1 files changed, 0 insertions, 346 deletions
diff --git a/src/lib/libcrypto/asn1/x_x509.c b/src/lib/libcrypto/asn1/x_x509.c
deleted file mode 100644
index 168c2c0fcd..0000000000
--- a/src/lib/libcrypto/asn1/x_x509.c
+++ /dev/null
@@ -1,346 +0,0 @@
-/* $OpenBSD: x_x509.c,v 1.24 2015/03/19 14:00:22 tedu Exp $ */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to.  The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code.  The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- *    notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- *    notice, this list of conditions and the following disclaimer in the
- *    documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- *    must display the following acknowledgement:
- *    "This product includes cryptographic software written by
- *     Eric Young (eay@cryptsoft.com)"
- *    The word 'cryptographic' can be left out if the rouines from the library
- *    being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- *    the apps directory (application code) you must include an acknowledgement:
- *    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed.  i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-#include <stdio.h>
-#include <openssl/opensslconf.h>
-#include <openssl/asn1t.h>
-#include <openssl/evp.h>
-#include <openssl/x509.h>
-#include <openssl/x509v3.h>
-static const ASN1_AUX X509_CINF_aux = {
-        .flags = ASN1_AFLG_ENCODING,
-        .enc_offset = offsetof(X509_CINF, enc),
-};
-static const ASN1_TEMPLATE X509_CINF_seq_tt[] = {
-        {
-                .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
-                .offset = offsetof(X509_CINF, version),
-                .field_name = "version",
-                .item = &ASN1_INTEGER_it,
-        },
-        {
-                .offset = offsetof(X509_CINF, serialNumber),
-                .field_name = "serialNumber",
-                .item = &ASN1_INTEGER_it,
-        },
-        {
-                .offset = offsetof(X509_CINF, signature),
-                .field_name = "signature",
-                .item = &X509_ALGOR_it,
-        },
-        {
-                .offset = offsetof(X509_CINF, issuer),
-                .field_name = "issuer",
-                .item = &X509_NAME_it,
-        },
-        {
-                .offset = offsetof(X509_CINF, validity),
-                .field_name = "validity",
-                .item = &X509_VAL_it,
-        },
-        {
-                .offset = offsetof(X509_CINF, subject),
-                .field_name = "subject",
-                .item = &X509_NAME_it,
-        },
-        {
-                .offset = offsetof(X509_CINF, key),
-                .field_name = "key",
-                .item = &X509_PUBKEY_it,
-        },
-        {
-                .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-                .tag = 1,
-                .offset = offsetof(X509_CINF, issuerUID),
-                .field_name = "issuerUID",
-                .item = &ASN1_BIT_STRING_it,
-        },
-        {
-                .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
-                .tag = 2,
-                .offset = offsetof(X509_CINF, subjectUID),
-                .field_name = "subjectUID",
-                .item = &ASN1_BIT_STRING_it,
-        },
-        {
-                .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF |
-                    ASN1_TFLG_OPTIONAL,
-                .tag = 3,
-                .offset = offsetof(X509_CINF, extensions),
-                .field_name = "extensions",
-                .item = &X509_EXTENSION_it,
-        },
-};
-const ASN1_ITEM X509_CINF_it = {
-        .itype = ASN1_ITYPE_SEQUENCE,
-        .utype = V_ASN1_SEQUENCE,
-        .templates = X509_CINF_seq_tt,
-        .tcount = sizeof(X509_CINF_seq_tt) / sizeof(ASN1_TEMPLATE),
-        .funcs = &X509_CINF_aux,
-        .size = sizeof(X509_CINF),
-        .sname = "X509_CINF",
-};
-X509_CINF *
-d2i_X509_CINF(X509_CINF **a, const unsigned char **in, long len)
-{
-        return (X509_CINF *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-            &X509_CINF_it);
