509v3_KU_DECIPHER_ONLY 0x8000 | ||
| 108 | #define X509v3_KU_UNDEF 0xffff | ||
| 109 | |||
| 110 | typedef struct X509_objects_st | ||
| 111 | { | ||
| 112 | int nid; | ||
| 113 | int (*a2i)(); | ||
| 114 | int (*i2a)(); | ||
| 115 | } X509_OBJECTS; | ||
| 116 | |||
| 117 | typedef struct X509_algor_st | ||
| 118 | { | ||
| 119 | ASN1_OBJECT *algorithm; | ||
| 120 | ASN1_TYPE *parameter; | ||
| 121 | } X509_ALGOR; | ||
| 122 | |||
| 123 | DECLARE_STACK_OF(X509_ALGOR) | ||
| 124 | DECLARE_ASN1_SET_OF(X509_ALGOR) | ||
| 125 | |||
| 126 | typedef struct X509_val_st | ||
| 127 | { | ||
| 128 | ASN1_UTCTIME *notBefore; | ||
| 129 | ASN1_UTCTIME *notAfter; | ||
| 130 | } X509_VAL; | ||
| 131 | |||
| 132 | typedef struct X509_pubkey_st | ||
| 133 | { | ||
| 134 | X509_ALGOR *algor; | ||
| 135 | ASN1_BIT_STRING *public_key; | ||
| 136 | EVP_PKEY *pkey; | ||
| 137 | } X509_PUBKEY; | ||
| 138 | |||
| 139 | typedef struct X509_sig_st | ||
| 140 | { | ||
| 141 | X509_ALGOR *algor; | ||
| 142 | ASN1_OCTET_STRING *digest; | ||
| 143 | } X509_SIG; | ||
| 144 | |||
| 145 | typedef struct X509_name_entry_st | ||
| 146 | { | ||
| 147 | ASN1_OBJECT *object; | ||
| 148 | ASN1_STRING *value; | ||
| 149 | int set; | ||
| 150 | int size; /* temp variable */ | ||
| 151 | } X509_NAME_ENTRY; | ||
| 152 | |||
| 153 | DECLARE_STACK_OF(X509_NAME_ENTRY) | ||
| 154 | DECLARE_ASN1_SET_OF(X509_NAME_ENTRY) | ||
| 155 | |||
| 156 | /* we always keep X509_NAMEs in 2 forms. */ | ||
| 157 | typedef struct X509_name_st | ||
| 158 | { | ||
| 159 | STACK_OF(X509_NAME_ENTRY) *entries; | ||
| 160 | int modified; /* true if 'bytes' needs to be built */ | ||
| 161 | #ifdef HEADER_BUFFER_H | ||
| 162 | BUF_MEM *bytes; | ||
| 163 | #else | ||
| 164 | char *bytes; | ||
| 165 | #endif | ||
| 166 | unsigned long hash; /* Keep the hash around for lookups */ | ||
| 167 | } X509_NAME; | ||
| 168 | |||
| 169 | DECLARE_STACK_OF(X509_NAME) | ||
| 170 | |||
| 171 | #define X509_EX_V_NETSCAPE_HACK 0x8000 | ||
| 172 | #define X509_EX_V_INIT 0x0001 | ||
| 173 | typedef struct X509_extension_st | ||
| 174 | { | ||
| 175 | ASN1_OBJECT *object; | ||
| 176 | short critical; | ||
| 177 | short netscape_hack; | ||
| 178 | ASN1_OCTET_STRING *value; | ||
| 179 | long argl; /* used when decoding */ | ||
| 180 | char *argp; /* used when decoding */ | ||
| 181 | void (*ex_free)(); /* clear argp stuff */ | ||
| 182 | } X509_EXTENSION; | ||
| 183 | |||
| 184 | DECLARE_STACK_OF(X509_EXTENSION) | ||
| 185 | DECLARE_ASN1_SET_OF(X509_EXTENSION) | ||
| 186 | |||
| 187 | /* a sequence of these are used */ | ||
| 188 | typedef struct x509_attributes_st | ||
| 189 | { | ||
| 190 | ASN1_OBJECT *object; | ||
| 191 | int set; /* 1 for a set, 0 for a single item (which is wrong) */ | ||
| 192 | union { | ||
| 193 | char *ptr; | ||
| 194 | /* 1 */ STACK_OF(ASN1_TYPE) *set; | ||
| 195 | /* 0 */ ASN1_TYPE *single; | ||
| 196 | } value; | ||
| 197 | } X509_ATTRIBUTE; | ||
| 198 | |||
| 199 | DECLARE_STACK_OF(X509_ATTRIBUTE) | ||
| 200 | DECLARE_ASN1_SET_OF(X509_ATTRIBUTE) | ||
| 201 | |||
| 202 | typedef struct X509_req_info_st | ||
| 203 | { | ||
| 204 | ASN1_INTEGER *version; | ||
| 205 | X509_NAME *subject; | ||
| 206 | X509_PUBKEY *pubkey; | ||
| 207 | /* d=2 hl=2 l= 0 cons: cont: 00 */ | ||
| 208 | STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ | ||
| 209 | int req_kludge; | ||
| 210 | } X509_REQ_INFO; | ||
| 211 | |||
| 212 | typedef struct X509_req_st | ||
| 213 | { | ||
| 214 | X509_REQ_INFO *req_info; | ||
| 215 | X509_ALGOR *sig_alg; | ||
| 216 | ASN1_BIT_STRING *signature; | ||
| 217 | int references; | ||
| 218 | } X509_REQ; | ||
| 219 | |||
| 220 | typedef struct x509_cinf_st | ||
| 221 | { | ||
| 222 | ASN1_INTEGER *version; /* [ 0 ] default of v1 */ | ||
| 223 | ASN1_INTEGER *serialNumber; | ||
| 224 | X509_ALGOR *signature; | ||
| 225 | X509_NAME *issuer; | ||
| 226 | X509_VAL *validity; | ||
| 227 | X509_NAME *subject; | ||
| 228 | X509_PUBKEY *key; | ||
| 229 | ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */ | ||
| 230 | ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */ | ||
| 231 | STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */ | ||
| 232 | } X509_CINF; | ||
| 233 | |||
| 234 | typedef struct x509_st | ||
| 235 | { | ||
| 236 | X509_CINF *cert_info; | ||
| 237 | X509_ALGOR *sig_alg; | ||
| 238 | ASN1_BIT_STRING *signature; | ||
| 239 | int valid; | ||
| 240 | int references; | ||
| 241 | char *name; | ||
| 242 | } X509; | ||
| 243 | |||
| 244 | DECLARE_STACK_OF(X509) | ||
| 245 | DECLARE_ASN1_SET_OF(X509) | ||
| 246 | |||
| 247 | typedef struct X509_revoked_st | ||
| 248 | { | ||
| 249 | ASN1_INTEGER *serialNumber; | ||
| 250 | ASN1_UTCTIME *revocationDate; | ||
| 251 | STACK_OF(X509_EXTENSION) /* optional */ *extensions; | ||
| 252 | int sequence; /* load sequence */ | ||
| 253 | } X509_REVOKED; | ||
| 254 | |||
| 255 | DECLARE_STACK_OF(X509_REVOKED) | ||
| 256 | DECLARE_ASN1_SET_OF(X509_REVOKED) | ||
| 257 | |||
| 258 | typedef struct X509_crl_info_st | ||
| 259 | { | ||
| 260 | ASN1_INTEGER *version; | ||
| 261 | X509_ALGOR *sig_alg; | ||
| 262 | X509_NAME *issuer; | ||
| 263 | ASN1_UTCTIME *lastUpdate; | ||
| 264 | ASN1_UTCTIME *nextUpdate; | ||
| 265 | STACK_OF(X509_REVOKED) *revoked; | ||
| 266 | STACK_OF(X509_EXTENSION) /* [0] */ *extensions; | ||
| 267 | } X509_CRL_INFO; | ||
| 268 | |||
| 269 | typedef struct X509_crl_st | ||
| 270 | { | ||
| 271 | /* actual signature */ | ||
| 272 | X509_CRL_INFO *crl; | ||
| 273 | X509_ALGOR *sig_alg; | ||
| 274 | ASN1_BIT_STRING *signature; | ||
| 275 | int references; | ||
| 276 | } X509_CRL; | ||
| 277 | |||
| 278 | DECLARE_STACK_OF(X509_CRL) | ||
| 279 | DECLARE_ASN1_SET_OF(X509_CRL) | ||
| 280 | |||
| 281 | typedef struct private_key_st | ||
| 282 | { | ||
| 283 | int version; | ||
| 284 | /* The PKCS#8 data types */ | ||
| 285 | X509_ALGOR *enc_algor; | ||
| 286 | ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */ | ||
| 287 | |||
| 288 | /* When decrypted, the following will not be NULL */ | ||
| 289 | EVP_PKEY *dec_pkey; | ||
| 290 | |||
| 291 | /* used to encrypt and decrypt */ | ||
| 292 | int key_length; | ||
| 293 | char *key_data; | ||
| 294 | int key_free; /* true if we should auto free key_data */ | ||
| 295 | |||
| 296 | /* expanded version of 'enc_algor' */ | ||
| 297 | EVP_CIPHER_INFO cipher; | ||
| 298 | |||
| 299 | int references; | ||
| 300 | } X509_PKEY; | ||
| 301 | |||
| 302 | #ifdef HEADER_ENVELOPE_H | ||
| 303 | typedef struct X509_info_st | ||
| 304 | { | ||
| 305 | X509 *x509; | ||
| 306 | X509_CRL *crl; | ||
| 307 | X509_PKEY *x_pkey; | ||
| 308 | |||
| 309 | EVP_CIPHER_INFO enc_cipher; | ||
| 310 | int enc_len; | ||
| 311 | char *enc_data; | ||
| 312 | |||
| 313 | int references; | ||
| 314 | } X509_INFO; | ||
| 315 | |||
| 316 | DECLARE_STACK_OF(X509_INFO) | ||
| 317 | #endif | ||
| 318 | |||
| 319 | /* The next 2 structures and their 8 routines were sent to me by | ||
| 320 | * Pat Richard <patr@x509.com> and are used to manipulate | ||
| 321 | * Netscapes spki strucutres - usefull if you are writing a CA web page | ||
| 322 | */ | ||
| 323 | typedef struct Netscape_spkac_st | ||
| 324 | { | ||
| 325 | X509_PUBKEY *pubkey; | ||
| 326 | ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */ | ||
| 327 | } NETSCAPE_SPKAC; | ||
| 328 | |||
| 329 | typedef struct Netscape_spki_st | ||
| 330 | { | ||
| 331 | NETSCAPE_SPKAC *spkac; /* signed public key and challenge */ | ||
| 332 | X509_ALGOR *sig_algor; | ||
| 333 | ASN1_BIT_STRING *signature; | ||
| 334 | } NETSCAPE_SPKI; | ||
| 335 | |||
| 336 | /* Netscape certificate sequence structure */ | ||
| 337 | typedef struct Netscape_certificate_sequence | ||
| 338 | { | ||
| 339 | ASN1_OBJECT *type; | ||
| 340 | STACK_OF(X509) *certs; | ||
| 341 | } NETSCAPE_CERT_SEQUENCE; | ||
| 342 | |||
| 343 | typedef struct CBCParameter_st | ||
| 344 | { | ||
| 345 | unsigned char iv[8]; | ||
| 346 | } CBC_PARAM; | ||
| 347 | |||
| 348 | /* Password based encryption structure */ | ||
| 349 | |||
| 350 | typedef struct PBEPARAM_st { | ||
| 351 | ASN1_OCTET_STRING *salt; | ||
| 352 | ASN1_INTEGER *iter; | ||
| 353 | } PBEPARAM; | ||
| 354 | |||
| 355 | /* Password based encryption V2 structures */ | ||
| 356 | |||
| 357 | typedef struct PBE2PARAM_st { | ||
| 358 | X509_ALGOR *keyfunc; | ||
| 359 | X509_ALGOR *encryption; | ||
| 360 | } PBE2PARAM; | ||
| 361 | |||
| 362 | typedef struct PBKDF2PARAM_st { | ||
| 363 | ASN1_TYPE *salt; /* Usually OCTET STRING but could be anything */ | ||
| 364 | ASN1_INTEGER *iter; | ||
| 365 | ASN1_INTEGER *keylength; | ||
| 366 | X509_ALGOR *prf; | ||
| 367 | } PBKDF2PARAM; | ||
| 368 | |||
| 369 | |||
| 370 | /* PKCS#8 private key info structure */ | ||
| 371 | |||
| 372 | typedef struct pkcs8_priv_key_info_st | ||
| 373 | { | ||
| 374 | int broken; /* Flag for various broken formats */ | ||
| 375 | #define PKCS8_OK 0 | ||
| 376 | #define PKCS8_NO_OCTET 1 | ||
| 377 | ASN1_INTEGER *version; | ||
| 378 | X509_ALGOR *pkeyalg; | ||
| 379 | ASN1_TYPE *pkey; /* Should be OCTET STRING but some are broken */ | ||
| 380 | STACK_OF(X509_ATTRIBUTE) *attributes; | ||
| 381 | } PKCS8_PRIV_KEY_INFO; | ||
| 382 | |||
| 383 | #include <openssl/x509_vfy.h> | ||
| 384 | #include <openssl/pkcs7.h> | ||
| 385 | |||
| 386 | #ifdef SSLEAY_MACROS | ||
| 387 | #define X509_verify(a,r) ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,\ | ||
| 388 | a->signature,(char *)a->cert_info,r) | ||
| 389 | #define X509_REQ_verify(a,r) ASN1_verify((int (*)())i2d_X509_REQ_INFO, \ | ||
| 390 | a->sig_alg,a->signature,(char *)a->req_info,r) | ||
| 391 | #define X509_CRL_verify(a,r) ASN1_verify((int (*)())i2d_X509_CRL_INFO, \ | ||
| 392 | a->sig_alg, a->signature,(char *)a->crl,r) | ||
| 393 | |||
| 394 | #define X509_sign(x,pkey,md) \ | ||
| 395 | ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, \ | ||
| 396 | x->sig_alg, x->signature, (char *)x->cert_info,pkey,md) | ||
| 397 | #define X509_REQ_sign(x,pkey,md) \ | ||
| 398 | ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, \ | ||
| 399 | x->signature, (char *)x->req_info,pkey,md) | ||
| 400 | #define X509_CRL_sign(x,pkey,md) \ | ||
| 401 | ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,x->sig_alg, \ | ||
| 402 | x->signature, (char *)x->crl,pkey,md) | ||
| 403 | #define NETSCAPE_SPKI_sign(x,pkey,md) \ | ||
| 404 | ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, \ | ||
| 405 | x->signature, (char *)x->spkac,pkey,md) | ||
| 406 | |||
| 407 | #define X509_dup(x509) (X509 *)ASN1_dup((int (*)())i2d_X509, \ | ||
| 408 | (char *(*)())d2i_X509,(char *)x509) | ||
| 409 | #define X509_ATTRIBUTE_dup(xa) (X509_ATTRIBUTE *)ASN1_dup(\ | ||
| 410 | (int (*)())i2d_X509_ATTRIBUTE, \ | ||
| 411 | (char *(*)())d2i_X509_ATTRIBUTE,(char *)xa) | ||
| 412 | #define X509_EXTENSION_dup(ex) (X509_EXTENSION *)ASN1_dup( \ | ||
| 413 | (int (*)())i2d_X509_EXTENSION, \ | ||
| 414 | (char *(*)())d2i_X509_EXTENSION,(char *)ex) | ||
| 415 | #define d2i_X509_fp(fp,x509) (X509 *)ASN1_d2i_fp((char *(*)())X509_new, \ | ||
| 416 | (char *(*)())d2i_X509, (fp),(unsigned char **)(x509)) | ||
| 417 | #define i2d_X509_fp(fp,x509) ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509) | ||
| 418 | #define d2i_X509_bio(bp,x509) (X509 *)ASN1_d2i_bio((char *(*)())X509_new, \ | ||
| 419 | (char *(*)())d2i_X509, (bp),(unsigned char **)(x509)) | ||
| 420 | #define i2d_X509_bio(bp,x509) ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509) | ||
| 421 | |||
| 422 | #define X509_CRL_dup(crl) (X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL, \ | ||
| 423 | (char *(*)())d2i_X509_CRL,(char *)crl) | ||
| 424 | #define d2i_X509_CRL_fp(fp,crl) (X509_CRL *)ASN1_d2i_fp((char *(*)()) \ | ||
| 425 | X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),\ | ||
| 426 | (unsigned char **)(crl)) | ||
| 427 | #define i2d_X509_CRL_fp(fp,crl) ASN1_i2d_fp(i2d_X509_CRL,fp,\ | ||
| 428 | (unsigned char *)crl) | ||
| 429 | #define d2i_X509_CRL_bio(bp,crl) (X509_CRL *)ASN1_d2i_bio((char *(*)()) \ | ||
| 430 | X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),\ | ||
| 431 | (unsigned char **)(crl)) | ||
| 432 | #define i2d_X509_CRL_bio(bp,crl) ASN1_i2d_bio(i2d_X509_CRL,bp,\ | ||
| 433 | (unsigned char *)crl) | ||
| 434 | |||
| 435 | #define PKCS7_dup(p7) (PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7, \ | ||
| 436 | (char *(*)())d2i_PKCS7,(char *)p7) | ||
| 437 | #define d2i_PKCS7_fp(fp,p7) (PKCS7 *)ASN1_d2i_fp((char *(*)()) \ | ||
| 438 | PKCS7_new,(char *(*)())d2i_PKCS7, (fp),\ | ||
| 439 | (unsigned char **)(p7)) | ||
| 440 | #define i2d_PKCS7_fp(fp,p7) ASN1_i2d_fp(i2d_PKCS7,fp,\ | ||
| 441 | (unsigned char *)p7) | ||
| 442 | #define d2i_PKCS7_bio(bp,p7) (PKCS7 *)ASN1_d2i_bio((char *(*)()) \ | ||
| 443 | PKCS7_new,(char *(*)())d2i_PKCS7, (bp),\ | ||
| 444 | (unsigned char **)(p7)) | ||
| 445 | #define i2d_PKCS7_bio(bp,p7) ASN1_i2d_bio(i2d_PKCS7,bp,\ | ||
| 446 | (unsigned char *)p7) | ||
| 447 | |||
| 448 | #define X509_REQ_dup(req) (X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ, \ | ||
| 449 | (char *(*)())d2i_X509_REQ,(char *)req) | ||
| 450 | #define d2i_X509_REQ_fp(fp,req) (X509_REQ *)ASN1_d2i_fp((char *(*)())\ | ||
| 451 | X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),\ | ||
| 452 | (unsigned char **)(req)) | ||
| 453 | #define i2d_X509_REQ_fp(fp,req) ASN1_i2d_fp(i2d_X509_REQ,fp,\ | ||
| 454 | (unsigned char *)req) | ||
| 455 | #define d2i_X509_REQ_bio(bp,req) (X509_REQ *)ASN1_d2i_bio((char *(*)())\ | ||
| 456 | X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),\ | ||
| 457 | (unsigned char **)(req)) | ||
| 458 | #define i2d_X509_REQ_bio(bp,req) ASN1_i2d_bio(i2d_X509_REQ,bp,\ | ||
| 459 | (unsigned char *)req) | ||
| 460 | |||
| 461 | #define RSAPublicKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey, \ | ||
| 462 | (char *(*)())d2i_RSAPublicKey,(char *)rsa) | ||
| 463 | #define RSAPrivateKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey, \ | ||
| 464 | (char *(*)())d2i_RSAPrivateKey,(char *)rsa) | ||
| 465 | |||
| 466 | #define d2i_RSAPrivateKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\ | ||
| 467 | RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp), \ | ||
| 468 | (unsigned char **)(rsa)) | ||
| 469 | #define i2d_RSAPrivateKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPrivateKey,fp, \ | ||
| 470 | (unsigned char *)rsa) | ||
| 471 | #define d2i_RSAPrivateKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\ | ||
| 472 | RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp), \ | ||
| 473 | (unsigned char **)(rsa)) | ||
| 474 | #define i2d_RSAPrivateKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPrivateKey,bp, \ | ||
| 475 | (unsigned char *)rsa) | ||
| 476 | |||
| 477 | #define d2i_RSAPublicKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\ | ||
| 478 | RSA_new,(char *(*)())d2i_RSAPublicKey, (fp), \ | ||
| 479 | (unsigned char **)(rsa)) | ||
| 480 | #define i2d_RSAPublicKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPublicKey,fp, \ | ||
| 481 | (unsigned char *)rsa) | ||
| 482 | #define d2i_RSAPublicKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\ | ||
| 483 | RSA_new,(char *(*)())d2i_RSAPublicKey, (bp), \ | ||
| 484 | (unsigned char **)(rsa)) | ||
| 485 | #define i2d_RSAPublicKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPublicKey,bp, \ | ||
| 486 | (unsigned char *)rsa) | ||
| 487 | |||
| 488 | #define d2i_DSAPrivateKey_fp(fp,dsa) (DSA *)ASN1_d2i_fp((char *(*)())\ | ||
| 489 | DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), \ | ||
| 490 | (unsigned char **)(dsa)) | ||
| 491 | #define i2d_DSAPrivateKey_fp(fp,dsa) ASN1_i2d_fp(i2d_DSAPrivateKey,fp, \ | ||
| 492 | (unsigned char *)dsa) | ||
| 493 | #define d2i_DSAPrivateKey_bio(bp,dsa) (DSA *)ASN1_d2i_bio((char *(*)())\ | ||
| 494 | DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), \ | ||
| 495 | (unsigned char **)(dsa)) | ||
| 496 | #define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \ | ||
| 497 | (unsigned char *)dsa) | ||
| 498 | |||
| 499 | #define X509_ALGOR_dup(xn) (X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,\ | ||
| 500 | (char *(*)())d2i_X509_ALGOR,(char *)xn) | ||
| 501 | |||
| 502 | #define X509_NAME_dup(xn) (X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, \ | ||
| 503 | (char *(*)())d2i_X509_NAME,(char *)xn) | ||
| 504 | #define X509_NAME_ENTRY_dup(ne) (X509_NAME_ENTRY *)ASN1_dup( \ | ||
| 505 | (int (*)())i2d_X509_NAME_ENTRY, \ | ||
| 506 | (char *(*)())d2i_X509_NAME_ENTRY,\ | ||
| 507 | (char *)ne) | ||
| 508 | |||
| 509 | #define X509_digest(data,type,md,len) \ | ||
| 510 | ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len) | ||
| 511 | #define X509_NAME_digest(data,type,md,len) \ | ||
| 512 | ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len) | ||
| 513 | #ifndef PKCS7_ISSUER_AND_SERIAL_digest | ||
| 514 | #define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \ | ||
| 515 | ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\ | ||
| 516 | (char *)data,md,len) | ||
| 517 | #endif | ||
| 518 | #endif | ||
| 519 | |||
| 520 | #define X509_EXT_PACK_UNKNOWN 1 | ||
| 521 | #define X509_EXT_PACK_STRING 2 | ||
| 522 | |||
| 523 | #define X509_get_version(x) ASN1_INTEGER_get((x)->cert_info->version) | ||
| 524 | /* #define X509_get_serialNumber(x) ((x)->cert_info->serialNumber) */ | ||
| 525 | #define X509_get_notBefore(x) ((x)->cert_info->validity->notBefore) | ||
| 526 | #define X509_get_notAfter(x) ((x)->cert_info->validity->notAfter) | ||
| 527 | #define X509_extract_key(x) X509_get_pubkey(x) /*****/ | ||
| 528 | #define X509_REQ_get_version(x) ASN1_INTEGER_get((x)->req_info->version) | ||
| 529 | #define X509_REQ_get_subject_name(x) ((x)->req_info->subject) | ||
| 530 | #define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a) | ||
| 531 | #define X509_name_cmp(a,b) X509_NAME_cmp((a),(b)) | ||
| 532 | #define X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm)) | ||
| 533 | |||
| 534 | #define X509_CRL_get_version(x) ASN1_INTEGER_get((x)->crl->version) | ||
| 535 | #define X509_CRL_get_lastUpdate(x) ((x)->crl->lastUpdate) | ||
| 536 | #define X509_CRL_get_nextUpdate(x) ((x)->crl->nextUpdate) | ||
| 537 | #define X509_CRL_get_issuer(x) ((x)->crl->issuer) | ||
| 538 | #define X509_CRL_get_REVOKED(x) ((x)->crl->revoked) | ||
| 539 | |||
| 540 | /* This one is only used so that a binary form can output, as in | ||
| 541 | * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */ | ||
| 542 | #define X509_get_X509_PUBKEY(x) ((x)->cert_info->key) | ||
| 543 | |||
| 544 | |||
| 545 | const char *X509_verify_cert_error_string(long n); | ||
| 546 | |||
| 547 | #ifndef SSLEAY_MACROS | ||
| 548 | #ifdef HEADER_ENVELOPE_H | ||
| 549 | int X509_verify(X509 *a, EVP_PKEY *r); | ||
| 550 | |||
| 551 | int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r); | ||
| 552 | int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r); | ||
| 553 | int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r); | ||
| 554 | |||
| 555 | int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); | ||
| 556 | int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md); | ||
| 557 | int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md); | ||
| 558 | int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md); | ||
| 559 | |||
| 560 | int X509_digest(X509 *data,EVP_MD *type,unsigned char *md,unsigned int *len); | ||
| 561 | int X509_NAME_digest(X509_NAME *data,EVP_MD *type, | ||
| 562 | unsigned char *md,unsigned int *len); | ||
| 563 | #endif | ||
| 564 | |||
| 565 | #ifndef NO_FP_API | ||
| 566 | X509 *d2i_X509_fp(FILE *fp, X509 **x509); | ||
| 567 | int i2d_X509_fp(FILE *fp,X509 *x509); | ||
| 568 | X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL **crl); | ||
| 569 | int i2d_X509_CRL_fp(FILE *fp,X509_CRL *crl); | ||
| 570 | X509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ **req); | ||
| 571 | int i2d_X509_REQ_fp(FILE *fp,X509_REQ *req); | ||
| 572 | #ifndef NO_RSA | ||
| 573 | RSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA **rsa); | ||
| 574 | int i2d_RSAPrivateKey_fp(FILE *fp,RSA *rsa); | ||
| 575 | RSA *d2i_RSAPublicKey_fp(FILE *fp,RSA **rsa); | ||
| 576 | int i2d_RSAPublicKey_fp(FILE *fp,RSA *rsa); | ||
| 577 | #endif | ||
| 578 | #ifndef NO_DSA | ||
| 579 | DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa); | ||
| 580 | int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa); | ||
| 581 | X509_SIG *d2i_PKCS8_fp(FILE *fp,X509_SIG **p8); | ||
| 582 | int i2d_PKCS8_fp(FILE *fp,X509_SIG *p8); | ||
| 583 | PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, | ||
| 584 | PKCS8_PRIV_KEY_INFO **p8inf); | ||
| 585 | int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,PKCS8_PRIV_KEY_INFO *p8inf); | ||
| 586 | #endif | ||
| 587 | #endif | ||
| 588 | |||
| 589 | #ifdef HEADER_BIO_H | ||
| 590 | X509 *d2i_X509_bio(BIO *bp,X509 **x509); | ||
| 591 | int i2d_X509_bio(BIO *bp,X509 *x509); | ||
| 592 | X509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL **crl); | ||
| 593 | int i2d_X509_CRL_bio(BIO *bp,X509_CRL *crl); | ||
| 594 | X509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ **req); | ||
| 595 | int i2d_X509_REQ_bio(BIO *bp,X509_REQ *req); | ||
| 596 | #ifndef NO_RSA | ||
| 597 | RSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA **rsa); | ||
| 598 | int i2d_RSAPrivateKey_bio(BIO *bp,RSA *rsa); | ||
| 599 | RSA *d2i_RSAPublicKey_bio(BIO *bp,RSA **rsa); | ||
| 600 | int i2d_RSAPublicKey_bio(BIO *bp,RSA *rsa); | ||
| 601 | #endif | ||
| 602 | #ifndef NO_DSA | ||
| 603 | DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa); | ||
| 604 | int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa); | ||
| 605 | #endif | ||
| 606 | X509_SIG *d2i_PKCS8_bio(BIO *bp,X509_SIG **p8); | ||
| 607 | int i2d_PKCS8_bio(BIO *bp,X509_SIG *p8); | ||
| 608 | PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, | ||
| 609 | PKCS8_PRIV_KEY_INFO **p8inf); | ||
| 610 | int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,PKCS8_PRIV_KEY_INFO *p8inf); | ||
| 611 | #endif | ||
| 612 | |||
| 613 | X509 *X509_dup(X509 *x509); | ||
| 614 | X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa); | ||
| 615 | X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex); | ||
| 616 | X509_CRL *X509_CRL_dup(X509_CRL *crl); | ||
| 617 | X509_REQ *X509_REQ_dup(X509_REQ *req); | ||
| 618 | X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn); | ||
| 619 | X509_NAME *X509_NAME_dup(X509_NAME *xn); | ||
| 620 | X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne); | ||
| 621 | #ifndef NO_RSA | ||
| 622 | RSA *RSAPublicKey_dup(RSA *rsa); | ||
| 623 | RSA *RSAPrivateKey_dup(RSA *rsa); | ||
| 624 | #endif | ||
| 625 | |||
| 626 | #endif /* !SSLEAY_MACROS */ | ||
| 627 | |||
| 628 | int X509_cmp_current_time(ASN1_UTCTIME *s); | ||
| 629 | ASN1_UTCTIME * X509_gmtime_adj(ASN1_UTCTIME *s, long adj); | ||
| 630 | |||
| 631 | const char * X509_get_default_cert_area(void ); | ||
| 632 | const char * X509_get_default_cert_dir(void ); | ||
| 633 | const char * X509_get_default_cert_file(void ); | ||
| 634 | const char * X509_get_default_cert_dir_env(void ); | ||
| 635 | const char * X509_get_default_cert_file_env(void ); | ||
| 636 | const char * X509_get_default_private_dir(void ); | ||
| 637 | |||
| 638 | X509_REQ * X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, EVP_MD *md); | ||
| 639 | X509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey); | ||
| 640 | void ERR_load_X509_strings(void ); | ||
| 641 | |||
| 642 | X509_ALGOR * X509_ALGOR_new(void ); | ||
| 643 | void X509_ALGOR_free(X509_ALGOR *a); | ||
| 644 | int i2d_X509_ALGOR(X509_ALGOR *a,unsigned char **pp); | ||
| 645 | X509_ALGOR * d2i_X509_ALGOR(X509_ALGOR **a,unsigned char **pp, | ||
| 646 | long length); | ||
| 647 | |||
| 648 | X509_VAL * X509_VAL_new(void ); | ||
| 649 | void X509_VAL_free(X509_VAL *a); | ||
| 650 | int i2d_X509_VAL(X509_VAL *a,unsigned char **pp); | ||
| 651 | X509_VAL * d2i_X509_VAL(X509_VAL **a,unsigned char **pp, | ||
| 652 | long length); | ||
| 653 | |||
| 654 | X509_PUBKEY * X509_PUBKEY_new(void ); | ||
| 655 | void X509_PUBKEY_free(X509_PUBKEY *a); | ||
| 656 | int i2d_X509_PUBKEY(X509_PUBKEY *a,unsigned char **pp); | ||
| 657 | X509_PUBKEY * d2i_X509_PUBKEY(X509_PUBKEY **a,unsigned char **pp, | ||
| 658 | long length); | ||
| 659 | int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey); | ||
| 660 | EVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key); | ||
| 661 | int X509_get_pubkey_parameters(EVP_PKEY *pkey, | ||
| 662 | STACK_OF(X509) *chain); | ||
| 663 | |||
| 664 | |||
| 665 | X509_SIG * X509_SIG_new(void ); | ||
| 666 | void X509_SIG_free(X509_SIG *a); | ||
| 667 | int i2d_X509_SIG(X509_SIG *a,unsigned char **pp); | ||
| 668 | X509_SIG * d2i_X509_SIG(X509_SIG **a,unsigned char **pp,long length); | ||
| 669 | |||
| 670 | X509_REQ_INFO *X509_REQ_INFO_new(void); | ||
| 671 | void X509_REQ_INFO_free(X509_REQ_INFO *a); | ||
| 672 | int i2d_X509_REQ_INFO(X509_REQ_INFO *a,unsigned char **pp); | ||
| 673 | X509_REQ_INFO *d2i_X509_REQ_INFO(X509_REQ_INFO **a,unsigned char **pp, | ||
| 674 | long length); | ||
| 675 | |||
| 676 | X509_REQ * X509_REQ_new(void); | ||
| 677 | void X509_REQ_free(X509_REQ *a); | ||
| 678 | int i2d_X509_REQ(X509_REQ *a,unsigned char **pp); | ||
| 679 | X509_REQ * d2i_X509_REQ(X509_REQ **a,unsigned char **pp,long length); | ||
| 680 | |||
| 681 | X509_ATTRIBUTE *X509_ATTRIBUTE_new(void ); | ||
| 682 | void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a); | ||
| 683 | int i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a,unsigned char **pp); | ||
| 684 | X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a,unsigned char **pp, | ||
| 685 | long length); | ||
| 686 | X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value); | ||
| 687 | |||
| 688 | |||
| 689 | X509_EXTENSION *X509_EXTENSION_new(void ); | ||
| 690 | void X509_EXTENSION_free(X509_EXTENSION *a); | ||
| 691 | int i2d_X509_EXTENSION(X509_EXTENSION *a,unsigned char **pp); | ||
| 692 | X509_EXTENSION *d2i_X509_EXTENSION(X509_EXTENSION **a,unsigned char **pp, | ||
| 693 | long length); | ||
| 694 | |||
| 695 | X509_NAME_ENTRY *X509_NAME_ENTRY_new(void); | ||
| 696 | void X509_NAME_ENTRY_free(X509_NAME_ENTRY *a); | ||
| 697 | int i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *a,unsigned char **pp); | ||
| 698 | X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **a,unsigned char **pp, | ||
| 699 | long length); | ||
| 700 | |||
| 701 | X509_NAME * X509_NAME_new(void); | ||
| 702 | void X509_NAME_free(X509_NAME *a); | ||
| 703 | int i2d_X509_NAME(X509_NAME *a,unsigned char **pp); | ||
| 704 | X509_NAME * d2i_X509_NAME(X509_NAME **a,unsigned char **pp,long length); | ||
| 705 | int X509_NAME_set(X509_NAME **xn, X509_NAME *name); | ||
| 706 | |||
| 707 | |||
| 708 | X509_CINF * X509_CINF_new(void); | ||
| 709 | void X509_CINF_free(X509_CINF *a); | ||
| 710 | int i2d_X509_CINF(X509_CINF *a,unsigned char **pp); | ||
| 711 | X509_CINF * d2i_X509_CINF(X509_CINF **a,unsigned char **pp,long length); | ||
| 712 | |||
| 713 | X509 * X509_new(void); | ||
| 714 | void X509_free(X509 *a); | ||
| 715 | int i2d_X509(X509 *a,unsigned char **pp); | ||
| 716 | X509 * d2i_X509(X509 **a,unsigned char **pp,long length); | ||
| 717 | |||
| 718 | X509_REVOKED * X509_REVOKED_new(void); | ||
| 719 | void X509_REVOKED_free(X509_REVOKED *a); | ||
| 720 | int i2d_X509_REVOKED(X509_REVOKED *a,unsigned char **pp); | ||
| 721 | X509_REVOKED * d2i_X509_REVOKED(X509_REVOKED **a,unsigned char **pp,long length); | ||
| 722 | |||
| 723 | X509_CRL_INFO *X509_CRL_INFO_new(void); | ||
| 724 | void X509_CRL_INFO_free(X509_CRL_INFO *a); | ||
| 725 | int i2d_X509_CRL_INFO(X509_CRL_INFO *a,unsigned char **pp); | ||
| 726 | X509_CRL_INFO *d2i_X509_CRL_INFO(X509_CRL_INFO **a,unsigned char **pp, | ||
| 727 | long length); | ||
| 728 | |||
| 729 | X509_CRL * X509_CRL_new(void); | ||
| 730 | void X509_CRL_free(X509_CRL *a); | ||
| 731 | int i2d_X509_CRL(X509_CRL *a,unsigned char **pp); | ||
| 732 | X509_CRL * d2i_X509_CRL(X509_CRL **a,unsigned char **pp,long length); | ||
| 733 | |||
| 734 | X509_PKEY * X509_PKEY_new(void ); | ||
| 735 | void X509_PKEY_free(X509_PKEY *a); | ||
| 736 | int i2d_X509_PKEY(X509_PKEY *a,unsigned char **pp); | ||
| 737 | X509_PKEY * d2i_X509_PKEY(X509_PKEY **a,unsigned char **pp,long length); | ||
| 738 | |||
| 739 | NETSCAPE_SPKI * NETSCAPE_SPKI_new(void ); | ||
| 740 | void NETSCAPE_SPKI_free(NETSCAPE_SPKI *a); | ||
| 741 | int i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a,unsigned char **pp); | ||
| 742 | NETSCAPE_SPKI * d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **a,unsigned char **pp, | ||
| 743 | long length); | ||
| 744 | |||
| 745 | NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(void ); | ||
| 746 | void NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a); | ||
| 747 | int i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a,unsigned char **pp); | ||
| 748 | NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a,unsigned char **pp, | ||
| 749 | long length); | ||
| 750 | |||
| 751 | |||
| 752 | int i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **pp); | ||
| 753 | NETSCAPE_CERT_SEQUENCE *NETSCAPE_CERT_SEQUENCE_new(void); | ||
| 754 | NETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a, unsigned char **pp, long length); | ||
| 755 | void NETSCAPE_CERT_SEQUENCE_free(NETSCAPE_CERT_SEQUENCE *a); | ||
| 756 | |||
| 757 | #ifdef HEADER_ENVELOPE_H | ||
| 758 | X509_INFO * X509_INFO_new(void); | ||
| 759 | void X509_INFO_free(X509_INFO *a); | ||
| 760 | char * X509_NAME_oneline(X509_NAME *a,char *buf,int size); | ||
| 761 | |||
| 762 | int ASN1_verify(int (*i2d)(), X509_ALGOR *algor1, | ||
| 763 | ASN1_BIT_STRING *signature,char *data,EVP_PKEY *pkey); | ||
| 764 | |||
| 765 | int ASN1_digest(int (*i2d)(),EVP_MD *type,char *data, | ||
| 766 | unsigned char *md,unsigned int *len); | ||
| 767 | |||
| 768 | int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2, | ||
| 769 | ASN1_BIT_STRING *signature, | ||
| 770 | char *data,EVP_PKEY *pkey, const EVP_MD *type); | ||
| 771 | #endif | ||
| 772 | |||
| 773 | int X509_set_version(X509 *x,long version); | ||
| 774 | int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial); | ||
| 775 | ASN1_INTEGER * X509_get_serialNumber(X509 *x); | ||
| 776 | int X509_set_issuer_name(X509 *x, X509_NAME *name); | ||
| 777 | X509_NAME * X509_get_issuer_name(X509 *a); | ||
| 778 | int X509_set_subject_name(X509 *x, X509_NAME *name); | ||
| 779 | X509_NAME * X509_get_subject_name(X509 *a); | ||
| 780 | int X509_set_notBefore(X509 *x, ASN1_UTCTIME *tm); | ||
| 781 | int X509_set_notAfter(X509 *x, ASN1_UTCTIME *tm); | ||
| 782 | int X509_set_pubkey(X509 *x, EVP_PKEY *pkey); | ||
| 783 | EVP_PKEY * X509_get_pubkey(X509 *x); | ||
| 784 | int X509_certificate_type(X509 *x,EVP_PKEY *pubkey /* optional */); | ||
| 785 | |||
| 786 | int X509_REQ_set_version(X509_REQ *x,long version); | ||
| 787 | int X509_REQ_set_subject_name(X509_REQ *req,X509_NAME *name); | ||
| 788 | int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey); | ||
| 789 | EVP_PKEY * X509_REQ_get_pubkey(X509_REQ *req); | ||
| 790 | |||
| 791 | int X509_check_private_key(X509 *x509,EVP_PKEY *pkey); | ||
| 792 | |||
| 793 | int X509_issuer_and_serial_cmp(X509 *a, X509 *b); | ||
| 794 | unsigned long X509_issuer_and_serial_hash(X509 *a); | ||
| 795 | |||
| 796 | int X509_issuer_name_cmp(X509 *a, X509 *b); | ||
| 797 | unsigned long X509_issuer_name_hash(X509 *a); | ||
| 798 | |||
| 799 | int X509_subject_name_cmp(X509 *a,X509 *b); | ||
| 800 | unsigned long X509_subject_name_hash(X509 *x); | ||
| 801 | |||
| 802 | int X509_NAME_cmp (X509_NAME *a, X509_NAME *b); | ||
| 803 | unsigned long X509_NAME_hash(X509_NAME *x); | ||
| 804 | |||
| 805 | int X509_CRL_cmp(X509_CRL *a,X509_CRL *b); | ||
| 806 | #ifndef NO_FP_API | ||
| 807 | int X509_print_fp(FILE *bp,X509 *x); | ||
| 808 | int X509_CRL_print_fp(FILE *bp,X509_CRL *x); | ||
| 809 | int X509_REQ_print_fp(FILE *bp,X509_REQ *req); | ||
| 810 | #endif | ||
| 811 | |||
| 812 | #ifdef HEADER_BIO_H | ||
| 813 | int X509_NAME_print(BIO *bp, X509_NAME *name, int obase); | ||
| 814 | int X509_print(BIO *bp,X509 *x); | ||
| 815 | int X509_CRL_print(BIO *bp,X509_CRL *x); | ||
| 816 | int X509_REQ_print(BIO *bp,X509_REQ *req); | ||
| 817 | #endif | ||
| 818 | |||
| 819 | int X509_NAME_entry_count(X509_NAME *name); | ||
| 820 | int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, | ||
| 821 | char *buf,int len); | ||
| 822 | int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, | ||
| 823 | char *buf,int len); | ||
| 824 | |||
| 825 | /* NOTE: you should be passsing -1, not 0 as lastpos. The functions that use | ||
| 826 | * lastpos, seach after that position on. */ | ||
| 827 | int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int lastpos); | ||
| 828 | int X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj, | ||
| 829 | int lastpos); | ||
| 830 | X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc); | ||
| 831 | X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc); | ||
| 832 | int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne, | ||
| 833 | int loc, int set); | ||
| 834 | X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, | ||
| 835 | int type,unsigned char *bytes, int len); | ||
| 836 | X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, | ||
| 837 | ASN1_OBJECT *obj, int type,unsigned char *bytes, | ||
| 838 | int len); | ||
| 839 | int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, | ||
| 840 | ASN1_OBJECT *obj); | ||
| 841 | int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, | ||
| 842 | unsigned char *bytes, int len); | ||
| 843 | ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne); | ||
| 844 | ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne); | ||
| 845 | |||
| 846 | int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x); | ||
| 847 | int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, | ||
| 848 | int nid, int lastpos); | ||
| 849 | int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x, | ||
| 850 | ASN1_OBJECT *obj,int lastpos); | ||
| 851 | int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x, | ||
| 852 | int crit, int lastpos); | ||
| 853 | X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc); | ||
| 854 | X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc); | ||
| 855 | STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, | ||
| 856 | X509_EXTENSION *ex, int loc); | ||
| 857 | |||
| 858 | int X509_get_ext_count(X509 *x); | ||
| 859 | int X509_get_ext_by_NID(X509 *x, int nid, int lastpos); | ||
| 860 | int X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int lastpos); | ||
| 861 | int X509_get_ext_by_critical(X509 *x, int crit, int lastpos); | ||
| 862 | X509_EXTENSION *X509_get_ext(X509 *x, int loc); | ||
| 863 | X509_EXTENSION *X509_delete_ext(X509 *x, int loc); | ||
| 864 | int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc); | ||
| 865 | |||
| 866 | int X509_CRL_get_ext_count(X509_CRL *x); | ||
| 867 | int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos); | ||
| 868 | int X509_CRL_get_ext_by_OBJ(X509_CRL *x,ASN1_OBJECT *obj,int lastpos); | ||
| 869 | int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos); | ||
| 870 | X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc); | ||
| 871 | X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc); | ||
| 872 | int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc); | ||
| 873 | |||
| 874 | int X509_REVOKED_get_ext_count(X509_REVOKED *x); | ||
| 875 | int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos); | ||
| 876 | int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x,ASN1_OBJECT *obj,int lastpos); | ||
| 877 | int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos); | ||
| 878 | X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc); | ||
| 879 | X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc); | ||
| 880 | int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc); | ||
| 881 | |||
| 882 | X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, | ||
| 883 | int nid, int crit, ASN1_OCTET_STRING *data); | ||
| 884 | X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, | ||
| 885 | ASN1_OBJECT *obj,int crit,ASN1_OCTET_STRING *data); | ||
| 886 | int X509_EXTENSION_set_object(X509_EXTENSION *ex,ASN1_OBJECT *obj); | ||
| 887 | int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit); | ||
| 888 | int X509_EXTENSION_set_data(X509_EXTENSION *ex, | ||
| 889 | ASN1_OCTET_STRING *data); | ||
| 890 | ASN1_OBJECT * X509_EXTENSION_get_object(X509_EXTENSION *ex); | ||
| 891 | ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne); | ||
| 892 | int X509_EXTENSION_get_critical(X509_EXTENSION *ex); | ||
| 893 | |||
| 894 | int X509_verify_cert(X509_STORE_CTX *ctx); | ||
| 895 | |||
| 896 | /* lookup a cert from a X509 STACK */ | ||
| 897 | X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,X509_NAME *name, | ||
| 898 | ASN1_INTEGER *serial); | ||
| 899 | X509 *X509_find_by_subject(STACK_OF(X509) *sk,X509_NAME *name); | ||
| 900 | |||
| 901 | int i2d_PBEPARAM(PBEPARAM *a, unsigned char **pp); | ||
| 902 | PBEPARAM *PBEPARAM_new(void); | ||
| 903 | PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, unsigned char **pp, long length); | ||
| 904 | void PBEPARAM_free(PBEPARAM *a); | ||
| 905 | X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, int saltlen); | ||
| 906 | X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, | ||
| 907 | unsigned char *salt, int saltlen); | ||
| 908 | |||
| 909 | int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **pp); | ||
| 910 | PBKDF2PARAM *PBKDF2PARAM_new(void); | ||
| 911 | PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, unsigned char **pp, long length); | ||
| 912 | void PBKDF2PARAM_free(PBKDF2PARAM *a); | ||
| 913 | |||
| 914 | int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **pp); | ||
| 915 | PBE2PARAM *PBE2PARAM_new(void); | ||
| 916 | PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, unsigned char **pp, long length); | ||
| 917 | void PBE2PARAM_free(PBE2PARAM *a); | ||
| 918 | |||
| 919 | /* PKCS#8 utilities */ | ||
| 920 | |||
| 921 | int i2d_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO *a, unsigned char **pp); | ||
| 922 | PKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new(void); | ||
| 923 | PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a, | ||
| 924 | unsigned char **pp, long length); | ||
| 925 | void PKCS8_PRIV_KEY_INFO_free(PKCS8_PRIV_KEY_INFO *a); | ||
| 926 | |||
| 927 | EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8); | ||
| 928 | PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey); | ||
| 929 | PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken); | ||
| 930 | |||
| 931 | /* BEGIN ERROR CODES */ | ||
| 932 | /* The following lines are auto generated by the script mkerr.pl. Any changes | ||
| 933 | * made after this point may be overwritten when the script is next run. | ||
| 934 | */ | ||
| 935 | |||
| 936 | /* Error codes for the X509 functions. */ | ||
| 937 | |||
| 938 | /* Function codes. */ | ||
| 939 | #define X509_F_ADD_CERT_DIR 100 | ||
| 940 | #define X509_F_BY_FILE_CTRL 101 | ||
| 941 | #define X509_F_DIR_CTRL 102 | ||
| 942 | #define X509_F_GET_CERT_BY_SUBJECT 103 | ||
| 943 | #define X509_F_X509V3_ADD_EXT 104 | ||
| 944 | #define X509_F_X509_CHECK_PRIVATE_KEY 128 | ||
| 945 | #define X509_F_X509_EXTENSION_CREATE_BY_NID 108 | ||
| 946 | #define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109 | ||
| 947 | #define X509_F_X509_GET_PUBKEY_PARAMETERS 110 | ||
| 948 | #define X509_F_X509_LOAD_CERT_FILE 111 | ||
| 949 | #define X509_F_X509_LOAD_CRL_FILE 112 | ||
| 950 | #define X509_F_X509_NAME_ADD_ENTRY 113 | ||
| 951 | #define X509_F_X509_NAME_ENTRY_CREATE_BY_NID 114 | ||
| 952 | #define X509_F_X509_NAME_ENTRY_SET_OBJECT 115 | ||
| 953 | #define X509_F_X509_NAME_ONELINE 116 | ||
| 954 | #define X509_F_X509_NAME_PRINT 117 | ||
| 955 | #define X509_F_X509_PRINT_FP 118 | ||
| 956 | #define X509_F_X509_PUBKEY_GET 119 | ||
| 957 | #define X509_F_X509_PUBKEY_SET 120 | ||
| 958 | #define X509_F_X509_REQ_PRINT 121 | ||
| 959 | #define X509_F_X509_REQ_PRINT_FP 122 | ||
| 960 | #define X509_F_X509_REQ_TO_X509 123 | ||
| 961 | #define X509_F_X509_STORE_ADD_CERT 124 | ||
| 962 | #define X509_F_X509_STORE_ADD_CRL 125 | ||
| 963 | #define X509_F_X509_TO_X509_REQ 126 | ||
| 964 | #define X509_F_X509_VERIFY_CERT 127 | ||
