1 files changed, 205 insertions, 76 deletions
diff --git a/src/lib/libcrypto/asn1/a_int.c b/src/lib/libcrypto/asn1/a_int.c
index df79cf99bb..edb243c021 100644
--- a/src/lib/libcrypto/asn1/a_int.c
+++ b/src/lib/libcrypto/asn1/a_int.c
@@ -58,68 +58,197 @@
 #include <stdio.h>
 #include "cryptlib.h"
-#include "asn1.h"
+#include <openssl/asn1.h>
-/* ASN1err(ASN1_F_D2I_ASN1_INTEGER,ASN1_R_EXPECTING_AN_INTEGER);
+ASN1_INTEGER *ASN1_INTEGER_dup(ASN1_INTEGER *x)
+{ return M_ASN1_INTEGER_dup(x);}
+int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y)
+{ return M_ASN1_INTEGER_cmp(x,y);}
+/* 
+ * This converts an ASN1 INTEGER into its content encoding.
+ * The internal representation is an ASN1_STRING whose data is a big endian
+ * representation of the value, ignoring the sign. The sign is determined by
+ * the type: V_ASN1_INTEGER for positive and V_ASN1_NEG_INTEGER for negative. 
+ *
+ * Positive integers are no problem: they are almost the same as the DER
+ * encoding, except if the first byte is >= 0x80 we need to add a zero pad.
+ *
+ * Negative integers are a bit trickier...
+ * The DER representation of negative integers is in 2s complement form.
+ * The internal form is converted by complementing each octet and finally 
+ * adding one to the result. This can be done less messily with a little trick.
+ * If the internal form has trailing zeroes then they will become FF by the
+ * complement and 0 by the add one (due to carry) so just copy as many trailing 
+ * zeros to the destination as there are in the source. The carry will add one
+ * to the last none zero octet: so complement this octet and add one and finally
+ * complement any left over until you get to the start of the string.
+ *
+ * Padding is a little trickier too. If the first bytes is > 0x80 then we pad
+ * with 0xff. However if the first byte is 0x80 and one of the following bytes
+ * is non-zero we pad with 0xff. The reason for this distinction is that 0x80
+ * followed by optional zeros isn't padded.
 */
-int i2d_ASN1_INTEGER(a,pp)
+int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
-ASN1_INTEGER *a;
-unsigned char **pp;
        {
-        int pad=0,ret,r,i,t;
+        int pad=0,ret,i,neg;
-        unsigned char *p,*pt,*n,pb=0;
+        unsigned char *p,*n,pb=0;
        if ((a == NULL) || (a->data == NULL)) return(0);
-        t=a->type;
+        neg=a->type & V_ASN1_NEG;
        if (a->length == 0)
                ret=1;
        else
                {
                ret=a->length;
                i=a->data[0];
-                if ((t == V_ASN1_INTEGER) && (i > 127))
+                if (!neg && (i > 127)) {
-                        {
                        pad=1;
                        pb=0;
+                } else if(neg) {
+                        if(i>128) {
+                                pad=1;
+                                pb=0xFF;
+                        } else if(i == 128) {
+                        /*
+                         * Special case: if any other bytes non zero we pad:
+                         * otherwise we don't.
