summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/x509')
-rw-r--r--src/lib/libcrypto/x509/Makefile406
-rw-r--r--src/lib/libcrypto/x509/Makefile.ssl594
-rw-r--r--src/lib/libcrypto/x509/by_dir.c10
-rw-r--r--src/lib/libcrypto/x509/x509.h140
-rw-r--r--src/lib/libcrypto/x509/x509_att.c45
-rw-r--r--src/lib/libcrypto/x509/x509_cmp.c59
-rw-r--r--src/lib/libcrypto/x509/x509_err.c19
-rw-r--r--src/lib/libcrypto/x509/x509_lu.c30
-rw-r--r--src/lib/libcrypto/x509/x509_r2x.c6
-rw-r--r--src/lib/libcrypto/x509/x509_req.c49
-rw-r--r--src/lib/libcrypto/x509/x509_trs.c4
-rw-r--r--src/lib/libcrypto/x509/x509_txt.c10
-rw-r--r--src/lib/libcrypto/x509/x509_v3.c10
-rw-r--r--src/lib/libcrypto/x509/x509_vfy.c481
-rw-r--r--src/lib/libcrypto/x509/x509_vfy.h143
-rw-r--r--src/lib/libcrypto/x509/x509spki.c3
-rw-r--r--src/lib/libcrypto/x509/x509type.c6
-rw-r--r--src/lib/libcrypto/x509/x_all.c137
18 files changed, 1303 insertions, 849 deletions
diff --git a/src/lib/libcrypto/x509/Makefile b/src/lib/libcrypto/x509/Makefile
new file mode 100644
index 0000000000..ddcc3124a7
--- /dev/null
+++ b/src/lib/libcrypto/x509/Makefile
@@ -0,0 +1,406 @@
1#
2# OpenSSL/crypto/x509/Makefile
3#
4
5DIR= x509
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10MAKEFILE= Makefile
11AR= ar r
12
13CFLAGS= $(INCLUDES) $(CFLAG)
14
15GENERAL=Makefile README
16TEST=
17APPS=
18
19LIB=$(TOP)/libcrypto.a
20LIBSRC= x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \
21 x509_obj.c x509_req.c x509spki.c x509_vfy.c \
22 x509_set.c x509cset.c x509rset.c x509_err.c \
23 x509name.c x509_v3.c x509_ext.c x509_att.c \
24 x509type.c x509_lu.c x_all.c x509_txt.c \
25 x509_trs.c by_file.c by_dir.c x509_vpm.c
26LIBOBJ= x509_def.o x509_d2.o x509_r2x.o x509_cmp.o \
27 x509_obj.o x509_req.o x509spki.o x509_vfy.o \
28 x509_set.o x509cset.o x509rset.o x509_err.o \
29 x509name.o x509_v3.o x509_ext.o x509_att.o \
30 x509type.o x509_lu.o x_all.o x509_txt.o \
31 x509_trs.o by_file.o by_dir.o x509_vpm.o
32
33SRC= $(LIBSRC)
34
35EXHEADER= x509.h x509_vfy.h
36HEADER= $(EXHEADER)
37
38ALL= $(GENERAL) $(SRC) $(HEADER)
39
40top:
41 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
42
43all: lib
44
45lib: $(LIBOBJ)
46 $(AR) $(LIB) $(LIBOBJ)
47 $(RANLIB) $(LIB) || echo Never mind.
48 @touch lib
49
50files:
51 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
52
53links:
54 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
55 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
56 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
57
58install:
59 @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile...
60 @headerlist="$(EXHEADER)"; for i in $$headerlist ; \
61 do \
62 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
63 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
64 done;
65
66tags:
67 ctags $(SRC)
68
69tests:
70
71lint:
72 lint -DLINT $(INCLUDES) $(SRC)>fluff
73
74depend:
75 @[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
76 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
77
78dclean:
79 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
80 mv -f Makefile.new $(MAKEFILE)
81
82clean:
83 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
84
85# DO NOT DELETE THIS LINE -- make depend depends on it.
86
87by_dir.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
88by_dir.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
89by_dir.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
90by_dir.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
91by_dir.o: ../../include/openssl/err.h ../../include/openssl/evp.h
92by_dir.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
93by_dir.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
94by_dir.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
95by_dir.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
96by_dir.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
97by_dir.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
98by_dir.o: ../../include/openssl/x509_vfy.h ../cryptlib.h by_dir.c
99by_file.o: ../../e_os.h ../../include/openssl/asn1.h
100by_file.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
101by_file.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
102by_file.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
103by_file.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
104by_file.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
105by_file.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
106by_file.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
107by_file.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
108by_file.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
109by_file.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
110by_file.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
111by_file.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
112by_file.o: ../cryptlib.h by_file.c
113x509_att.o: ../../e_os.h ../../include/openssl/asn1.h
114x509_att.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
115x509_att.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
116x509_att.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
117x509_att.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
118x509_att.o: ../../include/openssl/err.h ../../include/openssl/evp.h
119x509_att.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
120x509_att.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
121x509_att.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
122x509_att.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
123x509_att.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
124x509_att.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
125x509_att.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
126x509_att.o: ../cryptlib.h x509_att.c
127x509_cmp.o: ../../e_os.h ../../include/openssl/asn1.h
128x509_cmp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
129x509_cmp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
130x509_cmp.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
131x509_cmp.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
132x509_cmp.o: ../../include/openssl/err.h ../../include/openssl/evp.h
133x509_cmp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
134x509_cmp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
135x509_cmp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
136x509_cmp.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
137x509_cmp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
138x509_cmp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
139x509_cmp.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
140x509_cmp.o: ../cryptlib.h x509_cmp.c
141x509_d2.o: ../../e_os.h ../../include/openssl/asn1.h
142x509_d2.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
143x509_d2.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
144x509_d2.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
145x509_d2.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
146x509_d2.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
147x509_d2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
148x509_d2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
149x509_d2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
150x509_d2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
151x509_d2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
152x509_d2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
153x509_d2.o: ../cryptlib.h x509_d2.c
154x509_def.o: ../../e_os.h ../../include/openssl/asn1.h
155x509_def.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
156x509_def.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
157x509_def.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
158x509_def.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
159x509_def.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
160x509_def.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
161x509_def.o: ../../include/openssl/opensslconf.h
162x509_def.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
163x509_def.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
164x509_def.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
165x509_def.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
166x509_def.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_def.c
167x509_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
168x509_err.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
169x509_err.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
170x509_err.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
171x509_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
172x509_err.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
173x509_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
174x509_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
175x509_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
176x509_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
177x509_err.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
178x509_err.o: ../../include/openssl/x509_vfy.h x509_err.c
179x509_ext.o: ../../e_os.h ../../include/openssl/asn1.h
180x509_ext.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
181x509_ext.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
182x509_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
183x509_ext.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
184x509_ext.o: ../../include/openssl/err.h ../../include/openssl/evp.h
185x509_ext.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
186x509_ext.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
187x509_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
188x509_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
189x509_ext.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
190x509_ext.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
191x509_ext.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
192x509_ext.o: ../cryptlib.h x509_ext.c
193x509_lu.o: ../../e_os.h ../../include/openssl/asn1.h
194x509_lu.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
195x509_lu.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
196x509_lu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
197x509_lu.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
198x509_lu.o: ../../include/openssl/err.h ../../include/openssl/evp.h
199x509_lu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
200x509_lu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
201x509_lu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
202x509_lu.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
203x509_lu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
204x509_lu.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
205x509_lu.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
206x509_lu.o: ../cryptlib.h x509_lu.c
207x509_obj.o: ../../e_os.h ../../include/openssl/asn1.h
208x509_obj.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
209x509_obj.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
210x509_obj.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
211x509_obj.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
212x509_obj.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
213x509_obj.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
214x509_obj.o: ../../include/openssl/opensslconf.h
215x509_obj.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
216x509_obj.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
217x509_obj.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
218x509_obj.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
219x509_obj.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_obj.c
220x509_r2x.o: ../../e_os.h ../../include/openssl/asn1.h
221x509_r2x.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
222x509_r2x.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
223x509_r2x.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
224x509_r2x.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
225x509_r2x.o: ../../include/openssl/err.h ../../include/openssl/evp.h
226x509_r2x.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
227x509_r2x.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
228x509_r2x.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
229x509_r2x.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
230x509_r2x.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
231x509_r2x.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
232x509_r2x.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_r2x.c
233x509_req.o: ../../e_os.h ../../include/openssl/asn1.h
234x509_req.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
235x509_req.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
236x509_req.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
237x509_req.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
238x509_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
239x509_req.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
240x509_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
241x509_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
242x509_req.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
243x509_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
244x509_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
245x509_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
246x509_req.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_req.c
247x509_set.o: ../../e_os.h ../../include/openssl/asn1.h
248x509_set.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
249x509_set.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
250x509_set.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
251x509_set.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
252x509_set.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
253x509_set.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
254x509_set.o: ../../include/openssl/opensslconf.h
255x509_set.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
256x509_set.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
257x509_set.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
258x509_set.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
259x509_set.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_set.c
260x509_trs.o: ../../e_os.h ../../include/openssl/asn1.h
261x509_trs.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
262x509_trs.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
263x509_trs.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
264x509_trs.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
265x509_trs.o: ../../include/openssl/err.h ../../include/openssl/evp.h
266x509_trs.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
267x509_trs.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
268x509_trs.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
269x509_trs.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
270x509_trs.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
271x509_trs.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
272x509_trs.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
273x509_trs.o: ../cryptlib.h x509_trs.c
274x509_txt.o: ../../e_os.h ../../include/openssl/asn1.h
275x509_txt.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
276x509_txt.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
277x509_txt.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
278x509_txt.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
279x509_txt.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
280x509_txt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
281x509_txt.o: ../../include/openssl/opensslconf.h
282x509_txt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
283x509_txt.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
284x509_txt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
285x509_txt.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
286x509_txt.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_txt.c
287x509_v3.o: ../../e_os.h ../../include/openssl/asn1.h
288x509_v3.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
289x509_v3.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
290x509_v3.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
291x509_v3.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
292x509_v3.o: ../../include/openssl/err.h ../../include/openssl/evp.h
293x509_v3.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
294x509_v3.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
295x509_v3.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
296x509_v3.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
297x509_v3.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
298x509_v3.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
299x509_v3.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
300x509_v3.o: ../cryptlib.h x509_v3.c
301x509_vfy.o: ../../e_os.h ../../include/openssl/asn1.h
302x509_vfy.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
303x509_vfy.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
304x509_vfy.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
305x509_vfy.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
306x509_vfy.o: ../../include/openssl/err.h ../../include/openssl/evp.h
307x509_vfy.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
308x509_vfy.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
309x509_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
310x509_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
311x509_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
312x509_vfy.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
313x509_vfy.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
314x509_vfy.o: ../cryptlib.h x509_vfy.c
315x509_vpm.o: ../../e_os.h ../../include/openssl/asn1.h
316x509_vpm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
317x509_vpm.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
318x509_vpm.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
319x509_vpm.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
320x509_vpm.o: ../../include/openssl/err.h ../../include/openssl/evp.h
321x509_vpm.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
322x509_vpm.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
323x509_vpm.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
324x509_vpm.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
325x509_vpm.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
326x509_vpm.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
327x509_vpm.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
328x509_vpm.o: ../cryptlib.h x509_vpm.c
329x509cset.o: ../../e_os.h ../../include/openssl/asn1.h
330x509cset.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
331x509cset.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
332x509cset.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
333x509cset.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
334x509cset.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
335x509cset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
336x509cset.o: ../../include/openssl/opensslconf.h
337x509cset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
338x509cset.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
339x509cset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
340x509cset.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
341x509cset.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509cset.c
342x509name.o: ../../e_os.h ../../include/openssl/asn1.h
343x509name.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
344x509name.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
345x509name.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
346x509name.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
347x509name.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
348x509name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
349x509name.o: ../../include/openssl/opensslconf.h
350x509name.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
351x509name.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
352x509name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
353x509name.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
354x509name.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509name.c
355x509rset.o: ../../e_os.h ../../include/openssl/asn1.h
356x509rset.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
357x509rset.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
358x509rset.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
359x509rset.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
360x509rset.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
361x509rset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
362x509rset.o: ../../include/openssl/opensslconf.h
363x509rset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
364x509rset.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
365x509rset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
366x509rset.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
367x509rset.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509rset.c
368x509spki.o: ../../e_os.h ../../include/openssl/asn1.h
369x509spki.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
370x509spki.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
371x509spki.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
372x509spki.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
373x509spki.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
374x509spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
375x509spki.o: ../../include/openssl/opensslconf.h
376x509spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
377x509spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
378x509spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
379x509spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
380x509spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509spki.c
381x509type.o: ../../e_os.h ../../include/openssl/asn1.h
382x509type.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
383x509type.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h
384x509type.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
385x509type.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
386x509type.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
387x509type.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
388x509type.o: ../../include/openssl/opensslconf.h
389x509type.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
390x509type.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h
391x509type.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
392x509type.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
393x509type.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509type.c
394x_all.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
395x_all.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
396x_all.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
397x_all.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h
398x_all.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h
399x_all.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h
400x_all.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
401x_all.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
402x_all.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
403x_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
404x_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
405x_all.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
406x_all.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_all.c
diff --git a/src/lib/libcrypto/x509/Makefile.ssl b/src/lib/libcrypto/x509/Makefile.ssl
new file mode 100644
index 0000000000..3a3452536c
--- /dev/null
+++ b/src/lib/libcrypto/x509/Makefile.ssl
@@ -0,0 +1,594 @@
1#
2# SSLeay/crypto/x509/Makefile
3#
4
5DIR= x509
6TOP= ../..
7CC= cc
8INCLUDES= -I.. -I$(TOP) -I../../include
9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
12INSTALLTOP=/usr/local/ssl
13MAKE= make -f Makefile.ssl
14MAKEDEPPROG= makedepend
15MAKEDEPEND= $(TOP)/util/domd $(TOP) -MD $(MAKEDEPPROG)
16MAKEFILE= Makefile.ssl
17AR= ar r
18
19CFLAGS= $(INCLUDES) $(CFLAG)
20
21GENERAL=Makefile README
22TEST=
23APPS=
24
25LIB=$(TOP)/libcrypto.a
26LIBSRC= x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \
27 x509_obj.c x509_req.c x509spki.c x509_vfy.c \
28 x509_set.c x509cset.c x509rset.c x509_err.c \
29 x509name.c x509_v3.c x509_ext.c x509_att.c \
30 x509type.c x509_lu.c x_all.c x509_txt.c \
31 x509_trs.c by_file.c by_dir.c
32LIBOBJ= x509_def.o x509_d2.o x509_r2x.o x509_cmp.o \
33 x509_obj.o x509_req.o x509spki.o x509_vfy.o \
34 x509_set.o x509cset.o x509rset.o x509_err.o \
35 x509name.o x509_v3.o x509_ext.o x509_att.o \
36 x509type.o x509_lu.o x_all.o x509_txt.o \
37 x509_trs.o by_file.o by_dir.o
38
39SRC= $(LIBSRC)
40
41EXHEADER= x509.h x509_vfy.h
42HEADER= $(EXHEADER)
43
44ALL= $(GENERAL) $(SRC) $(HEADER)
45
46top:
47 (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
48
49all: lib
50
51lib: $(LIBOBJ)
52 $(AR) $(LIB) $(LIBOBJ)
53 $(RANLIB) $(LIB) || echo Never mind.
54 @touch lib
55
56files:
57 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
58
59links:
60 @sh $(TOP)/util/point.sh Makefile.ssl Makefile
61 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
62 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
63 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
64
65install:
66 @for i in $(EXHEADER) ; \
67 do \
68 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
69 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
70 done;
71
72tags:
73 ctags $(SRC)
74
75tests:
76
77lint:
78 lint -DLINT $(INCLUDES) $(SRC)>fluff
79
80depend:
81 $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
82
83dclean:
84 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
85 mv -f Makefile.new $(MAKEFILE)
86
87clean:
88 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
89
90# DO NOT DELETE THIS LINE -- make depend depends on it.