| 965 | |||
| 966 | /* Reason codes. */ | ||
| 967 | #define X509_R_BAD_X509_FILETYPE 100 | ||
| 968 | #define X509_R_CANT_CHECK_DH_KEY 114 | ||
| 969 | #define X509_R_CERT_ALREADY_IN_HASH_TABLE 101 | ||
| 970 | #define X509_R_ERR_ASN1_LIB 102 | ||
| 971 | #define X509_R_INVALID_DIRECTORY 113 | ||
| 972 | #define X509_R_KEY_TYPE_MISMATCH 115 | ||
| 973 | #define X509_R_KEY_VALUES_MISMATCH 116 | ||
| 974 | #define X509_R_LOADING_CERT_DIR 103 | ||
| 975 | #define X509_R_LOADING_DEFAULTS 104 | ||
| 976 | #define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105 | ||
| 977 | #define X509_R_SHOULD_RETRY 106 | ||
| 978 | #define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107 | ||
| 979 | #define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108 | ||
| 980 | #define X509_R_UNKNOWN_KEY_TYPE 117 | ||
| 981 | #define X509_R_UNKNOWN_NID 109 | ||
| 982 | #define X509_R_UNSUPPORTED_ALGORITHM 111 | ||
| 983 | #define X509_R_WRONG_LOOKUP_TYPE 112 | ||
| 984 | |||
| 985 | #ifdef __cplusplus | ||
| 986 | } | ||
| 987 | #endif | ||
| 988 | #endif | ||
| 989 | |||
diff --git a/src/lib/libcrypto/x509/x509_cmp.c b/src/lib/libcrypto/x509/x509_cmp.c deleted file mode 100644 index 9a93bae3ff..0000000000 --- a/src/lib/libcrypto/x509/x509_cmp.c +++ /dev/null | |||
| @@ -1,293 +0,0 @@ | |||
| 1 | /* crypto/x509/x509_cmp.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include <sys/types.h> | ||
| 61 | #include <sys/stat.h> | ||
| 62 | #include "cryptlib.h" | ||
| 63 | #include <openssl/asn1.h> | ||
| 64 | #include <openssl/objects.h> | ||
| 65 | #include <openssl/x509.h> | ||
| 66 | |||
| 67 | int X509_issuer_and_serial_cmp(X509 *a, X509 *b) | ||
| 68 | { | ||
| 69 | int i; | ||
| 70 | X509_CINF *ai,*bi; | ||
| 71 | |||
| 72 | ai=a->cert_info; | ||
| 73 | bi=b->cert_info; | ||
| 74 | i=ASN1_INTEGER_cmp(ai->serialNumber,bi->serialNumber); | ||
| 75 | if (i) return(i); | ||
| 76 | return(X509_NAME_cmp(ai->issuer,bi->issuer)); | ||
| 77 | } | ||
| 78 | |||
| 79 | #ifndef NO_MD5 | ||
| 80 | unsigned long X509_issuer_and_serial_hash(X509 *a) | ||
| 81 | { | ||
| 82 | unsigned long ret=0; | ||
| 83 | MD5_CTX ctx; | ||
| 84 | unsigned char md[16]; | ||
| 85 | char str[256]; | ||
| 86 | |||
| 87 | X509_NAME_oneline(a->cert_info->issuer,str,256); | ||
| 88 | ret=strlen(str); | ||
| 89 | MD5_Init(&ctx); | ||
| 90 | MD5_Update(&ctx,(unsigned char *)str,ret); | ||
| 91 | MD5_Update(&ctx,(unsigned char *)a->cert_info->serialNumber->data, | ||
| 92 | (unsigned long)a->cert_info->serialNumber->length); | ||
| 93 | MD5_Final(&(md[0]),&ctx); | ||
| 94 | ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| | ||
| 95 | ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) | ||
| 96 | )&0xffffffffL; | ||
| 97 | return(ret); | ||
| 98 | } | ||
| 99 | #endif | ||
| 100 | |||
| 101 | int X509_issuer_name_cmp(X509 *a, X509 *b) | ||
| 102 | { | ||
| 103 | return(X509_NAME_cmp(a->cert_info->issuer,b->cert_info->issuer)); | ||
| 104 | } | ||
| 105 | |||
| 106 | int X509_subject_name_cmp(X509 *a, X509 *b) | ||
| 107 | { | ||
| 108 | return(X509_NAME_cmp(a->cert_info->subject,b->cert_info->subject)); | ||
| 109 | } | ||
| 110 | |||
| 111 | int X509_CRL_cmp(X509_CRL *a, X509_CRL *b) | ||
| 112 | { | ||
| 113 | return(X509_NAME_cmp(a->crl->issuer,b->crl->issuer)); | ||
| 114 | } | ||
| 115 | |||
| 116 | X509_NAME *X509_get_issuer_name(X509 *a) | ||
| 117 | { | ||
| 118 | return(a->cert_info->issuer); | ||
| 119 | } | ||
| 120 | |||
| 121 | unsigned long X509_issuer_name_hash(X509 *x) | ||
| 122 | { | ||
| 123 | return(X509_NAME_hash(x->cert_info->issuer)); | ||
| 124 | } | ||
| 125 | |||
| 126 | X509_NAME *X509_get_subject_name(X509 *a) | ||
| 127 | { | ||
| 128 | return(a->cert_info->subject); | ||
| 129 | } | ||
| 130 | |||
| 131 | ASN1_INTEGER *X509_get_serialNumber(X509 *a) | ||
| 132 | { | ||
| 133 | return(a->cert_info->serialNumber); | ||
| 134 | } | ||
| 135 | |||
| 136 | unsigned long X509_subject_name_hash(X509 *x) | ||
| 137 | { | ||
| 138 | return(X509_NAME_hash(x->cert_info->subject)); | ||
| 139 | } | ||
| 140 | |||
| 141 | int X509_NAME_cmp(X509_NAME *a, X509_NAME *b) | ||
| 142 | { | ||
| 143 | int i,j; | ||
| 144 | X509_NAME_ENTRY *na,*nb; | ||
| 145 | |||
| 146 | if (sk_X509_NAME_ENTRY_num(a->entries) | ||
| 147 | != sk_X509_NAME_ENTRY_num(b->entries)) | ||
| 148 | return sk_X509_NAME_ENTRY_num(a->entries) | ||
| 149 | -sk_X509_NAME_ENTRY_num(b->entries); | ||
| 150 | for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--) | ||
| 151 | { | ||
| 152 | na=sk_X509_NAME_ENTRY_value(a->entries,i); | ||
| 153 | nb=sk_X509_NAME_ENTRY_value(b->entries,i); | ||
| 154 | j=na->value->length-nb->value->length; | ||
| 155 | if (j) return(j); | ||
| 156 | j=memcmp(na->value->data,nb->value->data, | ||
| 157 | na->value->length); | ||
| 158 | if (j) return(j); | ||
| 159 | j=na->set-nb->set; | ||
| 160 | if (j) return(j); | ||
| 161 | } | ||
| 162 | |||
| 163 | /* We will check the object types after checking the values | ||
| 164 | * since the values will more often be different than the object | ||
| 165 | * types. */ | ||
| 166 | for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--) | ||
| 167 | { | ||
| 168 | na=sk_X509_NAME_ENTRY_value(a->entries,i); | ||
| 169 | nb=sk_X509_NAME_ENTRY_value(b->entries,i); | ||
| 170 | j=OBJ_cmp(na->object,nb->object); | ||
| 171 | if (j) return(j); | ||
| 172 | } | ||
| 173 | return(0); | ||
| 174 | } | ||
| 175 | |||
| 176 | #ifndef NO_MD5 | ||
| 177 | /* I now DER encode the name and hash it. Since I cache the DER encoding, | ||
| 178 | * this is reasonably effiecent. */ | ||
| 179 | unsigned long X509_NAME_hash(X509_NAME *x) | ||
| 180 | { | ||
| 181 | unsigned long ret=0; | ||
| 182 | unsigned char md[16]; | ||
| 183 | unsigned char str[256],*p,*pp; | ||
| 184 | int i; | ||
| 185 | |||
| 186 | i=i2d_X509_NAME(x,NULL); | ||
| 187 | if (i > sizeof(str)) | ||
| 188 | p=Malloc(i); | ||
| 189 | else | ||
| 190 | p=str; | ||
| 191 | |||
| 192 | pp=p; | ||
| 193 | i2d_X509_NAME(x,&pp); | ||
| 194 | MD5((unsigned char *)p,i,&(md[0])); | ||
| 195 | if (p != str) Free(p); | ||
| 196 | |||
| 197 | ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| | ||
| 198 | ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) | ||
| 199 | )&0xffffffffL; | ||
| 200 | return(ret); | ||
| 201 | } | ||
| 202 | #endif | ||
| 203 | |||
| 204 | /* Search a stack of X509 for a match */ | ||
| 205 | X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name, | ||
| 206 | ASN1_INTEGER *serial) | ||
| 207 | { | ||
| 208 | int i; | ||
| 209 | X509_CINF cinf; | ||
| 210 | X509 x,*x509=NULL; | ||
| 211 | |||
| 212 | x.cert_info= &cinf; | ||
| 213 | cinf.serialNumber=serial; | ||
| 214 | cinf.issuer=name; | ||
| 215 | |||
| 216 | for (i=0; i<sk_X509_num(sk); i++) | ||
| 217 | { | ||
| 218 | x509=sk_X509_value(sk,i); | ||
| 219 | if (X509_issuer_and_serial_cmp(x509,&x) == 0) | ||
| 220 | return(x509); | ||
| 221 | } | ||
| 222 | return(NULL); | ||
| 223 | } | ||
| 224 | |||
| 225 | X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name) | ||
| 226 | { | ||
| 227 | X509 *x509; | ||
| 228 | int i; | ||
| 229 | |||
| 230 | for (i=0; i<sk_X509_num(sk); i++) | ||
| 231 | { | ||
| 232 | x509=sk_X509_value(sk,i); | ||
| 233 | if (X509_NAME_cmp(X509_get_subject_name(x509),name) == 0) | ||
| 234 | return(x509); | ||
| 235 | } | ||
| 236 | return(NULL); | ||
| 237 | } | ||
| 238 | |||
| 239 | EVP_PKEY *X509_get_pubkey(X509 *x) | ||
| 240 | { | ||
| 241 | if ((x == NULL) || (x->cert_info == NULL)) | ||
| 242 | return(NULL); | ||
| 243 | return(X509_PUBKEY_get(x->cert_info->key)); | ||
| 244 | } | ||
| 245 | |||
| 246 | int X509_check_private_key(X509 *x, EVP_PKEY *k) | ||
| 247 | { | ||
| 248 | EVP_PKEY *xk=NULL; | ||
| 249 | int ok=0; | ||
| 250 | |||
| 251 | xk=X509_get_pubkey(x); | ||
| 252 | if (xk->type != k->type) | ||
| 253 | { | ||
| 254 | X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH); | ||
| 255 | goto err; | ||
| 256 | } | ||
| 257 | switch (k->type) | ||
| 258 | { | ||
| 259 | #ifndef NO_RSA | ||
| 260 | case EVP_PKEY_RSA: | ||
| 261 | if (BN_cmp(xk->pkey.rsa->n,k->pkey.rsa->n) != 0 | ||
| 262 | || BN_cmp(xk->pkey.rsa->e,k->pkey.rsa->e) != 0) | ||
| 263 | { | ||
| 264 | X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH); | ||
| 265 | goto err; | ||
| 266 | } | ||
| 267 | break; | ||
| 268 | #endif | ||
| 269 | #ifndef NO_DSA | ||
| 270 | case EVP_PKEY_DSA: | ||
| 271 | if (BN_cmp(xk->pkey.dsa->pub_key,k->pkey.dsa->pub_key) != 0) | ||
| 272 | { | ||
| 273 | X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH); | ||
| 274 | goto err; | ||
| 275 | } | ||
| 276 | break; | ||
| 277 | #endif | ||
| 278 | #ifndef NO_DH | ||
| 279 | case EVP_PKEY_DH: | ||
| 280 | /* No idea */ | ||
| 281 | X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY); | ||
| 282 | goto err; | ||
| 283 | #endif | ||
| 284 | default: | ||
| 285 | X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE); | ||
| 286 | goto err; | ||
| 287 | } | ||
| 288 | |||
| 289 | ok=1; | ||
| 290 | err: | ||
| 291 | EVP_PKEY_free(xk); | ||
| 292 | return(ok); | ||
| 293 | } | ||
diff --git a/src/lib/libcrypto/x509/x509_d2.c b/src/lib/libcrypto/x509/x509_d2.c deleted file mode 100644 index 3e7ec5b432..0000000000 --- a/src/lib/libcrypto/x509/x509_d2.c +++ /dev/null | |||
| @@ -1,107 +0,0 @@ | |||
| 1 | /* crypto/x509/x509_d2.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include <sys/types.h> | ||
| 61 | #include <sys/stat.h> | ||
| 62 | #include "cryptlib.h" | ||
| 63 | #include <openssl/crypto.h> | ||
| 64 | #include <openssl/x509.h> | ||
| 65 | |||
| 66 | #ifndef NO_STDIO | ||
| 67 | int X509_STORE_set_default_paths(X509_STORE *ctx) | ||
| 68 | { | ||
| 69 | X509_LOOKUP *lookup; | ||
| 70 | |||
| 71 | lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file()); | ||
| 72 | if (lookup == NULL) return(0); | ||
| 73 | X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT); | ||
| 74 | |||
| 75 | lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir()); | ||
| 76 | if (lookup == NULL) return(0); | ||
| 77 | X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT); | ||
| 78 | |||
| 79 | /* clear any errors */ | ||
| 80 | ERR_clear_error(); | ||
| 81 | |||
| 82 | return(1); | ||
| 83 | } | ||
| 84 | |||
| 85 | int X509_STORE_load_locations(X509_STORE *ctx, const char *file, | ||
| 86 | const char *path) | ||
| 87 | { | ||
| 88 | X509_LOOKUP *lookup; | ||
| 89 | |||
| 90 | if (file != NULL) | ||
| 91 | { | ||
| 92 | lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file()); | ||
| 93 | if (lookup == NULL) return(0); | ||
| 94 | X509_LOOKUP_load_file(lookup,file,X509_FILETYPE_PEM); | ||
| 95 | } | ||
| 96 | if (path != NULL) | ||
| 97 | { | ||
| 98 | lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir()); | ||
| 99 | if (lookup == NULL) return(0); | ||
| 100 | X509_LOOKUP_add_dir(lookup,path,X509_FILETYPE_PEM); | ||
| 101 | } | ||
| 102 | if ((path == NULL) && (file == NULL)) | ||
| 103 | return(0); | ||
| 104 | return(1); | ||
| 105 | } | ||
| 106 | |||
| 107 | #endif | ||
diff --git a/src/lib/libcrypto/x509/x509_def.c b/src/lib/libcrypto/x509/x509_def.c deleted file mode 100644 index c4bee71569..0000000000 --- a/src/lib/libcrypto/x509/x509_def.c +++ /dev/null | |||
| @@ -1,83 +0,0 @@ | |||
| 1 | /* crypto/x509/x509_def.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include <sys/types.h> | ||
| 61 | #include <sys/stat.h> | ||
| 62 | #include "cryptlib.h" | ||
| 63 | #include <openssl/crypto.h> | ||
| 64 | #include <openssl/x509.h> | ||
| 65 | |||
| 66 | const char *X509_get_default_private_dir(void) | ||
| 67 | { return(X509_PRIVATE_DIR); } | ||
| 68 | |||
| 69 | const char *X509_get_default_cert_area(void) | ||
| 70 | { return(X509_CERT_AREA); } | ||
| 71 | |||
| 72 | const char *X509_get_default_cert_dir(void) | ||
| 73 | { return(X509_CERT_DIR); } | ||
| 74 | |||
| 75 | const char *X509_get_default_cert_file(void) | ||
| 76 | { return(X509_CERT_FILE); } | ||
| 77 | |||
| 78 | const char *X509_get_default_cert_dir_env(void) | ||
| 79 | { return(X509_CERT_DIR_EVP); } | ||
| 80 | |||
| 81 | const char *X509_get_default_cert_file_env(void) | ||
| 82 | { return(X509_CERT_FILE_EVP); } | ||
| 83 | |||
diff --git a/src/lib/libcrypto/x509/x509_err.c b/src/lib/libcrypto/x509/x509_err.c deleted file mode 100644 index 9afd4ccde5..0000000000 --- a/src/lib/libcrypto/x509/x509_err.c +++ /dev/null | |||
| @@ -1,134 +0,0 @@ | |||
| 1 | /* crypto/x509/x509_err.c */ | ||
| 2 | /* ==================================================================== | ||
| 3 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | ||
| 4 | * | ||
| 5 | * Redistribution and use in source and binary forms, with or without | ||
| 6 | * modification, are permitted provided that the following conditions | ||
| 7 | * are met: | ||
| 8 | * | ||
| 9 | * 1. Redistributions of source code must retain the above copyright | ||
| 10 | * notice, this list of conditions and the following disclaimer. | ||
| 11 | * | ||
| 12 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer in | ||
| 14 | * the documentation and/or other materials provided with the | ||
| 15 | * distribution. | ||
| 16 | * | ||
| 17 | * 3. All advertising materials mentioning features or use of this | ||
| 18 | * software must display the following acknowledgment: | ||
| 19 | * "This product includes software developed by the OpenSSL Project | ||
| 20 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 21 | * | ||
| 22 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 23 | * endorse or promote products derived from this software without | ||
| 24 | * prior written permission. For written permission, please contact | ||
| 25 | * openssl-core@OpenSSL.org. | ||
| 26 | * | ||
| 27 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 28 | * nor may "OpenSSL" appear in their names without prior written | ||
| 29 | * permission of the OpenSSL Project. | ||
| 30 | * | ||
| 31 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 32 | * acknowledgment: | ||
| 33 | * "This product includes software developed by the OpenSSL Project | ||
| 34 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 35 | * | ||
| 36 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 37 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 38 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 39 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 40 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 41 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 42 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 43 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 44 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 45 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 46 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 47 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 48 | * ==================================================================== | ||
| 49 | * | ||
| 50 | * This product includes cryptographic software written by Eric Young | ||
| 51 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 52 | * Hudson (tjh@cryptsoft.com). | ||
| 53 | * | ||
| 54 | */ | ||
| 55 | |||
| 56 | /* NOTE: this file was auto generated by the mkerr.pl script: any changes | ||
| 57 | * made to it will be overwritten when the script next updates this file. | ||
| 58 | */ | ||
| 59 | |||
| 60 | #include <stdio.h> | ||
| 61 | #include <openssl/err.h> | ||
| 62 | #include <openssl/x509.h> | ||
| 63 | |||
| 64 | /* BEGIN ERROR CODES */ | ||
| 65 | #ifndef NO_ERR | ||
| 66 | static ERR_STRING_DATA X509_str_functs[]= | ||
| 67 | { | ||
| 68 | {ERR_PACK(0,X509_F_ADD_CERT_DIR,0), "ADD_CERT_DIR"}, | ||
| 69 | {ERR_PACK(0,X509_F_BY_FILE_CTRL,0), "BY_FILE_CTRL"}, | ||
| 70 | {ERR_PACK(0,X509_F_DIR_CTRL,0), "DIR_CTRL"}, | ||
| 71 | {ERR_PACK(0,X509_F_GET_CERT_BY_SUBJECT,0), "GET_CERT_BY_SUBJECT"}, | ||
| 72 | {ERR_PACK(0,X509_F_X509V3_ADD_EXT,0), "X509v3_add_ext"}, | ||
| 73 | {ERR_PACK(0,X509_F_X509_CHECK_PRIVATE_KEY,0), "X509_check_private_key"}, | ||
| 74 | {ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_NID,0), "X509_EXTENSION_create_by_NID"}, | ||
| 75 | {ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_OBJ,0), "X509_EXTENSION_create_by_OBJ"}, | ||
| 76 | {ERR_PACK(0,X509_F_X509_GET_PUBKEY_PARAMETERS,0), "X509_get_pubkey_parameters"}, | ||
| 77 | {ERR_PACK(0,X509_F_X509_LOAD_CERT_FILE,0), "X509_load_cert_file"}, | ||
| 78 | {ERR_PACK(0,X509_F_X509_LOAD_CRL_FILE,0), "X509_load_crl_file"}, | ||
| 79 | {ERR_PACK(0,X509_F_X509_NAME_ADD_ENTRY,0), "X509_NAME_add_entry"}, | ||
| 80 | {ERR_PACK(0,X509_F_X509_NAME_ENTRY_CREATE_BY_NID,0), "X509_NAME_ENTRY_create_by_NID"}, | ||
| 81 | {ERR_PACK(0,X509_F_X509_NAME_ENTRY_SET_OBJECT,0), "X509_NAME_ENTRY_set_object"}, | ||
| 82 | {ERR_PACK(0,X509_F_X509_NAME_ONELINE,0), "X509_NAME_oneline"}, | ||
| 83 | {ERR_PACK(0,X509_F_X509_NAME_PRINT,0), "X509_NAME_print"}, | ||
| 84 | {ERR_PACK(0,X509_F_X509_PRINT_FP,0), "X509_print_fp"}, | ||
| 85 | {ERR_PACK(0,X509_F_X509_PUBKEY_GET,0), "X509_PUBKEY_get"}, | ||
| 86 | {ERR_PACK(0,X509_F_X509_PUBKEY_SET,0), "X509_PUBKEY_set"}, | ||
| 87 | {ERR_PACK(0,X509_F_X509_REQ_PRINT,0), "X509_REQ_print"}, | ||
| 88 | {ERR_PACK(0,X509_F_X509_REQ_PRINT_FP,0), "X509_REQ_print_fp"}, | ||
| 89 | {ERR_PACK(0,X509_F_X509_REQ_TO_X509,0), "X509_REQ_to_X509"}, | ||
| 90 | {ERR_PACK(0,X509_F_X509_STORE_ADD_CERT,0), "X509_STORE_add_cert"}, | ||
| 91 | {ERR_PACK(0,X509_F_X509_STORE_ADD_CRL,0), "X509_STORE_add_crl"}, | ||
| 92 | {ERR_PACK(0,X509_F_X509_TO_X509_REQ,0), "X509_to_X509_REQ"}, | ||
| 93 | {ERR_PACK(0,X509_F_X509_VERIFY_CERT,0), "X509_verify_cert"}, | ||
| 94 | {0,NULL} | ||
| 95 | }; | ||
| 96 | |||
| 97 | static ERR_STRING_DATA X509_str_reasons[]= | ||
| 98 | { | ||
| 99 | {X509_R_BAD_X509_FILETYPE ,"bad x509 filetype"}, | ||
| 100 | {X509_R_CANT_CHECK_DH_KEY ,"cant check dh key"}, | ||
| 101 | {X509_R_CERT_ALREADY_IN_HASH_TABLE ,"cert already in hash table"}, | ||
| 102 | {X509_R_ERR_ASN1_LIB ,"err asn1 lib"}, | ||
| 103 | {X509_R_INVALID_DIRECTORY ,"invalid directory"}, | ||
| 104 | {X509_R_KEY_TYPE_MISMATCH ,"key type mismatch"}, | ||
| 105 | {X509_R_KEY_VALUES_MISMATCH ,"key values mismatch"}, | ||
| 106 | {X509_R_LOADING_CERT_DIR ,"loading cert dir"}, | ||
| 107 | {X509_R_LOADING_DEFAULTS ,"loading defaults"}, | ||
| 108 | {X509_R_NO_CERT_SET_FOR_US_TO_VERIFY ,"no cert set for us to verify"}, | ||
| 109 | {X509_R_SHOULD_RETRY ,"should retry"}, | ||
| 110 | {X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN,"unable to find parameters in chain"}, | ||
| 111 | {X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY ,"unable to get certs public key"}, | ||
| 112 | {X509_R_UNKNOWN_KEY_TYPE ,"unknown key type"}, | ||
| 113 | {X509_R_UNKNOWN_NID ,"unknown nid"}, | ||
| 114 | {X509_R_UNSUPPORTED_ALGORITHM ,"unsupported algorithm"}, | ||
| 115 | {X509_R_WRONG_LOOKUP_TYPE ,"wrong lookup type"}, | ||
| 116 | {0,NULL} | ||
| 117 | }; | ||
| 118 | |||
| 119 | #endif | ||
| 120 | |||
| 121 | void ERR_load_X509_strings(void) | ||
| 122 | { | ||
| 123 | static int init=1; | ||
| 124 | |||
| 125 | if (init) | ||
| 126 | { | ||
| 127 | init=0; | ||
| 128 | #ifndef NO_ERR | ||
| 129 | ERR_load_strings(ERR_LIB_X509,X509_str_functs); | ||
| 130 | ERR_load_strings(ERR_LIB_X509,X509_str_reasons); | ||
| 131 | #endif | ||
| 132 | |||
| 133 | } | ||
| 134 | } | ||
diff --git a/src/lib/libcrypto/x509/x509_ext.c b/src/lib/libcrypto/x509/x509_ext.c deleted file mode 100644 index f8565a60b2..0000000000 --- a/src/lib/libcrypto/x509/x509_ext.c +++ /dev/null | |||
| @@ -1,174 +0,0 @@ | |||
| 1 | /* crypto/x509/x509_ext.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include <openssl/stack.h> | ||
| 61 | #include "cryptlib.h" | ||
| 62 | #include <openssl/asn1.h> | ||
| 63 | #include <openssl/objects.h> | ||
| 64 | #include <openssl/evp.h> | ||
| 65 | #include <openssl/x509.h> | ||
| 66 | |||
| 67 | int X509_CRL_get_ext_count(X509_CRL *x) | ||
| 68 | { | ||
| 69 | return(X509v3_get_ext_count(x->crl->extensions)); | ||
| 70 | } | ||
| 71 | |||
| 72 | int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos) | ||
| 73 | { | ||
| 74 | return(X509v3_get_ext_by_NID(x->crl->extensions,nid,lastpos)); | ||
| 75 | } | ||
| 76 | |||
| 77 | int X509_CRL_get_ext_by_OBJ(X509_CRL *x, ASN1_OBJECT *obj, int lastpos) | ||
| 78 | { | ||
| 79 | return(X509v3_get_ext_by_OBJ(x->crl->extensions,obj,lastpos)); | ||
| 80 | } | ||
| 81 | |||
| 82 | int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos) | ||
| 83 | { | ||
| 84 | return(X509v3_get_ext_by_critical(x->crl->extensions,crit,lastpos)); | ||
| 85 | } | ||
| 86 | |||
| 87 | X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc) | ||
| 88 | { | ||
| 89 | return(X509v3_get_ext(x->crl->extensions,loc)); | ||
| 90 | } | ||
| 91 | |||
| 92 | X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc) | ||
| 93 | { | ||
| 94 | return(X509v3_delete_ext(x->crl->extensions,loc)); | ||
| 95 | } | ||
| 96 | |||
| 97 | int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc) | ||
| 98 | { | ||
| 99 | return(X509v3_add_ext(&(x->crl->extensions),ex,loc) != NULL); | ||
| 100 | } | ||
| 101 | |||
| 102 | int X509_get_ext_count(X509 *x) | ||
| 103 | { | ||
| 104 | return(X509v3_get_ext_count(x->cert_info->extensions)); | ||
| 105 | } | ||
| 106 | |||
| 107 | int X509_get_ext_by_NID(X509 *x, int nid, int lastpos) | ||
| 108 | { | ||
| 109 | return(X509v3_get_ext_by_NID(x->cert_info->extensions,nid,lastpos)); | ||
| 110 | } | ||
| 111 | |||
| 112 | int X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj, int lastpos) | ||
| 113 | { | ||
| 114 | return(X509v3_get_ext_by_OBJ(x->cert_info->extensions,obj,lastpos)); | ||
| 115 | } | ||
| 116 | |||
| 117 | int X509_get_ext_by_critical(X509 *x, int crit, int lastpos) | ||
| 118 | { | ||
| 119 | return(X509v3_get_ext_by_critical(x->cert_info->extensions,crit,lastpos)); | ||
| 120 | } | ||
| 121 | |||
| 122 | X509_EXTENSION *X509_get_ext(X509 *x, int loc) | ||
| 123 | { | ||
| 124 | return(X509v3_get_ext(x->cert_info->extensions,loc)); | ||
| 125 | } | ||
| 126 | |||
| 127 | X509_EXTENSION *X509_delete_ext(X509 *x, int loc) | ||
| 128 | { | ||
| 129 | return(X509v3_delete_ext(x->cert_info->extensions,loc)); | ||
| 130 | } | ||
| 131 | |||
| 132 | int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc) | ||
| 133 | { | ||
| 134 | return(X509v3_add_ext(&(x->cert_info->extensions),ex,loc) != NULL); | ||
| 135 | } | ||
| 136 | |||
| 137 | int X509_REVOKED_get_ext_count(X509_REVOKED *x) | ||
| 138 | { | ||
| 139 | return(X509v3_get_ext_count(x->extensions)); | ||
| 140 | } | ||
| 141 | |||
| 142 | int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos) | ||
| 143 | { | ||
| 144 | return(X509v3_get_ext_by_NID(x->extensions,nid,lastpos)); | ||
| 145 | } | ||
| 146 | |||
| 147 | int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x, ASN1_OBJECT *obj, | ||
| 148 | int lastpos) | ||
| 149 | { | ||
| 150 | return(X509v3_get_ext_by_OBJ(x->extensions,obj,lastpos)); | ||
| 151 | } | ||
| 152 | |||
| 153 | int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos) | ||
| 154 | { | ||
| 155 | return(X509v3_get_ext_by_critical(x->extensions,crit,lastpos)); | ||
| 156 | } | ||
| 157 | |||
| 158 | X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc) | ||
| 159 | { | ||
| 160 | return(X509v3_get_ext(x->extensions,loc)); | ||
| 161 | } | ||
| 162 | |||
| 163 | X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc) | ||
| 164 | { | ||
| 165 | return(X509v3_delete_ext(x->extensions,loc)); | ||
| 166 | } | ||
| 167 | |||
| 168 | int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc) | ||
| 169 | { | ||
| 170 | return(X509v3_add_ext(&(x->extensions),ex,loc) != NULL); | ||
| 171 | } | ||
| 172 | |||
| 173 | IMPLEMENT_STACK_OF(X509_EXTENSION) | ||
| 174 | IMPLEMENT_ASN1_SET_OF(X509_EXTENSION) | ||
diff --git a/src/lib/libcrypto/x509/x509_lu.c b/src/lib/libcrypto/x509/x509_lu.c deleted file mode 100644 index 18bfecb11e..0000000000 --- a/src/lib/libcrypto/x509/x509_lu.c +++ /dev/null | |||
| @@ -1,411 +0,0 @@ | |||
| 1 | /* crypto/x509/x509_lu.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include "cryptlib.h" | ||
| 61 | #include <openssl/lhash.h> | ||
| 62 | #include <openssl/x509.h> | ||
| 63 | |||
| 64 | static STACK *x509_store_meth=NULL; | ||
| 65 | static STACK *x509_store_ctx_meth=NULL; | ||
| 66 | |||
| 67 | X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method) | ||
| 68 | { | ||
| 69 | X509_LOOKUP *ret; | ||
| 70 | |||
| 71 | ret=(X509_LOOKUP *)Malloc(sizeof(X509_LOOKUP)); | ||
| 72 | if (ret == NULL) return(NULL); | ||
| 73 | |||
| 74 | ret->init=0; | ||
| 75 | ret->skip=0; | ||
| 76 | ret->method=method; | ||
| 77 | ret->method_data=NULL; | ||
| 78 | ret->store_ctx=NULL; | ||
| 79 | if ((method->new_item != NULL) && !method->new_item(ret)) | ||
| 80 | { | ||
| 81 | Free(ret); | ||
| 82 | return(NULL); | ||
| 83 | } | ||
| 84 | return(ret); | ||
| 85 | } | ||
| 86 | |||
| 87 | void X509_LOOKUP_free(X509_LOOKUP *ctx) | ||
| 88 | { | ||
| 89 | if (ctx == NULL) return; | ||
| 90 | if ( (ctx->method != NULL) && | ||
| 91 | (ctx->method->free != NULL)) | ||
| 92 | ctx->method->free(ctx); | ||
| 93 | Free(ctx); | ||
| 94 | } | ||
| 95 | |||
| 96 | int X509_LOOKUP_init(X509_LOOKUP *ctx) | ||
| 97 | { | ||
| 98 | if (ctx->method == NULL) return(0); | ||
| 99 | if (ctx->method->init != NULL) | ||
| 100 | return(ctx->method->init(ctx)); | ||
| 101 | else | ||
| 102 | return(1); | ||
| 103 | } | ||
| 104 | |||
| 105 | int X509_LOOKUP_shutdown(X509_LOOKUP *ctx) | ||
| 106 | { | ||
| 107 | if (ctx->method == NULL) return(0); | ||
| 108 | if (ctx->method->shutdown != NULL) | ||
| 109 | return(ctx->method->shutdown(ctx)); | ||
| 110 | else | ||
| 111 | return(1); | ||
| 112 | } | ||
| 113 | |||
| 114 | int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl, | ||
| 115 | char **ret) | ||
| 116 | { | ||
| 117 | if (ctx->method == NULL) return(-1); | ||
| 118 | if (ctx->method->ctrl != NULL) | ||
| 119 | return(ctx->method->ctrl(ctx,cmd,argc,argl,ret)); | ||
| 120 | else | ||
| 121 | return(1); | ||
| 122 | } | ||
| 123 | |||
| 124 | int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name, | ||
| 125 | X509_OBJECT *ret) | ||
| 126 | { | ||
| 127 | if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL)) | ||
| 128 | return(X509_LU_FAIL); | ||
| 129 | if (ctx->skip) return(0); | ||
| 130 | return(ctx->method->get_by_subject(ctx,type,name,ret)); | ||
| 131 | } | ||
| 132 | |||
| 133 | int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name, | ||
| 134 | ASN1_INTEGER *serial, X509_OBJECT *ret) | ||
| 135 | { | ||
| 136 | if ((ctx->method == NULL) || | ||
| 137 | (ctx->method->get_by_issuer_serial == NULL)) | ||
| 138 | return(X509_LU_FAIL); | ||
| 139 | return(ctx->method->get_by_issuer_serial(ctx,type,name,serial,ret)); | ||
| 140 | } | ||
| 141 | |||
| 142 | int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type, | ||
| 143 | unsigned char *bytes, int len, X509_OBJECT *ret) | ||
| 144 | { | ||
| 145 | if ((ctx->method == NULL) || (ctx->method->get_by_fingerprint == NULL)) | ||
| 146 | return(X509_LU_FAIL); | ||
| 147 | return(ctx->method->get_by_fingerprint(ctx,type,bytes,len,ret)); | ||
| 148 | } | ||
| 149 | |||
| 150 | int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, int len, | ||
| 151 | X509_OBJECT *ret) | ||
| 152 | { | ||
| 153 | if ((ctx->method == NULL) || (ctx->method->get_by_alias == NULL)) | ||
| 154 | return(X509_LU_FAIL); | ||
| 155 | return(ctx->method->get_by_alias(ctx,type,str,len,ret)); | ||
| 156 | } | ||
| 157 | |||
| 158 | static unsigned long x509_object_hash(X509_OBJECT *a) | ||
| 159 | { | ||
| 160 | unsigned long h; | ||
| 161 | |||
| 162 | switch (a->type) | ||
| 163 | { | ||
| 164 | case X509_LU_X509: | ||
| 165 | h=X509_NAME_hash(a->data.x509->cert_info->subject); | ||
| 166 | break; | ||
| 167 | case X509_LU_CRL: | ||
| 168 | h=X509_NAME_hash(a->data.crl->crl->issuer); | ||
| 169 | break; | ||
| 170 | default: | ||
| 171 | abort(); | ||
| 172 | } | ||
| 173 | return(h); | ||
| 174 | } | ||
| 175 | |||
| 176 | static int x509_object_cmp(X509_OBJECT *a, X509_OBJECT *b) | ||
| 177 | { | ||
| 178 | int ret; | ||
| 179 | |||
| 180 | ret=(a->type - b->type); | ||
| 181 | if (ret) return(ret); | ||
| 182 | switch (a->type) | ||
| 183 | { | ||
| 184 | case X509_LU_X509: | ||
| 185 | ret=X509_subject_name_cmp(a->data.x509,b->data.x509); | ||
| 186 | break; | ||
| 187 | case X509_LU_CRL: | ||
| 188 | ret=X509_CRL_cmp(a->data.crl,b->data.crl); | ||
| 189 | break; | ||
| 190 | default: | ||
| 191 | abort(); | ||
| 192 | } | ||
| 193 | return(ret); | ||
| 194 | } | ||
| 195 | |||
| 196 | X509_STORE *X509_STORE_new(void) | ||
| 197 | { | ||
| 198 | X509_STORE *ret; | ||
| 199 | |||
| 200 | if ((ret=(X509_STORE *)Malloc(sizeof(X509_STORE))) == NULL) | ||
| 201 | return(NULL); | ||
| 202 | ret->certs=lh_new(x509_object_hash,x509_object_cmp); | ||
| 203 | ret->cache=1; | ||
| 204 | ret->get_cert_methods=sk_X509_LOOKUP_new_null(); | ||
| 205 | ret->verify=NULL; | ||
| 206 | ret->verify_cb=NULL; | ||
| 207 | memset(&ret->ex_data,0,sizeof(CRYPTO_EX_DATA)); | ||
| 208 | ret->references=1; | ||
| 209 | ret->depth=0; | ||
| 210 | return(ret); | ||
| 211 | } | ||
| 212 | |||
| 213 | static void cleanup(X509_OBJECT *a) | ||
| 214 | { | ||
| 215 | if (a->type == X509_LU_X509) | ||
| 216 | { | ||
| 217 | X509_free(a->data.x509); | ||
| 218 | } | ||
| 219 | else if (a->type == X509_LU_CRL) | ||
| 220 | { | ||
| 221 | X509_CRL_free(a->data.crl); | ||
| 222 | } | ||
| 223 | else | ||
| 224 | abort(); | ||
| 225 | |||
| 226 | Free(a); | ||
| 227 | } | ||
| 228 | |||
| 229 | void X509_STORE_free(X509_STORE *vfy) | ||
| 230 | { | ||
| 231 | int i; | ||
| 232 | STACK_OF(X509_LOOKUP) *sk; | ||
| 233 | X509_LOOKUP *lu; | ||
| 234 | |||
| 235 | if(vfy == NULL) | ||
| 236 | return; | ||
| 237 | |||
| 238 | sk=vfy->get_cert_methods; | ||
| 239 | for (i=0; i<sk_X509_LOOKUP_num(sk); i++) | ||
| 240 | { | ||
| 241 | lu=sk_X509_LOOKUP_value(sk,i); | ||
| 242 | X509_LOOKUP_shutdown(lu); | ||
| 243 | X509_LOOKUP_free(lu); | ||
| 244 | } | ||
| 245 | sk_X509_LOOKUP_free(sk); | ||
| 246 | |||
| 247 | CRYPTO_free_ex_data(x509_store_meth,(char *)vfy,&vfy->ex_data); | ||
| 248 | lh_doall(vfy->certs,cleanup); | ||
| 249 | lh_free(vfy->certs); | ||
| 250 | Free(vfy); | ||
| 251 | } | ||
| 252 | |||
| 253 | X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m) | ||
| 254 | { | ||
| 255 | int i; | ||
| 256 | STACK_OF(X509_LOOKUP) *sk; | ||
| 257 | X509_LOOKUP *lu; | ||
| 258 | |||
| 259 | sk=v->get_cert_methods; | ||
| 260 | for (i=0; i<sk_X509_LOOKUP_num(sk); i++) | ||
| 261 | { | ||
| 262 | lu=sk_X509_LOOKUP_value(sk,i); | ||
| 263 | if (m == lu->method) | ||
| 264 | { | ||
| 265 | return(lu); | ||
| 266 | } | ||
| 267 | } | ||
| 268 | /* a new one */ | ||
| 269 | lu=X509_LOOKUP_new(m); | ||
| 270 | if (lu == NULL) | ||
| 271 | return(NULL); | ||
| 272 | else | ||
| 273 | { | ||
| 274 | lu->store_ctx=v; | ||
| 275 | if (sk_X509_LOOKUP_push(v->get_cert_methods,lu)) | ||
| 276 | return(lu); | ||
| 277 | else | ||
| 278 | { | ||
| 279 | X509_LOOKUP_free(lu); | ||
| 280 | return(NULL); | ||
| 281 | } | ||
| 282 | } | ||
| 283 | } | ||
| 284 | |||
| 285 | int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name, | ||
| 286 | X509_OBJECT *ret) | ||
| 287 | { | ||
| 288 | X509_STORE *ctx=vs->ctx; | ||
| 289 | X509_LOOKUP *lu; | ||
| 290 | X509_OBJECT stmp,*tmp; | ||
| 291 | int i,j; | ||
| 292 | |||
| 293 | tmp=X509_OBJECT_retrieve_by_subject(ctx->certs,type,name); | ||
| 294 | |||
| 295 | if (tmp == NULL) | ||
| 296 | { | ||
| 297 | for (i=vs->current_method; i<sk_X509_LOOKUP_num(ctx->get_cert_methods); i++) | ||
| 298 | { | ||
| 299 | lu=sk_X509_LOOKUP_value(ctx->get_cert_methods,i); | ||
| 300 | j=X509_LOOKUP_by_subject(lu,type,name,&stmp); | ||
| 301 | if (j < 0) | ||
| 302 | { | ||
| 303 | vs->current_method=j; | ||
| 304 | return(j); | ||
| 305 | } | ||
| 306 | else if (j) | ||
| 307 | { | ||
| 308 | tmp= &stmp; | ||
| 309 | break; | ||
| 310 | } | ||
| 311 | } | ||
| 312 | vs->current_method=0; | ||
| 313 | if (tmp == NULL) | ||
| 314 | return(0); | ||
| 315 | } | ||
| 316 | |||
| 317 | /* if (ret->data.ptr != NULL) | ||
| 318 | X509_OBJECT_free_contents(ret); */ | ||
| 319 | |||
| 320 | ret->type=tmp->type; | ||
| 321 | ret->data.ptr=tmp->data.ptr; | ||
| 322 | |||
| 323 | X509_OBJECT_up_ref_count(ret); | ||
| 324 | |||
| 325 | return(1); | ||
| 326 | } | ||
| 327 | |||
| 328 | void X509_OBJECT_up_ref_count(X509_OBJECT *a) | ||
| 329 | { | ||
| 330 | switch (a->type) | ||
| 331 | { | ||
| 332 | case X509_LU_X509: | ||
| 333 | CRYPTO_add(&a->data.x509->references,1,CRYPTO_LOCK_X509); | ||
| 334 | break; | ||
| 335 | case X509_LU_CRL: | ||
| 336 | CRYPTO_add(&a->data.crl->references,1,CRYPTO_LOCK_X509_CRL); | ||
| 337 | break; | ||
| 338 | } | ||
| 339 | } | ||
| 340 | |||
| 341 | void X509_OBJECT_free_contents(X509_OBJECT *a) | ||
| 342 | { | ||
| 343 | switch (a->type) | ||
| 344 | { | ||
| 345 | case X509_LU_X509: | ||
| 346 | X509_free(a->data.x509); | ||
| 347 | break; | ||
| 348 | case X509_LU_CRL: | ||
| 349 | X509_CRL_free(a->data.crl); | ||
| 350 | break; | ||
| 351 | } | ||
| 352 | } | ||
| 353 | |||
| 354 | X509_OBJECT *X509_OBJECT_retrieve_by_subject(LHASH *h, int type, | ||
| 355 | X509_NAME *name) | ||
| 356 | { | ||
| 357 | X509_OBJECT stmp,*tmp; | ||
| 358 | X509 x509_s; | ||
| 359 | X509_CINF cinf_s; | ||
| 360 | X509_CRL crl_s; | ||
| 361 | X509_CRL_INFO crl_info_s; | ||
| 362 | |||
| 363 | stmp.type=type; | ||
| 364 | switch (type) | ||
| 365 | { | ||
| 366 | case X509_LU_X509: | ||
| 367 | stmp.data.x509= &x509_s; | ||
| 368 | x509_s.cert_info= &cinf_s; | ||
| 369 | cinf_s.subject=name; | ||
| 370 | break; | ||
| 371 | case X509_LU_CRL: | ||
| 372 | stmp.data.crl= &crl_s; | ||
| 373 | crl_s.crl= &crl_info_s; | ||
| 374 | crl_info_s.issuer=name; | ||
| 375 | break; | ||
| 376 | default: | ||
| 377 | abort(); | ||
| 378 | } | ||
| 379 | |||
| 380 | tmp=(X509_OBJECT *)lh_retrieve(h,(char *)&stmp); | ||
| 381 | return(tmp); | ||
| 382 | } | ||
| 383 | |||
| 384 | void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, | ||
| 385 | STACK_OF(X509) *chain) | ||
| 386 | { | ||
| 387 | ctx->ctx=store; | ||
| 388 | ctx->current_method=0; | ||
| 389 | ctx->cert=x509; | ||
| 390 | ctx->untrusted=chain; | ||
| 391 | ctx->last_untrusted=0; | ||
| 392 | ctx->valid=0; | ||
| 393 | ctx->chain=NULL; | ||
| 394 | ctx->depth=9; | ||
| 395 | ctx->error=0; | ||
| 396 | ctx->current_cert=NULL; | ||
| 397 | memset(&(ctx->ex_data),0,sizeof(CRYPTO_EX_DATA)); | ||
| 398 | } | ||
| 399 | |||
| 400 | void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx) | ||
| 401 | { | ||
| 402 | if (ctx->chain != NULL) | ||
| 403 | { | ||
| 404 | sk_X509_pop_free(ctx->chain,X509_free); | ||
| 405 | ctx->chain=NULL; | ||
| 406 | } | ||
| 407 | CRYPTO_free_ex_data(x509_store_ctx_meth,(char *)ctx,&(ctx->ex_data)); | ||
| 408 | memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA)); | ||
| 409 | } | ||
| 410 | |||
| 411 | IMPLEMENT_STACK_OF(X509_LOOKUP) | ||
diff --git a/src/lib/libcrypto/x509/x509_obj.c b/src/lib/libcrypto/x509/x509_obj.c deleted file mode 100644 index 691b71f031..0000000000 --- a/src/lib/libcrypto/x509/x509_obj.c +++ /dev/null | |||
| @@ -1,223 +0,0 @@ | |||
| 1 | /* crypto/x509/x509_obj.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include "cryptlib.h" | ||
| 61 | #include <openssl/lhash.h> | ||
| 62 | #include <openssl/objects.h> | ||
| 63 | #include <openssl/x509.h> | ||
| 64 | #include <openssl/buffer.h> | ||
| 65 | |||
| 66 | char *X509_NAME_oneline(X509_NAME *a, char *buf, int len) | ||
| 67 | { | ||
| 68 | X509_NAME_ENTRY *ne; | ||
| 69 | int i; | ||
| 70 | int n,lold,l,l1,l2,num,j,type; | ||
| 71 | const char *s; | ||
| 72 | char *p; | ||
| 73 | unsigned char *q; | ||
| 74 | BUF_MEM *b=NULL; | ||
| 75 | static char hex[17]="0123456789ABCDEF"; | ||
| 76 | int gs_doit[4]; | ||
| 77 | char tmp_buf[80]; | ||
| 78 | #ifdef CHARSET_EBCDIC | ||
| 79 | char ebcdic_buf[1024]; | ||
| 80 | #endif | ||
| 81 | |||
| 82 | if (buf == NULL) | ||
| 83 | { | ||
| 84 | if ((b=BUF_MEM_new()) == NULL) goto err; | ||
| 85 | if (!BUF_MEM_grow(b,200)) goto err; | ||
| 86 | b->data[0]='\0'; | ||
| 87 | len=200; | ||
| 88 | } | ||
| 89 | if (a == NULL) | ||
| 90 | { | ||
| 91 | if(b) | ||
| 92 | { | ||
| 93 | buf=b->data; | ||
| 94 | Free(b); | ||
| 95 | } | ||
| 96 | strncpy(buf,"NO X509_NAME",len); | ||
| 97 | return buf; | ||
| 98 | } | ||
| 99 | |||
| 100 | len--; /* space for '\0' */ | ||
| 101 | l=0; | ||
| 102 | for (i=0; i<sk_X509_NAME_ENTRY_num(a->entries); i++) | ||
| 103 | { | ||
| 104 | ne=sk_X509_NAME_ENTRY_value(a->entries,i); | ||
| 105 | n=OBJ_obj2nid(ne->object); | ||
| 106 | if ((n == NID_undef) || ((s=OBJ_nid2sn(n)) == NULL)) | ||
| 107 | { | ||
| 108 | i2t_ASN1_OBJECT(tmp_buf,sizeof(tmp_buf),ne->object); | ||
| 109 | s=tmp_buf; | ||
| 110 | } | ||
| 111 | l1=strlen(s); | ||
| 112 | |||
| 113 | type=ne->value->type; | ||
| 114 | num=ne->value->length; | ||
| 115 | q=ne->value->data; | ||
| 116 | #ifdef CHARSET_EBCDIC | ||
| 117 | if (type == V_ASN1_GENERALSTRING || | ||
| 118 | type == V_ASN1_VISIBLESTRING || | ||
| 119 | type == V_ASN1_PRINTABLESTRING || | ||
| 120 | type == V_ASN1_TELETEXSTRING || | ||
| 121 | type == V_ASN1_VISIBLESTRING || | ||
| 122 | type == V_ASN1_IA5STRING) { | ||
| 123 | ascii2ebcdic(ebcdic_buf, q, | ||
| 124 | (num > sizeof ebcdic_buf) | ||
| 125 | ? sizeof ebcdic_buf : num); | ||
| 126 | q=ebcdic_buf; | ||
| 127 | } | ||
| 128 | #endif | ||
| 129 | |||
| 130 | if ((type == V_ASN1_GENERALSTRING) && ((num%4) == 0)) | ||
| 131 | { | ||
| 132 | gs_doit[0]=gs_doit[1]=gs_doit[2]=gs_doit[3]=0; | ||
| 133 | for (j=0; j<num; j++) | ||
| 134 | if (q[j] != 0) gs_doit[j&3]=1; | ||
| 135 | |||
| 136 | if (gs_doit[0]|gs_doit[1]|gs_doit[2]) | ||
| 137 | gs_doit[0]=gs_doit[1]=gs_doit[2]=gs_doit[3]=1; | ||
| 138 | else | ||
| 139 | { | ||
| 140 | gs_doit[0]=gs_doit[1]=gs_doit[2]=0; | ||
| 141 | gs_doit[3]=1; | ||
| 142 | } | ||
| 143 | } | ||
| 144 | else | ||
| 145 | gs_doit[0]=gs_doit[1]=gs_doit[2]=gs_doit[3]=1; | ||
| 146 | |||
| 147 | for (l2=j=0; j<num; j++) | ||
| 148 | { | ||
| 149 | if (!gs_doit[j&3]) continue; | ||
| 150 | l2++; | ||
| 151 | #ifndef CHARSET_EBCDIC | ||
| 152 | if ((q[j] < ' ') || (q[j] > '~')) l2+=3; | ||
| 153 | #else | ||
| 154 | if ((os_toascii[q[j]] < os_toascii[' ']) || | ||
| 155 | (os_toascii[q[j]] > os_toascii['~'])) l2+=3; | ||
| 156 | #endif | ||
| 157 | } | ||
| 158 | |||
| 159 | lold=l; | ||
| 160 | l+=1+l1+1+l2; | ||
| 161 | if (b != NULL) | ||
| 162 | { | ||
| 163 | if (!BUF_MEM_grow(b,l+1)) goto err; | ||
| 164 | p= &(b->data[lold]); | ||
| 165 | } | ||
| 166 | else if (l > len) | ||
| 167 | { | ||
| 168 | break; | ||
| 169 | } | ||
| 170 | else | ||
| 171 | p= &(buf[lold]); | ||
| 172 | *(p++)='/'; | ||
| 173 | memcpy(p,s,(unsigned int)l1); p+=l1; | ||
| 174 | *(p++)='='; | ||
| 175 | |||
| 176 | #ifndef CHARSET_EBCDIC /* q was assigned above already. */ | ||
| 177 | q=ne->value->data; | ||
| 178 | #endif | ||
| 179 | |||
| 180 | for (j=0; j<num; j++) | ||
| 181 | { | ||
| 182 | if (!gs_doit[j&3]) continue; | ||
| 183 | #ifndef CHARSET_EBCDIC | ||
| 184 | n=q[j]; | ||
| 185 | if ((n < ' ') || (n > '~')) | ||
| 186 | { | ||
| 187 | *(p++)='\\'; | ||
| 188 | *(p++)='x'; | ||
| 189 | *(p++)=hex[(n>>4)&0x0f]; | ||
| 190 | *(p++)=hex[n&0x0f]; | ||
| 191 | } | ||
| 192 | else | ||
| 193 | *(p++)=n; | ||
| 194 | #else | ||
| 195 | n=os_toascii[q[j]]; | ||
| 196 | if ((n < os_toascii[' ']) || | ||
| 197 | (n > os_toascii['~'])) | ||
| 198 | { | ||
| 199 | *(p++)='\\'; | ||
| 200 | *(p++)='x'; | ||
| 201 | *(p++)=hex[(n>>4)&0x0f]; | ||
| 202 | *(p++)=hex[n&0x0f]; | ||
| 203 | } | ||
| 204 | else | ||
| 205 | *(p++)=q[j]; | ||
| 206 | #endif | ||
| 207 | } | ||
| 208 | *p='\0'; | ||
| 209 | } | ||
| 210 | if (b != NULL) | ||
| 211 | { | ||
| 212 | p=b->data; | ||
| 213 | Free(b); | ||
| 214 | } | ||
| 215 | else | ||
| 216 | p=buf; | ||
| 217 | return(p); | ||
| 218 | err: | ||
| 219 | X509err(X509_F_X509_NAME_ONELINE,ERR_R_MALLOC_FAILURE); | ||
| 220 | if (b != NULL) BUF_MEM_free(b); | ||
| 221 | return(NULL); | ||
| 222 | } | ||
| 223 | |||
diff --git a/src/lib/libcrypto/x509/x509_r2x.c b/src/lib/libcrypto/x509/x509_r2x.c deleted file mode 100644 index bb4697ae60..0000000000 --- a/src/lib/libcrypto/x509/x509_r2x.c +++ /dev/null | |||
| @@ -1,110 +0,0 @@ | |||