+                         */
+                                for(i = 1; i < a->length; i++) if(a->data[i]) {
+                                                pad=1;
+                                                pb=0xFF;
+                                                break;
+                                }
                        }
-                else if ((t == V_ASN1_NEG_INTEGER) && (i>128))
+                }
-                        {
-                        pad=1;
-                        pb=0xFF;
-                        }
                ret+=pad;
                }
-        r=ASN1_object_size(0,ret,V_ASN1_INTEGER);
+        if (pp == NULL) return(ret);
-        if (pp == NULL) return(r);
        p= *pp;
-        ASN1_put_object(&p,0,ret,V_ASN1_INTEGER,V_ASN1_UNIVERSAL);
        if (pad) *(p++)=pb;
-        if (a->length == 0)
+        if (a->length == 0) *(p++)=0;
-                *(p++)=0;
+        else if (!neg) memcpy(p,a->data,(unsigned int)a->length);
-        else if (t == V_ASN1_INTEGER)
+        else {
+                /* Begin at the end of the encoding */
+                n=a->data + a->length - 1;
+                p += a->length - 1;
+                i = a->length;
+                /* Copy zeros to destination as long as source is zero */
+                while(!*n) {
+                        *(p--) = 0;
+                        n--;
+                        i--;
+                }
+                /* Complement and increment next octet */
+                *(p--) = ((*(n--)) ^ 0xff) + 1;
+                i--;
+                /* Complement any octets left */
+                for(;i > 0; i--) *(p--) = *(n--) ^ 0xff;
+        }
+        *pp+=ret;
+        return(ret);
+        }
+/* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */
+ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp,
+             long len)
+        {
+        ASN1_INTEGER *ret=NULL;
+        unsigned char *p,*to,*s, *pend;
+        int i;
+        if ((a == NULL) || ((*a) == NULL))
                {
-                memcpy(p,a->data,(unsigned int)a->length);
+                if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL);
-                p+=a->length;
+                ret->type=V_ASN1_INTEGER;
                }
        else
+                ret=(*a);
+        p= *pp;
+        pend = p + len;
+        /* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it
+         * signifies a missing NULL parameter. */
+        s=(unsigned char *)OPENSSL_malloc((int)len+1);
+        if (s == NULL)
                {
-                n=a->data;
+                i=ERR_R_MALLOC_FAILURE;
-                pt=p;
+                goto err;
-                for (i=a->length; i>0; i--)
-                        *(p++)= (*(n++)^0xFF)+1;
-                if (!pad) *pt|=0x80;
                }
+        to=s;
+        if(!len) {
+                /* Strictly speaking this is an illegal INTEGER but we
+                 * tolerate it.
+                 */
+                ret->type=V_ASN1_INTEGER;
+        } else if (*p & 0x80) /* a negative number */
+                {
+                ret->type=V_ASN1_NEG_INTEGER;
+                if ((*p == 0xff) && (len != 1)) {
+                        p++;
+                        len--;
+                }
+                i = len;
+                p += i - 1;
+                to += i - 1;
+                while((!*p) && i) {
+                        *(to--) = 0;
+                        i--;
+                        p--;
+                }
+                /* Special case: if all zeros then the number will be of
+                 * the form FF followed by n zero bytes: this corresponds to
+                 * 1 followed by n zero bytes. We've already written n zeros
+                 * so we just append an extra one and set the first byte to
+                 * a 1. This is treated separately because it is the only case
+                 * where the number of bytes is larger than len.
+                 */
+                if(!i) {
+                        *s = 1;
+                        s[len] = 0;
+                        len++;
+                } else {
+                        *(to--) = (*(p--) ^ 0xff) + 1;
+                        i--;
+                        for(;i > 0; i--) *(to--) = *(p--) ^ 0xff;
+                }
+        } else {
+                ret->type=V_ASN1_INTEGER;
+                if ((*p == 0) && (len != 1))
+                        {
+                        p++;
+                        len--;
+                        }
+                memcpy(s,p,(int)len);
+        }
-        *pp=p;
+        if (ret->data != NULL) OPENSSL_free(ret->data);
-        return(r);
+        ret->data=s;
+        ret->length=(int)len;
+        if (a != NULL) (*a)=ret;
+        *pp=pend;
+        return(ret);
+err:
+        ASN1err(ASN1_F_D2I_ASN1_INTEGER,i);
+        if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+                M_ASN1_INTEGER_free(ret);
+        return(NULL);
        }
-ASN1_INTEGER *d2i_ASN1_INTEGER(a, pp, length)
-ASN1_INTEGER **a;
+/* This is a version of d2i_ASN1_INTEGER that ignores the sign bit of
-unsigned char **pp;
+ * ASN1 integers: some broken software can encode a positive INTEGER
-long length;
+ * with its MSB set as negative (it doesn't add a padding zero).