-}
-int
-i2d_X509_CINF(X509_CINF *a, unsigned char **out)
-{
-        return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_CINF_it);
-}
-X509_CINF *
-X509_CINF_new(void)
-{
-        return (X509_CINF *)ASN1_item_new(&X509_CINF_it);
-}
-void
-X509_CINF_free(X509_CINF *a)
-{
-        ASN1_item_free((ASN1_VALUE *)a, &X509_CINF_it);
-}
-/* X509 top level structure needs a bit of customisation */
-extern void policy_cache_free(X509_POLICY_CACHE *cache);
-static int
-x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
-{
-        X509 *ret = (X509 *)*pval;
-        switch (operation) {
-        case ASN1_OP_NEW_POST:
-                ret->valid = 0;
-                ret->name = NULL;
-                ret->ex_flags = 0;
-                ret->ex_pathlen = -1;
-                ret->skid = NULL;
-                ret->akid = NULL;
-                ret->aux = NULL;
-                ret->crldp = NULL;
-                CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
-                break;
-        case ASN1_OP_D2I_POST:
-                free(ret->name);
-                ret->name = X509_NAME_oneline(ret->cert_info->subject, NULL, 0);
-                break;
-        case ASN1_OP_FREE_POST:
-                CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
-                X509_CERT_AUX_free(ret->aux);
-                ASN1_OCTET_STRING_free(ret->skid);
-                AUTHORITY_KEYID_free(ret->akid);
-                CRL_DIST_POINTS_free(ret->crldp);
-                policy_cache_free(ret->policy_cache);
-                GENERAL_NAMES_free(ret->altname);
-                NAME_CONSTRAINTS_free(ret->nc);
-                free(ret->name);
-                ret->name = NULL;
-                break;
-        }
-        return 1;
-}
-static const ASN1_AUX X509_aux = {
-        .app_data = NULL,
-        .flags = ASN1_AFLG_REFCOUNT,
-        .ref_offset = offsetof(X509, references),
-        .ref_lock = CRYPTO_LOCK_X509,
-        .asn1_cb = x509_cb,
-};
-static const ASN1_TEMPLATE X509_seq_tt[] = {
-        {
-                .offset = offsetof(X509, cert_info),
-                .field_name = "cert_info",
-                .item = &X509_CINF_it,
-        },
-        {
-                .offset = offsetof(X509, sig_alg),
-                .field_name = "sig_alg",
-                .item = &X509_ALGOR_it,
-        },
-        {
-                .offset = offsetof(X509, signature),
-                .field_name = "signature",
-                .item = &ASN1_BIT_STRING_it,
-        },
-};
-const ASN1_ITEM X509_it = {
-        .itype = ASN1_ITYPE_SEQUENCE,
-        .utype = V_ASN1_SEQUENCE,
-        .templates = X509_seq_tt,
-        .tcount = sizeof(X509_seq_tt) / sizeof(ASN1_TEMPLATE),
-        .funcs = &X509_aux,
-        .size = sizeof(X509),
-        .sname = "X509",
-};
-X509 *
-d2i_X509(X509 **a, const unsigned char **in, long len)
-{
-        return (X509 *)ASN1_item_d2i((ASN1_VALUE **)a, in, len,
-            &X509_it);
-}
-int
-i2d_X509(X509 *a, unsigned char **out)
-{
-        return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_it);
-}
-X509 *
-X509_new(void)
-{
-        return (X509 *)ASN1_item_new(&X509_it);
-}
-void
-X509_free(X509 *a)
-{
-        ASN1_item_free((ASN1_VALUE *)a, &X509_it);
-}
-X509 *
-X509_dup(X509 *x)
-{
-        return ASN1_item_dup(&X509_it, x);
-}
-int
-X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
-    CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
-{
-        return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, argl, argp,
-            new_func, dup_func, free_func);
-}
-int
-X509_set_ex_data(X509 *r, int idx, void *arg)
-{
-        return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
-}
-void *
-X509_get_ex_data(X509 *r, int idx)
-{
-        return (CRYPTO_get_ex_data(&r->ex_data, idx));
-}
-/* X509_AUX ASN1 routines. X509_AUX is the name given to
- * a certificate with extra info tagged on the end. Since these
- * functions set how a certificate is trusted they should only
- * be used when the certificate comes from a reliable source
- * such as local storage.