| 1 | /* crypto/x509/x509_r2x.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include "cryptlib.h" | ||
| 61 | #include <openssl/bn.h> | ||
| 62 | #include <openssl/evp.h> | ||
| 63 | #include <openssl/asn1.h> | ||
| 64 | #include <openssl/x509.h> | ||
| 65 | #include <openssl/objects.h> | ||
| 66 | #include <openssl/buffer.h> | ||
| 67 | |||
| 68 | X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey) | ||
| 69 | { | ||
| 70 | X509 *ret=NULL; | ||
| 71 | X509_CINF *xi=NULL; | ||
| 72 | X509_NAME *xn; | ||
| 73 | |||
| 74 | if ((ret=X509_new()) == NULL) | ||
| 75 | { | ||
| 76 | X509err(X509_F_X509_REQ_TO_X509,ERR_R_MALLOC_FAILURE); | ||
| 77 | goto err; | ||
| 78 | } | ||
| 79 | |||
| 80 | /* duplicate the request */ | ||
| 81 | xi=ret->cert_info; | ||
| 82 | |||
| 83 | if (sk_X509_ATTRIBUTE_num(r->req_info->attributes) != 0) | ||
| 84 | { | ||
| 85 | if ((xi->version=ASN1_INTEGER_new()) == NULL) goto err; | ||
| 86 | if (!ASN1_INTEGER_set(xi->version,2)) goto err; | ||
| 87 | /* xi->extensions=ri->attributes; <- bad, should not ever be done | ||
| 88 | ri->attributes=NULL; */ | ||
| 89 | } | ||
| 90 | |||
| 91 | xn=X509_REQ_get_subject_name(r); | ||
| 92 | X509_set_subject_name(ret,X509_NAME_dup(xn)); | ||
| 93 | X509_set_issuer_name(ret,X509_NAME_dup(xn)); | ||
| 94 | |||
| 95 | X509_gmtime_adj(xi->validity->notBefore,0); | ||
| 96 | X509_gmtime_adj(xi->validity->notAfter,(long)60*60*24*days); | ||
| 97 | |||
| 98 | X509_set_pubkey(ret,X509_REQ_get_pubkey(r)); | ||
| 99 | |||
| 100 | if (!X509_sign(ret,pkey,EVP_md5())) | ||
| 101 | goto err; | ||
| 102 | if (0) | ||
| 103 | { | ||
| 104 | err: | ||
| 105 | X509_free(ret); | ||
| 106 | ret=NULL; | ||
| 107 | } | ||
| 108 | return(ret); | ||
| 109 | } | ||
| 110 | |||
diff --git a/src/lib/libcrypto/x509/x509_req.c b/src/lib/libcrypto/x509/x509_req.c deleted file mode 100644 index 2ef94decd1..0000000000 --- a/src/lib/libcrypto/x509/x509_req.c +++ /dev/null | |||
| @@ -1,115 +0,0 @@ | |||
| 1 | /* crypto/x509/x509_req.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include "cryptlib.h" | ||
| 61 | #include <openssl/bn.h> | ||
| 62 | #include <openssl/evp.h> | ||
| 63 | #include <openssl/asn1.h> | ||
| 64 | #include <openssl/x509.h> | ||
| 65 | #include <openssl/objects.h> | ||
| 66 | #include <openssl/buffer.h> | ||
| 67 | #include <openssl/pem.h> | ||
| 68 | |||
| 69 | X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, EVP_MD *md) | ||
| 70 | { | ||
| 71 | X509_REQ *ret; | ||
| 72 | X509_REQ_INFO *ri; | ||
| 73 | int i; | ||
| 74 | EVP_PKEY *pktmp; | ||
| 75 | |||
| 76 | ret=X509_REQ_new(); | ||
| 77 | if (ret == NULL) | ||
| 78 | { | ||
| 79 | X509err(X509_F_X509_TO_X509_REQ,ERR_R_MALLOC_FAILURE); | ||
| 80 | goto err; | ||
| 81 | } | ||
| 82 | |||
| 83 | ri=ret->req_info; | ||
| 84 | |||
| 85 | ri->version->length=1; | ||
| 86 | ri->version->data=(unsigned char *)Malloc(1); | ||
| 87 | if (ri->version->data == NULL) goto err; | ||
| 88 | ri->version->data[0]=0; /* version == 0 */ | ||
| 89 | |||
| 90 | if (!X509_REQ_set_subject_name(ret,X509_get_subject_name(x))) | ||
| 91 | goto err; | ||
| 92 | |||
| 93 | pktmp = X509_get_pubkey(x); | ||
| 94 | i=X509_REQ_set_pubkey(ret,pktmp); | ||
| 95 | EVP_PKEY_free(pktmp); | ||
| 96 | if (!i) goto err; | ||
| 97 | |||
| 98 | if (pkey != NULL) | ||
| 99 | { | ||
| 100 | if (!X509_REQ_sign(ret,pkey,md)) | ||
| 101 | goto err; | ||
| 102 | } | ||
| 103 | return(ret); | ||
| 104 | err: | ||
| 105 | X509_REQ_free(ret); | ||
| 106 | return(NULL); | ||
| 107 | } | ||
| 108 | |||
| 109 | EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req) | ||
| 110 | { | ||
| 111 | if ((req == NULL) || (req->req_info == NULL)) | ||
| 112 | return(NULL); | ||
| 113 | return(X509_PUBKEY_get(req->req_info->pubkey)); | ||
| 114 | } | ||
| 115 | |||
diff --git a/src/lib/libcrypto/x509/x509_set.c b/src/lib/libcrypto/x509/x509_set.c deleted file mode 100644 index 5a6f7b414f..0000000000 --- a/src/lib/libcrypto/x509/x509_set.c +++ /dev/null | |||
| @@ -1,150 +0,0 @@ | |||
| 1 | /* crypto/x509/x509_set.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include "cryptlib.h" | ||
| 61 | #include <openssl/asn1.h> | ||
| 62 | #include <openssl/objects.h> | ||
| 63 | #include <openssl/evp.h> | ||
| 64 | #include <openssl/x509.h> | ||
| 65 | |||
| 66 | int X509_set_version(X509 *x, long version) | ||
| 67 | { | ||
| 68 | if (x == NULL) return(0); | ||
| 69 | if (x->cert_info->version == NULL) | ||
| 70 | { | ||
| 71 | if ((x->cert_info->version=ASN1_INTEGER_new()) == NULL) | ||
| 72 | return(0); | ||
| 73 | } | ||
| 74 | return(ASN1_INTEGER_set(x->cert_info->version,version)); | ||
| 75 | } | ||
| 76 | |||
| 77 | int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial) | ||
| 78 | { | ||
| 79 | ASN1_INTEGER *in; | ||
| 80 | |||
| 81 | if (x == NULL) return(0); | ||
| 82 | in=x->cert_info->serialNumber; | ||
| 83 | if (in != serial) | ||
| 84 | { | ||
| 85 | in=ASN1_INTEGER_dup(serial); | ||
| 86 | if (in != NULL) | ||
| 87 | { | ||
| 88 | ASN1_INTEGER_free(x->cert_info->serialNumber); | ||
| 89 | x->cert_info->serialNumber=in; | ||
| 90 | } | ||
| 91 | } | ||
| 92 | return(in != NULL); | ||
| 93 | } | ||
| 94 | |||
| 95 | int X509_set_issuer_name(X509 *x, X509_NAME *name) | ||
| 96 | { | ||
| 97 | if ((x == NULL) || (x->cert_info == NULL)) return(0); | ||
| 98 | return(X509_NAME_set(&x->cert_info->issuer,name)); | ||
| 99 | } | ||
| 100 | |||
| 101 | int X509_set_subject_name(X509 *x, X509_NAME *name) | ||
| 102 | { | ||
| 103 | if ((x == NULL) || (x->cert_info == NULL)) return(0); | ||
| 104 | return(X509_NAME_set(&x->cert_info->subject,name)); | ||
| 105 | } | ||
| 106 | |||
| 107 | int X509_set_notBefore(X509 *x, ASN1_UTCTIME *tm) | ||
| 108 | { | ||
| 109 | ASN1_UTCTIME *in; | ||
| 110 | |||
| 111 | if ((x == NULL) || (x->cert_info->validity == NULL)) return(0); | ||
| 112 | in=x->cert_info->validity->notBefore; | ||
| 113 | if (in != tm) | ||
| 114 | { | ||
| 115 | in=ASN1_UTCTIME_dup(tm); | ||
| 116 | if (in != NULL) | ||
| 117 | { | ||
| 118 | ASN1_UTCTIME_free(x->cert_info->validity->notBefore); | ||
| 119 | x->cert_info->validity->notBefore=in; | ||
| 120 | } | ||
| 121 | } | ||
| 122 | return(in != NULL); | ||
| 123 | } | ||
| 124 | |||
| 125 | int X509_set_notAfter(X509 *x, ASN1_UTCTIME *tm) | ||
| 126 | { | ||
| 127 | ASN1_UTCTIME *in; | ||
| 128 | |||
| 129 | if ((x == NULL) || (x->cert_info->validity == NULL)) return(0); | ||
| 130 | in=x->cert_info->validity->notAfter; | ||
| 131 | if (in != tm) | ||
| 132 | { | ||
| 133 | in=ASN1_UTCTIME_dup(tm); | ||
| 134 | if (in != NULL) | ||
| 135 | { | ||
| 136 | ASN1_UTCTIME_free(x->cert_info->validity->notAfter); | ||
| 137 | x->cert_info->validity->notAfter=in; | ||
| 138 | } | ||
| 139 | } | ||
| 140 | return(in != NULL); | ||
| 141 | } | ||
| 142 | |||
| 143 | int X509_set_pubkey(X509 *x, EVP_PKEY *pkey) | ||
| 144 | { | ||
| 145 | if ((x == NULL) || (x->cert_info == NULL)) return(0); | ||
| 146 | return(X509_PUBKEY_set(&(x->cert_info->key),pkey)); | ||
| 147 | } | ||
| 148 | |||
| 149 | |||
| 150 | |||
diff --git a/src/lib/libcrypto/x509/x509_txt.c b/src/lib/libcrypto/x509/x509_txt.c deleted file mode 100644 index 11a3d2012f..0000000000 --- a/src/lib/libcrypto/x509/x509_txt.c +++ /dev/null | |||
| @@ -1,132 +0,0 @@ | |||
| 1 | /* crypto/x509/x509_txt.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include <time.h> | ||
| 61 | #include <errno.h> | ||
| 62 | #include <sys/types.h> | ||
| 63 | |||
| 64 | #include "cryptlib.h" | ||
| 65 | #include <openssl/lhash.h> | ||
| 66 | #include <openssl/buffer.h> | ||
| 67 | #include <openssl/evp.h> | ||
| 68 | #include <openssl/asn1.h> | ||
| 69 | #include <openssl/x509.h> | ||
| 70 | #include <openssl/objects.h> | ||
| 71 | |||
| 72 | const char *X509_verify_cert_error_string(long n) | ||
| 73 | { | ||
| 74 | static char buf[100]; | ||
| 75 | |||
| 76 | switch ((int)n) | ||
| 77 | { | ||
| 78 | case X509_V_OK: | ||
| 79 | return("ok"); | ||
| 80 | case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: | ||
| 81 | return("unable to get issuer certificate"); | ||
| 82 | case X509_V_ERR_UNABLE_TO_GET_CRL: | ||
| 83 | return("unable to get certificate CRL"); | ||
| 84 | case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE: | ||
| 85 | return("unable to decrypt certificate's signature"); | ||
| 86 | case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE: | ||
| 87 | return("unable to decrypt CRL's's signature"); | ||
| 88 | case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY: | ||
| 89 | return("unable to decode issuer public key"); | ||
| 90 | case X509_V_ERR_CERT_SIGNATURE_FAILURE: | ||
| 91 | return("certificate signature failure"); | ||
| 92 | case X509_V_ERR_CRL_SIGNATURE_FAILURE: | ||
| 93 | return("CRL signature failure"); | ||
| 94 | case X509_V_ERR_CERT_NOT_YET_VALID: | ||
| 95 | return("certificate is not yet valid"); | ||
| 96 | case X509_V_ERR_CRL_NOT_YET_VALID: | ||
| 97 | return("CRL is not yet valid"); | ||
| 98 | case X509_V_ERR_CERT_HAS_EXPIRED: | ||
| 99 | return("Certificate has expired"); | ||
| 100 | case X509_V_ERR_CRL_HAS_EXPIRED: | ||
| 101 | return("CRL has expired"); | ||
| 102 | case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD: | ||
| 103 | return("format error in certificate's notBefore field"); | ||
| 104 | case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD: | ||
| 105 | return("format error in certificate's notAfter field"); | ||
| 106 | case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD: | ||
| 107 | return("format error in CRL's lastUpdate field"); | ||
| 108 | case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD: | ||
| 109 | return("format error in CRL's nextUpdate field"); | ||
| 110 | case X509_V_ERR_OUT_OF_MEM: | ||
| 111 | return("out of memory"); | ||
| 112 | case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: | ||
| 113 | return("self signed certificate"); | ||
| 114 | case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: | ||
| 115 | return("self signed certificate in certificate chain"); | ||
| 116 | case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: | ||
| 117 | return("unable to get local issuer certificate"); | ||
| 118 | case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: | ||
| 119 | return("unable to verify the first certificate"); | ||
| 120 | case X509_V_ERR_CERT_CHAIN_TOO_LONG: | ||
| 121 | return("certificate chain too long"); | ||
| 122 | case X509_V_ERR_CERT_REVOKED: | ||
| 123 | return("certificate revoked"); | ||
| 124 | case X509_V_ERR_APPLICATION_VERIFICATION: | ||
| 125 | return("application verification failure"); | ||
| 126 | default: | ||
| 127 | sprintf(buf,"error number %ld",n); | ||
| 128 | return(buf); | ||
| 129 | } | ||
| 130 | } | ||
| 131 | |||
| 132 | |||
diff --git a/src/lib/libcrypto/x509/x509_v3.c b/src/lib/libcrypto/x509/x509_v3.c deleted file mode 100644 index dd2f9f1b17..0000000000 --- a/src/lib/libcrypto/x509/x509_v3.c +++ /dev/null | |||
| @@ -1,266 +0,0 @@ | |||
| 1 | /* crypto/x509/x509_v3.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include <openssl/stack.h> | ||
| 61 | #include "cryptlib.h" | ||
| 62 | #include <openssl/asn1.h> | ||
| 63 | #include <openssl/objects.h> | ||
| 64 | #include <openssl/evp.h> | ||
| 65 | #include <openssl/x509.h> | ||
| 66 | |||
| 67 | int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x) | ||
| 68 | { | ||
| 69 | if (x == NULL) return(0); | ||
| 70 | return(sk_X509_EXTENSION_num(x)); | ||
| 71 | } | ||
| 72 | |||
| 73 | int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, int nid, | ||
| 74 | int lastpos) | ||
| 75 | { | ||
| 76 | ASN1_OBJECT *obj; | ||
| 77 | |||
| 78 | obj=OBJ_nid2obj(nid); | ||
| 79 | if (obj == NULL) return(-2); | ||
| 80 | return(X509v3_get_ext_by_OBJ(x,obj,lastpos)); | ||
| 81 | } | ||
| 82 | |||
| 83 | int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *sk, ASN1_OBJECT *obj, | ||
| 84 | int lastpos) | ||
| 85 | { | ||
| 86 | int n; | ||
| 87 | X509_EXTENSION *ex; | ||
| 88 | |||
| 89 | if (sk == NULL) return(-1); | ||
| 90 | lastpos++; | ||
| 91 | if (lastpos < 0) | ||
| 92 | lastpos=0; | ||
| 93 | n=sk_X509_EXTENSION_num(sk); | ||
| 94 | for ( ; lastpos < n; lastpos++) | ||
| 95 | { | ||
| 96 | ex=sk_X509_EXTENSION_value(sk,lastpos); | ||
| 97 | if (OBJ_cmp(ex->object,obj) == 0) | ||
| 98 | return(lastpos); | ||
| 99 | } | ||
| 100 | return(-1); | ||
| 101 | } | ||
| 102 | |||
| 103 | int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *sk, int crit, | ||
| 104 | int lastpos) | ||
| 105 | { | ||
| 106 | int n; | ||
| 107 | X509_EXTENSION *ex; | ||
| 108 | |||
| 109 | if (sk == NULL) return(-1); | ||
| 110 | lastpos++; | ||
| 111 | if (lastpos < 0) | ||
| 112 | lastpos=0; | ||
| 113 | n=sk_X509_EXTENSION_num(sk); | ||
| 114 | for ( ; lastpos < n; lastpos++) | ||
| 115 | { | ||
| 116 | ex=sk_X509_EXTENSION_value(sk,lastpos); | ||
| 117 | if ( (ex->critical && crit) || | ||
| 118 | (!ex->critical && !crit)) | ||
| 119 | return(lastpos); | ||
| 120 | } | ||
| 121 | return(-1); | ||
| 122 | } | ||
| 123 | |||
| 124 | X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc) | ||
| 125 | { | ||
| 126 | if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0) | ||
| 127 | return NULL; | ||
| 128 | else | ||
| 129 | return sk_X509_EXTENSION_value(x,loc); | ||
| 130 | } | ||
| 131 | |||
| 132 | X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc) | ||
| 133 | { | ||
| 134 | X509_EXTENSION *ret; | ||
| 135 | |||
| 136 | if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0) | ||
| 137 | return(NULL); | ||
| 138 | ret=sk_X509_EXTENSION_delete(x,loc); | ||
| 139 | return(ret); | ||
| 140 | } | ||
| 141 | |||
| 142 | STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x, | ||
| 143 | X509_EXTENSION *ex, int loc) | ||
| 144 | { | ||
| 145 | X509_EXTENSION *new_ex=NULL; | ||
| 146 | int n; | ||
| 147 | STACK_OF(X509_EXTENSION) *sk=NULL; | ||
| 148 | |||
| 149 | if ((x != NULL) && (*x == NULL)) | ||
| 150 | { | ||
| 151 | if ((sk=sk_X509_EXTENSION_new_null()) == NULL) | ||
| 152 | goto err; | ||
| 153 | } | ||
| 154 | else | ||
| 155 | sk= *x; | ||
| 156 | |||
| 157 | n=sk_X509_EXTENSION_num(sk); | ||
| 158 | if (loc > n) loc=n; | ||
| 159 | else if (loc < 0) loc=n; | ||
| 160 | |||
| 161 | if ((new_ex=X509_EXTENSION_dup(ex)) == NULL) | ||
| 162 | goto err2; | ||
| 163 | if (!sk_X509_EXTENSION_insert(sk,new_ex,loc)) | ||
| 164 | goto err; | ||
| 165 | if ((x != NULL) && (*x == NULL)) | ||
| 166 | *x=sk; | ||
| 167 | return(sk); | ||
| 168 | err: | ||
| 169 | X509err(X509_F_X509V3_ADD_EXT,ERR_R_MALLOC_FAILURE); | ||
| 170 | err2: | ||
| 171 | if (new_ex != NULL) X509_EXTENSION_free(new_ex); | ||
| 172 | if (sk != NULL) sk_X509_EXTENSION_free(sk); | ||
| 173 | return(NULL); | ||
| 174 | } | ||
| 175 | |||
| 176 | X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, int nid, | ||
| 177 | int crit, ASN1_OCTET_STRING *data) | ||
| 178 | { | ||
| 179 | ASN1_OBJECT *obj; | ||
| 180 | X509_EXTENSION *ret; | ||
| 181 | |||
| 182 | obj=OBJ_nid2obj(nid); | ||
| 183 | if (obj == NULL) | ||
| 184 | { | ||
| 185 | X509err(X509_F_X509_EXTENSION_CREATE_BY_NID,X509_R_UNKNOWN_NID); | ||
| 186 | return(NULL); | ||
| 187 | } | ||
| 188 | ret=X509_EXTENSION_create_by_OBJ(ex,obj,crit,data); | ||
| 189 | if (ret == NULL) ASN1_OBJECT_free(obj); | ||
| 190 | return(ret); | ||
| 191 | } | ||
| 192 | |||
| 193 | X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex, | ||
| 194 | ASN1_OBJECT *obj, int crit, ASN1_OCTET_STRING *data) | ||
| 195 | { | ||
| 196 | X509_EXTENSION *ret; | ||
| 197 | |||
| 198 | if ((ex == NULL) || (*ex == NULL)) | ||
| 199 | { | ||
| 200 | if ((ret=X509_EXTENSION_new()) == NULL) | ||
| 201 | { | ||
| 202 | X509err(X509_F_X509_EXTENSION_CREATE_BY_OBJ,ERR_R_MALLOC_FAILURE); | ||
| 203 | return(NULL); | ||
| 204 | } | ||
| 205 | } | ||
| 206 | else | ||
| 207 | ret= *ex; | ||
| 208 | |||
| 209 | if (!X509_EXTENSION_set_object(ret,obj)) | ||
| 210 | goto err; | ||
| 211 | if (!X509_EXTENSION_set_critical(ret,crit)) | ||
| 212 | goto err; | ||
| 213 | if (!X509_EXTENSION_set_data(ret,data)) | ||
| 214 | goto err; | ||
| 215 | |||
| 216 | if ((ex != NULL) && (*ex == NULL)) *ex=ret; | ||
| 217 | return(ret); | ||
| 218 | err: | ||
| 219 | if ((ex == NULL) || (ret != *ex)) | ||
| 220 | X509_EXTENSION_free(ret); | ||
| 221 | return(NULL); | ||
| 222 | } | ||
| 223 | |||
| 224 | int X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj) | ||
| 225 | { | ||
| 226 | if ((ex == NULL) || (obj == NULL)) | ||
| 227 | return(0); | ||
| 228 | ASN1_OBJECT_free(ex->object); | ||
| 229 | ex->object=OBJ_dup(obj); | ||
| 230 | return(1); | ||
| 231 | } | ||
| 232 | |||
| 233 | int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit) | ||
| 234 | { | ||
| 235 | if (ex == NULL) return(0); | ||
| 236 | ex->critical=(crit)?0xFF:0; | ||
| 237 | return(1); | ||
| 238 | } | ||
| 239 | |||
| 240 | int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data) | ||
| 241 | { | ||
| 242 | int i; | ||
| 243 | |||
| 244 | if (ex == NULL) return(0); | ||
| 245 | i=ASN1_OCTET_STRING_set(ex->value,data->data,data->length); | ||
| 246 | if (!i) return(0); | ||
| 247 | return(1); | ||
| 248 | } | ||
| 249 | |||
| 250 | ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex) | ||
| 251 | { | ||
| 252 | if (ex == NULL) return(NULL); | ||
| 253 | return(ex->object); | ||
| 254 | } | ||
| 255 | |||
| 256 | ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ex) | ||
| 257 | { | ||
| 258 | if (ex == NULL) return(NULL); | ||
| 259 | return(ex->value); | ||
| 260 | } | ||
| 261 | |||
| 262 | int X509_EXTENSION_get_critical(X509_EXTENSION *ex) | ||
| 263 | { | ||
| 264 | if (ex == NULL) return(0); | ||
| 265 | return(ex->critical); | ||
| 266 | } | ||
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c deleted file mode 100644 index c72ee4a385..0000000000 --- a/src/lib/libcrypto/x509/x509_vfy.c +++ /dev/null | |||
| @@ -1,639 +0,0 @@ | |||
| 1 | /* crypto/x509/x509_vfy.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include <time.h> | ||
| 61 | #include <errno.h> | ||
| 62 | #include <sys/types.h> | ||
| 63 | #include <sys/stat.h> | ||
| 64 | |||
| 65 | #include <openssl/crypto.h> | ||
| 66 | #include "cryptlib.h" | ||
| 67 | #include <openssl/lhash.h> | ||
| 68 | #include <openssl/buffer.h> | ||
| 69 | #include <openssl/evp.h> | ||
| 70 | #include <openssl/asn1.h> | ||
| 71 | #include <openssl/x509.h> | ||
| 72 | #include <openssl/objects.h> | ||
| 73 | |||
| 74 | static int null_callback(int ok,X509_STORE_CTX *e); | ||
| 75 | static int internal_verify(X509_STORE_CTX *ctx); | ||
| 76 | const char *X509_version="X.509" OPENSSL_VERSION_PTEXT; | ||
| 77 | |||
| 78 | static STACK *x509_store_ctx_method=NULL; | ||
| 79 | static int x509_store_ctx_num=0; | ||
| 80 | #if 0 | ||
| 81 | static int x509_store_num=1; | ||
| 82 | static STACK *x509_store_method=NULL; | ||
| 83 | #endif | ||
| 84 | |||
| 85 | static int null_callback(int ok, X509_STORE_CTX *e) | ||
| 86 | { | ||
| 87 | return(ok); | ||
| 88 | } | ||
| 89 | |||
| 90 | #if 0 | ||
| 91 | static int x509_subject_cmp(X509 **a, X509 **b) | ||
| 92 | { | ||
| 93 | return(X509_subject_name_cmp(*a,*b)); | ||
| 94 | } | ||
| 95 | #endif | ||
| 96 | |||
| 97 | int X509_verify_cert(X509_STORE_CTX *ctx) | ||
| 98 | { | ||
| 99 | X509 *x,*xtmp,*chain_ss=NULL; | ||
| 100 | X509_NAME *xn; | ||
| 101 | X509_OBJECT obj; | ||
| 102 | int depth,i,ok=0; | ||
| 103 | int num; | ||
| 104 | int (*cb)(); | ||
| 105 | STACK_OF(X509) *sktmp=NULL; | ||
| 106 | |||
| 107 | if (ctx->cert == NULL) | ||
| 108 | { | ||
| 109 | X509err(X509_F_X509_VERIFY_CERT,X509_R_NO_CERT_SET_FOR_US_TO_VERIFY); | ||
| 110 | return(-1); | ||
| 111 | } | ||
| 112 | |||
| 113 | cb=ctx->ctx->verify_cb; | ||
| 114 | if (cb == NULL) cb=null_callback; | ||
| 115 | |||
| 116 | /* first we make sure the chain we are going to build is | ||
| 117 | * present and that the first entry is in place */ | ||
| 118 | if (ctx->chain == NULL) | ||
| 119 | { | ||
| 120 | if ( ((ctx->chain=sk_X509_new_null()) == NULL) || | ||
| 121 | (!sk_X509_push(ctx->chain,ctx->cert))) | ||
| 122 | { | ||
| 123 | X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); | ||
| 124 | goto end; | ||
| 125 | } | ||
| 126 | CRYPTO_add(&ctx->cert->references,1,CRYPTO_LOCK_X509); | ||
| 127 | ctx->last_untrusted=1; | ||
| 128 | } | ||
| 129 | |||
| 130 | /* We use a temporary so we can chop and hack at it */ | ||
| 131 | if (ctx->untrusted != NULL | ||
| 132 | && (sktmp=sk_X509_dup(ctx->untrusted)) == NULL) | ||
| 133 | { | ||
| 134 | X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); | ||
| 135 | goto end; | ||
| 136 | } | ||
| 137 | |||
| 138 | num=sk_X509_num(ctx->chain); | ||
| 139 | x=sk_X509_value(ctx->chain,num-1); | ||
| 140 | depth=ctx->depth; | ||
| 141 | |||
| 142 | |||
| 143 | for (;;) | ||
| 144 | { | ||
| 145 | /* If we have enough, we break */ | ||
| 146 | if (depth < num) break; /* FIXME: If this happens, we should take | ||
| 147 | * note of it and, if appropriate, use the | ||
| 148 | * X509_V_ERR_CERT_CHAIN_TOO_LONG error | ||
| 149 | * code later. | ||
| 150 | */ | ||
| 151 | |||
| 152 | /* If we are self signed, we break */ | ||
| 153 | xn=X509_get_issuer_name(x); | ||
| 154 | if (X509_NAME_cmp(X509_get_subject_name(x),xn) == 0) | ||
| 155 | break; | ||
| 156 | |||
| 157 | /* If we were passed a cert chain, use it first */ | ||
| 158 | if (ctx->untrusted != NULL) | ||
| 159 | { | ||
| 160 | xtmp=X509_find_by_subject(sktmp,xn); | ||
| 161 | if (xtmp != NULL) | ||
| 162 | { | ||
| 163 | if (!sk_X509_push(ctx->chain,xtmp)) | ||
| 164 | { | ||
| 165 | X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); | ||
| 166 | goto end; | ||
| 167 | } | ||
| 168 | CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509); | ||
| 169 | sk_X509_delete_ptr(sktmp,xtmp); | ||
| 170 | ctx->last_untrusted++; | ||
| 171 | x=xtmp; | ||
| 172 | num++; | ||
| 173 | /* reparse the full chain for | ||
| 174 | * the next one */ | ||
| 175 | continue; | ||
| 176 | } | ||
| 177 | } | ||
| 178 | break; | ||
| 179 | } | ||
| 180 | |||
| 181 | /* at this point, chain should contain a list of untrusted | ||
| 182 | * certificates. We now need to add at least one trusted one, | ||
| 183 | * if possible, otherwise we complain. */ | ||
| 184 | |||
| 185 | i=sk_X509_num(ctx->chain); | ||
| 186 | x=sk_X509_value(ctx->chain,i-1); | ||
| 187 | if (X509_NAME_cmp(X509_get_subject_name(x),X509_get_issuer_name(x)) | ||
| 188 | == 0) | ||
| 189 | { | ||
| 190 | /* we have a self signed certificate */ | ||
| 191 | if (sk_X509_num(ctx->chain) == 1) | ||
| 192 | { | ||
| 193 | ctx->error=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT; | ||
| 194 | ctx->current_cert=x; | ||
| 195 | ctx->error_depth=i-1; | ||
| 196 | ok=cb(0,ctx); | ||
| 197 | if (!ok) goto end; | ||
| 198 | } | ||
| 199 | else | ||
| 200 | { | ||
| 201 | /* worry more about this one elsewhere */ | ||
| 202 | chain_ss=sk_X509_pop(ctx->chain); | ||
| 203 | ctx->last_untrusted--; | ||
| 204 | num--; | ||
| 205 | x=sk_X509_value(ctx->chain,num-1); | ||
| 206 | } | ||
| 207 | } | ||
| 208 | |||
| 209 | /* We now lookup certs from the certificate store */ | ||
| 210 | for (;;) | ||
| 211 | { | ||
| 212 | /* If we have enough, we break */ | ||
| 213 | if (depth < num) break; | ||
| 214 | |||
| 215 | /* If we are self signed, we break */ | ||
| 216 | xn=X509_get_issuer_name(x); | ||
| 217 | if (X509_NAME_cmp(X509_get_subject_name(x),xn) == 0) | ||
| 218 | break; | ||
| 219 | |||
| 220 | ok=X509_STORE_get_by_subject(ctx,X509_LU_X509,xn,&obj); | ||
| 221 | if (ok != X509_LU_X509) | ||
| 222 | { | ||
| 223 | if (ok == X509_LU_RETRY) | ||
| 224 | { | ||
| 225 | X509_OBJECT_free_contents(&obj); | ||
| 226 | X509err(X509_F_X509_VERIFY_CERT,X509_R_SHOULD_RETRY); | ||
| 227 | return(ok); | ||
| 228 | } | ||
| 229 | else if (ok != X509_LU_FAIL) | ||
| 230 | { | ||
| 231 | X509_OBJECT_free_contents(&obj); | ||
| 232 | /* not good :-(, break anyway */ | ||
| 233 | return(ok); | ||
| 234 | } | ||
| 235 | break; | ||
| 236 | } | ||
| 237 | x=obj.data.x509; | ||
| 238 | if (!sk_X509_push(ctx->chain,obj.data.x509)) | ||
| 239 | { | ||
| 240 | X509_OBJECT_free_contents(&obj); | ||
| 241 | X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); | ||
| 242 | return(0); | ||
| 243 | } | ||
| 244 | num++; | ||
| 245 | } | ||
| 246 | |||
| 247 | /* we now have our chain, lets check it... */ | ||
| 248 | xn=X509_get_issuer_name(x); | ||
| 249 | if (X509_NAME_cmp(X509_get_subject_name(x),xn) != 0) | ||
| 250 | { | ||
| 251 | if ((chain_ss == NULL) || (X509_NAME_cmp(X509_get_subject_name(chain_ss),xn) != 0)) | ||
| 252 | { | ||
| 253 | if (ctx->last_untrusted >= num) | ||
| 254 | ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY; | ||
| 255 | else | ||
| 256 | ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT; | ||
| 257 | ctx->current_cert=x; | ||
| 258 | } | ||
| 259 | else | ||
| 260 | { | ||
| 261 | |||
| 262 | sk_X509_push(ctx->chain,chain_ss); | ||
| 263 | num++; | ||
| 264 | ctx->last_untrusted=num; | ||
| 265 | ctx->current_cert=chain_ss; | ||
| 266 | ctx->error=X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN; | ||
| 267 | chain_ss=NULL; | ||
| 268 | } | ||
| 269 | |||
| 270 | ctx->error_depth=num-1; | ||
| 271 | ok=cb(0,ctx); | ||
| 272 | if (!ok) goto end; | ||
| 273 | } | ||
| 274 | |||
| 275 | /* We may as well copy down any DSA parameters that are required */ | ||
| 276 | X509_get_pubkey_parameters(NULL,ctx->chain); | ||
| 277 | |||
| 278 | /* At this point, we have a chain and just need to verify it */ | ||
| 279 | if (ctx->ctx->verify != NULL) | ||
| 280 | ok=ctx->ctx->verify(ctx); | ||
| 281 | else | ||
| 282 | ok=internal_verify(ctx); | ||
| 283 | if (0) | ||
| 284 | { | ||
| 285 | end: | ||
| 286 | X509_get_pubkey_parameters(NULL,ctx->chain); | ||
| 287 | } | ||
| 288 | if (sktmp != NULL) sk_X509_free(sktmp); | ||
| 289 | if (chain_ss != NULL) X509_free(chain_ss); | ||
| 290 | return(ok); | ||
| 291 | } | ||
| 292 | |||
| 293 | static int internal_verify(X509_STORE_CTX *ctx) | ||
| 294 | { | ||
| 295 | int i,ok=0,n; | ||
| 296 | X509 *xs,*xi; | ||
| 297 | EVP_PKEY *pkey=NULL; | ||
| 298 | int (*cb)(); | ||
| 299 | |||
| 300 | cb=ctx->ctx->verify_cb; | ||
| 301 | if (cb == NULL) cb=null_callback; | ||
| 302 | |||
| 303 | n=sk_X509_num(ctx->chain); | ||
| 304 | ctx->error_depth=n-1; | ||
| 305 | n--; | ||
| 306 | xi=sk_X509_value(ctx->chain,n); | ||
| 307 | if (X509_NAME_cmp(X509_get_subject_name(xi), | ||
| 308 | X509_get_issuer_name(xi)) == 0) | ||
| 309 | xs=xi; | ||
| 310 | else | ||
| 311 | { | ||
| 312 | if (n <= 0) | ||
| 313 | { | ||
| 314 | ctx->error=X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE; | ||
| 315 | ctx->current_cert=xi; | ||
| 316 | ok=cb(0,ctx); | ||
| 317 | goto end; | ||
| 318 | } | ||
| 319 | else | ||
| 320 | { | ||
| 321 | n--; | ||
| 322 | ctx->error_depth=n; | ||
| 323 | xs=sk_X509_value(ctx->chain,n); | ||
| 324 | } | ||
| 325 | } | ||
| 326 | |||
| 327 | /* ctx->error=0; not needed */ | ||
| 328 | while (n >= 0) | ||
| 329 | { | ||
| 330 | ctx->error_depth=n; | ||
| 331 | if (!xs->valid) | ||
| 332 | { | ||
| 333 | if ((pkey=X509_get_pubkey(xi)) == NULL) | ||
| 334 | { | ||
| 335 | ctx->error=X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY; | ||
| 336 | ctx->current_cert=xi; | ||
| 337 | ok=(*cb)(0,ctx); | ||
| 338 | if (!ok) goto end; | ||
| 339 | } | ||
| 340 | if (X509_verify(xs,pkey) <= 0) | ||
| 341 | { | ||
| 342 | EVP_PKEY_free(pkey); | ||
| 343 | ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE; | ||
| 344 | ctx->current_cert=xs; | ||
| 345 | ok=(*cb)(0,ctx); | ||
| 346 | if (!ok) goto end; | ||
| 347 | } | ||
| 348 | EVP_PKEY_free(pkey); | ||
| 349 | pkey=NULL; | ||
| 350 | |||
| 351 | i=X509_cmp_current_time(X509_get_notBefore(xs)); | ||
| 352 | if (i == 0) | ||
| 353 | { | ||
| 354 | ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD; | ||
| 355 | ctx->current_cert=xs; | ||
| 356 | ok=(*cb)(0,ctx); | ||
| 357 | if (!ok) goto end; | ||
| 358 | } | ||
| 359 | if (i > 0) | ||
| 360 | { | ||
| 361 | ctx->error=X509_V_ERR_CERT_NOT_YET_VALID; | ||
| 362 | ctx->current_cert=xs; | ||
| 363 | ok=(*cb)(0,ctx); | ||
| 364 | if (!ok) goto end; | ||
| 365 | } | ||
| 366 | xs->valid=1; | ||
| 367 | } | ||
| 368 | |||
| 369 | i=X509_cmp_current_time(X509_get_notAfter(xs)); | ||
| 370 | if (i == 0) | ||
| 371 | { | ||
| 372 | ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD; | ||
| 373 | ctx->current_cert=xs; | ||
| 374 | ok=(*cb)(0,ctx); | ||
| 375 | if (!ok) goto end; | ||
| 376 | } | ||
| 377 | |||
| 378 | if (i < 0) | ||
| 379 | { | ||
| 380 | ctx->error=X509_V_ERR_CERT_HAS_EXPIRED; | ||
| 381 | ctx->current_cert=xs; | ||
| 382 | ok=(*cb)(0,ctx); | ||
| 383 | if (!ok) goto end; | ||
| 384 | } | ||
| 385 | |||
| 386 | /* CRL CHECK */ | ||
| 387 | |||
| 388 | /* The last error (if any) is still in the error value */ | ||
| 389 | ctx->current_cert=xs; | ||
| 390 | ok=(*cb)(1,ctx); | ||
| 391 | if (!ok) goto end; | ||
| 392 | |||
| 393 | n--; | ||
| 394 | if (n >= 0) | ||
| 395 | { | ||
| 396 | xi=xs; | ||
| 397 | xs=sk_X509_value(ctx->chain,n); | ||
| 398 | } | ||
| 399 | } | ||
| 400 | ok=1; | ||
| 401 | end: | ||
| 402 | return(ok); | ||
| 403 | } | ||
| 404 | |||
| 405 | int X509_cmp_current_time(ASN1_UTCTIME *ctm) | ||
| 406 | { | ||
| 407 | char *str; | ||
| 408 | ASN1_UTCTIME atm; | ||
| 409 | time_t offset; | ||
| 410 | char buff1[24],buff2[24],*p; | ||
| 411 | int i,j; | ||
| 412 | |||
| 413 | p=buff1; | ||
| 414 | i=ctm->length; | ||
| 415 | str=(char *)ctm->data; | ||
| 416 | if ((i < 11) || (i > 17)) return(0); | ||
| 417 | memcpy(p,str,10); | ||
| 418 | p+=10; | ||
| 419 | str+=10; | ||
| 420 | |||
| 421 | if ((*str == 'Z') || (*str == '-') || (*str == '+')) | ||
| 422 | { *(p++)='0'; *(p++)='0'; } | ||
| 423 | else { *(p++)= *(str++); *(p++)= *(str++); } | ||
| 424 | *(p++)='Z'; | ||
| 425 | *(p++)='\0'; | ||
| 426 | |||
| 427 | if (*str == 'Z') | ||
| 428 | offset=0; | ||
| 429 | else | ||
| 430 | { | ||
| 431 | if ((*str != '+') && (str[5] != '-')) | ||
| 432 | return(0); | ||
| 433 | offset=((str[1]-'0')*10+(str[2]-'0'))*60; | ||
| 434 | offset+=(str[3]-'0')*10+(str[4]-'0'); | ||
| 435 | if (*str == '-') | ||
| 436 | offset= -offset; | ||
| 437 | } | ||
| 438 | atm.type=V_ASN1_UTCTIME; | ||
| 439 | atm.length=sizeof(buff2); | ||
| 440 | atm.data=(unsigned char *)buff2; | ||
| 441 | |||
| 442 | X509_gmtime_adj(&atm,-offset); | ||
| 443 | |||
| 444 | i=(buff1[0]-'0')*10+(buff1[1]-'0'); | ||
| 445 | if (i < 50) i+=100; /* cf. RFC 2459 */ | ||
| 446 | j=(buff2[0]-'0')*10+(buff2[1]-'0'); | ||
| 447 | if (j < 50) j+=100; | ||
| 448 | |||
| 449 | if (i < j) return (-1); | ||
| 450 | if (i > j) return (1); | ||
| 451 | i=strcmp(buff1,buff2); | ||
| 452 | if (i == 0) /* wait a second then return younger :-) */ | ||
| 453 | return(-1); | ||
| 454 | else | ||
| 455 | return(i); | ||
| 456 | } | ||
| 457 | |||
| 458 | ASN1_UTCTIME *X509_gmtime_adj(ASN1_UTCTIME *s, long adj) | ||
| 459 | { | ||
| 460 | time_t t; | ||
| 461 | |||
| 462 | time(&t); | ||
| 463 | t+=adj; | ||
| 464 | return(ASN1_UTCTIME_set(s,t)); | ||
| 465 | } | ||
| 466 | |||
| 467 | int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain) | ||
| 468 | { | ||
| 469 | EVP_PKEY *ktmp=NULL,*ktmp2; | ||
| 470 | int i,j; | ||
| 471 | |||
| 472 | if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) return(1); | ||
| 473 | |||
| 474 | for (i=0; i<sk_X509_num(chain); i++) | ||
| 475 | { | ||
| 476 | ktmp=X509_get_pubkey(sk_X509_value(chain,i)); | ||
| 477 | if (ktmp == NULL) | ||
| 478 | { | ||
| 479 | X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY); | ||
| 480 | return(0); | ||
| 481 | } | ||
| 482 | if (!EVP_PKEY_missing_parameters(ktmp)) | ||
| 483 | break; | ||
| 484 | else | ||
| 485 | { | ||
| 486 | EVP_PKEY_free(ktmp); | ||
| 487 | ktmp=NULL; | ||
| 488 | } | ||
| 489 | } | ||
| 490 | if (ktmp == NULL) | ||
| 491 | { | ||
| 492 | X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN); | ||
| 493 | return(0); | ||
| 494 | } | ||
| 495 | |||
| 496 | /* first, populate the other certs */ | ||
| 497 | for (j=i-1; j >= 0; j--) | ||
| 498 | { | ||
| 499 | ktmp2=X509_get_pubkey(sk_X509_value(chain,j)); | ||
| 500 | EVP_PKEY_copy_parameters(ktmp2,ktmp); | ||
| 501 | EVP_PKEY_free(ktmp2); | ||
| 502 | } | ||
| 503 | |||
| 504 | if (pkey != NULL) EVP_PKEY_copy_parameters(pkey,ktmp); | ||
| 505 | EVP_PKEY_free(ktmp); | ||
| 506 | return(1); | ||
| 507 | } | ||
| 508 | |||
| 509 | int X509_STORE_add_cert(X509_STORE *ctx, X509 *x) | ||
| 510 | { | ||
| 511 | X509_OBJECT *obj,*r; | ||
| 512 | int ret=1; | ||
| 513 | |||
| 514 | if (x == NULL) return(0); | ||
| 515 | obj=(X509_OBJECT *)Malloc(sizeof(X509_OBJECT)); | ||
| 516 | if (obj == NULL) | ||
| 517 | { | ||
| 518 | X509err(X509_F_X509_STORE_ADD_CERT,ERR_R_MALLOC_FAILURE); | ||
| 519 | return(0); | ||
| 520 | } | ||
| 521 | obj->type=X509_LU_X509; | ||
| 522 | obj->data.x509=x; | ||
| 523 | |||
| 524 | CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); | ||
| 525 | |||
| 526 | X509_OBJECT_up_ref_count(obj); | ||
| 527 | |||
| 528 | r=(X509_OBJECT *)lh_insert(ctx->certs,(char *)obj); | ||
| 529 | if (r != NULL) | ||
| 530 | { /* oops, put it back */ | ||
| 531 | lh_delete(ctx->certs,(char *)obj); | ||
| 532 | X509_OBJECT_free_contents(obj); | ||
| 533 | Free(obj); | ||
| 534 | lh_insert(ctx->certs,(char *)r); | ||
| 535 | X509err(X509_F_X509_STORE_ADD_CERT,X509_R_CERT_ALREADY_IN_HASH_TABLE); | ||
| 536 | ret=0; | ||
| 537 | } | ||
| 538 | |||
| 539 | CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); | ||
| 540 | |||
| 541 | return(ret); | ||
| 542 | } | ||
| 543 | |||
| 544 | int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x) | ||
| 545 | { | ||
| 546 | X509_OBJECT *obj,*r; | ||
| 547 | int ret=1; | ||
| 548 | |||
| 549 | if (x == NULL) return(0); | ||
| 550 | obj=(X509_OBJECT *)Malloc(sizeof(X509_OBJECT)); | ||
| 551 | if (obj == NULL) | ||
| 552 | { | ||
| 553 | X509err(X509_F_X509_STORE_ADD_CRL,ERR_R_MALLOC_FAILURE); | ||
| 554 | return(0); | ||
| 555 | } | ||
| 556 | obj->type=X509_LU_CRL; | ||
| 557 | obj->data.crl=x; | ||
| 558 | |||
| 559 | CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE); | ||
| 560 | |||
| 561 | X509_OBJECT_up_ref_count(obj); | ||
| 562 | |||
| 563 | r=(X509_OBJECT *)lh_insert(ctx->certs,(char *)obj); | ||
| 564 | if (r != NULL) | ||
| 565 | { /* oops, put it back */ | ||
| 566 | lh_delete(ctx->certs,(char *)obj); | ||
| 567 | X509_OBJECT_free_contents(obj); | ||
| 568 | Free(obj); | ||
| 569 | lh_insert(ctx->certs,(char *)r); | ||
| 570 | X509err(X509_F_X509_STORE_ADD_CRL,X509_R_CERT_ALREADY_IN_HASH_TABLE); | ||
| 571 | ret=0; | ||
| 572 | } | ||
| 573 | |||
| 574 | CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE); | ||
| 575 | |||
| 576 | return(ret); | ||
| 577 | } | ||
| 578 | |||
| 579 | int X509_STORE_CTX_get_ex_new_index(long argl, char *argp, int (*new_func)(), | ||
| 580 | int (*dup_func)(), void (*free_func)()) | ||
| 581 | { | ||
| 582 | x509_store_ctx_num++; | ||
| 583 | return(CRYPTO_get_ex_new_index(x509_store_ctx_num-1, | ||
| 584 | &x509_store_ctx_method, | ||
| 585 | argl,argp,new_func,dup_func,free_func)); | ||
| 586 | } | ||
| 587 | |||
| 588 | int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data) | ||
| 589 | { | ||
| 590 | return(CRYPTO_set_ex_data(&ctx->ex_data,idx,data)); | ||
| 591 | } | ||
| 592 | |||
| 593 | void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx) | ||
| 594 | { | ||
| 595 | return(CRYPTO_get_ex_data(&ctx->ex_data,idx)); | ||
| 596 | } | ||
| 597 | |||
| 598 | int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx) | ||
| 599 | { | ||
| 600 | return(ctx->error); | ||
| 601 | } | ||
| 602 | |||
| 603 | void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err) | ||
| 604 | { | ||
| 605 | ctx->error=err; | ||
| 606 | } | ||
| 607 | |||
| 608 | int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx) | ||
| 609 | { | ||
| 610 | return(ctx->error_depth); | ||
| 611 | } | ||
| 612 | |||
| 613 | X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx) | ||
| 614 | { | ||
| 615 | return(ctx->current_cert); | ||
| 616 | } | ||
| 617 | |||
| 618 | STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx) | ||
| 619 | { | ||
| 620 | return(ctx->chain); | ||
| 621 | } | ||
| 622 | |||
| 623 | void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x) | ||
| 624 | { | ||
| 625 | ctx->cert=x; | ||
| 626 | } | ||
| 627 | |||
| 628 | void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk) | ||
| 629 | { | ||
| 630 | ctx->untrusted=sk; | ||
| 631 | } | ||
| 632 | |||
| 633 | IMPLEMENT_STACK_OF(X509) | ||
| 634 | IMPLEMENT_ASN1_SET_OF(X509) | ||
| 635 | |||
| 636 | IMPLEMENT_STACK_OF(X509_NAME) | ||
| 637 | |||
| 638 | IMPLEMENT_STACK_OF(X509_ATTRIBUTE) | ||
| 639 | IMPLEMENT_ASN1_SET_OF(X509_ATTRIBUTE) | ||
diff --git a/src/lib/libcrypto/x509/x509_vfy.h b/src/lib/libcrypto/x509/x509_vfy.h deleted file mode 100644 index ecfd4cf9ed..0000000000 --- a/src/lib/libcrypto/x509/x509_vfy.h +++ /dev/null | |||
| @@ -1,346 +0,0 @@ | |||
| 1 | /* crypto/x509/x509_vfy.h */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #ifndef HEADER_X509_H | ||
| 60 | #include <openssl/x509.h> | ||
| 61 | /* openssl/x509.h ends up #include-ing this file at about the only | ||
| 62 | * appropriate moment. */ | ||
| 63 | #endif | ||
| 64 | |||
| 65 | #ifndef HEADER_X509_VFY_H | ||
| 66 | #define HEADER_X509_VFY_H | ||
| 67 | |||
| 68 | #ifdef __cplusplus | ||
| 69 | extern "C" { | ||
| 70 | #endif | ||
| 71 | |||
| 72 | #include <openssl/bio.h> | ||
| 73 | #include <openssl/crypto.h> | ||
| 74 | |||
| 75 | /* Outer object */ | ||
| 76 | typedef struct x509_hash_dir_st | ||
| 77 | { | ||
| 78 | int num_dirs; | ||
| 79 | char **dirs; | ||
| 80 | int *dirs_type; | ||
| 81 | int num_dirs_alloced; | ||
| 82 | } X509_HASH_DIR_CTX; | ||
| 83 | |||
| 84 | typedef struct x509_file_st | ||
| 85 | { | ||
| 86 | int num_paths; /* number of paths to files or directories */ | ||
| 87 | int num_alloced; | ||
| 88 | char **paths; /* the list of paths or directories */ | ||
| 89 | int *path_type; | ||
| 90 | } X509_CERT_FILE_CTX; | ||
| 91 | |||
| 92 | /*******************************/ | ||
| 93 | /* | ||
| 94 | SSL_CTX -> X509_STORE | ||
| 95 | -> X509_LOOKUP | ||
| 96 | ->X509_LOOKUP_METHOD | ||
| 97 | -> X509_LOOKUP | ||
| 98 | ->X509_LOOKUP_METHOD | ||
| 99 | |||
| 100 | SSL -> X509_STORE_CTX | ||
| 101 | ->X509_STORE | ||
| 102 | |||
| 103 | The X509_STORE holds the tables etc for verification stuff. | ||
| 104 | A X509_STORE_CTX is used while validating a single certificate. | ||
| 105 | The X509_STORE has X509_LOOKUPs for looking up certs. | ||
| 106 | The X509_STORE then calls a function to actually verify the | ||
| 107 | certificate chain. | ||
| 108 | */ | ||
| 109 | |||
| 110 | #define X509_LU_RETRY -1 | ||
| 111 | #define X509_LU_FAIL 0 | ||
| 112 | #define X509_LU_X509 1 | ||
| 113 | #define X509_LU_CRL 2 | ||
| 114 | #define X509_LU_PKEY 3 | ||
| 115 | |||
| 116 | typedef struct x509_object_st | ||
| 117 | { | ||
| 118 | /* one of the above types */ | ||
| 119 | int type; | ||
| 120 | union { | ||
| 121 | char *ptr; | ||
| 122 | X509 *x509; | ||
| 123 | X509_CRL *crl; | ||
| 124 | EVP_PKEY *pkey; | ||
| 125 | } data; | ||
| 126 | } X509_OBJECT; | ||
| 127 | |||
| 128 | typedef struct x509_lookup_st X509_LOOKUP; | ||
| 129 | |||
| 130 | DECLARE_STACK_OF(X509_LOOKUP) | ||
| 131 | |||
| 132 | /* This is a static that defines the function interface */ | ||
| 133 | typedef struct x509_lookup_method_st | ||
| 134 | { | ||
| 135 | const char *name; | ||
| 136 | int (*new_item)(X509_LOOKUP *ctx); | ||
| 137 | void (*free)(X509_LOOKUP *ctx); | ||
| 138 | int (*init)(X509_LOOKUP *ctx); | ||
| 139 | int (*shutdown)(X509_LOOKUP *ctx); | ||
| 140 | int (*ctrl)(X509_LOOKUP *ctx,int cmd,const char *argc,long argl, | ||
| 141 | char **ret); | ||
| 142 | int (*get_by_subject)(X509_LOOKUP *ctx,int type,X509_NAME *name, | ||
| 143 | X509_OBJECT *ret); | ||
| 144 | int (*get_by_issuer_serial)(X509_LOOKUP *ctx,int type,X509_NAME *name, | ||
| 145 | ASN1_INTEGER *serial,X509_OBJECT *ret); | ||
| 146 | int (*get_by_fingerprint)(X509_LOOKUP *ctx,int type, | ||
| 147 | unsigned char *bytes,int len, | ||
| 148 | X509_OBJECT *ret); | ||
| 149 | int (*get_by_alias)(X509_LOOKUP *ctx,int type,char *str,int len, | ||
| 150 | X509_OBJECT *ret); | ||
| 151 | } X509_LOOKUP_METHOD; | ||
| 152 | |||
| 153 | typedef struct x509_store_state_st X509_STORE_CTX; | ||
| 154 | |||