+ */
+ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, unsigned char **pp,
+             long length)
        {
        ASN1_INTEGER *ret=NULL;
        unsigned char *p,*to,*s;
@@ -129,7 +258,7 @@ long length;
        if ((a == NULL) || ((*a) == NULL))
                {
-                if ((ret=ASN1_INTEGER_new()) == NULL) return(NULL);
+                if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL);
                ret->type=V_ASN1_INTEGER;
                }
        else
@@ -149,29 +278,17 @@ long length;
                goto err;
                }
-        /* We must Malloc stuff, even for 0 bytes otherwise it
+        /* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it
         * signifies a missing NULL parameter. */
-        s=(unsigned char *)Malloc((int)len+1);
+        s=(unsigned char *)OPENSSL_malloc((int)len+1);
        if (s == NULL)
                {
                i=ERR_R_MALLOC_FAILURE;
                goto err;
                }
        to=s;
-        if (*p & 0x80) /* a negative number */
+        ret->type=V_ASN1_INTEGER;
-                {
+        if(len) {
-                ret->type=V_ASN1_NEG_INTEGER;
-                if (*p == 0xff)
-                        {
-                        p++;
-                        len--;
-                        }
-                for (i=(int)len; i>0; i--)
-                        *(to++)= (*(p++)^0xFF)+1;
-                }
-        else
-                {
-                ret->type=V_ASN1_INTEGER;
                if ((*p == 0) && (len != 1))
                        {
                        p++;
@@ -179,24 +296,22 @@ long length;
                        }
                memcpy(s,p,(int)len);
                p+=len;
-                }
+        }
-        if (ret->data != NULL) Free((char *)ret->data);
+        if (ret->data != NULL) OPENSSL_free(ret->data);
        ret->data=s;
        ret->length=(int)len;
        if (a != NULL) (*a)=ret;
        *pp=p;
        return(ret);
 err:
-        ASN1err(ASN1_F_D2I_ASN1_INTEGER,i);
+        ASN1err(ASN1_F_D2I_ASN1_UINTEGER,i);
        if ((ret != NULL) && ((a == NULL) || (*a != ret)))
-                ASN1_INTEGER_free(ret);
+                M_ASN1_INTEGER_free(ret);
        return(NULL);
        }
-int ASN1_INTEGER_set(a,v)
+int ASN1_INTEGER_set(ASN1_INTEGER *a, long v)
-ASN1_INTEGER *a;
-long v;
        {
        int i,j,k;
        unsigned char buf[sizeof(long)+1];
@@ -206,8 +321,8 @@ long v;
        if (a->length < (sizeof(long)+1))
                {
                if (a->data != NULL)
-                        Free((char *)a->data);
+                        OPENSSL_free(a->data);
-                if ((a->data=(unsigned char *)Malloc(sizeof(long)+1)) != NULL)
+                if ((a->data=(unsigned char *)OPENSSL_malloc(sizeof(long)+1)) != NULL)
                        memset((char *)a->data,0,sizeof(long)+1);
                }
        if (a->data == NULL)
@@ -229,15 +344,13 @@ long v;
                d>>=8;
                }
        j=0;
-        if (v < 0) a->data[j++]=0;
        for (k=i-1; k >=0; k--)
                a->data[j++]=buf[k];
        a->length=j;
        return(1);
        }
-long ASN1_INTEGER_get(a)
+long ASN1_INTEGER_get(ASN1_INTEGER *a)
-ASN1_INTEGER *a;
        {
        int neg=0,i;
        long r=0;
@@ -247,7 +360,7 @@ ASN1_INTEGER *a;
        if (i == V_ASN1_NEG_INTEGER)
                neg=1;
        else if (i != V_ASN1_INTEGER)
-                return(0);
+                return -1;
        
        if (a->length > sizeof(long))
                {
@@ -255,7 +368,7 @@ ASN1_INTEGER *a;
                return(0xffffffffL);
                }
        if (a->data == NULL)
-                return(0);
+                return 0;
        for (i=0; i<a->length; i++)
                {
@@ -266,40 +379,56 @@ ASN1_INTEGER *a;
        return(r);
        }
