1 files changed, 407 insertions, 0 deletions
diff --git a/src/lib/libcrypto/ct/ct_oct.c b/src/lib/libcrypto/ct/ct_oct.c
new file mode 100644
index 0000000000..d4b6645af4
--- /dev/null
+++ b/src/lib/libcrypto/ct/ct_oct.c
@@ -0,0 +1,407 @@
+/*
+ * Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
+ *
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
+ */
+#ifdef OPENSSL_NO_CT
+# error "CT is disabled"
+#endif
+#include <limits.h>
+#include <string.h>
+#include <openssl/asn1.h>
+#include <openssl/buffer.h>
+#include <openssl/ct.h>
+#include <openssl/err.h>
+#include "ct_local.h"
+int o2i_SCT_signature(SCT *sct, const unsigned char **in, size_t len)
+{
+    size_t siglen;
+    size_t len_remaining = len;
+    const unsigned char *p;
+    if (sct->version != SCT_VERSION_V1) {
+        CTerr(CT_F_O2I_SCT_SIGNATURE, CT_R_UNSUPPORTED_VERSION);
+        return -1;
+    }
+    /*
+     * digitally-signed struct header: (1 byte) Hash algorithm (1 byte)
+     * Signature algorithm (2 bytes + ?) Signature
+     *
+     * This explicitly rejects empty signatures: they're invalid for
+     * all supported algorithms.
+     */
+    if (len <= 4) {
+        CTerr(CT_F_O2I_SCT_SIGNATURE, CT_R_SCT_INVALID_SIGNATURE);
+        return -1;
+    }
+    p = *in;
+    /* Get hash and signature algorithm */
+    sct->hash_alg = *p++;
+    sct->sig_alg = *p++;
+    if (SCT_get_signature_nid(sct) == NID_undef) {
+        CTerr(CT_F_O2I_SCT_SIGNATURE, CT_R_SCT_INVALID_SIGNATURE);
+        return -1;
+    }
+    /* Retrieve signature and check it is consistent with the buffer length */
+    n2s(p, siglen);
+    len_remaining -= (p - *in);
+    if (siglen > len_remaining) {
+        CTerr(CT_F_O2I_SCT_SIGNATURE, CT_R_SCT_INVALID_SIGNATURE);
+        return -1;
+    }
+    if (SCT_set1_signature(sct, p, siglen) != 1)
+        return -1;
+    len_remaining -= siglen;
+    *in = p + siglen;
+    return len - len_remaining;
+}
+SCT *o2i_SCT(SCT **psct, const unsigned char **in, size_t len)
+{
+    SCT *sct = NULL;
+    const unsigned char *p;
+    if (len == 0 || len > MAX_SCT_SIZE) {
+        CTerr(CT_F_O2I_SCT, CT_R_SCT_INVALID);
+        goto err;
+    }
+    if ((sct = SCT_new()) == NULL)
+        goto err;
+    p = *in;
+    sct->version = *p;
+    if (sct->version == SCT_VERSION_V1) {
+        int sig_len;
+        size_t len2;
+        /*-
+         * Fixed-length header:
+         *   struct {
+         *     Version sct_version;     (1 byte)
+         *     log_id id;               (32 bytes)
+         *     uint64 timestamp;        (8 bytes)
+         *     CtExtensions extensions; (2 bytes + ?)
