summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorjsing <>2014-04-19 13:29:11 +0000
committerjsing <>2014-04-19 13:29:11 +0000
commit7e0c192deac57ad25c3b253ccb32dfe88cfef27f (patch)
tree03243ed125b0122180311a953d14f9126e96cdf5 /src
parent4208104cba46786606cd522b3b0f9b2d5a6a65a2 (diff)
downloadopenbsd-7e0c192deac57ad25c3b253ccb32dfe88cfef27f.tar.gz
openbsd-7e0c192deac57ad25c3b253ccb32dfe88cfef27f.tar.bz2
openbsd-7e0c192deac57ad25c3b253ccb32dfe88cfef27f.zip
More KNF.
Diffstat (limited to 'src')
-rw-r--r--src/lib/libcrypto/asn1/a_time.c63
-rw-r--r--src/lib/libcrypto/asn1/a_type.c41
-rw-r--r--src/lib/libcrypto/asn1/a_utctm.c218
-rw-r--r--src/lib/libcrypto/asn1/a_utf8.c144
-rw-r--r--src/lib/libcrypto/asn1/a_verify.c68
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_time.c63
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_type.c41
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_utctm.c218
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_utf8.c144
-rw-r--r--src/lib/libssl/src/crypto/asn1/a_verify.c68
10 files changed, 592 insertions, 476 deletions
diff --git a/src/lib/libcrypto/asn1/a_time.c b/src/lib/libcrypto/asn1/a_time.c
index 1978e8d3dc..29d56b827a 100644
--- a/src/lib/libcrypto/asn1/a_time.c
+++ b/src/lib/libcrypto/asn1/a_time.c
@@ -7,7 +7,7 @@
7 * are met: 7 * are met:
8 * 8 *
9 * 1. Redistributions of source code must retain the above copyright 9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer. 10 * notice, this list of conditions and the following disclaimer.
11 * 11 *
12 * 2. Redistributions in binary form must reproduce the above copyright 12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in 13 * notice, this list of conditions and the following disclaimer in
@@ -72,43 +72,45 @@ IMPLEMENT_ASN1_MSTRING(ASN1_TIME, B_ASN1_TIME)
72IMPLEMENT_ASN1_FUNCTIONS(ASN1_TIME) 72IMPLEMENT_ASN1_FUNCTIONS(ASN1_TIME)
73 73
74#if 0 74#if 0
75int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp) 75int
76i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp)
76{ 77{
77 if(a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME) 78 if (a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME)
78 return(i2d_ASN1_bytes((ASN1_STRING *)a,pp, 79 return(i2d_ASN1_bytes((ASN1_STRING *)a, pp,
79 a->type ,V_ASN1_UNIVERSAL)); 80 a->type, V_ASN1_UNIVERSAL));
80 ASN1err(ASN1_F_I2D_ASN1_TIME,ASN1_R_EXPECTING_A_TIME); 81 ASN1err(ASN1_F_I2D_ASN1_TIME, ASN1_R_EXPECTING_A_TIME);
81 return -1; 82 return -1;
82} 83}
83#endif 84#endif
84 85
85 86ASN1_TIME *
86ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t) 87ASN1_TIME_set(ASN1_TIME *s, time_t t)
87{ 88{
88 return ASN1_TIME_adj(s, t, 0, 0); 89 return ASN1_TIME_adj(s, t, 0, 0);
89} 90}
90 91
91ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, 92ASN1_TIME *
92 int offset_day, long offset_sec) 93ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day, long offset_sec)
93{ 94{
94 struct tm *ts; 95 struct tm *ts;
95 struct tm data; 96 struct tm data;
96 97
97 ts=gmtime_r(&t,&data); 98 ts = gmtime_r(&t, &data);
98 if (ts == NULL) { 99 if (ts == NULL) {
99 ASN1err(ASN1_F_ASN1_TIME_ADJ, ASN1_R_ERROR_GETTING_TIME); 100 ASN1err(ASN1_F_ASN1_TIME_ADJ, ASN1_R_ERROR_GETTING_TIME);
100 return NULL; 101 return NULL;
101 } 102 }
102 if (offset_day || offset_sec) { 103 if (offset_day || offset_sec) {
103 if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec)) 104 if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
104 return NULL; 105 return NULL;
105 } 106 }
106 if((ts->tm_year >= 50) && (ts->tm_year < 150)) 107 if ((ts->tm_year >= 50) && (ts->tm_year < 150))
107 return ASN1_UTCTIME_adj(s, t, offset_day, offset_sec); 108 return ASN1_UTCTIME_adj(s, t, offset_day, offset_sec);
108 return ASN1_GENERALIZEDTIME_adj(s, t, offset_day, offset_sec); 109 return ASN1_GENERALIZEDTIME_adj(s, t, offset_day, offset_sec);
109} 110}
110 111
111int ASN1_TIME_check(ASN1_TIME *t) 112int
113ASN1_TIME_check(ASN1_TIME *t)
112{ 114{
113 if (t->type == V_ASN1_GENERALIZEDTIME) 115 if (t->type == V_ASN1_GENERALIZEDTIME)
114 return ASN1_GENERALIZEDTIME_check(t); 116 return ASN1_GENERALIZEDTIME_check(t);
@@ -118,24 +120,27 @@ int ASN1_TIME_check(ASN1_TIME *t)
118} 120}
119 121
120/* Convert an ASN1_TIME structure to GeneralizedTime */ 122/* Convert an ASN1_TIME structure to GeneralizedTime */
121ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out) 123ASN1_GENERALIZEDTIME *
124ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out)
122{ 125{
123 ASN1_GENERALIZEDTIME *ret; 126 ASN1_GENERALIZEDTIME *ret;
124 char *str; 127 char *str;
125 int newlen; 128 int newlen;
126 129
127 if (!ASN1_TIME_check(t)) return NULL; 130 if (!ASN1_TIME_check(t))
131 return NULL;
128 132
129 if (!out || !*out) { 133 if (!out || !*out) {
130 if (!(ret = ASN1_GENERALIZEDTIME_new ())) 134 if (!(ret = ASN1_GENERALIZEDTIME_new ()))
131 return NULL; 135 return NULL;
132 if (out) *out = ret; 136 if (out)
133 } 137 *out = ret;
134 else ret = *out; 138 } else
139 ret = *out;
135 140
136 /* If already GeneralizedTime just copy across */ 141 /* If already GeneralizedTime just copy across */
137 if (t->type == V_ASN1_GENERALIZEDTIME) { 142 if (t->type == V_ASN1_GENERALIZEDTIME) {
138 if(!ASN1_STRING_set(ret, t->data, t->length)) 143 if (!ASN1_STRING_set(ret, t->data, t->length))
139 return NULL; 144 return NULL;
140 return ret; 145 return ret;
141 } 146 }
@@ -147,22 +152,24 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZE
147 newlen = t->length + 2 + 1; 152 newlen = t->length + 2 + 1;
148 str = (char *)ret->data; 153 str = (char *)ret->data;
149 /* Work out the century and prepend */ 154 /* Work out the century and prepend */
150 if (t->data[0] >= '5') strlcpy(str, "19", newlen); 155 if (t->data[0] >= '5')
151 else strlcpy(str, "20", newlen); 156 strlcpy(str, "19", newlen);
152 157 else
158 strlcpy(str, "20", newlen);
153 strlcat(str, (char *)t->data, newlen); 159 strlcat(str, (char *)t->data, newlen);
154 160
155 return ret; 161 return ret;
156} 162}
157 163
158int ASN1_TIME_set_string(ASN1_TIME *s, const char *str) 164int
165ASN1_TIME_set_string(ASN1_TIME *s, const char *str)
159{ 166{
160 ASN1_TIME t; 167 ASN1_TIME t;
161 168
162 t.length = strlen(str); 169 t.length = strlen(str);
163 t.data = (unsigned char *)str; 170 t.data = (unsigned char *)str;
164 t.flags = 0; 171 t.flags = 0;
165 172
166 t.type = V_ASN1_UTCTIME; 173 t.type = V_ASN1_UTCTIME;
167 174
168 if (!ASN1_TIME_check(&t)) { 175 if (!ASN1_TIME_check(&t)) {
@@ -170,9 +177,9 @@ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str)
170 if (!ASN1_TIME_check(&t)) 177 if (!ASN1_TIME_check(&t))
171 return 0; 178 return 0;
172 } 179 }
173 180
174 if (s && !ASN1_STRING_copy((ASN1_STRING *)s, (ASN1_STRING *)&t)) 181 if (s && !ASN1_STRING_copy((ASN1_STRING *)s, (ASN1_STRING *)&t))
175 return 0; 182 return 0;
176 183
177 return 1; 184 return 1;
178} 185}
diff --git a/src/lib/libcrypto/asn1/a_type.c b/src/lib/libcrypto/asn1/a_type.c
index dd746e925e..93c6be9ddd 100644
--- a/src/lib/libcrypto/asn1/a_type.c
+++ b/src/lib/libcrypto/asn1/a_type.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -61,28 +61,31 @@
61#include <openssl/asn1t.h> 61#include <openssl/asn1t.h>
62#include <openssl/objects.h> 62#include <openssl/objects.h>
63 63
64int ASN1_TYPE_get(ASN1_TYPE *a) 64int
65ASN1_TYPE_get(ASN1_TYPE *a)
65{ 66{
66 if ((a->value.ptr != NULL) || (a->type == V_ASN1_NULL)) 67 if ((a->value.ptr != NULL) || (a->type == V_ASN1_NULL))
67 return(a->type); 68 return (a->type);
68 else 69 else
69 return(0); 70 return (0);
70} 71}
71 72
72void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value) 73void
74ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
73{ 75{
74 if (a->value.ptr != NULL) { 76 if (a->value.ptr != NULL) {
75 ASN1_TYPE **tmp_a = &a; 77 ASN1_TYPE **tmp_a = &a;
76 ASN1_primitive_free((ASN1_VALUE **)tmp_a, NULL); 78 ASN1_primitive_free((ASN1_VALUE **)tmp_a, NULL);
77 } 79 }
78 a->type=type; 80 a->type = type;
79 if (type == V_ASN1_BOOLEAN) 81 if (type == V_ASN1_BOOLEAN)
80 a->value.boolean = value ? 0xff : 0; 82 a->value.boolean = value ? 0xff : 0;
81 else 83 else
82 a->value.ptr=value; 84 a->value.ptr = value;
83} 85}
84 86
85int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value) 87int
88ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value)
86{ 89{
87 if (!value || (type == V_ASN1_BOOLEAN)) { 90 if (!value || (type == V_ASN1_BOOLEAN)) {
88 void *p = (void *)value; 91 void *p = (void *)value;
@@ -107,19 +110,23 @@ IMPLEMENT_STACK_OF(ASN1_TYPE)
