summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/x509
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto/x509')
-rw-r--r--src/lib/libcrypto/x509/Makefile.ssl374
-rw-r--r--src/lib/libcrypto/x509/attrib38
-rw-r--r--src/lib/libcrypto/x509/by_dir.c57
-rw-r--r--src/lib/libcrypto/x509/by_file.c41
-rw-r--r--src/lib/libcrypto/x509/v3_net.c87
-rw-r--r--src/lib/libcrypto/x509/v3_x509.c253
-rw-r--r--src/lib/libcrypto/x509/x509.doc27
-rw-r--r--src/lib/libcrypto/x509/x509.err46
-rw-r--r--src/lib/libcrypto/x509/x509.h627
-rw-r--r--src/lib/libcrypto/x509/x509_cmp.c138
-rw-r--r--src/lib/libcrypto/x509/x509_d2.c13
-rw-r--r--src/lib/libcrypto/x509/x509_def.c16
-rw-r--r--src/lib/libcrypto/x509/x509_err.c136
-rw-r--r--src/lib/libcrypto/x509/x509_ext.c106
-rw-r--r--src/lib/libcrypto/x509/x509_lu.c139
-rw-r--r--src/lib/libcrypto/x509/x509_obj.c72
-rw-r--r--src/lib/libcrypto/x509/x509_r2x.c34
-rw-r--r--src/lib/libcrypto/x509/x509_req.c27
-rw-r--r--src/lib/libcrypto/x509/x509_set.c36
-rw-r--r--src/lib/libcrypto/x509/x509_txt.c18
-rw-r--r--src/lib/libcrypto/x509/x509_v3.c225
-rw-r--r--src/lib/libcrypto/x509/x509_vfy.c221
-rw-r--r--src/lib/libcrypto/x509/x509_vfy.h168
-rw-r--r--src/lib/libcrypto/x509/x509name.c137
-rw-r--r--src/lib/libcrypto/x509/x509pack.c157
-rw-r--r--src/lib/libcrypto/x509/x509rset.c20
-rw-r--r--src/lib/libcrypto/x509/x509type.c13
-rw-r--r--src/lib/libcrypto/x509/x509v3.doc24
-rw-r--r--src/lib/libcrypto/x509/x_all.c272
29 files changed, 1337 insertions, 2185 deletions
diff --git a/src/lib/libcrypto/x509/Makefile.ssl b/src/lib/libcrypto/x509/Makefile.ssl
index 1c1ca2ffa0..14bb60d411 100644
--- a/src/lib/libcrypto/x509/Makefile.ssl
+++ b/src/lib/libcrypto/x509/Makefile.ssl
@@ -7,16 +7,16 @@ TOP= ../..
7CC= cc 7CC= cc
8INCLUDES= -I.. -I../../include 8INCLUDES= -I.. -I../../include
9CFLAG=-g 9CFLAG=-g
10INSTALL_PREFIX=
11OPENSSLDIR= /usr/local/ssl
10INSTALLTOP=/usr/local/ssl 12INSTALLTOP=/usr/local/ssl
11MAKE= make -f Makefile.ssl 13MAKE= make -f Makefile.ssl
12MAKEDEPEND= makedepend -f Makefile.ssl 14MAKEDEPEND= $(TOP)/util/domd $(TOP)
13MAKEFILE= Makefile.ssl 15MAKEFILE= Makefile.ssl
14AR= ar r 16AR= ar r
15 17
16CFLAGS= $(INCLUDES) $(CFLAG) 18CFLAGS= $(INCLUDES) $(CFLAG)
17 19
18ERR=x509
19ERRC=x509_err
20GENERAL=Makefile README 20GENERAL=Makefile README
21TEST= 21TEST=
22APPS= 22APPS=
@@ -24,18 +24,16 @@ APPS=
24LIB=$(TOP)/libcrypto.a 24LIB=$(TOP)/libcrypto.a
25LIBSRC= x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \ 25LIBSRC= x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \
26 x509_obj.c x509_req.c x509_vfy.c \ 26 x509_obj.c x509_req.c x509_vfy.c \
27 x509_set.c x509rset.c $(ERRC).c \ 27 x509_set.c x509rset.c x509_err.c \
28 x509name.c x509_v3.c x509_ext.c x509pack.c \ 28 x509name.c x509_v3.c x509_ext.c \