91
92by_dir.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
93by_dir.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
94by_dir.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
95by_dir.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
96by_dir.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
97by_dir.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
98by_dir.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
99by_dir.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
100by_dir.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
101by_dir.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
102by_dir.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
103by_dir.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
104by_dir.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
105by_dir.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
106by_dir.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
107by_dir.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
108by_dir.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
109by_dir.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
110by_dir.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
111by_dir.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
112by_dir.o: ../cryptlib.h by_dir.c
113by_file.o: ../../e_os.h ../../include/openssl/aes.h
114by_file.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
115by_file.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
116by_file.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
117by_file.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
118by_file.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
119by_file.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
120by_file.o: ../../include/openssl/err.h ../../include/openssl/evp.h
121by_file.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
122by_file.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
123by_file.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
124by_file.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
125by_file.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
126by_file.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
127by_file.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
128by_file.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
129by_file.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
130by_file.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
131by_file.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
132by_file.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
133by_file.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
134by_file.o: ../../include/openssl/x509_vfy.h ../cryptlib.h by_file.c
135x509_att.o: ../../e_os.h ../../include/openssl/aes.h
136x509_att.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
137x509_att.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
138x509_att.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
139x509_att.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
140x509_att.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
141x509_att.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
142x509_att.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
143x509_att.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
144x509_att.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
145x509_att.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
146x509_att.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
147x509_att.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
148x509_att.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
149x509_att.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
150x509_att.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
151x509_att.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
152x509_att.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
153x509_att.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
154x509_att.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
155x509_att.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
156x509_att.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_att.c
157x509_cmp.o: ../../e_os.h ../../include/openssl/aes.h
158x509_cmp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
159x509_cmp.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
160x509_cmp.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
161x509_cmp.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
162x509_cmp.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
163x509_cmp.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
164x509_cmp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
165x509_cmp.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
166x509_cmp.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
167x509_cmp.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
168x509_cmp.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
169x509_cmp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
170x509_cmp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
171x509_cmp.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
172x509_cmp.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
173x509_cmp.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
174x509_cmp.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
175x509_cmp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
176x509_cmp.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
177x509_cmp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
178x509_cmp.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_cmp.c
179x509_d2.o: ../../e_os.h ../../include/openssl/aes.h
180x509_d2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
181x509_d2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
182x509_d2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
183x509_d2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
184x509_d2.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
185x509_d2.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
186x509_d2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
187x509_d2.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
188x509_d2.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
189x509_d2.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
190x509_d2.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
191x509_d2.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
192x509_d2.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h
193x509_d2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
194x509_d2.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
195x509_d2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
196x509_d2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
197x509_d2.o: ../../include/openssl/symhacks.h ../../include/openssl/ui.h
198x509_d2.o: ../../include/openssl/ui_compat.h ../../include/openssl/x509.h
199x509_d2.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x509_d2.c
200x509_def.o: ../../e_os.h ../../include/openssl/aes.h
201x509_def.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
202x509_def.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
203x509_def.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
204x509_def.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
205x509_def.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
206x509_def.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
207x509_def.o: ../../include/openssl/err.h ../../include/openssl/evp.h
208x509_def.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
209x509_def.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
210x509_def.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
211x509_def.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
212x509_def.o: ../../include/openssl/opensslconf.h
213x509_def.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
214x509_def.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
215x509_def.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
216x509_def.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
217x509_def.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
218x509_def.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
219x509_def.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
220x509_def.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
221x509_def.o: ../cryptlib.h x509_def.c
222x509_err.o: ../../include/openssl/aes.h ../../include/openssl/asn1.h
223x509_err.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
224x509_err.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
225x509_err.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
226x509_err.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
227x509_err.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
228x509_err.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
229x509_err.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
230x509_err.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
231x509_err.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
232x509_err.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
233x509_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
234x509_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
235x509_err.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
236x509_err.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
237x509_err.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
238x509_err.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
239x509_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
240x509_err.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
241x509_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
242x509_err.o: x509_err.c
243x509_ext.o: ../../e_os.h ../../include/openssl/aes.h
244x509_ext.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
245x509_ext.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
246x509_ext.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
247x509_ext.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
248x509_ext.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
249x509_ext.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
250x509_ext.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
251x509_ext.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
252x509_ext.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
253x509_ext.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
254x509_ext.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
255x509_ext.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
256x509_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
257x509_ext.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
258x509_ext.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
259x509_ext.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
260x509_ext.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
261x509_ext.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
262x509_ext.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
263x509_ext.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
264x509_ext.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_ext.c
265x509_lu.o: ../../e_os.h ../../include/openssl/aes.h
266x509_lu.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
267x509_lu.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
268x509_lu.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
269x509_lu.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
270x509_lu.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
271x509_lu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
272x509_lu.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
273x509_lu.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
274x509_lu.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
275x509_lu.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
276x509_lu.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
277x509_lu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
278x509_lu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
279x509_lu.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
280x509_lu.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
281x509_lu.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
282x509_lu.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
283x509_lu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
284x509_lu.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
285x509_lu.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
286x509_lu.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_lu.c
287x509_obj.o: ../../e_os.h ../../include/openssl/aes.h
288x509_obj.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
289x509_obj.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
290x509_obj.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
291x509_obj.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
292x509_obj.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
293x509_obj.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
294x509_obj.o: ../../include/openssl/err.h ../../include/openssl/evp.h
295x509_obj.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
296x509_obj.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
297x509_obj.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
298x509_obj.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
299x509_obj.o: ../../include/openssl/opensslconf.h
300x509_obj.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
301x509_obj.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
302x509_obj.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
303x509_obj.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
304x509_obj.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
305x509_obj.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
306x509_obj.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
307x509_obj.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
308x509_obj.o: ../cryptlib.h x509_obj.c
309x509_r2x.o: ../../e_os.h ../../include/openssl/aes.h
310x509_r2x.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
311x509_r2x.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
312x509_r2x.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
313x509_r2x.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
314x509_r2x.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
315x509_r2x.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
316x509_r2x.o: ../../include/openssl/err.h ../../include/openssl/evp.h
317x509_r2x.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
318x509_r2x.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
319x509_r2x.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
320x509_r2x.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
321x509_r2x.o: ../../include/openssl/opensslconf.h
322x509_r2x.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
323x509_r2x.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
324x509_r2x.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
325x509_r2x.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
326x509_r2x.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
327x509_r2x.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
328x509_r2x.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
329x509_r2x.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
330x509_r2x.o: ../cryptlib.h x509_r2x.c
331x509_req.o: ../../e_os.h ../../include/openssl/aes.h
332x509_req.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
333x509_req.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
334x509_req.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
335x509_req.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
336x509_req.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
337x509_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
338x509_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
339x509_req.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
340x509_req.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
341x509_req.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
342x509_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
343x509_req.o: ../../include/openssl/opensslconf.h
344x509_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
345x509_req.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
346x509_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
347x509_req.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
348x509_req.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
349x509_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
350x509_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
351x509_req.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
352x509_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
353x509_req.o: ../cryptlib.h x509_req.c
354x509_set.o: ../../e_os.h ../../include/openssl/aes.h
355x509_set.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
356x509_set.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
357x509_set.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
358x509_set.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
359x509_set.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
360x509_set.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
361x509_set.o: ../../include/openssl/err.h ../../include/openssl/evp.h
362x509_set.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
363x509_set.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
364x509_set.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
365x509_set.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
366x509_set.o: ../../include/openssl/opensslconf.h
367x509_set.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
368x509_set.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
369x509_set.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
370x509_set.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
371x509_set.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
372x509_set.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
373x509_set.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
374x509_set.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
375x509_set.o: ../cryptlib.h x509_set.c
376x509_trs.o: ../../e_os.h ../../include/openssl/aes.h
377x509_trs.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
378x509_trs.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
379x509_trs.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
380x509_trs.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
381x509_trs.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
382x509_trs.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
383x509_trs.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
384x509_trs.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
385x509_trs.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
386x509_trs.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
387x509_trs.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
388x509_trs.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
389x509_trs.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
390x509_trs.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
391x509_trs.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
392x509_trs.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
393x509_trs.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
394x509_trs.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
395x509_trs.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
396x509_trs.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
397x509_trs.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_trs.c
398x509_txt.o: ../../e_os.h ../../include/openssl/aes.h
399x509_txt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
400x509_txt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
401x509_txt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
402x509_txt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
403x509_txt.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
404x509_txt.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
405x509_txt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
406x509_txt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
407x509_txt.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
408x509_txt.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
409x509_txt.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
410x509_txt.o: ../../include/openssl/opensslconf.h
411x509_txt.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
412x509_txt.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
413x509_txt.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
414x509_txt.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
415x509_txt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
416x509_txt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
417x509_txt.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
418x509_txt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
419x509_txt.o: ../cryptlib.h x509_txt.c
420x509_v3.o: ../../e_os.h ../../include/openssl/aes.h
421x509_v3.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
422x509_v3.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
423x509_v3.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
424x509_v3.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
425x509_v3.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
426x509_v3.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
427x509_v3.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
428x509_v3.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
429x509_v3.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
430x509_v3.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
431x509_v3.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
432x509_v3.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
433x509_v3.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
434x509_v3.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
435x509_v3.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
436x509_v3.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
437x509_v3.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
438x509_v3.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
439x509_v3.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
440x509_v3.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
441x509_v3.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_v3.c
442x509_vfy.o: ../../e_os.h ../../include/openssl/aes.h
443x509_vfy.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
444x509_vfy.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
445x509_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
446x509_vfy.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
447x509_vfy.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
448x509_vfy.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
449x509_vfy.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
450x509_vfy.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
451x509_vfy.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
452x509_vfy.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
453x509_vfy.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
454x509_vfy.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
455x509_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
456x509_vfy.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
457x509_vfy.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
458x509_vfy.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
459x509_vfy.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
460x509_vfy.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
461x509_vfy.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
462x509_vfy.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
463x509_vfy.o: ../../include/openssl/x509v3.h ../cryptlib.h x509_vfy.c
464x509cset.o: ../../e_os.h ../../include/openssl/aes.h
465x509cset.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
466x509cset.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
467x509cset.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
468x509cset.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
469x509cset.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