+         *   }
+         */
+        if (len < 43) {
+            CTerr(CT_F_O2I_SCT, CT_R_SCT_INVALID);
+            goto err;
+        }
+        len -= 43;
+        p++;
+        sct->log_id = BUF_memdup(p, CT_V1_HASHLEN);
+        if (sct->log_id == NULL)
+            goto err;
+        sct->log_id_len = CT_V1_HASHLEN;
+        p += CT_V1_HASHLEN;
+        n2l8(p, sct->timestamp);
+        n2s(p, len2);
+        if (len < len2) {
+            CTerr(CT_F_O2I_SCT, CT_R_SCT_INVALID);
+            goto err;
+        }
+        if (len2 > 0) {
+            sct->ext = BUF_memdup(p, len2);
+            if (sct->ext == NULL)
+                goto err;
+        }
+        sct->ext_len = len2;
+        p += len2;
+        len -= len2;
+        sig_len = o2i_SCT_signature(sct, &p, len);
+        if (sig_len <= 0) {
+            CTerr(CT_F_O2I_SCT, CT_R_SCT_INVALID);
+            goto err;
+        }
+        len -= sig_len;
+        *in = p + len;
+    } else {
+        /* If not V1 just cache encoding */
+        sct->sct = BUF_memdup(p, len);
+        if (sct->sct == NULL)
+            goto err;
+        sct->sct_len = len;
+        *in = p + len;
+    }
+    if (psct != NULL) {
+        SCT_free(*psct);
+        *psct = sct;
+    }
+    return sct;
+err:
+    SCT_free(sct);
+    return NULL;
+}
+int i2o_SCT_signature(const SCT *sct, unsigned char **out)
+{
+    size_t len;
+    unsigned char *p = NULL, *pstart = NULL;
+    if (!SCT_signature_is_complete(sct)) {
+        CTerr(CT_F_I2O_SCT_SIGNATURE, CT_R_SCT_INVALID_SIGNATURE);
+        goto err;
+    }
+    if (sct->version != SCT_VERSION_V1) {
+        CTerr(CT_F_I2O_SCT_SIGNATURE, CT_R_UNSUPPORTED_VERSION);
+        goto err;
+    }
+    /*
+    * (1 byte) Hash algorithm
+    * (1 byte) Signature algorithm
+    * (2 bytes + ?) Signature
+    */
+    len = 4 + sct->sig_len;
+    if (out != NULL) {
+        if (*out != NULL) {
+            p = *out;
+            *out += len;
+        } else {
+            pstart = p = OPENSSL_malloc(len);
+            if (p == NULL) {
+                CTerr(CT_F_I2O_SCT_SIGNATURE, ERR_R_MALLOC_FAILURE);
+                goto err;
+            }
+            *out = p;
+        }
+        *p++ = sct->hash_alg;
+        *p++ = sct->sig_alg;
+        s2n(sct->sig_len, p);
+        memcpy(p, sct->sig, sct->sig_len);
+    }
+    return len;
+err:
+    OPENSSL_free(pstart);
+    return -1;
+}
+int i2o_SCT(const SCT *sct, unsigned char **out)
+{
+    size_t len;
+    unsigned char *p = NULL, *pstart = NULL;
+    if (!SCT_is_complete(sct)) {
+        CTerr(CT_F_I2O_SCT, CT_R_SCT_NOT_SET);
+        goto err;
+    }
+    /*
+     * Fixed-length header: struct { (1 byte) Version sct_version; (32 bytes)
+     * log_id id; (8 bytes) uint64 timestamp; (2 bytes + ?) CtExtensions
+     * extensions; (1 byte) Hash algorithm (1 byte) Signature algorithm (2
+     * bytes + ?) Signature
+     */
+    if (sct->version == SCT_VERSION_V1)
+        len = 43 + sct->ext_len + 4 + sct->sig_len;
+    else
+        len = sct->sct_len;
+    if (out == NULL)
+        return len;
+    if (*out != NULL) {
+        p = *out;
+        *out += len;
+    } else {
+        pstart = p = OPENSSL_malloc(len);
+        if (p == NULL) {
+            CTerr(CT_F_I2O_SCT, ERR_R_MALLOC_FAILURE);
+            goto err;
+        }
+        *out = p;
+    }
+    if (sct->version == SCT_VERSION_V1) {