29 x509type.c x509_lu.c x_all.c x509_txt.c \ 29 x509type.c x509_lu.c x_all.c x509_txt.c \
30 by_file.c by_dir.c \ 30 by_file.c by_dir.c
31 v3_net.c v3_x509.c
32LIBOBJ= x509_def.o x509_d2.o x509_r2x.o x509_cmp.o \ 31LIBOBJ= x509_def.o x509_d2.o x509_r2x.o x509_cmp.o \
33 x509_obj.o x509_req.o x509_vfy.o \ 32 x509_obj.o x509_req.o x509_vfy.o \
34 x509_set.o x509rset.o $(ERRC).o \ 33 x509_set.o x509rset.o x509_err.o \
35 x509name.o x509_v3.o x509_ext.o x509pack.o \ 34 x509name.o x509_v3.o x509_ext.o \
36 x509type.o x509_lu.o x_all.o x509_txt.o \ 35 x509type.o x509_lu.o x_all.o x509_txt.o \
37 by_file.o by_dir.o \ 36 by_file.o by_dir.o
38 v3_net.o v3_x509.o
39 37
40SRC= $(LIBSRC) 38SRC= $(LIBSRC)
41 39
@@ -51,24 +49,23 @@ all: lib
51 49
52lib: $(LIBOBJ) 50lib: $(LIBOBJ)
53 $(AR) $(LIB) $(LIBOBJ) 51 $(AR) $(LIB) $(LIBOBJ)
54 sh $(TOP)/util/ranlib.sh $(LIB) 52 $(RANLIB) $(LIB)
55 @touch lib 53 @touch lib
56 54
57files: 55files:
58 perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO 56 $(PERL) $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
59 57
60links: 58links:
61 /bin/rm -f Makefile 59 @$(TOP)/util/point.sh Makefile.ssl Makefile
62 $(TOP)/util/point.sh Makefile.ssl Makefile ; 60 @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER)
63 $(TOP)/util/mklink.sh ../../include $(EXHEADER) 61 @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST)
64 $(TOP)/util/mklink.sh ../../test $(TEST) 62 @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS)
65 $(TOP)/util/mklink.sh ../../apps $(APPS)
66 63
67install: 64install:
68 @for i in $(EXHEADER) ; \ 65 @for i in $(EXHEADER) ; \
69 do \ 66 do \
70 (cp $$i $(INSTALLTOP)/include/$$i; \ 67 (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \
71 chmod 644 $(INSTALLTOP)/include/$$i ); \ 68 chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \
72 done; 69 done;
73 70
74tags: 71tags:
@@ -80,17 +77,340 @@ lint:
80 lint -DLINT $(INCLUDES) $(SRC)>fluff 77 lint -DLINT $(INCLUDES) $(SRC)>fluff
81 78
82depend: 79depend:
83 $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC) 80 $(MAKEDEPEND) $(INCLUDES) $(DEPFLAG) $(PROGS) $(LIBSRC)
84 81
85dclean: 82dclean:
86 perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new 83 $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
87 mv -f Makefile.new $(MAKEFILE) 84 mv -f Makefile.new $(MAKEFILE)
88 85
89clean: 86clean:
90 /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff 87 rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
91
92errors:
93 perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
94 perl ../err/err_genc.pl -s $(ERR).h $(ERRC).c
95 88
96# DO NOT DELETE THIS LINE -- make depend depends on it. 89# DO NOT DELETE THIS LINE -- make depend depends on it.