| 155 | /* This is used to hold everything. It is used for all certificate | ||
| 156 | * validation. Once we have a certificate chain, the 'verify' | ||
| 157 | * function is then called to actually check the cert chain. */ | ||
| 158 | typedef struct x509_store_st | ||
| 159 | { | ||
| 160 | /* The following is a cache of trusted certs */ | ||
| 161 | int cache; /* if true, stash any hits */ | ||
| 162 | #ifdef HEADER_LHASH_H | ||
| 163 | LHASH *certs; /* cached certs; */ | ||
| 164 | #else | ||
| 165 | char *certs; | ||
| 166 | #endif | ||
| 167 | |||
| 168 | /* These are external lookup methods */ | ||
| 169 | STACK_OF(X509_LOOKUP) *get_cert_methods; | ||
| 170 | int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */ | ||
| 171 | int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */ | ||
| 172 | |||
| 173 | CRYPTO_EX_DATA ex_data; | ||
| 174 | int references; | ||
| 175 | int depth; /* how deep to look (still unused -- X509_STORE_CTX's depth is used) */ | ||
| 176 | } X509_STORE; | ||
| 177 | |||
| 178 | #define X509_STORE_set_depth(ctx,d) ((ctx)->depth=(d)) | ||
| 179 | |||
| 180 | #define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func)) | ||
| 181 | #define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func)) | ||
| 182 | |||
| 183 | /* This is the functions plus an instance of the local variables. */ | ||
| 184 | struct x509_lookup_st | ||
| 185 | { | ||
| 186 | int init; /* have we been started */ | ||
| 187 | int skip; /* don't use us. */ | ||
| 188 | X509_LOOKUP_METHOD *method; /* the functions */ | ||
| 189 | char *method_data; /* method data */ | ||
| 190 | |||
| 191 | X509_STORE *store_ctx; /* who owns us */ | ||
| 192 | }; | ||
| 193 | |||
| 194 | /* This is a temporary used when processing cert chains. Since the | ||
| 195 | * gathering of the cert chain can take some time (and have to be | ||
| 196 | * 'retried', this needs to be kept and passed around. */ | ||
| 197 | struct x509_store_state_st /* X509_STORE_CTX */ | ||
| 198 | { | ||
| 199 | X509_STORE *ctx; | ||
| 200 | int current_method; /* used when looking up certs */ | ||
| 201 | |||
| 202 | /* The following are set by the caller */ | ||
| 203 | X509 *cert; /* The cert to check */ | ||
| 204 | STACK_OF(X509) *untrusted; /* chain of X509s - untrusted - passed in */ | ||
| 205 | |||
| 206 | /* The following is built up */ | ||
| 207 | int depth; /* how far to go looking up certs */ | ||
| 208 | int valid; /* if 0, rebuild chain */ | ||
| 209 | int last_untrusted; /* index of last untrusted cert */ | ||
| 210 | STACK_OF(X509) *chain; /* chain of X509s - built up and trusted */ | ||
| 211 | |||
| 212 | /* When something goes wrong, this is why */ | ||
| 213 | int error_depth; | ||
| 214 | int error; | ||
| 215 | X509 *current_cert; | ||
| 216 | |||
| 217 | CRYPTO_EX_DATA ex_data; | ||
| 218 | }; | ||
| 219 | |||
| 220 | #define X509_STORE_CTX_set_depth(ctx,d) ((ctx)->depth=(d)) | ||
| 221 | |||
| 222 | #define X509_STORE_CTX_set_app_data(ctx,data) \ | ||
| 223 | X509_STORE_CTX_set_ex_data(ctx,0,data) | ||
| 224 | #define X509_STORE_CTX_get_app_data(ctx) \ | ||
| 225 | X509_STORE_CTX_get_ex_data(ctx,0) | ||
| 226 | |||
| 227 | #define X509_L_FILE_LOAD 1 | ||
| 228 | #define X509_L_ADD_DIR 2 | ||
| 229 | |||
| 230 | #define X509_LOOKUP_load_file(x,name,type) \ | ||
| 231 | X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL) | ||
| 232 | |||
| 233 | #define X509_LOOKUP_add_dir(x,name,type) \ | ||
| 234 | X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL) | ||
| 235 | |||
| 236 | #define X509_V_OK 0 | ||
| 237 | |||
| 238 | #define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2 | ||
| 239 | #define X509_V_ERR_UNABLE_TO_GET_CRL 3 | ||
| 240 | #define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4 | ||
| 241 | #define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5 | ||
| 242 | #define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6 | ||
| 243 | #define X509_V_ERR_CERT_SIGNATURE_FAILURE 7 | ||
| 244 | #define X509_V_ERR_CRL_SIGNATURE_FAILURE 8 | ||
| 245 | #define X509_V_ERR_CERT_NOT_YET_VALID 9 | ||
| 246 | #define X509_V_ERR_CERT_HAS_EXPIRED 10 | ||
| 247 | #define X509_V_ERR_CRL_NOT_YET_VALID 11 | ||
| 248 | #define X509_V_ERR_CRL_HAS_EXPIRED 12 | ||
| 249 | #define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13 | ||
| 250 | #define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14 | ||
| 251 | #define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15 | ||
| 252 | #define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16 | ||
| 253 | #define X509_V_ERR_OUT_OF_MEM 17 | ||
| 254 | #define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18 | ||
| 255 | #define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19 | ||
| 256 | #define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20 | ||
| 257 | #define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21 | ||
| 258 | #define X509_V_ERR_CERT_CHAIN_TOO_LONG 22 | ||
| 259 | #define X509_V_ERR_CERT_REVOKED 23 | ||
| 260 | |||
| 261 | /* The application is not happy */ | ||
| 262 | #define X509_V_ERR_APPLICATION_VERIFICATION 50 | ||
| 263 | |||
| 264 | /* These functions are being redefined in another directory, | ||
| 265 | and clash when the linker is case-insensitive, so let's | ||
| 266 | hide them a little, by giving them an extra 'o' at the | ||
| 267 | beginning of the name... */ | ||
| 268 | #ifdef VMS | ||
| 269 | #undef X509v3_cleanup_extensions | ||
| 270 | #define X509v3_cleanup_extensions oX509v3_cleanup_extensions | ||
| 271 | #undef X509v3_add_extension | ||
| 272 | #define X509v3_add_extension oX509v3_add_extension | ||
| 273 | #undef X509v3_add_netscape_extensions | ||
| 274 | #define X509v3_add_netscape_extensions oX509v3_add_netscape_extensions | ||
| 275 | #undef X509v3_add_standard_extensions | ||
| 276 | #define X509v3_add_standard_extensions oX509v3_add_standard_extensions | ||
| 277 | #endif | ||
| 278 | |||
| 279 | #ifdef HEADER_LHASH_H | ||
| 280 | X509_OBJECT *X509_OBJECT_retrieve_by_subject(LHASH *h,int type,X509_NAME *name); | ||
| 281 | #endif | ||
| 282 | void X509_OBJECT_up_ref_count(X509_OBJECT *a); | ||
| 283 | void X509_OBJECT_free_contents(X509_OBJECT *a); | ||
| 284 | X509_STORE *X509_STORE_new(void ); | ||
| 285 | void X509_STORE_free(X509_STORE *v); | ||
| 286 | |||
| 287 | void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, | ||
| 288 | X509 *x509, STACK_OF(X509) *chain); | ||
| 289 | void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx); | ||
| 290 | |||
| 291 | X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m); | ||
| 292 | |||
| 293 | X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void); | ||
| 294 | X509_LOOKUP_METHOD *X509_LOOKUP_file(void); | ||
| 295 | |||
| 296 | int X509_STORE_add_cert(X509_STORE *ctx, X509 *x); | ||
| 297 | int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x); | ||
| 298 | |||
| 299 | int X509_STORE_get_by_subject(X509_STORE_CTX *vs,int type,X509_NAME *name, | ||
| 300 | X509_OBJECT *ret); | ||
| 301 | |||
| 302 | int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, | ||
| 303 | long argl, char **ret); | ||
| 304 | |||
| 305 | #ifndef NO_STDIO | ||
| 306 | int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type); | ||
| 307 | int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type); | ||
| 308 | #endif | ||
| 309 | |||
| 310 | |||
| 311 | X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method); | ||
| 312 | void X509_LOOKUP_free(X509_LOOKUP *ctx); | ||
| 313 | int X509_LOOKUP_init(X509_LOOKUP *ctx); | ||
| 314 | int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name, | ||
| 315 | X509_OBJECT *ret); | ||
| 316 | int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name, | ||
| 317 | ASN1_INTEGER *serial, X509_OBJECT *ret); | ||
| 318 | int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type, | ||
| 319 | unsigned char *bytes, int len, X509_OBJECT *ret); | ||
| 320 | int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, | ||
| 321 | int len, X509_OBJECT *ret); | ||
| 322 | int X509_LOOKUP_shutdown(X509_LOOKUP *ctx); | ||
| 323 | |||
| 324 | #ifndef NO_STDIO | ||
| 325 | int X509_STORE_load_locations (X509_STORE *ctx, | ||
| 326 | const char *file, const char *dir); | ||
| 327 | int X509_STORE_set_default_paths(X509_STORE *ctx); | ||
| 328 | #endif | ||
| 329 | |||
| 330 | int X509_STORE_CTX_get_ex_new_index(long argl, char *argp, int (*new_func)(), | ||
| 331 | int (*dup_func)(), void (*free_func)()); | ||
| 332 | int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx,int idx,void *data); | ||
| 333 | void * X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx,int idx); | ||
| 334 | int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx); | ||
| 335 | void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s); | ||
| 336 | int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx); | ||
| 337 | X509 * X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx); | ||
| 338 | STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx); | ||
| 339 | void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x); | ||
| 340 | void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk); | ||
| 341 | |||
| 342 | #ifdef __cplusplus | ||
| 343 | } | ||
| 344 | #endif | ||
| 345 | #endif | ||
| 346 | |||
diff --git a/src/lib/libcrypto/x509/x509name.c b/src/lib/libcrypto/x509/x509name.c deleted file mode 100644 index 2a422be350..0000000000 --- a/src/lib/libcrypto/x509/x509name.c +++ /dev/null | |||
| @@ -1,321 +0,0 @@ | |||
| 1 | /* crypto/x509/x509name.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include <openssl/stack.h> | ||
| 61 | #include "cryptlib.h" | ||
| 62 | #include <openssl/asn1.h> | ||
| 63 | #include <openssl/objects.h> | ||
| 64 | #include <openssl/evp.h> | ||
| 65 | #include <openssl/x509.h> | ||
| 66 | |||
| 67 | int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len) | ||
| 68 | { | ||
| 69 | ASN1_OBJECT *obj; | ||
| 70 | |||
| 71 | obj=OBJ_nid2obj(nid); | ||
| 72 | if (obj == NULL) return(-1); | ||
| 73 | return(X509_NAME_get_text_by_OBJ(name,obj,buf,len)); | ||
| 74 | } | ||
| 75 | |||
| 76 | int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf, | ||
| 77 | int len) | ||
| 78 | { | ||
| 79 | int i; | ||
| 80 | ASN1_STRING *data; | ||
| 81 | |||
| 82 | i=X509_NAME_get_index_by_OBJ(name,obj,-1); | ||
| 83 | if (i < 0) return(-1); | ||
| 84 | data=X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name,i)); | ||
| 85 | i=(data->length > (len-1))?(len-1):data->length; | ||
| 86 | if (buf == NULL) return(data->length); | ||
| 87 | memcpy(buf,data->data,i); | ||
| 88 | buf[i]='\0'; | ||
| 89 | return(i); | ||
| 90 | } | ||
| 91 | |||
| 92 | int X509_NAME_entry_count(X509_NAME *name) | ||
| 93 | { | ||
| 94 | if (name == NULL) return(0); | ||
| 95 | return(sk_X509_NAME_ENTRY_num(name->entries)); | ||
| 96 | } | ||
| 97 | |||
| 98 | int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos) | ||
| 99 | { | ||
| 100 | ASN1_OBJECT *obj; | ||
| 101 | |||
| 102 | obj=OBJ_nid2obj(nid); | ||
| 103 | if (obj == NULL) return(-2); | ||
| 104 | return(X509_NAME_get_index_by_OBJ(name,obj,lastpos)); | ||
| 105 | } | ||
| 106 | |||
| 107 | /* NOTE: you should be passsing -1, not 0 as lastpos */ | ||
| 108 | int X509_NAME_get_index_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, | ||
| 109 | int lastpos) | ||
| 110 | { | ||
| 111 | int n; | ||
| 112 | X509_NAME_ENTRY *ne; | ||
| 113 | STACK_OF(X509_NAME_ENTRY) *sk; | ||
| 114 | |||
| 115 | if (name == NULL) return(-1); | ||
| 116 | if (lastpos < 0) | ||
| 117 | lastpos= -1; | ||
| 118 | sk=name->entries; | ||
| 119 | n=sk_X509_NAME_ENTRY_num(sk); | ||
| 120 | for (lastpos++; lastpos < n; lastpos++) | ||
| 121 | { | ||
| 122 | ne=sk_X509_NAME_ENTRY_value(sk,lastpos); | ||
| 123 | if (OBJ_cmp(ne->object,obj) == 0) | ||
| 124 | return(lastpos); | ||
| 125 | } | ||
| 126 | return(-1); | ||
| 127 | } | ||
| 128 | |||
| 129 | X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc) | ||
| 130 | { | ||
| 131 | if(name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc | ||
| 132 | || loc < 0) | ||
| 133 | return(NULL); | ||
| 134 | else | ||
| 135 | return(sk_X509_NAME_ENTRY_value(name->entries,loc)); | ||
| 136 | } | ||
| 137 | |||
| 138 | X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc) | ||
| 139 | { | ||
| 140 | X509_NAME_ENTRY *ret; | ||
| 141 | int i,n,set_prev,set_next; | ||
| 142 | STACK_OF(X509_NAME_ENTRY) *sk; | ||
| 143 | |||
| 144 | if (name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc | ||
| 145 | || loc < 0) | ||
| 146 | return(NULL); | ||
| 147 | sk=name->entries; | ||
| 148 | ret=sk_X509_NAME_ENTRY_delete(sk,loc); | ||
| 149 | n=sk_X509_NAME_ENTRY_num(sk); | ||
| 150 | name->modified=1; | ||
| 151 | if (loc == n) return(ret); | ||
| 152 | |||
| 153 | /* else we need to fixup the set field */ | ||
| 154 | if (loc != 0) | ||
| 155 | set_prev=(sk_X509_NAME_ENTRY_value(sk,loc-1))->set; | ||
| 156 | else | ||
| 157 | set_prev=ret->set-1; | ||
| 158 | set_next=sk_X509_NAME_ENTRY_value(sk,loc)->set; | ||
| 159 | |||
| 160 | /* set_prev is the previous set | ||
| 161 | * set is the current set | ||
| 162 | * set_next is the following | ||
| 163 | * prev 1 1 1 1 1 1 1 1 | ||
| 164 | * set 1 1 2 2 | ||
| 165 | * next 1 1 2 2 2 2 3 2 | ||
| 166 | * so basically only if prev and next differ by 2, then | ||
| 167 | * re-number down by 1 */ | ||
| 168 | if (set_prev+1 < set_next) | ||
| 169 | for (i=loc; i<n; i++) | ||
| 170 | sk_X509_NAME_ENTRY_value(sk,i)->set--; | ||
| 171 | return(ret); | ||
| 172 | } | ||
| 173 | |||
| 174 | /* if set is -1, append to previous set, 0 'a new one', and 1, | ||
| 175 | * prepend to the guy we are about to stomp on. */ | ||
| 176 | int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne, int loc, | ||
| 177 | int set) | ||
| 178 | { | ||
| 179 | X509_NAME_ENTRY *new_name=NULL; | ||
| 180 | int n,i,inc; | ||
| 181 | STACK_OF(X509_NAME_ENTRY) *sk; | ||
| 182 | |||
| 183 | if (name == NULL) return(0); | ||
| 184 | sk=name->entries; | ||
| 185 | n=sk_X509_NAME_ENTRY_num(sk); | ||
| 186 | if (loc > n) loc=n; | ||
| 187 | else if (loc < 0) loc=n; | ||
| 188 | |||
| 189 | name->modified=1; | ||
| 190 | |||
| 191 | if (set == -1) | ||
| 192 | { | ||
| 193 | if (loc == 0) | ||
| 194 | { | ||
| 195 | set=0; | ||
| 196 | inc=1; | ||
| 197 | } | ||
| 198 | else | ||
| 199 | { | ||
| 200 | set=sk_X509_NAME_ENTRY_value(sk,loc-1)->set; | ||
| 201 | inc=0; | ||
| 202 | } | ||
| 203 | } | ||
| 204 | else /* if (set >= 0) */ | ||
| 205 | { | ||
| 206 | if (loc >= n) | ||
| 207 | { | ||
| 208 | if (loc != 0) | ||
| 209 | set=sk_X509_NAME_ENTRY_value(sk,loc-1)->set+1; | ||
| 210 | else | ||
| 211 | set=0; | ||
| 212 | } | ||
| 213 | else | ||
| 214 | set=sk_X509_NAME_ENTRY_value(sk,loc)->set; | ||
| 215 | inc=(set == 0)?1:0; | ||
| 216 | } | ||
| 217 | |||
| 218 | if ((new_name=X509_NAME_ENTRY_dup(ne)) == NULL) | ||
| 219 | goto err; | ||
| 220 | new_name->set=set; | ||
| 221 | if (!sk_X509_NAME_ENTRY_insert(sk,new_name,loc)) | ||
| 222 | { | ||
| 223 | X509err(X509_F_X509_NAME_ADD_ENTRY,ERR_R_MALLOC_FAILURE); | ||
| 224 | goto err; | ||
| 225 | } | ||
| 226 | if (inc) | ||
| 227 | { | ||
| 228 | n=sk_X509_NAME_ENTRY_num(sk); | ||
| 229 | for (i=loc+1; i<n; i++) | ||
| 230 | sk_X509_NAME_ENTRY_value(sk,i-1)->set+=1; | ||
| 231 | } | ||
| 232 | return(1); | ||
| 233 | err: | ||
| 234 | if (new_name != NULL) | ||
| 235 | X509_NAME_ENTRY_free(new_name); | ||
| 236 | return(0); | ||
| 237 | } | ||
| 238 | |||
| 239 | X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid, | ||
| 240 | int type, unsigned char *bytes, int len) | ||
| 241 | { | ||
| 242 | ASN1_OBJECT *obj; | ||
| 243 | |||
| 244 | obj=OBJ_nid2obj(nid); | ||
| 245 | if (obj == NULL) | ||
| 246 | { | ||
| 247 | X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID,X509_R_UNKNOWN_NID); | ||
| 248 | return(NULL); | ||
| 249 | } | ||
| 250 | return(X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len)); | ||
| 251 | } | ||
| 252 | |||
| 253 | X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne, | ||
| 254 | ASN1_OBJECT *obj, int type, unsigned char *bytes, int len) | ||
| 255 | { | ||
| 256 | X509_NAME_ENTRY *ret; | ||
| 257 | |||
| 258 | if ((ne == NULL) || (*ne == NULL)) | ||
| 259 | { | ||
| 260 | if ((ret=X509_NAME_ENTRY_new()) == NULL) | ||
| 261 | return(NULL); | ||
| 262 | } | ||
| 263 | else | ||
| 264 | ret= *ne; | ||
| 265 | |||
| 266 | if (!X509_NAME_ENTRY_set_object(ret,obj)) | ||
| 267 | goto err; | ||
| 268 | if (!X509_NAME_ENTRY_set_data(ret,type,bytes,len)) | ||
| 269 | goto err; | ||
| 270 | |||
| 271 | if ((ne != NULL) && (*ne == NULL)) *ne=ret; | ||
| 272 | return(ret); | ||
| 273 | err: | ||
| 274 | if ((ne == NULL) || (ret != *ne)) | ||
| 275 | X509_NAME_ENTRY_free(ret); | ||
| 276 | return(NULL); | ||
| 277 | } | ||
| 278 | |||
| 279 | int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj) | ||
| 280 | { | ||
| 281 | if ((ne == NULL) || (obj == NULL)) | ||
| 282 | { | ||
| 283 | X509err(X509_F_X509_NAME_ENTRY_SET_OBJECT,ERR_R_PASSED_NULL_PARAMETER); | ||
| 284 | return(0); | ||
| 285 | } | ||
| 286 | ASN1_OBJECT_free(ne->object); | ||
| 287 | ne->object=OBJ_dup(obj); | ||
| 288 | return((ne->object == NULL)?0:1); | ||
| 289 | } | ||
| 290 | |||
| 291 | int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type, | ||
| 292 | unsigned char *bytes, int len) | ||
| 293 | { | ||
| 294 | int i; | ||
| 295 | |||
| 296 | if ((ne == NULL) || ((bytes == NULL) && (len != 0))) return(0); | ||
| 297 | if (len < 0) len=strlen((char *)bytes); | ||
| 298 | i=ASN1_STRING_set(ne->value,bytes,len); | ||
| 299 | if (!i) return(0); | ||
| 300 | if (type != V_ASN1_UNDEF) | ||
| 301 | { | ||
| 302 | if (type == V_ASN1_APP_CHOOSE) | ||
| 303 | ne->value->type=ASN1_PRINTABLE_type(bytes,len); | ||
| 304 | else | ||
| 305 | ne->value->type=type; | ||
| 306 | } | ||
| 307 | return(1); | ||
| 308 | } | ||
| 309 | |||
| 310 | ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne) | ||
| 311 | { | ||
| 312 | if (ne == NULL) return(NULL); | ||
| 313 | return(ne->object); | ||
| 314 | } | ||
| 315 | |||
| 316 | ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne) | ||
| 317 | { | ||
| 318 | if (ne == NULL) return(NULL); | ||
| 319 | return(ne->value); | ||
| 320 | } | ||
| 321 | |||
diff --git a/src/lib/libcrypto/x509/x509rset.c b/src/lib/libcrypto/x509/x509rset.c deleted file mode 100644 index d9f6b57372..0000000000 --- a/src/lib/libcrypto/x509/x509rset.c +++ /dev/null | |||
| @@ -1,83 +0,0 @@ | |||
| 1 | /* crypto/x509/x509rset.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include "cryptlib.h" | ||
| 61 | #include <openssl/asn1.h> | ||
| 62 | #include <openssl/objects.h> | ||
| 63 | #include <openssl/evp.h> | ||
| 64 | #include <openssl/x509.h> | ||
| 65 | |||
| 66 | int X509_REQ_set_version(X509_REQ *x, long version) | ||
| 67 | { | ||
| 68 | if (x == NULL) return(0); | ||
| 69 | return(ASN1_INTEGER_set(x->req_info->version,version)); | ||
| 70 | } | ||
| 71 | |||
| 72 | int X509_REQ_set_subject_name(X509_REQ *x, X509_NAME *name) | ||
| 73 | { | ||
| 74 | if ((x == NULL) || (x->req_info == NULL)) return(0); | ||
| 75 | return(X509_NAME_set(&x->req_info->subject,name)); | ||
| 76 | } | ||
| 77 | |||
| 78 | int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey) | ||
| 79 | { | ||
| 80 | if ((x == NULL) || (x->req_info == NULL)) return(0); | ||
| 81 | return(X509_PUBKEY_set(&x->req_info->pubkey,pkey)); | ||
| 82 | } | ||
| 83 | |||
diff --git a/src/lib/libcrypto/x509/x509type.c b/src/lib/libcrypto/x509/x509type.c deleted file mode 100644 index 8e78b34458..0000000000 --- a/src/lib/libcrypto/x509/x509type.c +++ /dev/null | |||
| @@ -1,114 +0,0 @@ | |||
| 1 | /* crypto/x509/x509type.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include "cryptlib.h" | ||
| 61 | #include <openssl/evp.h> | ||
| 62 | #include <openssl/objects.h> | ||
| 63 | #include <openssl/x509.h> | ||
| 64 | |||
| 65 | int X509_certificate_type(X509 *x, EVP_PKEY *pkey) | ||
| 66 | { | ||
| 67 | EVP_PKEY *pk; | ||
| 68 | int ret=0,i; | ||
| 69 | |||
| 70 | if (x == NULL) return(0); | ||
| 71 | |||
| 72 | if (pkey == NULL) | ||
| 73 | pk=X509_get_pubkey(x); | ||
| 74 | else | ||
| 75 | pk=pkey; | ||
| 76 | |||
| 77 | if (pk == NULL) return(0); | ||
| 78 | |||
| 79 | switch (pk->type) | ||
| 80 | { | ||
| 81 | case EVP_PKEY_RSA: | ||
| 82 | ret=EVP_PK_RSA|EVP_PKT_SIGN; | ||
| 83 | /* if (!sign only extension) */ | ||
| 84 | ret|=EVP_PKT_ENC; | ||
| 85 | break; | ||
| 86 | case EVP_PKEY_DSA: | ||
| 87 | ret=EVP_PK_DSA|EVP_PKT_SIGN; | ||
| 88 | break; | ||
| 89 | case EVP_PKEY_DH: | ||
| 90 | ret=EVP_PK_DH|EVP_PKT_EXCH; | ||
| 91 | break; | ||
| 92 | default: | ||
| 93 | break; | ||
| 94 | } | ||
| 95 | |||
| 96 | i=X509_get_signature_type(x); | ||
| 97 | switch (i) | ||
| 98 | { | ||
| 99 | case EVP_PKEY_RSA: | ||
| 100 | ret|=EVP_PKS_RSA; | ||
| 101 | break; | ||
| 102 | case EVP_PKS_DSA: | ||
| 103 | ret|=EVP_PKS_DSA; | ||
| 104 | break; | ||
| 105 | default: | ||
| 106 | break; | ||
| 107 | } | ||
| 108 | |||
| 109 | if (EVP_PKEY_size(pk) <= 512) | ||
| 110 | ret|=EVP_PKT_EXP; | ||
| 111 | if(pkey==NULL) EVP_PKEY_free(pk); | ||
| 112 | return(ret); | ||
| 113 | } | ||
| 114 | |||
diff --git a/src/lib/libcrypto/x509/x_all.c b/src/lib/libcrypto/x509/x_all.c deleted file mode 100644 index f2af895df0..0000000000 --- a/src/lib/libcrypto/x509/x_all.c +++ /dev/null | |||
| @@ -1,437 +0,0 @@ | |||
| 1 | /* crypto/x509/x_all.c */ | ||
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | ||
| 3 | * All rights reserved. | ||
| 4 | * | ||
| 5 | * This package is an SSL implementation written | ||
| 6 | * by Eric Young (eay@cryptsoft.com). | ||
| 7 | * The implementation was written so as to conform with Netscapes SSL. | ||
| 8 | * | ||
| 9 | * This library is free for commercial and non-commercial use as long as | ||
| 10 | * the following conditions are aheared to. The following conditions | ||
| 11 | * apply to all code found in this distribution, be it the RC4, RSA, | ||
| 12 | * lhash, DES, etc., code; not just the SSL code. The SSL documentation | ||
| 13 | * included with this distribution is covered by the same copyright terms | ||
| 14 | * except that the holder is Tim Hudson (tjh@cryptsoft.com). | ||
| 15 | * | ||
| 16 | * Copyright remains Eric Young's, and as such any Copyright notices in | ||
| 17 | * the code are not to be removed. | ||
| 18 | * If this package is used in a product, Eric Young should be given attribution | ||
| 19 | * as the author of the parts of the library used. | ||
| 20 | * This can be in the form of a textual message at program startup or | ||
| 21 | * in documentation (online or textual) provided with the package. | ||
| 22 | * | ||
| 23 | * Redistribution and use in source and binary forms, with or without | ||
| 24 | * modification, are permitted provided that the following conditions | ||
| 25 | * are met: | ||
| 26 | * 1. Redistributions of source code must retain the copyright | ||
| 27 | * notice, this list of conditions and the following disclaimer. | ||
| 28 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 29 | * notice, this list of conditions and the following disclaimer in the | ||
| 30 | * documentation and/or other materials provided with the distribution. | ||
| 31 | * 3. All advertising materials mentioning features or use of this software | ||
| 32 | * must display the following acknowledgement: | ||
| 33 | * "This product includes cryptographic software written by | ||
| 34 | * Eric Young (eay@cryptsoft.com)" | ||
| 35 | * The word 'cryptographic' can be left out if the rouines from the library | ||
| 36 | * being used are not cryptographic related :-). | ||
| 37 | * 4. If you include any Windows specific code (or a derivative thereof) from | ||
| 38 | * the apps directory (application code) you must include an acknowledgement: | ||
| 39 | * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" | ||
| 40 | * | ||
| 41 | * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND | ||
| 42 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 43 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | ||
| 44 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE | ||
| 45 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | ||
| 46 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | ||
| 47 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 48 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | ||
| 49 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | ||
| 50 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | ||
| 51 | * SUCH DAMAGE. | ||
| 52 | * | ||
| 53 | * The licence and distribution terms for any publically available version or | ||
| 54 | * derivative of this code cannot be changed. i.e. this code cannot simply be | ||
| 55 | * copied and put under another distribution licence | ||
| 56 | * [including the GNU Public Licence.] | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #undef SSLEAY_MACROS | ||
| 61 | #include <openssl/stack.h> | ||
| 62 | #include "cryptlib.h" | ||
| 63 | #include <openssl/buffer.h> | ||
| 64 | #include <openssl/asn1.h> | ||
| 65 | #include <openssl/evp.h> | ||
| 66 | #include <openssl/x509.h> | ||
| 67 | |||
| 68 | int X509_verify(X509 *a, EVP_PKEY *r) | ||
| 69 | { | ||
| 70 | return(ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg, | ||
| 71 | a->signature,(char *)a->cert_info,r)); | ||
| 72 | } | ||
| 73 | |||
| 74 | int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r) | ||
| 75 | { | ||
| 76 | return( ASN1_verify((int (*)())i2d_X509_REQ_INFO, | ||
| 77 | a->sig_alg,a->signature,(char *)a->req_info,r)); | ||
| 78 | } | ||
| 79 | |||
| 80 | int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r) | ||
| 81 | { | ||
| 82 | return(ASN1_verify((int (*)())i2d_X509_CRL_INFO, | ||
| 83 | a->sig_alg, a->signature,(char *)a->crl,r)); | ||
| 84 | } | ||
| 85 | |||
| 86 | int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r) | ||
| 87 | { | ||
| 88 | return(ASN1_verify((int (*)())i2d_NETSCAPE_SPKAC, | ||
| 89 | a->sig_algor,a->signature, (char *)a->spkac,r)); | ||
| 90 | } | ||
| 91 | |||
| 92 | int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md) | ||
| 93 | { | ||
| 94 | return(ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, | ||
| 95 | x->sig_alg, x->signature, (char *)x->cert_info,pkey,md)); | ||
| 96 | } | ||
| 97 | |||
| 98 | int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md) | ||
| 99 | { | ||
| 100 | return(ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, | ||
| 101 | x->signature, (char *)x->req_info,pkey,md)); | ||
| 102 | } | ||
| 103 | |||
| 104 | int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md) | ||
| 105 | { | ||
| 106 | return(ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg, | ||
| 107 | x->sig_alg, x->signature, (char *)x->crl,pkey,md)); | ||
| 108 | } | ||
| 109 | |||
| 110 | int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md) | ||
| 111 | { | ||
| 112 | return(ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, | ||
| 113 | x->signature, (char *)x->spkac,pkey,md)); | ||
| 114 | } | ||
| 115 | |||
| 116 | X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa) | ||
| 117 | { | ||
| 118 | return((X509_ATTRIBUTE *)ASN1_dup((int (*)())i2d_X509_ATTRIBUTE, | ||
| 119 | (char *(*)())d2i_X509_ATTRIBUTE,(char *)xa)); | ||
| 120 | } | ||
| 121 | |||
| 122 | X509 *X509_dup(X509 *x509) | ||
| 123 | { | ||
| 124 | return((X509 *)ASN1_dup((int (*)())i2d_X509, | ||
| 125 | (char *(*)())d2i_X509,(char *)x509)); | ||
| 126 | } | ||
| 127 | |||
| 128 | X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex) | ||
| 129 | { | ||
| 130 | return((X509_EXTENSION *)ASN1_dup( | ||
| 131 | (int (*)())i2d_X509_EXTENSION, | ||
| 132 | (char *(*)())d2i_X509_EXTENSION,(char *)ex)); | ||
| 133 | } | ||
| 134 | |||
| 135 | #ifndef NO_FP_API | ||
| 136 | X509 *d2i_X509_fp(FILE *fp, X509 **x509) | ||
| 137 | { | ||
| 138 | return((X509 *)ASN1_d2i_fp((char *(*)())X509_new, | ||
| 139 | (char *(*)())d2i_X509, (fp),(unsigned char **)(x509))); | ||
| 140 | } | ||
| 141 | |||
| 142 | int i2d_X509_fp(FILE *fp, X509 *x509) | ||
| 143 | { | ||
| 144 | return(ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509)); | ||
| 145 | } | ||
| 146 | #endif | ||
| 147 | |||
| 148 | X509 *d2i_X509_bio(BIO *bp, X509 **x509) | ||
| 149 | { | ||
| 150 | return((X509 *)ASN1_d2i_bio((char *(*)())X509_new, | ||
| 151 | (char *(*)())d2i_X509, (bp),(unsigned char **)(x509))); | ||
| 152 | } | ||
| 153 | |||
| 154 | int i2d_X509_bio(BIO *bp, X509 *x509) | ||
| 155 | { | ||
| 156 | return(ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509)); | ||
| 157 | } | ||
| 158 | |||
| 159 | X509_CRL *X509_CRL_dup(X509_CRL *crl) | ||
| 160 | { | ||
| 161 | return((X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL, | ||
| 162 | (char *(*)())d2i_X509_CRL,(char *)crl)); | ||
| 163 | } | ||
| 164 | |||
| 165 | #ifndef NO_FP_API | ||
| 166 | X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl) | ||
| 167 | { | ||
| 168 | return((X509_CRL *)ASN1_d2i_fp((char *(*)()) | ||
| 169 | X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp), | ||
| 170 | (unsigned char **)(crl))); | ||
| 171 | } | ||
| 172 | |||
| 173 | int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl) | ||
| 174 | { | ||
| 175 | return(ASN1_i2d_fp(i2d_X509_CRL,fp,(unsigned char *)crl)); | ||
| 176 | } | ||
| 177 | #endif | ||
| 178 | |||
| 179 | X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl) | ||
| 180 | { | ||
| 181 | return((X509_CRL *)ASN1_d2i_bio((char *(*)()) | ||
| 182 | X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp), | ||
| 183 | (unsigned char **)(crl))); | ||
| 184 | } | ||
| 185 | |||
| 186 | int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl) | ||
| 187 | { | ||
| 188 | return(ASN1_i2d_bio(i2d_X509_CRL,bp,(unsigned char *)crl)); | ||
| 189 | } | ||
| 190 | |||
| 191 | PKCS7 *PKCS7_dup(PKCS7 *p7) | ||
| 192 | { | ||
| 193 | return((PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7, | ||
| 194 | (char *(*)())d2i_PKCS7,(char *)p7)); | ||
| 195 | } | ||
| 196 | |||
| 197 | #ifndef NO_FP_API | ||
| 198 | PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7) | ||
| 199 | { | ||
| 200 | return((PKCS7 *)ASN1_d2i_fp((char *(*)()) | ||
| 201 | PKCS7_new,(char *(*)())d2i_PKCS7, (fp), | ||
| 202 | (unsigned char **)(p7))); | ||
| 203 | } | ||
| 204 | |||
| 205 | int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7) | ||
| 206 | { | ||
| 207 | return(ASN1_i2d_fp(i2d_PKCS7,fp,(unsigned char *)p7)); | ||
| 208 | } | ||
| 209 | #endif | ||
| 210 | |||
| 211 | PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7) | ||
| 212 | { | ||
| 213 | return((PKCS7 *)ASN1_d2i_bio((char *(*)()) | ||
| 214 | PKCS7_new,(char *(*)())d2i_PKCS7, (bp), | ||
| 215 | (unsigned char **)(p7))); | ||
| 216 | } | ||
| 217 | |||
| 218 | int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7) | ||
| 219 | { | ||
| 220 | return(ASN1_i2d_bio(i2d_PKCS7,bp,(unsigned char *)p7)); | ||
| 221 | } | ||
| 222 | |||
| 223 | X509_REQ *X509_REQ_dup(X509_REQ *req) | ||
| 224 | { | ||
| 225 | return((X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ, | ||
| 226 | (char *(*)())d2i_X509_REQ,(char *)req)); | ||
| 227 | } | ||
| 228 | |||
| 229 | #ifndef NO_FP_API | ||
| 230 | X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req) | ||
| 231 | { | ||
| 232 | return((X509_REQ *)ASN1_d2i_fp((char *(*)()) | ||
| 233 | X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp), | ||
| 234 | (unsigned char **)(req))); | ||
| 235 | } | ||
| 236 | |||
| 237 | int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req) | ||
| 238 | { | ||
| 239 | return(ASN1_i2d_fp(i2d_X509_REQ,fp,(unsigned char *)req)); | ||
| 240 | } | ||
| 241 | #endif | ||
| 242 | |||
| 243 | X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req) | ||
| 244 | { | ||
| 245 | return((X509_REQ *)ASN1_d2i_bio((char *(*)()) | ||
| 246 | X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp), | ||
| 247 | (unsigned char **)(req))); | ||
| 248 | } | ||
| 249 | |||
| 250 | int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req) | ||
| 251 | { | ||
| 252 | return(ASN1_i2d_bio(i2d_X509_REQ,bp,(unsigned char *)req)); | ||
| 253 | } | ||
| 254 | |||
| 255 | #ifndef NO_RSA | ||
| 256 | RSA *RSAPublicKey_dup(RSA *rsa) | ||
| 257 | { | ||
| 258 | return((RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey, | ||
| 259 | (char *(*)())d2i_RSAPublicKey,(char *)rsa)); | ||
| 260 | } | ||
| 261 | |||
| 262 | RSA *RSAPrivateKey_dup(RSA *rsa) | ||
| 263 | { | ||
| 264 | return((RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey, | ||
| 265 | (char *(*)())d2i_RSAPrivateKey,(char *)rsa)); | ||
| 266 | } | ||
| 267 | |||
| 268 | #ifndef NO_FP_API | ||
| 269 | RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa) | ||
| 270 | { | ||
| 271 | return((RSA *)ASN1_d2i_fp((char *(*)()) | ||
| 272 | RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp), | ||
| 273 | (unsigned char **)(rsa))); | ||
| 274 | } | ||
| 275 | |||
| 276 | int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa) | ||
| 277 | { | ||
| 278 | return(ASN1_i2d_fp(i2d_RSAPrivateKey,fp,(unsigned char *)rsa)); | ||
| 279 | } | ||
| 280 | |||
| 281 | RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa) | ||
| 282 | { | ||
| 283 | return((RSA *)ASN1_d2i_fp((char *(*)()) | ||
| 284 | RSA_new,(char *(*)())d2i_RSAPublicKey, (fp), | ||
| 285 | (unsigned char **)(rsa))); | ||
| 286 | } | ||
| 287 | |||
| 288 | int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa) | ||
| 289 | { | ||
| 290 | return(ASN1_i2d_fp(i2d_RSAPublicKey,fp,(unsigned char *)rsa)); | ||
| 291 | } | ||
| 292 | #endif | ||
| 293 | |||
| 294 | RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa) | ||
| 295 | { | ||
| 296 | return((RSA *)ASN1_d2i_bio((char *(*)()) | ||
| 297 | RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp), | ||
| 298 | (unsigned char **)(rsa))); | ||
| 299 | } | ||
| 300 | |||
| 301 | int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa) | ||
| 302 | { | ||
| 303 | return(ASN1_i2d_bio(i2d_RSAPrivateKey,bp,(unsigned char *)rsa)); | ||
| 304 | } | ||
| 305 | |||
| 306 | RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa) | ||
| 307 | { | ||
| 308 | return((RSA *)ASN1_d2i_bio((char *(*)()) | ||
| 309 | RSA_new,(char *(*)())d2i_RSAPublicKey, (bp), | ||
| 310 | (unsigned char **)(rsa))); | ||
| 311 | } | ||
| 312 | |||
| 313 | int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa) | ||
| 314 | { | ||
| 315 | return(ASN1_i2d_bio(i2d_RSAPublicKey,bp,(unsigned char *)rsa)); | ||
| 316 | } | ||
| 317 | #endif | ||
| 318 | |||
| 319 | #ifndef NO_DSA | ||
| 320 | #ifndef NO_FP_API | ||
| 321 | DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa) | ||
| 322 | { | ||
| 323 | return((DSA *)ASN1_d2i_fp((char *(*)()) | ||
| 324 | DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), | ||
| 325 | (unsigned char **)(dsa))); | ||
| 326 | } | ||
| 327 | |||
| 328 | int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa) | ||
| 329 | { | ||
| 330 | return(ASN1_i2d_fp(i2d_DSAPrivateKey,fp,(unsigned char *)dsa)); | ||
| 331 | } | ||
| 332 | #endif | ||
| 333 | |||
| 334 | DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa) | ||
| 335 | { | ||
| 336 | return((DSA *)ASN1_d2i_bio((char *(*)()) | ||
| 337 | DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), | ||
| 338 | (unsigned char **)(dsa))); | ||
| 339 | } | ||
| 340 | |||
| 341 | int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa) | ||
| 342 | { | ||
| 343 | return(ASN1_i2d_bio(i2d_DSAPrivateKey,bp,(unsigned char *)dsa)); | ||
| 344 | } | ||
| 345 | #endif | ||
| 346 | |||
| 347 | X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn) | ||
| 348 | { | ||
| 349 | return((X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR, | ||
| 350 | (char *(*)())d2i_X509_ALGOR,(char *)xn)); | ||
| 351 | } | ||
| 352 | |||
| 353 | X509_NAME *X509_NAME_dup(X509_NAME *xn) | ||
| 354 | { | ||
| 355 | return((X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, | ||
| 356 | (char *(*)())d2i_X509_NAME,(char *)xn)); | ||
| 357 | } | ||
| 358 | |||
| 359 | X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne) | ||
| 360 | { | ||
| 361 | return((X509_NAME_ENTRY *)ASN1_dup((int (*)())i2d_X509_NAME_ENTRY, | ||
| 362 | (char *(*)())d2i_X509_NAME_ENTRY,(char *)ne)); | ||
| 363 | } | ||
| 364 | |||
| 365 | int X509_digest(X509 *data, EVP_MD *type, unsigned char *md, | ||
| 366 | unsigned int *len) | ||
| 367 | { | ||
| 368 | return(ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len)); | ||
| 369 | } | ||
| 370 | |||
| 371 | int X509_NAME_digest(X509_NAME *data, EVP_MD *type, unsigned char *md, | ||
| 372 | unsigned int *len) | ||
| 373 | { | ||
| 374 | return(ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len)); | ||
| 375 | } | ||
| 376 | |||
| 377 | int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, EVP_MD *type, | ||
| 378 | unsigned char *md, unsigned int *len) | ||
| 379 | { | ||
| 380 | return(ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type, | ||
| 381 | (char *)data,md,len)); | ||
| 382 | } | ||
| 383 | |||
| 384 | |||
| 385 | #ifndef NO_FP_API | ||
| 386 | X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8) | ||
| 387 | { | ||
| 388 | return((X509_SIG *)ASN1_d2i_fp((char *(*)())X509_SIG_new, | ||
| 389 | (char *(*)())d2i_X509_SIG, (fp),(unsigned char **)(p8))); | ||
| 390 | } | ||
| 391 | |||
| 392 | int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8) | ||
| 393 | { | ||
| 394 | return(ASN1_i2d_fp(i2d_X509_SIG,fp,(unsigned char *)p8)); | ||
| 395 | } | ||
| 396 | #endif | ||
| 397 | |||
| 398 | X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8) | ||
| 399 | { | ||
| 400 | return((X509_SIG *)ASN1_d2i_bio((char *(*)())X509_SIG_new, | ||
| 401 | (char *(*)())d2i_X509_SIG, (bp),(unsigned char **)(p8))); | ||
| 402 | } | ||
| 403 | |||
| 404 | int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8) | ||
| 405 | { | ||
| 406 | return(ASN1_i2d_bio(i2d_X509_SIG,bp,(unsigned char *)p8)); | ||
| 407 | } | ||
| 408 | |||
| 409 | #ifndef NO_FP_API | ||
| 410 | PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, | ||
| 411 | PKCS8_PRIV_KEY_INFO **p8inf) | ||
| 412 | { | ||
| 413 | return((PKCS8_PRIV_KEY_INFO *)ASN1_d2i_fp( | ||
| 414 | (char *(*)())PKCS8_PRIV_KEY_INFO_new, | ||
| 415 | (char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (fp), | ||
| 416 | (unsigned char **)(p8inf))); | ||
| 417 | } | ||
| 418 | |||
| 419 | int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf) | ||
| 420 | { | ||
| 421 | return(ASN1_i2d_fp(i2d_PKCS8_PRIV_KEY_INFO,fp,(unsigned char *)p8inf)); | ||
| 422 | } | ||
| 423 | #endif | ||
| 424 | |||
| 425 | PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, | ||
| 426 | PKCS8_PRIV_KEY_INFO **p8inf) | ||
| 427 | { | ||
| 428 | return((PKCS8_PRIV_KEY_INFO *)ASN1_d2i_bio( | ||
| 429 | (char *(*)())PKCS8_PRIV_KEY_INFO_new, | ||
| 430 | (char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (bp), | ||
| 431 | (unsigned char **)(p8inf))); | ||
| 432 | } | ||
| 433 | |||
| 434 | int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf) | ||
| 435 | { | ||
| 436 | return(ASN1_i2d_bio(i2d_PKCS8_PRIV_KEY_INFO,bp,(unsigned char *)p8inf)); | ||
| 437 | } | ||
diff --git a/src/lib/libcrypto/x509v3/v3_akey.c b/src/lib/libcrypto/x509v3/v3_akey.c deleted file mode 100644 index 4099e6019e..0000000000 --- a/src/lib/libcrypto/x509v3/v3_akey.c +++ /dev/null | |||
| @@ -1,249 +0,0 @@ | |||
| 1 | /* v3_akey.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | ||
| 3 | * project 1999. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include "cryptlib.h" | ||
| 61 | #include <openssl/conf.h> | ||
| 62 | #include <openssl/asn1.h> | ||
| 63 | #include <openssl/asn1_mac.h> | ||
| 64 | #include <openssl/x509v3.h> | ||
| 65 | |||
| 66 | static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, | ||
| 67 | AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist); | ||
| 68 | static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, | ||
| 69 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); | ||
| 70 | |||
| 71 | X509V3_EXT_METHOD v3_akey_id = { | ||
| 72 | NID_authority_key_identifier, X509V3_EXT_MULTILINE, | ||
| 73 | (X509V3_EXT_NEW)AUTHORITY_KEYID_new, | ||
| 74 | (X509V3_EXT_FREE)AUTHORITY_KEYID_free, | ||
| 75 | (X509V3_EXT_D2I)d2i_AUTHORITY_KEYID, | ||
| 76 | (X509V3_EXT_I2D)i2d_AUTHORITY_KEYID, | ||
| 77 | NULL, NULL, | ||