+        *p++ = sct->version;
+        memcpy(p, sct->log_id, CT_V1_HASHLEN);
+        p += CT_V1_HASHLEN;
+        l2n8(sct->timestamp, p);
+        s2n(sct->ext_len, p);
+        if (sct->ext_len > 0) {
+            memcpy(p, sct->ext, sct->ext_len);
+            p += sct->ext_len;
+        }
+        if (i2o_SCT_signature(sct, &p) <= 0)
+            goto err;
+    } else {
+        memcpy(p, sct->sct, len);
+    }
+    return len;
+err:
+    OPENSSL_free(pstart);
+    return -1;
+}
+STACK_OF(SCT) *o2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp,
+                            size_t len)
+{
+    STACK_OF(SCT) *sk = NULL;
+    size_t list_len, sct_len;
+    if (len < 2 || len > MAX_SCT_LIST_SIZE) {
+        CTerr(CT_F_O2I_SCT_LIST, CT_R_SCT_LIST_INVALID);
+        return NULL;
+    }
+    n2s(*pp, list_len);
+    if (list_len != len - 2) {
+        CTerr(CT_F_O2I_SCT_LIST, CT_R_SCT_LIST_INVALID);
+        return NULL;
+    }
+    if (a == NULL || *a == NULL) {
+        sk = sk_SCT_new_null();
+        if (sk == NULL)
+            return NULL;
+    } else {
+        SCT *sct;
+        /* Use the given stack, but empty it first. */
+        sk = *a;
+        while ((sct = sk_SCT_pop(sk)) != NULL)
+            SCT_free(sct);
+    }
+    while (list_len > 0) {
+        SCT *sct;
+        if (list_len < 2) {
+            CTerr(CT_F_O2I_SCT_LIST, CT_R_SCT_LIST_INVALID);
+            goto err;
+        }
+        n2s(*pp, sct_len);
+        list_len -= 2;
+        if (sct_len == 0 || sct_len > list_len) {
+            CTerr(CT_F_O2I_SCT_LIST, CT_R_SCT_LIST_INVALID);
+            goto err;
+        }
+        list_len -= sct_len;
+        if ((sct = o2i_SCT(NULL, pp, sct_len)) == NULL)
+            goto err;
+        if (!sk_SCT_push(sk, sct)) {
+            SCT_free(sct);
+            goto err;
+        }
+    }
+    if (a != NULL && *a == NULL)
+        *a = sk;
+    return sk;
+ err:
+    if (a == NULL || *a == NULL)
+        SCT_LIST_free(sk);
+    return NULL;
+}
+int i2o_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **pp)
+{
+    int len, sct_len, i, is_pp_new = 0;
+    size_t len2;
+    unsigned char *p = NULL, *p2;
+    if (pp != NULL) {
+        if (*pp == NULL) {
+            if ((len = i2o_SCT_LIST(a, NULL)) == -1) {
+                CTerr(CT_F_I2O_SCT_LIST, CT_R_SCT_LIST_INVALID);
+                return -1;
+            }
+            if ((*pp = OPENSSL_malloc(len)) == NULL) {
+                CTerr(CT_F_I2O_SCT_LIST, ERR_R_MALLOC_FAILURE);
+                return -1;
+            }
+            is_pp_new = 1;
+        }
+        p = *pp + 2;
+    }
+    len2 = 2;
+    for (i = 0; i < sk_SCT_num(a); i++) {
+        if (pp != NULL) {
+            p2 = p;
+            p += 2;
+            if ((sct_len = i2o_SCT(sk_SCT_value(a, i), &p)) == -1)
+                goto err;
+            s2n(sct_len, p2);
+        } else {
+          if ((sct_len = i2o_SCT(sk_SCT_value(a, i), NULL)) == -1)
+              goto err;
+        }
+        len2 += 2 + sct_len;
+    }
+    if (len2 > MAX_SCT_LIST_SIZE)
+        goto err;
+    if (pp != NULL) {
+        p = *pp;
+        s2n(len2 - 2, p);
+        if (!is_pp_new)
+            *pp += len2;
+    }
+    return len2;
+ err:
+    if (is_pp_new) {
+        OPENSSL_free(*pp);
+        *pp = NULL;
+    }
+    return -1;
+}
+STACK_OF(SCT) *d2i_SCT_LIST(STACK_OF(SCT) **a, const unsigned char **pp,