-ASN1_INTEGER *BN_to_ASN1_INTEGER(bn,ai)
+ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai)
-BIGNUM *bn;
-ASN1_INTEGER *ai;
        {
        ASN1_INTEGER *ret;
        int len,j;
        if (ai == NULL)
-                ret=ASN1_INTEGER_new();
+                ret=M_ASN1_INTEGER_new();
        else
                ret=ai;
        if (ret == NULL)
                {
-                ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ASN1_R_ERROR_STACK);
+                ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_NESTED_ASN1_ERROR);
                goto err;
                }
-        ret->type=V_ASN1_INTEGER;
+        if(bn->neg) ret->type = V_ASN1_NEG_INTEGER;
+        else ret->type=V_ASN1_INTEGER;
        j=BN_num_bits(bn);
        len=((j == 0)?0:((j/8)+1));
-        ret->data=(unsigned char *)Malloc(len+4);
+        if (ret->length < len+4)
+                {
+                unsigned char *new_data=OPENSSL_realloc(ret->data, len+4);
+                if (!new_data)
+                        {
+                        ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
+                        goto err;
+                        }
+                ret->data=new_data;
+                }
        ret->length=BN_bn2bin(bn,ret->data);
+        /* Correct zero case */
+        if(!ret->length)
+                {
+                ret->data[0] = 0;
+                ret->length = 1;
+                }
        return(ret);
 err:
-        if (ret != ai) ASN1_INTEGER_free(ret);
+        if (ret != ai) M_ASN1_INTEGER_free(ret);
        return(NULL);
        }
-BIGNUM *ASN1_INTEGER_to_BN(ai,bn)
+BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai, BIGNUM *bn)
-ASN1_INTEGER *ai;
-BIGNUM *bn;
        {
        BIGNUM *ret;
        if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
                ASN1err(ASN1_F_ASN1_INTEGER_TO_BN,ASN1_R_BN_LIB);
+        else if(ai->type == V_ASN1_NEG_INTEGER) ret->neg = 1;
        return(ret);
        }
+IMPLEMENT_STACK_OF(ASN1_INTEGER)
+IMPLEMENT_ASN1_SET_OF(ASN1_INTEGER)

diff --git a/src/lib/libcrypto/asn1/a_int.c b/src/lib/libcrypto/asn1/a_int.c index df79cf99bb..edb243c021 100644 --- a/src/lib/libcrypto/asn1/a_int.c +++ b/src/lib/libcrypto/asn1/a_int.c
@@ -58,68 +58,197 @@
58		58
59	#include <stdio.h>	59	#include <stdio.h>
60	#include "cryptlib.h"	60	#include "cryptlib.h"
61	#include "asn1.h"	61	#include <openssl/asn1.h>
62		62
63	/* ASN1err(ASN1_F_D2I_ASN1_INTEGER,ASN1_R_EXPECTING_AN_INTEGER);	63	ASN1_INTEGER ASN1_INTEGER_dup(ASN1_INTEGER x)
		64	{ return M_ASN1_INTEGER_dup(x);}
		65
		66	int ASN1_INTEGER_cmp(ASN1_INTEGER x, ASN1_INTEGER y)
		67	{ return M_ASN1_INTEGER_cmp(x,y);}
		68
		69	/*
		70	* This converts an ASN1 INTEGER into its content encoding.
		71	* The internal representation is an ASN1_STRING whose data is a big endian
		72	* representation of the value, ignoring the sign. The sign is determined by
		73	* the type: V_ASN1_INTEGER for positive and V_ASN1_NEG_INTEGER for negative.
		74	*
		75	* Positive integers are no problem: they are almost the same as the DER
		76	* encoding, except if the first byte is >= 0x80 we need to add a zero pad.
		77	*
		78	* Negative integers are a bit trickier...
		79	* The DER representation of negative integers is in 2s complement form.
		80	* The internal form is converted by complementing each octet and finally
		81	* adding one to the result. This can be done less messily with a little trick.
		82	* If the internal form has trailing zeroes then they will become FF by the
		83	* complement and 0 by the add one (due to carry) so just copy as many trailing
		84	* zeros to the destination as there are in the source. The carry will add one
		85	* to the last none zero octet: so complement this octet and add one and finally
		86	* complement any left over until you get to the start of the string.