| 78 | (X509V3_EXT_I2V)i2v_AUTHORITY_KEYID, | ||
| 79 | (X509V3_EXT_V2I)v2i_AUTHORITY_KEYID, | ||
| 80 | NULL,NULL, | ||
| 81 | NULL | ||
| 82 | }; | ||
| 83 | |||
| 84 | |||
| 85 | int i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **pp) | ||
| 86 | { | ||
| 87 | M_ASN1_I2D_vars(a); | ||
| 88 | |||
| 89 | M_ASN1_I2D_len_IMP_opt (a->keyid, i2d_ASN1_OCTET_STRING); | ||
| 90 | M_ASN1_I2D_len_IMP_opt (a->issuer, i2d_GENERAL_NAMES); | ||
| 91 | M_ASN1_I2D_len_IMP_opt (a->serial, i2d_ASN1_INTEGER); | ||
| 92 | |||
| 93 | M_ASN1_I2D_seq_total(); | ||
| 94 | |||
| 95 | M_ASN1_I2D_put_IMP_opt (a->keyid, i2d_ASN1_OCTET_STRING, 0); | ||
| 96 | M_ASN1_I2D_put_IMP_opt (a->issuer, i2d_GENERAL_NAMES, 1); | ||
| 97 | M_ASN1_I2D_put_IMP_opt (a->serial, i2d_ASN1_INTEGER, 2); | ||
| 98 | |||
| 99 | M_ASN1_I2D_finish(); | ||
| 100 | } | ||
| 101 | |||
| 102 | AUTHORITY_KEYID *AUTHORITY_KEYID_new(void) | ||
| 103 | { | ||
| 104 | AUTHORITY_KEYID *ret=NULL; | ||
| 105 | ASN1_CTX c; | ||
| 106 | M_ASN1_New_Malloc(ret, AUTHORITY_KEYID); | ||
| 107 | ret->keyid = NULL; | ||
| 108 | ret->issuer = NULL; | ||
| 109 | ret->serial = NULL; | ||
| 110 | return (ret); | ||
| 111 | M_ASN1_New_Error(ASN1_F_AUTHORITY_KEYID_NEW); | ||
| 112 | } | ||
| 113 | |||
| 114 | AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, unsigned char **pp, | ||
| 115 | long length) | ||
| 116 | { | ||
| 117 | M_ASN1_D2I_vars(a,AUTHORITY_KEYID *,AUTHORITY_KEYID_new); | ||
| 118 | M_ASN1_D2I_Init(); | ||
| 119 | M_ASN1_D2I_start_sequence(); | ||
| 120 | M_ASN1_D2I_get_IMP_opt (ret->keyid, d2i_ASN1_OCTET_STRING, 0, | ||
| 121 | V_ASN1_OCTET_STRING); | ||
| 122 | M_ASN1_D2I_get_IMP_opt (ret->issuer, d2i_GENERAL_NAMES, 1, | ||
| 123 | V_ASN1_SEQUENCE); | ||
| 124 | M_ASN1_D2I_get_IMP_opt (ret->serial, d2i_ASN1_INTEGER, 2, | ||
| 125 | V_ASN1_INTEGER); | ||
| 126 | M_ASN1_D2I_Finish(a, AUTHORITY_KEYID_free, ASN1_F_D2I_AUTHORITY_KEYID); | ||
| 127 | } | ||
| 128 | |||
| 129 | void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a) | ||
| 130 | { | ||
| 131 | if (a == NULL) return; | ||
| 132 | ASN1_OCTET_STRING_free(a->keyid); | ||
| 133 | sk_GENERAL_NAME_pop_free(a->issuer, GENERAL_NAME_free); | ||
| 134 | ASN1_INTEGER_free (a->serial); | ||
| 135 | Free ((char *)a); | ||
| 136 | } | ||
| 137 | |||
| 138 | static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, | ||
| 139 | AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist) | ||
| 140 | { | ||
| 141 | char *tmp; | ||
| 142 | if(akeyid->keyid) { | ||
| 143 | tmp = hex_to_string(akeyid->keyid->data, akeyid->keyid->length); | ||
| 144 | X509V3_add_value("keyid", tmp, &extlist); | ||
| 145 | Free(tmp); | ||
| 146 | } | ||
| 147 | if(akeyid->issuer) | ||
| 148 | extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist); | ||
| 149 | if(akeyid->serial) { | ||
| 150 | tmp = hex_to_string(akeyid->serial->data, | ||
| 151 | akeyid->serial->length); | ||
| 152 | X509V3_add_value("serial", tmp, &extlist); | ||
| 153 | Free(tmp); | ||
| 154 | } | ||
| 155 | return extlist; | ||
| 156 | } | ||
| 157 | |||
| 158 | /* Currently two options: | ||
| 159 | * keyid: use the issuers subject keyid, the value 'always' means its is | ||
| 160 | * an error if the issuer certificate doesn't have a key id. | ||
| 161 | * issuer: use the issuers cert issuer and serial number. The default is | ||
| 162 | * to only use this if keyid is not present. With the option 'always' | ||
| 163 | * this is always included. | ||
| 164 | */ | ||
| 165 | |||
| 166 | static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, | ||
| 167 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values) | ||
| 168 | { | ||
| 169 | char keyid=0, issuer=0; | ||
| 170 | int i; | ||
| 171 | CONF_VALUE *cnf; | ||
| 172 | ASN1_OCTET_STRING *ikeyid = NULL; | ||
| 173 | X509_NAME *isname = NULL; | ||
| 174 | STACK_OF(GENERAL_NAME) * gens = NULL; | ||
| 175 | GENERAL_NAME *gen = NULL; | ||
| 176 | ASN1_INTEGER *serial = NULL; | ||
| 177 | X509_EXTENSION *ext; | ||
| 178 | X509 *cert; | ||
| 179 | AUTHORITY_KEYID *akeyid; | ||
| 180 | for(i = 0; i < sk_CONF_VALUE_num(values); i++) { | ||
| 181 | cnf = sk_CONF_VALUE_value(values, i); | ||
| 182 | if(!strcmp(cnf->name, "keyid")) { | ||
| 183 | keyid = 1; | ||
| 184 | if(cnf->value && !strcmp(cnf->value, "always")) keyid = 2; | ||
| 185 | } else if(!strcmp(cnf->name, "issuer")) { | ||
| 186 | issuer = 1; | ||
| 187 | if(cnf->value && !strcmp(cnf->value, "always")) issuer = 2; | ||
| 188 | } else { | ||
| 189 | X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNKNOWN_OPTION); | ||
| 190 | ERR_add_error_data(2, "name=", cnf->name); | ||
| 191 | return NULL; | ||
| 192 | } | ||
| 193 | } | ||
| 194 | |||
| 195 | |||
| 196 | |||
| 197 | if(!ctx || !ctx->issuer_cert) { | ||
| 198 | if(ctx && (ctx->flags==CTX_TEST)) return AUTHORITY_KEYID_new(); | ||
| 199 | X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_NO_ISSUER_CERTIFICATE); | ||
| 200 | return NULL; | ||
| 201 | } | ||
| 202 | |||
| 203 | cert = ctx->issuer_cert; | ||
| 204 | |||
| 205 | if(keyid) { | ||
| 206 | i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1); | ||
| 207 | if((i >= 0) && (ext = X509_get_ext(cert, i))) | ||
| 208 | ikeyid = X509V3_EXT_d2i(ext); | ||
| 209 | if(keyid==2 && !ikeyid) { | ||
| 210 | X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_KEYID); | ||
| 211 | return NULL; | ||
| 212 | } | ||
| 213 | } | ||
| 214 | |||
| 215 | if((issuer && !ikeyid) || (issuer == 2)) { | ||
| 216 | isname = X509_NAME_dup(X509_get_issuer_name(cert)); | ||
| 217 | serial = ASN1_INTEGER_dup(X509_get_serialNumber(cert)); | ||
| 218 | if(!isname || !serial) { | ||
| 219 | X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS); | ||
| 220 | goto err; | ||
| 221 | } | ||
| 222 | } | ||
| 223 | |||
| 224 | if(!(akeyid = AUTHORITY_KEYID_new())) goto err; | ||
| 225 | |||
| 226 | if(isname) { | ||
| 227 | if(!(gens = sk_GENERAL_NAME_new(NULL)) || !(gen = GENERAL_NAME_new()) | ||
| 228 | || !sk_GENERAL_NAME_push(gens, gen)) { | ||
| 229 | X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,ERR_R_MALLOC_FAILURE); | ||
| 230 | goto err; | ||
| 231 | } | ||
| 232 | gen->type = GEN_DIRNAME; | ||
| 233 | gen->d.dirn = isname; | ||
| 234 | } | ||
| 235 | |||
| 236 | akeyid->issuer = gens; | ||
| 237 | akeyid->serial = serial; | ||
| 238 | akeyid->keyid = ikeyid; | ||
| 239 | |||
| 240 | return akeyid; | ||
| 241 | |||
| 242 | err: | ||
| 243 | X509_NAME_free(isname); | ||
| 244 | ASN1_INTEGER_free(serial); | ||
| 245 | ASN1_OCTET_STRING_free(ikeyid); | ||
| 246 | return NULL; | ||
| 247 | |||
| 248 | } | ||
| 249 | |||
diff --git a/src/lib/libcrypto/x509v3/v3_alt.c b/src/lib/libcrypto/x509v3/v3_alt.c deleted file mode 100644 index b5e1f8af96..0000000000 --- a/src/lib/libcrypto/x509v3/v3_alt.c +++ /dev/null | |||
| @@ -1,402 +0,0 @@ | |||
| 1 | /* v3_alt.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | ||
| 3 | * project 1999. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include "cryptlib.h" | ||
| 61 | #include <openssl/conf.h> | ||
| 62 | #include <openssl/x509v3.h> | ||
| 63 | |||
| 64 | static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); | ||
| 65 | static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); | ||
| 66 | static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens); | ||
| 67 | static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens); | ||
| 68 | X509V3_EXT_METHOD v3_alt[] = { | ||
| 69 | { NID_subject_alt_name, 0, | ||
| 70 | (X509V3_EXT_NEW)GENERAL_NAMES_new, | ||
| 71 | (X509V3_EXT_FREE)GENERAL_NAMES_free, | ||
| 72 | (X509V3_EXT_D2I)d2i_GENERAL_NAMES, | ||
| 73 | (X509V3_EXT_I2D)i2d_GENERAL_NAMES, | ||
| 74 | NULL, NULL, | ||
| 75 | (X509V3_EXT_I2V)i2v_GENERAL_NAMES, | ||
| 76 | (X509V3_EXT_V2I)v2i_subject_alt, | ||
| 77 | NULL, NULL, NULL}, | ||
| 78 | { NID_issuer_alt_name, 0, | ||
| 79 | (X509V3_EXT_NEW)GENERAL_NAMES_new, | ||
| 80 | (X509V3_EXT_FREE)GENERAL_NAMES_free, | ||
| 81 | (X509V3_EXT_D2I)d2i_GENERAL_NAMES, | ||
| 82 | (X509V3_EXT_I2D)i2d_GENERAL_NAMES, | ||
| 83 | NULL, NULL, | ||
| 84 | (X509V3_EXT_I2V)i2v_GENERAL_NAMES, | ||
| 85 | (X509V3_EXT_V2I)v2i_issuer_alt, | ||
| 86 | NULL, NULL, NULL}, | ||
| 87 | EXT_END | ||
| 88 | }; | ||
| 89 | |||
| 90 | STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, | ||
| 91 | STACK_OF(GENERAL_NAME) *gens, STACK_OF(CONF_VALUE) *ret) | ||
| 92 | { | ||
| 93 | int i; | ||
| 94 | GENERAL_NAME *gen; | ||
| 95 | for(i = 0; i < sk_GENERAL_NAME_num(gens); i++) { | ||
| 96 | gen = sk_GENERAL_NAME_value(gens, i); | ||
| 97 | ret = i2v_GENERAL_NAME(method, gen, ret); | ||
| 98 | } | ||
| 99 | if(!ret) return sk_CONF_VALUE_new_null(); | ||
| 100 | return ret; | ||
| 101 | } | ||
| 102 | |||
| 103 | STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, | ||
| 104 | GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret) | ||
| 105 | { | ||
| 106 | char oline[256]; | ||
| 107 | unsigned char *p; | ||
| 108 | switch (gen->type) | ||
| 109 | { | ||
| 110 | case GEN_OTHERNAME: | ||
| 111 | X509V3_add_value("othername","<unsupported>", &ret); | ||
| 112 | break; | ||
| 113 | |||
| 114 | case GEN_X400: | ||
| 115 | X509V3_add_value("X400Name","<unsupported>", &ret); | ||
| 116 | break; | ||
| 117 | |||
| 118 | case GEN_EDIPARTY: | ||
| 119 | X509V3_add_value("EdiPartyName","<unsupported>", &ret); | ||
| 120 | break; | ||
| 121 | |||
| 122 | case GEN_EMAIL: | ||
| 123 | X509V3_add_value_uchar("email",gen->d.ia5->data, &ret); | ||
| 124 | break; | ||
| 125 | |||
| 126 | case GEN_DNS: | ||
| 127 | X509V3_add_value_uchar("DNS",gen->d.ia5->data, &ret); | ||
| 128 | break; | ||
| 129 | |||
| 130 | case GEN_URI: | ||
| 131 | X509V3_add_value_uchar("URI",gen->d.ia5->data, &ret); | ||
| 132 | break; | ||
| 133 | |||
| 134 | case GEN_DIRNAME: | ||
| 135 | X509_NAME_oneline(gen->d.dirn, oline, 256); | ||
| 136 | X509V3_add_value("DirName",oline, &ret); | ||
| 137 | break; | ||
| 138 | |||
| 139 | case GEN_IPADD: | ||
| 140 | p = gen->d.ip->data; | ||
| 141 | /* BUG: doesn't support IPV6 */ | ||
| 142 | if(gen->d.ip->length != 4) { | ||
| 143 | X509V3_add_value("IP Address","<invalid>", &ret); | ||
| 144 | break; | ||
| 145 | } | ||
| 146 | sprintf(oline, "%d.%d.%d.%d", p[0], p[1], p[2], p[3]); | ||
| 147 | X509V3_add_value("IP Address",oline, &ret); | ||
| 148 | break; | ||
| 149 | |||
| 150 | case GEN_RID: | ||
| 151 | i2t_ASN1_OBJECT(oline, 256, gen->d.rid); | ||
| 152 | X509V3_add_value("Registered ID",oline, &ret); | ||
| 153 | break; | ||
| 154 | } | ||
| 155 | return ret; | ||
| 156 | } | ||
| 157 | |||
| 158 | static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method, | ||
| 159 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) | ||
| 160 | { | ||
| 161 | STACK_OF(GENERAL_NAME) *gens = NULL; | ||
| 162 | CONF_VALUE *cnf; | ||
| 163 | int i; | ||
| 164 | if(!(gens = sk_GENERAL_NAME_new(NULL))) { | ||
| 165 | X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE); | ||
| 166 | return NULL; | ||
| 167 | } | ||
| 168 | for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { | ||
| 169 | cnf = sk_CONF_VALUE_value(nval, i); | ||
| 170 | if(!name_cmp(cnf->name, "issuer") && cnf->value && | ||
| 171 | !strcmp(cnf->value, "copy")) { | ||
| 172 | if(!copy_issuer(ctx, gens)) goto err; | ||
| 173 | } else { | ||
| 174 | GENERAL_NAME *gen; | ||
| 175 | if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) | ||
| 176 | goto err; | ||
| 177 | sk_GENERAL_NAME_push(gens, gen); | ||
| 178 | } | ||
| 179 | } | ||
| 180 | return gens; | ||
| 181 | err: | ||
| 182 | sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); | ||
| 183 | return NULL; | ||
| 184 | } | ||
| 185 | |||
| 186 | /* Append subject altname of issuer to issuer alt name of subject */ | ||
| 187 | |||
| 188 | static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens) | ||
| 189 | { | ||
| 190 | STACK_OF(GENERAL_NAME) *ialt; | ||
| 191 | GENERAL_NAME *gen; | ||
| 192 | X509_EXTENSION *ext; | ||
| 193 | int i; | ||
| 194 | if(ctx && (ctx->flags == CTX_TEST)) return 1; | ||
| 195 | if(!ctx || !ctx->issuer_cert) { | ||
| 196 | X509V3err(X509V3_F_COPY_ISSUER,X509V3_R_NO_ISSUER_DETAILS); | ||
| 197 | goto err; | ||
| 198 | } | ||
| 199 | i = X509_get_ext_by_NID(ctx->issuer_cert, NID_subject_alt_name, -1); | ||
| 200 | if(i < 0) return 1; | ||
| 201 | if(!(ext = X509_get_ext(ctx->issuer_cert, i)) || | ||
| 202 | !(ialt = X509V3_EXT_d2i(ext)) ) { | ||
| 203 | X509V3err(X509V3_F_COPY_ISSUER,X509V3_R_ISSUER_DECODE_ERROR); | ||
| 204 | goto err; | ||
| 205 | } | ||
| 206 | |||
| 207 | for(i = 0; i < sk_GENERAL_NAME_num(ialt); i++) { | ||
| 208 | gen = sk_GENERAL_NAME_value(ialt, i); | ||
| 209 | if(!sk_GENERAL_NAME_push(gens, gen)) { | ||
| 210 | X509V3err(X509V3_F_COPY_ISSUER,ERR_R_MALLOC_FAILURE); | ||
| 211 | goto err; | ||
| 212 | } | ||
| 213 | } | ||
| 214 | sk_GENERAL_NAME_free(ialt); | ||
| 215 | |||
| 216 | return 1; | ||
| 217 | |||
| 218 | err: | ||
| 219 | return 0; | ||
| 220 | |||
| 221 | } | ||
| 222 | |||
| 223 | static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method, | ||
| 224 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) | ||
| 225 | { | ||
| 226 | STACK_OF(GENERAL_NAME) *gens = NULL; | ||
| 227 | CONF_VALUE *cnf; | ||
| 228 | int i; | ||
| 229 | if(!(gens = sk_GENERAL_NAME_new(NULL))) { | ||
| 230 | X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE); | ||
| 231 | return NULL; | ||
| 232 | } | ||
| 233 | for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { | ||
| 234 | cnf = sk_CONF_VALUE_value(nval, i); | ||
| 235 | if(!name_cmp(cnf->name, "email") && cnf->value && | ||
| 236 | !strcmp(cnf->value, "copy")) { | ||
| 237 | if(!copy_email(ctx, gens)) goto err; | ||
| 238 | } else { | ||
| 239 | GENERAL_NAME *gen; | ||
| 240 | if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) | ||
| 241 | goto err; | ||
| 242 | sk_GENERAL_NAME_push(gens, gen); | ||
| 243 | } | ||
| 244 | } | ||
| 245 | return gens; | ||
| 246 | err: | ||
| 247 | sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); | ||
| 248 | return NULL; | ||
| 249 | } | ||
| 250 | |||
| 251 | /* Copy any email addresses in a certificate or request to | ||
| 252 | * GENERAL_NAMES | ||
| 253 | */ | ||
| 254 | |||
| 255 | static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens) | ||
| 256 | { | ||
| 257 | X509_NAME *nm; | ||
| 258 | ASN1_IA5STRING *email = NULL; | ||
| 259 | X509_NAME_ENTRY *ne; | ||
| 260 | GENERAL_NAME *gen = NULL; | ||
| 261 | int i; | ||
| 262 | if(ctx->flags == CTX_TEST) return 1; | ||
| 263 | if(!ctx || (!ctx->subject_cert && !ctx->subject_req)) { | ||
| 264 | X509V3err(X509V3_F_COPY_EMAIL,X509V3_R_NO_SUBJECT_DETAILS); | ||
| 265 | goto err; | ||
| 266 | } | ||
| 267 | /* Find the subject name */ | ||
| 268 | if(ctx->subject_cert) nm = X509_get_subject_name(ctx->subject_cert); | ||
| 269 | else nm = X509_REQ_get_subject_name(ctx->subject_req); | ||
| 270 | |||
| 271 | /* Now add any email address(es) to STACK */ | ||
| 272 | i = -1; | ||
| 273 | while((i = X509_NAME_get_index_by_NID(nm, | ||
| 274 | NID_pkcs9_emailAddress, i)) > 0) { | ||
| 275 | ne = X509_NAME_get_entry(nm, i); | ||
| 276 | email = ASN1_IA5STRING_dup(X509_NAME_ENTRY_get_data(ne)); | ||
| 277 | if(!email || !(gen = GENERAL_NAME_new())) { | ||
| 278 | X509V3err(X509V3_F_COPY_EMAIL,ERR_R_MALLOC_FAILURE); | ||
| 279 | goto err; | ||
| 280 | } | ||
| 281 | gen->d.ia5 = email; | ||
| 282 | email = NULL; | ||
| 283 | gen->type = GEN_EMAIL; | ||
| 284 | if(!sk_GENERAL_NAME_push(gens, gen)) { | ||
| 285 | X509V3err(X509V3_F_COPY_EMAIL,ERR_R_MALLOC_FAILURE); | ||
| 286 | goto err; | ||
| 287 | } | ||
| 288 | gen = NULL; | ||
| 289 | } | ||
| 290 | |||
| 291 | |||
| 292 | return 1; | ||
| 293 | |||
| 294 | err: | ||
| 295 | GENERAL_NAME_free(gen); | ||
| 296 | ASN1_IA5STRING_free(email); | ||
| 297 | return 0; | ||
| 298 | |||
| 299 | } | ||
| 300 | |||
| 301 | STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method, | ||
| 302 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) | ||
| 303 | { | ||
| 304 | GENERAL_NAME *gen; | ||
| 305 | STACK_OF(GENERAL_NAME) *gens = NULL; | ||
| 306 | CONF_VALUE *cnf; | ||
| 307 | int i; | ||
| 308 | if(!(gens = sk_GENERAL_NAME_new(NULL))) { | ||
| 309 | X509V3err(X509V3_F_V2I_GENERAL_NAMES,ERR_R_MALLOC_FAILURE); | ||
| 310 | return NULL; | ||
| 311 | } | ||
| 312 | for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { | ||
| 313 | cnf = sk_CONF_VALUE_value(nval, i); | ||
| 314 | if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) goto err; | ||
| 315 | sk_GENERAL_NAME_push(gens, gen); | ||
| 316 | } | ||
| 317 | return gens; | ||
| 318 | err: | ||
| 319 | sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free); | ||
| 320 | return NULL; | ||
| 321 | } | ||
| 322 | |||
| 323 | GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, | ||
| 324 | CONF_VALUE *cnf) | ||
| 325 | { | ||
| 326 | char is_string = 0; | ||
| 327 | int type; | ||
| 328 | GENERAL_NAME *gen = NULL; | ||
| 329 | |||
| 330 | char *name, *value; | ||
| 331 | |||
| 332 | name = cnf->name; | ||
| 333 | value = cnf->value; | ||
| 334 | |||
| 335 | if(!value) { | ||
| 336 | X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_MISSING_VALUE); | ||
| 337 | return NULL; | ||
| 338 | } | ||
| 339 | |||
| 340 | if(!(gen = GENERAL_NAME_new())) { | ||
| 341 | X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE); | ||
| 342 | return NULL; | ||
| 343 | } | ||
| 344 | |||
| 345 | if(!name_cmp(name, "email")) { | ||
| 346 | is_string = 1; | ||
| 347 | type = GEN_EMAIL; | ||
| 348 | } else if(!name_cmp(name, "URI")) { | ||
| 349 | is_string = 1; | ||
| 350 | type = GEN_URI; | ||
| 351 | } else if(!name_cmp(name, "DNS")) { | ||
| 352 | is_string = 1; | ||
| 353 | type = GEN_DNS; | ||
| 354 | } else if(!name_cmp(name, "RID")) { | ||
| 355 | ASN1_OBJECT *obj; | ||
| 356 | if(!(obj = OBJ_txt2obj(value,0))) { | ||
| 357 | X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_BAD_OBJECT); | ||
| 358 | ERR_add_error_data(2, "value=", value); | ||
| 359 | goto err; | ||
| 360 | } | ||
| 361 | gen->d.rid = obj; | ||
| 362 | type = GEN_RID; | ||
| 363 | } else if(!name_cmp(name, "IP")) { | ||
| 364 | int i1,i2,i3,i4; | ||
| 365 | unsigned char ip[4]; | ||
| 366 | if((sscanf(value, "%d.%d.%d.%d",&i1,&i2,&i3,&i4) != 4) || | ||
| 367 | (i1 < 0) || (i1 > 255) || (i2 < 0) || (i2 > 255) || | ||
| 368 | (i3 < 0) || (i3 > 255) || (i4 < 0) || (i4 > 255) ) { | ||
| 369 | X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_BAD_IP_ADDRESS); | ||
| 370 | ERR_add_error_data(2, "value=", value); | ||
| 371 | goto err; | ||
| 372 | } | ||
| 373 | ip[0] = i1; ip[1] = i2 ; ip[2] = i3 ; ip[3] = i4; | ||
| 374 | if(!(gen->d.ip = ASN1_OCTET_STRING_new()) || | ||
| 375 | !ASN1_STRING_set(gen->d.ip, ip, 4)) { | ||
| 376 | X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE); | ||
| 377 | goto err; | ||
| 378 | } | ||
| 379 | type = GEN_IPADD; | ||
| 380 | } else { | ||
| 381 | X509V3err(X509V3_F_V2I_GENERAL_NAME,X509V3_R_UNSUPPORTED_OPTION); | ||
| 382 | ERR_add_error_data(2, "name=", name); | ||
| 383 | goto err; | ||
| 384 | } | ||
| 385 | |||
| 386 | if(is_string) { | ||
| 387 | if(!(gen->d.ia5 = ASN1_IA5STRING_new()) || | ||
| 388 | !ASN1_STRING_set(gen->d.ia5, (unsigned char*)value, | ||
| 389 | strlen(value))) { | ||
| 390 | X509V3err(X509V3_F_V2I_GENERAL_NAME,ERR_R_MALLOC_FAILURE); | ||
| 391 | goto err; | ||
| 392 | } | ||
| 393 | } | ||
| 394 | |||
| 395 | gen->type = type; | ||
| 396 | |||
| 397 | return gen; | ||
| 398 | |||
| 399 | err: | ||
| 400 | GENERAL_NAME_free(gen); | ||
| 401 | return NULL; | ||
| 402 | } | ||
diff --git a/src/lib/libcrypto/x509v3/v3_bcons.c b/src/lib/libcrypto/x509v3/v3_bcons.c deleted file mode 100644 index de2f855c35..0000000000 --- a/src/lib/libcrypto/x509v3/v3_bcons.c +++ /dev/null | |||
| @@ -1,164 +0,0 @@ | |||
| 1 | /* v3_bcons.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | ||
| 3 | * project 1999. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | |||
| 60 | #include <stdio.h> | ||
| 61 | #include "cryptlib.h" | ||
| 62 | #include <openssl/asn1.h> | ||
| 63 | #include <openssl/asn1_mac.h> | ||
| 64 | #include <openssl/conf.h> | ||
| 65 | #include <openssl/x509v3.h> | ||
| 66 | |||
| 67 | static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, BASIC_CONSTRAINTS *bcons, STACK_OF(CONF_VALUE) *extlist); | ||
| 68 | static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); | ||
| 69 | |||
| 70 | X509V3_EXT_METHOD v3_bcons = { | ||
| 71 | NID_basic_constraints, 0, | ||
| 72 | (X509V3_EXT_NEW)BASIC_CONSTRAINTS_new, | ||
| 73 | (X509V3_EXT_FREE)BASIC_CONSTRAINTS_free, | ||
| 74 | (X509V3_EXT_D2I)d2i_BASIC_CONSTRAINTS, | ||
| 75 | (X509V3_EXT_I2D)i2d_BASIC_CONSTRAINTS, | ||
| 76 | NULL, NULL, | ||
| 77 | (X509V3_EXT_I2V)i2v_BASIC_CONSTRAINTS, | ||
| 78 | (X509V3_EXT_V2I)v2i_BASIC_CONSTRAINTS, | ||
| 79 | NULL,NULL, | ||
| 80 | NULL | ||
| 81 | }; | ||
| 82 | |||
| 83 | |||
| 84 | int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **pp) | ||
| 85 | { | ||
| 86 | M_ASN1_I2D_vars(a); | ||
| 87 | if(a->ca) M_ASN1_I2D_len (a->ca, i2d_ASN1_BOOLEAN); | ||
| 88 | M_ASN1_I2D_len (a->pathlen, i2d_ASN1_INTEGER); | ||
| 89 | |||
| 90 | M_ASN1_I2D_seq_total(); | ||
| 91 | |||
| 92 | if (a->ca) M_ASN1_I2D_put (a->ca, i2d_ASN1_BOOLEAN); | ||
| 93 | M_ASN1_I2D_put (a->pathlen, i2d_ASN1_INTEGER); | ||
| 94 | M_ASN1_I2D_finish(); | ||
| 95 | } | ||
| 96 | |||
| 97 | BASIC_CONSTRAINTS *BASIC_CONSTRAINTS_new(void) | ||
| 98 | { | ||
| 99 | BASIC_CONSTRAINTS *ret=NULL; | ||
| 100 | ASN1_CTX c; | ||
| 101 | M_ASN1_New_Malloc(ret, BASIC_CONSTRAINTS); | ||
| 102 | ret->ca = 0; | ||
| 103 | ret->pathlen = NULL; | ||
| 104 | return (ret); | ||
| 105 | M_ASN1_New_Error(ASN1_F_BASIC_CONSTRAINTS_NEW); | ||
| 106 | } | ||
| 107 | |||
| 108 | BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a, | ||
| 109 | unsigned char **pp, long length) | ||
| 110 | { | ||
| 111 | M_ASN1_D2I_vars(a,BASIC_CONSTRAINTS *,BASIC_CONSTRAINTS_new); | ||
| 112 | M_ASN1_D2I_Init(); | ||
| 113 | M_ASN1_D2I_start_sequence(); | ||
| 114 | if((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == | ||
| 115 | (V_ASN1_UNIVERSAL|V_ASN1_BOOLEAN) ) { | ||
| 116 | M_ASN1_D2I_get_int (ret->ca, d2i_ASN1_BOOLEAN); | ||
| 117 | } | ||
| 118 | M_ASN1_D2I_get_opt (ret->pathlen, d2i_ASN1_INTEGER, V_ASN1_INTEGER); | ||
| 119 | M_ASN1_D2I_Finish(a, BASIC_CONSTRAINTS_free, ASN1_F_D2I_BASIC_CONSTRAINTS); | ||
| 120 | } | ||
| 121 | |||
| 122 | void BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a) | ||
| 123 | { | ||
| 124 | if (a == NULL) return; | ||
| 125 | ASN1_INTEGER_free (a->pathlen); | ||
| 126 | Free ((char *)a); | ||
| 127 | } | ||
| 128 | |||
| 129 | static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, | ||
| 130 | BASIC_CONSTRAINTS *bcons, STACK_OF(CONF_VALUE) *extlist) | ||
| 131 | { | ||
| 132 | X509V3_add_value_bool("CA", bcons->ca, &extlist); | ||
| 133 | X509V3_add_value_int("pathlen", bcons->pathlen, &extlist); | ||
| 134 | return extlist; | ||
| 135 | } | ||
| 136 | |||
| 137 | static BASIC_CONSTRAINTS *v2i_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, | ||
| 138 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values) | ||
| 139 | { | ||
| 140 | BASIC_CONSTRAINTS *bcons=NULL; | ||
| 141 | CONF_VALUE *val; | ||
| 142 | int i; | ||
| 143 | if(!(bcons = BASIC_CONSTRAINTS_new())) { | ||
| 144 | X509V3err(X509V3_F_V2I_BASIC_CONSTRAINTS, ERR_R_MALLOC_FAILURE); | ||
| 145 | return NULL; | ||
| 146 | } | ||
| 147 | for(i = 0; i < sk_CONF_VALUE_num(values); i++) { | ||
| 148 | val = sk_CONF_VALUE_value(values, i); | ||
| 149 | if(!strcmp(val->name, "CA")) { | ||
| 150 | if(!X509V3_get_value_bool(val, &bcons->ca)) goto err; | ||
| 151 | } else if(!strcmp(val->name, "pathlen")) { | ||
| 152 | if(!X509V3_get_value_int(val, &bcons->pathlen)) goto err; | ||
| 153 | } else { | ||
| 154 | X509V3err(X509V3_F_V2I_BASIC_CONSTRAINTS, X509V3_R_INVALID_NAME); | ||
| 155 | X509V3_conf_err(val); | ||
| 156 | goto err; | ||
| 157 | } | ||
| 158 | } | ||
| 159 | return bcons; | ||
| 160 | err: | ||
| 161 | BASIC_CONSTRAINTS_free(bcons); | ||
| 162 | return NULL; | ||
| 163 | } | ||
| 164 | |||
diff --git a/src/lib/libcrypto/x509v3/v3_bitst.c b/src/lib/libcrypto/x509v3/v3_bitst.c deleted file mode 100644 index 9828ba15b3..0000000000 --- a/src/lib/libcrypto/x509v3/v3_bitst.c +++ /dev/null | |||
| @@ -1,147 +0,0 @@ | |||
| 1 | /* v3_bitst.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | ||
| 3 | * project 1999. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include "cryptlib.h" | ||
| 61 | #include <openssl/conf.h> | ||
| 62 | #include <openssl/x509v3.h> | ||
| 63 | |||
| 64 | static ASN1_BIT_STRING *asn1_bit_string_new(void); | ||
| 65 | static ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, | ||
| 66 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); | ||
| 67 | static STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, | ||
| 68 | ASN1_BIT_STRING *bits, | ||
| 69 | STACK_OF(CONF_VALUE) *extlist); | ||
| 70 | static BIT_STRING_BITNAME ns_cert_type_table[] = { | ||
| 71 | {0, "SSL Client", "client"}, | ||
| 72 | {1, "SSL Server", "server"}, | ||
| 73 | {2, "S/MIME", "email"}, | ||
| 74 | {3, "Object Signing", "objsign"}, | ||
| 75 | {4, "Unused", "reserved"}, | ||
| 76 | {5, "SSL CA", "sslCA"}, | ||
| 77 | {6, "S/MIME CA", "emailCA"}, | ||
| 78 | {7, "Object Signing CA", "objCA"}, | ||
| 79 | {-1, NULL, NULL} | ||
| 80 | }; | ||
| 81 | |||
| 82 | static BIT_STRING_BITNAME key_usage_type_table[] = { | ||
| 83 | {0, "Digital Signature", "digitalSignature"}, | ||
| 84 | {1, "Non Repudiation", "nonRepudiation"}, | ||
| 85 | {2, "Key Encipherment", "keyEncipherment"}, | ||
| 86 | {3, "Data Encipherment", "dataEncipherment"}, | ||
| 87 | {4, "Key Agreement", "keyAgreement"}, | ||
| 88 | {5, "Certificate Sign", "keyCertSign"}, | ||
| 89 | {6, "CRL Sign", "cRLSign"}, | ||
| 90 | {7, "Encipher Only", "encipherOnly"}, | ||
| 91 | {8, "Decipher Only", "decipherOnly"}, | ||
| 92 | {-1, NULL, NULL} | ||
| 93 | }; | ||
| 94 | |||
| 95 | |||
| 96 | |||
| 97 | X509V3_EXT_METHOD v3_nscert = EXT_BITSTRING(NID_netscape_cert_type, ns_cert_type_table); | ||
| 98 | X509V3_EXT_METHOD v3_key_usage = EXT_BITSTRING(NID_key_usage, key_usage_type_table); | ||
| 99 | |||
| 100 | static ASN1_BIT_STRING *asn1_bit_string_new(void) | ||
| 101 | { | ||
| 102 | return ASN1_BIT_STRING_new(); | ||
| 103 | } | ||
| 104 | |||
| 105 | static STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, | ||
| 106 | ASN1_BIT_STRING *bits, STACK_OF(CONF_VALUE) *ret) | ||
| 107 | { | ||
| 108 | BIT_STRING_BITNAME *bnam; | ||
| 109 | for(bnam =method->usr_data; bnam->lname; bnam++) { | ||
| 110 | if(ASN1_BIT_STRING_get_bit(bits, bnam->bitnum)) | ||
| 111 | X509V3_add_value(bnam->lname, NULL, &ret); | ||
| 112 | } | ||
| 113 | return ret; | ||
| 114 | } | ||
| 115 | |||
| 116 | static ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, | ||
| 117 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) | ||
| 118 | { | ||
| 119 | CONF_VALUE *val; | ||
| 120 | ASN1_BIT_STRING *bs; | ||
| 121 | int i; | ||
| 122 | BIT_STRING_BITNAME *bnam; | ||
| 123 | if(!(bs = ASN1_BIT_STRING_new())) { | ||
| 124 | X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,ERR_R_MALLOC_FAILURE); | ||
| 125 | return NULL; | ||
| 126 | } | ||
| 127 | for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { | ||
| 128 | val = sk_CONF_VALUE_value(nval, i); | ||
| 129 | for(bnam = method->usr_data; bnam->lname; bnam++) { | ||
| 130 | if(!strcmp(bnam->sname, val->name) || | ||
| 131 | !strcmp(bnam->lname, val->name) ) { | ||
| 132 | ASN1_BIT_STRING_set_bit(bs, bnam->bitnum, 1); | ||
| 133 | break; | ||
| 134 | } | ||
| 135 | } | ||
| 136 | if(!bnam->lname) { | ||
| 137 | X509V3err(X509V3_F_V2I_ASN1_BIT_STRING, | ||
| 138 | X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT); | ||
| 139 | X509V3_conf_err(val); | ||
| 140 | ASN1_BIT_STRING_free(bs); | ||
| 141 | return NULL; | ||
| 142 | } | ||
| 143 | } | ||
| 144 | return bs; | ||
| 145 | } | ||
| 146 | |||
| 147 | |||
diff --git a/src/lib/libcrypto/x509v3/v3_conf.c b/src/lib/libcrypto/x509v3/v3_conf.c deleted file mode 100644 index f19bb3ad84..0000000000 --- a/src/lib/libcrypto/x509v3/v3_conf.c +++ /dev/null | |||
| @@ -1,366 +0,0 @@ | |||
| 1 | /* v3_conf.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | ||
| 3 | * project 1999. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | /* extension creation utilities */ | ||
| 59 | |||
| 60 | |||
| 61 | |||
| 62 | #include <stdio.h> | ||
| 63 | #include <ctype.h> | ||
| 64 | #include "cryptlib.h" | ||
| 65 | #include <openssl/conf.h> | ||
| 66 | #include <openssl/x509.h> | ||
| 67 | #include <openssl/x509v3.h> | ||
| 68 | |||
| 69 | static int v3_check_critical(char **value); | ||
| 70 | static int v3_check_generic(char **value); | ||
| 71 | static X509_EXTENSION *do_ext_conf(LHASH *conf, X509V3_CTX *ctx, int ext_nid, int crit, char *value); | ||
| 72 | static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, int crit, int type); | ||
| 73 | static char *conf_lhash_get_string(void *db, char *section, char *value); | ||
| 74 | static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section); | ||
| 75 | static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid, | ||
| 76 | int crit, void *ext_struc); | ||
| 77 | /* LHASH *conf: Config file */ | ||
| 78 | /* char *name: Name */ | ||
| 79 | /* char *value: Value */ | ||
| 80 | X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name, | ||
| 81 | char *value) | ||
| 82 | { | ||
| 83 | int crit; | ||
| 84 | int ext_type; | ||
| 85 | X509_EXTENSION *ret; | ||
| 86 | crit = v3_check_critical(&value); | ||
| 87 | if((ext_type = v3_check_generic(&value))) | ||
| 88 | return v3_generic_extension(name, value, crit, ext_type); | ||
| 89 | ret = do_ext_conf(conf, ctx, OBJ_sn2nid(name), crit, value); | ||
| 90 | if(!ret) { | ||
| 91 | X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_ERROR_IN_EXTENSION); | ||
| 92 | ERR_add_error_data(4,"name=", name, ", value=", value); | ||
| 93 | } | ||
| 94 | return ret; | ||
| 95 | } | ||
| 96 | |||
| 97 | /* LHASH *conf: Config file */ | ||
| 98 | /* char *value: Value */ | ||
| 99 | X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid, | ||
| 100 | char *value) | ||
| 101 | { | ||
| 102 | int crit; | ||
| 103 | int ext_type; | ||
| 104 | crit = v3_check_critical(&value); | ||
| 105 | if((ext_type = v3_check_generic(&value))) | ||
| 106 | return v3_generic_extension(OBJ_nid2sn(ext_nid), | ||
| 107 | value, crit, ext_type); | ||
| 108 | return do_ext_conf(conf, ctx, ext_nid, crit, value); | ||
| 109 | } | ||
| 110 | |||
| 111 | /* LHASH *conf: Config file */ | ||
| 112 | /* char *value: Value */ | ||
| 113 | static X509_EXTENSION *do_ext_conf(LHASH *conf, X509V3_CTX *ctx, int ext_nid, | ||
| 114 | int crit, char *value) | ||
| 115 | { | ||
| 116 | X509V3_EXT_METHOD *method; | ||
| 117 | X509_EXTENSION *ext; | ||
| 118 | STACK_OF(CONF_VALUE) *nval; | ||
| 119 | void *ext_struc; | ||
| 120 | if(ext_nid == NID_undef) { | ||
| 121 | X509V3err(X509V3_F_DO_EXT_CONF,X509V3_R_UNKNOWN_EXTENSION_NAME); | ||
| 122 | return NULL; | ||
| 123 | } | ||
| 124 | if(!(method = X509V3_EXT_get_nid(ext_nid))) { | ||
| 125 | X509V3err(X509V3_F_DO_EXT_CONF,X509V3_R_UNKNOWN_EXTENSION); | ||
| 126 | return NULL; | ||
| 127 | } | ||
| 128 | /* Now get internal extension representation based on type */ | ||
| 129 | if(method->v2i) { | ||
| 130 | if(*value == '@') nval = CONF_get_section(conf, value + 1); | ||
| 131 | else nval = X509V3_parse_list(value); | ||
| 132 | if(!nval) { | ||
| 133 | X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_INVALID_EXTENSION_STRING); | ||
| 134 | ERR_add_error_data(4, "name=", OBJ_nid2sn(ext_nid), ",section=", value); | ||
| 135 | return NULL; | ||
| 136 | } | ||
| 137 | ext_struc = method->v2i(method, ctx, nval); | ||
| 138 | if(*value != '@') sk_CONF_VALUE_pop_free(nval, | ||
| 139 | X509V3_conf_free); | ||
| 140 | if(!ext_struc) return NULL; | ||
| 141 | } else if(method->s2i) { | ||
| 142 | if(!(ext_struc = method->s2i(method, ctx, value))) return NULL; | ||
| 143 | } else if(method->r2i) { | ||
| 144 | if(!ctx->db) { | ||
| 145 | X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_NO_CONFIG_DATABASE); | ||
| 146 | return NULL; | ||
| 147 | } | ||
| 148 | if(!(ext_struc = method->r2i(method, ctx, value))) return NULL; | ||
| 149 | } else { | ||
| 150 | X509V3err(X509V3_F_X509V3_EXT_CONF,X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED); | ||
| 151 | ERR_add_error_data(2, "name=", OBJ_nid2sn(ext_nid)); | ||
| 152 | return NULL; | ||
| 153 | } | ||
| 154 | |||
| 155 | ext = do_ext_i2d(method, ext_nid, crit, ext_struc); | ||
| 156 | method->ext_free(ext_struc); | ||
| 157 | return ext; | ||
| 158 | |||
| 159 | } | ||
| 160 | |||
| 161 | static X509_EXTENSION *do_ext_i2d(X509V3_EXT_METHOD *method, int ext_nid, | ||
| 162 | int crit, void *ext_struc) | ||
| 163 | { | ||
| 164 | unsigned char *ext_der, *p; | ||
| 165 | int ext_len; | ||
| 166 | ASN1_OCTET_STRING *ext_oct; | ||
| 167 | X509_EXTENSION *ext; | ||
| 168 | /* Convert internal representation to DER */ | ||
| 169 | ext_len = method->i2d(ext_struc, NULL); | ||
| 170 | if(!(ext_der = Malloc(ext_len))) goto merr; | ||
| 171 | p = ext_der; | ||
| 172 | method->i2d(ext_struc, &p); | ||
| 173 | if(!(ext_oct = ASN1_OCTET_STRING_new())) goto merr; | ||
| 174 | ext_oct->data = ext_der; | ||
| 175 | ext_oct->length = ext_len; | ||
| 176 | |||
| 177 | ext = X509_EXTENSION_create_by_NID(NULL, ext_nid, crit, ext_oct); | ||
| 178 | if(!ext) goto merr; | ||
| 179 | ASN1_OCTET_STRING_free(ext_oct); | ||
| 180 | |||
| 181 | return ext; | ||
| 182 | |||
| 183 | merr: | ||
| 184 | X509V3err(X509V3_F_DO_EXT_I2D,ERR_R_MALLOC_FAILURE); | ||
| 185 | return NULL; | ||
| 186 | |||
| 187 | } | ||
| 188 | |||
| 189 | /* Given an internal structure, nid and critical flag create an extension */ | ||
| 190 | |||
| 191 | X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc) | ||
| 192 | { | ||
| 193 | X509V3_EXT_METHOD *method; | ||
| 194 | if(!(method = X509V3_EXT_get_nid(ext_nid))) { | ||
| 195 | X509V3err(X509V3_F_X509V3_EXT_I2D,X509V3_R_UNKNOWN_EXTENSION); | ||
| 196 | return NULL; | ||
| 197 | } | ||
| 198 | return do_ext_i2d(method, ext_nid, crit, ext_struc); | ||
| 199 | } | ||
| 200 | |||
| 201 | /* Check the extension string for critical flag */ | ||
| 202 | static int v3_check_critical(char **value) | ||
| 203 | { | ||
| 204 | char *p = *value; | ||
| 205 | if((strlen(p) < 9) || strncmp(p, "critical,", 9)) return 0; | ||
| 206 | p+=9; | ||
| 207 | while(isspace((unsigned char)*p)) p++; | ||
| 208 | *value = p; | ||
| 209 | return 1; | ||
| 210 | } | ||
| 211 | |||
| 212 | /* Check extension string for generic extension and return the type */ | ||
| 213 | static int v3_check_generic(char **value) | ||
| 214 | { | ||
| 215 | char *p = *value; | ||
| 216 | if((strlen(p) < 4) || strncmp(p, "DER:,", 4)) return 0; | ||
| 217 | p+=4; | ||
| 218 | while(isspace((unsigned char)*p)) p++; | ||
| 219 | *value = p; | ||
| 220 | return 1; | ||
| 221 | } | ||
| 222 | |||
| 223 | /* Create a generic extension: for now just handle RAW type */ | ||
| 224 | static X509_EXTENSION *v3_generic_extension(const char *ext, char *value, | ||
| 225 | int crit, int type) | ||
| 226 | { | ||
| 227 | unsigned char *ext_der=NULL; | ||
| 228 | long ext_len; | ||
| 229 | ASN1_OBJECT *obj=NULL; | ||
| 230 | ASN1_OCTET_STRING *oct=NULL; | ||
| 231 | X509_EXTENSION *extension=NULL; | ||
| 232 | if(!(obj = OBJ_txt2obj(ext, 0))) { | ||
| 233 | X509V3err(X509V3_F_V3_GENERIC_EXTENSION,X509V3_R_EXTENSION_NAME_ERROR); | ||
| 234 | ERR_add_error_data(2, "name=", ext); | ||
| 235 | goto err; | ||
| 236 | } | ||
| 237 | |||
| 238 | if(!(ext_der = string_to_hex(value, &ext_len))) { | ||
| 239 | X509V3err(X509V3_F_V3_GENERIC_EXTENSION,X509V3_R_EXTENSION_VALUE_ERROR); | ||
| 240 | ERR_add_error_data(2, "value=", value); | ||
| 241 | goto err; | ||
| 242 | } | ||
| 243 | |||
| 244 | if(!(oct = ASN1_OCTET_STRING_new())) { | ||
| 245 | X509V3err(X509V3_F_V3_GENERIC_EXTENSION,ERR_R_MALLOC_FAILURE); | ||
| 246 | goto err; | ||
| 247 | } | ||
| 248 | |||
| 249 | oct->data = ext_der; | ||
| 250 | oct->length = ext_len; | ||
| 251 | ext_der = NULL; | ||
| 252 | |||
| 253 | extension = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct); | ||
| 254 | |||
| 255 | err: | ||
| 256 | ASN1_OBJECT_free(obj); | ||
| 257 | ASN1_OCTET_STRING_free(oct); | ||
| 258 | if(ext_der) Free(ext_der); | ||
| 259 | return extension; | ||
| 260 | } | ||
| 261 | |||
| 262 | |||
| 263 | /* This is the main function: add a bunch of extensions based on a config file | ||
| 264 | * section | ||
| 265 | */ | ||
| 266 | |||
| 267 | int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, | ||
| 268 | X509 *cert) | ||
| 269 | { | ||
| 270 | X509_EXTENSION *ext; | ||
| 271 | STACK_OF(CONF_VALUE) *nval; | ||
| 272 | CONF_VALUE *val; | ||
| 273 | int i; | ||
| 274 | if(!(nval = CONF_get_section(conf, section))) return 0; | ||
| 275 | for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { | ||
| 276 | val = sk_CONF_VALUE_value(nval, i); | ||
| 277 | if(!(ext = X509V3_EXT_conf(conf, ctx, val->name, val->value))) | ||
| 278 | return 0; | ||
| 279 | if(cert) X509_add_ext(cert, ext, -1); | ||
| 280 | X509_EXTENSION_free(ext); | ||
| 281 | } | ||
| 282 | return 1; | ||
| 283 | } | ||
| 284 | |||
| 285 | /* Same as above but for a CRL */ | ||
| 286 | |||
| 287 | int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, | ||
| 288 | X509_CRL *crl) | ||
| 289 | { | ||
| 290 | X509_EXTENSION *ext; | ||
| 291 | STACK_OF(CONF_VALUE) *nval; | ||
| 292 | CONF_VALUE *val; | ||
| 293 | int i; | ||
| 294 | if(!(nval = CONF_get_section(conf, section))) return 0; | ||
| 295 | for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { | ||
| 296 | val = sk_CONF_VALUE_value(nval, i); | ||
| 297 | if(!(ext = X509V3_EXT_conf(conf, ctx, val->name, val->value))) | ||
| 298 | return 0; | ||
| 299 | if(crl) X509_CRL_add_ext(crl, ext, -1); | ||
| 300 | X509_EXTENSION_free(ext); | ||
| 301 | } | ||
| 302 | return 1; | ||
| 303 | } | ||
| 304 | |||
| 305 | /* Config database functions */ | ||
| 306 | |||
| 307 | char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section) | ||
| 308 | { | ||
| 309 | if(ctx->db_meth->get_string) | ||
| 310 | return ctx->db_meth->get_string(ctx->db, name, section); | ||
| 311 | return NULL; | ||
| 312 | } | ||
| 313 | |||
| 314 | STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section) | ||
| 315 | { | ||
| 316 | if(ctx->db_meth->get_section) | ||
| 317 | return ctx->db_meth->get_section(ctx->db, section); | ||
| 318 | return NULL; | ||
| 319 | } | ||
| 320 | |||
| 321 | void X509V3_string_free(X509V3_CTX *ctx, char *str) | ||
| 322 | { | ||
| 323 | if(!str) return; | ||
| 324 | if(ctx->db_meth->free_string) | ||
| 325 | ctx->db_meth->free_string(ctx->db, str); | ||
| 326 | } | ||
| 327 | |||
| 328 | void X509V3_section_free(X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section) | ||
| 329 | { | ||
| 330 | if(!section) return; | ||
| 331 | if(ctx->db_meth->free_section) | ||
| 332 | ctx->db_meth->free_section(ctx->db, section); | ||
| 333 | } | ||
| 334 | |||
| 335 | static char *conf_lhash_get_string(void *db, char *section, char *value) | ||
| 336 | { | ||
| 337 | return CONF_get_string(db, section, value); | ||
| 338 | } | ||
| 339 | |||
| 340 | static STACK_OF(CONF_VALUE) *conf_lhash_get_section(void *db, char *section) | ||
| 341 | { | ||
| 342 | return CONF_get_section(db, section); | ||
| 343 | } | ||
| 344 | |||
| 345 | static X509V3_CONF_METHOD conf_lhash_method = { | ||
| 346 | conf_lhash_get_string, | ||
| 347 | conf_lhash_get_section, | ||
| 348 | NULL, | ||
| 349 | NULL | ||
| 350 | }; | ||
| 351 | |||
| 352 | void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash) | ||
| 353 | { | ||
| 354 | ctx->db_meth = &conf_lhash_method; | ||
| 355 | ctx->db = lhash; | ||
| 356 | } | ||
| 357 | |||
| 358 | void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subj, X509_REQ *req, | ||
| 359 | X509_CRL *crl, int flags) | ||
| 360 | { | ||
| 361 | ctx->issuer_cert = issuer; | ||
| 362 | ctx->subject_cert = subj; | ||
| 363 | ctx->crl = crl; | ||
| 364 | ctx->subject_req = req; | ||
| 365 | ctx->flags = flags; | ||
| 366 | } | ||
diff --git a/src/lib/libcrypto/x509v3/v3_cpols.c b/src/lib/libcrypto/x509v3/v3_cpols.c deleted file mode 100644 index b4d4883545..0000000000 --- a/src/lib/libcrypto/x509v3/v3_cpols.c +++ /dev/null | |||