- *
- */
-X509 *
-d2i_X509_AUX(X509 **a, const unsigned char **pp, long length)
-{
-        const unsigned char *q;
-        X509 *ret;
-        /* Save start position */
-        q = *pp;
-        ret = d2i_X509(NULL, pp, length);
-        /* If certificate unreadable then forget it */
-        if (!ret)
-                return NULL;
-        /* update length */
-        length -= *pp - q;
-        if (length > 0) {
-                if (!d2i_X509_CERT_AUX(&ret->aux, pp, length))
-                        goto err;
-        }
-        if (a != NULL) {
-                X509_free(*a);
-                *a = ret;
-        }
-        return ret;
-err:
-        X509_free(ret);
-        return NULL;
-}
-int
-i2d_X509_AUX(X509 *a, unsigned char **pp)
-{
-        int length;
-        length = i2d_X509(a, pp);
-        if (a)
-                length += i2d_X509_CERT_AUX(a->aux, pp);
-        return length;
-}

diff --git a/src/lib/libcrypto/asn1/x_x509.c b/src/lib/libcrypto/asn1/x_x509.c deleted file mode 100644 index 168c2c0fcd..0000000000 --- a/src/lib/libcrypto/asn1/x_x509.c +++ /dev/null
@@ -1,346 +0,0 @@
1	/* $OpenBSD: x_x509.c,v 1.24 2015/03/19 14:00:22 tedu Exp $ */
2	/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3	* All rights reserved.
4	*
5	* This package is an SSL implementation written
6	* by Eric Young (eay@cryptsoft.com).
7	* The implementation was written so as to conform with Netscapes SSL.
8	*
9	* This library is free for commercial and non-commercial use as long as
10	* the following conditions are aheared to. The following conditions
11	* apply to all code found in this distribution, be it the RC4, RSA,
12	* lhash, DES, etc., code; not just the SSL code. The SSL documentation
13	* included with this distribution is covered by the same copyright terms
14	* except that the holder is Tim Hudson (tjh@cryptsoft.com).
15	*
16	* Copyright remains Eric Young's, and as such any Copyright notices in
17	* the code are not to be removed.
18	* If this package is used in a product, Eric Young should be given attribution
19	* as the author of the parts of the library used.
20	* This can be in the form of a textual message at program startup or
21	* in documentation (online or textual) provided with the package.
22	*
23	* Redistribution and use in source and binary forms, with or without
24	* modification, are permitted provided that the following conditions
25	* are met:
26	* 1. Redistributions of source code must retain the copyright
27	* notice, this list of conditions and the following disclaimer.
28	* 2. Redistributions in binary form must reproduce the above copyright
29	* notice, this list of conditions and the following disclaimer in the
30	* documentation and/or other materials provided with the distribution.
31	* 3. All advertising materials mentioning features or use of this software
32	* must display the following acknowledgement:
33	* "This product includes cryptographic software written by
34	* Eric Young (eay@cryptsoft.com)"
35	* The word 'cryptographic' can be left out if the rouines from the library
36	* being used are not cryptographic related :-).
37	* 4. If you include any Windows specific code (or a derivative thereof) from
38	* the apps directory (application code) you must include an acknowledgement:
39	* "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40	*
41	* THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42	* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44	* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45	* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46	* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47	* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49	* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50	* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51	* SUCH DAMAGE.
52	*
53	* The licence and distribution terms for any publically available version or
54	* derivative of this code cannot be changed. i.e. this code cannot simply be
55	* copied and put under another distribution licence
56	* [including the GNU Public Licence.]