470x509cset.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
471x509cset.o: ../../include/openssl/err.h ../../include/openssl/evp.h
472x509cset.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
473x509cset.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
474x509cset.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
475x509cset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
476x509cset.o: ../../include/openssl/opensslconf.h
477x509cset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
478x509cset.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
479x509cset.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
480x509cset.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
481x509cset.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
482x509cset.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
483x509cset.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
484x509cset.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
485x509cset.o: ../cryptlib.h x509cset.c
486x509name.o: ../../e_os.h ../../include/openssl/aes.h
487x509name.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
488x509name.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
489x509name.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
490x509name.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
491x509name.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
492x509name.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
493x509name.o: ../../include/openssl/err.h ../../include/openssl/evp.h
494x509name.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
495x509name.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
496x509name.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
497x509name.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
498x509name.o: ../../include/openssl/opensslconf.h
499x509name.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
500x509name.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
501x509name.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
502x509name.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
503x509name.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
504x509name.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
505x509name.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
506x509name.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
507x509name.o: ../cryptlib.h x509name.c
508x509rset.o: ../../e_os.h ../../include/openssl/aes.h
509x509rset.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
510x509rset.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
511x509rset.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
512x509rset.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
513x509rset.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
514x509rset.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
515x509rset.o: ../../include/openssl/err.h ../../include/openssl/evp.h
516x509rset.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
517x509rset.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
518x509rset.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
519x509rset.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
520x509rset.o: ../../include/openssl/opensslconf.h
521x509rset.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
522x509rset.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
523x509rset.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
524x509rset.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
525x509rset.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
526x509rset.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
527x509rset.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
528x509rset.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
529x509rset.o: ../cryptlib.h x509rset.c
530x509spki.o: ../../e_os.h ../../include/openssl/aes.h
531x509spki.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
532x509spki.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
533x509spki.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
534x509spki.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
535x509spki.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
536x509spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
537x509spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h
538x509spki.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
539x509spki.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
540x509spki.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
541x509spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
542x509spki.o: ../../include/openssl/opensslconf.h
543x509spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
544x509spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
545x509spki.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
546x509spki.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
547x509spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
548x509spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
549x509spki.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
550x509spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
551x509spki.o: ../cryptlib.h x509spki.c
552x509type.o: ../../e_os.h ../../include/openssl/aes.h
553x509type.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
554x509type.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
555x509type.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
556x509type.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
557x509type.o: ../../include/openssl/des_old.h ../../include/openssl/dh.h
558x509type.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
559x509type.o: ../../include/openssl/err.h ../../include/openssl/evp.h
560x509type.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
561x509type.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
562x509type.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
563x509type.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
564x509type.o: ../../include/openssl/opensslconf.h
565x509type.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
566x509type.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
567x509type.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
568x509type.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
569x509type.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
570x509type.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
571x509type.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
572x509type.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
573x509type.o: ../cryptlib.h x509type.c
574x_all.o: ../../e_os.h ../../include/openssl/aes.h ../../include/openssl/asn1.h
575x_all.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
576x_all.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
577x_all.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
578x_all.o: ../../include/openssl/des.h ../../include/openssl/des_old.h
579x_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
580x_all.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
581x_all.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
582x_all.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
583x_all.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
584x_all.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
585x_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
586x_all.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h
587x_all.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
588x_all.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
589x_all.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
590x_all.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
591x_all.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
592x_all.o: ../../include/openssl/ui.h ../../include/openssl/ui_compat.h
593x_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
594x_all.o: ../cryptlib.h x_all.c
diff --git a/src/lib/libcrypto/x509/by_dir.c b/src/lib/libcrypto/x509/by_dir.c
index 37f9a48206..ea689aed1a 100644
--- a/src/lib/libcrypto/x509/by_dir.c
+++ b/src/lib/libcrypto/x509/by_dir.c
@@ -189,7 +189,7 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type)
189 189
190 s=dir; 190 s=dir;
191 p=s; 191 p=s;
192 for (;;p++) 192 for (;;)
193 { 193 {
194 if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0')) 194 if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0'))
195 { 195 {
@@ -198,11 +198,8 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type)
198 len=(int)(p-ss); 198 len=(int)(p-ss);
199 if (len == 0) continue; 199 if (len == 0) continue;
200 for (j=0; j<ctx->num_dirs; j++) 200 for (j=0; j<ctx->num_dirs; j++)
201 if (strlen(ctx->dirs[j]) == (size_t)len && 201 if (strncmp(ctx->dirs[j],ss,(unsigned int)len) == 0)
202 strncmp(ctx->dirs[j],ss,(unsigned int)len) == 0) 202 continue;
203 break;
204 if (j<ctx->num_dirs)
205 continue;
206 if (ctx->num_dirs_alloced < (ctx->num_dirs+1)) 203 if (ctx->num_dirs_alloced < (ctx->num_dirs+1))
207 { 204 {
208 ctx->num_dirs_alloced+=10; 205 ctx->num_dirs_alloced+=10;
@@ -234,6 +231,7 @@ static int add_cert_dir(BY_DIR *ctx, const char *dir, int type)
234 ctx->num_dirs++; 231 ctx->num_dirs++;
235 } 232 }
236 if (*p == '\0') break; 233 if (*p == '\0') break;
234 p++;
237 } 235 }
238 return(1); 236 return(1);
239 } 237 }
diff --git a/src/lib/libcrypto/x509/x509.h b/src/lib/libcrypto/x509/x509.h
index e71b5257e5..e8c1a59cf2 100644
--- a/src/lib/libcrypto/x509/x509.h
+++ b/src/lib/libcrypto/x509/x509.h
@@ -55,16 +55,10 @@
55 * copied and put under another distribution licence 55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58/* ====================================================================
59 * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED.
60 * ECDH support in OpenSSL originally developed by
61 * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project.
62 */
63 58
64#ifndef HEADER_X509_H 59#ifndef HEADER_X509_H
65#define HEADER_X509_H 60#define HEADER_X509_H
66 61
67#include <openssl/e_os2.h>
68#include <openssl/symhacks.h> 62#include <openssl/symhacks.h>
69#ifndef OPENSSL_NO_BUFFER 63#ifndef OPENSSL_NO_BUFFER
70#include <openssl/buffer.h> 64#include <openssl/buffer.h>
@@ -79,33 +73,21 @@
79#include <openssl/asn1.h> 73#include <openssl/asn1.h>
80#include <openssl/safestack.h> 74#include <openssl/safestack.h>
81 75
82#ifndef OPENSSL_NO_EC
83#include <openssl/ec.h>
84#endif
85
86#ifndef OPENSSL_NO_ECDSA
87#include <openssl/ecdsa.h>
88#endif
89
90#ifndef OPENSSL_NO_ECDH
91#include <openssl/ecdh.h>
92#endif
93
94#ifndef OPENSSL_NO_DEPRECATED
95#ifndef OPENSSL_NO_RSA 76#ifndef OPENSSL_NO_RSA
96#include <openssl/rsa.h> 77#include <openssl/rsa.h>
97#endif 78#endif
79
98#ifndef OPENSSL_NO_DSA 80#ifndef OPENSSL_NO_DSA
99#include <openssl/dsa.h> 81#include <openssl/dsa.h>
100#endif 82#endif
83
101#ifndef OPENSSL_NO_DH 84#ifndef OPENSSL_NO_DH
102#include <openssl/dh.h> 85#include <openssl/dh.h>
103#endif 86#endif
104#endif
105
106#ifndef OPENSSL_NO_SHA 87#ifndef OPENSSL_NO_SHA
107#include <openssl/sha.h> 88#include <openssl/sha.h>
108#endif 89#endif
90#include <openssl/e_os2.h>
109#include <openssl/ossl_typ.h> 91#include <openssl/ossl_typ.h>
110 92
111#ifdef __cplusplus 93#ifdef __cplusplus
@@ -113,9 +95,8 @@ extern "C" {
113#endif 95#endif
114 96
115#ifdef OPENSSL_SYS_WIN32 97#ifdef OPENSSL_SYS_WIN32
116/* Under Win32 these are defined in wincrypt.h */ 98/* Under Win32 this is defined in wincrypt.h */
117#undef X509_NAME 99#undef X509_NAME
118#undef X509_CERT_PAIR
119#endif 100#endif
120 101
121#define X509_FILETYPE_PEM 1 102#define X509_FILETYPE_PEM 1
@@ -136,8 +117,8 @@ extern "C" {
136typedef struct X509_objects_st 117typedef struct X509_objects_st
137 { 118 {
138 int nid; 119 int nid;
139 int (*a2i)(void); 120 int (*a2i)();
140 int (*i2a)(void); 121 int (*i2a)();
141 } X509_OBJECTS; 122 } X509_OBJECTS;
142 123
143struct X509_algor_st 124struct X509_algor_st
@@ -146,10 +127,9 @@ struct X509_algor_st
146 ASN1_TYPE *parameter; 127 ASN1_TYPE *parameter;
147 } /* X509_ALGOR */; 128 } /* X509_ALGOR */;
148 129
130DECLARE_STACK_OF(X509_ALGOR)
149DECLARE_ASN1_SET_OF(X509_ALGOR) 131DECLARE_ASN1_SET_OF(X509_ALGOR)
150 132
151typedef STACK_OF(X509_ALGOR) X509_ALGORS;
152
153typedef struct X509_val_st 133typedef struct X509_val_st
154 { 134 {
155 ASN1_TIME *notBefore; 135 ASN1_TIME *notBefore;
@@ -204,8 +184,6 @@ typedef struct X509_extension_st
204 ASN1_OCTET_STRING *value; 184 ASN1_OCTET_STRING *value;
205 } X509_EXTENSION; 185 } X509_EXTENSION;
206 186
207typedef STACK_OF(X509_EXTENSION) X509_EXTENSIONS;
208
209DECLARE_STACK_OF(X509_EXTENSION) 187DECLARE_STACK_OF(X509_EXTENSION)
210DECLARE_ASN1_SET_OF(X509_EXTENSION) 188DECLARE_ASN1_SET_OF(X509_EXTENSION)
211 189
@@ -283,18 +261,12 @@ struct x509_st
283 CRYPTO_EX_DATA ex_data; 261 CRYPTO_EX_DATA ex_data;
284 /* These contain copies of various extension values */ 262 /* These contain copies of various extension values */
285 long ex_pathlen; 263 long ex_pathlen;
286 long ex_pcpathlen;
287 unsigned long ex_flags; 264 unsigned long ex_flags;
288 unsigned long ex_kusage; 265 unsigned long ex_kusage;
289 unsigned long ex_xkusage; 266 unsigned long ex_xkusage;
290 unsigned long ex_nscert; 267 unsigned long ex_nscert;
291 ASN1_OCTET_STRING *skid; 268 ASN1_OCTET_STRING *skid;
292 struct AUTHORITY_KEYID_st *akid; 269 struct AUTHORITY_KEYID_st *akid;
293 X509_POLICY_CACHE *policy_cache;
294#ifndef OPENSSL_NO_RFC3779
295 STACK_OF(IPAddressFamily) *rfc3779_addr;
296 struct ASIdentifiers_st *rfc3779_asid;
297#endif
298#ifndef OPENSSL_NO_SHA 270#ifndef OPENSSL_NO_SHA
299 unsigned char sha1_hash[SHA_DIGEST_LENGTH]; 271 unsigned char sha1_hash[SHA_DIGEST_LENGTH];
300#endif 272#endif
@@ -317,11 +289,6 @@ typedef struct x509_trust_st {
317 289
318DECLARE_STACK_OF(X509_TRUST) 290DECLARE_STACK_OF(X509_TRUST)
319 291
320typedef struct x509_cert_pair_st {
321 X509 *forward;
322 X509 *reverse;
323} X509_CERT_PAIR;
324
325/* standard trust ids */ 292/* standard trust ids */
326 293
327#define X509_TRUST_DEFAULT -1 /* Only valid in purpose settings */ 294#define X509_TRUST_DEFAULT -1 /* Only valid in purpose settings */
@@ -688,17 +655,6 @@ extern "C" {
688#define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \ 655#define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \
689 (unsigned char *)dsa) 656 (unsigned char *)dsa)
690 657
691#define d2i_ECPrivateKey_fp(fp,ecdsa) (EC_KEY *)ASN1_d2i_fp((char *(*)())\
692 EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (fp), \
693 (unsigned char **)(ecdsa))
694#define i2d_ECPrivateKey_fp(fp,ecdsa) ASN1_i2d_fp(i2d_ECPrivateKey,fp, \
695 (unsigned char *)ecdsa)
696#define d2i_ECPrivateKey_bio(bp,ecdsa) (EC_KEY *)ASN1_d2i_bio((char *(*)())\
697 EC_KEY_new,(char *(*)())d2i_ECPrivateKey, (bp), \
698 (unsigned char **)(ecdsa))
699#define i2d_ECPrivateKey_bio(bp,ecdsa) ASN1_i2d_bio(i2d_ECPrivateKey,bp, \
700 (unsigned char *)ecdsa)
701
702#define X509_ALGOR_dup(xn) (X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,\ 658#define X509_ALGOR_dup(xn) (X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,\
703 (char *(*)())d2i_X509_ALGOR,(char *)xn) 659 (char *(*)())d2i_X509_ALGOR,(char *)xn)
704 660
@@ -802,12 +758,6 @@ int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa);
802DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa); 758DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
803int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa); 759int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
804#endif 760#endif
805#ifndef OPENSSL_NO_EC
806EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey);
807int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey);
808EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey);
809int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey);
810#endif
811X509_SIG *d2i_PKCS8_fp(FILE *fp,X509_SIG **p8); 761X509_SIG *d2i_PKCS8_fp(FILE *fp,X509_SIG **p8);
812int i2d_PKCS8_fp(FILE *fp,X509_SIG *p8); 762int i2d_PKCS8_fp(FILE *fp,X509_SIG *p8);
813PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, 763PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
@@ -841,12 +791,6 @@ int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa);
841DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa); 791DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
842int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa); 792int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
843#endif 793#endif
844#ifndef OPENSSL_NO_EC
845EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey);
846int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *eckey);
847EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey);
848int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey);
849#endif
850X509_SIG *d2i_PKCS8_bio(BIO *bp,X509_SIG **p8); 794X509_SIG *d2i_PKCS8_bio(BIO *bp,X509_SIG **p8);
851int i2d_PKCS8_bio(BIO *bp,X509_SIG *p8); 795int i2d_PKCS8_bio(BIO *bp,X509_SIG *p8);
852PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, 796PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
@@ -865,10 +809,6 @@ X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex);
865X509_CRL *X509_CRL_dup(X509_CRL *crl); 809X509_CRL *X509_CRL_dup(X509_CRL *crl);
866X509_REQ *X509_REQ_dup(X509_REQ *req); 810X509_REQ *X509_REQ_dup(X509_REQ *req);
867X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn); 811X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
868int X509_ALGOR_set0(X509_ALGOR *alg, ASN1_OBJECT *aobj, int ptype, void *pval);
869void X509_ALGOR_get0(ASN1_OBJECT **paobj, int *pptype, void **ppval,
870 X509_ALGOR *algor);
871
872X509_NAME *X509_NAME_dup(X509_NAME *xn); 812X509_NAME *X509_NAME_dup(X509_NAME *xn);
873X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne); 813X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
874 814
@@ -890,7 +830,6 @@ X509_REQ * X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
890X509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey); 830X509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey);
891 831
892DECLARE_ASN1_FUNCTIONS(X509_ALGOR) 832DECLARE_ASN1_FUNCTIONS(X509_ALGOR)
893DECLARE_ASN1_ENCODE_FUNCTIONS(X509_ALGORS, X509_ALGORS, X509_ALGORS)
894DECLARE_ASN1_FUNCTIONS(X509_VAL) 833DECLARE_ASN1_FUNCTIONS(X509_VAL)
895 834
896DECLARE_ASN1_FUNCTIONS(X509_PUBKEY) 835DECLARE_ASN1_FUNCTIONS(X509_PUBKEY)
@@ -900,21 +839,16 @@ EVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key);
900int X509_get_pubkey_parameters(EVP_PKEY *pkey, 839int X509_get_pubkey_parameters(EVP_PKEY *pkey,
901 STACK_OF(X509) *chain); 840 STACK_OF(X509) *chain);
902int i2d_PUBKEY(EVP_PKEY *a,unsigned char **pp); 841int i2d_PUBKEY(EVP_PKEY *a,unsigned char **pp);
903EVP_PKEY * d2i_PUBKEY(EVP_PKEY **a,const unsigned char **pp, 842EVP_PKEY * d2i_PUBKEY(EVP_PKEY **a,unsigned char **pp,
904 long length); 843 long length);
905#ifndef OPENSSL_NO_RSA 844#ifndef OPENSSL_NO_RSA
906int i2d_RSA_PUBKEY(RSA *a,unsigned char **pp); 845int i2d_RSA_PUBKEY(RSA *a,unsigned char **pp);
907RSA * d2i_RSA_PUBKEY(RSA **a,const unsigned char **pp, 846RSA * d2i_RSA_PUBKEY(RSA **a,unsigned char **pp,
908 long length); 847 long length);
909#endif 848#endif
910#ifndef OPENSSL_NO_DSA 849#ifndef OPENSSL_NO_DSA
911int i2d_DSA_PUBKEY(DSA *a,unsigned char **pp); 850int i2d_DSA_PUBKEY(DSA *a,unsigned char **pp);
912DSA * d2i_DSA_PUBKEY(DSA **a,const unsigned char **pp, 851DSA * d2i_DSA_PUBKEY(DSA **a,unsigned char **pp,
913 long length);
914#endif
915#ifndef OPENSSL_NO_EC
916int i2d_EC_PUBKEY(EC_KEY *a, unsigned char **pp);
917EC_KEY *d2i_EC_PUBKEY(EC_KEY **a, const unsigned char **pp,
918 long length); 852 long length);
919#endif 853#endif
920 854
@@ -926,7 +860,6 @@ DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE)
926X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value); 860X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value);
927 861
928DECLARE_ASN1_FUNCTIONS(X509_EXTENSION) 862DECLARE_ASN1_FUNCTIONS(X509_EXTENSION)
929DECLARE_ASN1_ENCODE_FUNCTIONS(X509_EXTENSIONS, X509_EXTENSIONS, X509_EXTENSIONS)
930 863
931DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY) 864DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY)
932 865
@@ -939,19 +872,16 @@ DECLARE_ASN1_FUNCTIONS(X509_CINF)
939DECLARE_ASN1_FUNCTIONS(X509) 872DECLARE_ASN1_FUNCTIONS(X509)
940DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX) 873DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)
941 874
942DECLARE_ASN1_FUNCTIONS(X509_CERT_PAIR)
943
944int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 875int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
945 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); 876 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
946int X509_set_ex_data(X509 *r, int idx, void *arg); 877int X509_set_ex_data(X509 *r, int idx, void *arg);
947void *X509_get_ex_data(X509 *r, int idx); 878void *X509_get_ex_data(X509 *r, int idx);
948int i2d_X509_AUX(X509 *a,unsigned char **pp); 879int i2d_X509_AUX(X509 *a,unsigned char **pp);
949X509 * d2i_X509_AUX(X509 **a,const unsigned char **pp,long length); 880X509 * d2i_X509_AUX(X509 **a,unsigned char **pp,long length);
950 881
951int X509_alias_set1(X509 *x, unsigned char *name, int len); 882int X509_alias_set1(X509 *x, unsigned char *name, int len);
952int X509_keyid_set1(X509 *x, unsigned char *id, int len); 883int X509_keyid_set1(X509 *x, unsigned char *id, int len);
953unsigned char * X509_alias_get0(X509 *x, int *len); 884unsigned char * X509_alias_get0(X509 *x, int *len);
954unsigned char * X509_keyid_get0(X509 *x, int *len);
955int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int); 885int (*X509_TRUST_set_default(int (*trust)(int , X509 *, int)))(int, X509 *, int);
956int X509_TRUST_set(int *t, int trust); 886int X509_TRUST_set(int *t, int trust);
957int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj); 887int X509_add1_trust_object(X509 *x, ASN1_OBJECT *obj);
@@ -968,7 +898,7 @@ int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
968X509_PKEY * X509_PKEY_new(void ); 898X509_PKEY * X509_PKEY_new(void );
969void X509_PKEY_free(X509_PKEY *a); 899void X509_PKEY_free(X509_PKEY *a);
970int i2d_X509_PKEY(X509_PKEY *a,unsigned char **pp); 900int i2d_X509_PKEY(X509_PKEY *a,unsigned char **pp);
971X509_PKEY * d2i_X509_PKEY(X509_PKEY **a,const unsigned char **pp,long length); 901X509_PKEY * d2i_X509_PKEY(X509_PKEY **a,unsigned char **pp,long length);
972 902
973DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI) 903DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI)
974DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC) 904DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
@@ -979,15 +909,15 @@ X509_INFO * X509_INFO_new(void);
979void X509_INFO_free(X509_INFO *a); 909void X509_INFO_free(X509_INFO *a);
980char * X509_NAME_oneline(X509_NAME *a,char *buf,int size); 910char * X509_NAME_oneline(X509_NAME *a,char *buf,int size);
981 911
982int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *algor1, 912int ASN1_verify(int (*i2d)(), X509_ALGOR *algor1,
983 ASN1_BIT_STRING *signature,char *data,EVP_PKEY *pkey); 913 ASN1_BIT_STRING *signature,char *data,EVP_PKEY *pkey);
984 914
985int ASN1_digest(i2d_of_void *i2d,const EVP_MD *type,char *data, 915int ASN1_digest(int (*i2d)(),const EVP_MD *type,char *data,
986 unsigned char *md,unsigned int *len); 916 unsigned char *md,unsigned int *len);
987 917
988int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, 918int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
989 X509_ALGOR *algor2, ASN1_BIT_STRING *signature, 919 ASN1_BIT_STRING *signature,
990 char *data,EVP_PKEY *pkey, const EVP_MD *type); 920 char *data,EVP_PKEY *pkey, const EVP_MD *type);
991 921
992int ASN1_item_digest(const ASN1_ITEM *it,const EVP_MD *type,void *data, 922int ASN1_item_digest(const ASN1_ITEM *it,const EVP_MD *type,void *data,
993 unsigned char *md,unsigned int *len); 923 unsigned char *md,unsigned int *len);
@@ -1052,8 +982,6 @@ int X509_CRL_sort(X509_CRL *crl);
1052int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial); 982int X509_REVOKED_set_serialNumber(X509_REVOKED *x, ASN1_INTEGER *serial);
1053int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm); 983int X509_REVOKED_set_revocationDate(X509_REVOKED *r, ASN1_TIME *tm);
1054 984