107IMPLEMENT_ASN1_SET_OF(ASN1_TYPE) 110IMPLEMENT_ASN1_SET_OF(ASN1_TYPE)
108 111
109/* Returns 0 if they are equal, != 0 otherwise. */ 112/* Returns 0 if they are equal, != 0 otherwise. */
110int ASN1_TYPE_cmp(ASN1_TYPE *a, ASN1_TYPE *b) 113int
114ASN1_TYPE_cmp(ASN1_TYPE *a, ASN1_TYPE *b)
111{ 115{
112 int result = -1; 116 int result = -1;
113 117
114 if (!a || !b || a->type != b->type) return -1; 118 if (!a || !b || a->type != b->type)
119 return -1;
115 120
116 switch (a->type) { 121 switch (a->type) {
117 case V_ASN1_OBJECT: 122 case V_ASN1_OBJECT:
118 result = OBJ_cmp(a->value.object, b->value.object); 123 result = OBJ_cmp(a->value.object, b->value.object);
119 break; 124 break;
125
120 case V_ASN1_NULL: 126 case V_ASN1_NULL:
121 result = 0; /* They do not have content. */ 127 result = 0; /* They do not have content. */
122 break; 128 break;
129
123 case V_ASN1_INTEGER: 130 case V_ASN1_INTEGER:
124 case V_ASN1_NEG_INTEGER: 131 case V_ASN1_NEG_INTEGER:
125 case V_ASN1_ENUMERATED: 132 case V_ASN1_ENUMERATED:
@@ -143,8 +150,8 @@ int ASN1_TYPE_cmp(ASN1_TYPE *a, ASN1_TYPE *b)
143 case V_ASN1_UTF8STRING: 150 case V_ASN1_UTF8STRING:
144 case V_ASN1_OTHER: 151 case V_ASN1_OTHER:
145 default: 152 default:
146 result = ASN1_STRING_cmp((ASN1_STRING *) a->value.ptr, 153 result = ASN1_STRING_cmp((ASN1_STRING *)a->value.ptr,
147 (ASN1_STRING *) b->value.ptr); 154 (ASN1_STRING *)b->value.ptr);
148 break; 155 break;
149 } 156 }
150 157
diff --git a/src/lib/libcrypto/asn1/a_utctm.c b/src/lib/libcrypto/asn1/a_utctm.c
index 0120b952b3..0cd0382fe9 100644
--- a/src/lib/libcrypto/asn1/a_utctm.c
+++ b/src/lib/libcrypto/asn1/a_utctm.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -63,113 +63,127 @@
63#include <openssl/asn1.h> 63#include <openssl/asn1.h>
64 64
65#if 0 65#if 0
66int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **pp) 66int
67i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **pp)
67{ 68{
68 return(i2d_ASN1_bytes((ASN1_STRING *)a,pp, 69 return(i2d_ASN1_bytes((ASN1_STRING *)a, pp,
69 V_ASN1_UTCTIME,V_ASN1_UNIVERSAL)); 70 V_ASN1_UTCTIME, V_ASN1_UNIVERSAL));
70} 71}
71 72
72 73ASN1_UTCTIME *
73ASN1_UTCTIME *d2i_ASN1_UTCTIME(ASN1_UTCTIME **a, unsigned char **pp, 74d2i_ASN1_UTCTIME(ASN1_UTCTIME **a, unsigned char **pp, long length)
74 long length)
75{ 75{
76 ASN1_UTCTIME *ret=NULL; 76 ASN1_UTCTIME *ret = NULL;
77 77
78 ret=(ASN1_UTCTIME *)d2i_ASN1_bytes((ASN1_STRING **)a,pp,length, 78 ret = (ASN1_UTCTIME *)d2i_ASN1_bytes((ASN1_STRING **)a, pp, length,
79 V_ASN1_UTCTIME,V_ASN1_UNIVERSAL); 79 V_ASN1_UTCTIME, V_ASN1_UNIVERSAL);
80 if (ret == NULL) { 80 if (ret == NULL) {
81 ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ERR_R_NESTED_ASN1_ERROR); 81 ASN1err(ASN1_F_D2I_ASN1_UTCTIME, ERR_R_NESTED_ASN1_ERROR);
82 return(NULL); 82 return (NULL);
83 } 83 }
84 if (!ASN1_UTCTIME_check(ret)) { 84 if (!ASN1_UTCTIME_check(ret)) {
85 ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_INVALID_TIME_FORMAT); 85 ASN1err(ASN1_F_D2I_ASN1_UTCTIME, ASN1_R_INVALID_TIME_FORMAT);
86 goto err; 86 goto err;
87 } 87 }
88 return (ret);
88 89
89 return(ret);
90err: 90err:
91 if ((ret != NULL) && ((a == NULL) || (*a != ret))) 91 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
92 M_ASN1_UTCTIME_free(ret); 92 M_ASN1_UTCTIME_free(ret);
93 return(NULL); 93 return (NULL);
94} 94}
95 95
96#endif 96#endif
97 97
98int ASN1_UTCTIME_check(ASN1_UTCTIME *d) 98int
99ASN1_UTCTIME_check(ASN1_UTCTIME *d)
99{ 100{
100 static const int min[8]={ 0, 1, 1, 0, 0, 0, 0, 0}; 101 static const int min[8] = {0, 1, 1, 0, 0, 0, 0, 0};
101 static const int max[8]={99,12,31,23,59,59,12,59}; 102 static const int max[8] = {99, 12, 31, 23, 59, 59, 12, 59};
102 char *a; 103 char *a;
103 int n,i,l,o; 104 int n, i, l, o;
105
106 if (d->type != V_ASN1_UTCTIME)
107 return (0);
108 l = d->length;
109 a = (char *)d->data;
110 o = 0;
104 111
105 if (d->type != V_ASN1_UTCTIME) return(0); 112 if (l < 11)
106 l=d->length;
107 a=(char *)d->data;
108 o=0;
109 113
110 if (l < 11) goto err; 114 goto err;
111 for (i=0; i<6; i++) { 115 for (i = 0; i < 6; i++) {
112 if ((i == 5) && ((a[o] == 'Z') || 116 if ((i == 5) && ((a[o] == 'Z') ||
113 (a[o] == '+') || (a[o] == '-'))) { 117 (a[o] == '+') || (a[o] == '-'))) {
114 i++; 118 i++;
115 break; 119 break;
116 } 120 }
117 if ((a[o] < '0') || (a[o] > '9')) goto err; 121 if ((a[o] < '0') || (a[o] > '9'))
118 n= a[o]-'0'; 122 goto err;
119 if (++o > l) goto err; 123 n = a[o]-'0';
120 124 if (++o > l)
121 if ((a[o] < '0') || (a[o] > '9')) goto err; 125 goto err;
122 n=(n*10)+ a[o]-'0'; 126 if ((a[o] < '0') || (a[o] > '9'))
123 if (++o > l) goto err; 127 goto err;
124 128 n = (n * 10) + a[o] - '0';
125 if ((n < min[i]) || (n > max[i])) goto err; 129 if (++o > l)
130 goto err;
131 if ((n < min[i]) || (n > max[i]))
132 goto err;
126 } 133 }
127 if (a[o] == 'Z') 134 if (a[o] == 'Z')
128 o++; 135 o++;
129 else if ((a[o] == '+') || (a[o] == '-')) { 136 else if ((a[o] == '+') || (a[o] == '-')) {
130 o++; 137 o++;
131 if (o+4 > l) goto err; 138 if (o + 4 > l)
132 for (i=6; i<8; i++) { 139 goto err;
133 if ((a[o] < '0') || (a[o] > '9')) goto err; 140 for (i = 6; i < 8; i++) {
134 n= a[o]-'0'; 141 if ((a[o] < '0') || (a[o] > '9'))
142 goto err;
143 n = a[o] -'0';
135 o++; 144 o++;
136 if ((a[o] < '0') || (a[o] > '9')) goto err; 145 if ((a[o] < '0') || (a[o] > '9'))
137 n=(n*10)+ a[o]-'0'; 146 goto err;
138 if ((n < min[i]) || (n > max[i])) goto err; 147 n = (n * 10) + a[o] - '0';
148 if ((n < min[i]) || (n > max[i]))
149 goto err;
139 o++; 150 o++;
140 } 151 }
141 } 152 }
142 return(o == l); 153 return (o == l);
154
143err: 155err:
144 return(0); 156 return (0);
145} 157}
146 158
147int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str) 159int
160ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str)
148{ 161{
149 ASN1_UTCTIME t; 162 ASN1_UTCTIME t;
150 163
151 t.type=V_ASN1_UTCTIME; 164 t.type = V_ASN1_UTCTIME;
152 t.length=strlen(str); 165 t.length = strlen(str);
153 t.data=(unsigned char *)str; 166 t.data = (unsigned char *)str;
154 if (ASN1_UTCTIME_check(&t)) { 167 if (ASN1_UTCTIME_check(&t)) {
155 if (s != NULL) { 168 if (s != NULL) {
156 if (!ASN1_STRING_set((ASN1_STRING *)s, 169 if (!ASN1_STRING_set((ASN1_STRING *)s,
157 (unsigned char *)str,t.length)) 170 (unsigned char *)str, t.length))
158 return 0; 171 return 0;
159 s->type = V_ASN1_UTCTIME; 172 s->type = V_ASN1_UTCTIME;
160 } 173 }
161 return(1); 174 return (1);
162 } else 175 } else
163 return(0); 176 return (0);
164} 177}
165 178
166ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t) 179ASN1_UTCTIME *
180ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
167{ 181{
168 return ASN1_UTCTIME_adj(s, t, 0, 0); 182 return ASN1_UTCTIME_adj(s, t, 0, 0);
169} 183}
170 184
171ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, 185ASN1_UTCTIME *
172 int offset_day, long offset_sec) 186ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, int offset_day, long offset_sec)
173{ 187{
174 char *p; 188 char *p;
175 struct tm *ts; 189 struct tm *ts;
@@ -177,43 +191,43 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
177 size_t len = 20; 191 size_t len = 20;
178 192
179 if (s == NULL) 193 if (s == NULL)
180 s=M_ASN1_UTCTIME_new(); 194 s = M_ASN1_UTCTIME_new();
181 if (s == NULL) 195 if (s == NULL)
182 return(NULL); 196 return (NULL);
183 197
184 ts=gmtime_r(&t, &data); 198 ts = gmtime_r(&t, &data);
185 if (ts == NULL) 199 if (ts == NULL)
186 return(NULL); 200 return (NULL);
187 201
188 if (offset_day || offset_sec) { 202 if (offset_day || offset_sec) {
189 if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec)) 203 if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
190 return NULL; 204 return NULL;
191 } 205 }
192 206
193 if((ts->tm_year < 50) || (ts->tm_year >= 150)) 207 if ((ts->tm_year < 50) || (ts->tm_year >= 150))
194 return NULL; 208 return NULL;
195 209
196 p=(char *)s->data; 210 p = (char *)s->data;
197 if ((p == NULL) || ((size_t)s->length < len)) { 211 if ((p == NULL) || ((size_t)s->length < len)) {
198 p=malloc(len); 212 p = malloc(len);
199 if (p == NULL) { 213 if (p == NULL) {
200 ASN1err(ASN1_F_ASN1_UTCTIME_ADJ,ERR_R_MALLOC_FAILURE); 214 ASN1err(ASN1_F_ASN1_UTCTIME_ADJ, ERR_R_MALLOC_FAILURE);
201 return(NULL); 215 return (NULL);
202 } 216 }
203 if (s->data != NULL) 217 if (s->data != NULL)
204 free(s->data); 218 free(s->data);
205 s->data=(unsigned char *)p; 219 s->data = (unsigned char *)p;
206 } 220 }
207 221