		87	*
		88	* Padding is a little trickier too. If the first bytes is > 0x80 then we pad
		89	* with 0xff. However if the first byte is 0x80 and one of the following bytes
		90	* is non-zero we pad with 0xff. The reason for this distinction is that 0x80
		91	* followed by optional zeros isn't padded.
64	*/	92	*/
65		93
66	int i2d_ASN1_INTEGER(a,pp)	94	int i2c_ASN1_INTEGER(ASN1_INTEGER a, unsigned char *pp)
67	ASN1_INTEGER *a;
68	unsigned char **pp;
69	{	95	{
70	int pad=0,ret,r,i,t;	96	int pad=0,ret,i,neg;
71	unsigned char p,pt,*n,pb=0;	97	unsigned char p,n,pb=0;
72		98
73	if ((a == NULL) \|\| (a->data == NULL)) return(0);	99	if ((a == NULL) \|\| (a->data == NULL)) return(0);
74	t=a->type;	100	neg=a->type & V_ASN1_NEG;
75	if (a->length == 0)	101	if (a->length == 0)
76	ret=1;	102	ret=1;
77	else	103	else
78	{	104	{
79	ret=a->length;	105	ret=a->length;
80	i=a->data[0];	106	i=a->data[0];
81	if ((t == V_ASN1_INTEGER) && (i > 127))	107	if (!neg && (i > 127)) {
82	{
83	pad=1;	108	pad=1;
84	pb=0;	109	pb=0;
		110	} else if(neg) {
		111	if(i>128) {
		112	pad=1;
		113	pb=0xFF;
		114	} else if(i == 128) {
		115	/*
		116	* Special case: if any other bytes non zero we pad:
		117	* otherwise we don't.
		118	*/
		119	for(i = 1; i < a->length; i++) if(a->data[i]) {
		120	pad=1;
		121	pb=0xFF;
		122	break;
		123	}
85	}	124	}
86	else if ((t == V_ASN1_NEG_INTEGER) && (i>128))	125	}
87	{
88	pad=1;
89	pb=0xFF;
90	}
91	ret+=pad;	126	ret+=pad;
92	}	127	}
93	r=ASN1_object_size(0,ret,V_ASN1_INTEGER);	128	if (pp == NULL) return(ret);
94	if (pp == NULL) return(r);
95	p= *pp;	129	p= *pp;
96		130
97	ASN1_put_object(&p,0,ret,V_ASN1_INTEGER,V_ASN1_UNIVERSAL);
98	if (pad) *(p++)=pb;	131	if (pad) *(p++)=pb;
99	if (a->length == 0)	132	if (a->length == 0) *(p++)=0;
100	*(p++)=0;	133	else if (!neg) memcpy(p,a->data,(unsigned int)a->length);
101	else if (t == V_ASN1_INTEGER)	134	else {
		135	/* Begin at the end of the encoding */
		136	n=a->data + a->length - 1;
		137	p += a->length - 1;
		138	i = a->length;
		139	/* Copy zeros to destination as long as source is zero */
		140	while(!*n) {
		141	*(p--) = 0;
		142	n--;
		143	i--;
		144	}
		145	/* Complement and increment next octet */
		146	(p--) = (((n--)) ^ 0xff) + 1;
		147	i--;
		148	/* Complement any octets left */
		149	for(;i > 0; i--) (p--) = (n--) ^ 0xff;
		150	}
		151
		152	*pp+=ret;
		153	return(ret);
		154	}
		155
		156	/* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */
		157
		158	ASN1_INTEGER c2i_ASN1_INTEGER(ASN1_INTEGER a, unsigned char *pp,
		159	long len)
		160	{
		161	ASN1_INTEGER *ret=NULL;
		162	unsigned char p,to,s, pend;
		163	int i;
		164
		165	if ((a == NULL) \|\| ((*a) == NULL))
102	{	166	{
103	memcpy(p,a->data,(unsigned int)a->length);	167	if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL);
104	p+=a->length;	168	ret->type=V_ASN1_INTEGER;
105	}	169	}
106	else	170	else
		171	ret=(*a);
		172
		173	p= *pp;
		174	pend = p + len;
		175
		176	/* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it
		177	* signifies a missing NULL parameter. */
		178	s=(unsigned char *)OPENSSL_malloc((int)len+1);
		179	if (s == NULL)
107	{	180	{
108	n=a->data;	181	i=ERR_R_MALLOC_FAILURE;
109	pt=p;	182	goto err;
110	for (i=a->length; i>0; i--)
111	(p++)= ((n++)^0xFF)+1;
112	if (!pad) *pt\|=0x80;
113	}	183	}
		184	to=s;
		185	if(!len) {
		186	/* Strictly speaking this is an illegal INTEGER but we
		187	* tolerate it.