90
91by_dir.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
92by_dir.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
93by_dir.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
94by_dir.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
95by_dir.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
96by_dir.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
97by_dir.o: ../../include/openssl/err.h ../../include/openssl/evp.h
98by_dir.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
99by_dir.o: ../../include/openssl/md2.h ../../include/openssl/md5.h
100by_dir.o: ../../include/openssl/mdc2.h ../../include/openssl/objects.h
101by_dir.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
102by_dir.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
103by_dir.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
104by_dir.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
105by_dir.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
106by_dir.o: ../../include/openssl/stack.h ../../include/openssl/x509.h
107by_dir.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
108by_file.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
109by_file.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
110by_file.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
111by_file.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
112by_file.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
113by_file.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
114by_file.o: ../../include/openssl/err.h ../../include/openssl/evp.h
115by_file.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
116by_file.o: ../../include/openssl/md2.h ../../include/openssl/md5.h
117by_file.o: ../../include/openssl/mdc2.h ../../include/openssl/objects.h
118by_file.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
119by_file.o: ../../include/openssl/pem.h ../../include/openssl/pem2.h
120by_file.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
121by_file.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
122by_file.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
123by_file.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
124by_file.o: ../../include/openssl/stack.h ../../include/openssl/x509.h
125by_file.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
126x509_cmp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
127x509_cmp.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
128x509_cmp.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
129x509_cmp.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
130x509_cmp.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
131x509_cmp.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
132x509_cmp.o: ../../include/openssl/err.h ../../include/openssl/evp.h
133x509_cmp.o: ../../include/openssl/idea.h ../../include/openssl/md2.h
134x509_cmp.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
135x509_cmp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
136x509_cmp.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
137x509_cmp.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
138x509_cmp.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
139x509_cmp.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
140x509_cmp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
141x509_cmp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
142x509_cmp.o: ../cryptlib.h
143x509_d2.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
144x509_d2.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
145x509_d2.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
146x509_d2.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
147x509_d2.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
148x509_d2.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
149x509_d2.o: ../../include/openssl/err.h ../../include/openssl/evp.h
150x509_d2.o: ../../include/openssl/idea.h ../../include/openssl/md2.h
151x509_d2.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
152x509_d2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
153x509_d2.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
154x509_d2.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
155x509_d2.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
156x509_d2.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
157x509_d2.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
158x509_d2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
159x509_d2.o: ../cryptlib.h
160x509_def.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
161x509_def.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
162x509_def.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
163x509_def.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
164x509_def.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
165x509_def.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
166x509_def.o: ../../include/openssl/err.h ../../include/openssl/evp.h
167x509_def.o: ../../include/openssl/idea.h ../../include/openssl/md2.h
168x509_def.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
169x509_def.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
170x509_def.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
171x509_def.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
172x509_def.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
173x509_def.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
174x509_def.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
175x509_def.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
176x509_def.o: ../cryptlib.h
177x509_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
178x509_err.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
179x509_err.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
180x509_err.o: ../../include/openssl/des.h ../../include/openssl/dh.h
181x509_err.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
182x509_err.o: ../../include/openssl/err.h ../../include/openssl/evp.h
183x509_err.o: ../../include/openssl/idea.h ../../include/openssl/md2.h
184x509_err.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
185x509_err.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
186x509_err.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
187x509_err.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
188x509_err.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
189x509_err.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
190x509_err.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
191x509_err.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
192x509_ext.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
193x509_ext.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
194x509_ext.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
195x509_ext.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
196x509_ext.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
197x509_ext.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
198x509_ext.o: ../../include/openssl/err.h ../../include/openssl/evp.h
199x509_ext.o: ../../include/openssl/idea.h ../../include/openssl/md2.h
200x509_ext.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
201x509_ext.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
202x509_ext.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
203x509_ext.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
204x509_ext.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
205x509_ext.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
206x509_ext.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
207x509_ext.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
208x509_ext.o: ../cryptlib.h
209x509_lu.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
210x509_lu.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
211x509_lu.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
212x509_lu.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
213x509_lu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
214x509_lu.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