+                            long len)
+{
+    ASN1_OCTET_STRING *oct = NULL;
+    STACK_OF(SCT) *sk = NULL;
+    const unsigned char *p;
+    p = *pp;
+    if (d2i_ASN1_OCTET_STRING(&oct, &p, len) == NULL)
+        return NULL;
+    p = oct->data;
+    if ((sk = o2i_SCT_LIST(a, &p, oct->length)) != NULL)
+        *pp += len;
+    ASN1_OCTET_STRING_free(oct);
+    return sk;
+}
+int i2d_SCT_LIST(const STACK_OF(SCT) *a, unsigned char **out)
+{
+    ASN1_OCTET_STRING oct;
+    int len;
+    oct.data = NULL;
+    if ((oct.length = i2o_SCT_LIST(a, &oct.data)) == -1)
+        return -1;
+    len = i2d_ASN1_OCTET_STRING(&oct, out);
+    OPENSSL_free(oct.data);
+    return len;
+}

diff --git a/src/lib/libcrypto/ct/ct_oct.c b/src/lib/libcrypto/ct/ct_oct.c new file mode 100644 index 0000000000..d4b6645af4 --- /dev/null +++ b/src/lib/libcrypto/ct/ct_oct.c
@@ -0,0 +1,407 @@
	1	/*
	2	* Copyright 2016 The OpenSSL Project Authors. All Rights Reserved.
	3	*
	4	* Licensed under the OpenSSL license (the "License"). You may not use
	5	* this file except in compliance with the License. You can obtain a copy
	6	* in the file LICENSE in the source distribution or at
	7	* https://www.openssl.org/source/license.html
	8	*/
	9
	10	#ifdef OPENSSL_NO_CT
	11	# error "CT is disabled"
	12	#endif
	13
	14	#include <limits.h>
	15	#include <string.h>
	16
	17	#include <openssl/asn1.h>
	18	#include <openssl/buffer.h>
	19	#include <openssl/ct.h>
	20	#include <openssl/err.h>
	21
	22	#include "ct_local.h"
	23
	24	int o2i_SCT_signature(SCT sct, const unsigned char *in, size_t len)
	25	{
	26	size_t siglen;
	27	size_t len_remaining = len;
	28	const unsigned char *p;
	29
	30	if (sct->version != SCT_VERSION_V1) {
	31	CTerr(CT_F_O2I_SCT_SIGNATURE, CT_R_UNSUPPORTED_VERSION);
	32	return -1;
	33	}
	34	/*
	35	* digitally-signed struct header: (1 byte) Hash algorithm (1 byte)
	36	* Signature algorithm (2 bytes + ?) Signature
	37	*
	38	* This explicitly rejects empty signatures: they're invalid for
	39	* all supported algorithms.
	40	*/
	41	if (len <= 4) {
	42	CTerr(CT_F_O2I_SCT_SIGNATURE, CT_R_SCT_INVALID_SIGNATURE);
	43	return -1;
	44	}
	45
	46	p = *in;
	47	/* Get hash and signature algorithm */
	48	sct->hash_alg = *p++;
	49	sct->sig_alg = *p++;
	50	if (SCT_get_signature_nid(sct) == NID_undef) {
	51	CTerr(CT_F_O2I_SCT_SIGNATURE, CT_R_SCT_INVALID_SIGNATURE);
	52	return -1;
	53	}
	54	/* Retrieve signature and check it is consistent with the buffer length */
	55	n2s(p, siglen);
	56	len_remaining -= (p - *in);
	57	if (siglen > len_remaining) {
	58	CTerr(CT_F_O2I_SCT_SIGNATURE, CT_R_SCT_INVALID_SIGNATURE);
	59	return -1;
	60	}
	61
	62	if (SCT_set1_signature(sct, p, siglen) != 1)
	63	return -1;
	64	len_remaining -= siglen;
	65	*in = p + siglen;
	66
	67	return len - len_remaining;
	68	}
	69
	70	SCT o2i_SCT(SCT psct, const unsigned char *in, size_t len)
	71	{
	72	SCT *sct = NULL;
	73	const unsigned char *p;
	74
	75	if (len == 0 \|\| len > MAX_SCT_SIZE) {
	76	CTerr(CT_F_O2I_SCT, CT_R_SCT_INVALID);
	77	goto err;
	78	}
	79
	80	if ((sct = SCT_new()) == NULL)
	81	goto err;
	82
	83	p = *in;
	84
	85	sct->version = *p;
	86	if (sct->version == SCT_VERSION_V1) {
	87	int sig_len;
	88	size_t len2;
	89	/*-
	90	* Fixed-length header:
	91	* struct {
	92	* Version sct_version; (1 byte)
	93	* log_id id; (32 bytes)
	94	* uint64 timestamp; (8 bytes)
	95	* CtExtensions extensions; (2 bytes + ?)