208 snprintf(p,len,"%02d%02d%02d%02d%02d%02dZ",ts->tm_year%100, 222 snprintf(p, len, "%02d%02d%02d%02d%02d%02dZ", ts->tm_year % 100,
209 ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec); 223 ts->tm_mon + 1, ts->tm_mday, ts->tm_hour, ts->tm_min, ts->tm_sec);
210 s->length=strlen(p); 224 s->length = strlen(p);
211 s->type=V_ASN1_UTCTIME; 225 s->type = V_ASN1_UTCTIME;
212 return(s); 226 return (s);
213} 227}
214 228
215 229int
216int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t) 230ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
217{ 231{
218 struct tm *tm; 232 struct tm *tm;
219 struct tm data; 233 struct tm data;
@@ -223,57 +237,57 @@ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
223#define g2(p) (((p)[0]-'0')*10+(p)[1]-'0') 237#define g2(p) (((p)[0]-'0')*10+(p)[1]-'0')
224 238
225 if (s->data[12] == 'Z') 239 if (s->data[12] == 'Z')
226 offset=0; 240 offset = 0;
227 else { 241 else {
228 offset = g2(s->data+13)*60+g2(s->data+15); 242 offset = g2(s->data + 13)*60 + g2(s->data + 15);
229 if (s->data[12] == '-') 243 if (s->data[12] == '-')
230 offset = -offset; 244 offset = -offset;
231 } 245 }
232 246
233 t -= offset*60; /* FIXME: may overflow in extreme cases */ 247 t -= offset * 60; /* FIXME: may overflow in extreme cases */
234 248
235 tm = gmtime_r(&t, &data); 249 tm = gmtime_r(&t, &data);
236 250
237#define return_cmp(a,b) if ((a)<(b)) return -1; else if ((a)>(b)) return 1 251#define return_cmp(a,b) if ((a)<(b)) return -1; else if ((a)>(b)) return 1
238 year = g2(s->data); 252 year = g2(s->data);
239 if (year < 50) 253 if (year < 50)
240 year += 100; 254 year += 100;
241 return_cmp(year, tm->tm_year); 255 return_cmp(year, tm->tm_year);
242 return_cmp(g2(s->data+2) - 1, tm->tm_mon); 256 return_cmp(g2(s->data + 2) - 1, tm->tm_mon);
243 return_cmp(g2(s->data+4), tm->tm_mday); 257 return_cmp(g2(s->data + 4), tm->tm_mday);
244 return_cmp(g2(s->data+6), tm->tm_hour); 258 return_cmp(g2(s->data + 6), tm->tm_hour);
245 return_cmp(g2(s->data+8), tm->tm_min); 259 return_cmp(g2(s->data + 8), tm->tm_min);
246 return_cmp(g2(s->data+10), tm->tm_sec); 260 return_cmp(g2(s->data + 10), tm->tm_sec);
247#undef g2 261#undef g2
248#undef return_cmp 262#undef return_cmp
249 263
250 return 0; 264 return 0;
251} 265}
252 266
253
254#if 0 267#if 0
255time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s) 268time_t
269ASN1_UTCTIME_get(const ASN1_UTCTIME *s)
256{ 270{
257 struct tm tm; 271 struct tm tm;
258 int offset; 272 int offset;
259 273
260 memset(&tm,'\0',sizeof tm); 274 memset(&tm, '\0', sizeof tm);
261 275
262#define g2(p) (((p)[0]-'0')*10+(p)[1]-'0') 276#define g2(p) (((p)[0]-'0')*10+(p)[1]-'0')
263 tm.tm_year=g2(s->data); 277 tm.tm_year = g2(s->data);
264 if(tm.tm_year < 50) 278 if (tm.tm_year < 50)
265 tm.tm_year+=100; 279 tm.tm_year += 100;
266 tm.tm_mon=g2(s->data+2)-1; 280 tm.tm_mon = g2(s->data + 2) - 1;
267 tm.tm_mday=g2(s->data+4); 281 tm.tm_mday = g2(s->data + 4);
268 tm.tm_hour=g2(s->data+6); 282 tm.tm_hour = g2(s->data + 6);
269 tm.tm_min=g2(s->data+8); 283 tm.tm_min = g2(s->data + 8);
270 tm.tm_sec=g2(s->data+10); 284 tm.tm_sec = g2(s->data + 10);
271 if(s->data[12] == 'Z') 285 if (s->data[12] == 'Z')
272 offset=0; 286 offset = 0;
273 else { 287 else {
274 offset=g2(s->data+13)*60+g2(s->data+15); 288 offset = g2(s->data + 13) * 60 + g2(s->data + 15);
275 if(s->data[12] == '-') 289 if (s->data[12] == '-')
276 offset= -offset; 290 offset = -offset;
277 } 291 }
278#undef g2 292#undef g2
279 293
diff --git a/src/lib/libcrypto/asn1/a_utf8.c b/src/lib/libcrypto/asn1/a_utf8.c
index 508e11e527..c224db4c12 100644
--- a/src/lib/libcrypto/asn1/a_utf8.c
+++ b/src/lib/libcrypto/asn1/a_utf8.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -73,75 +73,92 @@
73 * -4 = character encoded incorrectly (not minimal length). 73 * -4 = character encoded incorrectly (not minimal length).
74 */ 74 */
75 75
76int UTF8_getc(const unsigned char *str, int len, unsigned long *val) 76int
77UTF8_getc(const unsigned char *str, int len, unsigned long *val)
77{ 78{
78 const unsigned char *p; 79 const unsigned char *p;
79 unsigned long value; 80 unsigned long value;
80 int ret; 81 int ret;
81 if(len <= 0) return 0; 82 if (len <= 0)
83 return 0;
82 p = str; 84 p = str;
83 85
84 /* Check syntax and work out the encoded value (if correct) */ 86 /* Check syntax and work out the encoded value (if correct) */
85 if((*p & 0x80) == 0) { 87 if ((*p & 0x80) == 0) {
86 value = *p++ & 0x7f; 88 value = *p++ & 0x7f;
87 ret = 1; 89 ret = 1;
88 } else if((*p & 0xe0) == 0xc0) { 90 } else if ((*p & 0xe0) == 0xc0) {
89 if(len < 2) return -1; 91 if (len < 2)
90 if((p[1] & 0xc0) != 0x80) return -3; 92 return -1;
93 if ((p[1] & 0xc0) != 0x80)
94 return -3;
91 value = (*p++ & 0x1f) << 6; 95 value = (*p++ & 0x1f) << 6;
92 value |= *p++ & 0x3f; 96 value |= *p++ & 0x3f;
93 if(value < 0x80) return -4; 97 if (value < 0x80)
98 return -4;
94 ret = 2; 99 ret = 2;
95 } else if((*p & 0xf0) == 0xe0) { 100 } else if ((*p & 0xf0) == 0xe0) {
96 if(len < 3) return -1; 101 if (len < 3)
97 if( ((p[1] & 0xc0) != 0x80) 102 return -1;
98 || ((p[2] & 0xc0) != 0x80) ) return -3; 103 if (((p[1] & 0xc0) != 0x80) ||
104 ((p[2] & 0xc0) != 0x80))
105 return -3;
99 value = (*p++ & 0xf) << 12; 106 value = (*p++ & 0xf) << 12;
100 value |= (*p++ & 0x3f) << 6; 107 value |= (*p++ & 0x3f) << 6;
101 value |= *p++ & 0x3f; 108 value |= *p++ & 0x3f;
102 if(value < 0x800) return -4; 109 if (value < 0x800)
110 return -4;
103 ret = 3; 111 ret = 3;
104 } else if((*p & 0xf8) == 0xf0) { 112 } else if ((*p & 0xf8) == 0xf0) {
105 if(len < 4) return -1; 113 if (len < 4)
106 if( ((p[1] & 0xc0) != 0x80) 114 return -1;
107 || ((p[2] & 0xc0) != 0x80) 115 if (((p[1] & 0xc0) != 0x80) ||
108 || ((p[3] & 0xc0) != 0x80) ) return -3; 116 ((p[2] & 0xc0) != 0x80) ||
117 ((p[3] & 0xc0) != 0x80))
118 return -3;
109 value = ((unsigned long)(*p++ & 0x7)) << 18; 119 value = ((unsigned long)(*p++ & 0x7)) << 18;
110 value |= (*p++ & 0x3f) << 12; 120 value |= (*p++ & 0x3f) << 12;
111 value |= (*p++ & 0x3f) << 6; 121 value |= (*p++ & 0x3f) << 6;
112 value |= *p++ & 0x3f; 122 value |= *p++ & 0x3f;
113 if(value < 0x10000) return -4; 123 if (value < 0x10000)
124 return -4;
114 ret = 4; 125 ret = 4;
115 } else if((*p & 0xfc) == 0xf8) { 126 } else if ((*p & 0xfc) == 0xf8) {
116 if(len < 5) return -1; 127 if (len < 5)
117 if( ((p[1] & 0xc0) != 0x80) 128 return -1;
118 || ((p[2] & 0xc0) != 0x80) 129 if (((p[1] & 0xc0) != 0x80) ||
119 || ((p[3] & 0xc0) != 0x80) 130 ((p[2] & 0xc0) != 0x80) ||
120 || ((p[4] & 0xc0) != 0x80) ) return -3; 131 ((p[3] & 0xc0) != 0x80) ||
132 ((p[4] & 0xc0) != 0x80))
133 return -3;
121 value = ((unsigned long)(*p++ & 0x3)) << 24; 134 value = ((unsigned long)(*p++ & 0x3)) << 24;
122 value |= ((unsigned long)(*p++ & 0x3f)) << 18; 135 value |= ((unsigned long)(*p++ & 0x3f)) << 18;
123 value |= ((unsigned long)(*p++ & 0x3f)) << 12; 136 value |= ((unsigned long)(*p++ & 0x3f)) << 12;
124 value |= (*p++ & 0x3f) << 6; 137 value |= (*p++ & 0x3f) << 6;
125 value |= *p++ & 0x3f; 138 value |= *p++ & 0x3f;
126 if(value < 0x200000) return -4; 139 if (value < 0x200000)
140 return -4;
127 ret = 5; 141 ret = 5;
128 } else if((*p & 0xfe) == 0xfc) { 142 } else if ((*p & 0xfe) == 0xfc) {
129 if(len < 6) return -1; 143 if (len < 6)
130 if( ((p[1] & 0xc0) != 0x80) 144 return -1;
131 || ((p[2] & 0xc0) != 0x80) 145 if (((p[1] & 0xc0) != 0x80) ||
132 || ((p[3] & 0xc0) != 0x80) 146 ((p[2] & 0xc0) != 0x80) ||
133 || ((p[4] & 0xc0) != 0x80) 147 ((p[3] & 0xc0) != 0x80) ||
134 || ((p[5] & 0xc0) != 0x80) ) return -3; 148 ((p[4] & 0xc0) != 0x80) ||
149 ((p[5] & 0xc0) != 0x80))
150 return -3;
135 value = ((unsigned long)(*p++ & 0x1)) << 30; 151 value = ((unsigned long)(*p++ & 0x1)) << 30;
136 value |= ((unsigned long)(*p++ & 0x3f)) << 24; 152 value |= ((unsigned long)(*p++ & 0x3f)) << 24;
137 value |= ((unsigned long)(*p++ & 0x3f)) << 18; 153 value |= ((unsigned long)(*p++ & 0x3f)) << 18;
138 value |= ((unsigned long)(*p++ & 0x3f)) << 12; 154 value |= ((unsigned long)(*p++ & 0x3f)) << 12;
139 value |= (*p++ & 0x3f) << 6; 155 value |= (*p++ & 0x3f) << 6;
140 value |= *p++ & 0x3f; 156 value |= *p++ & 0x3f;
141 if(value < 0x4000000) return -4; 157 if (value < 0x4000000)
158 return -4;
142 ret = 6; 159 ret = 6;
143 } else return -2; 160 } else return -2;
144 *val = value; 161 *val = value;
145 return ret; 162 return ret;
146} 163}
147 164
@@ -152,34 +169,41 @@ int UTF8_getc(const unsigned char *str, int len, unsigned long *val)
152 * It will need at most 6 characters. 169 * It will need at most 6 characters.