| @@ -1,655 +0,0 @@ | |||
| 1 | /* v3_cpols.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | ||
| 3 | * project 1999. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include "cryptlib.h" | ||
| 61 | #include <openssl/conf.h> | ||
| 62 | #include <openssl/asn1.h> | ||
| 63 | #include <openssl/asn1_mac.h> | ||
| 64 | #include <openssl/x509v3.h> | ||
| 65 | |||
| 66 | /* Certificate policies extension support: this one is a bit complex... */ | ||
| 67 | |||
| 68 | static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, BIO *out, int indent); | ||
| 69 | static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *value); | ||
| 70 | static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals, int indent); | ||
| 71 | static void print_notice(BIO *out, USERNOTICE *notice, int indent); | ||
| 72 | static POLICYINFO *policy_section(X509V3_CTX *ctx, | ||
| 73 | STACK_OF(CONF_VALUE) *polstrs, int ia5org); | ||
| 74 | static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, | ||
| 75 | STACK_OF(CONF_VALUE) *unot, int ia5org); | ||
| 76 | static STACK *nref_nos(STACK_OF(CONF_VALUE) *nos); | ||
| 77 | |||
| 78 | X509V3_EXT_METHOD v3_cpols = { | ||
| 79 | NID_certificate_policies, 0, | ||
| 80 | (X509V3_EXT_NEW)CERTIFICATEPOLICIES_new, | ||
| 81 | (X509V3_EXT_FREE)CERTIFICATEPOLICIES_free, | ||
| 82 | (X509V3_EXT_D2I)d2i_CERTIFICATEPOLICIES, | ||
| 83 | (X509V3_EXT_I2D)i2d_CERTIFICATEPOLICIES, | ||
| 84 | NULL, NULL, | ||
| 85 | NULL, NULL, | ||
| 86 | (X509V3_EXT_I2R)i2r_certpol, | ||
| 87 | (X509V3_EXT_R2I)r2i_certpol, | ||
| 88 | NULL | ||
| 89 | }; | ||
| 90 | |||
| 91 | |||
| 92 | static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, | ||
| 93 | X509V3_CTX *ctx, char *value) | ||
| 94 | { | ||
| 95 | STACK_OF(POLICYINFO) *pols = NULL; | ||
| 96 | char *pstr; | ||
| 97 | POLICYINFO *pol; | ||
| 98 | ASN1_OBJECT *pobj; | ||
| 99 | STACK_OF(CONF_VALUE) *vals; | ||
| 100 | CONF_VALUE *cnf; | ||
| 101 | int i, ia5org; | ||
| 102 | pols = sk_POLICYINFO_new_null(); | ||
| 103 | vals = X509V3_parse_list(value); | ||
| 104 | ia5org = 0; | ||
| 105 | for(i = 0; i < sk_CONF_VALUE_num(vals); i++) { | ||
| 106 | cnf = sk_CONF_VALUE_value(vals, i); | ||
| 107 | if(cnf->value || !cnf->name ) { | ||
| 108 | X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_POLICY_IDENTIFIER); | ||
| 109 | X509V3_conf_err(cnf); | ||
| 110 | goto err; | ||
| 111 | } | ||
| 112 | pstr = cnf->name; | ||
| 113 | if(!strcmp(pstr,"ia5org")) { | ||
| 114 | ia5org = 1; | ||
| 115 | continue; | ||
| 116 | } else if(*pstr == '@') { | ||
| 117 | STACK_OF(CONF_VALUE) *polsect; | ||
| 118 | polsect = X509V3_get_section(ctx, pstr + 1); | ||
| 119 | if(!polsect) { | ||
| 120 | X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_SECTION); | ||
| 121 | |||
| 122 | X509V3_conf_err(cnf); | ||
| 123 | goto err; | ||
| 124 | } | ||
| 125 | pol = policy_section(ctx, polsect, ia5org); | ||
| 126 | X509V3_section_free(ctx, polsect); | ||
| 127 | if(!pol) goto err; | ||
| 128 | } else { | ||
| 129 | if(!(pobj = OBJ_txt2obj(cnf->name, 0))) { | ||
| 130 | X509V3err(X509V3_F_R2I_CERTPOL,X509V3_R_INVALID_OBJECT_IDENTIFIER); | ||
| 131 | X509V3_conf_err(cnf); | ||
| 132 | goto err; | ||
| 133 | } | ||
| 134 | pol = POLICYINFO_new(); | ||
| 135 | pol->policyid = pobj; | ||
| 136 | } | ||
| 137 | sk_POLICYINFO_push(pols, pol); | ||
| 138 | } | ||
| 139 | sk_CONF_VALUE_pop_free(vals, X509V3_conf_free); | ||
| 140 | return pols; | ||
| 141 | err: | ||
| 142 | sk_POLICYINFO_pop_free(pols, POLICYINFO_free); | ||
| 143 | return NULL; | ||
| 144 | } | ||
| 145 | |||
| 146 | static POLICYINFO *policy_section(X509V3_CTX *ctx, | ||
| 147 | STACK_OF(CONF_VALUE) *polstrs, int ia5org) | ||
| 148 | { | ||
| 149 | int i; | ||
| 150 | CONF_VALUE *cnf; | ||
| 151 | POLICYINFO *pol; | ||
| 152 | POLICYQUALINFO *qual; | ||
| 153 | if(!(pol = POLICYINFO_new())) goto merr; | ||
| 154 | for(i = 0; i < sk_CONF_VALUE_num(polstrs); i++) { | ||
| 155 | cnf = sk_CONF_VALUE_value(polstrs, i); | ||
| 156 | if(!strcmp(cnf->name, "policyIdentifier")) { | ||
| 157 | ASN1_OBJECT *pobj; | ||
| 158 | if(!(pobj = OBJ_txt2obj(cnf->value, 0))) { | ||
| 159 | X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_INVALID_OBJECT_IDENTIFIER); | ||
| 160 | X509V3_conf_err(cnf); | ||
| 161 | goto err; | ||
| 162 | } | ||
| 163 | pol->policyid = pobj; | ||
| 164 | |||
| 165 | } else if(!name_cmp(cnf->name, "CPS")) { | ||
| 166 | if(!pol->qualifiers) pol->qualifiers = | ||
| 167 | sk_POLICYQUALINFO_new_null(); | ||
| 168 | if(!(qual = POLICYQUALINFO_new())) goto merr; | ||
| 169 | if(!sk_POLICYQUALINFO_push(pol->qualifiers, qual)) | ||
| 170 | goto merr; | ||
| 171 | qual->pqualid = OBJ_nid2obj(NID_id_qt_cps); | ||
| 172 | qual->d.cpsuri = ASN1_IA5STRING_new(); | ||
| 173 | if(!ASN1_STRING_set(qual->d.cpsuri, cnf->value, | ||
| 174 | strlen(cnf->value))) goto merr; | ||
| 175 | } else if(!name_cmp(cnf->name, "userNotice")) { | ||
| 176 | STACK_OF(CONF_VALUE) *unot; | ||
| 177 | if(*cnf->value != '@') { | ||
| 178 | X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_EXPECTED_A_SECTION_NAME); | ||
| 179 | X509V3_conf_err(cnf); | ||
| 180 | goto err; | ||
| 181 | } | ||
| 182 | unot = X509V3_get_section(ctx, cnf->value + 1); | ||
| 183 | if(!unot) { | ||
| 184 | X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_INVALID_SECTION); | ||
| 185 | |||
| 186 | X509V3_conf_err(cnf); | ||
| 187 | goto err; | ||
| 188 | } | ||
| 189 | qual = notice_section(ctx, unot, ia5org); | ||
| 190 | X509V3_section_free(ctx, unot); | ||
| 191 | if(!qual) goto err; | ||
| 192 | if(!sk_POLICYQUALINFO_push(pol->qualifiers, qual)) | ||
| 193 | goto merr; | ||
| 194 | } else { | ||
| 195 | X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_INVALID_OPTION); | ||
| 196 | |||
| 197 | X509V3_conf_err(cnf); | ||
| 198 | goto err; | ||
| 199 | } | ||
| 200 | } | ||
| 201 | if(!pol->policyid) { | ||
| 202 | X509V3err(X509V3_F_POLICY_SECTION,X509V3_R_NO_POLICY_IDENTIFIER); | ||
| 203 | goto err; | ||
| 204 | } | ||
| 205 | |||
| 206 | return pol; | ||
| 207 | |||
| 208 | merr: | ||
| 209 | X509V3err(X509V3_F_POLICY_SECTION,ERR_R_MALLOC_FAILURE); | ||
| 210 | |||
| 211 | err: | ||
| 212 | POLICYINFO_free(pol); | ||
| 213 | return NULL; | ||
| 214 | |||
| 215 | |||
| 216 | } | ||
| 217 | |||
| 218 | static POLICYQUALINFO *notice_section(X509V3_CTX *ctx, | ||
| 219 | STACK_OF(CONF_VALUE) *unot, int ia5org) | ||
| 220 | { | ||
| 221 | int i; | ||
| 222 | CONF_VALUE *cnf; | ||
| 223 | USERNOTICE *not; | ||
| 224 | POLICYQUALINFO *qual; | ||
| 225 | if(!(qual = POLICYQUALINFO_new())) goto merr; | ||
| 226 | qual->pqualid = OBJ_nid2obj(NID_id_qt_unotice); | ||
| 227 | if(!(not = USERNOTICE_new())) goto merr; | ||
| 228 | qual->d.usernotice = not; | ||
| 229 | for(i = 0; i < sk_CONF_VALUE_num(unot); i++) { | ||
| 230 | cnf = sk_CONF_VALUE_value(unot, i); | ||
| 231 | if(!strcmp(cnf->name, "explicitText")) { | ||
| 232 | not->exptext = ASN1_VISIBLESTRING_new(); | ||
| 233 | if(!ASN1_STRING_set(not->exptext, cnf->value, | ||
| 234 | strlen(cnf->value))) goto merr; | ||
| 235 | } else if(!strcmp(cnf->name, "organization")) { | ||
| 236 | NOTICEREF *nref; | ||
| 237 | if(!not->noticeref) { | ||
| 238 | if(!(nref = NOTICEREF_new())) goto merr; | ||
| 239 | not->noticeref = nref; | ||
| 240 | } else nref = not->noticeref; | ||
| 241 | if(ia5org) nref->organization = ASN1_IA5STRING_new(); | ||
| 242 | else nref->organization = ASN1_VISIBLESTRING_new(); | ||
| 243 | if(!ASN1_STRING_set(nref->organization, cnf->value, | ||
| 244 | strlen(cnf->value))) goto merr; | ||
| 245 | } else if(!strcmp(cnf->name, "noticeNumbers")) { | ||
| 246 | NOTICEREF *nref; | ||
| 247 | STACK_OF(CONF_VALUE) *nos; | ||
| 248 | if(!not->noticeref) { | ||
| 249 | if(!(nref = NOTICEREF_new())) goto merr; | ||
| 250 | not->noticeref = nref; | ||
| 251 | } else nref = not->noticeref; | ||
| 252 | nos = X509V3_parse_list(cnf->value); | ||
| 253 | if(!nos || !sk_CONF_VALUE_num(nos)) { | ||
| 254 | X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_INVALID_NUMBERS); | ||
| 255 | X509V3_conf_err(cnf); | ||
| 256 | goto err; | ||
| 257 | } | ||
| 258 | nref->noticenos = nref_nos(nos); | ||
| 259 | sk_CONF_VALUE_pop_free(nos, X509V3_conf_free); | ||
| 260 | if(!nref->noticenos) goto err; | ||
| 261 | } else { | ||
| 262 | X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_INVALID_OPTION); | ||
| 263 | |||
| 264 | X509V3_conf_err(cnf); | ||
| 265 | goto err; | ||
| 266 | } | ||
| 267 | } | ||
| 268 | |||
| 269 | if(not->noticeref && | ||
| 270 | (!not->noticeref->noticenos || !not->noticeref->organization)) { | ||
| 271 | X509V3err(X509V3_F_NOTICE_SECTION,X509V3_R_NEED_ORGANIZATION_AND_NUMBERS); | ||
| 272 | goto err; | ||
| 273 | } | ||
| 274 | |||
| 275 | return qual; | ||
| 276 | |||
| 277 | merr: | ||
| 278 | X509V3err(X509V3_F_NOTICE_SECTION,ERR_R_MALLOC_FAILURE); | ||
| 279 | |||
| 280 | err: | ||
| 281 | POLICYQUALINFO_free(qual); | ||
| 282 | return NULL; | ||
| 283 | } | ||
| 284 | |||
| 285 | static STACK *nref_nos(STACK_OF(CONF_VALUE) *nos) | ||
| 286 | { | ||
| 287 | STACK *nnums; | ||
| 288 | CONF_VALUE *cnf; | ||
| 289 | ASN1_INTEGER *aint; | ||
| 290 | int i; | ||
| 291 | if(!(nnums = sk_new_null())) goto merr; | ||
| 292 | for(i = 0; i < sk_CONF_VALUE_num(nos); i++) { | ||
| 293 | cnf = sk_CONF_VALUE_value(nos, i); | ||
| 294 | if(!(aint = s2i_ASN1_INTEGER(NULL, cnf->name))) { | ||
| 295 | X509V3err(X509V3_F_NREF_NOS,X509V3_R_INVALID_NUMBER); | ||
| 296 | goto err; | ||
| 297 | } | ||
| 298 | if(!sk_push(nnums, (char *)aint)) goto merr; | ||
| 299 | } | ||
| 300 | return nnums; | ||
| 301 | |||
| 302 | merr: | ||
| 303 | X509V3err(X509V3_F_NOTICE_SECTION,ERR_R_MALLOC_FAILURE); | ||
| 304 | |||
| 305 | err: | ||
| 306 | sk_pop_free(nnums, ASN1_STRING_free); | ||
| 307 | return NULL; | ||
| 308 | } | ||
| 309 | |||
| 310 | |||
| 311 | static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, | ||
| 312 | BIO *out, int indent) | ||
| 313 | { | ||
| 314 | int i; | ||
| 315 | POLICYINFO *pinfo; | ||
| 316 | /* First print out the policy OIDs */ | ||
| 317 | for(i = 0; i < sk_POLICYINFO_num(pol); i++) { | ||
| 318 | pinfo = sk_POLICYINFO_value(pol, i); | ||
| 319 | BIO_printf(out, "%*sPolicy: ", indent, ""); | ||
| 320 | i2a_ASN1_OBJECT(out, pinfo->policyid); | ||
| 321 | BIO_puts(out, "\n"); | ||
| 322 | if(pinfo->qualifiers) | ||
| 323 | print_qualifiers(out, pinfo->qualifiers, indent + 2); | ||
| 324 | } | ||
| 325 | return 1; | ||
| 326 | } | ||
| 327 | |||
| 328 | |||
| 329 | int i2d_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) *a, unsigned char **pp) | ||
| 330 | { | ||
| 331 | |||
| 332 | return i2d_ASN1_SET_OF_POLICYINFO(a, pp, i2d_POLICYINFO, V_ASN1_SEQUENCE, | ||
| 333 | V_ASN1_UNIVERSAL, IS_SEQUENCE);} | ||
| 334 | |||
| 335 | STACK_OF(POLICYINFO) *CERTIFICATEPOLICIES_new(void) | ||
| 336 | { | ||
| 337 | return sk_POLICYINFO_new_null(); | ||
| 338 | } | ||
| 339 | |||
| 340 | void CERTIFICATEPOLICIES_free(STACK_OF(POLICYINFO) *a) | ||
| 341 | { | ||
| 342 | sk_POLICYINFO_pop_free(a, POLICYINFO_free); | ||
| 343 | } | ||
| 344 | |||
| 345 | STACK_OF(POLICYINFO) *d2i_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) **a, | ||
| 346 | unsigned char **pp,long length) | ||
| 347 | { | ||
| 348 | return d2i_ASN1_SET_OF_POLICYINFO(a, pp, length, d2i_POLICYINFO, | ||
| 349 | POLICYINFO_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); | ||
| 350 | |||
| 351 | } | ||
| 352 | |||
| 353 | IMPLEMENT_STACK_OF(POLICYINFO) | ||
| 354 | IMPLEMENT_ASN1_SET_OF(POLICYINFO) | ||
| 355 | |||
| 356 | int i2d_POLICYINFO(POLICYINFO *a, unsigned char **pp) | ||
| 357 | { | ||
| 358 | M_ASN1_I2D_vars(a); | ||
| 359 | |||
| 360 | M_ASN1_I2D_len (a->policyid, i2d_ASN1_OBJECT); | ||
| 361 | M_ASN1_I2D_len_SEQUENCE_type(POLICYQUALINFO, a->qualifiers, | ||
| 362 | i2d_POLICYQUALINFO); | ||
| 363 | |||
| 364 | M_ASN1_I2D_seq_total(); | ||
| 365 | |||
| 366 | M_ASN1_I2D_put (a->policyid, i2d_ASN1_OBJECT); | ||
| 367 | M_ASN1_I2D_put_SEQUENCE_type(POLICYQUALINFO, a->qualifiers, | ||
| 368 | i2d_POLICYQUALINFO); | ||
| 369 | |||
| 370 | M_ASN1_I2D_finish(); | ||
| 371 | } | ||
| 372 | |||
| 373 | POLICYINFO *POLICYINFO_new(void) | ||
| 374 | { | ||
| 375 | POLICYINFO *ret=NULL; | ||
| 376 | ASN1_CTX c; | ||
| 377 | M_ASN1_New_Malloc(ret, POLICYINFO); | ||
| 378 | ret->policyid = NULL; | ||
| 379 | ret->qualifiers = NULL; | ||
| 380 | return (ret); | ||
| 381 | M_ASN1_New_Error(ASN1_F_POLICYINFO_NEW); | ||
| 382 | } | ||
| 383 | |||
| 384 | POLICYINFO *d2i_POLICYINFO(POLICYINFO **a, unsigned char **pp,long length) | ||
| 385 | { | ||
| 386 | M_ASN1_D2I_vars(a,POLICYINFO *,POLICYINFO_new); | ||
| 387 | M_ASN1_D2I_Init(); | ||
| 388 | M_ASN1_D2I_start_sequence(); | ||
| 389 | M_ASN1_D2I_get(ret->policyid, d2i_ASN1_OBJECT); | ||
| 390 | if(!M_ASN1_D2I_end_sequence()) { | ||
| 391 | M_ASN1_D2I_get_seq_type (POLICYQUALINFO, ret->qualifiers, | ||
| 392 | d2i_POLICYQUALINFO, POLICYQUALINFO_free); | ||
| 393 | } | ||
| 394 | M_ASN1_D2I_Finish(a, POLICYINFO_free, ASN1_F_D2I_POLICYINFO); | ||
| 395 | } | ||
| 396 | |||
| 397 | void POLICYINFO_free(POLICYINFO *a) | ||
| 398 | { | ||
| 399 | if (a == NULL) return; | ||
| 400 | ASN1_OBJECT_free(a->policyid); | ||
| 401 | sk_POLICYQUALINFO_pop_free(a->qualifiers, POLICYQUALINFO_free); | ||
| 402 | Free (a); | ||
| 403 | } | ||
| 404 | |||
| 405 | static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals, | ||
| 406 | int indent) | ||
| 407 | { | ||
| 408 | POLICYQUALINFO *qualinfo; | ||
| 409 | int i; | ||
| 410 | for(i = 0; i < sk_POLICYQUALINFO_num(quals); i++) { | ||
| 411 | qualinfo = sk_POLICYQUALINFO_value(quals, i); | ||
| 412 | switch(OBJ_obj2nid(qualinfo->pqualid)) | ||
| 413 | { | ||
| 414 | case NID_id_qt_cps: | ||
| 415 | BIO_printf(out, "%*sCPS: %s\n", indent, "", | ||
| 416 | qualinfo->d.cpsuri->data); | ||
| 417 | break; | ||
| 418 | |||
| 419 | case NID_id_qt_unotice: | ||
| 420 | BIO_printf(out, "%*sUser Notice:\n", indent, ""); | ||
| 421 | print_notice(out, qualinfo->d.usernotice, indent + 2); | ||
| 422 | break; | ||
| 423 | |||
| 424 | default: | ||
| 425 | BIO_printf(out, "%*sUnknown Qualifier: ", | ||
| 426 | indent + 2, ""); | ||
| 427 | |||
| 428 | i2a_ASN1_OBJECT(out, qualinfo->pqualid); | ||
| 429 | BIO_puts(out, "\n"); | ||
| 430 | break; | ||
| 431 | } | ||
| 432 | } | ||
| 433 | } | ||
| 434 | |||
| 435 | static void print_notice(BIO *out, USERNOTICE *notice, int indent) | ||
| 436 | { | ||
| 437 | int i; | ||
| 438 | if(notice->noticeref) { | ||
| 439 | NOTICEREF *ref; | ||
| 440 | ref = notice->noticeref; | ||
| 441 | BIO_printf(out, "%*sOrganization: %s\n", indent, "", | ||
| 442 | ref->organization->data); | ||
| 443 | BIO_printf(out, "%*sNumber%s: ", indent, "", | ||
| 444 | (sk_num(ref->noticenos) > 1) ? "s" : ""); | ||
| 445 | for(i = 0; i < sk_num(ref->noticenos); i++) { | ||
| 446 | ASN1_INTEGER *num; | ||
| 447 | char *tmp; | ||
| 448 | num = (ASN1_INTEGER *)sk_value(ref->noticenos, i); | ||
| 449 | if(i) BIO_puts(out, ", "); | ||
| 450 | tmp = i2s_ASN1_INTEGER(NULL, num); | ||
| 451 | BIO_puts(out, tmp); | ||
| 452 | Free(tmp); | ||
| 453 | } | ||
| 454 | BIO_puts(out, "\n"); | ||
| 455 | } | ||
| 456 | if(notice->exptext) | ||
| 457 | BIO_printf(out, "%*sExplicit Text: %s\n", indent, "", | ||
| 458 | notice->exptext->data); | ||
| 459 | } | ||
| 460 | |||
| 461 | |||
| 462 | |||
| 463 | int i2d_POLICYQUALINFO(POLICYQUALINFO *a, unsigned char **pp) | ||
| 464 | { | ||
| 465 | M_ASN1_I2D_vars(a); | ||
| 466 | |||
| 467 | M_ASN1_I2D_len (a->pqualid, i2d_ASN1_OBJECT); | ||
| 468 | switch(OBJ_obj2nid(a->pqualid)) { | ||
| 469 | case NID_id_qt_cps: | ||
| 470 | M_ASN1_I2D_len(a->d.cpsuri, i2d_ASN1_IA5STRING); | ||
| 471 | break; | ||
| 472 | |||
| 473 | case NID_id_qt_unotice: | ||
| 474 | M_ASN1_I2D_len(a->d.usernotice, i2d_USERNOTICE); | ||
| 475 | break; | ||
| 476 | |||
| 477 | default: | ||
| 478 | M_ASN1_I2D_len(a->d.other, i2d_ASN1_TYPE); | ||
| 479 | break; | ||
| 480 | } | ||
| 481 | |||
| 482 | M_ASN1_I2D_seq_total(); | ||
| 483 | |||
| 484 | M_ASN1_I2D_put (a->pqualid, i2d_ASN1_OBJECT); | ||
| 485 | switch(OBJ_obj2nid(a->pqualid)) { | ||
| 486 | case NID_id_qt_cps: | ||
| 487 | M_ASN1_I2D_put(a->d.cpsuri, i2d_ASN1_IA5STRING); | ||
| 488 | break; | ||
| 489 | |||
| 490 | case NID_id_qt_unotice: | ||
| 491 | M_ASN1_I2D_put(a->d.usernotice, i2d_USERNOTICE); | ||
| 492 | break; | ||
| 493 | |||
| 494 | default: | ||
| 495 | M_ASN1_I2D_put(a->d.other, i2d_ASN1_TYPE); | ||
| 496 | break; | ||
| 497 | } | ||
| 498 | |||
| 499 | M_ASN1_I2D_finish(); | ||
| 500 | } | ||
| 501 | |||
| 502 | POLICYQUALINFO *POLICYQUALINFO_new(void) | ||
| 503 | { | ||
| 504 | POLICYQUALINFO *ret=NULL; | ||
| 505 | ASN1_CTX c; | ||
| 506 | M_ASN1_New_Malloc(ret, POLICYQUALINFO); | ||
| 507 | ret->pqualid = NULL; | ||
| 508 | ret->d.other = NULL; | ||
| 509 | return (ret); | ||
| 510 | M_ASN1_New_Error(ASN1_F_POLICYQUALINFO_NEW); | ||
| 511 | } | ||
| 512 | |||
| 513 | POLICYQUALINFO *d2i_POLICYQUALINFO(POLICYQUALINFO **a, unsigned char **pp, | ||
| 514 | long length) | ||
| 515 | { | ||
| 516 | M_ASN1_D2I_vars(a,POLICYQUALINFO *,POLICYQUALINFO_new); | ||
| 517 | M_ASN1_D2I_Init(); | ||
| 518 | M_ASN1_D2I_start_sequence(); | ||
| 519 | M_ASN1_D2I_get (ret->pqualid, d2i_ASN1_OBJECT); | ||
| 520 | switch(OBJ_obj2nid(ret->pqualid)) { | ||
| 521 | case NID_id_qt_cps: | ||
| 522 | M_ASN1_D2I_get(ret->d.cpsuri, d2i_ASN1_IA5STRING); | ||
| 523 | break; | ||
| 524 | |||
| 525 | case NID_id_qt_unotice: | ||
| 526 | M_ASN1_D2I_get(ret->d.usernotice, d2i_USERNOTICE); | ||
| 527 | break; | ||
| 528 | |||
| 529 | default: | ||
| 530 | M_ASN1_D2I_get(ret->d.other, d2i_ASN1_TYPE); | ||
| 531 | break; | ||
| 532 | } | ||
| 533 | M_ASN1_D2I_Finish(a, POLICYQUALINFO_free, ASN1_F_D2I_POLICYQUALINFO); | ||
| 534 | } | ||
| 535 | |||
| 536 | void POLICYQUALINFO_free(POLICYQUALINFO *a) | ||
| 537 | { | ||
| 538 | if (a == NULL) return; | ||
| 539 | switch(OBJ_obj2nid(a->pqualid)) { | ||
| 540 | case NID_id_qt_cps: | ||
| 541 | ASN1_IA5STRING_free(a->d.cpsuri); | ||
| 542 | break; | ||
| 543 | |||
| 544 | case NID_id_qt_unotice: | ||
| 545 | USERNOTICE_free(a->d.usernotice); | ||
| 546 | break; | ||
| 547 | |||
| 548 | default: | ||
| 549 | ASN1_TYPE_free(a->d.other); | ||
| 550 | break; | ||
| 551 | } | ||
| 552 | |||
| 553 | ASN1_OBJECT_free(a->pqualid); | ||
| 554 | Free (a); | ||
| 555 | } | ||
| 556 | |||
| 557 | int i2d_USERNOTICE(USERNOTICE *a, unsigned char **pp) | ||
| 558 | { | ||
| 559 | M_ASN1_I2D_vars(a); | ||
| 560 | |||
| 561 | M_ASN1_I2D_len (a->noticeref, i2d_NOTICEREF); | ||
| 562 | M_ASN1_I2D_len (a->exptext, i2d_DISPLAYTEXT); | ||
| 563 | |||
| 564 | M_ASN1_I2D_seq_total(); | ||
| 565 | |||
| 566 | M_ASN1_I2D_put (a->noticeref, i2d_NOTICEREF); | ||
| 567 | M_ASN1_I2D_put (a->exptext, i2d_DISPLAYTEXT); | ||
| 568 | |||
| 569 | M_ASN1_I2D_finish(); | ||
| 570 | } | ||
| 571 | |||
| 572 | USERNOTICE *USERNOTICE_new(void) | ||
| 573 | { | ||
| 574 | USERNOTICE *ret=NULL; | ||
| 575 | ASN1_CTX c; | ||
| 576 | M_ASN1_New_Malloc(ret, USERNOTICE); | ||
| 577 | ret->noticeref = NULL; | ||
| 578 | ret->exptext = NULL; | ||
| 579 | return (ret); | ||
| 580 | M_ASN1_New_Error(ASN1_F_USERNOTICE_NEW); | ||
| 581 | } | ||
| 582 | |||
| 583 | USERNOTICE *d2i_USERNOTICE(USERNOTICE **a, unsigned char **pp,long length) | ||
| 584 | { | ||
| 585 | M_ASN1_D2I_vars(a,USERNOTICE *,USERNOTICE_new); | ||
| 586 | M_ASN1_D2I_Init(); | ||
| 587 | M_ASN1_D2I_start_sequence(); | ||
| 588 | M_ASN1_D2I_get_opt(ret->noticeref, d2i_NOTICEREF, V_ASN1_SEQUENCE); | ||
| 589 | if (!M_ASN1_D2I_end_sequence()) { | ||
| 590 | M_ASN1_D2I_get(ret->exptext, d2i_DISPLAYTEXT); | ||
| 591 | } | ||
| 592 | M_ASN1_D2I_Finish(a, USERNOTICE_free, ASN1_F_D2I_USERNOTICE); | ||
| 593 | } | ||
| 594 | |||
| 595 | void USERNOTICE_free(USERNOTICE *a) | ||
| 596 | { | ||
| 597 | if (a == NULL) return; | ||
| 598 | NOTICEREF_free(a->noticeref); | ||
| 599 | DISPLAYTEXT_free(a->exptext); | ||
| 600 | Free (a); | ||
| 601 | } | ||
| 602 | |||
| 603 | int i2d_NOTICEREF(NOTICEREF *a, unsigned char **pp) | ||
| 604 | { | ||
| 605 | M_ASN1_I2D_vars(a); | ||
| 606 | |||
| 607 | M_ASN1_I2D_len (a->organization, i2d_DISPLAYTEXT); | ||
| 608 | M_ASN1_I2D_len_SEQUENCE(a->noticenos, i2d_ASN1_INTEGER); | ||
| 609 | |||
| 610 | M_ASN1_I2D_seq_total(); | ||
| 611 | |||
| 612 | M_ASN1_I2D_put (a->organization, i2d_DISPLAYTEXT); | ||
| 613 | M_ASN1_I2D_put_SEQUENCE(a->noticenos, i2d_ASN1_INTEGER); | ||
| 614 | |||
| 615 | M_ASN1_I2D_finish(); | ||
| 616 | } | ||
| 617 | |||
| 618 | NOTICEREF *NOTICEREF_new(void) | ||
| 619 | { | ||
| 620 | NOTICEREF *ret=NULL; | ||
| 621 | ASN1_CTX c; | ||
| 622 | M_ASN1_New_Malloc(ret, NOTICEREF); | ||
| 623 | ret->organization = NULL; | ||
| 624 | ret->noticenos = NULL; | ||
| 625 | return (ret); | ||
| 626 | M_ASN1_New_Error(ASN1_F_NOTICEREF_NEW); | ||
| 627 | } | ||
| 628 | |||
| 629 | NOTICEREF *d2i_NOTICEREF(NOTICEREF **a, unsigned char **pp,long length) | ||
| 630 | { | ||
| 631 | M_ASN1_D2I_vars(a,NOTICEREF *,NOTICEREF_new); | ||
| 632 | M_ASN1_D2I_Init(); | ||
| 633 | M_ASN1_D2I_start_sequence(); | ||
| 634 | /* This is to cope with some broken encodings that use IA5STRING for | ||
| 635 | * the organization field | ||
| 636 | */ | ||
| 637 | M_ASN1_D2I_get_opt(ret->organization, d2i_ASN1_IA5STRING, | ||
| 638 | V_ASN1_IA5STRING); | ||
| 639 | if(!ret->organization) { | ||
| 640 | M_ASN1_D2I_get(ret->organization, d2i_DISPLAYTEXT); | ||
| 641 | } | ||
| 642 | M_ASN1_D2I_get_seq(ret->noticenos, d2i_ASN1_INTEGER, ASN1_STRING_free); | ||
| 643 | M_ASN1_D2I_Finish(a, NOTICEREF_free, ASN1_F_D2I_NOTICEREF); | ||
| 644 | } | ||
| 645 | |||
| 646 | void NOTICEREF_free(NOTICEREF *a) | ||
| 647 | { | ||
| 648 | if (a == NULL) return; | ||
| 649 | DISPLAYTEXT_free(a->organization); | ||
| 650 | sk_pop_free(a->noticenos, ASN1_STRING_free); | ||
| 651 | Free (a); | ||
| 652 | } | ||
| 653 | |||
| 654 | IMPLEMENT_STACK_OF(POLICYQUALINFO) | ||
| 655 | IMPLEMENT_ASN1_SET_OF(POLICYQUALINFO) | ||
diff --git a/src/lib/libcrypto/x509v3/v3_crld.c b/src/lib/libcrypto/x509v3/v3_crld.c deleted file mode 100644 index 897ffb63e4..0000000000 --- a/src/lib/libcrypto/x509v3/v3_crld.c +++ /dev/null | |||
| @@ -1,283 +0,0 @@ | |||
| 1 | /* v3_crld.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | ||
| 3 | * project 1999. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include "cryptlib.h" | ||
| 61 | #include <openssl/conf.h> | ||
| 62 | #include <openssl/asn1.h> | ||
| 63 | #include <openssl/asn1_mac.h> | ||
| 64 | #include <openssl/x509v3.h> | ||
| 65 | |||
| 66 | static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method, | ||
| 67 | STACK_OF(DIST_POINT) *crld, STACK_OF(CONF_VALUE) *extlist); | ||
| 68 | static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method, | ||
| 69 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); | ||
| 70 | |||
| 71 | X509V3_EXT_METHOD v3_crld = { | ||
| 72 | NID_crl_distribution_points, X509V3_EXT_MULTILINE, | ||
| 73 | (X509V3_EXT_NEW)CRL_DIST_POINTS_new, | ||
| 74 | (X509V3_EXT_FREE)CRL_DIST_POINTS_free, | ||
| 75 | (X509V3_EXT_D2I)d2i_CRL_DIST_POINTS, | ||
| 76 | (X509V3_EXT_I2D)i2d_CRL_DIST_POINTS, | ||
| 77 | NULL, NULL, | ||
| 78 | (X509V3_EXT_I2V)i2v_crld, | ||
| 79 | (X509V3_EXT_V2I)v2i_crld, | ||
| 80 | NULL, NULL, NULL | ||
| 81 | }; | ||
| 82 | |||
| 83 | static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method, | ||
| 84 | STACK_OF(DIST_POINT) *crld, STACK_OF(CONF_VALUE) *exts) | ||
| 85 | { | ||
| 86 | DIST_POINT *point; | ||
| 87 | int i; | ||
| 88 | for(i = 0; i < sk_DIST_POINT_num(crld); i++) { | ||
| 89 | point = sk_DIST_POINT_value(crld, i); | ||
| 90 | if(point->distpoint->fullname) { | ||
| 91 | exts = i2v_GENERAL_NAMES(NULL, | ||
| 92 | point->distpoint->fullname, exts); | ||
| 93 | } | ||
| 94 | if(point->reasons) | ||
| 95 | X509V3_add_value("reasons","<UNSUPPORTED>", &exts); | ||
| 96 | if(point->CRLissuer) | ||
| 97 | X509V3_add_value("CRLissuer","<UNSUPPORTED>", &exts); | ||
| 98 | if(point->distpoint->relativename) | ||
| 99 | X509V3_add_value("RelativeName","<UNSUPPORTED>", &exts); | ||
| 100 | } | ||
| 101 | return exts; | ||
| 102 | } | ||
| 103 | |||
| 104 | static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method, | ||
| 105 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) | ||
| 106 | { | ||
| 107 | STACK_OF(DIST_POINT) *crld = NULL; | ||
| 108 | STACK_OF(GENERAL_NAME) *gens = NULL; | ||
| 109 | GENERAL_NAME *gen = NULL; | ||
| 110 | CONF_VALUE *cnf; | ||
| 111 | int i; | ||
| 112 | if(!(crld = sk_DIST_POINT_new(NULL))) goto merr; | ||
| 113 | for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { | ||
| 114 | DIST_POINT *point; | ||
| 115 | cnf = sk_CONF_VALUE_value(nval, i); | ||
| 116 | if(!(gen = v2i_GENERAL_NAME(method, ctx, cnf))) goto err; | ||
| 117 | if(!(gens = GENERAL_NAMES_new())) goto merr; | ||
| 118 | if(!sk_GENERAL_NAME_push(gens, gen)) goto merr; | ||
| 119 | gen = NULL; | ||
| 120 | if(!(point = DIST_POINT_new())) goto merr; | ||
| 121 | if(!sk_DIST_POINT_push(crld, point)) { | ||
| 122 | DIST_POINT_free(point); | ||
| 123 | goto merr; | ||
| 124 | } | ||
| 125 | if(!(point->distpoint = DIST_POINT_NAME_new())) goto merr; | ||
| 126 | point->distpoint->fullname = gens; | ||
| 127 | gens = NULL; | ||
| 128 | } | ||
| 129 | return crld; | ||
| 130 | |||
| 131 | merr: | ||
| 132 | X509V3err(X509V3_F_V2I_CRLD,ERR_R_MALLOC_FAILURE); | ||
| 133 | err: | ||
| 134 | GENERAL_NAME_free(gen); | ||
| 135 | GENERAL_NAMES_free(gens); | ||
| 136 | sk_DIST_POINT_pop_free(crld, DIST_POINT_free); | ||
| 137 | return NULL; | ||
| 138 | } | ||
| 139 | |||
| 140 | int i2d_CRL_DIST_POINTS(STACK_OF(DIST_POINT) *a, unsigned char **pp) | ||
| 141 | { | ||
| 142 | |||
| 143 | return i2d_ASN1_SET_OF_DIST_POINT(a, pp, i2d_DIST_POINT, V_ASN1_SEQUENCE, | ||
| 144 | V_ASN1_UNIVERSAL, IS_SEQUENCE);} | ||
| 145 | |||
| 146 | STACK_OF(DIST_POINT) *CRL_DIST_POINTS_new(void) | ||
| 147 | { | ||
| 148 | return sk_DIST_POINT_new_null(); | ||
| 149 | } | ||
| 150 | |||
| 151 | void CRL_DIST_POINTS_free(STACK_OF(DIST_POINT) *a) | ||
| 152 | { | ||
| 153 | sk_DIST_POINT_pop_free(a, DIST_POINT_free); | ||
| 154 | } | ||
| 155 | |||
| 156 | STACK_OF(DIST_POINT) *d2i_CRL_DIST_POINTS(STACK_OF(DIST_POINT) **a, | ||
| 157 | unsigned char **pp,long length) | ||
| 158 | { | ||
| 159 | return d2i_ASN1_SET_OF_DIST_POINT(a, pp, length, d2i_DIST_POINT, | ||
| 160 | DIST_POINT_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); | ||
| 161 | |||
| 162 | } | ||
| 163 | |||
| 164 | IMPLEMENT_STACK_OF(DIST_POINT) | ||
| 165 | IMPLEMENT_ASN1_SET_OF(DIST_POINT) | ||
| 166 | |||
| 167 | int i2d_DIST_POINT(DIST_POINT *a, unsigned char **pp) | ||
| 168 | { | ||
| 169 | int v = 0; | ||
| 170 | M_ASN1_I2D_vars(a); | ||
| 171 | /* NB: underlying type is a CHOICE so need EXPLICIT tagging */ | ||
| 172 | M_ASN1_I2D_len_EXP_opt (a->distpoint, i2d_DIST_POINT_NAME, 0, v); | ||
| 173 | M_ASN1_I2D_len_IMP_opt (a->reasons, i2d_ASN1_BIT_STRING); | ||
| 174 | M_ASN1_I2D_len_IMP_opt (a->CRLissuer, i2d_GENERAL_NAMES); | ||
| 175 | |||
| 176 | M_ASN1_I2D_seq_total(); | ||
| 177 | |||
| 178 | M_ASN1_I2D_put_EXP_opt (a->distpoint, i2d_DIST_POINT_NAME, 0, v); | ||
| 179 | M_ASN1_I2D_put_IMP_opt (a->reasons, i2d_ASN1_BIT_STRING, 1); | ||
| 180 | M_ASN1_I2D_put_IMP_opt (a->CRLissuer, i2d_GENERAL_NAMES, 2); | ||
| 181 | |||
| 182 | M_ASN1_I2D_finish(); | ||
| 183 | } | ||
| 184 | |||
| 185 | DIST_POINT *DIST_POINT_new(void) | ||
| 186 | { | ||
| 187 | DIST_POINT *ret=NULL; | ||
| 188 | ASN1_CTX c; | ||
| 189 | M_ASN1_New_Malloc(ret, DIST_POINT); | ||
| 190 | ret->distpoint = NULL; | ||
| 191 | ret->reasons = NULL; | ||
| 192 | ret->CRLissuer = NULL; | ||
| 193 | return (ret); | ||
| 194 | M_ASN1_New_Error(ASN1_F_DIST_POINT_NEW); | ||
| 195 | } | ||
| 196 | |||
| 197 | DIST_POINT *d2i_DIST_POINT(DIST_POINT **a, unsigned char **pp, long length) | ||
| 198 | { | ||
| 199 | M_ASN1_D2I_vars(a,DIST_POINT *,DIST_POINT_new); | ||
| 200 | M_ASN1_D2I_Init(); | ||
| 201 | M_ASN1_D2I_start_sequence(); | ||
| 202 | M_ASN1_D2I_get_EXP_opt (ret->distpoint, d2i_DIST_POINT_NAME, 0); | ||
| 203 | M_ASN1_D2I_get_IMP_opt (ret->reasons, d2i_ASN1_BIT_STRING, 1, | ||
| 204 | V_ASN1_BIT_STRING); | ||
| 205 | M_ASN1_D2I_get_IMP_opt (ret->CRLissuer, d2i_GENERAL_NAMES, 2, | ||
| 206 | V_ASN1_SEQUENCE); | ||
| 207 | M_ASN1_D2I_Finish(a, DIST_POINT_free, ASN1_F_D2I_DIST_POINT); | ||
| 208 | } | ||
| 209 | |||
| 210 | void DIST_POINT_free(DIST_POINT *a) | ||
| 211 | { | ||
| 212 | if (a == NULL) return; | ||
| 213 | DIST_POINT_NAME_free(a->distpoint); | ||
| 214 | ASN1_BIT_STRING_free(a->reasons); | ||
| 215 | sk_GENERAL_NAME_pop_free(a->CRLissuer, GENERAL_NAME_free); | ||
| 216 | Free ((char *)a); | ||
| 217 | } | ||
| 218 | |||
| 219 | int i2d_DIST_POINT_NAME(DIST_POINT_NAME *a, unsigned char **pp) | ||
| 220 | { | ||
| 221 | int v = 0; | ||
| 222 | M_ASN1_I2D_vars(a); | ||
| 223 | |||
| 224 | if(a->fullname) { | ||
| 225 | M_ASN1_I2D_len_IMP_opt (a->fullname, i2d_GENERAL_NAMES); | ||
| 226 | } else { | ||
| 227 | M_ASN1_I2D_len_EXP_opt (a->relativename, i2d_X509_NAME, 1, v); | ||
| 228 | } | ||
| 229 | |||
| 230 | /* Don't want a SEQUENCE so... */ | ||
| 231 | if(pp == NULL) return ret; | ||
| 232 | p = *pp; | ||
| 233 | |||
| 234 | if(a->fullname) { | ||
| 235 | M_ASN1_I2D_put_IMP_opt (a->fullname, i2d_GENERAL_NAMES, 0); | ||
| 236 | } else { | ||
| 237 | M_ASN1_I2D_put_EXP_opt (a->relativename, i2d_X509_NAME, 1, v); | ||
| 238 | } | ||
| 239 | M_ASN1_I2D_finish(); | ||
| 240 | } | ||
| 241 | |||
| 242 | DIST_POINT_NAME *DIST_POINT_NAME_new(void) | ||
| 243 | { | ||
| 244 | DIST_POINT_NAME *ret=NULL; | ||
| 245 | ASN1_CTX c; | ||
| 246 | M_ASN1_New_Malloc(ret, DIST_POINT_NAME); | ||
| 247 | ret->fullname = NULL; | ||
| 248 | ret->relativename = NULL; | ||
| 249 | return (ret); | ||
| 250 | M_ASN1_New_Error(ASN1_F_DIST_POINT_NAME_NEW); | ||
| 251 | } | ||
| 252 | |||
| 253 | void DIST_POINT_NAME_free(DIST_POINT_NAME *a) | ||
| 254 | { | ||
| 255 | if (a == NULL) return; | ||
| 256 | X509_NAME_free(a->relativename); | ||
| 257 | sk_GENERAL_NAME_pop_free(a->fullname, GENERAL_NAME_free); | ||
| 258 | Free ((char *)a); | ||
| 259 | } | ||
| 260 | |||
| 261 | DIST_POINT_NAME *d2i_DIST_POINT_NAME(DIST_POINT_NAME **a, unsigned char **pp, | ||
| 262 | long length) | ||
| 263 | { | ||
| 264 | unsigned char _tmp, tag; | ||
| 265 | M_ASN1_D2I_vars(a,DIST_POINT_NAME *,DIST_POINT_NAME_new); | ||
| 266 | M_ASN1_D2I_Init(); | ||
| 267 | c.slen = length; | ||
| 268 | |||
| 269 | _tmp = M_ASN1_next; | ||
| 270 | tag = _tmp & ~V_ASN1_CONSTRUCTED; | ||
| 271 | |||
| 272 | if(tag == (0|V_ASN1_CONTEXT_SPECIFIC)) { | ||
| 273 | M_ASN1_D2I_get_imp(ret->fullname, d2i_GENERAL_NAMES, | ||
| 274 | V_ASN1_SEQUENCE); | ||
| 275 | } else if (tag == (1|V_ASN1_CONTEXT_SPECIFIC)) { | ||
| 276 | M_ASN1_D2I_get_EXP_opt (ret->relativename, d2i_X509_NAME, 1); | ||
| 277 | } else { | ||
| 278 | c.error = ASN1_R_BAD_TAG; | ||
| 279 | goto err; | ||
| 280 | } | ||
| 281 | |||
| 282 | M_ASN1_D2I_Finish(a, DIST_POINT_NAME_free, ASN1_F_D2I_DIST_POINT_NAME); | ||
| 283 | } | ||
diff --git a/src/lib/libcrypto/x509v3/v3_enum.c b/src/lib/libcrypto/x509v3/v3_enum.c deleted file mode 100644 index db423548ff..0000000000 --- a/src/lib/libcrypto/x509v3/v3_enum.c +++ /dev/null | |||
| @@ -1,103 +0,0 @@ | |||
| 1 | /* v3_enum.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | ||
| 3 | * project 1999. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include "cryptlib.h" | ||
| 61 | #include <openssl/x509v3.h> | ||
| 62 | |||
| 63 | static ASN1_ENUMERATED *asn1_enumerated_new(void); | ||
| 64 | |||
| 65 | static ENUMERATED_NAMES crl_reasons[] = { | ||
| 66 | {0, "Unspecified", "unspecified"}, | ||
| 67 | {1, "Key Compromise", "keyCompromise"}, | ||
| 68 | {2, "CA Compromise", "CACompromise"}, | ||
| 69 | {3, "Affiliation Changed", "affiliationChanged"}, | ||
| 70 | {4, "Superseded", "superseded"}, | ||
| 71 | {5, "Cessation Of Operation", "cessationOfOperation"}, | ||
| 72 | {6, "Certificate Hold", "certificateHold"}, | ||
| 73 | {8, "Remove From CRL", "removeFromCRL"}, | ||
| 74 | {-1, NULL, NULL} | ||
| 75 | }; | ||
| 76 | |||
| 77 | X509V3_EXT_METHOD v3_crl_reason = { | ||
| 78 | NID_crl_reason, 0, | ||
| 79 | (X509V3_EXT_NEW)asn1_enumerated_new, | ||
| 80 | (X509V3_EXT_FREE)ASN1_STRING_free, | ||
| 81 | (X509V3_EXT_D2I)d2i_ASN1_ENUMERATED, | ||
| 82 | (X509V3_EXT_I2D)i2d_ASN1_ENUMERATED, | ||
| 83 | (X509V3_EXT_I2S)i2s_ASN1_ENUMERATED_TABLE, | ||
| 84 | (X509V3_EXT_S2I)NULL, | ||
| 85 | NULL, NULL, NULL, NULL, crl_reasons}; | ||
| 86 | |||
| 87 | |||
| 88 | static ASN1_ENUMERATED *asn1_enumerated_new(void) | ||
| 89 | { | ||
| 90 | return ASN1_ENUMERATED_new(); | ||
| 91 | } | ||
| 92 | |||
| 93 | char *i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *method, | ||
| 94 | ASN1_ENUMERATED *e) | ||
| 95 | { | ||
| 96 | ENUMERATED_NAMES *enam; | ||
| 97 | long strval; | ||
| 98 | strval = ASN1_ENUMERATED_get(e); | ||
| 99 | for(enam = method->usr_data; enam->lname; enam++) { | ||
| 100 | if(strval == enam->bitnum) return BUF_strdup(enam->lname); | ||
| 101 | } | ||
| 102 | return i2s_ASN1_ENUMERATED(method, e); | ||
| 103 | } | ||
diff --git a/src/lib/libcrypto/x509v3/v3_extku.c b/src/lib/libcrypto/x509v3/v3_extku.c deleted file mode 100644 index e039d21cbf..0000000000 --- a/src/lib/libcrypto/x509v3/v3_extku.c +++ /dev/null | |||
| @@ -1,150 +0,0 @@ | |||
| 1 | /* v3_extku.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | ||
| 3 | * project 1999. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | |||
| 60 | #include <stdio.h> | ||
| 61 | #include "cryptlib.h" | ||
| 62 | #include <openssl/asn1.h> | ||
| 63 | #include <openssl/conf.h> | ||
| 64 | #include <openssl/x509v3.h> | ||
| 65 | |||
| 66 | static STACK_OF(ASN1_OBJECT) *v2i_ext_ku(X509V3_EXT_METHOD *method, | ||
| 67 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); | ||
| 68 | static STACK_OF(CONF_VALUE) *i2v_ext_ku(X509V3_EXT_METHOD *method, | ||
| 69 | STACK_OF(ASN1_OBJECT) *eku, STACK_OF(CONF_VALUE) *extlist); | ||
| 70 | X509V3_EXT_METHOD v3_ext_ku = { | ||
| 71 | NID_ext_key_usage, 0, | ||
| 72 | (X509V3_EXT_NEW)ext_ku_new, | ||
| 73 | (X509V3_EXT_FREE)ext_ku_free, | ||
| 74 | (X509V3_EXT_D2I)d2i_ext_ku, | ||
| 75 | (X509V3_EXT_I2D)i2d_ext_ku, | ||
| 76 | NULL, NULL, | ||
| 77 | (X509V3_EXT_I2V)i2v_ext_ku, | ||
| 78 | (X509V3_EXT_V2I)v2i_ext_ku, | ||
| 79 | NULL,NULL, | ||
| 80 | NULL | ||
| 81 | }; | ||
| 82 | |||
| 83 | STACK_OF(ASN1_OBJECT) *ext_ku_new(void) | ||
| 84 | { | ||
| 85 | return sk_ASN1_OBJECT_new_null(); | ||
| 86 | } | ||
| 87 | |||
| 88 | void ext_ku_free(STACK_OF(ASN1_OBJECT) *eku) | ||
| 89 | { | ||
| 90 | sk_ASN1_OBJECT_pop_free(eku, ASN1_OBJECT_free); | ||
| 91 | return; | ||
| 92 | } | ||
| 93 | |||
| 94 | int i2d_ext_ku(STACK_OF(ASN1_OBJECT) *a, unsigned char **pp) | ||
| 95 | { | ||
| 96 | return i2d_ASN1_SET_OF_ASN1_OBJECT(a, pp, i2d_ASN1_OBJECT, | ||
| 97 | V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE); | ||
| 98 | } | ||
| 99 | |||
| 100 | STACK_OF(ASN1_OBJECT) *d2i_ext_ku(STACK_OF(ASN1_OBJECT) **a, | ||
| 101 | unsigned char **pp, long length) | ||
| 102 | { | ||
| 103 | return d2i_ASN1_SET_OF_ASN1_OBJECT(a, pp, length, d2i_ASN1_OBJECT, | ||
| 104 | ASN1_OBJECT_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); | ||
| 105 | } | ||
| 106 | |||
| 107 | |||
| 108 | |||
| 109 | static STACK_OF(CONF_VALUE) *i2v_ext_ku(X509V3_EXT_METHOD *method, | ||
| 110 | STACK_OF(ASN1_OBJECT) *eku, STACK_OF(CONF_VALUE) *ext_list) | ||
| 111 | { | ||
| 112 | int i; | ||
| 113 | ASN1_OBJECT *obj; | ||
| 114 | char obj_tmp[80]; | ||
| 115 | for(i = 0; i < sk_ASN1_OBJECT_num(eku); i++) { | ||
| 116 | obj = sk_ASN1_OBJECT_value(eku, i); | ||
| 117 | i2t_ASN1_OBJECT(obj_tmp, 80, obj); | ||
| 118 | X509V3_add_value(NULL, obj_tmp, &ext_list); | ||
| 119 | } | ||
| 120 | return ext_list; | ||
| 121 | } | ||
| 122 | |||
| 123 | static STACK_OF(ASN1_OBJECT) *v2i_ext_ku(X509V3_EXT_METHOD *method, | ||
| 124 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) | ||
| 125 | { | ||
| 126 | STACK_OF(ASN1_OBJECT) *extku; | ||
| 127 | char *extval; | ||
| 128 | ASN1_OBJECT *objtmp; | ||
| 129 | CONF_VALUE *val; | ||
| 130 | int i; | ||
| 131 | |||
| 132 | if(!(extku = sk_ASN1_OBJECT_new(NULL))) { | ||
| 133 | X509V3err(X509V3_F_V2I_EXT_KU,ERR_R_MALLOC_FAILURE); | ||
| 134 | return NULL; | ||
| 135 | } | ||
| 136 | |||
| 137 | for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { | ||
| 138 | val = sk_CONF_VALUE_value(nval, i); | ||
| 139 | if(val->value) extval = val->value; | ||
| 140 | else extval = val->name; | ||
| 141 | if(!(objtmp = OBJ_txt2obj(extval, 0))) { | ||
| 142 | sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free); | ||
| 143 | X509V3err(X509V3_F_V2I_EXT_KU,X509V3_R_INVALID_OBJECT_IDENTIFIER); | ||
| 144 | X509V3_conf_err(val); | ||
| 145 | return NULL; | ||
| 146 | } | ||
| 147 | sk_ASN1_OBJECT_push(extku, objtmp); | ||
| 148 | } | ||
| 149 | return extku; | ||
| 150 | } | ||
diff --git a/src/lib/libcrypto/x509v3/v3_genn.c b/src/lib/libcrypto/x509v3/v3_genn.c deleted file mode 100644 index af716232f8..0000000000 --- a/src/lib/libcrypto/x509v3/v3_genn.c +++ /dev/null | |||
| @@ -1,237 +0,0 @@ | |||
| 1 | /* v3_genn.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | ||
| 3 | * project 1999. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | |||
| 60 | #include <stdio.h> | ||
| 61 | #include "cryptlib.h" | ||
| 62 | #include <openssl/asn1.h> | ||
| 63 | #include <openssl/asn1_mac.h> | ||
| 64 | #include <openssl/conf.h> | ||
| 65 | #include <openssl/x509v3.h> | ||
| 66 | |||
| 67 | int i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **pp) | ||
| 68 | { | ||
| 69 | unsigned char *p; | ||
| 70 | int ret; | ||
| 71 | |||
| 72 | ret = 0; | ||
| 73 | |||
| 74 | /* Save the location of initial TAG */ | ||
| 75 | if(pp) p = *pp; | ||
| 76 | else p = NULL; | ||
| 77 | |||
| 78 | /* GEN_DNAME needs special treatment because of EXPLICIT tag */ | ||
| 79 | |||
| 80 | if(a->type == GEN_DIRNAME) { | ||
| 81 | int v = 0; | ||
| 82 | M_ASN1_I2D_len_EXP_opt(a->d.dirn, i2d_X509_NAME, 4, v); | ||
| 83 | if(!p) return ret; | ||
| 84 | M_ASN1_I2D_put_EXP_opt(a->d.dirn, i2d_X509_NAME, 4, v); | ||
| 85 | *pp = p; | ||
| 86 | return ret; | ||
| 87 | } | ||
| 88 | |||
| 89 | switch(a->type) { | ||
| 90 | |||
| 91 | case GEN_OTHERNAME: | ||
| 92 | case GEN_X400: | ||
| 93 | case GEN_EDIPARTY: | ||
| 94 | ret = i2d_ASN1_TYPE(a->d.other, pp); | ||
| 95 | break; | ||
| 96 | |||
| 97 | case GEN_EMAIL: | ||
| 98 | case GEN_DNS: | ||
| 99 | case GEN_URI: | ||
| 100 | ret = i2d_ASN1_IA5STRING(a->d.ia5, pp); | ||
| 101 | break; | ||
| 102 | |||
| 103 | case GEN_IPADD: | ||
| 104 | ret = i2d_ASN1_OCTET_STRING(a->d.ip, pp); | ||
| 105 | break; | ||
| 106 | |||
| 107 | case GEN_RID: | ||
| 108 | ret = i2d_ASN1_OBJECT(a->d.rid, pp); | ||
| 109 | break; | ||
| 110 | } | ||
| 111 | /* Replace TAG with IMPLICIT value */ | ||
| 112 | if(p) *p = (*p & V_ASN1_CONSTRUCTED) | a->type; | ||
| 113 | return ret; | ||
| 114 | } | ||
| 115 | |||
| 116 | GENERAL_NAME *GENERAL_NAME_new() | ||
| 117 | { | ||
| 118 | GENERAL_NAME *ret=NULL; | ||
| 119 | ASN1_CTX c; | ||
| 120 | M_ASN1_New_Malloc(ret, GENERAL_NAME); | ||
| 121 | ret->type = -1; | ||
| 122 | ret->d.ptr = NULL; | ||
| 123 | return (ret); | ||
| 124 | M_ASN1_New_Error(ASN1_F_GENERAL_NAME_NEW); | ||
| 125 | } | ||
| 126 | |||
| 127 | GENERAL_NAME *d2i_GENERAL_NAME(GENERAL_NAME **a, unsigned char **pp, | ||
| 128 | long length) | ||
| 129 | { | ||
| 130 | unsigned char _tmp; | ||
| 131 | M_ASN1_D2I_vars(a,GENERAL_NAME *,GENERAL_NAME_new); | ||
| 132 | M_ASN1_D2I_Init(); | ||
| 133 | c.slen = length; | ||
| 134 | |||
| 135 | _tmp = M_ASN1_next; | ||
| 136 | ret->type = _tmp & ~V_ASN1_CONSTRUCTED; | ||
| 137 | |||
| 138 | switch(ret->type) { | ||
| 139 | /* Just put these in a "blob" for now */ | ||
| 140 | case GEN_OTHERNAME: | ||
| 141 | case GEN_X400: | ||
| 142 | case GEN_EDIPARTY: | ||
| 143 | M_ASN1_D2I_get_imp(ret->d.other, d2i_ASN1_TYPE,V_ASN1_SEQUENCE); | ||
| 144 | break; | ||
| 145 | |||
| 146 | case GEN_EMAIL: | ||
| 147 | case GEN_DNS: | ||
| 148 | case GEN_URI: | ||
| 149 | M_ASN1_D2I_get_imp(ret->d.ia5, d2i_ASN1_IA5STRING, | ||
| 150 | V_ASN1_IA5STRING); | ||
| 151 | break; | ||
| 152 | |||
| 153 | case GEN_DIRNAME: | ||
| 154 | M_ASN1_D2I_get_EXP_opt(ret->d.dirn, d2i_X509_NAME, 4); | ||