	96	* }
	97	*/
	98	if (len < 43) {
	99	CTerr(CT_F_O2I_SCT, CT_R_SCT_INVALID);
	100	goto err;
	101	}
	102	len -= 43;
	103	p++;
	104	sct->log_id = BUF_memdup(p, CT_V1_HASHLEN);
	105	if (sct->log_id == NULL)
	106	goto err;
	107	sct->log_id_len = CT_V1_HASHLEN;
	108	p += CT_V1_HASHLEN;
	109
	110	n2l8(p, sct->timestamp);
	111
	112	n2s(p, len2);
	113	if (len < len2) {
	114	CTerr(CT_F_O2I_SCT, CT_R_SCT_INVALID);
	115	goto err;
	116	}
	117	if (len2 > 0) {
	118	sct->ext = BUF_memdup(p, len2);
	119	if (sct->ext == NULL)
	120	goto err;
	121	}
	122	sct->ext_len = len2;
	123	p += len2;
	124	len -= len2;
	125
	126	sig_len = o2i_SCT_signature(sct, &p, len);
	127	if (sig_len <= 0) {
	128	CTerr(CT_F_O2I_SCT, CT_R_SCT_INVALID);
	129	goto err;
	130	}
	131	len -= sig_len;
	132	*in = p + len;
	133	} else {
	134	/* If not V1 just cache encoding */
	135	sct->sct = BUF_memdup(p, len);
	136	if (sct->sct == NULL)
	137	goto err;
	138	sct->sct_len = len;
	139	*in = p + len;
	140	}
	141
	142	if (psct != NULL) {
	143	SCT_free(*psct);
	144	*psct = sct;
	145	}
	146
	147	return sct;
	148	err:
	149	SCT_free(sct);
	150	return NULL;
	151	}
	152
	153	int i2o_SCT_signature(const SCT sct, unsigned char *out)
	154	{
	155	size_t len;
	156	unsigned char p = NULL, pstart = NULL;
	157
	158	if (!SCT_signature_is_complete(sct)) {
	159	CTerr(CT_F_I2O_SCT_SIGNATURE, CT_R_SCT_INVALID_SIGNATURE);
	160	goto err;
	161	}
	162
	163	if (sct->version != SCT_VERSION_V1) {
	164	CTerr(CT_F_I2O_SCT_SIGNATURE, CT_R_UNSUPPORTED_VERSION);
	165	goto err;
	166	}
	167
	168	/*
	169	* (1 byte) Hash algorithm
	170	* (1 byte) Signature algorithm
	171	* (2 bytes + ?) Signature
	172	*/
	173	len = 4 + sct->sig_len;
	174
	175	if (out != NULL) {
	176	if (*out != NULL) {
	177	p = *out;
	178	*out += len;
	179	} else {
	180	pstart = p = OPENSSL_malloc(len);
	181	if (p == NULL) {
	182	CTerr(CT_F_I2O_SCT_SIGNATURE, ERR_R_MALLOC_FAILURE);
	183	goto err;
	184	}
	185	*out = p;
	186	}
	187
	188	*p++ = sct->hash_alg;
	189	*p++ = sct->sig_alg;
	190	s2n(sct->sig_len, p);
	191	memcpy(p, sct->sig, sct->sig_len);
	192	}
	193
	194	return len;
	195	err:
	196	OPENSSL_free(pstart);
	197	return -1;
	198	}
	199
	200	int i2o_SCT(const SCT sct, unsigned char *out)
	201	{
	202	size_t len;
	203	unsigned char p = NULL, pstart = NULL;
	204