1055int X509_REQ_check_private_key(X509_REQ *x509,EVP_PKEY *pkey);
1056
1057int X509_check_private_key(X509 *x509,EVP_PKEY *pkey); 985int X509_check_private_key(X509 *x509,EVP_PKEY *pkey);
1058 986
1059int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b); 987int X509_issuer_and_serial_cmp(const X509 *a, const X509 *b);
@@ -1200,8 +1128,6 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_NID(STACK_OF(X509_ATTRIBUTE) **x,
1200STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x, 1128STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
1201 const char *attrname, int type, 1129 const char *attrname, int type,
1202 const unsigned char *bytes, int len); 1130 const unsigned char *bytes, int len);
1203void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
1204 ASN1_OBJECT *obj, int lastpos, int type);
1205X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, 1131X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
1206 int atrtype, const void *data, int len); 1132 int atrtype, const void *data, int len);
1207X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr, 1133X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **attr,
@@ -1216,24 +1142,6 @@ int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr);
1216ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr); 1142ASN1_OBJECT *X509_ATTRIBUTE_get0_object(X509_ATTRIBUTE *attr);
1217ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx); 1143ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx);
1218 1144
1219int EVP_PKEY_get_attr_count(const EVP_PKEY *key);
1220int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *key, int nid,
1221 int lastpos);
1222int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *key, ASN1_OBJECT *obj,
1223 int lastpos);
1224X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *key, int loc);
1225X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *key, int loc);
1226int EVP_PKEY_add1_attr(EVP_PKEY *key, X509_ATTRIBUTE *attr);
1227int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *key,
1228 const ASN1_OBJECT *obj, int type,
1229 const unsigned char *bytes, int len);
1230int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *key,
1231 int nid, int type,
1232 const unsigned char *bytes, int len);
1233int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key,
1234 const char *attrname, int type,
1235 const unsigned char *bytes, int len);
1236
1237int X509_verify_cert(X509_STORE_CTX *ctx); 1145int X509_verify_cert(X509_STORE_CTX *ctx);
1238 1146
1239/* lookup a cert from a X509 STACK */ 1147/* lookup a cert from a X509 STACK */
@@ -1280,20 +1188,18 @@ void ERR_load_X509_strings(void);
1280/* Function codes. */ 1188/* Function codes. */
1281#define X509_F_ADD_CERT_DIR 100 1189#define X509_F_ADD_CERT_DIR 100
1282#define X509_F_BY_FILE_CTRL 101 1190#define X509_F_BY_FILE_CTRL 101
1283#define X509_F_CHECK_POLICY 145
1284#define X509_F_DIR_CTRL 102 1191#define X509_F_DIR_CTRL 102
1285#define X509_F_GET_CERT_BY_SUBJECT 103 1192#define X509_F_GET_CERT_BY_SUBJECT 103
1286#define X509_F_NETSCAPE_SPKI_B64_DECODE 129 1193#define X509_F_NETSCAPE_SPKI_B64_DECODE 129
1287#define X509_F_NETSCAPE_SPKI_B64_ENCODE 130 1194#define X509_F_NETSCAPE_SPKI_B64_ENCODE 130
1288#define X509_F_X509AT_ADD1_ATTR 135
1289#define X509_F_X509V3_ADD_EXT 104 1195#define X509_F_X509V3_ADD_EXT 104
1196#define X509_F_X509_ADD_ATTR 135
1290#define X509_F_X509_ATTRIBUTE_CREATE_BY_NID 136 1197#define X509_F_X509_ATTRIBUTE_CREATE_BY_NID 136
1291#define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ 137 1198#define X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ 137
1292#define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT 140 1199#define X509_F_X509_ATTRIBUTE_CREATE_BY_TXT 140
1293#define X509_F_X509_ATTRIBUTE_GET0_DATA 139 1200#define X509_F_X509_ATTRIBUTE_GET0_DATA 139
1294#define X509_F_X509_ATTRIBUTE_SET1_DATA 138 1201#define X509_F_X509_ATTRIBUTE_SET1_DATA 138
1295#define X509_F_X509_CHECK_PRIVATE_KEY 128 1202#define X509_F_X509_CHECK_PRIVATE_KEY 128
1296#define X509_F_X509_CRL_PRINT_FP 147
1297#define X509_F_X509_EXTENSION_CREATE_BY_NID 108 1203#define X509_F_X509_EXTENSION_CREATE_BY_NID 108
1298#define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109 1204#define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109
1299#define X509_F_X509_GET_PUBKEY_PARAMETERS 110 1205#define X509_F_X509_GET_PUBKEY_PARAMETERS 110
@@ -1306,16 +1212,14 @@ void ERR_load_X509_strings(void);
1306#define X509_F_X509_NAME_ENTRY_SET_OBJECT 115 1212#define X509_F_X509_NAME_ENTRY_SET_OBJECT 115
1307#define X509_F_X509_NAME_ONELINE 116 1213#define X509_F_X509_NAME_ONELINE 116
1308#define X509_F_X509_NAME_PRINT 117 1214#define X509_F_X509_NAME_PRINT 117
1309#define X509_F_X509_PRINT_EX_FP 118 1215#define X509_F_X509_PRINT_FP 118
1310#define X509_F_X509_PUBKEY_GET 119 1216#define X509_F_X509_PUBKEY_GET 119
1311#define X509_F_X509_PUBKEY_SET 120 1217#define X509_F_X509_PUBKEY_SET 120
1312#define X509_F_X509_REQ_CHECK_PRIVATE_KEY 144 1218#define X509_F_X509_REQ_PRINT 121
1313#define X509_F_X509_REQ_PRINT_EX 121
1314#define X509_F_X509_REQ_PRINT_FP 122 1219#define X509_F_X509_REQ_PRINT_FP 122
1315#define X509_F_X509_REQ_TO_X509 123 1220#define X509_F_X509_REQ_TO_X509 123
1316#define X509_F_X509_STORE_ADD_CERT 124 1221#define X509_F_X509_STORE_ADD_CERT 124
1317#define X509_F_X509_STORE_ADD_CRL 125 1222#define X509_F_X509_STORE_ADD_CRL 125
1318#define X509_F_X509_STORE_CTX_GET1_ISSUER 146
1319#define X509_F_X509_STORE_CTX_INIT 143 1223#define X509_F_X509_STORE_CTX_INIT 143
1320#define X509_F_X509_STORE_CTX_NEW 142 1224#define X509_F_X509_STORE_CTX_NEW 142
1321#define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 134 1225#define X509_F_X509_STORE_CTX_PURPOSE_INHERIT 134
diff --git a/src/lib/libcrypto/x509/x509_att.c b/src/lib/libcrypto/x509/x509_att.c
index 511b49d589..0bae3d32a1 100644
--- a/src/lib/libcrypto/x509/x509_att.c
+++ b/src/lib/libcrypto/x509/x509_att.c
@@ -67,7 +67,8 @@
67 67
68int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x) 68int X509at_get_attr_count(const STACK_OF(X509_ATTRIBUTE) *x)
69{ 69{
70 return sk_X509_ATTRIBUTE_num(x); 70 if (!x) return 0;
71 return(sk_X509_ATTRIBUTE_num(x));
71} 72}
72 73
73int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid, 74int X509at_get_attr_by_NID(const STACK_OF(X509_ATTRIBUTE) *x, int nid,
@@ -124,13 +125,7 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
124 X509_ATTRIBUTE *new_attr=NULL; 125 X509_ATTRIBUTE *new_attr=NULL;
125 STACK_OF(X509_ATTRIBUTE) *sk=NULL; 126 STACK_OF(X509_ATTRIBUTE) *sk=NULL;
126 127
127 if (x == NULL) 128 if ((x != NULL) && (*x == NULL))
128 {
129 X509err(X509_F_X509AT_ADD1_ATTR, ERR_R_PASSED_NULL_PARAMETER);
130 goto err2;
131 }
132
133 if (*x == NULL)
134 { 129 {
135 if ((sk=sk_X509_ATTRIBUTE_new_null()) == NULL) 130 if ((sk=sk_X509_ATTRIBUTE_new_null()) == NULL)
136 goto err; 131 goto err;
@@ -142,11 +137,11 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr(STACK_OF(X509_ATTRIBUTE) **x,
142 goto err2; 137 goto err2;
143 if (!sk_X509_ATTRIBUTE_push(sk,new_attr)) 138 if (!sk_X509_ATTRIBUTE_push(sk,new_attr))
144 goto err; 139 goto err;
145 if (*x == NULL) 140 if ((x != NULL) && (*x == NULL))
146 *x=sk; 141 *x=sk;
147 return(sk); 142 return(sk);
148err: 143err:
149 X509err(X509_F_X509AT_ADD1_ATTR,ERR_R_MALLOC_FAILURE); 144 X509err(X509_F_X509_ADD_ATTR,ERR_R_MALLOC_FAILURE);
150err2: 145err2:
151 if (new_attr != NULL) X509_ATTRIBUTE_free(new_attr); 146 if (new_attr != NULL) X509_ATTRIBUTE_free(new_attr);
152 if (sk != NULL) sk_X509_ATTRIBUTE_free(sk); 147 if (sk != NULL) sk_X509_ATTRIBUTE_free(sk);
@@ -192,22 +187,6 @@ STACK_OF(X509_ATTRIBUTE) *X509at_add1_attr_by_txt(STACK_OF(X509_ATTRIBUTE) **x,
192 return ret; 187 return ret;
193} 188}
194 189
195void *X509at_get0_data_by_OBJ(STACK_OF(X509_ATTRIBUTE) *x,
196 ASN1_OBJECT *obj, int lastpos, int type)
197{
198 int i;
199 X509_ATTRIBUTE *at;
200 i = X509at_get_attr_by_OBJ(x, obj, lastpos);
201 if (i == -1)
202 return NULL;
203 if ((lastpos <= -2) && (X509at_get_attr_by_OBJ(x, obj, i) != -1))
204 return NULL;
205 at = X509at_get_attr(x, i);
206 if (lastpos <= -3 && (X509_ATTRIBUTE_count(at) != 1))
207 return NULL;
208 return X509_ATTRIBUTE_get0_data(at, 0, type, NULL);
209}
210
211X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid, 190X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **attr, int nid,
212 int atrtype, const void *data, int len) 191 int atrtype, const void *data, int len)
213{ 192{
@@ -285,8 +264,8 @@ int X509_ATTRIBUTE_set1_object(X509_ATTRIBUTE *attr, const ASN1_OBJECT *obj)
285int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len) 264int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *data, int len)
286{ 265{
287 ASN1_TYPE *ttmp; 266 ASN1_TYPE *ttmp;
288 ASN1_STRING *stmp = NULL; 267 ASN1_STRING *stmp;
289 int atype = 0; 268 int atype;
290 if (!attr) return 0; 269 if (!attr) return 0;
291 if(attrtype & MBSTRING_FLAG) { 270 if(attrtype & MBSTRING_FLAG) {
292 stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype, 271 stmp = ASN1_STRING_set_by_NID(NULL, data, len, attrtype,
@@ -296,22 +275,16 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, const void *dat
296 return 0; 275 return 0;
297 } 276 }
298 atype = stmp->type; 277 atype = stmp->type;
299 } else if (len != -1){ 278 } else {
300 if(!(stmp = ASN1_STRING_type_new(attrtype))) goto err; 279 if(!(stmp = ASN1_STRING_type_new(attrtype))) goto err;
301 if(!ASN1_STRING_set(stmp, data, len)) goto err; 280 if(!ASN1_STRING_set(stmp, data, len)) goto err;
302 atype = attrtype; 281 atype = attrtype;
303 } 282 }
304 if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err; 283 if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err;
305 if(!(ttmp = ASN1_TYPE_new())) goto err; 284 if(!(ttmp = ASN1_TYPE_new())) goto err;
306 if (len == -1)
307 {
308 if (!ASN1_TYPE_set1(ttmp, attrtype, data))
309 goto err;
310 }
311 else
312 ASN1_TYPE_set(ttmp, atype, stmp);
313 if(!sk_ASN1_TYPE_push(attr->value.set, ttmp)) goto err; 285 if(!sk_ASN1_TYPE_push(attr->value.set, ttmp)) goto err;
314 attr->single = 0; 286 attr->single = 0;
287 ASN1_TYPE_set(ttmp, atype, stmp);
315 return 1; 288 return 1;
316 err: 289 err:
317 X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_MALLOC_FAILURE); 290 X509err(X509_F_X509_ATTRIBUTE_SET1_DATA, ERR_R_MALLOC_FAILURE);
diff --git a/src/lib/libcrypto/x509/x509_cmp.c b/src/lib/libcrypto/x509/x509_cmp.c
index 0d6bc653b2..030d0966fc 100644
--- a/src/lib/libcrypto/x509/x509_cmp.c
+++ b/src/lib/libcrypto/x509/x509_cmp.c
@@ -322,10 +322,16 @@ unsigned long X509_NAME_hash(X509_NAME *x)
322 { 322 {
323 unsigned long ret=0; 323 unsigned long ret=0;
324 unsigned char md[16]; 324 unsigned char md[16];
325 EVP_MD_CTX md_ctx;
325 326
326 /* Make sure X509_NAME structure contains valid cached encoding */ 327 /* Make sure X509_NAME structure contains valid cached encoding */
327 i2d_X509_NAME(x,NULL); 328 i2d_X509_NAME(x,NULL);
328 EVP_Digest(x->bytes->data, x->bytes->length, md, NULL, EVP_md5(), NULL); 329 EVP_MD_CTX_init(&md_ctx);
330 EVP_MD_CTX_set_flags(&md_ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
331 EVP_DigestInit_ex(&md_ctx, EVP_md5(), NULL);
332 EVP_DigestUpdate(&md_ctx, x->bytes->data, x->bytes->length);
333 EVP_DigestFinal_ex(&md_ctx,md,NULL);
334 EVP_MD_CTX_cleanup(&md_ctx);
329 335
330 ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)| 336 ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
331 ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L) 337 ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
@@ -390,36 +396,45 @@ int X509_check_private_key(X509 *x, EVP_PKEY *k)
390 int ok=0; 396 int ok=0;
391 397
392 xk=X509_get_pubkey(x); 398 xk=X509_get_pubkey(x);
393 switch (EVP_PKEY_cmp(xk, k)) 399 if (xk->type != k->type)
400 {
401 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH);
402 goto err;
403 }
404 switch (k->type)
394 { 405 {
395 case 1: 406#ifndef OPENSSL_NO_RSA
396 ok=1; 407 case EVP_PKEY_RSA:
408 if (BN_cmp(xk->pkey.rsa->n,k->pkey.rsa->n) != 0
409 || BN_cmp(xk->pkey.rsa->e,k->pkey.rsa->e) != 0)
410 {
411 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH);
412 goto err;
413 }
397 break; 414 break;
398 case 0: 415#endif
399 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH); 416#ifndef OPENSSL_NO_DSA
400 break; 417 case EVP_PKEY_DSA:
401 case -1: 418 if (BN_cmp(xk->pkey.dsa->pub_key,k->pkey.dsa->pub_key) != 0)
402 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH); 419 {
420 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH);
421 goto err;
422 }
403 break; 423 break;
404 case -2:
405#ifndef OPENSSL_NO_EC
406 if (k->type == EVP_PKEY_EC)
407 {
408 X509err(X509_F_X509_CHECK_PRIVATE_KEY, ERR_R_EC_LIB);
409 break;
410 }
411#endif 424#endif
412#ifndef OPENSSL_NO_DH 425#ifndef OPENSSL_NO_DH
413 if (k->type == EVP_PKEY_DH) 426 case EVP_PKEY_DH:
414 { 427 /* No idea */
415 /* No idea */ 428 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY);
416 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY); 429 goto err;
417 break;
418 }
419#endif 430#endif
431 default:
420 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE); 432 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE);
433 goto err;
421 } 434 }
422 435
436 ok=1;
437err:
423 EVP_PKEY_free(xk); 438 EVP_PKEY_free(xk);
424 return(ok); 439 return(ok);
425 } 440 }
diff --git a/src/lib/libcrypto/x509/x509_err.c b/src/lib/libcrypto/x509/x509_err.c
index fb377292da..d44d046027 100644
--- a/src/lib/libcrypto/x509/x509_err.c
+++ b/src/lib/libcrypto/x509/x509_err.c
@@ -72,20 +72,18 @@ static ERR_STRING_DATA X509_str_functs[]=
72 { 72 {
73{ERR_FUNC(X509_F_ADD_CERT_DIR), "ADD_CERT_DIR"}, 73{ERR_FUNC(X509_F_ADD_CERT_DIR), "ADD_CERT_DIR"},
74{ERR_FUNC(X509_F_BY_FILE_CTRL), "BY_FILE_CTRL"}, 74{ERR_FUNC(X509_F_BY_FILE_CTRL), "BY_FILE_CTRL"},
75{ERR_FUNC(X509_F_CHECK_POLICY), "CHECK_POLICY"},
76{ERR_FUNC(X509_F_DIR_CTRL), "DIR_CTRL"}, 75{ERR_FUNC(X509_F_DIR_CTRL), "DIR_CTRL"},
77{ERR_FUNC(X509_F_GET_CERT_BY_SUBJECT), "GET_CERT_BY_SUBJECT"}, 76{ERR_FUNC(X509_F_GET_CERT_BY_SUBJECT), "GET_CERT_BY_SUBJECT"},
78{ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_DECODE), "NETSCAPE_SPKI_b64_decode"}, 77{ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_DECODE), "NETSCAPE_SPKI_b64_decode"},
79{ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_ENCODE), "NETSCAPE_SPKI_b64_encode"}, 78{ERR_FUNC(X509_F_NETSCAPE_SPKI_B64_ENCODE), "NETSCAPE_SPKI_b64_encode"},
80{ERR_FUNC(X509_F_X509AT_ADD1_ATTR), "X509at_add1_attr"},
81{ERR_FUNC(X509_F_X509V3_ADD_EXT), "X509v3_add_ext"}, 79{ERR_FUNC(X509_F_X509V3_ADD_EXT), "X509v3_add_ext"},
80{ERR_FUNC(X509_F_X509_ADD_ATTR), "X509_ADD_ATTR"},
82{ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_NID), "X509_ATTRIBUTE_create_by_NID"}, 81{ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_NID), "X509_ATTRIBUTE_create_by_NID"},
83{ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ), "X509_ATTRIBUTE_create_by_OBJ"}, 82{ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_OBJ), "X509_ATTRIBUTE_create_by_OBJ"},
84{ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT), "X509_ATTRIBUTE_create_by_txt"}, 83{ERR_FUNC(X509_F_X509_ATTRIBUTE_CREATE_BY_TXT), "X509_ATTRIBUTE_create_by_txt"},
85{ERR_FUNC(X509_F_X509_ATTRIBUTE_GET0_DATA), "X509_ATTRIBUTE_get0_data"}, 84{ERR_FUNC(X509_F_X509_ATTRIBUTE_GET0_DATA), "X509_ATTRIBUTE_get0_data"},
86{ERR_FUNC(X509_F_X509_ATTRIBUTE_SET1_DATA), "X509_ATTRIBUTE_set1_data"}, 85{ERR_FUNC(X509_F_X509_ATTRIBUTE_SET1_DATA), "X509_ATTRIBUTE_set1_data"},
87{ERR_FUNC(X509_F_X509_CHECK_PRIVATE_KEY), "X509_check_private_key"}, 86{ERR_FUNC(X509_F_X509_CHECK_PRIVATE_KEY), "X509_check_private_key"},
88{ERR_FUNC(X509_F_X509_CRL_PRINT_FP), "X509_CRL_print_fp"},
89{ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_NID), "X509_EXTENSION_create_by_NID"}, 87{ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_NID), "X509_EXTENSION_create_by_NID"},
90{ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_OBJ), "X509_EXTENSION_create_by_OBJ"}, 88{ERR_FUNC(X509_F_X509_EXTENSION_CREATE_BY_OBJ), "X509_EXTENSION_create_by_OBJ"},
91{ERR_FUNC(X509_F_X509_GET_PUBKEY_PARAMETERS), "X509_get_pubkey_parameters"}, 89{ERR_FUNC(X509_F_X509_GET_PUBKEY_PARAMETERS), "X509_get_pubkey_parameters"},
@@ -98,16 +96,14 @@ static ERR_STRING_DATA X509_str_functs[]=
98{ERR_FUNC(X509_F_X509_NAME_ENTRY_SET_OBJECT), "X509_NAME_ENTRY_set_object"}, 96{ERR_FUNC(X509_F_X509_NAME_ENTRY_SET_OBJECT), "X509_NAME_ENTRY_set_object"},
99{ERR_FUNC(X509_F_X509_NAME_ONELINE), "X509_NAME_oneline"}, 97{ERR_FUNC(X509_F_X509_NAME_ONELINE), "X509_NAME_oneline"},
100{ERR_FUNC(X509_F_X509_NAME_PRINT), "X509_NAME_print"}, 98{ERR_FUNC(X509_F_X509_NAME_PRINT), "X509_NAME_print"},
101{ERR_FUNC(X509_F_X509_PRINT_EX_FP), "X509_print_ex_fp"}, 99{ERR_FUNC(X509_F_X509_PRINT_FP), "X509_print_fp"},
102{ERR_FUNC(X509_F_X509_PUBKEY_GET), "X509_PUBKEY_get"}, 100{ERR_FUNC(X509_F_X509_PUBKEY_GET), "X509_PUBKEY_get"},
103{ERR_FUNC(X509_F_X509_PUBKEY_SET), "X509_PUBKEY_set"}, 101{ERR_FUNC(X509_F_X509_PUBKEY_SET), "X509_PUBKEY_set"},
104{ERR_FUNC(X509_F_X509_REQ_CHECK_PRIVATE_KEY), "X509_REQ_check_private_key"}, 102{ERR_FUNC(X509_F_X509_REQ_PRINT), "X509_REQ_print"},
105{ERR_FUNC(X509_F_X509_REQ_PRINT_EX), "X509_REQ_print_ex"},
106{ERR_FUNC(X509_F_X509_REQ_PRINT_FP), "X509_REQ_print_fp"}, 103{ERR_FUNC(X509_F_X509_REQ_PRINT_FP), "X509_REQ_print_fp"},
107{ERR_FUNC(X509_F_X509_REQ_TO_X509), "X509_REQ_to_X509"}, 104{ERR_FUNC(X509_F_X509_REQ_TO_X509), "X509_REQ_to_X509"},
108{ERR_FUNC(X509_F_X509_STORE_ADD_CERT), "X509_STORE_add_cert"}, 105{ERR_FUNC(X509_F_X509_STORE_ADD_CERT), "X509_STORE_add_cert"},
109{ERR_FUNC(X509_F_X509_STORE_ADD_CRL), "X509_STORE_add_crl"}, 106{ERR_FUNC(X509_F_X509_STORE_ADD_CRL), "X509_STORE_add_crl"},
110{ERR_FUNC(X509_F_X509_STORE_CTX_GET1_ISSUER), "X509_STORE_CTX_get1_issuer"},
111{ERR_FUNC(X509_F_X509_STORE_CTX_INIT), "X509_STORE_CTX_init"}, 107{ERR_FUNC(X509_F_X509_STORE_CTX_INIT), "X509_STORE_CTX_init"},
112{ERR_FUNC(X509_F_X509_STORE_CTX_NEW), "X509_STORE_CTX_new"}, 108{ERR_FUNC(X509_F_X509_STORE_CTX_NEW), "X509_STORE_CTX_new"},
113{ERR_FUNC(X509_F_X509_STORE_CTX_PURPOSE_INHERIT), "X509_STORE_CTX_purpose_inherit"}, 109{ERR_FUNC(X509_F_X509_STORE_CTX_PURPOSE_INHERIT), "X509_STORE_CTX_purpose_inherit"},
@@ -150,12 +146,15 @@ static ERR_STRING_DATA X509_str_reasons[]=
150 146
151void ERR_load_X509_strings(void) 147void ERR_load_X509_strings(void)
152 { 148 {
153#ifndef OPENSSL_NO_ERR 149 static int init=1;
154 150
155 if (ERR_func_error_string(X509_str_functs[0].error) == NULL) 151 if (init)
156 { 152 {
153 init=0;
154#ifndef OPENSSL_NO_ERR
157 ERR_load_strings(0,X509_str_functs); 155 ERR_load_strings(0,X509_str_functs);
158 ERR_load_strings(0,X509_str_reasons); 156 ERR_load_strings(0,X509_str_reasons);
159 }
160#endif 157#endif
158
159 }
161 } 160 }
diff --git a/src/lib/libcrypto/x509/x509_lu.c b/src/lib/libcrypto/x509/x509_lu.c
index cd2cfb6d85..b780dae5e2 100644
--- a/src/lib/libcrypto/x509/x509_lu.c
+++ b/src/lib/libcrypto/x509/x509_lu.c
@@ -187,8 +187,10 @@ X509_STORE *X509_STORE_new(void)
187 ret->verify=0; 187 ret->verify=0;
188 ret->verify_cb=0; 188 ret->verify_cb=0;
189 189
190 if ((ret->param = X509_VERIFY_PARAM_new()) == NULL) 190 ret->purpose = 0;
191 return NULL; 191 ret->trust = 0;
192
193 ret->flags = 0;
192 194
193 ret->get_issuer = 0; 195 ret->get_issuer = 0;
194 ret->check_issued = 0; 196 ret->check_issued = 0;
@@ -200,6 +202,7 @@ X509_STORE *X509_STORE_new(void)
200 202
201 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data); 203 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data);
202 ret->references=1; 204 ret->references=1;
205 ret->depth=0;
203 return ret; 206 return ret;
204 } 207 }
205 208
@@ -241,8 +244,6 @@ void X509_STORE_free(X509_STORE *vfy)
241 sk_X509_OBJECT_pop_free(vfy->objs, cleanup); 244 sk_X509_OBJECT_pop_free(vfy->objs, cleanup);
242 245
243 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE, vfy, &vfy->ex_data); 246 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE, vfy, &vfy->ex_data);
244 if (vfy->param)
245 X509_VERIFY_PARAM_free(vfy->param);
246 OPENSSL_free(vfy); 247 OPENSSL_free(vfy);
247 } 248 }
248 249
@@ -497,7 +498,7 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
497 if (ok == X509_LU_RETRY) 498 if (ok == X509_LU_RETRY)
498 { 499 {
499 X509_OBJECT_free_contents(&obj); 500 X509_OBJECT_free_contents(&obj);
500 X509err(X509_F_X509_STORE_CTX_GET1_ISSUER,X509_R_SHOULD_RETRY); 501 X509err(X509_F_X509_VERIFY_CERT,X509_R_SHOULD_RETRY);
501 return -1; 502 return -1;
502 } 503 }
503 else if (ok != X509_LU_FAIL) 504 else if (ok != X509_LU_FAIL)
@@ -537,30 +538,19 @@ int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
537 return 0; 538 return 0;
538} 539}
539 540
540int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags) 541void X509_STORE_set_flags(X509_STORE *ctx, long flags)
541 { 542 {
542 return X509_VERIFY_PARAM_set_flags(ctx->param, flags); 543 ctx->flags |= flags;
543 }
544
545int X509_STORE_set_depth(X509_STORE *ctx, int depth)
546 {
547 X509_VERIFY_PARAM_set_depth(ctx->param, depth);
548 return 1;
549 } 544 }
550 545
551int X509_STORE_set_purpose(X509_STORE *ctx, int purpose) 546int X509_STORE_set_purpose(X509_STORE *ctx, int purpose)
552 { 547 {
553 return X509_VERIFY_PARAM_set_purpose(ctx->param, purpose); 548 return X509_PURPOSE_set(&ctx->purpose, purpose);
554 } 549 }
555 550
556int X509_STORE_set_trust(X509_STORE *ctx, int trust) 551int X509_STORE_set_trust(X509_STORE *ctx, int trust)
557 { 552 {
558 return X509_VERIFY_PARAM_set_trust(ctx->param, trust); 553 return X509_TRUST_set(&ctx->trust, trust);
559 }
560
561int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *param)
562 {
563 return X509_VERIFY_PARAM_set1(ctx->param, param);
564 } 554 }
565 555
566IMPLEMENT_STACK_OF(X509_LOOKUP) 556IMPLEMENT_STACK_OF(X509_LOOKUP)
diff --git a/src/lib/libcrypto/x509/x509_r2x.c b/src/lib/libcrypto/x509/x509_r2x.c
index 254a14693d..fb8a78dabe 100644
--- a/src/lib/libcrypto/x509/x509_r2x.c
+++ b/src/lib/libcrypto/x509/x509_r2x.c
@@ -89,10 +89,8 @@ X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
89 } 89 }
90 90
91 xn=X509_REQ_get_subject_name(r); 91 xn=X509_REQ_get_subject_name(r);
92 if (X509_set_subject_name(ret,X509_NAME_dup(xn)) == 0) 92 X509_set_subject_name(ret,X509_NAME_dup(xn));
93 goto err; 93 X509_set_issuer_name(ret,X509_NAME_dup(xn));
94 if (X509_set_issuer_name(ret,X509_NAME_dup(xn)) == 0)
95 goto err;
96 94
97 if (X509_gmtime_adj(xi->validity->notBefore,0) == NULL) 95 if (X509_gmtime_adj(xi->validity->notBefore,0) == NULL)
98 goto err; 96 goto err;
diff --git a/src/lib/libcrypto/x509/x509_req.c b/src/lib/libcrypto/x509/x509_req.c
index 3872e1fb64..59fc6ca548 100644
--- a/src/lib/libcrypto/x509/x509_req.c
+++ b/src/lib/libcrypto/x509/x509_req.c
@@ -113,46 +113,6 @@ EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req)
113 return(X509_PUBKEY_get(req->req_info->pubkey)); 113 return(X509_PUBKEY_get(req->req_info->pubkey));
114 } 114 }
115 115
116int X509_REQ_check_private_key(X509_REQ *x, EVP_PKEY *k)
117 {
118 EVP_PKEY *xk=NULL;
119 int ok=0;
120
121 xk=X509_REQ_get_pubkey(x);
122 switch (EVP_PKEY_cmp(xk, k))
123 {
124 case 1:
125 ok=1;
126 break;
127 case 0:
128 X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH);
129 break;
130 case -1:
131 X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH);
132 break;
133 case -2:
134#ifndef OPENSSL_NO_EC
135 if (k->type == EVP_PKEY_EC)
136 {
137 X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY, ERR_R_EC_LIB);
138 break;
139 }
140#endif
141#ifndef OPENSSL_NO_DH
142 if (k->type == EVP_PKEY_DH)
143 {
144 /* No idea */
145 X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY);
146 break;
147 }
148#endif
149 X509err(X509_F_X509_REQ_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE);
150 }
151
152 EVP_PKEY_free(xk);
153 return(ok);
154 }
155
156/* It seems several organisations had the same idea of including a list of 116/* It seems several organisations had the same idea of including a list of
157 * extensions in a certificate request. There are at least two OIDs that are 117 * extensions in a certificate request. There are at least two OIDs that are
158 * used and there may be more: so the list is configurable. 118 * used and there may be more: so the list is configurable.