153 */ 170 */
154 171
155int UTF8_putc(unsigned char *str, int len, unsigned long value) 172int
173UTF8_putc(unsigned char *str, int len, unsigned long value)
156{ 174{
157 if(!str) len = 6; /* Maximum we will need */ 175 if (!str)
158 else if(len <= 0) return -1; 176 len = 6; /* Maximum we will need */
159 if(value < 0x80) { 177 else if (len <= 0)
160 if(str) *str = (unsigned char)value; 178 return -1;
179 if (value < 0x80) {
180 if (str)
181 *str = (unsigned char)value;
161 return 1; 182 return 1;
162 } 183 }
163 if(value < 0x800) { 184 if (value < 0x800) {
164 if(len < 2) return -1; 185 if (len < 2)
165 if(str) { 186 return -1;
187 if (str) {
166 *str++ = (unsigned char)(((value >> 6) & 0x1f) | 0xc0); 188 *str++ = (unsigned char)(((value >> 6) & 0x1f) | 0xc0);
167 *str = (unsigned char)((value & 0x3f) | 0x80); 189 *str = (unsigned char)((value & 0x3f) | 0x80);
168 } 190 }
169 return 2; 191 return 2;
170 } 192 }
171 if(value < 0x10000) { 193 if (value < 0x10000) {
172 if(len < 3) return -1; 194 if (len < 3)
173 if(str) { 195 return -1;
196 if (str) {
174 *str++ = (unsigned char)(((value >> 12) & 0xf) | 0xe0); 197 *str++ = (unsigned char)(((value >> 12) & 0xf) | 0xe0);
175 *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80); 198 *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
176 *str = (unsigned char)((value & 0x3f) | 0x80); 199 *str = (unsigned char)((value & 0x3f) | 0x80);
177 } 200 }
178 return 3; 201 return 3;
179 } 202 }
180 if(value < 0x200000) { 203 if (value < 0x200000) {
181 if(len < 4) return -1; 204 if (len < 4)
182 if(str) { 205 return -1;
206 if (str) {
183 *str++ = (unsigned char)(((value >> 18) & 0x7) | 0xf0); 207 *str++ = (unsigned char)(((value >> 18) & 0x7) | 0xf0);
184 *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80); 208 *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
185 *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80); 209 *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
@@ -187,9 +211,10 @@ int UTF8_putc(unsigned char *str, int len, unsigned long value)
187 } 211 }
188 return 4; 212 return 4;
189 } 213 }
190 if(value < 0x4000000) { 214 if (value < 0x4000000) {
191 if(len < 5) return -1; 215 if (len < 5)
192 if(str) { 216 return -1;
217 if (str) {
193 *str++ = (unsigned char)(((value >> 24) & 0x3) | 0xf8); 218 *str++ = (unsigned char)(((value >> 24) & 0x3) | 0xf8);
194 *str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80); 219 *str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80);
195 *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80); 220 *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
@@ -198,8 +223,9 @@ int UTF8_putc(unsigned char *str, int len, unsigned long value)
198 } 223 }
199 return 5; 224 return 5;
200 } 225 }
201 if(len < 6) return -1; 226 if (len < 6)
202 if(str) { 227 return -1;
228 if (str) {
203 *str++ = (unsigned char)(((value >> 30) & 0x1) | 0xfc); 229 *str++ = (unsigned char)(((value >> 30) & 0x1) | 0xfc);
204 *str++ = (unsigned char)(((value >> 24) & 0x3f) | 0x80); 230 *str++ = (unsigned char)(((value >> 24) & 0x3f) | 0x80);
205 *str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80); 231 *str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80);
diff --git a/src/lib/libcrypto/asn1/a_verify.c b/src/lib/libcrypto/asn1/a_verify.c
index 8df0b038d1..3b7bf0580d 100644
--- a/src/lib/libcrypto/asn1/a_verify.c
+++ b/src/lib/libcrypto/asn1/a_verify.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -72,12 +72,13 @@
72#include <openssl/buffer.h> 72#include <openssl/buffer.h>
73#include <openssl/evp.h> 73#include <openssl/evp.h>
74 74
75int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, 75int
76 ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey) 76ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
77 ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey)
77{ 78{
78 EVP_MD_CTX ctx; 79 EVP_MD_CTX ctx;
79 unsigned char *buf_in=NULL; 80 unsigned char *buf_in = NULL;
80 int ret= -1,inl; 81 int ret = -1, inl;
81 82
82 int mdnid, pknid; 83 int mdnid, pknid;
83 84
@@ -90,16 +91,18 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
90 91
91 /* Convert signature OID into digest and public key OIDs */ 92 /* Convert signature OID into digest and public key OIDs */
92 if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) { 93 if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) {
93 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); 94 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
95 ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
94 goto err; 96 goto err;
95 } 97 }
96 if (mdnid == NID_undef) { 98 if (mdnid == NID_undef) {
97 if (!pkey->ameth || !pkey->ameth->item_verify) { 99 if (!pkey->ameth || !pkey->ameth->item_verify) {
98 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); 100 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
101 ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
99 goto err; 102 goto err;
100 } 103 }
101 ret = pkey->ameth->item_verify(&ctx, it, asn, a, 104 ret = pkey->ameth->item_verify(&ctx, it, asn, a,
102 signature, pkey); 105 signature, pkey);
103 /* Return value of 2 means carry on, anything else means we 106 /* Return value of 2 means carry on, anything else means we
104 * exit straight away: either a fatal error of the underlying 107 * exit straight away: either a fatal error of the underlying
105 * verification routine handles all verification. 108 * verification routine handles all verification.
@@ -109,55 +112,56 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
109 ret = -1; 112 ret = -1;
110 } else { 113 } else {
111 const EVP_MD *type; 114 const EVP_MD *type;
112 type=EVP_get_digestbynid(mdnid); 115 type = EVP_get_digestbynid(mdnid);
113 if (type == NULL) { 116 if (type == NULL) {
114 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); 117 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
118 ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
115 goto err; 119 goto err;
116 } 120 }
117 121
118 /* Check public key OID matches public key type */ 122 /* Check public key OID matches public key type */
119 if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) { 123 if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) {
120 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_WRONG_PUBLIC_KEY_TYPE); 124 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
125 ASN1_R_WRONG_PUBLIC_KEY_TYPE);
121 goto err; 126 goto err;
122 } 127 }
123 128
124 if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)) { 129 if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)) {
125 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); 130 ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
126 ret=0; 131 ret = 0;
127 goto err; 132 goto err;
128 } 133 }
129 134
130 } 135 }
131 136
132 inl = ASN1_item_i2d(asn, &buf_in, it); 137 inl = ASN1_item_i2d(asn, &buf_in, it);
133 138
134 if (buf_in == NULL) { 139 if (buf_in == NULL) {
135 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_MALLOC_FAILURE); 140 ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_MALLOC_FAILURE);
136 goto err; 141 goto err;
137 } 142 }
138 143
139 if (!EVP_DigestVerifyUpdate(&ctx,buf_in,inl)) { 144 if (!EVP_DigestVerifyUpdate(&ctx, buf_in, inl)) {
140 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); 145 ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
141 ret=0; 146 ret = 0;
142 goto err; 147 goto err;
143 } 148 }
144 149
145 OPENSSL_cleanse(buf_in,(unsigned int)inl); 150 OPENSSL_cleanse(buf_in, (unsigned int)inl);
146 free(buf_in); 151 free(buf_in);
147 152
148 if (EVP_DigestVerifyFinal(&ctx,signature->data, 153 if (EVP_DigestVerifyFinal(&ctx, signature->data,
149 (size_t)signature->length) <= 0) { 154 (size_t)signature->length) <= 0) {
150 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); 155 ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
151 ret=0; 156 ret = 0;
152 goto err; 157 goto err;
153 } 158 }
154 /* we don't need to zero the 'ctx' because we just checked 159 /* we don't need to zero the 'ctx' because we just checked
155 * public information */ 160 * public information */
156 /* memset(&ctx,0,sizeof(ctx)); */ 161 /* memset(&ctx,0,sizeof(ctx)); */
157 ret=1; 162 ret = 1;
163
158err: 164err:
159 EVP_MD_CTX_cleanup(&ctx); 165 EVP_MD_CTX_cleanup(&ctx);
160 return(ret); 166 return (ret);
161} 167}
162
163
diff --git a/src/lib/libssl/src/crypto/asn1/a_time.c b/src/lib/libssl/src/crypto/asn1/a_time.c
index 1978e8d3dc..29d56b827a 100644
--- a/src/lib/libssl/src/crypto/asn1/a_time.c
+++ b/src/lib/libssl/src/crypto/asn1/a_time.c
@@ -7,7 +7,7 @@
7 * are met: 7 * are met:
8 * 8 *
9 * 1. Redistributions of source code must retain the above copyright 9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer. 10 * notice, this list of conditions and the following disclaimer.