215x509_lu.o: ../../include/openssl/err.h ../../include/openssl/evp.h
216x509_lu.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
217x509_lu.o: ../../include/openssl/md2.h ../../include/openssl/md5.h
218x509_lu.o: ../../include/openssl/mdc2.h ../../include/openssl/objects.h
219x509_lu.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
220x509_lu.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
221x509_lu.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
222x509_lu.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
223x509_lu.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
224x509_lu.o: ../../include/openssl/stack.h ../../include/openssl/x509.h
225x509_lu.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
226x509_obj.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
227x509_obj.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
228x509_obj.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
229x509_obj.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
230x509_obj.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
231x509_obj.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
232x509_obj.o: ../../include/openssl/err.h ../../include/openssl/evp.h
233x509_obj.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
234x509_obj.o: ../../include/openssl/md2.h ../../include/openssl/md5.h
235x509_obj.o: ../../include/openssl/mdc2.h ../../include/openssl/objects.h
236x509_obj.o: ../../include/openssl/opensslconf.h
237x509_obj.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
238x509_obj.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
239x509_obj.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
240x509_obj.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
241x509_obj.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
242x509_obj.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
243x509_obj.o: ../cryptlib.h
244x509_r2x.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
245x509_r2x.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
246x509_r2x.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
247x509_r2x.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
248x509_r2x.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
249x509_r2x.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
250x509_r2x.o: ../../include/openssl/err.h ../../include/openssl/evp.h
251x509_r2x.o: ../../include/openssl/idea.h ../../include/openssl/md2.h
252x509_r2x.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
253x509_r2x.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
254x509_r2x.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
255x509_r2x.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
256x509_r2x.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
257x509_r2x.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
258x509_r2x.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
259x509_r2x.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
260x509_r2x.o: ../cryptlib.h
261x509_req.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
262x509_req.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
263x509_req.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
264x509_req.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
265x509_req.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
266x509_req.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
267x509_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h
268x509_req.o: ../../include/openssl/idea.h ../../include/openssl/md2.h
269x509_req.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
270x509_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
271x509_req.o: ../../include/openssl/opensslv.h ../../include/openssl/pem.h
272x509_req.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
273x509_req.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
274x509_req.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
275x509_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
276x509_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
277x509_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
278x509_req.o: ../cryptlib.h
279x509_set.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
280x509_set.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
281x509_set.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
282x509_set.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
283x509_set.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
284x509_set.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
285x509_set.o: ../../include/openssl/err.h ../../include/openssl/evp.h
286x509_set.o: ../../include/openssl/idea.h ../../include/openssl/md2.h
287x509_set.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
288x509_set.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
289x509_set.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
290x509_set.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
291x509_set.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
292x509_set.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
293x509_set.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
294x509_set.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
295x509_set.o: ../cryptlib.h
296x509_txt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
297x509_txt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
298x509_txt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
299x509_txt.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
300x509_txt.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
301x509_txt.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
302x509_txt.o: ../../include/openssl/err.h ../../include/openssl/evp.h
303x509_txt.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
304x509_txt.o: ../../include/openssl/md2.h ../../include/openssl/md5.h
305x509_txt.o: ../../include/openssl/mdc2.h ../../include/openssl/objects.h
306x509_txt.o: ../../include/openssl/opensslconf.h
307x509_txt.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
308x509_txt.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
309x509_txt.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
310x509_txt.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
311x509_txt.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
312x509_txt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
313x509_txt.o: ../cryptlib.h
314x509_v3.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
315x509_v3.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
316x509_v3.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
317x509_v3.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
318x509_v3.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
319x509_v3.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
320x509_v3.o: ../../include/openssl/err.h ../../include/openssl/evp.h
321x509_v3.o: ../../include/openssl/idea.h ../../include/openssl/md2.h
322x509_v3.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
323x509_v3.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
324x509_v3.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
325x509_v3.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
326x509_v3.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
327x509_v3.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
328x509_v3.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
329x509_v3.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
330x509_v3.o: ../cryptlib.h
331x509_vfy.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
332x509_vfy.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
333x509_vfy.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
334x509_vfy.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
335x509_vfy.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
336x509_vfy.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
337x509_vfy.o: ../../include/openssl/err.h ../../include/openssl/evp.h
338x509_vfy.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
339x509_vfy.o: ../../include/openssl/md2.h ../../include/openssl/md5.h