| 155 | break; | ||
| 156 | |||
| 157 | case GEN_IPADD: | ||
| 158 | M_ASN1_D2I_get_imp(ret->d.ip, d2i_ASN1_OCTET_STRING, | ||
| 159 | V_ASN1_OCTET_STRING); | ||
| 160 | break; | ||
| 161 | |||
| 162 | case GEN_RID: | ||
| 163 | M_ASN1_D2I_get_imp(ret->d.rid, d2i_ASN1_OBJECT,V_ASN1_OBJECT); | ||
| 164 | break; | ||
| 165 | |||
| 166 | default: | ||
| 167 | c.error = ASN1_R_BAD_TAG; | ||
| 168 | goto err; | ||
| 169 | } | ||
| 170 | |||
| 171 | c.slen = 0; | ||
| 172 | M_ASN1_D2I_Finish(a, GENERAL_NAME_free, ASN1_F_D2I_GENERAL_NAME); | ||
| 173 | } | ||
| 174 | |||
| 175 | void GENERAL_NAME_free(GENERAL_NAME *a) | ||
| 176 | { | ||
| 177 | if (a == NULL) return; | ||
| 178 | switch(a->type) { | ||
| 179 | case GEN_OTHERNAME: | ||
| 180 | case GEN_X400: | ||
| 181 | case GEN_EDIPARTY: | ||
| 182 | ASN1_TYPE_free(a->d.other); | ||
| 183 | break; | ||
| 184 | |||
| 185 | case GEN_EMAIL: | ||
| 186 | case GEN_DNS: | ||
| 187 | case GEN_URI: | ||
| 188 | |||
| 189 | ASN1_IA5STRING_free(a->d.ia5); | ||
| 190 | break; | ||
| 191 | |||
| 192 | case GEN_DIRNAME: | ||
| 193 | X509_NAME_free(a->d.dirn); | ||
| 194 | break; | ||
| 195 | |||
| 196 | case GEN_IPADD: | ||
| 197 | ASN1_OCTET_STRING_free(a->d.ip); | ||
| 198 | break; | ||
| 199 | |||
| 200 | case GEN_RID: | ||
| 201 | ASN1_OBJECT_free(a->d.rid); | ||
| 202 | break; | ||
| 203 | |||
| 204 | } | ||
| 205 | Free ((char *)a); | ||
| 206 | } | ||
| 207 | |||
| 208 | /* Now the GeneralNames versions: a SEQUENCE OF GeneralName These are needed as | ||
| 209 | * an explicit functions. | ||
| 210 | */ | ||
| 211 | |||
| 212 | STACK_OF(GENERAL_NAME) *GENERAL_NAMES_new() | ||
| 213 | { | ||
| 214 | return sk_GENERAL_NAME_new(NULL); | ||
| 215 | } | ||
| 216 | |||
| 217 | void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *a) | ||
| 218 | { | ||
| 219 | sk_GENERAL_NAME_pop_free(a, GENERAL_NAME_free); | ||
| 220 | } | ||
| 221 | |||
| 222 | STACK_OF(GENERAL_NAME) *d2i_GENERAL_NAMES(STACK_OF(GENERAL_NAME) **a, | ||
| 223 | unsigned char **pp, long length) | ||
| 224 | { | ||
| 225 | return d2i_ASN1_SET_OF_GENERAL_NAME(a, pp, length, d2i_GENERAL_NAME, | ||
| 226 | GENERAL_NAME_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); | ||
| 227 | } | ||
| 228 | |||
| 229 | int i2d_GENERAL_NAMES(STACK_OF(GENERAL_NAME) *a, unsigned char **pp) | ||
| 230 | { | ||
| 231 | return i2d_ASN1_SET_OF_GENERAL_NAME(a, pp, i2d_GENERAL_NAME, V_ASN1_SEQUENCE, | ||
| 232 | V_ASN1_UNIVERSAL, IS_SEQUENCE); | ||
| 233 | } | ||
| 234 | |||
| 235 | IMPLEMENT_STACK_OF(GENERAL_NAME) | ||
| 236 | IMPLEMENT_ASN1_SET_OF(GENERAL_NAME) | ||
| 237 | |||
diff --git a/src/lib/libcrypto/x509v3/v3_ia5.c b/src/lib/libcrypto/x509v3/v3_ia5.c deleted file mode 100644 index 3446c5cd6a..0000000000 --- a/src/lib/libcrypto/x509v3/v3_ia5.c +++ /dev/null | |||
| @@ -1,116 +0,0 @@ | |||
| 1 | /* v3_ia5.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | ||
| 3 | * project 1999. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | |||
| 60 | #include <stdio.h> | ||
| 61 | #include "cryptlib.h" | ||
| 62 | #include <openssl/asn1.h> | ||
| 63 | #include <openssl/conf.h> | ||
| 64 | #include <openssl/x509v3.h> | ||
| 65 | |||
| 66 | static ASN1_IA5STRING *ia5string_new(void); | ||
| 67 | static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, ASN1_IA5STRING *ia5); | ||
| 68 | static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); | ||
| 69 | X509V3_EXT_METHOD v3_ns_ia5_list[] = { | ||
| 70 | EXT_IA5STRING(NID_netscape_base_url), | ||
| 71 | EXT_IA5STRING(NID_netscape_revocation_url), | ||
| 72 | EXT_IA5STRING(NID_netscape_ca_revocation_url), | ||
| 73 | EXT_IA5STRING(NID_netscape_renewal_url), | ||
| 74 | EXT_IA5STRING(NID_netscape_ca_policy_url), | ||
| 75 | EXT_IA5STRING(NID_netscape_ssl_server_name), | ||
| 76 | EXT_IA5STRING(NID_netscape_comment), | ||
| 77 | EXT_END | ||
| 78 | }; | ||
| 79 | |||
| 80 | |||
| 81 | static ASN1_IA5STRING *ia5string_new(void) | ||
| 82 | { | ||
| 83 | return ASN1_IA5STRING_new(); | ||
| 84 | } | ||
| 85 | |||
| 86 | static char *i2s_ASN1_IA5STRING(X509V3_EXT_METHOD *method, | ||
| 87 | ASN1_IA5STRING *ia5) | ||
| 88 | { | ||
| 89 | char *tmp; | ||
| 90 | if(!ia5 || !ia5->length) return NULL; | ||
| 91 | tmp = Malloc(ia5->length + 1); | ||
| 92 | memcpy(tmp, ia5->data, ia5->length); | ||
| 93 | tmp[ia5->length] = 0; | ||
| 94 | return tmp; | ||
| 95 | } | ||
| 96 | |||
| 97 | static ASN1_IA5STRING *s2i_ASN1_IA5STRING(X509V3_EXT_METHOD *method, | ||
| 98 | X509V3_CTX *ctx, char *str) | ||
| 99 | { | ||
| 100 | ASN1_IA5STRING *ia5; | ||
| 101 | if(!str) { | ||
| 102 | X509V3err(X509V3_F_S2I_ASN1_IA5STRING,X509V3_R_INVALID_NULL_ARGUMENT); | ||
| 103 | return NULL; | ||
| 104 | } | ||
| 105 | if(!(ia5 = ASN1_IA5STRING_new())) goto err; | ||
| 106 | if(!ASN1_STRING_set((ASN1_STRING *)ia5, (unsigned char*)str, | ||
| 107 | strlen(str))) { | ||
| 108 | ASN1_IA5STRING_free(ia5); | ||
| 109 | goto err; | ||
| 110 | } | ||
| 111 | return ia5; | ||
| 112 | err: | ||
| 113 | X509V3err(X509V3_F_S2I_ASN1_IA5STRING,ERR_R_MALLOC_FAILURE); | ||
| 114 | return NULL; | ||
| 115 | } | ||
| 116 | |||
diff --git a/src/lib/libcrypto/x509v3/v3_int.c b/src/lib/libcrypto/x509v3/v3_int.c deleted file mode 100644 index 637dd5e128..0000000000 --- a/src/lib/libcrypto/x509v3/v3_int.c +++ /dev/null | |||
| @@ -1,79 +0,0 @@ | |||
| 1 | /* v3_int.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | ||
| 3 | * project 1999. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include "cryptlib.h" | ||
| 61 | #include <openssl/x509v3.h> | ||
| 62 | |||
| 63 | static ASN1_INTEGER *asn1_integer_new(void); | ||
| 64 | |||
| 65 | X509V3_EXT_METHOD v3_crl_num = { | ||
| 66 | NID_crl_number, 0, | ||
| 67 | (X509V3_EXT_NEW)asn1_integer_new, | ||
| 68 | (X509V3_EXT_FREE)ASN1_STRING_free, | ||
| 69 | (X509V3_EXT_D2I)d2i_ASN1_INTEGER, | ||
| 70 | (X509V3_EXT_I2D)i2d_ASN1_INTEGER, | ||
| 71 | (X509V3_EXT_I2S)i2s_ASN1_INTEGER, | ||
| 72 | (X509V3_EXT_S2I)NULL, | ||
| 73 | NULL, NULL, NULL, NULL, NULL}; | ||
| 74 | |||
| 75 | |||
| 76 | static ASN1_INTEGER *asn1_integer_new(void) | ||
| 77 | { | ||
| 78 | return ASN1_INTEGER_new(); | ||
| 79 | } | ||
diff --git a/src/lib/libcrypto/x509v3/v3_lib.c b/src/lib/libcrypto/x509v3/v3_lib.c deleted file mode 100644 index a0aa5de794..0000000000 --- a/src/lib/libcrypto/x509v3/v3_lib.c +++ /dev/null | |||
| @@ -1,177 +0,0 @@ | |||
| 1 | /* v3_lib.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | ||
| 3 | * project 1999. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | /* X509 v3 extension utilities */ | ||
| 59 | |||
| 60 | #include <stdio.h> | ||
| 61 | #include "cryptlib.h" | ||
| 62 | #include <openssl/conf.h> | ||
| 63 | #include <openssl/x509v3.h> | ||
| 64 | |||
| 65 | static STACK *ext_list = NULL; | ||
| 66 | |||
| 67 | static int ext_cmp(X509V3_EXT_METHOD **a, X509V3_EXT_METHOD **b); | ||
| 68 | static void ext_list_free(X509V3_EXT_METHOD *ext); | ||
| 69 | |||
| 70 | int X509V3_EXT_add(X509V3_EXT_METHOD *ext) | ||
| 71 | { | ||
| 72 | if(!ext_list && !(ext_list = sk_new(ext_cmp))) { | ||
| 73 | X509V3err(X509V3_F_X509V3_EXT_ADD,ERR_R_MALLOC_FAILURE); | ||
| 74 | return 0; | ||
| 75 | } | ||
| 76 | if(!sk_push(ext_list, (char *)ext)) { | ||
| 77 | X509V3err(X509V3_F_X509V3_EXT_ADD,ERR_R_MALLOC_FAILURE); | ||
| 78 | return 0; | ||
| 79 | } | ||
| 80 | return 1; | ||
| 81 | } | ||
| 82 | |||
| 83 | static int ext_cmp(X509V3_EXT_METHOD **a, X509V3_EXT_METHOD **b) | ||
| 84 | { | ||
| 85 | return ((*a)->ext_nid - (*b)->ext_nid); | ||
| 86 | } | ||
| 87 | |||
| 88 | X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid) | ||
| 89 | { | ||
| 90 | X509V3_EXT_METHOD tmp; | ||
| 91 | int idx; | ||
| 92 | tmp.ext_nid = nid; | ||
| 93 | if(!ext_list || (tmp.ext_nid < 0) ) return NULL; | ||
| 94 | idx = sk_find(ext_list, (char *)&tmp); | ||
| 95 | if(idx == -1) return NULL; | ||
| 96 | return (X509V3_EXT_METHOD *)sk_value(ext_list, idx); | ||
| 97 | } | ||
| 98 | |||
| 99 | X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext) | ||
| 100 | { | ||
| 101 | int nid; | ||
| 102 | if((nid = OBJ_obj2nid(ext->object)) == NID_undef) return NULL; | ||
| 103 | return X509V3_EXT_get_nid(nid); | ||
| 104 | } | ||
| 105 | |||
| 106 | |||
| 107 | int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist) | ||
| 108 | { | ||
| 109 | for(;extlist->ext_nid!=-1;extlist++) | ||
| 110 | if(!X509V3_EXT_add(extlist)) return 0; | ||
| 111 | return 1; | ||
| 112 | } | ||
| 113 | |||
| 114 | int X509V3_EXT_add_alias(int nid_to, int nid_from) | ||
| 115 | { | ||
| 116 | X509V3_EXT_METHOD *ext, *tmpext; | ||
| 117 | if(!(ext = X509V3_EXT_get_nid(nid_from))) { | ||
| 118 | X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,X509V3_R_EXTENSION_NOT_FOUND); | ||
| 119 | return 0; | ||
| 120 | } | ||
| 121 | if(!(tmpext = (X509V3_EXT_METHOD *)Malloc(sizeof(X509V3_EXT_METHOD)))) { | ||
| 122 | X509V3err(X509V3_F_X509V3_EXT_ADD_ALIAS,ERR_R_MALLOC_FAILURE); | ||
| 123 | return 0; | ||
| 124 | } | ||
| 125 | *tmpext = *ext; | ||
| 126 | tmpext->ext_nid = nid_to; | ||
| 127 | tmpext->ext_flags |= X509V3_EXT_DYNAMIC; | ||
| 128 | return 1; | ||
| 129 | } | ||
| 130 | |||
| 131 | void X509V3_EXT_cleanup(void) | ||
| 132 | { | ||
| 133 | sk_pop_free(ext_list, ext_list_free); | ||
| 134 | ext_list = NULL; | ||
| 135 | } | ||
| 136 | |||
| 137 | static void ext_list_free(X509V3_EXT_METHOD *ext) | ||
| 138 | { | ||
| 139 | if(ext->ext_flags & X509V3_EXT_DYNAMIC) Free(ext); | ||
| 140 | } | ||
| 141 | |||
| 142 | extern X509V3_EXT_METHOD v3_bcons, v3_nscert, v3_key_usage, v3_ext_ku; | ||
| 143 | extern X509V3_EXT_METHOD v3_pkey_usage_period, v3_sxnet; | ||
| 144 | extern X509V3_EXT_METHOD v3_ns_ia5_list[], v3_alt[], v3_skey_id, v3_akey_id; | ||
| 145 | |||
| 146 | extern X509V3_EXT_METHOD v3_crl_num, v3_crl_reason, v3_cpols, v3_crld; | ||
| 147 | |||
| 148 | int X509V3_add_standard_extensions(void) | ||
| 149 | { | ||
| 150 | X509V3_EXT_add_list(v3_ns_ia5_list); | ||
| 151 | X509V3_EXT_add_list(v3_alt); | ||
| 152 | X509V3_EXT_add(&v3_bcons); | ||
| 153 | X509V3_EXT_add(&v3_nscert); | ||
| 154 | X509V3_EXT_add(&v3_key_usage); | ||
| 155 | X509V3_EXT_add(&v3_ext_ku); | ||
| 156 | X509V3_EXT_add(&v3_skey_id); | ||
| 157 | X509V3_EXT_add(&v3_akey_id); | ||
| 158 | X509V3_EXT_add(&v3_pkey_usage_period); | ||
| 159 | X509V3_EXT_add(&v3_crl_num); | ||
| 160 | X509V3_EXT_add(&v3_sxnet); | ||
| 161 | X509V3_EXT_add(&v3_crl_reason); | ||
| 162 | X509V3_EXT_add(&v3_cpols); | ||
| 163 | X509V3_EXT_add(&v3_crld); | ||
| 164 | return 1; | ||
| 165 | } | ||
| 166 | |||
| 167 | /* Return an extension internal structure */ | ||
| 168 | |||
| 169 | void *X509V3_EXT_d2i(X509_EXTENSION *ext) | ||
| 170 | { | ||
| 171 | X509V3_EXT_METHOD *method; | ||
| 172 | unsigned char *p; | ||
| 173 | if(!(method = X509V3_EXT_get(ext)) || !method->d2i) return NULL; | ||
| 174 | p = ext->value->data; | ||
| 175 | return method->d2i(NULL, &p, ext->value->length); | ||
| 176 | } | ||
| 177 | |||
diff --git a/src/lib/libcrypto/x509v3/v3_pku.c b/src/lib/libcrypto/x509v3/v3_pku.c deleted file mode 100644 index c13e7d8f45..0000000000 --- a/src/lib/libcrypto/x509v3/v3_pku.c +++ /dev/null | |||
| @@ -1,151 +0,0 @@ | |||
| 1 | /* v3_pku.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | ||
| 3 | * project 1999. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include "cryptlib.h" | ||
| 61 | #include <openssl/asn1.h> | ||
| 62 | #include <openssl/asn1_mac.h> | ||
| 63 | #include <openssl/x509v3.h> | ||
| 64 | |||
| 65 | static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *usage, BIO *out, int indent); | ||
| 66 | /* | ||
| 67 | static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values); | ||
| 68 | */ | ||
| 69 | X509V3_EXT_METHOD v3_pkey_usage_period = { | ||
| 70 | NID_private_key_usage_period, 0, | ||
| 71 | (X509V3_EXT_NEW)PKEY_USAGE_PERIOD_new, | ||
| 72 | (X509V3_EXT_FREE)PKEY_USAGE_PERIOD_free, | ||
| 73 | (X509V3_EXT_D2I)d2i_PKEY_USAGE_PERIOD, | ||
| 74 | (X509V3_EXT_I2D)i2d_PKEY_USAGE_PERIOD, | ||
| 75 | NULL, NULL, NULL, NULL, | ||
| 76 | (X509V3_EXT_I2R)i2r_PKEY_USAGE_PERIOD, NULL, | ||
| 77 | NULL | ||
| 78 | }; | ||
| 79 | |||
| 80 | int i2d_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD *a, unsigned char **pp) | ||
| 81 | { | ||
| 82 | M_ASN1_I2D_vars(a); | ||
| 83 | |||
| 84 | M_ASN1_I2D_len_IMP_opt (a->notBefore, i2d_ASN1_GENERALIZEDTIME); | ||
| 85 | M_ASN1_I2D_len_IMP_opt (a->notAfter, i2d_ASN1_GENERALIZEDTIME); | ||
| 86 | |||
| 87 | M_ASN1_I2D_seq_total(); | ||
| 88 | |||
| 89 | M_ASN1_I2D_put_IMP_opt (a->notBefore, i2d_ASN1_GENERALIZEDTIME, 0); | ||
| 90 | M_ASN1_I2D_put_IMP_opt (a->notAfter, i2d_ASN1_GENERALIZEDTIME, 1); | ||
| 91 | |||
| 92 | M_ASN1_I2D_finish(); | ||
| 93 | } | ||
| 94 | |||
| 95 | PKEY_USAGE_PERIOD *PKEY_USAGE_PERIOD_new(void) | ||
| 96 | { | ||
| 97 | PKEY_USAGE_PERIOD *ret=NULL; | ||
| 98 | ASN1_CTX c; | ||
| 99 | M_ASN1_New_Malloc(ret, PKEY_USAGE_PERIOD); | ||
| 100 | ret->notBefore = NULL; | ||
| 101 | ret->notAfter = NULL; | ||
| 102 | return (ret); | ||
| 103 | M_ASN1_New_Error(ASN1_F_PKEY_USAGE_PERIOD_NEW); | ||
| 104 | } | ||
| 105 | |||
| 106 | PKEY_USAGE_PERIOD *d2i_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD **a, | ||
| 107 | unsigned char **pp, long length) | ||
| 108 | { | ||
| 109 | M_ASN1_D2I_vars(a,PKEY_USAGE_PERIOD *,PKEY_USAGE_PERIOD_new); | ||
| 110 | M_ASN1_D2I_Init(); | ||
| 111 | M_ASN1_D2I_start_sequence(); | ||
| 112 | M_ASN1_D2I_get_IMP_opt (ret->notBefore, d2i_ASN1_GENERALIZEDTIME, 0, | ||
| 113 | V_ASN1_GENERALIZEDTIME); | ||
| 114 | M_ASN1_D2I_get_IMP_opt (ret->notAfter, d2i_ASN1_GENERALIZEDTIME, 1, | ||
| 115 | V_ASN1_GENERALIZEDTIME); | ||
| 116 | M_ASN1_D2I_Finish(a, PKEY_USAGE_PERIOD_free, ASN1_F_D2I_PKEY_USAGE_PERIOD); | ||
| 117 | } | ||
| 118 | |||
| 119 | void PKEY_USAGE_PERIOD_free(PKEY_USAGE_PERIOD *a) | ||
| 120 | { | ||
| 121 | if (a == NULL) return; | ||
| 122 | ASN1_GENERALIZEDTIME_free(a->notBefore); | ||
| 123 | ASN1_GENERALIZEDTIME_free(a->notAfter); | ||
| 124 | Free ((char *)a); | ||
| 125 | } | ||
| 126 | |||
| 127 | static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, | ||
| 128 | PKEY_USAGE_PERIOD *usage, BIO *out, int indent) | ||
| 129 | { | ||
| 130 | BIO_printf(out, "%*s", indent, ""); | ||
| 131 | if(usage->notBefore) { | ||
| 132 | BIO_write(out, "Not Before: ", 12); | ||
| 133 | ASN1_GENERALIZEDTIME_print(out, usage->notBefore); | ||
| 134 | if(usage->notAfter) BIO_write(out, ", ", 2); | ||
| 135 | } | ||
| 136 | if(usage->notAfter) { | ||
| 137 | BIO_write(out, "Not After: ", 11); | ||
| 138 | ASN1_GENERALIZEDTIME_print(out, usage->notAfter); | ||
| 139 | } | ||
| 140 | return 1; | ||
| 141 | } | ||
| 142 | |||
| 143 | /* | ||
| 144 | static PKEY_USAGE_PERIOD *v2i_PKEY_USAGE_PERIOD(method, ctx, values) | ||
| 145 | X509V3_EXT_METHOD *method; | ||
| 146 | X509V3_CTX *ctx; | ||
| 147 | STACK_OF(CONF_VALUE) *values; | ||
| 148 | { | ||
| 149 | return NULL; | ||
| 150 | } | ||
| 151 | */ | ||
diff --git a/src/lib/libcrypto/x509v3/v3_prn.c b/src/lib/libcrypto/x509v3/v3_prn.c deleted file mode 100644 index dc20c6bdba..0000000000 --- a/src/lib/libcrypto/x509v3/v3_prn.c +++ /dev/null | |||
| @@ -1,135 +0,0 @@ | |||
| 1 | /* v3_prn.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | ||
| 3 | * project 1999. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | /* X509 v3 extension utilities */ | ||
| 59 | |||
| 60 | #include <stdio.h> | ||
| 61 | #include "cryptlib.h" | ||
| 62 | #include <openssl/conf.h> | ||
| 63 | #include <openssl/x509v3.h> | ||
| 64 | |||
| 65 | /* Extension printing routines */ | ||
| 66 | |||
| 67 | /* Print out a name+value stack */ | ||
| 68 | |||
| 69 | void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, int ml) | ||
| 70 | { | ||
| 71 | int i; | ||
| 72 | CONF_VALUE *nval; | ||
| 73 | if(!val) return; | ||
| 74 | if(!ml || !sk_CONF_VALUE_num(val)) { | ||
| 75 | BIO_printf(out, "%*s", indent, ""); | ||
| 76 | if(!sk_CONF_VALUE_num(val)) BIO_puts(out, "<EMPTY>\n"); | ||
| 77 | } | ||
| 78 | for(i = 0; i < sk_CONF_VALUE_num(val); i++) { | ||
| 79 | if(ml) BIO_printf(out, "%*s", indent, ""); | ||
| 80 | else if(i > 0) BIO_printf(out, ", "); | ||
| 81 | nval = sk_CONF_VALUE_value(val, i); | ||
| 82 | if(!nval->name) BIO_puts(out, nval->value); | ||
| 83 | else if(!nval->value) BIO_puts(out, nval->name); | ||
| 84 | else BIO_printf(out, "%s:%s", nval->name, nval->value); | ||
| 85 | if(ml) BIO_puts(out, "\n"); | ||
| 86 | } | ||
| 87 | } | ||
| 88 | |||
| 89 | /* Main routine: print out a general extension */ | ||
| 90 | |||
| 91 | int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent) | ||
| 92 | { | ||
| 93 | char *ext_str = NULL, *value = NULL; | ||
| 94 | unsigned char *p; | ||
| 95 | X509V3_EXT_METHOD *method; | ||
| 96 | STACK_OF(CONF_VALUE) *nval = NULL; | ||
| 97 | int ok = 1; | ||
| 98 | if(!(method = X509V3_EXT_get(ext))) return 0; | ||
| 99 | p = ext->value->data; | ||
| 100 | if(!(ext_str = method->d2i(NULL, &p, ext->value->length))) return 0; | ||
| 101 | if(method->i2s) { | ||
| 102 | if(!(value = method->i2s(method, ext_str))) { | ||
| 103 | ok = 0; | ||
| 104 | goto err; | ||
| 105 | } | ||
| 106 | BIO_printf(out, "%*s%s", indent, "", value); | ||
| 107 | } else if(method->i2v) { | ||
| 108 | if(!(nval = method->i2v(method, ext_str, NULL))) { | ||
| 109 | ok = 0; | ||
| 110 | goto err; | ||
| 111 | } | ||
| 112 | X509V3_EXT_val_prn(out, nval, indent, | ||
| 113 | method->ext_flags & X509V3_EXT_MULTILINE); | ||
| 114 | } else if(method->i2r) { | ||
| 115 | if(!method->i2r(method, ext_str, out, indent)) ok = 0; | ||
| 116 | } else ok = 0; | ||
| 117 | |||
| 118 | err: | ||
| 119 | sk_CONF_VALUE_pop_free(nval, X509V3_conf_free); | ||
| 120 | if(value) Free(value); | ||
| 121 | method->ext_free(ext_str); | ||
| 122 | return ok; | ||
| 123 | } | ||
| 124 | |||
| 125 | #ifndef NO_FP_API | ||
| 126 | int X509V3_EXT_print_fp(FILE *fp, X509_EXTENSION *ext, int flag, int indent) | ||
| 127 | { | ||
| 128 | BIO *bio_tmp; | ||
| 129 | int ret; | ||
| 130 | if(!(bio_tmp = BIO_new_fp(fp, BIO_NOCLOSE))) return 0; | ||
| 131 | ret = X509V3_EXT_print(bio_tmp, ext, flag, indent); | ||
| 132 | BIO_free(bio_tmp); | ||
| 133 | return ret; | ||
| 134 | } | ||
| 135 | #endif | ||
diff --git a/src/lib/libcrypto/x509v3/v3_skey.c b/src/lib/libcrypto/x509v3/v3_skey.c deleted file mode 100644 index fb3e36014d..0000000000 --- a/src/lib/libcrypto/x509v3/v3_skey.c +++ /dev/null | |||
| @@ -1,156 +0,0 @@ | |||
| 1 | /* v3_skey.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | ||
| 3 | * project 1999. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | |||
| 60 | #include <stdio.h> | ||
| 61 | #include "cryptlib.h" | ||
| 62 | #include <openssl/x509v3.h> | ||
| 63 | |||
| 64 | static ASN1_OCTET_STRING *octet_string_new(void); | ||
| 65 | static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); | ||
| 66 | X509V3_EXT_METHOD v3_skey_id = { | ||
| 67 | NID_subject_key_identifier, 0, | ||
| 68 | (X509V3_EXT_NEW)octet_string_new, | ||
| 69 | (X509V3_EXT_FREE)ASN1_STRING_free, | ||
| 70 | (X509V3_EXT_D2I)d2i_ASN1_OCTET_STRING, | ||
| 71 | (X509V3_EXT_I2D)i2d_ASN1_OCTET_STRING, | ||
| 72 | (X509V3_EXT_I2S)i2s_ASN1_OCTET_STRING, | ||
| 73 | (X509V3_EXT_S2I)s2i_skey_id, | ||
| 74 | NULL, NULL, NULL, NULL, NULL}; | ||
| 75 | |||
| 76 | |||
| 77 | static ASN1_OCTET_STRING *octet_string_new(void) | ||
| 78 | { | ||
| 79 | return ASN1_OCTET_STRING_new(); | ||
| 80 | } | ||
| 81 | |||
| 82 | char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, | ||
| 83 | ASN1_OCTET_STRING *oct) | ||
| 84 | { | ||
| 85 | return hex_to_string(oct->data, oct->length); | ||
| 86 | } | ||
| 87 | |||
| 88 | ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, | ||
| 89 | X509V3_CTX *ctx, char *str) | ||
| 90 | { | ||
| 91 | ASN1_OCTET_STRING *oct; | ||
| 92 | long length; | ||
| 93 | |||
| 94 | if(!(oct = ASN1_OCTET_STRING_new())) { | ||
| 95 | X509V3err(X509V3_F_S2I_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE); | ||
| 96 | return NULL; | ||
| 97 | } | ||
| 98 | |||
| 99 | if(!(oct->data = string_to_hex(str, &length))) { | ||
| 100 | ASN1_OCTET_STRING_free(oct); | ||
| 101 | return NULL; | ||
| 102 | } | ||
| 103 | |||
| 104 | oct->length = length; | ||
| 105 | |||
| 106 | return oct; | ||
| 107 | |||
| 108 | } | ||
| 109 | |||
| 110 | static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, | ||
| 111 | X509V3_CTX *ctx, char *str) | ||
| 112 | { | ||
| 113 | ASN1_OCTET_STRING *oct; | ||
| 114 | ASN1_BIT_STRING *pk; | ||
| 115 | unsigned char pkey_dig[EVP_MAX_MD_SIZE]; | ||
| 116 | EVP_MD_CTX md; | ||
| 117 | unsigned int diglen; | ||
| 118 | |||
| 119 | if(strcmp(str, "hash")) return s2i_ASN1_OCTET_STRING(method, ctx, str); | ||
| 120 | |||
| 121 | if(!(oct = ASN1_OCTET_STRING_new())) { | ||
| 122 | X509V3err(X509V3_F_S2I_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE); | ||
| 123 | return NULL; | ||
| 124 | } | ||
| 125 | |||
| 126 | if(ctx && (ctx->flags == CTX_TEST)) return oct; | ||
| 127 | |||
| 128 | if(!ctx || (!ctx->subject_req && !ctx->subject_cert)) { | ||
| 129 | X509V3err(X509V3_F_S2I_ASN1_SKEY_ID,X509V3_R_NO_PUBLIC_KEY); | ||
| 130 | goto err; | ||
| 131 | } | ||
| 132 | |||
| 133 | if(ctx->subject_req) | ||
| 134 | pk = ctx->subject_req->req_info->pubkey->public_key; | ||
| 135 | else pk = ctx->subject_cert->cert_info->key->public_key; | ||
| 136 | |||
| 137 | if(!pk) { | ||
| 138 | X509V3err(X509V3_F_S2I_ASN1_SKEY_ID,X509V3_R_NO_PUBLIC_KEY); | ||
| 139 | goto err; | ||
| 140 | } | ||
| 141 | |||
| 142 | EVP_DigestInit(&md, EVP_sha1()); | ||
| 143 | EVP_DigestUpdate(&md, pk->data, pk->length); | ||
| 144 | EVP_DigestFinal(&md, pkey_dig, &diglen); | ||
| 145 | |||
| 146 | if(!ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) { | ||
| 147 | X509V3err(X509V3_F_S2I_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE); | ||
| 148 | goto err; | ||
| 149 | } | ||
| 150 | |||
| 151 | return oct; | ||
| 152 | |||
| 153 | err: | ||
| 154 | ASN1_OCTET_STRING_free(oct); | ||
| 155 | return NULL; | ||
| 156 | } | ||
diff --git a/src/lib/libcrypto/x509v3/v3_sxnet.c b/src/lib/libcrypto/x509v3/v3_sxnet.c deleted file mode 100644 index 0687bb4e3d..0000000000 --- a/src/lib/libcrypto/x509v3/v3_sxnet.c +++ /dev/null | |||
| @@ -1,340 +0,0 @@ | |||
| 1 | /* v3_sxnet.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | ||
| 3 | * project 1999. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | |||
| 59 | #include <stdio.h> | ||
| 60 | #include "cryptlib.h" | ||
| 61 | #include <openssl/conf.h> | ||
| 62 | #include <openssl/asn1.h> | ||
| 63 | #include <openssl/asn1_mac.h> | ||
| 64 | #include <openssl/x509v3.h> | ||
| 65 | |||
| 66 | /* Support for Thawte strong extranet extension */ | ||
| 67 | |||
| 68 | #define SXNET_TEST | ||
| 69 | |||
| 70 | static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, int indent); | ||
| 71 | #ifdef SXNET_TEST | ||
| 72 | static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, | ||
| 73 | STACK_OF(CONF_VALUE) *nval); | ||
| 74 | #endif | ||
| 75 | X509V3_EXT_METHOD v3_sxnet = { | ||
| 76 | NID_sxnet, X509V3_EXT_MULTILINE, | ||
| 77 | (X509V3_EXT_NEW)SXNET_new, | ||
| 78 | (X509V3_EXT_FREE)SXNET_free, | ||
| 79 | (X509V3_EXT_D2I)d2i_SXNET, | ||
| 80 | (X509V3_EXT_I2D)i2d_SXNET, | ||
| 81 | NULL, NULL, | ||
| 82 | NULL, | ||
| 83 | #ifdef SXNET_TEST | ||
| 84 | (X509V3_EXT_V2I)sxnet_v2i, | ||
| 85 | #else | ||
| 86 | NULL, | ||
| 87 | #endif | ||
| 88 | (X509V3_EXT_I2R)sxnet_i2r, | ||
| 89 | NULL, | ||
| 90 | NULL | ||
| 91 | }; | ||
| 92 | |||
| 93 | |||
| 94 | int i2d_SXNET(SXNET *a, unsigned char **pp) | ||
| 95 | { | ||
| 96 | M_ASN1_I2D_vars(a); | ||
| 97 | |||
| 98 | M_ASN1_I2D_len (a->version, i2d_ASN1_INTEGER); | ||
| 99 | M_ASN1_I2D_len_SEQUENCE_type (SXNETID, a->ids, i2d_SXNETID); | ||
| 100 | |||
| 101 | M_ASN1_I2D_seq_total(); | ||
| 102 | |||
| 103 | M_ASN1_I2D_put (a->version, i2d_ASN1_INTEGER); | ||
| 104 | M_ASN1_I2D_put_SEQUENCE_type (SXNETID, a->ids, i2d_SXNETID); | ||
| 105 | |||
| 106 | M_ASN1_I2D_finish(); | ||
| 107 | } | ||
| 108 | |||
| 109 | SXNET *SXNET_new(void) | ||
| 110 | { | ||
| 111 | SXNET *ret=NULL; | ||
| 112 | ASN1_CTX c; | ||
| 113 | M_ASN1_New_Malloc(ret, SXNET); | ||
| 114 | M_ASN1_New(ret->version,ASN1_INTEGER_new); | ||
| 115 | M_ASN1_New(ret->ids,sk_SXNETID_new_null); | ||
| 116 | return (ret); | ||
| 117 | M_ASN1_New_Error(ASN1_F_SXNET_NEW); | ||
| 118 | } | ||
| 119 | |||
| 120 | SXNET *d2i_SXNET(SXNET **a, unsigned char **pp, long length) | ||
| 121 | { | ||
| 122 | M_ASN1_D2I_vars(a,SXNET *,SXNET_new); | ||
| 123 | M_ASN1_D2I_Init(); | ||
| 124 | M_ASN1_D2I_start_sequence(); | ||
| 125 | M_ASN1_D2I_get (ret->version, d2i_ASN1_INTEGER); | ||
| 126 | M_ASN1_D2I_get_seq_type (SXNETID, ret->ids, d2i_SXNETID, SXNETID_free); | ||
| 127 | M_ASN1_D2I_Finish(a, SXNET_free, ASN1_F_D2I_SXNET); | ||
| 128 | } | ||
| 129 | |||
| 130 | void SXNET_free(SXNET *a) | ||
| 131 | { | ||
| 132 | if (a == NULL) return; | ||
| 133 | ASN1_INTEGER_free(a->version); | ||
| 134 | sk_SXNETID_pop_free(a->ids, SXNETID_free); | ||
| 135 | Free (a); | ||
| 136 | } | ||
| 137 | |||
| 138 | int i2d_SXNETID(SXNETID *a, unsigned char **pp) | ||
| 139 | { | ||
| 140 | M_ASN1_I2D_vars(a); | ||
| 141 | |||
| 142 | M_ASN1_I2D_len (a->zone, i2d_ASN1_INTEGER); | ||
| 143 | M_ASN1_I2D_len (a->user, i2d_ASN1_OCTET_STRING); | ||
| 144 | |||
| 145 | M_ASN1_I2D_seq_total(); | ||
| 146 | |||
| 147 | M_ASN1_I2D_put (a->zone, i2d_ASN1_INTEGER); | ||
| 148 | M_ASN1_I2D_put (a->user, i2d_ASN1_OCTET_STRING); | ||
| 149 | |||
| 150 | M_ASN1_I2D_finish(); | ||
| 151 | } | ||
| 152 | |||
| 153 | SXNETID *SXNETID_new(void) | ||
| 154 | { | ||
| 155 | SXNETID *ret=NULL; | ||
| 156 | ASN1_CTX c; | ||
| 157 | M_ASN1_New_Malloc(ret, SXNETID); | ||
| 158 | ret->zone = NULL; | ||
| 159 | M_ASN1_New(ret->user,ASN1_OCTET_STRING_new); | ||
| 160 | return (ret); | ||
| 161 | M_ASN1_New_Error(ASN1_F_SXNETID_NEW); | ||
| 162 | } | ||
| 163 | |||
| 164 | SXNETID *d2i_SXNETID(SXNETID **a, unsigned char **pp, long length) | ||
| 165 | { | ||
| 166 | M_ASN1_D2I_vars(a,SXNETID *,SXNETID_new); | ||
| 167 | M_ASN1_D2I_Init(); | ||
| 168 | M_ASN1_D2I_start_sequence(); | ||
| 169 | M_ASN1_D2I_get(ret->zone, d2i_ASN1_INTEGER); | ||
| 170 | M_ASN1_D2I_get(ret->user, d2i_ASN1_OCTET_STRING); | ||
| 171 | M_ASN1_D2I_Finish(a, SXNETID_free, ASN1_F_D2I_SXNETID); | ||
| 172 | } | ||
| 173 | |||
| 174 | void SXNETID_free(SXNETID *a) | ||
| 175 | { | ||
| 176 | if (a == NULL) return; | ||
| 177 | ASN1_INTEGER_free(a->zone); | ||
| 178 | ASN1_OCTET_STRING_free(a->user); | ||
| 179 | Free (a); | ||
| 180 | } | ||
| 181 | |||
| 182 | static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, | ||
| 183 | int indent) | ||
| 184 | { | ||
| 185 | long v; | ||
| 186 | char *tmp; | ||
| 187 | SXNETID *id; | ||
| 188 | int i; | ||
| 189 | v = ASN1_INTEGER_get(sx->version); | ||
| 190 | BIO_printf(out, "%*sVersion: %d (0x%X)", indent, "", v + 1, v); | ||
| 191 | for(i = 0; i < sk_SXNETID_num(sx->ids); i++) { | ||
| 192 | id = sk_SXNETID_value(sx->ids, i); | ||
| 193 | tmp = i2s_ASN1_INTEGER(NULL, id->zone); | ||
| 194 | BIO_printf(out, "\n%*sZone: %s, User: ", indent, "", tmp); | ||
| 195 | Free(tmp); | ||
| 196 | ASN1_OCTET_STRING_print(out, id->user); | ||
| 197 | } | ||
| 198 | return 1; | ||
| 199 | } | ||
| 200 | |||
| 201 | #ifdef SXNET_TEST | ||
| 202 | |||
| 203 | /* NBB: this is used for testing only. It should *not* be used for anything | ||
| 204 | * else because it will just take static IDs from the configuration file and | ||
| 205 | * they should really be separate values for each user. | ||
| 206 | */ | ||
| 207 | |||
| 208 | |||
| 209 | static SXNET * sxnet_v2i(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, | ||
| 210 | STACK_OF(CONF_VALUE) *nval) | ||
| 211 | { | ||
| 212 | CONF_VALUE *cnf; | ||
| 213 | SXNET *sx = NULL; | ||
| 214 | int i; | ||
| 215 | for(i = 0; i < sk_CONF_VALUE_num(nval); i++) { | ||
| 216 | cnf = sk_CONF_VALUE_value(nval, i); | ||
| 217 | if(!SXNET_add_id_asc(&sx, cnf->name, cnf->value, -1)) | ||
| 218 | return NULL; | ||
| 219 | } | ||
| 220 | return sx; | ||
| 221 | } | ||
| 222 | |||
| 223 | |||
| 224 | #endif | ||
| 225 | |||
| 226 | /* Strong Extranet utility functions */ | ||
| 227 | |||
| 228 | /* Add an id given the zone as an ASCII number */ | ||
| 229 | |||
| 230 | int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, | ||
| 231 | int userlen) | ||
| 232 | { | ||
| 233 | ASN1_INTEGER *izone = NULL; | ||
| 234 | if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) { | ||
| 235 | X509V3err(X509V3_F_SXNET_ADD_ASC,X509V3_R_ERROR_CONVERTING_ZONE); | ||
| 236 | return 0; | ||
| 237 | } | ||
| 238 | return SXNET_add_id_INTEGER(psx, izone, user, userlen); | ||
| 239 | } | ||
| 240 | |||
| 241 | /* Add an id given the zone as an unsigned long */ | ||
| 242 | |||
| 243 | int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user, | ||
| 244 | int userlen) | ||
| 245 | { | ||
| 246 | ASN1_INTEGER *izone = NULL; | ||
| 247 | if(!(izone = ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) { | ||
| 248 | X509V3err(X509V3_F_SXNET_ADD_ID_ULONG,ERR_R_MALLOC_FAILURE); | ||
| 249 | ASN1_INTEGER_free(izone); | ||
| 250 | return 0; | ||
| 251 | } | ||
| 252 | return SXNET_add_id_INTEGER(psx, izone, user, userlen); | ||
| 253 | |||
| 254 | } | ||
| 255 | |||
| 256 | /* Add an id given the zone as an ASN1_INTEGER. | ||
| 257 | * Note this version uses the passed integer and doesn't make a copy so don't | ||
| 258 | * free it up afterwards. | ||
| 259 | */ | ||
| 260 | |||
| 261 | int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *zone, char *user, | ||
| 262 | int userlen) | ||
| 263 | { | ||
| 264 | SXNET *sx = NULL; | ||
| 265 | SXNETID *id = NULL; | ||
| 266 | if(!psx || !zone || !user) { | ||
| 267 | X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_INVALID_NULL_ARGUMENT); | ||
| 268 | return 0; | ||
| 269 | } | ||
| 270 | if(userlen == -1) userlen = strlen(user); | ||
| 271 | if(userlen > 64) { | ||
| 272 | X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_USER_TOO_LONG); | ||
| 273 | return 0; | ||
| 274 | } | ||
| 275 | if(!*psx) { | ||
| 276 | if(!(sx = SXNET_new())) goto err; | ||
| 277 | if(!ASN1_INTEGER_set(sx->version, 0)) goto err; | ||
| 278 | *psx = sx; | ||
| 279 | } else sx = *psx; | ||
| 280 | if(SXNET_get_id_INTEGER(sx, zone)) { | ||
| 281 | X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,X509V3_R_DUPLICATE_ZONE_ID); | ||
| 282 | return 0; | ||
| 283 | } | ||
| 284 | |||
| 285 | if(!(id = SXNETID_new())) goto err; | ||
| 286 | if(userlen == -1) userlen = strlen(user); | ||
| 287 | |||
| 288 | if(!ASN1_OCTET_STRING_set(id->user, user, userlen)) goto err; | ||
| 289 | if(!sk_SXNETID_push(sx->ids, id)) goto err; | ||
| 290 | id->zone = zone; | ||
| 291 | return 1; | ||
| 292 | |||
| 293 | err: | ||
| 294 | X509V3err(X509V3_F_SXNET_ADD_ID_INTEGER,ERR_R_MALLOC_FAILURE); | ||
| 295 | SXNETID_free(id); | ||
| 296 | SXNET_free(sx); | ||
| 297 | *psx = NULL; | ||
| 298 | return 0; | ||
| 299 | } | ||
| 300 | |||
| 301 | ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone) | ||
| 302 | { | ||
| 303 | ASN1_INTEGER *izone = NULL; | ||
| 304 | ASN1_OCTET_STRING *oct; | ||
| 305 | if(!(izone = s2i_ASN1_INTEGER(NULL, zone))) { | ||
| 306 | X509V3err(X509V3_F_SXNET_GET_ID_ASC,X509V3_R_ERROR_CONVERTING_ZONE); | ||
| 307 | return NULL; | ||
| 308 | } | ||
| 309 | oct = SXNET_get_id_INTEGER(sx, izone); | ||
| 310 | ASN1_INTEGER_free(izone); | ||
| 311 | return oct; | ||
| 312 | } | ||
| 313 | |||
| 314 | ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone) | ||
| 315 | { | ||
| 316 | ASN1_INTEGER *izone = NULL; | ||
| 317 | ASN1_OCTET_STRING *oct; | ||
| 318 | if(!(izone = ASN1_INTEGER_new()) || !ASN1_INTEGER_set(izone, lzone)) { | ||
| 319 | X509V3err(X509V3_F_SXNET_GET_ID_ULONG,ERR_R_MALLOC_FAILURE); | ||
| 320 | ASN1_INTEGER_free(izone); | ||
| 321 | return NULL; | ||
| 322 | } | ||
| 323 | oct = SXNET_get_id_INTEGER(sx, izone); | ||
| 324 | ASN1_INTEGER_free(izone); | ||
| 325 | return oct; | ||
| 326 | } | ||
| 327 | |||
| 328 | ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone) | ||
| 329 | { | ||
| 330 | SXNETID *id; | ||
| 331 | int i; | ||
| 332 | for(i = 0; i < sk_SXNETID_num(sx->ids); i++) { | ||
| 333 | id = sk_SXNETID_value(sx->ids, i); | ||
| 334 | if(!ASN1_INTEGER_cmp(id->zone, zone)) return id->user; | ||
| 335 | } | ||
| 336 | return NULL; | ||
| 337 | } | ||
| 338 | |||
| 339 | IMPLEMENT_STACK_OF(SXNETID) | ||
| 340 | IMPLEMENT_ASN1_SET_OF(SXNETID) | ||
diff --git a/src/lib/libcrypto/x509v3/v3_utl.c b/src/lib/libcrypto/x509v3/v3_utl.c deleted file mode 100644 index 40f71c71b4..0000000000 --- a/src/lib/libcrypto/x509v3/v3_utl.c +++ /dev/null | |||
| @@ -1,418 +0,0 @@ | |||
| 1 | /* v3_utl.c */ | ||
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | ||
| 3 | * project 1999. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | /* X509 v3 extension utilities */ | ||
| 59 | |||
| 60 | |||
| 61 | #include <stdio.h> | ||
| 62 | #include <ctype.h> | ||
| 63 | #include "cryptlib.h" | ||
| 64 | #include <openssl/conf.h> | ||
| 65 | #include <openssl/x509v3.h> | ||
| 66 | |||
| 67 | static char *strip_spaces(char *name); | ||
| 68 | |||
| 69 | /* Add a CONF_VALUE name value pair to stack */ | ||
| 70 | |||
| 71 | int X509V3_add_value(const char *name, const char *value, | ||
| 72 | STACK_OF(CONF_VALUE) **extlist) | ||
| 73 | { | ||
| 74 | CONF_VALUE *vtmp = NULL; | ||
| 75 | char *tname = NULL, *tvalue = NULL; | ||
| 76 | if(name && !(tname = BUF_strdup(name))) goto err; | ||
| 77 | if(value && !(tvalue = BUF_strdup(value))) goto err;; | ||
| 78 | if(!(vtmp = (CONF_VALUE *)Malloc(sizeof(CONF_VALUE)))) goto err; | ||
| 79 | if(!*extlist && !(*extlist = sk_CONF_VALUE_new(NULL))) goto err; | ||
| 80 | vtmp->section = NULL; | ||
| 81 | vtmp->name = tname; | ||
| 82 | vtmp->value = tvalue; | ||
| 83 | if(!sk_CONF_VALUE_push(*extlist, vtmp)) goto err; | ||
| 84 | return 1; | ||
| 85 | err: | ||
| 86 | X509V3err(X509V3_F_X509V3_ADD_VALUE,ERR_R_MALLOC_FAILURE); | ||
| 87 | if(vtmp) Free(vtmp); | ||
| 88 | if(tname) Free(tname); | ||
| 89 | if(tvalue) Free(tvalue); | ||
| 90 | return 0; | ||
| 91 | } | ||
| 92 | |||
| 93 | int X509V3_add_value_uchar(const char *name, const unsigned char *value, | ||
| 94 | STACK_OF(CONF_VALUE) **extlist) | ||
| 95 | { | ||
| 96 | return X509V3_add_value(name,(const char *)value,extlist); | ||
| 97 | } | ||
| 98 | |||
| 99 | /* Free function for STACK_OF(CONF_VALUE) */ | ||
| 100 | |||
| 101 | void X509V3_conf_free(CONF_VALUE *conf) | ||
| 102 | { | ||
| 103 | if(!conf) return; | ||
| 104 | if(conf->name) Free(conf->name); | ||
| 105 | if(conf->value) Free(conf->value); | ||
| 106 | if(conf->section) Free(conf->section); | ||
| 107 | Free((char *)conf); | ||
| 108 | } | ||
| 109 | |||
| 110 | int X509V3_add_value_bool(const char *name, int asn1_bool, | ||
| 111 | STACK_OF(CONF_VALUE) **extlist) | ||
| 112 | { | ||
| 113 | if(asn1_bool) return X509V3_add_value(name, "TRUE", extlist); | ||
| 114 | return X509V3_add_value(name, "FALSE", extlist); | ||
| 115 | } | ||
| 116 | |||
| 117 | int X509V3_add_value_bool_nf(char *name, int asn1_bool, | ||
| 118 | STACK_OF(CONF_VALUE) **extlist) | ||
| 119 | { | ||
| 120 | if(asn1_bool) return X509V3_add_value(name, "TRUE", extlist); | ||
| 121 | return 1; | ||
| 122 | } | ||
| 123 | |||
| 124 | |||
| 125 | char *i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *method, ASN1_ENUMERATED *a) | ||
| 126 | { | ||
| 127 | BIGNUM *bntmp = NULL; | ||
| 128 | char *strtmp = NULL; | ||
| 129 | if(!a) return NULL; | ||
| 130 | if(!(bntmp = ASN1_ENUMERATED_to_BN(a, NULL)) || | ||
| 131 | !(strtmp = BN_bn2dec(bntmp)) ) | ||
| 132 | X509V3err(X509V3_F_I2S_ASN1_ENUMERATED,ERR_R_MALLOC_FAILURE); | ||
| 133 | BN_free(bntmp); | ||
| 134 | return strtmp; | ||
| 135 | } | ||
| 136 | |||
| 137 | char *i2s_ASN1_INTEGER(X509V3_EXT_METHOD *method, ASN1_INTEGER *a) | ||
| 138 | { | ||
| 139 | BIGNUM *bntmp = NULL; | ||
| 140 | char *strtmp = NULL; | ||
| 141 | if(!a) return NULL; | ||
| 142 | if(!(bntmp = ASN1_INTEGER_to_BN(a, NULL)) || | ||
| 143 | !(strtmp = BN_bn2dec(bntmp)) ) | ||
| 144 | X509V3err(X509V3_F_I2S_ASN1_INTEGER,ERR_R_MALLOC_FAILURE); | ||
| 145 | BN_free(bntmp); | ||
| 146 | return strtmp; | ||
| 147 | } | ||
| 148 | |||
| 149 | ASN1_INTEGER *s2i_ASN1_INTEGER(X509V3_EXT_METHOD *method, char *value) | ||
| 150 | { | ||
| 151 | BIGNUM *bn = NULL; | ||
| 152 | ASN1_INTEGER *aint; | ||
| 153 | bn = BN_new(); | ||
| 154 | if(!value) { | ||
| 155 | X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_INVALID_NULL_VALUE); | ||
| 156 | return 0; | ||
| 157 | } | ||
| 158 | if(!BN_dec2bn(&bn, value)) { | ||
| 159 | X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_BN_DEC2BN_ERROR); | ||
| 160 | return 0; | ||
| 161 | } | ||
| 162 | |||
| 163 | if(!(aint = BN_to_ASN1_INTEGER(bn, NULL))) { | ||
| 164 | X509V3err(X509V3_F_S2I_ASN1_INTEGER,X509V3_R_BN_TO_ASN1_INTEGER_ERROR); | ||
| 165 | return 0; | ||
| 166 | } | ||
| 167 | BN_free(bn); | ||
| 168 | return aint; | ||
| 169 | } | ||
| 170 | |||
| 171 | int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint, | ||
| 172 | STACK_OF(CONF_VALUE) **extlist) | ||
| 173 | { | ||
| 174 | char *strtmp; | ||
| 175 | int ret; | ||
| 176 | if(!aint) return 1; | ||
| 177 | if(!(strtmp = i2s_ASN1_INTEGER(NULL, aint))) return 0; | ||
| 178 | ret = X509V3_add_value(name, strtmp, extlist); | ||
| 179 | Free(strtmp); | ||
| 180 | return ret; | ||
| 181 | } | ||
| 182 | |||
| 183 | int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool) | ||
| 184 | { | ||
| 185 | char *btmp; | ||
| 186 | if(!(btmp = value->value)) goto err; | ||
| 187 | if(!strcmp(btmp, "TRUE") || !strcmp(btmp, "true") | ||
| 188 | || !strcmp(btmp, "Y") || !strcmp(btmp, "y") | ||
| 189 | || !strcmp(btmp, "YES") || !strcmp(btmp, "yes")) { | ||
| 190 | *asn1_bool = 0xff; | ||
| 191 | return 1; | ||
| 192 | } else if(!strcmp(btmp, "FALSE") || !strcmp(btmp, "false") | ||
| 193 | || !strcmp(btmp, "N") || !strcmp(btmp, "n") | ||
| 194 | || !strcmp(btmp, "NO") || !strcmp(btmp, "no")) { | ||
| 195 | *asn1_bool = 0; | ||
| 196 | return 1; | ||
| 197 | } | ||
| 198 | err: | ||
| 199 | X509V3err(X509V3_F_X509V3_GET_VALUE_BOOL,X509V3_R_INVALID_BOOLEAN_STRING); | ||
| 200 | X509V3_conf_err(value); | ||
| 201 | return 0; | ||
| 202 | } | ||
| 203 | |||
| 204 | int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint) | ||
| 205 | { | ||
| 206 | ASN1_INTEGER *itmp; | ||
| 207 | if(!(itmp = s2i_ASN1_INTEGER(NULL, value->value))) { | ||
| 208 | X509V3_conf_err(value); | ||
| 209 | return 0; | ||
| 210 | } | ||
| 211 | *aint = itmp; | ||
| 212 | return 1; | ||
| 213 | } | ||
| 214 | |||
| 215 | #define HDR_NAME 1 | ||
| 216 | #define HDR_VALUE 2 | ||
| 217 | |||
| 218 | /*#define DEBUG*/ | ||
| 219 | |||
| 220 | STACK_OF(CONF_VALUE) *X509V3_parse_list(char *line) | ||
| 221 | { | ||
| 222 | char *p, *q, c; | ||
| 223 | char *ntmp, *vtmp; | ||
| 224 | STACK_OF(CONF_VALUE) *values = NULL; | ||
| 225 | char *linebuf; | ||
| 226 | int state; | ||
| 227 | /* We are going to modify the line so copy it first */ | ||
| 228 | linebuf = BUF_strdup(line); | ||
| 229 | state = HDR_NAME; | ||
| 230 | ntmp = NULL; | ||
| 231 | /* Go through all characters */ | ||
| 232 | for(p = linebuf, q = linebuf; (c = *p) && (c!='\r') && (c!='\n'); p++) { | ||
| 233 | |||
| 234 | switch(state) { | ||
| 235 | case HDR_NAME: | ||
| 236 | if(c == ':') { | ||
| 237 | state = HDR_VALUE; | ||
| 238 | *p = 0; | ||
| 239 | ntmp = strip_spaces(q); | ||
| 240 | if(!ntmp) { | ||
| 241 | X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME); | ||
| 242 | goto err; | ||
| 243 | } | ||
| 244 | q = p + 1; | ||
| 245 | } else if(c == ',') { | ||
| 246 | *p = 0; | ||
| 247 | ntmp = strip_spaces(q); | ||
| 248 | q = p + 1; | ||
| 249 | #ifdef DEBUG | ||
| 250 | printf("%s\n", ntmp); | ||
| 251 | #endif | ||
| 252 | if(!ntmp) { | ||
| 253 | X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME); | ||
| 254 | goto err; | ||
| 255 | } | ||
| 256 | X509V3_add_value(ntmp, NULL, &values); | ||
| 257 | } | ||
| 258 | break ; | ||
| 259 | |||
| 260 | case HDR_VALUE: | ||
| 261 | if(c == ',') { | ||
| 262 | state = HDR_NAME; | ||
| 263 | *p = 0; | ||
| 264 | vtmp = strip_spaces(q); | ||
| 265 | #ifdef DEBUG | ||
| 266 | printf("%s\n", ntmp); | ||
| 267 | #endif | ||
| 268 | if(!vtmp) { | ||
| 269 | X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_VALUE); | ||