		188	*/
		189	ret->type=V_ASN1_INTEGER;
		190	} else if (p & 0x80) / a negative number */
		191	{
		192	ret->type=V_ASN1_NEG_INTEGER;
		193	if ((*p == 0xff) && (len != 1)) {
		194	p++;
		195	len--;
		196	}
		197	i = len;
		198	p += i - 1;
		199	to += i - 1;
		200	while((!*p) && i) {
		201	*(to--) = 0;
		202	i--;
		203	p--;
		204	}
		205	/* Special case: if all zeros then the number will be of
		206	* the form FF followed by n zero bytes: this corresponds to
		207	* 1 followed by n zero bytes. We've already written n zeros
		208	* so we just append an extra one and set the first byte to
		209	* a 1. This is treated separately because it is the only case
		210	* where the number of bytes is larger than len.
		211	*/
		212	if(!i) {
		213	*s = 1;
		214	s[len] = 0;
		215	len++;
		216	} else {
		217	(to--) = ((p--) ^ 0xff) + 1;
		218	i--;
		219	for(;i > 0; i--) (to--) = (p--) ^ 0xff;
		220	}
		221	} else {
		222	ret->type=V_ASN1_INTEGER;
		223	if ((*p == 0) && (len != 1))
		224	{
		225	p++;
		226	len--;
		227	}
		228	memcpy(s,p,(int)len);
		229	}
114		230
115	*pp=p;	231	if (ret->data != NULL) OPENSSL_free(ret->data);
116	return(r);	232	ret->data=s;
		233	ret->length=(int)len;
		234	if (a != NULL) (*a)=ret;
		235	*pp=pend;
		236	return(ret);
		237	err:
		238	ASN1err(ASN1_F_D2I_ASN1_INTEGER,i);
		239	if ((ret != NULL) && ((a == NULL) \|\| (*a != ret)))
		240	M_ASN1_INTEGER_free(ret);
		241	return(NULL);
117	}	242	}
118		243
119	ASN1_INTEGER *d2i_ASN1_INTEGER(a, pp, length)	244
120	ASN1_INTEGER **a;	245	/* This is a version of d2i_ASN1_INTEGER that ignores the sign bit of
121	unsigned char **pp;	246	* ASN1 integers: some broken software can encode a positive INTEGER
122	long length;	247	* with its MSB set as negative (it doesn't add a padding zero).
		248	*/
		249
		250	ASN1_INTEGER d2i_ASN1_UINTEGER(ASN1_INTEGER a, unsigned char *pp,
		251	long length)
123	{	252	{
124	ASN1_INTEGER *ret=NULL;	253	ASN1_INTEGER *ret=NULL;
125	unsigned char p,to,*s;	254	unsigned char p,to,*s;
@@ -129,7 +258,7 @@ long length;
129		258
130	if ((a == NULL) \|\| ((*a) == NULL))	259	if ((a == NULL) \|\| ((*a) == NULL))
131	{	260	{
132	if ((ret=ASN1_INTEGER_new()) == NULL) return(NULL);	261	if ((ret=M_ASN1_INTEGER_new()) == NULL) return(NULL);
133	ret->type=V_ASN1_INTEGER;	262	ret->type=V_ASN1_INTEGER;
134	}	263	}
135	else	264	else
@@ -149,29 +278,17 @@ long length;
149	goto err;	278	goto err;
150	}	279	}
151		280
152	/* We must Malloc stuff, even for 0 bytes otherwise it	281	/* We must OPENSSL_malloc stuff, even for 0 bytes otherwise it
153	* signifies a missing NULL parameter. */	282	* signifies a missing NULL parameter. */
154	s=(unsigned char *)Malloc((int)len+1);	283	s=(unsigned char *)OPENSSL_malloc((int)len+1);