11 * 11 *
12 * 2. Redistributions in binary form must reproduce the above copyright 12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in 13 * notice, this list of conditions and the following disclaimer in
@@ -72,43 +72,45 @@ IMPLEMENT_ASN1_MSTRING(ASN1_TIME, B_ASN1_TIME)
72IMPLEMENT_ASN1_FUNCTIONS(ASN1_TIME) 72IMPLEMENT_ASN1_FUNCTIONS(ASN1_TIME)
73 73
74#if 0 74#if 0
75int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp) 75int
76i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp)
76{ 77{
77 if(a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME) 78 if (a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME)
78 return(i2d_ASN1_bytes((ASN1_STRING *)a,pp, 79 return(i2d_ASN1_bytes((ASN1_STRING *)a, pp,
79 a->type ,V_ASN1_UNIVERSAL)); 80 a->type, V_ASN1_UNIVERSAL));
80 ASN1err(ASN1_F_I2D_ASN1_TIME,ASN1_R_EXPECTING_A_TIME); 81 ASN1err(ASN1_F_I2D_ASN1_TIME, ASN1_R_EXPECTING_A_TIME);
81 return -1; 82 return -1;
82} 83}
83#endif 84#endif
84 85
85 86ASN1_TIME *
86ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t) 87ASN1_TIME_set(ASN1_TIME *s, time_t t)
87{ 88{
88 return ASN1_TIME_adj(s, t, 0, 0); 89 return ASN1_TIME_adj(s, t, 0, 0);
89} 90}
90 91
91ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, 92ASN1_TIME *
92 int offset_day, long offset_sec) 93ASN1_TIME_adj(ASN1_TIME *s, time_t t, int offset_day, long offset_sec)
93{ 94{
94 struct tm *ts; 95 struct tm *ts;
95 struct tm data; 96 struct tm data;
96 97
97 ts=gmtime_r(&t,&data); 98 ts = gmtime_r(&t, &data);
98 if (ts == NULL) { 99 if (ts == NULL) {
99 ASN1err(ASN1_F_ASN1_TIME_ADJ, ASN1_R_ERROR_GETTING_TIME); 100 ASN1err(ASN1_F_ASN1_TIME_ADJ, ASN1_R_ERROR_GETTING_TIME);
100 return NULL; 101 return NULL;
101 } 102 }
102 if (offset_day || offset_sec) { 103 if (offset_day || offset_sec) {
103 if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec)) 104 if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
104 return NULL; 105 return NULL;
105 } 106 }
106 if((ts->tm_year >= 50) && (ts->tm_year < 150)) 107 if ((ts->tm_year >= 50) && (ts->tm_year < 150))
107 return ASN1_UTCTIME_adj(s, t, offset_day, offset_sec); 108 return ASN1_UTCTIME_adj(s, t, offset_day, offset_sec);
108 return ASN1_GENERALIZEDTIME_adj(s, t, offset_day, offset_sec); 109 return ASN1_GENERALIZEDTIME_adj(s, t, offset_day, offset_sec);
109} 110}
110 111
111int ASN1_TIME_check(ASN1_TIME *t) 112int
113ASN1_TIME_check(ASN1_TIME *t)
112{ 114{
113 if (t->type == V_ASN1_GENERALIZEDTIME) 115 if (t->type == V_ASN1_GENERALIZEDTIME)
114 return ASN1_GENERALIZEDTIME_check(t); 116 return ASN1_GENERALIZEDTIME_check(t);
@@ -118,24 +120,27 @@ int ASN1_TIME_check(ASN1_TIME *t)
118} 120}
119 121
120/* Convert an ASN1_TIME structure to GeneralizedTime */ 122/* Convert an ASN1_TIME structure to GeneralizedTime */
121ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out) 123ASN1_GENERALIZEDTIME *
124ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME **out)
122{ 125{
123 ASN1_GENERALIZEDTIME *ret; 126 ASN1_GENERALIZEDTIME *ret;
124 char *str; 127 char *str;
125 int newlen; 128 int newlen;
126 129
127 if (!ASN1_TIME_check(t)) return NULL; 130 if (!ASN1_TIME_check(t))
131 return NULL;
128 132
129 if (!out || !*out) { 133 if (!out || !*out) {
130 if (!(ret = ASN1_GENERALIZEDTIME_new ())) 134 if (!(ret = ASN1_GENERALIZEDTIME_new ()))
131 return NULL; 135 return NULL;
132 if (out) *out = ret; 136 if (out)
133 } 137 *out = ret;
134 else ret = *out; 138 } else
139 ret = *out;
135 140
136 /* If already GeneralizedTime just copy across */ 141 /* If already GeneralizedTime just copy across */
137 if (t->type == V_ASN1_GENERALIZEDTIME) { 142 if (t->type == V_ASN1_GENERALIZEDTIME) {
138 if(!ASN1_STRING_set(ret, t->data, t->length)) 143 if (!ASN1_STRING_set(ret, t->data, t->length))
139 return NULL; 144 return NULL;
140 return ret; 145 return ret;
141 } 146 }
@@ -147,22 +152,24 @@ ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZE
147 newlen = t->length + 2 + 1; 152 newlen = t->length + 2 + 1;
148 str = (char *)ret->data; 153 str = (char *)ret->data;
149 /* Work out the century and prepend */ 154 /* Work out the century and prepend */
150 if (t->data[0] >= '5') strlcpy(str, "19", newlen); 155 if (t->data[0] >= '5')
151 else strlcpy(str, "20", newlen); 156 strlcpy(str, "19", newlen);
152 157 else
158 strlcpy(str, "20", newlen);
153 strlcat(str, (char *)t->data, newlen); 159 strlcat(str, (char *)t->data, newlen);
154 160
155 return ret; 161 return ret;
156} 162}
157 163
158int ASN1_TIME_set_string(ASN1_TIME *s, const char *str) 164int
165ASN1_TIME_set_string(ASN1_TIME *s, const char *str)
159{ 166{
160 ASN1_TIME t; 167 ASN1_TIME t;
161 168
162 t.length = strlen(str); 169 t.length = strlen(str);
163 t.data = (unsigned char *)str; 170 t.data = (unsigned char *)str;
164 t.flags = 0; 171 t.flags = 0;
165 172
166 t.type = V_ASN1_UTCTIME; 173 t.type = V_ASN1_UTCTIME;
167 174
168 if (!ASN1_TIME_check(&t)) { 175 if (!ASN1_TIME_check(&t)) {
@@ -170,9 +177,9 @@ int ASN1_TIME_set_string(ASN1_TIME *s, const char *str)
170 if (!ASN1_TIME_check(&t)) 177 if (!ASN1_TIME_check(&t))
171 return 0; 178 return 0;
172 } 179 }
173 180
174 if (s && !ASN1_STRING_copy((ASN1_STRING *)s, (ASN1_STRING *)&t)) 181 if (s && !ASN1_STRING_copy((ASN1_STRING *)s, (ASN1_STRING *)&t))
175 return 0; 182 return 0;
176 183
177 return 1; 184 return 1;
178} 185}
diff --git a/src/lib/libssl/src/crypto/asn1/a_type.c b/src/lib/libssl/src/crypto/asn1/a_type.c
index dd746e925e..93c6be9ddd 100644
--- a/src/lib/libssl/src/crypto/asn1/a_type.c
+++ b/src/lib/libssl/src/crypto/asn1/a_type.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -61,28 +61,31 @@
61#include <openssl/asn1t.h> 61#include <openssl/asn1t.h>
62#include <openssl/objects.h> 62#include <openssl/objects.h>
63 63
64int ASN1_TYPE_get(ASN1_TYPE *a) 64int
65ASN1_TYPE_get(ASN1_TYPE *a)
65{ 66{
66 if ((a->value.ptr != NULL) || (a->type == V_ASN1_NULL)) 67 if ((a->value.ptr != NULL) || (a->type == V_ASN1_NULL))
67 return(a->type); 68 return (a->type);
68 else 69 else
69 return(0); 70 return (0);
70} 71}
71 72
72void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value) 73void
74ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
73{ 75{
74 if (a->value.ptr != NULL) { 76 if (a->value.ptr != NULL) {
75 ASN1_TYPE **tmp_a = &a; 77 ASN1_TYPE **tmp_a = &a;
76 ASN1_primitive_free((ASN1_VALUE **)tmp_a, NULL); 78 ASN1_primitive_free((ASN1_VALUE **)tmp_a, NULL);
77 } 79 }
78 a->type=type; 80 a->type = type;
79 if (type == V_ASN1_BOOLEAN) 81 if (type == V_ASN1_BOOLEAN)
80 a->value.boolean = value ? 0xff : 0; 82 a->value.boolean = value ? 0xff : 0;
81 else 83 else
82 a->value.ptr=value; 84 a->value.ptr = value;
83} 85}
84 86
85int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value) 87int
88ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value)
86{ 89{
87 if (!value || (type == V_ASN1_BOOLEAN)) { 90 if (!value || (type == V_ASN1_BOOLEAN)) {
88 void *p = (void *)value; 91 void *p = (void *)value;
@@ -107,19 +110,23 @@ IMPLEMENT_STACK_OF(ASN1_TYPE)
107IMPLEMENT_ASN1_SET_OF(ASN1_TYPE) 110IMPLEMENT_ASN1_SET_OF(ASN1_TYPE)
108 111
109/* Returns 0 if they are equal, != 0 otherwise. */ 112/* Returns 0 if they are equal, != 0 otherwise. */
110int ASN1_TYPE_cmp(ASN1_TYPE *a, ASN1_TYPE *b) 113int
114ASN1_TYPE_cmp(ASN1_TYPE *a, ASN1_TYPE *b)
111{ 115{
112 int result = -1; 116 int result = -1;
113 117
114 if (!a || !b || a->type != b->type) return -1; 118 if (!a || !b || a->type != b->type)
119 return -1;
115 120
116 switch (a->type) { 121 switch (a->type) {
117 case V_ASN1_OBJECT: 122 case V_ASN1_OBJECT:
118 result = OBJ_cmp(a->value.object, b->value.object); 123 result = OBJ_cmp(a->value.object, b->value.object);
119 break; 124 break;
125
120 case V_ASN1_NULL: 126 case V_ASN1_NULL:
121 result = 0; /* They do not have content. */ 127 result = 0; /* They do not have content. */
122 break; 128 break;
129
123 case V_ASN1_INTEGER: 130 case V_ASN1_INTEGER:
124 case V_ASN1_NEG_INTEGER: 131 case V_ASN1_NEG_INTEGER:
125 case V_ASN1_ENUMERATED: 132 case V_ASN1_ENUMERATED:
@@ -143,8 +150,8 @@ int ASN1_TYPE_cmp(ASN1_TYPE *a, ASN1_TYPE *b)
143 case V_ASN1_UTF8STRING: 150 case V_ASN1_UTF8STRING:
144 case V_ASN1_OTHER: 151 case V_ASN1_OTHER:
145 default: 152 default:
146 result = ASN1_STRING_cmp((ASN1_STRING *) a->value.ptr, 153 result = ASN1_STRING_cmp((ASN1_STRING *)a->value.ptr,
147 (ASN1_STRING *) b->value.ptr); 154 (ASN1_STRING *)b->value.ptr);
148 break; 155 break;
149 } 156 }
150 157
diff --git a/src/lib/libssl/src/crypto/asn1/a_utctm.c b/src/lib/libssl/src/crypto/asn1/a_utctm.c
index 0120b952b3..0cd0382fe9 100644
--- a/src/lib/libssl/src/crypto/asn1/a_utctm.c
+++ b/src/lib/libssl/src/crypto/asn1/a_utctm.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -63,113 +63,127 @@
63#include <openssl/asn1.h> 63#include <openssl/asn1.h>
64 64
65#if 0 65#if 0
66int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **pp) 66int
67i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **pp)
67{ 68{
68 return(i2d_ASN1_bytes((ASN1_STRING *)a,pp, 69 return(i2d_ASN1_bytes((ASN1_STRING *)a, pp,
69 V_ASN1_UTCTIME,V_ASN1_UNIVERSAL)); 70 V_ASN1_UTCTIME, V_ASN1_UNIVERSAL));
70} 71}
71 72
72 73ASN1_UTCTIME *
73ASN1_UTCTIME *d2i_ASN1_UTCTIME(ASN1_UTCTIME **a, unsigned char **pp, 74d2i_ASN1_UTCTIME(ASN1_UTCTIME **a, unsigned char **pp, long length)
74 long length)
75{ 75{
76 ASN1_UTCTIME *ret=NULL; 76 ASN1_UTCTIME *ret = NULL;
77 77
78 ret=(ASN1_UTCTIME *)d2i_ASN1_bytes((ASN1_STRING **)a,pp,length, 78 ret = (ASN1_UTCTIME *)d2i_ASN1_bytes((ASN1_STRING **)a, pp, length,
79 V_ASN1_UTCTIME,V_ASN1_UNIVERSAL); 79 V_ASN1_UTCTIME, V_ASN1_UNIVERSAL);
80 if (ret == NULL) { 80 if (ret == NULL) {
81 ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ERR_R_NESTED_ASN1_ERROR); 81 ASN1err(ASN1_F_D2I_ASN1_UTCTIME, ERR_R_NESTED_ASN1_ERROR);
82 return(NULL); 82 return (NULL);
83 } 83 }
84 if (!ASN1_UTCTIME_check(ret)) { 84 if (!ASN1_UTCTIME_check(ret)) {
85 ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_INVALID_TIME_FORMAT); 85 ASN1err(ASN1_F_D2I_ASN1_UTCTIME, ASN1_R_INVALID_TIME_FORMAT);
86 goto err; 86 goto err;
87 } 87 }
88 return (ret);
88 89
89 return(ret);
90err: 90err:
91 if ((ret != NULL) && ((a == NULL) || (*a != ret))) 91 if ((ret != NULL) && ((a == NULL) || (*a != ret)))
92 M_ASN1_UTCTIME_free(ret); 92 M_ASN1_UTCTIME_free(ret);
93 return(NULL); 93 return (NULL);
94} 94}
95 95
96#endif 96#endif
97 97
98int ASN1_UTCTIME_check(ASN1_UTCTIME *d) 98int
99ASN1_UTCTIME_check(ASN1_UTCTIME *d)
99{ 100{
100 static const int min[8]={ 0, 1, 1, 0, 0, 0, 0, 0}; 101 static const int min[8] = {0, 1, 1, 0, 0, 0, 0, 0};
101 static const int max[8]={99,12,31,23,59,59,12,59}; 102 static const int max[8] = {99, 12, 31, 23, 59, 59, 12, 59};
102 char *a; 103 char *a;
103 int n,i,l,o; 104 int n, i, l, o;
105
106 if (d->type != V_ASN1_UTCTIME)
107 return (0);
108 l = d->length;
109 a = (char *)d->data;
110 o = 0;
104 111
105 if (d->type != V_ASN1_UTCTIME) return(0); 112 if (l < 11)
106 l=d->length;
107 a=(char *)d->data;
108 o=0;
109 113
110 if (l < 11) goto err; 114 goto err;
111 for (i=0; i<6; i++) { 115 for (i = 0; i < 6; i++) {
112 if ((i == 5) && ((a[o] == 'Z') || 116 if ((i == 5) && ((a[o] == 'Z') ||
113 (a[o] == '+') || (a[o] == '-'))) { 117 (a[o] == '+') || (a[o] == '-'))) {
114 i++; 118 i++;
115 break; 119 break;
116 } 120 }
117 if ((a[o] < '0') || (a[o] > '9')) goto err; 121 if ((a[o] < '0') || (a[o] > '9'))
118 n= a[o]-'0'; 122 goto err;
119 if (++o > l) goto err; 123 n = a[o]-'0';
120 124 if (++o > l)
121 if ((a[o] < '0') || (a[o] > '9')) goto err; 125 goto err;
122 n=(n*10)+ a[o]-'0'; 126 if ((a[o] < '0') || (a[o] > '9'))
123 if (++o > l) goto err; 127 goto err;
124 128 n = (n * 10) + a[o] - '0';
125 if ((n < min[i]) || (n > max[i])) goto err; 129 if (++o > l)
130 goto err;
131 if ((n < min[i]) || (n > max[i]))
132 goto err;
126 } 133 }
127 if (a[o] == 'Z') 134 if (a[o] == 'Z')
128 o++; 135 o++;
129 else if ((a[o] == '+') || (a[o] == '-')) { 136 else if ((a[o] == '+') || (a[o] == '-')) {
130 o++; 137 o++;
131 if (o+4 > l) goto err; 138 if (o + 4 > l)
132 for (i=6; i<8; i++) { 139 goto err;
133 if ((a[o] < '0') || (a[o] > '9')) goto err; 140 for (i = 6; i < 8; i++) {
134 n= a[o]-'0'; 141 if ((a[o] < '0') || (a[o] > '9'))
142 goto err;
143 n = a[o] -'0';
135 o++; 144 o++;
136 if ((a[o] < '0') || (a[o] > '9')) goto err; 145 if ((a[o] < '0') || (a[o] > '9'))
137 n=(n*10)+ a[o]-'0'; 146 goto err;
138 if ((n < min[i]) || (n > max[i])) goto err; 147 n = (n * 10) + a[o] - '0';
148 if ((n < min[i]) || (n > max[i]))
149 goto err;
139 o++; 150 o++;
140 } 151 }
141 } 152 }
142 return(o == l); 153 return (o == l);
154
143err: 155err:
144 return(0); 156 return (0);
145} 157}
146 158
147int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str) 159int
160ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str)
148{ 161{
149 ASN1_UTCTIME t; 162 ASN1_UTCTIME t;
150 163
151 t.type=V_ASN1_UTCTIME; 164 t.type = V_ASN1_UTCTIME;
152 t.length=strlen(str); 165 t.length = strlen(str);
153 t.data=(unsigned char *)str; 166 t.data = (unsigned char *)str;
154 if (ASN1_UTCTIME_check(&t)) { 167 if (ASN1_UTCTIME_check(&t)) {
155 if (s != NULL) { 168 if (s != NULL) {
156 if (!ASN1_STRING_set((ASN1_STRING *)s, 169 if (!ASN1_STRING_set((ASN1_STRING *)s,
157 (unsigned char *)str,t.length)) 170 (unsigned char *)str, t.length))
158 return 0; 171 return 0;
159 s->type = V_ASN1_UTCTIME; 172 s->type = V_ASN1_UTCTIME;
160 } 173 }
161 return(1); 174 return (1);
162 } else 175 } else
163 return(0); 176 return (0);
164} 177}
165 178
166ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t) 179ASN1_UTCTIME *
180ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t)
167{ 181{
168 return ASN1_UTCTIME_adj(s, t, 0, 0); 182 return ASN1_UTCTIME_adj(s, t, 0, 0);
169} 183}
170 184
171ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, 185ASN1_UTCTIME *
172 int offset_day, long offset_sec) 186ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, int offset_day, long offset_sec)
173{ 187{
174 char *p; 188 char *p;
175 struct tm *ts; 189 struct tm *ts;
@@ -177,43 +191,43 @@ ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t,
177 size_t len = 20; 191 size_t len = 20;
178 192
179 if (s == NULL) 193 if (s == NULL)
180 s=M_ASN1_UTCTIME_new(); 194 s = M_ASN1_UTCTIME_new();
181 if (s == NULL) 195 if (s == NULL)
182 return(NULL); 196 return (NULL);
183 197
184 ts=gmtime_r(&t, &data); 198 ts = gmtime_r(&t, &data);
185 if (ts == NULL) 199 if (ts == NULL)
186 return(NULL); 200 return (NULL);
187 201
188 if (offset_day || offset_sec) { 202 if (offset_day || offset_sec) {
189 if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec)) 203 if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec))
190 return NULL; 204 return NULL;
191 } 205 }
192 206
193 if((ts->tm_year < 50) || (ts->tm_year >= 150)) 207 if ((ts->tm_year < 50) || (ts->tm_year >= 150))
194 return NULL; 208 return NULL;
195 209
196 p=(char *)s->data; 210 p = (char *)s->data;
197 if ((p == NULL) || ((size_t)s->length < len)) { 211 if ((p == NULL) || ((size_t)s->length < len)) {
198 p=malloc(len); 212 p = malloc(len);
199 if (p == NULL) { 213 if (p == NULL) {
200 ASN1err(ASN1_F_ASN1_UTCTIME_ADJ,ERR_R_MALLOC_FAILURE); 214 ASN1err(ASN1_F_ASN1_UTCTIME_ADJ, ERR_R_MALLOC_FAILURE);
201 return(NULL); 215 return (NULL);
202 } 216 }
203 if (s->data != NULL) 217 if (s->data != NULL)
204 free(s->data); 218 free(s->data);
205 s->data=(unsigned char *)p; 219 s->data = (unsigned char *)p;
206 } 220 }
207 221
208 snprintf(p,len,"%02d%02d%02d%02d%02d%02dZ",ts->tm_year%100, 222 snprintf(p, len, "%02d%02d%02d%02d%02d%02dZ", ts->tm_year % 100,
209 ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec); 223 ts->tm_mon + 1, ts->tm_mday, ts->tm_hour, ts->tm_min, ts->tm_sec);
210 s->length=strlen(p); 224 s->length = strlen(p);
211 s->type=V_ASN1_UTCTIME; 225 s->type = V_ASN1_UTCTIME;
212 return(s); 226 return (s);
213} 227}
214 228
215 229int
216int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t) 230ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
217{ 231{