	205	if (!SCT_is_complete(sct)) {
	206	CTerr(CT_F_I2O_SCT, CT_R_SCT_NOT_SET);
	207	goto err;
	208	}
	209	/*
	210	* Fixed-length header: struct { (1 byte) Version sct_version; (32 bytes)
	211	* log_id id; (8 bytes) uint64 timestamp; (2 bytes + ?) CtExtensions
	212	* extensions; (1 byte) Hash algorithm (1 byte) Signature algorithm (2
	213	* bytes + ?) Signature
	214	*/
	215	if (sct->version == SCT_VERSION_V1)
	216	len = 43 + sct->ext_len + 4 + sct->sig_len;
	217	else
	218	len = sct->sct_len;
	219
	220	if (out == NULL)
	221	return len;
	222
	223	if (*out != NULL) {
	224	p = *out;
	225	*out += len;
	226	} else {
	227	pstart = p = OPENSSL_malloc(len);
	228	if (p == NULL) {
	229	CTerr(CT_F_I2O_SCT, ERR_R_MALLOC_FAILURE);
	230	goto err;
	231	}
	232	*out = p;
	233	}
	234
	235	if (sct->version == SCT_VERSION_V1) {
	236	*p++ = sct->version;
	237	memcpy(p, sct->log_id, CT_V1_HASHLEN);
	238	p += CT_V1_HASHLEN;
	239	l2n8(sct->timestamp, p);
	240	s2n(sct->ext_len, p);
	241	if (sct->ext_len > 0) {
	242	memcpy(p, sct->ext, sct->ext_len);
	243	p += sct->ext_len;
	244	}
	245	if (i2o_SCT_signature(sct, &p) <= 0)
	246	goto err;
	247	} else {
	248	memcpy(p, sct->sct, len);
	249	}
	250
	251	return len;
	252	err:
	253	OPENSSL_free(pstart);
	254	return -1;
	255	}
	256
	257	STACK_OF(SCT) o2i_SCT_LIST(STACK_OF(SCT) a, const unsigned char *pp,
	258	size_t len)
	259	{
	260	STACK_OF(SCT) *sk = NULL;
	261	size_t list_len, sct_len;
	262
	263	if (len < 2 \|\| len > MAX_SCT_LIST_SIZE) {
	264	CTerr(CT_F_O2I_SCT_LIST, CT_R_SCT_LIST_INVALID);
	265	return NULL;
	266	}
	267
	268	n2s(*pp, list_len);
	269	if (list_len != len - 2) {
	270	CTerr(CT_F_O2I_SCT_LIST, CT_R_SCT_LIST_INVALID);
	271	return NULL;
	272	}
	273
	274	if (a == NULL \|\| *a == NULL) {
	275	sk = sk_SCT_new_null();
	276	if (sk == NULL)
	277	return NULL;
	278	} else {
	279	SCT *sct;
	280
	281	/* Use the given stack, but empty it first. */
	282	sk = *a;
	283	while ((sct = sk_SCT_pop(sk)) != NULL)
	284	SCT_free(sct);
	285	}
	286
	287	while (list_len > 0) {
	288	SCT *sct;
	289
	290	if (list_len < 2) {
	291	CTerr(CT_F_O2I_SCT_LIST, CT_R_SCT_LIST_INVALID);
	292	goto err;
	293	}
	294	n2s(*pp, sct_len);
	295	list_len -= 2;
	296
	297	if (sct_len == 0 \|\| sct_len > list_len) {
	298	CTerr(CT_F_O2I_SCT_LIST, CT_R_SCT_LIST_INVALID);
	299	goto err;