@@ -187,7 +147,7 @@ STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req)
187 X509_ATTRIBUTE *attr; 147 X509_ATTRIBUTE *attr;
188 ASN1_TYPE *ext = NULL; 148 ASN1_TYPE *ext = NULL;
189 int idx, *pnid; 149 int idx, *pnid;
190 const unsigned char *p; 150 unsigned char *p;
191 151
192 if ((req == NULL) || (req->req_info == NULL) || !ext_nids) 152 if ((req == NULL) || (req->req_info == NULL) || !ext_nids)
193 return(NULL); 153 return(NULL);
@@ -209,7 +169,7 @@ STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req)
209 ext->value.sequence->length, 169 ext->value.sequence->length,
210 d2i_X509_EXTENSION, X509_EXTENSION_free, 170 d2i_X509_EXTENSION, X509_EXTENSION_free,
211 V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); 171 V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
212} 172 }
213 173
214/* Add a STACK_OF extensions to a certificate request: allow alternative OIDs 174/* Add a STACK_OF extensions to a certificate request: allow alternative OIDs
215 * in case we want to create a non standard one. 175 * in case we want to create a non standard one.
@@ -242,11 +202,6 @@ int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts,
242 at = NULL; 202 at = NULL;
243 attr->single = 0; 203 attr->single = 0;
244 attr->object = OBJ_nid2obj(nid); 204 attr->object = OBJ_nid2obj(nid);
245 if (!req->req_info->attributes)
246 {
247 if (!(req->req_info->attributes = sk_X509_ATTRIBUTE_new_null()))
248 goto err;
249 }
250 if(!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr)) goto err; 205 if(!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr)) goto err;
251 return 1; 206 return 1;
252 err: 207 err:
diff --git a/src/lib/libcrypto/x509/x509_trs.c b/src/lib/libcrypto/x509/x509_trs.c
index 9c84a59d52..881252608d 100644
--- a/src/lib/libcrypto/x509/x509_trs.c
+++ b/src/lib/libcrypto/x509/x509_trs.c
@@ -128,7 +128,7 @@ int X509_TRUST_get_count(void)
128X509_TRUST * X509_TRUST_get0(int idx) 128X509_TRUST * X509_TRUST_get0(int idx)
129{ 129{
130 if(idx < 0) return NULL; 130 if(idx < 0) return NULL;
131 if(idx < (int)X509_TRUST_COUNT) return trstandard + idx; 131 if(idx < X509_TRUST_COUNT) return trstandard + idx;
132 return sk_X509_TRUST_value(trtable, idx - X509_TRUST_COUNT); 132 return sk_X509_TRUST_value(trtable, idx - X509_TRUST_COUNT);
133} 133}
134 134
@@ -219,7 +219,7 @@ static void trtable_free(X509_TRUST *p)
219 219
220void X509_TRUST_cleanup(void) 220void X509_TRUST_cleanup(void)
221{ 221{
222 unsigned int i; 222 int i;
223 for(i = 0; i < X509_TRUST_COUNT; i++) trtable_free(trstandard + i); 223 for(i = 0; i < X509_TRUST_COUNT; i++) trtable_free(trstandard + i);
224 sk_X509_TRUST_pop_free(trtable, trtable_free); 224 sk_X509_TRUST_pop_free(trtable, trtable_free);
225 trtable = NULL; 225 trtable = NULL;
diff --git a/src/lib/libcrypto/x509/x509_txt.c b/src/lib/libcrypto/x509/x509_txt.c
index 73a8ec726f..f19e66a238 100644
--- a/src/lib/libcrypto/x509/x509_txt.c
+++ b/src/lib/libcrypto/x509/x509_txt.c
@@ -129,7 +129,7 @@ const char *X509_verify_cert_error_string(long n)
129 case X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED: 129 case X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED:
130 return("proxy path length constraint exceeded"); 130 return("proxy path length constraint exceeded");
131 case X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED: 131 case X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED:
132 return("proxy certificates not allowed, please set the appropriate flag"); 132 return("proxy cerificates not allowed, please set the appropriate flag");
133 case X509_V_ERR_INVALID_PURPOSE: 133 case X509_V_ERR_INVALID_PURPOSE:
134 return ("unsupported certificate purpose"); 134 return ("unsupported certificate purpose");
135 case X509_V_ERR_CERT_UNTRUSTED: 135 case X509_V_ERR_CERT_UNTRUSTED:
@@ -156,14 +156,6 @@ const char *X509_verify_cert_error_string(long n)
156 return("key usage does not include digital signature"); 156 return("key usage does not include digital signature");
157 case X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION: 157 case X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION:
158 return("unhandled critical CRL extension"); 158 return("unhandled critical CRL extension");
159 case X509_V_ERR_INVALID_EXTENSION:
160 return("invalid or inconsistent certificate extension");
161 case X509_V_ERR_INVALID_POLICY_EXTENSION:
162 return("invalid or inconsistent certificate policy extension");
163 case X509_V_ERR_NO_EXPLICIT_POLICY:
164 return("no explicit policy");
165 case X509_V_ERR_UNNESTED_RESOURCE:
166 return("RFC 3779 resource not subset of parent's resources");
167 default: 159 default:
168 BIO_snprintf(buf,sizeof buf,"error number %ld",n); 160 BIO_snprintf(buf,sizeof buf,"error number %ld",n);
169 return(buf); 161 return(buf);
diff --git a/src/lib/libcrypto/x509/x509_v3.c b/src/lib/libcrypto/x509/x509_v3.c
index 42e6f0ab05..67b1796a92 100644
--- a/src/lib/libcrypto/x509/x509_v3.c
+++ b/src/lib/libcrypto/x509/x509_v3.c
@@ -147,13 +147,7 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
147 int n; 147 int n;
148 STACK_OF(X509_EXTENSION) *sk=NULL; 148 STACK_OF(X509_EXTENSION) *sk=NULL;
149 149
150 if (x == NULL) 150 if ((x != NULL) && (*x == NULL))
151 {
152 X509err(X509_F_X509V3_ADD_EXT,ERR_R_PASSED_NULL_PARAMETER);
153 goto err2;
154 }
155
156 if (*x == NULL)
157 { 151 {
158 if ((sk=sk_X509_EXTENSION_new_null()) == NULL) 152 if ((sk=sk_X509_EXTENSION_new_null()) == NULL)
159 goto err; 153 goto err;
@@ -169,7 +163,7 @@ STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
169 goto err2; 163 goto err2;
170 if (!sk_X509_EXTENSION_insert(sk,new_ex,loc)) 164 if (!sk_X509_EXTENSION_insert(sk,new_ex,loc))
171 goto err; 165 goto err;
172 if (*x == NULL) 166 if ((x != NULL) && (*x == NULL))
173 *x=sk; 167 *x=sk;
174 return(sk); 168 return(sk);
175err: 169err:
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c
index 9a62ebcf67..383e082aba 100644
--- a/src/lib/libcrypto/x509/x509_vfy.c
+++ b/src/lib/libcrypto/x509/x509_vfy.c
@@ -77,9 +77,8 @@ static int check_chain_extensions(X509_STORE_CTX *ctx);
77static int check_trust(X509_STORE_CTX *ctx); 77static int check_trust(X509_STORE_CTX *ctx);
78static int check_revocation(X509_STORE_CTX *ctx); 78static int check_revocation(X509_STORE_CTX *ctx);
79static int check_cert(X509_STORE_CTX *ctx); 79static int check_cert(X509_STORE_CTX *ctx);
80static int check_policy(X509_STORE_CTX *ctx);
81static int internal_verify(X509_STORE_CTX *ctx); 80static int internal_verify(X509_STORE_CTX *ctx);
82const char X509_version[]="X.509" OPENSSL_VERSION_PTEXT; 81const char *X509_version="X.509" OPENSSL_VERSION_PTEXT;
83 82
84 83
85static int null_callback(int ok, X509_STORE_CTX *e) 84static int null_callback(int ok, X509_STORE_CTX *e)
@@ -98,12 +97,11 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
98 { 97 {
99 X509 *x,*xtmp,*chain_ss=NULL; 98 X509 *x,*xtmp,*chain_ss=NULL;
100 X509_NAME *xn; 99 X509_NAME *xn;
101 int bad_chain = 0;
102 X509_VERIFY_PARAM *param = ctx->param;
103 int depth,i,ok=0; 100 int depth,i,ok=0;
104 int num; 101 int num;
105 int (*cb)(int xok,X509_STORE_CTX *xctx); 102 int (*cb)();
106 STACK_OF(X509) *sktmp=NULL; 103 STACK_OF(X509) *sktmp=NULL;
104
107 if (ctx->cert == NULL) 105 if (ctx->cert == NULL)
108 { 106 {
109 X509err(X509_F_X509_VERIFY_CERT,X509_R_NO_CERT_SET_FOR_US_TO_VERIFY); 107 X509err(X509_F_X509_VERIFY_CERT,X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
@@ -136,7 +134,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
136 134
137 num=sk_X509_num(ctx->chain); 135 num=sk_X509_num(ctx->chain);
138 x=sk_X509_value(ctx->chain,num-1); 136 x=sk_X509_value(ctx->chain,num-1);
139 depth=param->depth; 137 depth=ctx->depth;
140 138
141 139
142 for (;;) 140 for (;;)
@@ -164,7 +162,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
164 goto end; 162 goto end;
165 } 163 }
166 CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509); 164 CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509);
167 (void)sk_X509_delete_ptr(sktmp,xtmp); 165 sk_X509_delete_ptr(sktmp,xtmp);
168 ctx->last_untrusted++; 166 ctx->last_untrusted++;
169 x=xtmp; 167 x=xtmp;
170 num++; 168 num++;
@@ -203,7 +201,6 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
203 ctx->current_cert=x; 201 ctx->current_cert=x;
204 ctx->error_depth=i-1; 202 ctx->error_depth=i-1;
205 if (ok == 1) X509_free(xtmp); 203 if (ok == 1) X509_free(xtmp);
206 bad_chain = 1;
207 ok=cb(0,ctx); 204 ok=cb(0,ctx);
208 if (!ok) goto end; 205 if (!ok) goto end;
209 } 206 }
@@ -214,7 +211,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
214 */ 211 */
215 X509_free(x); 212 X509_free(x);
216 x = xtmp; 213 x = xtmp;
217 (void)sk_X509_set(ctx->chain, i - 1, x); 214 sk_X509_set(ctx->chain, i - 1, x);
218 ctx->last_untrusted=0; 215 ctx->last_untrusted=0;
219 } 216 }
220 } 217 }
@@ -279,7 +276,6 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
279 } 276 }
280 277
281 ctx->error_depth=num-1; 278 ctx->error_depth=num-1;
282 bad_chain = 1;
283 ok=cb(0,ctx); 279 ok=cb(0,ctx);
284 if (!ok) goto end; 280 if (!ok) goto end;
285 } 281 }
@@ -291,7 +287,7 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
291 287
292 /* The chain extensions are OK: check trust */ 288 /* The chain extensions are OK: check trust */
293 289
294 if (param->trust > 0) ok = check_trust(ctx); 290 if (ctx->trust > 0) ok = check_trust(ctx);
295 291
296 if (!ok) goto end; 292 if (!ok) goto end;
297 293
@@ -305,25 +301,11 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
305 ok = ctx->check_revocation(ctx); 301 ok = ctx->check_revocation(ctx);
306 if(!ok) goto end; 302 if(!ok) goto end;
307 303
308 /* At this point, we have a chain and need to verify it */ 304 /* At this point, we have a chain and just need to verify it */
309 if (ctx->verify != NULL) 305 if (ctx->verify != NULL)
310 ok=ctx->verify(ctx); 306 ok=ctx->verify(ctx);
311 else 307 else
312 ok=internal_verify(ctx); 308 ok=internal_verify(ctx);
313 if(!ok) goto end;
314
315#ifndef OPENSSL_NO_RFC3779
316 /* RFC 3779 path validation, now that CRL check has been done */
317 ok = v3_asid_validate_path(ctx);
318 if (!ok) goto end;
319 ok = v3_addr_validate_path(ctx);
320 if (!ok) goto end;
321#endif
322
323 /* If we get this far evaluate policies */
324 if (!bad_chain && (ctx->param->flags & X509_V_FLAG_POLICY_CHECK))
325 ok = ctx->check_policy(ctx);
326 if(!ok) goto end;
327 if (0) 309 if (0)
328 { 310 {
329end: 311end:
@@ -360,7 +342,7 @@ static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer)
360 if (ret == X509_V_OK) 342 if (ret == X509_V_OK)
361 return 1; 343 return 1;
362 /* If we haven't asked for issuer errors don't set ctx */ 344 /* If we haven't asked for issuer errors don't set ctx */
363 if (!(ctx->param->flags & X509_V_FLAG_CB_ISSUER_CHECK)) 345 if (!(ctx->flags & X509_V_FLAG_CB_ISSUER_CHECK))
364 return 0; 346 return 0;
365 347
366 ctx->error = ret; 348 ctx->error = ret;
@@ -383,7 +365,7 @@ static int get_issuer_sk(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
383 else 365 else
384 return 0; 366 return 0;
385} 367}
386 368
387 369
388/* Check a certificate chains extensions for consistency 370/* Check a certificate chains extensions for consistency
389 * with the supplied purpose 371 * with the supplied purpose
@@ -396,10 +378,9 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
396#else 378#else
397 int i, ok=0, must_be_ca; 379 int i, ok=0, must_be_ca;
398 X509 *x; 380 X509 *x;
399 int (*cb)(int xok,X509_STORE_CTX *xctx); 381 int (*cb)();
400 int proxy_path_length = 0; 382 int proxy_path_length = 0;
401 int allow_proxy_certs = 383 int allow_proxy_certs = !!(ctx->flags & X509_V_FLAG_ALLOW_PROXY_CERTS);
402 !!(ctx->param->flags & X509_V_FLAG_ALLOW_PROXY_CERTS);
403 cb=ctx->verify_cb; 384 cb=ctx->verify_cb;
404 385
405 /* must_be_ca can have 1 of 3 values: 386 /* must_be_ca can have 1 of 3 values:
@@ -422,7 +403,7 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
422 { 403 {
423 int ret; 404 int ret;
424 x = sk_X509_value(ctx->chain, i); 405 x = sk_X509_value(ctx->chain, i);
425 if (!(ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL) 406 if (!(ctx->flags & X509_V_FLAG_IGNORE_CRITICAL)
426 && (x->ex_flags & EXFLAG_CRITICAL)) 407 && (x->ex_flags & EXFLAG_CRITICAL))
427 { 408 {
428 ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION; 409 ctx->error = X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION;
@@ -443,7 +424,7 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
443 switch(must_be_ca) 424 switch(must_be_ca)
444 { 425 {
445 case -1: 426 case -1:
446 if ((ctx->param->flags & X509_V_FLAG_X509_STRICT) 427 if ((ctx->flags & X509_V_FLAG_X509_STRICT)
447 && (ret != 1) && (ret != 0)) 428 && (ret != 1) && (ret != 0))
448 { 429 {
449 ret = 0; 430 ret = 0;
@@ -463,7 +444,7 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
463 break; 444 break;
464 default: 445 default:
465 if ((ret == 0) 446 if ((ret == 0)
466 || ((ctx->param->flags & X509_V_FLAG_X509_STRICT) 447 || ((ctx->flags & X509_V_FLAG_X509_STRICT)
467 && (ret != 1))) 448 && (ret != 1)))
468 { 449 {
469 ret = 0; 450 ret = 0;
@@ -480,12 +461,12 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
480 ok=cb(0,ctx); 461 ok=cb(0,ctx);
481 if (!ok) goto end; 462 if (!ok) goto end;
482 } 463 }
483 if (ctx->param->purpose > 0) 464 if (ctx->purpose > 0)
484 { 465 {
485 ret = X509_check_purpose(x, ctx->param->purpose, 466 ret = X509_check_purpose(x, ctx->purpose,
486 must_be_ca > 0); 467 must_be_ca > 0);
487 if ((ret == 0) 468 if ((ret == 0)
488 || ((ctx->param->flags & X509_V_FLAG_X509_STRICT) 469 || ((ctx->flags & X509_V_FLAG_X509_STRICT)
489 && (ret != 1))) 470 && (ret != 1)))
490 { 471 {
491 ctx->error = X509_V_ERR_INVALID_PURPOSE; 472 ctx->error = X509_V_ERR_INVALID_PURPOSE;
@@ -511,15 +492,21 @@ static int check_chain_extensions(X509_STORE_CTX *ctx)
511 CA certificate. */ 492 CA certificate. */
512 if (x->ex_flags & EXFLAG_PROXY) 493 if (x->ex_flags & EXFLAG_PROXY)
513 { 494 {
514 if (x->ex_pcpathlen != -1 && i > x->ex_pcpathlen) 495 PROXY_CERT_INFO_EXTENSION *pci =
496 X509_get_ext_d2i(x, NID_proxyCertInfo,
497 NULL, NULL);
498 if (pci->pcPathLengthConstraint &&
499 ASN1_INTEGER_get(pci->pcPathLengthConstraint)
500 < i)
515 { 501 {
516 ctx->error = 502 PROXY_CERT_INFO_EXTENSION_free(pci);
517 X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED; 503 ctx->error = X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED;
518 ctx->error_depth = i; 504 ctx->error_depth = i;
519 ctx->current_cert = x; 505 ctx->current_cert = x;
520 ok=cb(0,ctx); 506 ok=cb(0,ctx);
521 if (!ok) goto end; 507 if (!ok) goto end;
522 } 508 }
509 PROXY_CERT_INFO_EXTENSION_free(pci);
523 proxy_path_length++; 510 proxy_path_length++;
524 must_be_ca = 0; 511 must_be_ca = 0;
525 } 512 }
@@ -539,12 +526,12 @@ static int check_trust(X509_STORE_CTX *ctx)
539#else 526#else
540 int i, ok; 527 int i, ok;
541 X509 *x; 528 X509 *x;
542 int (*cb)(int xok,X509_STORE_CTX *xctx); 529 int (*cb)();
543 cb=ctx->verify_cb; 530 cb=ctx->verify_cb;
544/* For now just check the last certificate in the chain */ 531/* For now just check the last certificate in the chain */
545 i = sk_X509_num(ctx->chain) - 1; 532 i = sk_X509_num(ctx->chain) - 1;
546 x = sk_X509_value(ctx->chain, i); 533 x = sk_X509_value(ctx->chain, i);
547 ok = X509_check_trust(x, ctx->param->trust, 0); 534 ok = X509_check_trust(x, ctx->trust, 0);
548 if (ok == X509_TRUST_TRUSTED) 535 if (ok == X509_TRUST_TRUSTED)
549 return 1; 536 return 1;
550 ctx->error_depth = i; 537 ctx->error_depth = i;
@@ -561,9 +548,9 @@ static int check_trust(X509_STORE_CTX *ctx)
561static int check_revocation(X509_STORE_CTX *ctx) 548static int check_revocation(X509_STORE_CTX *ctx)
562 { 549 {
563 int i, last, ok; 550 int i, last, ok;
564 if (!(ctx->param->flags & X509_V_FLAG_CRL_CHECK)) 551 if (!(ctx->flags & X509_V_FLAG_CRL_CHECK))
565 return 1; 552 return 1;
566 if (ctx->param->flags & X509_V_FLAG_CRL_CHECK_ALL) 553 if (ctx->flags & X509_V_FLAG_CRL_CHECK_ALL)
567 last = sk_X509_num(ctx->chain) - 1; 554 last = sk_X509_num(ctx->chain) - 1;
568 else 555 else
569 last = 0; 556 last = 0;
@@ -606,124 +593,17 @@ static int check_cert(X509_STORE_CTX *ctx)
606 593
607 } 594 }
608 595
609/* Check CRL times against values in X509_STORE_CTX */
610
611static int check_crl_time(X509_STORE_CTX *ctx, X509_CRL *crl, int notify)
612 {
613 time_t *ptime;
614 int i;
615 ctx->current_crl = crl;
616 if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
617 ptime = &ctx->param->check_time;
618 else
619 ptime = NULL;
620
621 i=X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime);
622 if (i == 0)
623 {
624 ctx->error=X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD;
625 if (!notify || !ctx->verify_cb(0, ctx))
626 return 0;
627 }
628
629 if (i > 0)
630 {
631 ctx->error=X509_V_ERR_CRL_NOT_YET_VALID;
632 if (!notify || !ctx->verify_cb(0, ctx))
633 return 0;
634 }
635
636 if(X509_CRL_get_nextUpdate(crl))
637 {
638 i=X509_cmp_time(X509_CRL_get_nextUpdate(crl), ptime);
639
640 if (i == 0)
641 {
642 ctx->error=X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD;
643 if (!notify || !ctx->verify_cb(0, ctx))
644 return 0;
645 }
646
647 if (i < 0)
648 {
649 ctx->error=X509_V_ERR_CRL_HAS_EXPIRED;
650 if (!notify || !ctx->verify_cb(0, ctx))
651 return 0;
652 }
653 }
654
655 ctx->current_crl = NULL;
656
657 return 1;
658 }
659
660/* Lookup CRLs from the supplied list. Look for matching isser name
661 * and validity. If we can't find a valid CRL return the last one
662 * with matching name. This gives more meaningful error codes. Otherwise
663 * we'd get a CRL not found error if a CRL existed with matching name but
664 * was invalid.