218 struct tm *tm; 232 struct tm *tm;
219 struct tm data; 233 struct tm data;
@@ -223,57 +237,57 @@ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t)
223#define g2(p) (((p)[0]-'0')*10+(p)[1]-'0') 237#define g2(p) (((p)[0]-'0')*10+(p)[1]-'0')
224 238
225 if (s->data[12] == 'Z') 239 if (s->data[12] == 'Z')
226 offset=0; 240 offset = 0;
227 else { 241 else {
228 offset = g2(s->data+13)*60+g2(s->data+15); 242 offset = g2(s->data + 13)*60 + g2(s->data + 15);
229 if (s->data[12] == '-') 243 if (s->data[12] == '-')
230 offset = -offset; 244 offset = -offset;
231 } 245 }
232 246
233 t -= offset*60; /* FIXME: may overflow in extreme cases */ 247 t -= offset * 60; /* FIXME: may overflow in extreme cases */
234 248
235 tm = gmtime_r(&t, &data); 249 tm = gmtime_r(&t, &data);
236 250
237#define return_cmp(a,b) if ((a)<(b)) return -1; else if ((a)>(b)) return 1 251#define return_cmp(a,b) if ((a)<(b)) return -1; else if ((a)>(b)) return 1
238 year = g2(s->data); 252 year = g2(s->data);
239 if (year < 50) 253 if (year < 50)
240 year += 100; 254 year += 100;
241 return_cmp(year, tm->tm_year); 255 return_cmp(year, tm->tm_year);
242 return_cmp(g2(s->data+2) - 1, tm->tm_mon); 256 return_cmp(g2(s->data + 2) - 1, tm->tm_mon);
243 return_cmp(g2(s->data+4), tm->tm_mday); 257 return_cmp(g2(s->data + 4), tm->tm_mday);
244 return_cmp(g2(s->data+6), tm->tm_hour); 258 return_cmp(g2(s->data + 6), tm->tm_hour);
245 return_cmp(g2(s->data+8), tm->tm_min); 259 return_cmp(g2(s->data + 8), tm->tm_min);
246 return_cmp(g2(s->data+10), tm->tm_sec); 260 return_cmp(g2(s->data + 10), tm->tm_sec);
247#undef g2 261#undef g2
248#undef return_cmp 262#undef return_cmp
249 263
250 return 0; 264 return 0;
251} 265}
252 266
253
254#if 0 267#if 0
255time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s) 268time_t
269ASN1_UTCTIME_get(const ASN1_UTCTIME *s)
256{ 270{
257 struct tm tm; 271 struct tm tm;
258 int offset; 272 int offset;
259 273
260 memset(&tm,'\0',sizeof tm); 274 memset(&tm, '\0', sizeof tm);
261 275
262#define g2(p) (((p)[0]-'0')*10+(p)[1]-'0') 276#define g2(p) (((p)[0]-'0')*10+(p)[1]-'0')
263 tm.tm_year=g2(s->data); 277 tm.tm_year = g2(s->data);
264 if(tm.tm_year < 50) 278 if (tm.tm_year < 50)
265 tm.tm_year+=100; 279 tm.tm_year += 100;
266 tm.tm_mon=g2(s->data+2)-1; 280 tm.tm_mon = g2(s->data + 2) - 1;
267 tm.tm_mday=g2(s->data+4); 281 tm.tm_mday = g2(s->data + 4);
268 tm.tm_hour=g2(s->data+6); 282 tm.tm_hour = g2(s->data + 6);
269 tm.tm_min=g2(s->data+8); 283 tm.tm_min = g2(s->data + 8);
270 tm.tm_sec=g2(s->data+10); 284 tm.tm_sec = g2(s->data + 10);
271 if(s->data[12] == 'Z') 285 if (s->data[12] == 'Z')
272 offset=0; 286 offset = 0;
273 else { 287 else {
274 offset=g2(s->data+13)*60+g2(s->data+15); 288 offset = g2(s->data + 13) * 60 + g2(s->data + 15);
275 if(s->data[12] == '-') 289 if (s->data[12] == '-')
276 offset= -offset; 290 offset = -offset;
277 } 291 }
278#undef g2 292#undef g2
279 293
diff --git a/src/lib/libssl/src/crypto/asn1/a_utf8.c b/src/lib/libssl/src/crypto/asn1/a_utf8.c
index 508e11e527..c224db4c12 100644
--- a/src/lib/libssl/src/crypto/asn1/a_utf8.c
+++ b/src/lib/libssl/src/crypto/asn1/a_utf8.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -73,75 +73,92 @@
73 * -4 = character encoded incorrectly (not minimal length). 73 * -4 = character encoded incorrectly (not minimal length).
74 */ 74 */
75 75
76int UTF8_getc(const unsigned char *str, int len, unsigned long *val) 76int
77UTF8_getc(const unsigned char *str, int len, unsigned long *val)
77{ 78{
78 const unsigned char *p; 79 const unsigned char *p;
79 unsigned long value; 80 unsigned long value;
80 int ret; 81 int ret;
81 if(len <= 0) return 0; 82 if (len <= 0)
83 return 0;
82 p = str; 84 p = str;
83 85
84 /* Check syntax and work out the encoded value (if correct) */ 86 /* Check syntax and work out the encoded value (if correct) */
85 if((*p & 0x80) == 0) { 87 if ((*p & 0x80) == 0) {
86 value = *p++ & 0x7f; 88 value = *p++ & 0x7f;
87 ret = 1; 89 ret = 1;
88 } else if((*p & 0xe0) == 0xc0) { 90 } else if ((*p & 0xe0) == 0xc0) {
89 if(len < 2) return -1; 91 if (len < 2)
90 if((p[1] & 0xc0) != 0x80) return -3; 92 return -1;
93 if ((p[1] & 0xc0) != 0x80)
94 return -3;
91 value = (*p++ & 0x1f) << 6; 95 value = (*p++ & 0x1f) << 6;
92 value |= *p++ & 0x3f; 96 value |= *p++ & 0x3f;
93 if(value < 0x80) return -4; 97 if (value < 0x80)
98 return -4;
94 ret = 2; 99 ret = 2;
95 } else if((*p & 0xf0) == 0xe0) { 100 } else if ((*p & 0xf0) == 0xe0) {
96 if(len < 3) return -1; 101 if (len < 3)
97 if( ((p[1] & 0xc0) != 0x80) 102 return -1;
98 || ((p[2] & 0xc0) != 0x80) ) return -3; 103 if (((p[1] & 0xc0) != 0x80) ||
104 ((p[2] & 0xc0) != 0x80))
105 return -3;
99 value = (*p++ & 0xf) << 12; 106 value = (*p++ & 0xf) << 12;
100 value |= (*p++ & 0x3f) << 6; 107 value |= (*p++ & 0x3f) << 6;
101 value |= *p++ & 0x3f; 108 value |= *p++ & 0x3f;
102 if(value < 0x800) return -4; 109 if (value < 0x800)
110 return -4;
103 ret = 3; 111 ret = 3;
104 } else if((*p & 0xf8) == 0xf0) { 112 } else if ((*p & 0xf8) == 0xf0) {
105 if(len < 4) return -1; 113 if (len < 4)
106 if( ((p[1] & 0xc0) != 0x80) 114 return -1;
107 || ((p[2] & 0xc0) != 0x80) 115 if (((p[1] & 0xc0) != 0x80) ||
108 || ((p[3] & 0xc0) != 0x80) ) return -3; 116 ((p[2] & 0xc0) != 0x80) ||
117 ((p[3] & 0xc0) != 0x80))
118 return -3;
109 value = ((unsigned long)(*p++ & 0x7)) << 18; 119 value = ((unsigned long)(*p++ & 0x7)) << 18;
110 value |= (*p++ & 0x3f) << 12; 120 value |= (*p++ & 0x3f) << 12;
111 value |= (*p++ & 0x3f) << 6; 121 value |= (*p++ & 0x3f) << 6;
112 value |= *p++ & 0x3f; 122 value |= *p++ & 0x3f;
113 if(value < 0x10000) return -4; 123 if (value < 0x10000)
124 return -4;
114 ret = 4; 125 ret = 4;
115 } else if((*p & 0xfc) == 0xf8) { 126 } else if ((*p & 0xfc) == 0xf8) {
116 if(len < 5) return -1; 127 if (len < 5)
117 if( ((p[1] & 0xc0) != 0x80) 128 return -1;
118 || ((p[2] & 0xc0) != 0x80) 129 if (((p[1] & 0xc0) != 0x80) ||
119 || ((p[3] & 0xc0) != 0x80) 130 ((p[2] & 0xc0) != 0x80) ||
120 || ((p[4] & 0xc0) != 0x80) ) return -3; 131 ((p[3] & 0xc0) != 0x80) ||
132 ((p[4] & 0xc0) != 0x80))
133 return -3;
121 value = ((unsigned long)(*p++ & 0x3)) << 24; 134 value = ((unsigned long)(*p++ & 0x3)) << 24;
122 value |= ((unsigned long)(*p++ & 0x3f)) << 18; 135 value |= ((unsigned long)(*p++ & 0x3f)) << 18;
123 value |= ((unsigned long)(*p++ & 0x3f)) << 12; 136 value |= ((unsigned long)(*p++ & 0x3f)) << 12;
124 value |= (*p++ & 0x3f) << 6; 137 value |= (*p++ & 0x3f) << 6;
125 value |= *p++ & 0x3f; 138 value |= *p++ & 0x3f;
126 if(value < 0x200000) return -4; 139 if (value < 0x200000)
140 return -4;
127 ret = 5; 141 ret = 5;
128 } else if((*p & 0xfe) == 0xfc) { 142 } else if ((*p & 0xfe) == 0xfc) {
129 if(len < 6) return -1; 143 if (len < 6)
130 if( ((p[1] & 0xc0) != 0x80) 144 return -1;
131 || ((p[2] & 0xc0) != 0x80) 145 if (((p[1] & 0xc0) != 0x80) ||
132 || ((p[3] & 0xc0) != 0x80) 146 ((p[2] & 0xc0) != 0x80) ||
133 || ((p[4] & 0xc0) != 0x80) 147 ((p[3] & 0xc0) != 0x80) ||
134 || ((p[5] & 0xc0) != 0x80) ) return -3; 148 ((p[4] & 0xc0) != 0x80) ||
149 ((p[5] & 0xc0) != 0x80))
150 return -3;
135 value = ((unsigned long)(*p++ & 0x1)) << 30; 151 value = ((unsigned long)(*p++ & 0x1)) << 30;
136 value |= ((unsigned long)(*p++ & 0x3f)) << 24; 152 value |= ((unsigned long)(*p++ & 0x3f)) << 24;
137 value |= ((unsigned long)(*p++ & 0x3f)) << 18; 153 value |= ((unsigned long)(*p++ & 0x3f)) << 18;
138 value |= ((unsigned long)(*p++ & 0x3f)) << 12; 154 value |= ((unsigned long)(*p++ & 0x3f)) << 12;
139 value |= (*p++ & 0x3f) << 6; 155 value |= (*p++ & 0x3f) << 6;
140 value |= *p++ & 0x3f; 156 value |= *p++ & 0x3f;
141 if(value < 0x4000000) return -4; 157 if (value < 0x4000000)
158 return -4;
142 ret = 6; 159 ret = 6;
143 } else return -2; 160 } else return -2;
144 *val = value; 161 *val = value;
145 return ret; 162 return ret;
146} 163}
147 164
@@ -152,34 +169,41 @@ int UTF8_getc(const unsigned char *str, int len, unsigned long *val)
152 * It will need at most 6 characters. 169 * It will need at most 6 characters.