155	if (s == NULL)	284	if (s == NULL)
156	{	285	{
157	i=ERR_R_MALLOC_FAILURE;	286	i=ERR_R_MALLOC_FAILURE;
158	goto err;	287	goto err;
159	}	288	}
160	to=s;	289	to=s;
161	if (p & 0x80) / a negative number */	290	ret->type=V_ASN1_INTEGER;
162	{	291	if(len) {
163	ret->type=V_ASN1_NEG_INTEGER;
164	if (*p == 0xff)
165	{
166	p++;
167	len--;
168	}
169	for (i=(int)len; i>0; i--)
170	(to++)= ((p++)^0xFF)+1;
171	}
172	else
173	{
174	ret->type=V_ASN1_INTEGER;
175	if ((*p == 0) && (len != 1))	292	if ((*p == 0) && (len != 1))
176	{	293	{
177	p++;	294	p++;
@@ -179,24 +296,22 @@ long length;
179	}	296	}
180	memcpy(s,p,(int)len);	297	memcpy(s,p,(int)len);
181	p+=len;	298	p+=len;
182	}	299	}
183		300
184	if (ret->data != NULL) Free((char *)ret->data);	301	if (ret->data != NULL) OPENSSL_free(ret->data);
185	ret->data=s;	302	ret->data=s;
186	ret->length=(int)len;	303	ret->length=(int)len;
187	if (a != NULL) (*a)=ret;	304	if (a != NULL) (*a)=ret;
188	*pp=p;	305	*pp=p;
189	return(ret);	306	return(ret);
190	err:	307	err:
191	ASN1err(ASN1_F_D2I_ASN1_INTEGER,i);	308	ASN1err(ASN1_F_D2I_ASN1_UINTEGER,i);
192	if ((ret != NULL) && ((a == NULL) \|\| (*a != ret)))	309	if ((ret != NULL) && ((a == NULL) \|\| (*a != ret)))
193	ASN1_INTEGER_free(ret);	310	M_ASN1_INTEGER_free(ret);
194	return(NULL);	311	return(NULL);
195	}	312	}
196		313
197	int ASN1_INTEGER_set(a,v)	314	int ASN1_INTEGER_set(ASN1_INTEGER *a, long v)
198	ASN1_INTEGER *a;
199	long v;
200	{	315	{
201	int i,j,k;	316	int i,j,k;
202	unsigned char buf[sizeof(long)+1];	317	unsigned char buf[sizeof(long)+1];
@@ -206,8 +321,8 @@ long v;
206	if (a->length < (sizeof(long)+1))	321	if (a->length < (sizeof(long)+1))
207	{	322	{
208	if (a->data != NULL)	323	if (a->data != NULL)
209	Free((char *)a->data);	324	OPENSSL_free(a->data);
210	if ((a->data=(unsigned char *)Malloc(sizeof(long)+1)) != NULL)	325	if ((a->data=(unsigned char *)OPENSSL_malloc(sizeof(long)+1)) != NULL)
211	memset((char *)a->data,0,sizeof(long)+1);	326	memset((char *)a->data,0,sizeof(long)+1);
212	}	327	}
213	if (a->data == NULL)	328	if (a->data == NULL)
@@ -229,15 +344,13 @@ long v;
229	d>>=8;	344	d>>=8;
230	}	345	}
231	j=0;	346	j=0;
232	if (v < 0) a->data[j++]=0;
233	for (k=i-1; k >=0; k--)	347	for (k=i-1; k >=0; k--)
234	a->data[j++]=buf[k];	348	a->data[j++]=buf[k];
235	a->length=j;	349	a->length=j;
236	return(1);	350	return(1);
237	}	351	}
238		352
239	long ASN1_INTEGER_get(a)	353	long ASN1_INTEGER_get(ASN1_INTEGER *a)
240	ASN1_INTEGER *a;
241	{	354	{
242	int neg=0,i;	355	int neg=0,i;
243	long r=0;	356	long r=0;
@@ -247,7 +360,7 @@ ASN1_INTEGER *a;
247	if (i == V_ASN1_NEG_INTEGER)	360	if (i == V_ASN1_NEG_INTEGER)
248	neg=1;	361	neg=1;