665 */
666
667static int get_crl_sk(X509_STORE_CTX *ctx, X509_CRL **pcrl,
668 X509_NAME *nm, STACK_OF(X509_CRL) *crls)
669 {
670 int i;
671 X509_CRL *crl, *best_crl = NULL;
672 for (i = 0; i < sk_X509_CRL_num(crls); i++)
673 {
674 crl = sk_X509_CRL_value(crls, i);
675 if (X509_NAME_cmp(nm, X509_CRL_get_issuer(crl)))
676 continue;
677 if (check_crl_time(ctx, crl, 0))
678 {
679 *pcrl = crl;
680 CRYPTO_add(&crl->references, 1, CRYPTO_LOCK_X509);
681 return 1;
682 }
683 best_crl = crl;
684 }
685 if (best_crl)
686 {
687 *pcrl = best_crl;
688 CRYPTO_add(&best_crl->references, 1, CRYPTO_LOCK_X509);
689 }
690
691 return 0;
692 }
693
694/* Retrieve CRL corresponding to certificate: currently just a 596/* Retrieve CRL corresponding to certificate: currently just a
695 * subject lookup: maybe use AKID later... 597 * subject lookup: maybe use AKID later...
598 * Also might look up any included CRLs too (e.g PKCS#7 signedData).
696 */ 599 */
697static int get_crl(X509_STORE_CTX *ctx, X509_CRL **pcrl, X509 *x) 600static int get_crl(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x)
698 { 601 {
699 int ok; 602 int ok;
700 X509_CRL *crl = NULL;
701 X509_OBJECT xobj; 603 X509_OBJECT xobj;
702 X509_NAME *nm; 604 ok = X509_STORE_get_by_subject(ctx, X509_LU_CRL, X509_get_issuer_name(x), &xobj);
703 nm = X509_get_issuer_name(x); 605 if (!ok) return 0;
704 ok = get_crl_sk(ctx, &crl, nm, ctx->crls); 606 *crl = xobj.data.crl;
705 if (ok)
706 {
707 *pcrl = crl;
708 return 1;
709 }
710
711 ok = X509_STORE_get_by_subject(ctx, X509_LU_CRL, nm, &xobj);
712
713 if (!ok)
714 {
715 /* If we got a near match from get_crl_sk use that */
716 if (crl)
717 {
718 *pcrl = crl;
719 return 1;
720 }
721 return 0;
722 }
723
724 *pcrl = xobj.data.crl;
725 if (crl)
726 X509_CRL_free(crl);
727 return 1; 607 return 1;
728 } 608 }
729 609
@@ -732,7 +612,8 @@ static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl)
732 { 612 {
733 X509 *issuer = NULL; 613 X509 *issuer = NULL;
734 EVP_PKEY *ikey = NULL; 614 EVP_PKEY *ikey = NULL;
735 int ok = 0, chnum, cnum; 615 int ok = 0, chnum, cnum, i;
616 time_t *ptime;
736 cnum = ctx->error_depth; 617 cnum = ctx->error_depth;
737 chnum = sk_X509_num(ctx->chain) - 1; 618 chnum = sk_X509_num(ctx->chain) - 1;
738 /* Find CRL issuer: if not last certificate then issuer 619 /* Find CRL issuer: if not last certificate then issuer
@@ -784,9 +665,45 @@ static int check_crl(X509_STORE_CTX *ctx, X509_CRL *crl)
784 } 665 }
785 } 666 }
786 667
787 ok = check_crl_time(ctx, crl, 1); 668 /* OK, CRL signature valid check times */
788 if (!ok) 669 if (ctx->flags & X509_V_FLAG_USE_CHECK_TIME)
789 goto err; 670 ptime = &ctx->check_time;
671 else
672 ptime = NULL;
673
674 i=X509_cmp_time(X509_CRL_get_lastUpdate(crl), ptime);
675 if (i == 0)
676 {
677 ctx->error=X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD;
678 ok = ctx->verify_cb(0, ctx);
679 if (!ok) goto err;
680 }
681
682 if (i > 0)
683 {
684 ctx->error=X509_V_ERR_CRL_NOT_YET_VALID;
685 ok = ctx->verify_cb(0, ctx);
686 if (!ok) goto err;
687 }
688
689 if(X509_CRL_get_nextUpdate(crl))
690 {
691 i=X509_cmp_time(X509_CRL_get_nextUpdate(crl), ptime);
692
693 if (i == 0)
694 {
695 ctx->error=X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD;
696 ok = ctx->verify_cb(0, ctx);
697 if (!ok) goto err;
698 }
699
700 if (i < 0)
701 {
702 ctx->error=X509_V_ERR_CRL_HAS_EXPIRED;
703 ok = ctx->verify_cb(0, ctx);
704 if (!ok) goto err;
705 }
706 }
790 707
791 ok = 1; 708 ok = 1;
792 709
@@ -824,7 +741,7 @@ static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x)
824 if (!ok) return 0; 741 if (!ok) return 0;
825 } 742 }
826 743
827 if (ctx->param->flags & X509_V_FLAG_IGNORE_CRITICAL) 744 if (ctx->flags & X509_V_FLAG_IGNORE_CRITICAL)
828 return 1; 745 return 1;
829 746
830 /* See if we have any critical CRL extensions: since we 747 /* See if we have any critical CRL extensions: since we
@@ -851,106 +768,13 @@ static int cert_crl(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x)
851 return 1; 768 return 1;
852 } 769 }
853 770
854static int check_policy(X509_STORE_CTX *ctx)
855 {
856 int ret;
857 ret = X509_policy_check(&ctx->tree, &ctx->explicit_policy, ctx->chain,
858 ctx->param->policies, ctx->param->flags);
859 if (ret == 0)
860 {
861 X509err(X509_F_CHECK_POLICY,ERR_R_MALLOC_FAILURE);
862 return 0;
863 }
864 /* Invalid or inconsistent extensions */
865 if (ret == -1)
866 {
867 /* Locate certificates with bad extensions and notify
868 * callback.
869 */
870 X509 *x;
871 int i;
872 for (i = 1; i < sk_X509_num(ctx->chain); i++)
873 {
874 x = sk_X509_value(ctx->chain, i);
875 if (!(x->ex_flags & EXFLAG_INVALID_POLICY))
876 continue;
877 ctx->current_cert = x;
878 ctx->error = X509_V_ERR_INVALID_POLICY_EXTENSION;
879 ret = ctx->verify_cb(0, ctx);
880 }
881 return 1;
882 }
883 if (ret == -2)
884 {
885 ctx->current_cert = NULL;
886 ctx->error = X509_V_ERR_NO_EXPLICIT_POLICY;
887 return ctx->verify_cb(0, ctx);
888 }
889
890 if (ctx->param->flags & X509_V_FLAG_NOTIFY_POLICY)
891 {
892 ctx->current_cert = NULL;
893 ctx->error = X509_V_OK;
894 if (!ctx->verify_cb(2, ctx))
895 return 0;
896 }
897
898 return 1;
899 }
900
901static int check_cert_time(X509_STORE_CTX *ctx, X509 *x)
902 {
903 time_t *ptime;
904 int i;
905
906 if (ctx->param->flags & X509_V_FLAG_USE_CHECK_TIME)
907 ptime = &ctx->param->check_time;
908 else
909 ptime = NULL;
910
911 i=X509_cmp_time(X509_get_notBefore(x), ptime);
912 if (i == 0)
913 {
914 ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD;
915 ctx->current_cert=x;
916 if (!ctx->verify_cb(0, ctx))
917 return 0;
918 }
919
920 if (i > 0)
921 {
922 ctx->error=X509_V_ERR_CERT_NOT_YET_VALID;
923 ctx->current_cert=x;
924 if (!ctx->verify_cb(0, ctx))
925 return 0;
926 }
927
928 i=X509_cmp_time(X509_get_notAfter(x), ptime);
929 if (i == 0)
930 {
931 ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD;
932 ctx->current_cert=x;
933 if (!ctx->verify_cb(0, ctx))
934 return 0;
935 }
936
937 if (i < 0)
938 {
939 ctx->error=X509_V_ERR_CERT_HAS_EXPIRED;
940 ctx->current_cert=x;
941 if (!ctx->verify_cb(0, ctx))
942 return 0;
943 }
944
945 return 1;
946 }
947
948static int internal_verify(X509_STORE_CTX *ctx) 771static int internal_verify(X509_STORE_CTX *ctx)
949 { 772 {
950 int ok=0,n; 773 int i,ok=0,n;
951 X509 *xs,*xi; 774 X509 *xs,*xi;
952 EVP_PKEY *pkey=NULL; 775 EVP_PKEY *pkey=NULL;
953 int (*cb)(int xok,X509_STORE_CTX *xctx); 776 time_t *ptime;
777 int (*cb)();
954 778
955 cb=ctx->verify_cb; 779 cb=ctx->verify_cb;
956 780
@@ -958,7 +782,10 @@ static int internal_verify(X509_STORE_CTX *ctx)
958 ctx->error_depth=n-1; 782 ctx->error_depth=n-1;
959 n--; 783 n--;
960 xi=sk_X509_value(ctx->chain,n); 784 xi=sk_X509_value(ctx->chain,n);
961 785 if (ctx->flags & X509_V_FLAG_USE_CHECK_TIME)
786 ptime = &ctx->check_time;
787 else
788 ptime = NULL;
962 if (ctx->check_issued(ctx, xi, xi)) 789 if (ctx->check_issued(ctx, xi, xi))
963 xs=xi; 790 xs=xi;
964 else 791 else
@@ -1011,13 +838,41 @@ static int internal_verify(X509_STORE_CTX *ctx)
1011 } 838 }
1012 EVP_PKEY_free(pkey); 839 EVP_PKEY_free(pkey);
1013 pkey=NULL; 840 pkey=NULL;
841
842 i=X509_cmp_time(X509_get_notBefore(xs), ptime);
843 if (i == 0)
844 {
845 ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD;
846 ctx->current_cert=xs;
847 ok=(*cb)(0,ctx);
848 if (!ok) goto end;
849 }
850 if (i > 0)
851 {
852 ctx->error=X509_V_ERR_CERT_NOT_YET_VALID;
853 ctx->current_cert=xs;
854 ok=(*cb)(0,ctx);
855 if (!ok) goto end;
856 }
857 xs->valid=1;
1014 } 858 }
1015 859
1016 xs->valid = 1; 860 i=X509_cmp_time(X509_get_notAfter(xs), ptime);
861 if (i == 0)
862 {
863 ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD;
864 ctx->current_cert=xs;
865 ok=(*cb)(0,ctx);
866 if (!ok) goto end;
867 }
1017 868
1018 ok = check_cert_time(ctx, xs); 869 if (i < 0)
1019 if (!ok) 870 {
1020 goto end; 871 ctx->error=X509_V_ERR_CERT_HAS_EXPIRED;
872 ctx->current_cert=xs;
873 ok=(*cb)(0,ctx);
874 if (!ok) goto end;
875 }
1021 876
1022 /* The last error (if any) is still in the error value */ 877 /* The last error (if any) is still in the error value */
1023 ctx->current_issuer=xi; 878 ctx->current_issuer=xi;
@@ -1250,11 +1105,6 @@ void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
1250 ctx->untrusted=sk; 1105 ctx->untrusted=sk;
1251 } 1106 }
1252 1107
1253void X509_STORE_CTX_set0_crls(X509_STORE_CTX *ctx, STACK_OF(X509_CRL) *sk)
1254 {
1255 ctx->crls=sk;
1256 }
1257
1258int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose) 1108int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose)
1259 { 1109 {
1260 return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0); 1110 return X509_STORE_CTX_purpose_inherit(ctx, 0, purpose, 0);
@@ -1318,8 +1168,8 @@ int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
1318 } 1168 }
1319 } 1169 }
1320 1170
1321 if (purpose && !ctx->param->purpose) ctx->param->purpose = purpose; 1171 if (purpose && !ctx->purpose) ctx->purpose = purpose;
1322 if (trust && !ctx->param->trust) ctx->param->trust = trust; 1172 if (trust && !ctx->trust) ctx->trust = trust;
1323 return 1; 1173 return 1;
1324} 1174}
1325 1175
@@ -1345,30 +1195,20 @@ void X509_STORE_CTX_free(X509_STORE_CTX *ctx)
1345int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509, 1195int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
1346 STACK_OF(X509) *chain) 1196 STACK_OF(X509) *chain)
1347 { 1197 {
1348 int ret = 1;
1349 ctx->ctx=store; 1198 ctx->ctx=store;
1350 ctx->current_method=0; 1199 ctx->current_method=0;
1351 ctx->cert=x509; 1200 ctx->cert=x509;
1352 ctx->untrusted=chain; 1201 ctx->untrusted=chain;
1353 ctx->crls = NULL;
1354 ctx->last_untrusted=0; 1202 ctx->last_untrusted=0;
1203 ctx->check_time=0;
1355 ctx->other_ctx=NULL; 1204 ctx->other_ctx=NULL;
1356 ctx->valid=0; 1205 ctx->valid=0;
1357 ctx->chain=NULL; 1206 ctx->chain=NULL;
1207 ctx->depth=9;
1358 ctx->error=0; 1208 ctx->error=0;
1359 ctx->explicit_policy=0;
1360 ctx->error_depth=0; 1209 ctx->error_depth=0;
1361 ctx->current_cert=NULL; 1210 ctx->current_cert=NULL;
1362 ctx->current_issuer=NULL; 1211 ctx->current_issuer=NULL;
1363 ctx->tree = NULL;
1364
1365 ctx->param = X509_VERIFY_PARAM_new();
1366
1367 if (!ctx->param)
1368 {
1369 X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE);
1370 return 0;
1371 }
1372 1212
1373 /* Inherit callbacks and flags from X509_STORE if not set 1213 /* Inherit callbacks and flags from X509_STORE if not set
1374 * use defaults. 1214 * use defaults.