153 */ 170 */
154 171
155int UTF8_putc(unsigned char *str, int len, unsigned long value) 172int
173UTF8_putc(unsigned char *str, int len, unsigned long value)
156{ 174{
157 if(!str) len = 6; /* Maximum we will need */ 175 if (!str)
158 else if(len <= 0) return -1; 176 len = 6; /* Maximum we will need */
159 if(value < 0x80) { 177 else if (len <= 0)
160 if(str) *str = (unsigned char)value; 178 return -1;
179 if (value < 0x80) {
180 if (str)
181 *str = (unsigned char)value;
161 return 1; 182 return 1;
162 } 183 }
163 if(value < 0x800) { 184 if (value < 0x800) {
164 if(len < 2) return -1; 185 if (len < 2)
165 if(str) { 186 return -1;
187 if (str) {
166 *str++ = (unsigned char)(((value >> 6) & 0x1f) | 0xc0); 188 *str++ = (unsigned char)(((value >> 6) & 0x1f) | 0xc0);
167 *str = (unsigned char)((value & 0x3f) | 0x80); 189 *str = (unsigned char)((value & 0x3f) | 0x80);
168 } 190 }
169 return 2; 191 return 2;
170 } 192 }
171 if(value < 0x10000) { 193 if (value < 0x10000) {
172 if(len < 3) return -1; 194 if (len < 3)
173 if(str) { 195 return -1;
196 if (str) {
174 *str++ = (unsigned char)(((value >> 12) & 0xf) | 0xe0); 197 *str++ = (unsigned char)(((value >> 12) & 0xf) | 0xe0);
175 *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80); 198 *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
176 *str = (unsigned char)((value & 0x3f) | 0x80); 199 *str = (unsigned char)((value & 0x3f) | 0x80);
177 } 200 }
178 return 3; 201 return 3;
179 } 202 }
180 if(value < 0x200000) { 203 if (value < 0x200000) {
181 if(len < 4) return -1; 204 if (len < 4)
182 if(str) { 205 return -1;
206 if (str) {
183 *str++ = (unsigned char)(((value >> 18) & 0x7) | 0xf0); 207 *str++ = (unsigned char)(((value >> 18) & 0x7) | 0xf0);
184 *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80); 208 *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
185 *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80); 209 *str++ = (unsigned char)(((value >> 6) & 0x3f) | 0x80);
@@ -187,9 +211,10 @@ int UTF8_putc(unsigned char *str, int len, unsigned long value)
187 } 211 }
188 return 4; 212 return 4;
189 } 213 }
190 if(value < 0x4000000) { 214 if (value < 0x4000000) {
191 if(len < 5) return -1; 215 if (len < 5)
192 if(str) { 216 return -1;
217 if (str) {
193 *str++ = (unsigned char)(((value >> 24) & 0x3) | 0xf8); 218 *str++ = (unsigned char)(((value >> 24) & 0x3) | 0xf8);
194 *str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80); 219 *str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80);
195 *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80); 220 *str++ = (unsigned char)(((value >> 12) & 0x3f) | 0x80);
@@ -198,8 +223,9 @@ int UTF8_putc(unsigned char *str, int len, unsigned long value)
198 } 223 }
199 return 5; 224 return 5;
200 } 225 }
201 if(len < 6) return -1; 226 if (len < 6)
202 if(str) { 227 return -1;
228 if (str) {
203 *str++ = (unsigned char)(((value >> 30) & 0x1) | 0xfc); 229 *str++ = (unsigned char)(((value >> 30) & 0x1) | 0xfc);
204 *str++ = (unsigned char)(((value >> 24) & 0x3f) | 0x80); 230 *str++ = (unsigned char)(((value >> 24) & 0x3f) | 0x80);
205 *str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80); 231 *str++ = (unsigned char)(((value >> 18) & 0x3f) | 0x80);
diff --git a/src/lib/libssl/src/crypto/asn1/a_verify.c b/src/lib/libssl/src/crypto/asn1/a_verify.c
index 8df0b038d1..3b7bf0580d 100644
--- a/src/lib/libssl/src/crypto/asn1/a_verify.c
+++ b/src/lib/libssl/src/crypto/asn1/a_verify.c
@@ -5,21 +5,21 @@
5 * This package is an SSL implementation written 5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com). 6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL. 7 * The implementation was written so as to conform with Netscapes SSL.
8 * 8 *
9 * This library is free for commercial and non-commercial use as long as 9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions 10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA, 11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation 12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms 13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com). 14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 * 15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in 16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed. 17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution 18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used. 19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or 20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package. 21 * in documentation (online or textual) provided with the package.
22 * 22 *
23 * Redistribution and use in source and binary forms, with or without 23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 24 * modification, are permitted provided that the following conditions
25 * are met: 25 * are met:
@@ -34,10 +34,10 @@
34 * Eric Young (eay@cryptsoft.com)" 34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library 35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-). 36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from 37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement: 38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 * 40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
@@ -49,7 +49,7 @@
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE. 51 * SUCH DAMAGE.
52 * 52 *
53 * The licence and distribution terms for any publically available version or 53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
@@ -72,12 +72,13 @@
72#include <openssl/buffer.h> 72#include <openssl/buffer.h>
73#include <openssl/evp.h> 73#include <openssl/evp.h>
74 74
75int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, 75int
76 ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey) 76ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
77 ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey)
77{ 78{
78 EVP_MD_CTX ctx; 79 EVP_MD_CTX ctx;
79 unsigned char *buf_in=NULL; 80 unsigned char *buf_in = NULL;
80 int ret= -1,inl; 81 int ret = -1, inl;
81 82
82 int mdnid, pknid; 83 int mdnid, pknid;
83 84
@@ -90,16 +91,18 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
90 91
91 /* Convert signature OID into digest and public key OIDs */ 92 /* Convert signature OID into digest and public key OIDs */
92 if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) { 93 if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) {
93 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); 94 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
95 ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
94 goto err; 96 goto err;
95 } 97 }
96 if (mdnid == NID_undef) { 98 if (mdnid == NID_undef) {
97 if (!pkey->ameth || !pkey->ameth->item_verify) { 99 if (!pkey->ameth || !pkey->ameth->item_verify) {
98 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); 100 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
101 ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM);
99 goto err; 102 goto err;
100 } 103 }
101 ret = pkey->ameth->item_verify(&ctx, it, asn, a, 104 ret = pkey->ameth->item_verify(&ctx, it, asn, a,
102 signature, pkey); 105 signature, pkey);
103 /* Return value of 2 means carry on, anything else means we 106 /* Return value of 2 means carry on, anything else means we
104 * exit straight away: either a fatal error of the underlying 107 * exit straight away: either a fatal error of the underlying
105 * verification routine handles all verification. 108 * verification routine handles all verification.
@@ -109,55 +112,56 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a,
109 ret = -1; 112 ret = -1;
110 } else { 113 } else {
111 const EVP_MD *type; 114 const EVP_MD *type;
112 type=EVP_get_digestbynid(mdnid); 115 type = EVP_get_digestbynid(mdnid);
113 if (type == NULL) { 116 if (type == NULL) {
114 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM); 117 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
118 ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
115 goto err; 119 goto err;
116 } 120 }
117 121
118 /* Check public key OID matches public key type */ 122 /* Check public key OID matches public key type */
119 if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) { 123 if (EVP_PKEY_type(pknid) != pkey->ameth->pkey_id) {
120 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ASN1_R_WRONG_PUBLIC_KEY_TYPE); 124 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,
125 ASN1_R_WRONG_PUBLIC_KEY_TYPE);
121 goto err; 126 goto err;
122 } 127 }
123 128
124 if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)) { 129 if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)) {
125 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); 130 ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
126 ret=0; 131 ret = 0;
127 goto err; 132 goto err;
128 } 133 }
129 134
130 } 135 }
131 136
132 inl = ASN1_item_i2d(asn, &buf_in, it); 137 inl = ASN1_item_i2d(asn, &buf_in, it);
133 138
134 if (buf_in == NULL) { 139 if (buf_in == NULL) {
135 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_MALLOC_FAILURE); 140 ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_MALLOC_FAILURE);
136 goto err; 141 goto err;
137 } 142 }
138 143
139 if (!EVP_DigestVerifyUpdate(&ctx,buf_in,inl)) { 144 if (!EVP_DigestVerifyUpdate(&ctx, buf_in, inl)) {
140 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); 145 ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
141 ret=0; 146 ret = 0;
142 goto err; 147 goto err;
143 } 148 }
144 149
145 OPENSSL_cleanse(buf_in,(unsigned int)inl); 150 OPENSSL_cleanse(buf_in, (unsigned int)inl);
146 free(buf_in); 151 free(buf_in);
147 152
148 if (EVP_DigestVerifyFinal(&ctx,signature->data, 153 if (EVP_DigestVerifyFinal(&ctx, signature->data,
149 (size_t)signature->length) <= 0) { 154 (size_t)signature->length) <= 0) {
150 ASN1err(ASN1_F_ASN1_ITEM_VERIFY,ERR_R_EVP_LIB); 155 ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB);
151 ret=0; 156 ret = 0;
152 goto err; 157 goto err;
153 } 158 }
154 /* we don't need to zero the 'ctx' because we just checked 159 /* we don't need to zero the 'ctx' because we just checked
155 * public information */ 160 * public information */
156 /* memset(&ctx,0,sizeof(ctx)); */ 161 /* memset(&ctx,0,sizeof(ctx)); */
157 ret=1; 162 ret = 1;
163
158err: 164err:
159 EVP_MD_CTX_cleanup(&ctx); 165 EVP_MD_CTX_cleanup(&ctx);
160 return(ret); 166 return (ret);
161} 167}
162
163
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-23 18:15:41 +0000