249	else if (i != V_ASN1_INTEGER)	362	else if (i != V_ASN1_INTEGER)
250	return(0);	363	return -1;
251		364
252	if (a->length > sizeof(long))	365	if (a->length > sizeof(long))
253	{	366	{
@@ -255,7 +368,7 @@ ASN1_INTEGER *a;
255	return(0xffffffffL);	368	return(0xffffffffL);
256	}	369	}
257	if (a->data == NULL)	370	if (a->data == NULL)
258	return(0);	371	return 0;
259		372
260	for (i=0; i<a->length; i++)	373	for (i=0; i<a->length; i++)
261	{	374	{
@@ -266,40 +379,56 @@ ASN1_INTEGER *a;
266	return(r);	379	return(r);
267	}	380	}
268		381
269	ASN1_INTEGER *BN_to_ASN1_INTEGER(bn,ai)	382	ASN1_INTEGER BN_to_ASN1_INTEGER(BIGNUM bn, ASN1_INTEGER *ai)
270	BIGNUM *bn;
271	ASN1_INTEGER *ai;
272	{	383	{
273	ASN1_INTEGER *ret;	384	ASN1_INTEGER *ret;
274	int len,j;	385	int len,j;
275		386
276	if (ai == NULL)	387	if (ai == NULL)
277	ret=ASN1_INTEGER_new();	388	ret=M_ASN1_INTEGER_new();
278	else	389	else
279	ret=ai;	390	ret=ai;
280	if (ret == NULL)	391	if (ret == NULL)
281	{	392	{
282	ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ASN1_R_ERROR_STACK);	393	ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_NESTED_ASN1_ERROR);
283	goto err;	394	goto err;
284	}	395	}
285	ret->type=V_ASN1_INTEGER;	396	if(bn->neg) ret->type = V_ASN1_NEG_INTEGER;
		397	else ret->type=V_ASN1_INTEGER;
286	j=BN_num_bits(bn);	398	j=BN_num_bits(bn);
287	len=((j == 0)?0:((j/8)+1));	399	len=((j == 0)?0:((j/8)+1));
288	ret->data=(unsigned char *)Malloc(len+4);	400	if (ret->length < len+4)
		401	{
		402	unsigned char *new_data=OPENSSL_realloc(ret->data, len+4);
		403	if (!new_data)
		404	{
		405	ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
		406	goto err;
		407	}
		408	ret->data=new_data;
		409	}
289	ret->length=BN_bn2bin(bn,ret->data);	410	ret->length=BN_bn2bin(bn,ret->data);
		411	/* Correct zero case */
		412	if(!ret->length)
		413	{
		414	ret->data[0] = 0;
		415	ret->length = 1;
		416	}
290	return(ret);	417	return(ret);
291	err:	418	err:
292	if (ret != ai) ASN1_INTEGER_free(ret);	419	if (ret != ai) M_ASN1_INTEGER_free(ret);
293	return(NULL);	420	return(NULL);
294	}	421	}
295		422
296	BIGNUM *ASN1_INTEGER_to_BN(ai,bn)	423	BIGNUM ASN1_INTEGER_to_BN(ASN1_INTEGER ai, BIGNUM *bn)
297	ASN1_INTEGER *ai;
298	BIGNUM *bn;
299	{	424	{
300	BIGNUM *ret;	425	BIGNUM *ret;
301		426
302	if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)	427	if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
303	ASN1err(ASN1_F_ASN1_INTEGER_TO_BN,ASN1_R_BN_LIB);	428	ASN1err(ASN1_F_ASN1_INTEGER_TO_BN,ASN1_R_BN_LIB);
		429	else if(ai->type == V_ASN1_NEG_INTEGER) ret->neg = 1;
304	return(ret);	430	return(ret);
305	}	431	}
		432
		433	IMPLEMENT_STACK_OF(ASN1_INTEGER)
		434	IMPLEMENT_ASN1_SET_OF(ASN1_INTEGER)