@@ -1376,26 +1216,18 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
1376 1216
1377 1217
1378 if (store) 1218 if (store)
1379 ret = X509_VERIFY_PARAM_inherit(ctx->param, store->param);
1380 else
1381 ctx->param->flags |= X509_VP_FLAG_DEFAULT|X509_VP_FLAG_ONCE;
1382
1383 if (store)
1384 { 1219 {
1385 ctx->verify_cb = store->verify_cb; 1220 ctx->purpose=store->purpose;
1221 ctx->trust=store->trust;
1222 ctx->flags = store->flags;
1386 ctx->cleanup = store->cleanup; 1223 ctx->cleanup = store->cleanup;
1387 } 1224 }
1388 else 1225 else
1389 ctx->cleanup = 0;
1390
1391 if (ret)
1392 ret = X509_VERIFY_PARAM_inherit(ctx->param,
1393 X509_VERIFY_PARAM_lookup("default"));
1394
1395 if (ret == 0)
1396 { 1226 {
1397 X509err(X509_F_X509_STORE_CTX_INIT,ERR_R_MALLOC_FAILURE); 1227 ctx->purpose = 0;
1398 return 0; 1228 ctx->trust = 0;
1229 ctx->flags = 0;
1230 ctx->cleanup = 0;
1399 } 1231 }
1400 1232
1401 if (store && store->check_issued) 1233 if (store && store->check_issued)
@@ -1438,8 +1270,6 @@ int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
1438 else 1270 else
1439 ctx->cert_crl = cert_crl; 1271 ctx->cert_crl = cert_crl;
1440 1272
1441 ctx->check_policy = check_policy;
1442
1443 1273
1444 /* This memset() can't make any sense anyway, so it's removed. As 1274 /* This memset() can't make any sense anyway, so it's removed. As
1445 * X509_STORE_CTX_cleanup does a proper "free" on the ex_data, we put a 1275 * X509_STORE_CTX_cleanup does a proper "free" on the ex_data, we put a
@@ -1468,16 +1298,6 @@ void X509_STORE_CTX_trusted_stack(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
1468void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx) 1298void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
1469 { 1299 {
1470 if (ctx->cleanup) ctx->cleanup(ctx); 1300 if (ctx->cleanup) ctx->cleanup(ctx);
1471 if (ctx->param != NULL)
1472 {
1473 X509_VERIFY_PARAM_free(ctx->param);
1474 ctx->param=NULL;
1475 }
1476 if (ctx->tree != NULL)
1477 {
1478 X509_policy_tree_free(ctx->tree);
1479 ctx->tree=NULL;
1480 }
1481 if (ctx->chain != NULL) 1301 if (ctx->chain != NULL)
1482 { 1302 {
1483 sk_X509_pop_free(ctx->chain,X509_free); 1303 sk_X509_pop_free(ctx->chain,X509_free);
@@ -1487,19 +1307,15 @@ void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
1487 memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA)); 1307 memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA));
1488 } 1308 }
1489 1309
1490void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth) 1310void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags)
1491 { 1311 {
1492 X509_VERIFY_PARAM_set_depth(ctx->param, depth); 1312 ctx->flags |= flags;
1493 } 1313 }
1494 1314
1495void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags) 1315void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, long flags, time_t t)
1496 { 1316 {
1497 X509_VERIFY_PARAM_set_flags(ctx->param, flags); 1317 ctx->check_time = t;
1498 } 1318 ctx->flags |= X509_V_FLAG_USE_CHECK_TIME;
1499
1500void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags, time_t t)
1501 {
1502 X509_VERIFY_PARAM_set_time(ctx->param, t);
1503 } 1319 }
1504 1320
1505void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx, 1321void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
@@ -1508,37 +1324,6 @@ void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
1508 ctx->verify_cb=verify_cb; 1324 ctx->verify_cb=verify_cb;
1509 } 1325 }
1510 1326
1511X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx)
1512 {
1513 return ctx->tree;
1514 }
1515
1516int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx)
1517 {
1518 return ctx->explicit_policy;
1519 }
1520
1521int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name)
1522 {
1523 const X509_VERIFY_PARAM *param;
1524 param = X509_VERIFY_PARAM_lookup(name);
1525 if (!param)
1526 return 0;
1527 return X509_VERIFY_PARAM_inherit(ctx->param, param);
1528 }
1529
1530X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx)
1531 {
1532 return ctx->param;
1533 }
1534
1535void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param)
1536 {
1537 if (ctx->param)
1538 X509_VERIFY_PARAM_free(ctx->param);
1539 ctx->param = param;
1540 }
1541
1542IMPLEMENT_STACK_OF(X509) 1327IMPLEMENT_STACK_OF(X509)
1543IMPLEMENT_ASN1_SET_OF(X509) 1328IMPLEMENT_ASN1_SET_OF(X509)
1544 1329
diff --git a/src/lib/libcrypto/x509/x509_vfy.h b/src/lib/libcrypto/x509/x509_vfy.h
index 76c76e1719..7fd1f0bc4d 100644
--- a/src/lib/libcrypto/x509/x509_vfy.h
+++ b/src/lib/libcrypto/x509/x509_vfy.h
@@ -65,7 +65,6 @@
65#ifndef HEADER_X509_VFY_H 65#ifndef HEADER_X509_VFY_H
66#define HEADER_X509_VFY_H 66#define HEADER_X509_VFY_H
67 67
68#include <openssl/opensslconf.h>
69#ifndef OPENSSL_NO_LHASH 68#ifndef OPENSSL_NO_LHASH
70#include <openssl/lhash.h> 69#include <openssl/lhash.h>
71#endif 70#endif
@@ -156,25 +155,6 @@ typedef struct x509_lookup_method_st
156 X509_OBJECT *ret); 155 X509_OBJECT *ret);
157 } X509_LOOKUP_METHOD; 156 } X509_LOOKUP_METHOD;
158 157
159/* This structure hold all parameters associated with a verify operation
160 * by including an X509_VERIFY_PARAM structure in related structures the
161 * parameters used can be customized
162 */
163
164typedef struct X509_VERIFY_PARAM_st
165 {
166 char *name;
167 time_t check_time; /* Time to use */
168 unsigned long inh_flags; /* Inheritance flags */
169 unsigned long flags; /* Various verify flags */
170 int purpose; /* purpose to check untrusted certificates */
171 int trust; /* trust setting to check */
172 int depth; /* Verify depth */
173 STACK_OF(ASN1_OBJECT) *policies; /* Permissible policies */
174 } X509_VERIFY_PARAM;
175
176DECLARE_STACK_OF(X509_VERIFY_PARAM)
177
178/* This is used to hold everything. It is used for all certificate 158/* This is used to hold everything. It is used for all certificate
179 * validation. Once we have a certificate chain, the 'verify' 159 * validation. Once we have a certificate chain, the 'verify'
180 * function is then called to actually check the cert chain. */ 160 * function is then called to actually check the cert chain. */
@@ -187,8 +167,13 @@ struct x509_store_st
187 /* These are external lookup methods */ 167 /* These are external lookup methods */
188 STACK_OF(X509_LOOKUP) *get_cert_methods; 168 STACK_OF(X509_LOOKUP) *get_cert_methods;
189 169
190 X509_VERIFY_PARAM *param; 170 /* The following fields are not used by X509_STORE but are
171 * inherited by X509_STORE_CTX when it is initialised.
172 */
191 173
174 unsigned long flags; /* Various verify flags */
175 int purpose;
176 int trust;
192 /* Callbacks for various operations */ 177 /* Callbacks for various operations */
193 int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */ 178 int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */
194 int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */ 179 int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */
@@ -202,9 +187,10 @@ struct x509_store_st
202 187
203 CRYPTO_EX_DATA ex_data; 188 CRYPTO_EX_DATA ex_data;
204 int references; 189 int references;
190 int depth; /* how deep to look (still unused -- X509_STORE_CTX's depth is used) */
205 } /* X509_STORE */; 191 } /* X509_STORE */;
206 192
207int X509_STORE_set_depth(X509_STORE *store, int depth); 193#define X509_STORE_set_depth(ctx,d) ((ctx)->depth=(d))
208 194
209#define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func)) 195#define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func))
210#define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func)) 196#define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func))
@@ -231,9 +217,10 @@ struct x509_store_ctx_st /* X509_STORE_CTX */
231 /* The following are set by the caller */ 217 /* The following are set by the caller */
232 X509 *cert; /* The cert to check */ 218 X509 *cert; /* The cert to check */
233 STACK_OF(X509) *untrusted; /* chain of X509s - untrusted - passed in */ 219 STACK_OF(X509) *untrusted; /* chain of X509s - untrusted - passed in */
234 STACK_OF(X509_CRL) *crls; /* set of CRLs passed in */ 220 int purpose; /* purpose to check untrusted certificates */
235 221 int trust; /* trust setting to check */
236 X509_VERIFY_PARAM *param; 222 time_t check_time; /* time to make verify at */
223 unsigned long flags; /* Various verify flags */
237 void *other_ctx; /* Other info for use with get_issuer() */ 224 void *other_ctx; /* Other info for use with get_issuer() */
238 225
239 /* Callbacks for various operations */ 226 /* Callbacks for various operations */
@@ -245,16 +232,13 @@ struct x509_store_ctx_st /* X509_STORE_CTX */
245 int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */ 232 int (*get_crl)(X509_STORE_CTX *ctx, X509_CRL **crl, X509 *x); /* retrieve CRL */
246 int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */ 233 int (*check_crl)(X509_STORE_CTX *ctx, X509_CRL *crl); /* Check CRL validity */
247 int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */ 234 int (*cert_crl)(X509_STORE_CTX *ctx, X509_CRL *crl, X509 *x); /* Check certificate against CRL */
248 int (*check_policy)(X509_STORE_CTX *ctx);
249 int (*cleanup)(X509_STORE_CTX *ctx); 235 int (*cleanup)(X509_STORE_CTX *ctx);
250 236
251 /* The following is built up */ 237 /* The following is built up */
238 int depth; /* how far to go looking up certs */
252 int valid; /* if 0, rebuild chain */ 239 int valid; /* if 0, rebuild chain */
253 int last_untrusted; /* index of last untrusted cert */ 240 int last_untrusted; /* index of last untrusted cert */
254 STACK_OF(X509) *chain; /* chain of X509s - built up and trusted */ 241 STACK_OF(X509) *chain; /* chain of X509s - built up and trusted */
255 X509_POLICY_TREE *tree; /* Valid policy tree */
256
257 int explicit_policy; /* Require explicit policy value */
258 242
259 /* When something goes wrong, this is why */ 243 /* When something goes wrong, this is why */
260 int error_depth; 244 int error_depth;
@@ -266,7 +250,7 @@ struct x509_store_ctx_st /* X509_STORE_CTX */
266 CRYPTO_EX_DATA ex_data; 250 CRYPTO_EX_DATA ex_data;
267 } /* X509_STORE_CTX */; 251 } /* X509_STORE_CTX */;
268 252
269void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth); 253#define X509_STORE_CTX_set_depth(ctx,d) ((ctx)->depth=(d))
270 254
271#define X509_STORE_CTX_set_app_data(ctx,data) \ 255#define X509_STORE_CTX_set_app_data(ctx,data) \
272 X509_STORE_CTX_set_ex_data(ctx,0,data) 256 X509_STORE_CTX_set_ex_data(ctx,0,data)
@@ -327,12 +311,6 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
327#define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39 311#define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39
328#define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40 312#define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40
329 313
330#define X509_V_ERR_INVALID_EXTENSION 41
331#define X509_V_ERR_INVALID_POLICY_EXTENSION 42
332#define X509_V_ERR_NO_EXPLICIT_POLICY 43
333
334#define X509_V_ERR_UNNESTED_RESOURCE 44
335
336/* The application is not happy */ 314/* The application is not happy */
337#define X509_V_ERR_APPLICATION_VERIFICATION 50 315#define X509_V_ERR_APPLICATION_VERIFICATION 50
338 316
@@ -352,28 +330,6 @@ void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
352#define X509_V_FLAG_X509_STRICT 0x20 330#define X509_V_FLAG_X509_STRICT 0x20
353/* Enable proxy certificate validation */ 331/* Enable proxy certificate validation */
354#define X509_V_FLAG_ALLOW_PROXY_CERTS 0x40 332#define X509_V_FLAG_ALLOW_PROXY_CERTS 0x40
355/* Enable policy checking */
356#define X509_V_FLAG_POLICY_CHECK 0x80
357/* Policy variable require-explicit-policy */
358#define X509_V_FLAG_EXPLICIT_POLICY 0x100
359/* Policy variable inhibit-any-policy */
360#define X509_V_FLAG_INHIBIT_ANY 0x200
361/* Policy variable inhibit-policy-mapping */
362#define X509_V_FLAG_INHIBIT_MAP 0x400
363/* Notify callback that policy is OK */
364#define X509_V_FLAG_NOTIFY_POLICY 0x800
365
366#define X509_VP_FLAG_DEFAULT 0x1
367#define X509_VP_FLAG_OVERWRITE 0x2
368#define X509_VP_FLAG_RESET_FLAGS 0x4
369#define X509_VP_FLAG_LOCKED 0x8
370#define X509_VP_FLAG_ONCE 0x10
371
372/* Internal use: mask of policy related options */
373#define X509_V_FLAG_POLICY_MASK (X509_V_FLAG_POLICY_CHECK \
374 | X509_V_FLAG_EXPLICIT_POLICY \
375 | X509_V_FLAG_INHIBIT_ANY \
376 | X509_V_FLAG_INHIBIT_MAP)
377 333
378int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type, 334int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, int type,
379 X509_NAME *name); 335 X509_NAME *name);
@@ -384,10 +340,9 @@ void X509_OBJECT_free_contents(X509_OBJECT *a);
384X509_STORE *X509_STORE_new(void ); 340X509_STORE *X509_STORE_new(void );
385void X509_STORE_free(X509_STORE *v); 341void X509_STORE_free(X509_STORE *v);
386 342
387int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags); 343void X509_STORE_set_flags(X509_STORE *ctx, long flags);
388int X509_STORE_set_purpose(X509_STORE *ctx, int purpose); 344int X509_STORE_set_purpose(X509_STORE *ctx, int purpose);
389int X509_STORE_set_trust(X509_STORE *ctx, int trust); 345int X509_STORE_set_trust(X509_STORE *ctx, int trust);
390int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *pm);
391 346
392X509_STORE_CTX *X509_STORE_CTX_new(void); 347X509_STORE_CTX *X509_STORE_CTX_new(void);
393 348
@@ -451,78 +406,14 @@ STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
451STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx); 406STACK_OF(X509) *X509_STORE_CTX_get1_chain(X509_STORE_CTX *ctx);
452void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x); 407void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x);
453void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk); 408void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk);
454void X509_STORE_CTX_set0_crls(X509_STORE_CTX *c,STACK_OF(X509_CRL) *sk);
455int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose); 409int X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
456int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust); 410int X509_STORE_CTX_set_trust(X509_STORE_CTX *ctx, int trust);
457int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose, 411int X509_STORE_CTX_purpose_inherit(X509_STORE_CTX *ctx, int def_purpose,
458 int purpose, int trust); 412 int purpose, int trust);
459void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, unsigned long flags); 413void X509_STORE_CTX_set_flags(X509_STORE_CTX *ctx, long flags);
460void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, unsigned long flags, 414void X509_STORE_CTX_set_time(X509_STORE_CTX *ctx, long flags, time_t t);
461 time_t t);
462void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx, 415void X509_STORE_CTX_set_verify_cb(X509_STORE_CTX *ctx,
463 int (*verify_cb)(int, X509_STORE_CTX *)); 416 int (*verify_cb)(int, X509_STORE_CTX *));
464
465X509_POLICY_TREE *X509_STORE_CTX_get0_policy_tree(X509_STORE_CTX *ctx);
466int X509_STORE_CTX_get_explicit_policy(X509_STORE_CTX *ctx);
467
468X509_VERIFY_PARAM *X509_STORE_CTX_get0_param(X509_STORE_CTX *ctx);
469void X509_STORE_CTX_set0_param(X509_STORE_CTX *ctx, X509_VERIFY_PARAM *param);
470int X509_STORE_CTX_set_default(X509_STORE_CTX *ctx, const char *name);
471
472/* X509_VERIFY_PARAM functions */
473
474X509_VERIFY_PARAM *X509_VERIFY_PARAM_new(void);
475void X509_VERIFY_PARAM_free(X509_VERIFY_PARAM *param);
476int X509_VERIFY_PARAM_inherit(X509_VERIFY_PARAM *to,
477 const X509_VERIFY_PARAM *from);
478int X509_VERIFY_PARAM_set1(X509_VERIFY_PARAM *to,
479 const X509_VERIFY_PARAM *from);
480int X509_VERIFY_PARAM_set1_name(X509_VERIFY_PARAM *param, const char *name);
481int X509_VERIFY_PARAM_set_flags(X509_VERIFY_PARAM *param, unsigned long flags);
482int X509_VERIFY_PARAM_clear_flags(X509_VERIFY_PARAM *param,
483 unsigned long flags);
484unsigned long X509_VERIFY_PARAM_get_flags(X509_VERIFY_PARAM *param);
485int X509_VERIFY_PARAM_set_purpose(X509_VERIFY_PARAM *param, int purpose);