	300	}
	301	list_len -= sct_len;
	302
	303	if ((sct = o2i_SCT(NULL, pp, sct_len)) == NULL)
	304	goto err;
	305	if (!sk_SCT_push(sk, sct)) {
	306	SCT_free(sct);
	307	goto err;
	308	}
	309	}
	310
	311	if (a != NULL && *a == NULL)
	312	*a = sk;
	313	return sk;
	314
	315	err:
	316	if (a == NULL \|\| *a == NULL)
	317	SCT_LIST_free(sk);
	318	return NULL;
	319	}
	320
	321	int i2o_SCT_LIST(const STACK_OF(SCT) a, unsigned char *pp)
	322	{
	323	int len, sct_len, i, is_pp_new = 0;
	324	size_t len2;
	325	unsigned char p = NULL, p2;
	326
	327	if (pp != NULL) {
	328	if (*pp == NULL) {
	329	if ((len = i2o_SCT_LIST(a, NULL)) == -1) {
	330	CTerr(CT_F_I2O_SCT_LIST, CT_R_SCT_LIST_INVALID);
	331	return -1;
	332	}
	333	if ((*pp = OPENSSL_malloc(len)) == NULL) {
	334	CTerr(CT_F_I2O_SCT_LIST, ERR_R_MALLOC_FAILURE);
	335	return -1;
	336	}
	337	is_pp_new = 1;
	338	}
	339	p = *pp + 2;
	340	}
	341
	342	len2 = 2;
	343	for (i = 0; i < sk_SCT_num(a); i++) {
	344	if (pp != NULL) {
	345	p2 = p;
	346	p += 2;
	347	if ((sct_len = i2o_SCT(sk_SCT_value(a, i), &p)) == -1)
	348	goto err;
	349	s2n(sct_len, p2);
	350	} else {
	351	if ((sct_len = i2o_SCT(sk_SCT_value(a, i), NULL)) == -1)
	352	goto err;
	353	}
	354	len2 += 2 + sct_len;
	355	}
	356
	357	if (len2 > MAX_SCT_LIST_SIZE)
	358	goto err;
	359
	360	if (pp != NULL) {
	361	p = *pp;
	362	s2n(len2 - 2, p);
	363	if (!is_pp_new)
	364	*pp += len2;
	365	}
	366	return len2;
	367
	368	err:
	369	if (is_pp_new) {
	370	OPENSSL_free(*pp);
	371	*pp = NULL;
	372	}
	373	return -1;
	374	}
	375
	376	STACK_OF(SCT) d2i_SCT_LIST(STACK_OF(SCT) a, const unsigned char *pp,
	377	long len)
	378	{
	379	ASN1_OCTET_STRING *oct = NULL;
	380	STACK_OF(SCT) *sk = NULL;
	381	const unsigned char *p;
	382
	383	p = *pp;
	384	if (d2i_ASN1_OCTET_STRING(&oct, &p, len) == NULL)
	385	return NULL;
	386
	387	p = oct->data;
	388	if ((sk = o2i_SCT_LIST(a, &p, oct->length)) != NULL)
	389	*pp += len;
	390
	391	ASN1_OCTET_STRING_free(oct);
	392	return sk;
	393	}
	394
	395	int i2d_SCT_LIST(const STACK_OF(SCT) a, unsigned char *out)
	396	{
	397	ASN1_OCTET_STRING oct;
	398	int len;
	399
	400	oct.data = NULL;
	401	if ((oct.length = i2o_SCT_LIST(a, &oct.data)) == -1)
	402	return -1;
	403
	404	len = i2d_ASN1_OCTET_STRING(&oct, out);
	405	OPENSSL_free(oct.data);
	406	return len;
	407	}