57	*/
58
59	#include <stdio.h>
60
61	#include <openssl/opensslconf.h>
62
63	#include <openssl/asn1t.h>
64	#include <openssl/evp.h>
65	#include <openssl/x509.h>
66	#include <openssl/x509v3.h>
67
68	static const ASN1_AUX X509_CINF_aux = {
69	.flags = ASN1_AFLG_ENCODING,
70	.enc_offset = offsetof(X509_CINF, enc),
71	};
72	static const ASN1_TEMPLATE X509_CINF_seq_tt[] = {
73	{
74	.flags = ASN1_TFLG_EXPLICIT \| ASN1_TFLG_OPTIONAL,
75	.offset = offsetof(X509_CINF, version),
76	.field_name = "version",
77	.item = &ASN1_INTEGER_it,
78	},
79	{
80	.offset = offsetof(X509_CINF, serialNumber),
81	.field_name = "serialNumber",
82	.item = &ASN1_INTEGER_it,
83	},
84	{
85	.offset = offsetof(X509_CINF, signature),
86	.field_name = "signature",
87	.item = &X509_ALGOR_it,
88	},
89	{
90	.offset = offsetof(X509_CINF, issuer),
91	.field_name = "issuer",
92	.item = &X509_NAME_it,
93	},
94	{
95	.offset = offsetof(X509_CINF, validity),
96	.field_name = "validity",
97	.item = &X509_VAL_it,
98	},
99	{
100	.offset = offsetof(X509_CINF, subject),
101	.field_name = "subject",
102	.item = &X509_NAME_it,
103	},
104	{
105	.offset = offsetof(X509_CINF, key),
106	.field_name = "key",
107	.item = &X509_PUBKEY_it,
108	},
109	{
110	.flags = ASN1_TFLG_IMPLICIT \| ASN1_TFLG_OPTIONAL,
111	.tag = 1,
112	.offset = offsetof(X509_CINF, issuerUID),
113	.field_name = "issuerUID",
114	.item = &ASN1_BIT_STRING_it,
115	},
116	{
117	.flags = ASN1_TFLG_IMPLICIT \| ASN1_TFLG_OPTIONAL,
118	.tag = 2,
119	.offset = offsetof(X509_CINF, subjectUID),
120	.field_name = "subjectUID",
121	.item = &ASN1_BIT_STRING_it,
122	},
123	{
124	.flags = ASN1_TFLG_EXPLICIT \| ASN1_TFLG_SEQUENCE_OF \|
125	ASN1_TFLG_OPTIONAL,
126	.tag = 3,
127	.offset = offsetof(X509_CINF, extensions),
128	.field_name = "extensions",
129	.item = &X509_EXTENSION_it,
130	},
131	};
132
133	const ASN1_ITEM X509_CINF_it = {
134	.itype = ASN1_ITYPE_SEQUENCE,
135	.utype = V_ASN1_SEQUENCE,
136	.templates = X509_CINF_seq_tt,
137	.tcount = sizeof(X509_CINF_seq_tt) / sizeof(ASN1_TEMPLATE),
138	.funcs = &X509_CINF_aux,
139	.size = sizeof(X509_CINF),
140	.sname = "X509_CINF",
141	};
142
143
144	X509_CINF *
145	d2i_X509_CINF(X509_CINF a, const unsigned char in, long len)
146	{
147	return (X509_CINF )ASN1_item_d2i((ASN1_VALUE *)a, in, len,
148	&X509_CINF_it);
149	}
150
151	int
152	i2d_X509_CINF(X509_CINF a, unsigned char *out)
153	{
154	return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_CINF_it);
155	}
156
157	X509_CINF *
158	X509_CINF_new(void)
159	{
160	return (X509_CINF *)ASN1_item_new(&X509_CINF_it);
161	}
162
163	void
164	X509_CINF_free(X509_CINF *a)
165	{
166	ASN1_item_free((ASN1_VALUE *)a, &X509_CINF_it);
167	}
168	/* X509 top level structure needs a bit of customisation */
169
170	extern void policy_cache_free(X509_POLICY_CACHE *cache);
171
172	static int
173	x509_cb(int operation, ASN1_VALUE *pval, const ASN1_ITEM it, void *exarg)
174	{
175	X509 ret = (X509 )*pval;
176
177	switch (operation) {
178
179	case ASN1_OP_NEW_POST:
180	ret->valid = 0;
181	ret->name = NULL;
182	ret->ex_flags = 0;
183	ret->ex_pathlen = -1;
184	ret->skid = NULL;
185	ret->akid = NULL;
186	ret->aux = NULL;
187	ret->crldp = NULL;
188	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
189	break;
190
191	case ASN1_OP_D2I_POST:
192	free(ret->name);
193	ret->name = X509_NAME_oneline(ret->cert_info->subject, NULL, 0);
194	break;
195
196	case ASN1_OP_FREE_POST:
197	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509, ret, &ret->ex_data);
198	X509_CERT_AUX_free(ret->aux);
199	ASN1_OCTET_STRING_free(ret->skid);
200	AUTHORITY_KEYID_free(ret->akid);
201	CRL_DIST_POINTS_free(ret->crldp);
202	policy_cache_free(ret->policy_cache);
203	GENERAL_NAMES_free(ret->altname);
204	NAME_CONSTRAINTS_free(ret->nc);
205	free(ret->name);
206	ret->name = NULL;
207	break;
208	}
209
210	return 1;
211	}
212
213	static const ASN1_AUX X509_aux = {
214	.app_data = NULL,
215	.flags = ASN1_AFLG_REFCOUNT,
216	.ref_offset = offsetof(X509, references),
217	.ref_lock = CRYPTO_LOCK_X509,
218	.asn1_cb = x509_cb,
219	};
220	static const ASN1_TEMPLATE X509_seq_tt[] = {
221	{
222	.offset = offsetof(X509, cert_info),
223	.field_name = "cert_info",
224	.item = &X509_CINF_it,
225	},
226	{
227	.offset = offsetof(X509, sig_alg),
228	.field_name = "sig_alg",
229	.item = &X509_ALGOR_it,
230	},
231	{
232	.offset = offsetof(X509, signature),
233	.field_name = "signature",
234	.item = &ASN1_BIT_STRING_it,
235	},
236	};
237
238	const ASN1_ITEM X509_it = {
239	.itype = ASN1_ITYPE_SEQUENCE,
240	.utype = V_ASN1_SEQUENCE,
241	.templates = X509_seq_tt,
242	.tcount = sizeof(X509_seq_tt) / sizeof(ASN1_TEMPLATE),
243	.funcs = &X509_aux,
244	.size = sizeof(X509),
245	.sname = "X509",
246	};
247
248
249	X509 *
250	d2i_X509(X509 a, const unsigned char in, long len)
251	{
252	return (X509 )ASN1_item_d2i((ASN1_VALUE *)a, in, len,
253	&X509_it);
254	}
255
256	int
257	i2d_X509(X509 a, unsigned char *out)
258	{
259	return ASN1_item_i2d((ASN1_VALUE *)a, out, &X509_it);
260	}
261
262	X509 *
263	X509_new(void)
264	{
265	return (X509 *)ASN1_item_new(&X509_it);
266	}
267
268	void
269	X509_free(X509 *a)
270	{
271	ASN1_item_free((ASN1_VALUE *)a, &X509_it);
272	}
273
274	X509 *
275	X509_dup(X509 *x)
276	{
277	return ASN1_item_dup(&X509_it, x);
278	}
279
280	int
281	X509_get_ex_new_index(long argl, void argp, CRYPTO_EX_new new_func,
282	CRYPTO_EX_dup dup_func, CRYPTO_EX_free free_func)
283	{
284	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509, argl, argp,
285	new_func, dup_func, free_func);
286	}
287
288	int
289	X509_set_ex_data(X509 r, int idx, void arg)
290	{
291	return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
292	}
293
294	void *
295	X509_get_ex_data(X509 *r, int idx)
296	{
297	return (CRYPTO_get_ex_data(&r->ex_data, idx));
298	}
299
300	/* X509_AUX ASN1 routines. X509_AUX is the name given to
301	* a certificate with extra info tagged on the end. Since these
302	* functions set how a certificate is trusted they should only
303	* be used when the certificate comes from a reliable source
304	* such as local storage.
305	*
306	*/
307
308	X509 *
309	d2i_X509_AUX(X509 a, const unsigned char pp, long length)
310	{
311	const unsigned char *q;
312	X509 *ret;
313
314	/* Save start position */
315	q = *pp;
316	ret = d2i_X509(NULL, pp, length);
317	/* If certificate unreadable then forget it */
318	if (!ret)
319	return NULL;
320	/* update length */
321	length -= *pp - q;
322	if (length > 0) {
323	if (!d2i_X509_CERT_AUX(&ret->aux, pp, length))
324	goto err;
325	}
326	if (a != NULL) {
327	X509_free(*a);
328	*a = ret;
329	}
330	return ret;
331
332	err:
333	X509_free(ret);
334	return NULL;
335	}
336
337	int
338	i2d_X509_AUX(X509 a, unsigned char *pp)
339	{
340	int length;
341
342	length = i2d_X509(a, pp);
343	if (a)
344	length += i2d_X509_CERT_AUX(a->aux, pp);
345	return length;
346	}