486int X509_VERIFY_PARAM_set_trust(X509_VERIFY_PARAM *param, int trust);
487void X509_VERIFY_PARAM_set_depth(X509_VERIFY_PARAM *param, int depth);
488void X509_VERIFY_PARAM_set_time(X509_VERIFY_PARAM *param, time_t t);
489int X509_VERIFY_PARAM_add0_policy(X509_VERIFY_PARAM *param,
490 ASN1_OBJECT *policy);
491int X509_VERIFY_PARAM_set1_policies(X509_VERIFY_PARAM *param,
492 STACK_OF(ASN1_OBJECT) *policies);
493int X509_VERIFY_PARAM_get_depth(const X509_VERIFY_PARAM *param);
494
495int X509_VERIFY_PARAM_add0_table(X509_VERIFY_PARAM *param);
496const X509_VERIFY_PARAM *X509_VERIFY_PARAM_lookup(const char *name);
497void X509_VERIFY_PARAM_table_cleanup(void);
498
499int X509_policy_check(X509_POLICY_TREE **ptree, int *pexplicit_policy,
500 STACK_OF(X509) *certs,
501 STACK_OF(ASN1_OBJECT) *policy_oids,
502 unsigned int flags);
503
504void X509_policy_tree_free(X509_POLICY_TREE *tree);
505
506int X509_policy_tree_level_count(const X509_POLICY_TREE *tree);
507X509_POLICY_LEVEL *
508 X509_policy_tree_get0_level(const X509_POLICY_TREE *tree, int i);
509
510STACK_OF(X509_POLICY_NODE) *
511 X509_policy_tree_get0_policies(const X509_POLICY_TREE *tree);
512
513STACK_OF(X509_POLICY_NODE) *
514 X509_policy_tree_get0_user_policies(const X509_POLICY_TREE *tree);
515
516int X509_policy_level_node_count(X509_POLICY_LEVEL *level);
517
518X509_POLICY_NODE *X509_policy_level_get0_node(X509_POLICY_LEVEL *level, int i);
519
520const ASN1_OBJECT *X509_policy_node_get0_policy(const X509_POLICY_NODE *node);
521
522STACK_OF(POLICYQUALINFO) *
523 X509_policy_node_get0_qualifiers(const X509_POLICY_NODE *node);
524const X509_POLICY_NODE *
525 X509_policy_node_get0_parent(const X509_POLICY_NODE *node);
526 417
527#ifdef __cplusplus 418#ifdef __cplusplus
528} 419}
diff --git a/src/lib/libcrypto/x509/x509spki.c b/src/lib/libcrypto/x509/x509spki.c
index ed868b838e..4c3af946ec 100644
--- a/src/lib/libcrypto/x509/x509spki.c
+++ b/src/lib/libcrypto/x509/x509spki.c
@@ -77,8 +77,7 @@ EVP_PKEY *NETSCAPE_SPKI_get_pubkey(NETSCAPE_SPKI *x)
77 77
78NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len) 78NETSCAPE_SPKI * NETSCAPE_SPKI_b64_decode(const char *str, int len)
79{ 79{
80 unsigned char *spki_der; 80 unsigned char *spki_der, *p;
81 const unsigned char *p;
82 int spki_len; 81 int spki_len;
83 NETSCAPE_SPKI *spki; 82 NETSCAPE_SPKI *spki;
84 if(len <= 0) len = strlen(str); 83 if(len <= 0) len = strlen(str);
diff --git a/src/lib/libcrypto/x509/x509type.c b/src/lib/libcrypto/x509/x509type.c
index 2cd994c5b0..c25959a742 100644
--- a/src/lib/libcrypto/x509/x509type.c
+++ b/src/lib/libcrypto/x509/x509type.c
@@ -86,9 +86,6 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey)
86 case EVP_PKEY_DSA: 86 case EVP_PKEY_DSA:
87 ret=EVP_PK_DSA|EVP_PKT_SIGN; 87 ret=EVP_PK_DSA|EVP_PKT_SIGN;
88 break; 88 break;
89 case EVP_PKEY_EC:
90 ret=EVP_PK_EC|EVP_PKT_SIGN|EVP_PKT_EXCH;
91 break;
92 case EVP_PKEY_DH: 89 case EVP_PKEY_DH:
93 ret=EVP_PK_DH|EVP_PKT_EXCH; 90 ret=EVP_PK_DH|EVP_PKT_EXCH;
94 break; 91 break;
@@ -105,9 +102,6 @@ int X509_certificate_type(X509 *x, EVP_PKEY *pkey)
105 case EVP_PKEY_DSA: 102 case EVP_PKEY_DSA:
106 ret|=EVP_PKS_DSA; 103 ret|=EVP_PKS_DSA;
107 break; 104 break;
108 case EVP_PKEY_EC:
109 ret|=EVP_PKS_EC;
110 break;
111 default: 105 default:
112 break; 106 break;
113 } 107 }
diff --git a/src/lib/libcrypto/x509/x_all.c b/src/lib/libcrypto/x509/x_all.c
index 9039caad60..ac6dea493a 100644
--- a/src/lib/libcrypto/x509/x_all.c
+++ b/src/lib/libcrypto/x509/x_all.c
@@ -64,12 +64,6 @@
64#include <openssl/asn1.h> 64#include <openssl/asn1.h>
65#include <openssl/evp.h> 65#include <openssl/evp.h>
66#include <openssl/x509.h> 66#include <openssl/x509.h>
67#ifndef OPENSSL_NO_RSA
68#include <openssl/rsa.h>
69#endif
70#ifndef OPENSSL_NO_DSA
71#include <openssl/dsa.h>
72#endif
73 67
74int X509_verify(X509 *a, EVP_PKEY *r) 68int X509_verify(X509 *a, EVP_PKEY *r)
75 { 69 {
@@ -229,9 +223,9 @@ RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa)
229 223
230RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa) 224RSA *d2i_RSA_PUBKEY_fp(FILE *fp, RSA **rsa)
231 { 225 {
232 return ASN1_d2i_fp((void *(*)(void)) 226 return((RSA *)ASN1_d2i_fp((char *(*)())
233 RSA_new,(D2I_OF(void))d2i_RSA_PUBKEY, fp, 227 RSA_new,(char *(*)())d2i_RSA_PUBKEY, (fp),
234 (void **)rsa); 228 (unsigned char **)(rsa)));
235 } 229 }
236 230
237int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa) 231int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa)
@@ -241,7 +235,7 @@ int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa)
241 235
242int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa) 236int i2d_RSA_PUBKEY_fp(FILE *fp, RSA *rsa)
243 { 237 {
244 return ASN1_i2d_fp((I2D_OF(void))i2d_RSA_PUBKEY,fp,rsa); 238 return(ASN1_i2d_fp(i2d_RSA_PUBKEY,fp,(unsigned char *)rsa));
245 } 239 }
246#endif 240#endif
247 241
@@ -263,7 +257,9 @@ RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa)
263 257
264RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa) 258RSA *d2i_RSA_PUBKEY_bio(BIO *bp, RSA **rsa)
265 { 259 {
266 return ASN1_d2i_bio_of(RSA,RSA_new,d2i_RSA_PUBKEY,bp,rsa); 260 return((RSA *)ASN1_d2i_bio((char *(*)())
261 RSA_new,(char *(*)())d2i_RSA_PUBKEY, (bp),
262 (unsigned char **)(rsa)));
267 } 263 }
268 264
269int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa) 265int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa)
@@ -273,7 +269,7 @@ int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa)
273 269
274int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa) 270int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa)
275 { 271 {
276 return ASN1_i2d_bio_of(RSA,i2d_RSA_PUBKEY,bp,rsa); 272 return(ASN1_i2d_bio(i2d_RSA_PUBKEY,bp,(unsigned char *)rsa));
277 } 273 }
278#endif 274#endif
279 275
@@ -281,92 +277,55 @@ int i2d_RSA_PUBKEY_bio(BIO *bp, RSA *rsa)
281#ifndef OPENSSL_NO_FP_API 277#ifndef OPENSSL_NO_FP_API
282DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa) 278DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa)
283 { 279 {
284 return ASN1_d2i_fp_of(DSA,DSA_new,d2i_DSAPrivateKey,fp,dsa); 280 return((DSA *)ASN1_d2i_fp((char *(*)())
281 DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp),
282 (unsigned char **)(dsa)));
285 } 283 }
286 284
287int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa) 285int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa)
288 { 286 {
289 return ASN1_i2d_fp_of_const(DSA,i2d_DSAPrivateKey,fp,dsa); 287 return(ASN1_i2d_fp(i2d_DSAPrivateKey,fp,(unsigned char *)dsa));
290 } 288 }
291 289
292DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa) 290DSA *d2i_DSA_PUBKEY_fp(FILE *fp, DSA **dsa)
293 { 291 {
294 return ASN1_d2i_fp_of(DSA,DSA_new,d2i_DSA_PUBKEY,fp,dsa); 292 return((DSA *)ASN1_d2i_fp((char *(*)())
293 DSA_new,(char *(*)())d2i_DSA_PUBKEY, (fp),
294 (unsigned char **)(dsa)));
295 } 295 }
296 296
297int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa) 297int i2d_DSA_PUBKEY_fp(FILE *fp, DSA *dsa)
298 { 298 {
299 return ASN1_i2d_fp_of(DSA,i2d_DSA_PUBKEY,fp,dsa); 299 return(ASN1_i2d_fp(i2d_DSA_PUBKEY,fp,(unsigned char *)dsa));
300 } 300 }
301#endif 301#endif
302 302
303DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa) 303DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa)
304 { 304 {
305 return ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSAPrivateKey,bp,dsa 305 return((DSA *)ASN1_d2i_bio((char *(*)())
306); 306 DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp),
307 (unsigned char **)(dsa)));
307 } 308 }
308 309
309int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa) 310int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa)
310 { 311 {
311 return ASN1_i2d_bio_of_const(DSA,i2d_DSAPrivateKey,bp,dsa); 312 return(ASN1_i2d_bio(i2d_DSAPrivateKey,bp,(unsigned char *)dsa));
312 } 313 }
313 314
314DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa) 315DSA *d2i_DSA_PUBKEY_bio(BIO *bp, DSA **dsa)
315 { 316 {
316 return ASN1_d2i_bio_of(DSA,DSA_new,d2i_DSA_PUBKEY,bp,dsa); 317 return((DSA *)ASN1_d2i_bio((char *(*)())
318 DSA_new,(char *(*)())d2i_DSA_PUBKEY, (bp),
319 (unsigned char **)(dsa)));
317 } 320 }
318 321
319int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa) 322int i2d_DSA_PUBKEY_bio(BIO *bp, DSA *dsa)
320 { 323 {
321 return ASN1_i2d_bio_of(DSA,i2d_DSA_PUBKEY,bp,dsa); 324 return(ASN1_i2d_bio(i2d_DSA_PUBKEY,bp,(unsigned char *)dsa));
322 } 325 }
323 326
324#endif 327#endif
325 328
326#ifndef OPENSSL_NO_EC
327#ifndef OPENSSL_NO_FP_API
328EC_KEY *d2i_EC_PUBKEY_fp(FILE *fp, EC_KEY **eckey)
329 {
330 return ASN1_d2i_fp_of(EC_KEY,EC_KEY_new,d2i_EC_PUBKEY,fp,eckey);
331 }
332
333int i2d_EC_PUBKEY_fp(FILE *fp, EC_KEY *eckey)
334 {
335 return ASN1_i2d_fp_of(EC_KEY,i2d_EC_PUBKEY,fp,eckey);
336 }
337
338EC_KEY *d2i_ECPrivateKey_fp(FILE *fp, EC_KEY **eckey)
339 {
340 return ASN1_d2i_fp_of(EC_KEY,EC_KEY_new,d2i_ECPrivateKey,fp,eckey);
341 }
342
343int i2d_ECPrivateKey_fp(FILE *fp, EC_KEY *eckey)
344 {
345 return ASN1_i2d_fp_of(EC_KEY,i2d_ECPrivateKey,fp,eckey);
346 }
347#endif
348EC_KEY *d2i_EC_PUBKEY_bio(BIO *bp, EC_KEY **eckey)
349 {
350 return ASN1_d2i_bio_of(EC_KEY,EC_KEY_new,d2i_EC_PUBKEY,bp,eckey);
351 }
352
353int i2d_EC_PUBKEY_bio(BIO *bp, EC_KEY *ecdsa)
354 {
355 return ASN1_i2d_bio_of(EC_KEY,i2d_EC_PUBKEY,bp,ecdsa);
356 }
357
358EC_KEY *d2i_ECPrivateKey_bio(BIO *bp, EC_KEY **eckey)
359 {
360 return ASN1_d2i_bio_of(EC_KEY,EC_KEY_new,d2i_ECPrivateKey,bp,eckey);
361 }
362
363int i2d_ECPrivateKey_bio(BIO *bp, EC_KEY *eckey)
364 {
365 return ASN1_i2d_bio_of(EC_KEY,i2d_ECPrivateKey,bp,eckey);
366 }
367#endif
368
369
370int X509_pubkey_digest(const X509 *data, const EVP_MD *type, unsigned char *md, 329int X509_pubkey_digest(const X509 *data, const EVP_MD *type, unsigned char *md,
371 unsigned int *len) 330 unsigned int *len)
372 { 331 {
@@ -411,37 +370,40 @@ int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, const EVP_MD *
411#ifndef OPENSSL_NO_FP_API 370#ifndef OPENSSL_NO_FP_API
412X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8) 371X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8)
413 { 372 {
414 return ASN1_d2i_fp_of(X509_SIG,X509_SIG_new,d2i_X509_SIG,fp,p8); 373 return((X509_SIG *)ASN1_d2i_fp((char *(*)())X509_SIG_new,
374 (char *(*)())d2i_X509_SIG, (fp),(unsigned char **)(p8)));
415 } 375 }
416 376
417int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8) 377int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8)
418 { 378 {
419 return ASN1_i2d_fp_of(X509_SIG,i2d_X509_SIG,fp,p8); 379 return(ASN1_i2d_fp(i2d_X509_SIG,fp,(unsigned char *)p8));
420 } 380 }
421#endif 381#endif
422 382
423X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8) 383X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8)
424 { 384 {
425 return ASN1_d2i_bio_of(X509_SIG,X509_SIG_new,d2i_X509_SIG,bp,p8); 385 return((X509_SIG *)ASN1_d2i_bio((char *(*)())X509_SIG_new,
386 (char *(*)())d2i_X509_SIG, (bp),(unsigned char **)(p8)));
426 } 387 }
427 388
428int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8) 389int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8)
429 { 390 {
430 return ASN1_i2d_bio_of(X509_SIG,i2d_X509_SIG,bp,p8); 391 return(ASN1_i2d_bio(i2d_X509_SIG,bp,(unsigned char *)p8));
431 } 392 }
432 393
433#ifndef OPENSSL_NO_FP_API 394#ifndef OPENSSL_NO_FP_API
434PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, 395PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
435 PKCS8_PRIV_KEY_INFO **p8inf) 396 PKCS8_PRIV_KEY_INFO **p8inf)
436 { 397 {
437 return ASN1_d2i_fp_of(PKCS8_PRIV_KEY_INFO,PKCS8_PRIV_KEY_INFO_new, 398 return((PKCS8_PRIV_KEY_INFO *)ASN1_d2i_fp(
438 d2i_PKCS8_PRIV_KEY_INFO,fp,p8inf); 399 (char *(*)())PKCS8_PRIV_KEY_INFO_new,
400 (char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (fp),
401 (unsigned char **)(p8inf)));
439 } 402 }
440 403
441int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf) 404int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf)
442 { 405 {
443 return ASN1_i2d_fp_of(PKCS8_PRIV_KEY_INFO,i2d_PKCS8_PRIV_KEY_INFO,fp, 406 return(ASN1_i2d_fp(i2d_PKCS8_PRIV_KEY_INFO,fp,(unsigned char *)p8inf));
444 p8inf);
445 } 407 }
446 408
447int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key) 409int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key)
@@ -457,22 +419,24 @@ int i2d_PKCS8PrivateKeyInfo_fp(FILE *fp, EVP_PKEY *key)
457 419
458int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey) 420int i2d_PrivateKey_fp(FILE *fp, EVP_PKEY *pkey)
459 { 421 {
460 return ASN1_i2d_fp_of(EVP_PKEY,i2d_PrivateKey,fp,pkey); 422 return(ASN1_i2d_fp(i2d_PrivateKey,fp,(unsigned char *)pkey));
461 } 423 }
462 424
463EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a) 425EVP_PKEY *d2i_PrivateKey_fp(FILE *fp, EVP_PKEY **a)
464{ 426{
465 return ASN1_d2i_fp_of(EVP_PKEY,EVP_PKEY_new,d2i_AutoPrivateKey,fp,a); 427 return((EVP_PKEY *)ASN1_d2i_fp((char *(*)())EVP_PKEY_new,
428 (char *(*)())d2i_AutoPrivateKey, (fp),(unsigned char **)(a)));
466} 429}
467 430
468int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey) 431int i2d_PUBKEY_fp(FILE *fp, EVP_PKEY *pkey)
469 { 432 {
470 return ASN1_i2d_fp_of(EVP_PKEY,i2d_PUBKEY,fp,pkey); 433 return(ASN1_i2d_fp(i2d_PUBKEY,fp,(unsigned char *)pkey));
471 } 434 }
472 435
473EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a) 436EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a)
474{ 437{
475 return ASN1_d2i_fp_of(EVP_PKEY,EVP_PKEY_new,d2i_PUBKEY,fp,a); 438 return((EVP_PKEY *)ASN1_d2i_fp((char *(*)())EVP_PKEY_new,
439 (char *(*)())d2i_PUBKEY, (fp),(unsigned char **)(a)));
476} 440}
477 441
478#endif 442#endif
@@ -480,14 +444,15 @@ EVP_PKEY *d2i_PUBKEY_fp(FILE *fp, EVP_PKEY **a)
480PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, 444PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
481 PKCS8_PRIV_KEY_INFO **p8inf) 445 PKCS8_PRIV_KEY_INFO **p8inf)
482 { 446 {
483 return ASN1_d2i_bio_of(PKCS8_PRIV_KEY_INFO,PKCS8_PRIV_KEY_INFO_new, 447 return((PKCS8_PRIV_KEY_INFO *)ASN1_d2i_bio(
484 d2i_PKCS8_PRIV_KEY_INFO,bp,p8inf); 448 (char *(*)())PKCS8_PRIV_KEY_INFO_new,
449 (char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (bp),
450 (unsigned char **)(p8inf)));
485 } 451 }
486 452
487int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf) 453int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf)
488 { 454 {
489 return ASN1_i2d_bio_of(PKCS8_PRIV_KEY_INFO,i2d_PKCS8_PRIV_KEY_INFO,bp, 455 return(ASN1_i2d_bio(i2d_PKCS8_PRIV_KEY_INFO,bp,(unsigned char *)p8inf));
490 p8inf);
491 } 456 }
492 457
493int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key) 458int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key)
@@ -503,20 +468,22 @@ int i2d_PKCS8PrivateKeyInfo_bio(BIO *bp, EVP_PKEY *key)
503 468
504int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey) 469int i2d_PrivateKey_bio(BIO *bp, EVP_PKEY *pkey)
505 { 470 {
506 return ASN1_i2d_bio_of(EVP_PKEY,i2d_PrivateKey,bp,pkey); 471 return(ASN1_i2d_bio(i2d_PrivateKey,bp,(unsigned char *)pkey));
507 } 472 }
508 473
509EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a) 474EVP_PKEY *d2i_PrivateKey_bio(BIO *bp, EVP_PKEY **a)
510 { 475 {
511 return ASN1_d2i_bio_of(EVP_PKEY,EVP_PKEY_new,d2i_AutoPrivateKey,bp,a); 476 return((EVP_PKEY *)ASN1_d2i_bio((char *(*)())EVP_PKEY_new,
477 (char *(*)())d2i_AutoPrivateKey, (bp),(unsigned char **)(a)));
512 } 478 }
513 479
514int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey) 480int i2d_PUBKEY_bio(BIO *bp, EVP_PKEY *pkey)
515 { 481 {
516 return ASN1_i2d_bio_of(EVP_PKEY,i2d_PUBKEY,bp,pkey); 482 return(ASN1_i2d_bio(i2d_PUBKEY,bp,(unsigned char *)pkey));
517 } 483 }
518 484
519EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a) 485EVP_PKEY *d2i_PUBKEY_bio(BIO *bp, EVP_PKEY **a)
520 { 486 {
521 return ASN1_d2i_bio_of(EVP_PKEY,EVP_PKEY_new,d2i_PUBKEY,bp,a); 487 return((EVP_PKEY *)ASN1_d2i_bio((char *(*)())EVP_PKEY_new,
488 (char *(*)())d2i_PUBKEY, (bp),(unsigned char **)(a)));
522 } 489 }