| 270 | goto err; | ||
| 271 | } | ||
| 272 | X509V3_add_value(ntmp, vtmp, &values); | ||
| 273 | ntmp = NULL; | ||
| 274 | q = p + 1; | ||
| 275 | } | ||
| 276 | |||
| 277 | } | ||
| 278 | } | ||
| 279 | |||
| 280 | if(state == HDR_VALUE) { | ||
| 281 | vtmp = strip_spaces(q); | ||
| 282 | #ifdef DEBUG | ||
| 283 | printf("%s=%s\n", ntmp, vtmp); | ||
| 284 | #endif | ||
| 285 | if(!vtmp) { | ||
| 286 | X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_VALUE); | ||
| 287 | goto err; | ||
| 288 | } | ||
| 289 | X509V3_add_value(ntmp, vtmp, &values); | ||
| 290 | } else { | ||
| 291 | ntmp = strip_spaces(q); | ||
| 292 | #ifdef DEBUG | ||
| 293 | printf("%s\n", ntmp); | ||
| 294 | #endif | ||
| 295 | if(!ntmp) { | ||
| 296 | X509V3err(X509V3_F_X509V3_PARSE_LIST, X509V3_R_INVALID_NULL_NAME); | ||
| 297 | goto err; | ||
| 298 | } | ||
| 299 | X509V3_add_value(ntmp, NULL, &values); | ||
| 300 | } | ||
| 301 | Free(linebuf); | ||
| 302 | return values; | ||
| 303 | |||
| 304 | err: | ||
| 305 | Free(linebuf); | ||
| 306 | sk_CONF_VALUE_pop_free(values, X509V3_conf_free); | ||
| 307 | return NULL; | ||
| 308 | |||
| 309 | } | ||
| 310 | |||
| 311 | /* Delete leading and trailing spaces from a string */ | ||
| 312 | static char *strip_spaces(char *name) | ||
| 313 | { | ||
| 314 | char *p, *q; | ||
| 315 | /* Skip over leading spaces */ | ||
| 316 | p = name; | ||
| 317 | while(*p && isspace((unsigned char)*p)) p++; | ||
| 318 | if(!*p) return NULL; | ||
| 319 | q = p + strlen(p) - 1; | ||
| 320 | while((q != p) && isspace((unsigned char)*q)) q--; | ||
| 321 | if(p != q) q[1] = 0; | ||
| 322 | if(!*p) return NULL; | ||
| 323 | return p; | ||
| 324 | } | ||
| 325 | |||
| 326 | /* hex string utilities */ | ||
| 327 | |||
| 328 | /* Given a buffer of length 'len' return a Malloc'ed string with its | ||
| 329 | * hex representation | ||
| 330 | */ | ||
| 331 | |||
| 332 | char *hex_to_string(unsigned char *buffer, long len) | ||
| 333 | { | ||
| 334 | char *tmp, *q; | ||
| 335 | unsigned char *p; | ||
| 336 | int i; | ||
| 337 | static char hexdig[] = "0123456789ABCDEF"; | ||
| 338 | if(!buffer || !len) return NULL; | ||
| 339 | if(!(tmp = Malloc(len * 3 + 1))) { | ||
| 340 | X509V3err(X509V3_F_HEX_TO_STRING,ERR_R_MALLOC_FAILURE); | ||
| 341 | return NULL; | ||
| 342 | } | ||
| 343 | q = tmp; | ||
| 344 | for(i = 0, p = buffer; i < len; i++,p++) { | ||
| 345 | *q++ = hexdig[(*p >> 4) & 0xf]; | ||
| 346 | *q++ = hexdig[*p & 0xf]; | ||
| 347 | *q++ = ':'; | ||
| 348 | } | ||
| 349 | q[-1] = 0; | ||
| 350 | return tmp; | ||
| 351 | } | ||
| 352 | |||
| 353 | /* Give a string of hex digits convert to | ||
| 354 | * a buffer | ||
| 355 | */ | ||
| 356 | |||
| 357 | unsigned char *string_to_hex(char *str, long *len) | ||
| 358 | { | ||
| 359 | unsigned char *hexbuf, *q; | ||
| 360 | unsigned char ch, cl, *p; | ||
| 361 | if(!str) { | ||
| 362 | X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_INVALID_NULL_ARGUMENT); | ||
| 363 | return NULL; | ||
| 364 | } | ||
| 365 | if(!(hexbuf = Malloc(strlen(str) >> 1))) goto err; | ||
| 366 | for(p = (unsigned char *)str, q = hexbuf; *p;) { | ||
| 367 | ch = *p++; | ||
| 368 | if(ch == ':') continue; | ||
| 369 | cl = *p++; | ||
| 370 | if(!cl) { | ||
| 371 | X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_ODD_NUMBER_OF_DIGITS); | ||
| 372 | Free(hexbuf); | ||
| 373 | return NULL; | ||
| 374 | } | ||
| 375 | if(isupper(ch)) ch = tolower(ch); | ||
| 376 | if(isupper(cl)) cl = tolower(cl); | ||
| 377 | |||
| 378 | if((ch >= '0') && (ch <= '9')) ch -= '0'; | ||
| 379 | else if ((ch >= 'a') && (ch <= 'f')) ch -= 'a' - 10; | ||
| 380 | else goto badhex; | ||
| 381 | |||
| 382 | if((cl >= '0') && (cl <= '9')) cl -= '0'; | ||
| 383 | else if ((cl >= 'a') && (cl <= 'f')) cl -= 'a' - 10; | ||
| 384 | else goto badhex; | ||
| 385 | |||
| 386 | *q++ = (ch << 4) | cl; | ||
| 387 | } | ||
| 388 | |||
| 389 | if(len) *len = q - hexbuf; | ||
| 390 | |||
| 391 | return hexbuf; | ||
| 392 | |||
| 393 | err: | ||
| 394 | if(hexbuf) Free(hexbuf); | ||
| 395 | X509V3err(X509V3_F_STRING_TO_HEX,ERR_R_MALLOC_FAILURE); | ||
| 396 | return NULL; | ||
| 397 | |||
| 398 | badhex: | ||
| 399 | Free(hexbuf); | ||
| 400 | X509V3err(X509V3_F_STRING_TO_HEX,X509V3_R_ILLEGAL_HEX_DIGIT); | ||
| 401 | return NULL; | ||
| 402 | |||
| 403 | } | ||
| 404 | |||
| 405 | /* V2I name comparison function: returns zero if 'name' matches | ||
| 406 | * cmp or cmp.* | ||
| 407 | */ | ||
| 408 | |||
| 409 | int name_cmp(const char *name, const char *cmp) | ||
| 410 | { | ||
| 411 | int len, ret; | ||
| 412 | char c; | ||
| 413 | len = strlen(cmp); | ||
| 414 | if((ret = strncmp(name, cmp, len))) return ret; | ||
| 415 | c = name[len]; | ||
| 416 | if(!c || (c=='.')) return 0; | ||
| 417 | return 1; | ||
| 418 | } | ||
diff --git a/src/lib/libcrypto/x509v3/v3err.c b/src/lib/libcrypto/x509v3/v3err.c deleted file mode 100644 index 50efa8d99d..0000000000 --- a/src/lib/libcrypto/x509v3/v3err.c +++ /dev/null | |||
| @@ -1,171 +0,0 @@ | |||
| 1 | /* crypto/x509v3/v3err.c */ | ||
| 2 | /* ==================================================================== | ||
| 3 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | ||
| 4 | * | ||
| 5 | * Redistribution and use in source and binary forms, with or without | ||
| 6 | * modification, are permitted provided that the following conditions | ||
| 7 | * are met: | ||
| 8 | * | ||
| 9 | * 1. Redistributions of source code must retain the above copyright | ||
| 10 | * notice, this list of conditions and the following disclaimer. | ||
| 11 | * | ||
| 12 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer in | ||
| 14 | * the documentation and/or other materials provided with the | ||
| 15 | * distribution. | ||
| 16 | * | ||
| 17 | * 3. All advertising materials mentioning features or use of this | ||
| 18 | * software must display the following acknowledgment: | ||
| 19 | * "This product includes software developed by the OpenSSL Project | ||
| 20 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 21 | * | ||
| 22 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 23 | * endorse or promote products derived from this software without | ||
| 24 | * prior written permission. For written permission, please contact | ||
| 25 | * openssl-core@OpenSSL.org. | ||
| 26 | * | ||
| 27 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 28 | * nor may "OpenSSL" appear in their names without prior written | ||
| 29 | * permission of the OpenSSL Project. | ||
| 30 | * | ||
| 31 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 32 | * acknowledgment: | ||
| 33 | * "This product includes software developed by the OpenSSL Project | ||
| 34 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 35 | * | ||
| 36 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 37 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 38 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 39 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 40 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 41 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 42 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 43 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 44 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 45 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 46 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 47 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 48 | * ==================================================================== | ||
| 49 | * | ||
| 50 | * This product includes cryptographic software written by Eric Young | ||
| 51 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 52 | * Hudson (tjh@cryptsoft.com). | ||
| 53 | * | ||
| 54 | */ | ||
| 55 | |||
| 56 | /* NOTE: this file was auto generated by the mkerr.pl script: any changes | ||
| 57 | * made to it will be overwritten when the script next updates this file. | ||
| 58 | */ | ||
| 59 | |||
| 60 | #include <stdio.h> | ||
| 61 | #include <openssl/err.h> | ||
| 62 | #include <openssl/x509v3.h> | ||
| 63 | |||
| 64 | /* BEGIN ERROR CODES */ | ||
| 65 | #ifndef NO_ERR | ||
| 66 | static ERR_STRING_DATA X509V3_str_functs[]= | ||
| 67 | { | ||
| 68 | {ERR_PACK(0,X509V3_F_COPY_EMAIL,0), "COPY_EMAIL"}, | ||
| 69 | {ERR_PACK(0,X509V3_F_COPY_ISSUER,0), "COPY_ISSUER"}, | ||
| 70 | {ERR_PACK(0,X509V3_F_DO_EXT_CONF,0), "DO_EXT_CONF"}, | ||
| 71 | {ERR_PACK(0,X509V3_F_DO_EXT_I2D,0), "DO_EXT_I2D"}, | ||
| 72 | {ERR_PACK(0,X509V3_F_HEX_TO_STRING,0), "hex_to_string"}, | ||
| 73 | {ERR_PACK(0,X509V3_F_I2S_ASN1_ENUMERATED,0), "i2s_ASN1_ENUMERATED"}, | ||
| 74 | {ERR_PACK(0,X509V3_F_I2S_ASN1_INTEGER,0), "i2s_ASN1_INTEGER"}, | ||
| 75 | {ERR_PACK(0,X509V3_F_NOTICE_SECTION,0), "NOTICE_SECTION"}, | ||
| 76 | {ERR_PACK(0,X509V3_F_NREF_NOS,0), "NREF_NOS"}, | ||
| 77 | {ERR_PACK(0,X509V3_F_POLICY_SECTION,0), "POLICY_SECTION"}, | ||
| 78 | {ERR_PACK(0,X509V3_F_R2I_CERTPOL,0), "R2I_CERTPOL"}, | ||
| 79 | {ERR_PACK(0,X509V3_F_S2I_ASN1_IA5STRING,0), "S2I_ASN1_IA5STRING"}, | ||
| 80 | {ERR_PACK(0,X509V3_F_S2I_ASN1_INTEGER,0), "s2i_ASN1_INTEGER"}, | ||
| 81 | {ERR_PACK(0,X509V3_F_S2I_ASN1_OCTET_STRING,0), "s2i_ASN1_OCTET_STRING"}, | ||
| 82 | {ERR_PACK(0,X509V3_F_S2I_ASN1_SKEY_ID,0), "S2I_ASN1_SKEY_ID"}, | ||
| 83 | {ERR_PACK(0,X509V3_F_S2I_S2I_SKEY_ID,0), "S2I_S2I_SKEY_ID"}, | ||
| 84 | {ERR_PACK(0,X509V3_F_STRING_TO_HEX,0), "string_to_hex"}, | ||
| 85 | {ERR_PACK(0,X509V3_F_SXNET_ADD_ASC,0), "SXNET_ADD_ASC"}, | ||
| 86 | {ERR_PACK(0,X509V3_F_SXNET_ADD_ID_INTEGER,0), "SXNET_add_id_INTEGER"}, | ||
| 87 | {ERR_PACK(0,X509V3_F_SXNET_ADD_ID_ULONG,0), "SXNET_add_id_ulong"}, | ||
| 88 | {ERR_PACK(0,X509V3_F_SXNET_GET_ID_ASC,0), "SXNET_get_id_asc"}, | ||
| 89 | {ERR_PACK(0,X509V3_F_SXNET_GET_ID_ULONG,0), "SXNET_get_id_ulong"}, | ||
| 90 | {ERR_PACK(0,X509V3_F_V2I_ASN1_BIT_STRING,0), "V2I_ASN1_BIT_STRING"}, | ||
| 91 | {ERR_PACK(0,X509V3_F_V2I_AUTHORITY_KEYID,0), "V2I_AUTHORITY_KEYID"}, | ||
| 92 | {ERR_PACK(0,X509V3_F_V2I_BASIC_CONSTRAINTS,0), "V2I_BASIC_CONSTRAINTS"}, | ||
| 93 | {ERR_PACK(0,X509V3_F_V2I_CRLD,0), "V2I_CRLD"}, | ||
| 94 | {ERR_PACK(0,X509V3_F_V2I_EXT_KU,0), "V2I_EXT_KU"}, | ||
| 95 | {ERR_PACK(0,X509V3_F_V2I_GENERAL_NAME,0), "v2i_GENERAL_NAME"}, | ||
| 96 | {ERR_PACK(0,X509V3_F_V2I_GENERAL_NAMES,0), "v2i_GENERAL_NAMES"}, | ||
| 97 | {ERR_PACK(0,X509V3_F_V3_GENERIC_EXTENSION,0), "V3_GENERIC_EXTENSION"}, | ||
| 98 | {ERR_PACK(0,X509V3_F_X509V3_ADD_VALUE,0), "X509V3_add_value"}, | ||
| 99 | {ERR_PACK(0,X509V3_F_X509V3_EXT_ADD,0), "X509V3_EXT_add"}, | ||
| 100 | {ERR_PACK(0,X509V3_F_X509V3_EXT_ADD_ALIAS,0), "X509V3_EXT_add_alias"}, | ||
| 101 | {ERR_PACK(0,X509V3_F_X509V3_EXT_CONF,0), "X509V3_EXT_conf"}, | ||
| 102 | {ERR_PACK(0,X509V3_F_X509V3_EXT_I2D,0), "X509V3_EXT_i2d"}, | ||
| 103 | {ERR_PACK(0,X509V3_F_X509V3_GET_VALUE_BOOL,0), "X509V3_get_value_bool"}, | ||
| 104 | {ERR_PACK(0,X509V3_F_X509V3_PARSE_LIST,0), "X509V3_parse_list"}, | ||
| 105 | {0,NULL} | ||
| 106 | }; | ||
| 107 | |||
| 108 | static ERR_STRING_DATA X509V3_str_reasons[]= | ||
| 109 | { | ||
| 110 | {X509V3_R_BAD_IP_ADDRESS ,"bad ip address"}, | ||
| 111 | {X509V3_R_BAD_OBJECT ,"bad object"}, | ||
| 112 | {X509V3_R_BN_DEC2BN_ERROR ,"bn dec2bn error"}, | ||
| 113 | {X509V3_R_BN_TO_ASN1_INTEGER_ERROR ,"bn to asn1 integer error"}, | ||
| 114 | {X509V3_R_DUPLICATE_ZONE_ID ,"duplicate zone id"}, | ||
| 115 | {X509V3_R_ERROR_CONVERTING_ZONE ,"error converting zone"}, | ||
| 116 | {X509V3_R_ERROR_IN_EXTENSION ,"error in extension"}, | ||
| 117 | {X509V3_R_EXPECTED_A_SECTION_NAME ,"expected a section name"}, | ||
| 118 | {X509V3_R_EXTENSION_NAME_ERROR ,"extension name error"}, | ||
| 119 | {X509V3_R_EXTENSION_NOT_FOUND ,"extension not found"}, | ||
| 120 | {X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED,"extension setting not supported"}, | ||
| 121 | {X509V3_R_EXTENSION_VALUE_ERROR ,"extension value error"}, | ||
| 122 | {X509V3_R_ILLEGAL_HEX_DIGIT ,"illegal hex digit"}, | ||
| 123 | {X509V3_R_INVALID_BOOLEAN_STRING ,"invalid boolean string"}, | ||
| 124 | {X509V3_R_INVALID_EXTENSION_STRING ,"invalid extension string"}, | ||
| 125 | {X509V3_R_INVALID_NAME ,"invalid name"}, | ||
| 126 | {X509V3_R_INVALID_NULL_ARGUMENT ,"invalid null argument"}, | ||
| 127 | {X509V3_R_INVALID_NULL_NAME ,"invalid null name"}, | ||
| 128 | {X509V3_R_INVALID_NULL_VALUE ,"invalid null value"}, | ||
| 129 | {X509V3_R_INVALID_NUMBER ,"invalid number"}, | ||
| 130 | {X509V3_R_INVALID_NUMBERS ,"invalid numbers"}, | ||
| 131 | {X509V3_R_INVALID_OBJECT_IDENTIFIER ,"invalid object identifier"}, | ||
| 132 | {X509V3_R_INVALID_OPTION ,"invalid option"}, | ||
| 133 | {X509V3_R_INVALID_POLICY_IDENTIFIER ,"invalid policy identifier"}, | ||
| 134 | {X509V3_R_INVALID_SECTION ,"invalid section"}, | ||
| 135 | {X509V3_R_ISSUER_DECODE_ERROR ,"issuer decode error"}, | ||
| 136 | {X509V3_R_MISSING_VALUE ,"missing value"}, | ||
| 137 | {X509V3_R_NEED_ORGANIZATION_AND_NUMBERS ,"need organization and numbers"}, | ||
| 138 | {X509V3_R_NO_CONFIG_DATABASE ,"no config database"}, | ||
| 139 | {X509V3_R_NO_ISSUER_CERTIFICATE ,"no issuer certificate"}, | ||
| 140 | {X509V3_R_NO_ISSUER_DETAILS ,"no issuer details"}, | ||
| 141 | {X509V3_R_NO_POLICY_IDENTIFIER ,"no policy identifier"}, | ||
| 142 | {X509V3_R_NO_PUBLIC_KEY ,"no public key"}, | ||
| 143 | {X509V3_R_NO_SUBJECT_DETAILS ,"no subject details"}, | ||
| 144 | {X509V3_R_ODD_NUMBER_OF_DIGITS ,"odd number of digits"}, | ||
| 145 | {X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS ,"unable to get issuer details"}, | ||
| 146 | {X509V3_R_UNABLE_TO_GET_ISSUER_KEYID ,"unable to get issuer keyid"}, | ||
| 147 | {X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT ,"unknown bit string argument"}, | ||
| 148 | {X509V3_R_UNKNOWN_EXTENSION ,"unknown extension"}, | ||
| 149 | {X509V3_R_UNKNOWN_EXTENSION_NAME ,"unknown extension name"}, | ||
| 150 | {X509V3_R_UNKNOWN_OPTION ,"unknown option"}, | ||
| 151 | {X509V3_R_UNSUPPORTED_OPTION ,"unsupported option"}, | ||
| 152 | {X509V3_R_USER_TOO_LONG ,"user too long"}, | ||
| 153 | {0,NULL} | ||
| 154 | }; | ||
| 155 | |||
| 156 | #endif | ||
| 157 | |||
| 158 | void ERR_load_X509V3_strings(void) | ||
| 159 | { | ||
| 160 | static int init=1; | ||
| 161 | |||
| 162 | if (init) | ||
| 163 | { | ||
| 164 | init=0; | ||
| 165 | #ifndef NO_ERR | ||
| 166 | ERR_load_strings(ERR_LIB_X509V3,X509V3_str_functs); | ||
| 167 | ERR_load_strings(ERR_LIB_X509V3,X509V3_str_reasons); | ||
| 168 | #endif | ||
| 169 | |||
| 170 | } | ||
| 171 | } | ||
diff --git a/src/lib/libcrypto/x509v3/x509v3.h b/src/lib/libcrypto/x509v3/x509v3.h deleted file mode 100644 index 4eb04a5a89..0000000000 --- a/src/lib/libcrypto/x509v3/x509v3.h +++ /dev/null | |||
| @@ -1,532 +0,0 @@ | |||
| 1 | /* x509v3.h */ | ||
| 2 | /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL | ||
| 3 | * project 1999. | ||
| 4 | */ | ||
| 5 | /* ==================================================================== | ||
| 6 | * Copyright (c) 1999 The OpenSSL Project. All rights reserved. | ||
| 7 | * | ||
| 8 | * Redistribution and use in source and binary forms, with or without | ||
| 9 | * modification, are permitted provided that the following conditions | ||
| 10 | * are met: | ||
| 11 | * | ||
| 12 | * 1. Redistributions of source code must retain the above copyright | ||
| 13 | * notice, this list of conditions and the following disclaimer. | ||
| 14 | * | ||
| 15 | * 2. Redistributions in binary form must reproduce the above copyright | ||
| 16 | * notice, this list of conditions and the following disclaimer in | ||
| 17 | * the documentation and/or other materials provided with the | ||
| 18 | * distribution. | ||
| 19 | * | ||
| 20 | * 3. All advertising materials mentioning features or use of this | ||
| 21 | * software must display the following acknowledgment: | ||
| 22 | * "This product includes software developed by the OpenSSL Project | ||
| 23 | * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" | ||
| 24 | * | ||
| 25 | * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to | ||
| 26 | * endorse or promote products derived from this software without | ||
| 27 | * prior written permission. For written permission, please contact | ||
| 28 | * licensing@OpenSSL.org. | ||
| 29 | * | ||
| 30 | * 5. Products derived from this software may not be called "OpenSSL" | ||
| 31 | * nor may "OpenSSL" appear in their names without prior written | ||
| 32 | * permission of the OpenSSL Project. | ||
| 33 | * | ||
| 34 | * 6. Redistributions of any form whatsoever must retain the following | ||
| 35 | * acknowledgment: | ||
| 36 | * "This product includes software developed by the OpenSSL Project | ||
| 37 | * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" | ||
| 38 | * | ||
| 39 | * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY | ||
| 40 | * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | ||
| 41 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR | ||
| 42 | * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR | ||
| 43 | * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, | ||
| 44 | * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT | ||
| 45 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | ||
| 46 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | ||
| 47 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | ||
| 48 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) | ||
| 49 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED | ||
| 50 | * OF THE POSSIBILITY OF SUCH DAMAGE. | ||
| 51 | * ==================================================================== | ||
| 52 | * | ||
| 53 | * This product includes cryptographic software written by Eric Young | ||
| 54 | * (eay@cryptsoft.com). This product includes software written by Tim | ||
| 55 | * Hudson (tjh@cryptsoft.com). | ||
| 56 | * | ||
| 57 | */ | ||
| 58 | #ifndef HEADER_X509V3_H | ||
| 59 | #define HEADER_X509V3_H | ||
| 60 | |||
| 61 | #ifdef __cplusplus | ||
| 62 | extern "C" { | ||
| 63 | #endif | ||
| 64 | |||
| 65 | #include <openssl/bio.h> | ||
| 66 | #include <openssl/x509.h> | ||
| 67 | #include <openssl/conf.h> | ||
| 68 | |||
| 69 | /* Forward reference */ | ||
| 70 | struct v3_ext_method; | ||
| 71 | struct v3_ext_ctx; | ||
| 72 | |||
| 73 | /* Useful typedefs */ | ||
| 74 | |||
| 75 | typedef void * (*X509V3_EXT_NEW)(void); | ||
| 76 | typedef void (*X509V3_EXT_FREE)(void *); | ||
| 77 | typedef void * (*X509V3_EXT_D2I)(void *, unsigned char ** , long); | ||
| 78 | typedef int (*X509V3_EXT_I2D)(void *, unsigned char **); | ||
| 79 | typedef STACK_OF(CONF_VALUE) * (*X509V3_EXT_I2V)(struct v3_ext_method *method, void *ext, STACK_OF(CONF_VALUE) *extlist); | ||
| 80 | typedef void * (*X509V3_EXT_V2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, STACK_OF(CONF_VALUE) *values); | ||
| 81 | typedef char * (*X509V3_EXT_I2S)(struct v3_ext_method *method, void *ext); | ||
| 82 | typedef void * (*X509V3_EXT_S2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str); | ||
| 83 | typedef int (*X509V3_EXT_I2R)(struct v3_ext_method *method, void *ext, BIO *out, int indent); | ||
| 84 | typedef void * (*X509V3_EXT_R2I)(struct v3_ext_method *method, struct v3_ext_ctx *ctx, char *str); | ||
| 85 | |||
| 86 | /* V3 extension structure */ | ||
| 87 | |||
| 88 | struct v3_ext_method { | ||
| 89 | int ext_nid; | ||
| 90 | int ext_flags; | ||
| 91 | X509V3_EXT_NEW ext_new; | ||
| 92 | X509V3_EXT_FREE ext_free; | ||
| 93 | X509V3_EXT_D2I d2i; | ||
| 94 | X509V3_EXT_I2D i2d; | ||
| 95 | |||
| 96 | /* The following pair is used for string extensions */ | ||
| 97 | X509V3_EXT_I2S i2s; | ||
| 98 | X509V3_EXT_S2I s2i; | ||
| 99 | |||
| 100 | /* The following pair is used for multi-valued extensions */ | ||
| 101 | X509V3_EXT_I2V i2v; | ||
| 102 | X509V3_EXT_V2I v2i; | ||
| 103 | |||
| 104 | /* The following are used for raw extensions */ | ||
| 105 | X509V3_EXT_I2R i2r; | ||
| 106 | X509V3_EXT_R2I r2i; | ||
| 107 | |||
| 108 | void *usr_data; /* Any extension specific data */ | ||
| 109 | }; | ||
| 110 | |||
| 111 | typedef struct X509V3_CONF_METHOD_st { | ||
| 112 | char * (*get_string)(void *db, char *section, char *value); | ||
| 113 | STACK_OF(CONF_VALUE) * (*get_section)(void *db, char *section); | ||
| 114 | void (*free_string)(void *db, char * string); | ||
| 115 | void (*free_section)(void *db, STACK_OF(CONF_VALUE) *section); | ||
| 116 | } X509V3_CONF_METHOD; | ||
| 117 | |||
| 118 | /* Context specific info */ | ||
| 119 | struct v3_ext_ctx { | ||
| 120 | #define CTX_TEST 0x1 | ||
| 121 | int flags; | ||
| 122 | X509 *issuer_cert; | ||
| 123 | X509 *subject_cert; | ||
| 124 | X509_REQ *subject_req; | ||
| 125 | X509_CRL *crl; | ||
| 126 | X509V3_CONF_METHOD *db_meth; | ||
| 127 | void *db; | ||
| 128 | /* Maybe more here */ | ||
| 129 | }; | ||
| 130 | |||
| 131 | typedef struct v3_ext_method X509V3_EXT_METHOD; | ||
| 132 | typedef struct v3_ext_ctx X509V3_CTX; | ||
| 133 | |||
| 134 | /* ext_flags values */ | ||
| 135 | #define X509V3_EXT_DYNAMIC 0x1 | ||
| 136 | #define X509V3_EXT_CTX_DEP 0x2 | ||
| 137 | #define X509V3_EXT_MULTILINE 0x4 | ||
| 138 | |||
| 139 | typedef struct BIT_STRING_BITNAME_st { | ||
| 140 | int bitnum; | ||
| 141 | const char *lname; | ||
| 142 | const char *sname; | ||
| 143 | } BIT_STRING_BITNAME; | ||
| 144 | |||
| 145 | typedef BIT_STRING_BITNAME ENUMERATED_NAMES; | ||
| 146 | |||
| 147 | typedef struct BASIC_CONSTRAINTS_st { | ||
| 148 | int ca; | ||
| 149 | ASN1_INTEGER *pathlen; | ||
| 150 | } BASIC_CONSTRAINTS; | ||
| 151 | |||
| 152 | |||
| 153 | typedef struct PKEY_USAGE_PERIOD_st { | ||
| 154 | ASN1_GENERALIZEDTIME *notBefore; | ||
| 155 | ASN1_GENERALIZEDTIME *notAfter; | ||
| 156 | } PKEY_USAGE_PERIOD; | ||
| 157 | |||
| 158 | typedef struct GENERAL_NAME_st { | ||
| 159 | |||
| 160 | #define GEN_OTHERNAME (0|V_ASN1_CONTEXT_SPECIFIC) | ||
| 161 | #define GEN_EMAIL (1|V_ASN1_CONTEXT_SPECIFIC) | ||
| 162 | #define GEN_DNS (2|V_ASN1_CONTEXT_SPECIFIC) | ||
| 163 | #define GEN_X400 (3|V_ASN1_CONTEXT_SPECIFIC) | ||
| 164 | #define GEN_DIRNAME (4|V_ASN1_CONTEXT_SPECIFIC) | ||
| 165 | #define GEN_EDIPARTY (5|V_ASN1_CONTEXT_SPECIFIC) | ||
| 166 | #define GEN_URI (6|V_ASN1_CONTEXT_SPECIFIC) | ||
| 167 | #define GEN_IPADD (7|V_ASN1_CONTEXT_SPECIFIC) | ||
| 168 | #define GEN_RID (8|V_ASN1_CONTEXT_SPECIFIC) | ||
| 169 | |||
| 170 | int type; | ||
| 171 | union { | ||
| 172 | char *ptr; | ||
| 173 | ASN1_IA5STRING *ia5;/* rfc822Name, dNSName, uniformResourceIdentifier */ | ||
| 174 | ASN1_OCTET_STRING *ip; /* iPAddress */ | ||
| 175 | X509_NAME *dirn; /* dirn */ | ||
| 176 | ASN1_OBJECT *rid; /* registeredID */ | ||
| 177 | ASN1_TYPE *other; /* otherName, ediPartyName, x400Address */ | ||
| 178 | } d; | ||
| 179 | } GENERAL_NAME; | ||
| 180 | |||
| 181 | DECLARE_STACK_OF(GENERAL_NAME) | ||
| 182 | DECLARE_ASN1_SET_OF(GENERAL_NAME) | ||
| 183 | |||
| 184 | typedef struct DIST_POINT_NAME_st { | ||
| 185 | /* NB: this is a CHOICE type and only one of these should be set */ | ||
| 186 | STACK_OF(GENERAL_NAME) *fullname; | ||
| 187 | X509_NAME *relativename; | ||
| 188 | } DIST_POINT_NAME; | ||
| 189 | |||
| 190 | typedef struct DIST_POINT_st { | ||
| 191 | DIST_POINT_NAME *distpoint; | ||
| 192 | ASN1_BIT_STRING *reasons; | ||
| 193 | STACK_OF(GENERAL_NAME) *CRLissuer; | ||
| 194 | } DIST_POINT; | ||
| 195 | |||
| 196 | DECLARE_STACK_OF(DIST_POINT) | ||
| 197 | DECLARE_ASN1_SET_OF(DIST_POINT) | ||
| 198 | |||
| 199 | typedef struct AUTHORITY_KEYID_st { | ||
| 200 | ASN1_OCTET_STRING *keyid; | ||
| 201 | STACK_OF(GENERAL_NAME) *issuer; | ||
| 202 | ASN1_INTEGER *serial; | ||
| 203 | } AUTHORITY_KEYID; | ||
| 204 | |||
| 205 | /* Strong extranet structures */ | ||
| 206 | |||
| 207 | typedef struct SXNET_ID_st { | ||
| 208 | ASN1_INTEGER *zone; | ||
| 209 | ASN1_OCTET_STRING *user; | ||
| 210 | } SXNETID; | ||
| 211 | |||
| 212 | DECLARE_STACK_OF(SXNETID) | ||
| 213 | DECLARE_ASN1_SET_OF(SXNETID) | ||
| 214 | |||
| 215 | typedef struct SXNET_st { | ||
| 216 | ASN1_INTEGER *version; | ||
| 217 | STACK_OF(SXNETID) *ids; | ||
| 218 | } SXNET; | ||
| 219 | |||
| 220 | typedef struct NOTICEREF_st { | ||
| 221 | ASN1_STRING *organization; | ||
| 222 | STACK *noticenos; | ||
| 223 | } NOTICEREF; | ||
| 224 | |||
| 225 | typedef struct USERNOTICE_st { | ||
| 226 | NOTICEREF *noticeref; | ||
| 227 | ASN1_STRING *exptext; | ||
| 228 | } USERNOTICE; | ||
| 229 | |||
| 230 | typedef struct POLICYQUALINFO_st { | ||
| 231 | ASN1_OBJECT *pqualid; | ||
| 232 | union { | ||
| 233 | ASN1_IA5STRING *cpsuri; | ||
| 234 | USERNOTICE *usernotice; | ||
| 235 | ASN1_TYPE *other; | ||
| 236 | } d; | ||
| 237 | } POLICYQUALINFO; | ||
| 238 | |||
| 239 | DECLARE_STACK_OF(POLICYQUALINFO) | ||
| 240 | DECLARE_ASN1_SET_OF(POLICYQUALINFO) | ||
| 241 | |||
| 242 | typedef struct POLICYINFO_st { | ||
| 243 | ASN1_OBJECT *policyid; | ||
| 244 | STACK_OF(POLICYQUALINFO) *qualifiers; | ||
| 245 | } POLICYINFO; | ||
| 246 | |||
| 247 | DECLARE_STACK_OF(POLICYINFO) | ||
| 248 | DECLARE_ASN1_SET_OF(POLICYINFO) | ||
| 249 | |||
| 250 | #define X509V3_conf_err(val) ERR_add_error_data(6, "section:", val->section, \ | ||
| 251 | ",name:", val->name, ",value:", val->value); | ||
| 252 | |||
| 253 | #define X509V3_set_ctx_test(ctx) \ | ||
| 254 | X509V3_set_ctx(ctx, NULL, NULL, NULL, NULL, CTX_TEST) | ||
| 255 | #define X509V3_set_ctx_nodb(ctx) ctx->db = NULL; | ||
| 256 | |||
| 257 | #define EXT_BITSTRING(nid, table) { nid, 0, \ | ||
| 258 | (X509V3_EXT_NEW)asn1_bit_string_new, \ | ||
| 259 | (X509V3_EXT_FREE)ASN1_STRING_free, \ | ||
| 260 | (X509V3_EXT_D2I)d2i_ASN1_BIT_STRING, \ | ||
| 261 | (X509V3_EXT_I2D)i2d_ASN1_BIT_STRING, \ | ||
| 262 | NULL, NULL, \ | ||
| 263 | (X509V3_EXT_I2V)i2v_ASN1_BIT_STRING, \ | ||
| 264 | (X509V3_EXT_V2I)v2i_ASN1_BIT_STRING, \ | ||
| 265 | NULL, NULL, \ | ||
| 266 | (char *)table} | ||
| 267 | |||
| 268 | #define EXT_IA5STRING(nid) { nid, 0, \ | ||
| 269 | (X509V3_EXT_NEW)ia5string_new, \ | ||
| 270 | (X509V3_EXT_FREE)ASN1_STRING_free, \ | ||
| 271 | (X509V3_EXT_D2I)d2i_ASN1_IA5STRING, \ | ||
| 272 | (X509V3_EXT_I2D)i2d_ASN1_IA5STRING, \ | ||
| 273 | (X509V3_EXT_I2S)i2s_ASN1_IA5STRING, \ | ||
| 274 | (X509V3_EXT_S2I)s2i_ASN1_IA5STRING, \ | ||
| 275 | NULL, NULL, NULL, NULL, \ | ||
| 276 | NULL} | ||
| 277 | |||
| 278 | #define EXT_END { -1, 0, NULL, NULL, NULL, NULL, NULL, NULL, \ | ||
| 279 | NULL, NULL, NULL, NULL, \ | ||
| 280 | NULL} | ||
| 281 | |||
| 282 | void ERR_load_X509V3_strings(void); | ||
| 283 | int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **pp); | ||
| 284 | BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a, unsigned char **pp, long length); | ||
| 285 | BASIC_CONSTRAINTS *BASIC_CONSTRAINTS_new(void); | ||
| 286 | void BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a); | ||
| 287 | |||
| 288 | int i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **pp); | ||
| 289 | GENERAL_NAME *d2i_GENERAL_NAME(GENERAL_NAME **a, unsigned char **pp, long length); | ||
| 290 | GENERAL_NAME *GENERAL_NAME_new(void); | ||
| 291 | void GENERAL_NAME_free(GENERAL_NAME *a); | ||
| 292 | STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret); | ||
| 293 | |||
| 294 | int i2d_SXNET(SXNET *a, unsigned char **pp); | ||
| 295 | SXNET *d2i_SXNET(SXNET **a, unsigned char **pp, long length); | ||
| 296 | SXNET *SXNET_new(void); | ||
| 297 | void SXNET_free(SXNET *a); | ||
| 298 | |||
| 299 | int i2d_SXNETID(SXNETID *a, unsigned char **pp); | ||
| 300 | SXNETID *d2i_SXNETID(SXNETID **a, unsigned char **pp, long length); | ||
| 301 | SXNETID *SXNETID_new(void); | ||
| 302 | void SXNETID_free(SXNETID *a); | ||
| 303 | |||
| 304 | int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen); | ||
| 305 | int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user, int userlen); | ||
| 306 | int SXNET_add_id_INTEGER(SXNET **psx, ASN1_INTEGER *izone, char *user, int userlen); | ||
| 307 | |||
| 308 | ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone); | ||
| 309 | ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone); | ||
| 310 | ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone); | ||
| 311 | |||
| 312 | int i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **pp); | ||
| 313 | AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, unsigned char **pp, long length); | ||
| 314 | AUTHORITY_KEYID *AUTHORITY_KEYID_new(void); | ||
| 315 | void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a); | ||
| 316 | |||
| 317 | int i2d_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD *a, unsigned char **pp); | ||
| 318 | PKEY_USAGE_PERIOD *d2i_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD **a, unsigned char **pp, long length); | ||
| 319 | PKEY_USAGE_PERIOD *PKEY_USAGE_PERIOD_new(void); | ||
| 320 | void PKEY_USAGE_PERIOD_free(PKEY_USAGE_PERIOD *a); | ||
| 321 | |||
| 322 | STACK_OF(GENERAL_NAME) *GENERAL_NAMES_new(void); | ||
| 323 | void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *a); | ||
| 324 | STACK_OF(GENERAL_NAME) *d2i_GENERAL_NAMES(STACK_OF(GENERAL_NAME) **a, unsigned char **pp, long length); | ||
| 325 | int i2d_GENERAL_NAMES(STACK_OF(GENERAL_NAME) *a, unsigned char **pp); | ||
| 326 | STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, | ||
| 327 | STACK_OF(GENERAL_NAME) *gen, STACK_OF(CONF_VALUE) *extlist); | ||
| 328 | STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method, | ||
| 329 | X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); | ||
| 330 | |||
| 331 | char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5); | ||
| 332 | ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); | ||
| 333 | |||
| 334 | int i2d_ext_ku(STACK_OF(ASN1_OBJECT) *a, unsigned char **pp); | ||
| 335 | STACK_OF(ASN1_OBJECT) *d2i_ext_ku(STACK_OF(ASN1_OBJECT) **a, | ||
| 336 | unsigned char **pp, long length); | ||
| 337 | void ext_ku_free(STACK_OF(ASN1_OBJECT) *a); | ||
| 338 | STACK_OF(ASN1_OBJECT) *ext_ku_new(void); | ||
| 339 | |||
| 340 | int i2d_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) *a, unsigned char **pp); | ||
| 341 | STACK_OF(POLICYINFO) *CERTIFICATEPOLICIES_new(void); | ||
| 342 | void CERTIFICATEPOLICIES_free(STACK_OF(POLICYINFO) *a); | ||
| 343 | STACK_OF(POLICYINFO) *d2i_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) **a, unsigned char **pp, long length); | ||
| 344 | |||
| 345 | int i2d_POLICYINFO(POLICYINFO *a, unsigned char **pp); | ||
| 346 | POLICYINFO *POLICYINFO_new(void); | ||
| 347 | POLICYINFO *d2i_POLICYINFO(POLICYINFO **a, unsigned char **pp, long length); | ||
| 348 | void POLICYINFO_free(POLICYINFO *a); | ||
| 349 | |||
| 350 | int i2d_POLICYQUALINFO(POLICYQUALINFO *a, unsigned char **pp); | ||
| 351 | POLICYQUALINFO *POLICYQUALINFO_new(void); | ||
| 352 | POLICYQUALINFO *d2i_POLICYQUALINFO(POLICYQUALINFO **a, unsigned char **pp, | ||
| 353 | long length); | ||
| 354 | void POLICYQUALINFO_free(POLICYQUALINFO *a); | ||
| 355 | |||
| 356 | int i2d_USERNOTICE(USERNOTICE *a, unsigned char **pp); | ||
| 357 | USERNOTICE *USERNOTICE_new(void); | ||
| 358 | USERNOTICE *d2i_USERNOTICE(USERNOTICE **a, unsigned char **pp, long length); | ||
| 359 | void USERNOTICE_free(USERNOTICE *a); | ||
| 360 | |||
| 361 | int i2d_NOTICEREF(NOTICEREF *a, unsigned char **pp); | ||
| 362 | NOTICEREF *NOTICEREF_new(void); | ||
| 363 | NOTICEREF *d2i_NOTICEREF(NOTICEREF **a, unsigned char **pp, long length); | ||
| 364 | void NOTICEREF_free(NOTICEREF *a); | ||
| 365 | |||
| 366 | int i2d_CRL_DIST_POINTS(STACK_OF(DIST_POINT) *a, unsigned char **pp); | ||
| 367 | STACK_OF(DIST_POINT) *CRL_DIST_POINTS_new(void); | ||
| 368 | void CRL_DIST_POINTS_free(STACK_OF(DIST_POINT) *a); | ||
| 369 | STACK_OF(DIST_POINT) *d2i_CRL_DIST_POINTS(STACK_OF(DIST_POINT) **a, | ||
| 370 | unsigned char **pp,long length); | ||
| 371 | |||
| 372 | int i2d_DIST_POINT(DIST_POINT *a, unsigned char **pp); | ||
| 373 | DIST_POINT *DIST_POINT_new(void); | ||
| 374 | DIST_POINT *d2i_DIST_POINT(DIST_POINT **a, unsigned char **pp, long length); | ||
| 375 | void DIST_POINT_free(DIST_POINT *a); | ||
| 376 | |||
| 377 | int i2d_DIST_POINT_NAME(DIST_POINT_NAME *a, unsigned char **pp); | ||
| 378 | DIST_POINT_NAME *DIST_POINT_NAME_new(void); | ||
| 379 | void DIST_POINT_NAME_free(DIST_POINT_NAME *a); | ||
| 380 | DIST_POINT_NAME *d2i_DIST_POINT_NAME(DIST_POINT_NAME **a, unsigned char **pp, | ||
| 381 | long length); | ||
| 382 | |||
| 383 | #ifdef HEADER_CONF_H | ||
| 384 | GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, CONF_VALUE *cnf); | ||
| 385 | void X509V3_conf_free(CONF_VALUE *val); | ||
| 386 | X509_EXTENSION *X509V3_EXT_conf_nid(LHASH *conf, X509V3_CTX *ctx, int ext_nid, char *value); | ||
| 387 | X509_EXTENSION *X509V3_EXT_conf(LHASH *conf, X509V3_CTX *ctx, char *name, char *value); | ||
| 388 | int X509V3_EXT_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509 *cert); | ||
| 389 | int X509V3_EXT_CRL_add_conf(LHASH *conf, X509V3_CTX *ctx, char *section, X509_CRL *crl); | ||
| 390 | int X509V3_add_value_bool_nf(char *name, int asn1_bool, | ||
| 391 | STACK_OF(CONF_VALUE) **extlist); | ||
| 392 | int X509V3_get_value_bool(CONF_VALUE *value, int *asn1_bool); | ||
| 393 | int X509V3_get_value_int(CONF_VALUE *value, ASN1_INTEGER **aint); | ||
| 394 | void X509V3_set_conf_lhash(X509V3_CTX *ctx, LHASH *lhash); | ||
| 395 | #endif | ||
| 396 | |||
| 397 | char * X509V3_get_string(X509V3_CTX *ctx, char *name, char *section); | ||
| 398 | STACK_OF(CONF_VALUE) * X509V3_get_section(X509V3_CTX *ctx, char *section); | ||
| 399 | void X509V3_string_free(X509V3_CTX *ctx, char *str); | ||
| 400 | void X509V3_section_free( X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *section); | ||
| 401 | void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject, | ||
| 402 | X509_REQ *req, X509_CRL *crl, int flags); | ||
| 403 | |||
| 404 | int X509V3_add_value(const char *name, const char *value, | ||
| 405 | STACK_OF(CONF_VALUE) **extlist); | ||
| 406 | int X509V3_add_value_uchar(const char *name, const unsigned char *value, | ||
| 407 | STACK_OF(CONF_VALUE) **extlist); | ||
| 408 | int X509V3_add_value_bool(const char *name, int asn1_bool, | ||
| 409 | STACK_OF(CONF_VALUE) **extlist); | ||
| 410 | int X509V3_add_value_int(const char *name, ASN1_INTEGER *aint, | ||
| 411 | STACK_OF(CONF_VALUE) **extlist); | ||
| 412 | char * i2s_ASN1_INTEGER(X509V3_EXT_METHOD *meth, ASN1_INTEGER *aint); | ||
| 413 | ASN1_INTEGER * s2i_ASN1_INTEGER(X509V3_EXT_METHOD *meth, char *value); | ||
| 414 | char * i2s_ASN1_ENUMERATED(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint); | ||
| 415 | char * i2s_ASN1_ENUMERATED_TABLE(X509V3_EXT_METHOD *meth, ASN1_ENUMERATED *aint); | ||
| 416 | int X509V3_EXT_add(X509V3_EXT_METHOD *ext); | ||
| 417 | int X509V3_EXT_add_list(X509V3_EXT_METHOD *extlist); | ||
| 418 | int X509V3_EXT_add_alias(int nid_to, int nid_from); | ||
| 419 | void X509V3_EXT_cleanup(void); | ||
| 420 | |||
| 421 | X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *ext); | ||
| 422 | X509V3_EXT_METHOD *X509V3_EXT_get_nid(int nid); | ||
| 423 | int X509V3_add_standard_extensions(void); | ||
| 424 | STACK_OF(CONF_VALUE) *X509V3_parse_list(char *line); | ||
| 425 | void *X509V3_EXT_d2i(X509_EXTENSION *ext); | ||
| 426 | X509_EXTENSION *X509V3_EXT_i2d(int ext_nid, int crit, void *ext_struc); | ||
| 427 | |||
| 428 | char *hex_to_string(unsigned char *buffer, long len); | ||
| 429 | unsigned char *string_to_hex(char *str, long *len); | ||
| 430 | int name_cmp(const char *name, const char *cmp); | ||
| 431 | |||
| 432 | void X509V3_EXT_val_prn(BIO *out, STACK_OF(CONF_VALUE) *val, int indent, | ||
| 433 | int ml); | ||
| 434 | int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, int flag, int indent); | ||
| 435 | int X509V3_EXT_print_fp(FILE *out, X509_EXTENSION *ext, int flag, int indent); | ||
| 436 | |||
| 437 | /* BEGIN ERROR CODES */ | ||
| 438 | /* The following lines are auto generated by the script mkerr.pl. Any changes | ||
| 439 | * made after this point may be overwritten when the script is next run. | ||
| 440 | */ | ||
| 441 | |||
| 442 | /* Error codes for the X509V3 functions. */ | ||
| 443 | |||
| 444 | /* Function codes. */ | ||
| 445 | #define X509V3_F_COPY_EMAIL 122 | ||
| 446 | #define X509V3_F_COPY_ISSUER 123 | ||
| 447 | #define X509V3_F_DO_EXT_CONF 124 | ||
| 448 | #define X509V3_F_DO_EXT_I2D 135 | ||
| 449 | #define X509V3_F_HEX_TO_STRING 111 | ||
| 450 | #define X509V3_F_I2S_ASN1_ENUMERATED 121 | ||
| 451 | #define X509V3_F_I2S_ASN1_INTEGER 120 | ||
| 452 | #define X509V3_F_NOTICE_SECTION 132 | ||
| 453 | #define X509V3_F_NREF_NOS 133 | ||
| 454 | #define X509V3_F_POLICY_SECTION 131 | ||
| 455 | #define X509V3_F_R2I_CERTPOL 130 | ||
| 456 | #define X509V3_F_S2I_ASN1_IA5STRING 100 | ||
| 457 | #define X509V3_F_S2I_ASN1_INTEGER 108 | ||
| 458 | #define X509V3_F_S2I_ASN1_OCTET_STRING 112 | ||
| 459 | #define X509V3_F_S2I_ASN1_SKEY_ID 114 | ||
| 460 | #define X509V3_F_S2I_S2I_SKEY_ID 115 | ||
| 461 | #define X509V3_F_STRING_TO_HEX 113 | ||
| 462 | #define X509V3_F_SXNET_ADD_ASC 125 | ||
| 463 | #define X509V3_F_SXNET_ADD_ID_INTEGER 126 | ||
| 464 | #define X509V3_F_SXNET_ADD_ID_ULONG 127 | ||
| 465 | #define X509V3_F_SXNET_GET_ID_ASC 128 | ||
| 466 | #define X509V3_F_SXNET_GET_ID_ULONG 129 | ||
| 467 | #define X509V3_F_V2I_ASN1_BIT_STRING 101 | ||
| 468 | #define X509V3_F_V2I_AUTHORITY_KEYID 119 | ||
| 469 | #define X509V3_F_V2I_BASIC_CONSTRAINTS 102 | ||
| 470 | #define X509V3_F_V2I_CRLD 134 | ||
| 471 | #define X509V3_F_V2I_EXT_KU 103 | ||
| 472 | #define X509V3_F_V2I_GENERAL_NAME 117 | ||
| 473 | #define X509V3_F_V2I_GENERAL_NAMES 118 | ||
| 474 | #define X509V3_F_V3_GENERIC_EXTENSION 116 | ||
| 475 | #define X509V3_F_X509V3_ADD_VALUE 105 | ||
| 476 | #define X509V3_F_X509V3_EXT_ADD 104 | ||
| 477 | #define X509V3_F_X509V3_EXT_ADD_ALIAS 106 | ||
| 478 | #define X509V3_F_X509V3_EXT_CONF 107 | ||
| 479 | #define X509V3_F_X509V3_EXT_I2D 136 | ||
| 480 | #define X509V3_F_X509V3_GET_VALUE_BOOL 110 | ||
| 481 | #define X509V3_F_X509V3_PARSE_LIST 109 | ||
| 482 | |||
| 483 | /* Reason codes. */ | ||
| 484 | #define X509V3_R_BAD_IP_ADDRESS 118 | ||
| 485 | #define X509V3_R_BAD_OBJECT 119 | ||
| 486 | #define X509V3_R_BN_DEC2BN_ERROR 100 | ||
| 487 | #define X509V3_R_BN_TO_ASN1_INTEGER_ERROR 101 | ||
| 488 | #define X509V3_R_DUPLICATE_ZONE_ID 133 | ||
| 489 | #define X509V3_R_ERROR_CONVERTING_ZONE 131 | ||
| 490 | #define X509V3_R_ERROR_IN_EXTENSION 128 | ||
| 491 | #define X509V3_R_EXPECTED_A_SECTION_NAME 137 | ||
| 492 | #define X509V3_R_EXTENSION_NAME_ERROR 115 | ||
| 493 | #define X509V3_R_EXTENSION_NOT_FOUND 102 | ||
| 494 | #define X509V3_R_EXTENSION_SETTING_NOT_SUPPORTED 103 | ||
| 495 | #define X509V3_R_EXTENSION_VALUE_ERROR 116 | ||
| 496 | #define X509V3_R_ILLEGAL_HEX_DIGIT 113 | ||
| 497 | #define X509V3_R_INVALID_BOOLEAN_STRING 104 | ||
| 498 | #define X509V3_R_INVALID_EXTENSION_STRING 105 | ||
| 499 | #define X509V3_R_INVALID_NAME 106 | ||
| 500 | #define X509V3_R_INVALID_NULL_ARGUMENT 107 | ||
| 501 | #define X509V3_R_INVALID_NULL_NAME 108 | ||
| 502 | #define X509V3_R_INVALID_NULL_VALUE 109 | ||
| 503 | #define X509V3_R_INVALID_NUMBER 140 | ||
| 504 | #define X509V3_R_INVALID_NUMBERS 141 | ||
| 505 | #define X509V3_R_INVALID_OBJECT_IDENTIFIER 110 | ||
| 506 | #define X509V3_R_INVALID_OPTION 138 | ||
| 507 | #define X509V3_R_INVALID_POLICY_IDENTIFIER 134 | ||
| 508 | #define X509V3_R_INVALID_SECTION 135 | ||
| 509 | #define X509V3_R_ISSUER_DECODE_ERROR 126 | ||
| 510 | #define X509V3_R_MISSING_VALUE 124 | ||
| 511 | #define X509V3_R_NEED_ORGANIZATION_AND_NUMBERS 142 | ||
| 512 | #define X509V3_R_NO_CONFIG_DATABASE 136 | ||
| 513 | #define X509V3_R_NO_ISSUER_CERTIFICATE 121 | ||
| 514 | #define X509V3_R_NO_ISSUER_DETAILS 127 | ||
| 515 | #define X509V3_R_NO_POLICY_IDENTIFIER 139 | ||
| 516 | #define X509V3_R_NO_PUBLIC_KEY 114 | ||
| 517 | #define X509V3_R_NO_SUBJECT_DETAILS 125 | ||
| 518 | #define X509V3_R_ODD_NUMBER_OF_DIGITS 112 | ||
| 519 | #define X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS 122 | ||
| 520 | #define X509V3_R_UNABLE_TO_GET_ISSUER_KEYID 123 | ||
| 521 | #define X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT 111 | ||
| 522 | #define X509V3_R_UNKNOWN_EXTENSION 129 | ||
| 523 | #define X509V3_R_UNKNOWN_EXTENSION_NAME 130 | ||
| 524 | #define X509V3_R_UNKNOWN_OPTION 120 | ||
| 525 | #define X509V3_R_UNSUPPORTED_OPTION 117 | ||
| 526 | #define X509V3_R_USER_TOO_LONG 132 | ||
| 527 | |||
| 528 | #ifdef __cplusplus | ||
| 529 | } | ||
| 530 | #endif | ||
| 531 | #endif | ||
| 532 | |||