340x509_vfy.o: ../../include/openssl/mdc2.h ../../include/openssl/objects.h
341x509_vfy.o: ../../include/openssl/opensslconf.h
342x509_vfy.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
343x509_vfy.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
344x509_vfy.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
345x509_vfy.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
346x509_vfy.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
347x509_vfy.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
348x509_vfy.o: ../cryptlib.h
349x509name.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
350x509name.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
351x509name.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
352x509name.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
353x509name.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
354x509name.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
355x509name.o: ../../include/openssl/err.h ../../include/openssl/evp.h
356x509name.o: ../../include/openssl/idea.h ../../include/openssl/md2.h
357x509name.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
358x509name.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
359x509name.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
360x509name.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
361x509name.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
362x509name.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
363x509name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
364x509name.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
365x509name.o: ../cryptlib.h
366x509rset.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
367x509rset.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
368x509rset.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
369x509rset.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
370x509rset.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
371x509rset.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
372x509rset.o: ../../include/openssl/err.h ../../include/openssl/evp.h
373x509rset.o: ../../include/openssl/idea.h ../../include/openssl/md2.h
374x509rset.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
375x509rset.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
376x509rset.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
377x509rset.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
378x509rset.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
379x509rset.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
380x509rset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
381x509rset.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
382x509rset.o: ../cryptlib.h
383x509type.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
384x509type.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
385x509type.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
386x509type.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
387x509type.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
388x509type.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
389x509type.o: ../../include/openssl/err.h ../../include/openssl/evp.h
390x509type.o: ../../include/openssl/idea.h ../../include/openssl/md2.h
391x509type.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
392x509type.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
393x509type.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
394x509type.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
395x509type.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
396x509type.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
397x509type.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
398x509type.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
399x509type.o: ../cryptlib.h
400x_all.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
401x_all.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
402x_all.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
403x_all.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
404x_all.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
405x_all.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
406x_all.o: ../../include/openssl/err.h ../../include/openssl/evp.h
407x_all.o: ../../include/openssl/idea.h ../../include/openssl/md2.h
408x_all.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
409x_all.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
410x_all.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
411x_all.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
412x_all.o: ../../include/openssl/rc5.h ../../include/openssl/ripemd.h
413x_all.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
414x_all.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
415x_all.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
416x_all.o: ../cryptlib.h
diff --git a/src/lib/libcrypto/x509/attrib b/src/lib/libcrypto/x509/attrib
deleted file mode 100644
index 37f6cd755f..0000000000
--- a/src/lib/libcrypto/x509/attrib
+++ /dev/null
@@ -1,38 +0,0 @@
1
2PKCS7
3 STACK of X509_ATTRIBUTES
4 ASN1_OBJECT
5 STACK of ASN1_TYPE
6
7So it is
8
9p7.xa[].obj
10p7.xa[].data[]
11
12get_obj_by_nid(STACK , nid)
13get_num_by_nid(STACK , nid)
14get_data_by_nid(STACK , nid, index)
15
16X509_ATTRIBUTE *X509_ATTRIBUTE_new(void );
17void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a);
18
19X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **ex,
20 int nid, STACK *value);
21
22X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **ex,
23 int nid, STACK *value);
24
25int X509_ATTRIBUTE_set_object(X509_ATTRIBUTE *ex,ASN1_OBJECT *obj);
26int X509_ATTRIBUTE_add_data(X509_ATTRIBUTE *ex, int index,
27 ASN1_TYPE *value);
28
29ASN1_OBJECT * X509_ATTRIBUTE_get_object(X509_ATTRIBUTE *ex);
30int X509_ATTRIBUTE_get_num(X509_ATTRIBUTE *ne);
31ASN1_TYPE * X509_ATTRIBUTE_get_data(X509_ATTRIBUTE *ne,int index);
32
33ASN1_TYPE * X509_ATTRIBUTE_get_data_by_NID(X509_ATTRIBUTE *ne,
34 ASN1_OBJECT *obj);
35
36X509_ATTRUBUTE *PKCS7_get_s_att_by_NID(PKCS7 *p7,int nid);
37X509_ATTRUBUTE *PKCS7_get_u_att_by_NID(PKCS7 *p7,int nid);
38
diff --git a/src/lib/libcrypto/x509/by_dir.c b/src/lib/libcrypto/x509/by_dir.c
index 11725ec94c..734e39ac77 100644
--- a/src/lib/libcrypto/x509/by_dir.c
+++ b/src/lib/libcrypto/x509/by_dir.c
@@ -63,9 +63,8 @@
63#include <sys/stat.h> 63#include <sys/stat.h>
64 64
65#include "cryptlib.h" 65#include "cryptlib.h"
66#include "lhash.h" 66#include <openssl/lhash.h>
67#include "x509.h" 67#include <openssl/x509.h>
68#include "pem.h"
69 68
70typedef struct lookup_dir_st 69typedef struct lookup_dir_st
71 { 70 {
@@ -76,21 +75,13 @@ typedef struct lookup_dir_st
76 int num_dirs_alloced; 75 int num_dirs_alloced;
77 } BY_DIR; 76 } BY_DIR;
78 77
79#ifndef NOPROTO 78static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
80static int dir_ctrl(X509_LOOKUP *ctx,int cmd,char *argp,long argl,char **ret); 79 char **ret);
81static int new_dir(X509_LOOKUP *lu); 80static int new_dir(X509_LOOKUP *lu);
82static void free_dir(X509_LOOKUP *lu); 81static void free_dir(X509_LOOKUP *lu);
83static int add_cert_dir(BY_DIR *ctx,char *dir,int type); 82static int add_cert_dir(BY_DIR *ctx,const char *dir,int type);
84static int get_cert_by_subject(X509_LOOKUP *xl,int type,X509_NAME *name, 83static int get_cert_by_subject(X509_LOOKUP *xl,int type,X509_NAME *name,
85 X509_OBJECT *ret); 84 X509_OBJECT *ret);
86#else
87static int dir_ctrl();
88static int new_dir();
89static void free_dir();
90static int add_cert_dir();
91static int get_cert_by_subject();
92#endif
93
94X509_LOOKUP_METHOD x509_dir_lookup= 85X509_LOOKUP_METHOD x509_dir_lookup=
95 { 86 {
96 "Load certs from files in a directory", 87 "Load certs from files in a directory",
@@ -105,17 +96,13 @@ X509_LOOKUP_METHOD x509_dir_lookup=
105 NULL, /* get_by_alias */ 96 NULL, /* get_by_alias */
106 }; 97 };
107 98
108X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir() 99X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void)
109 { 100 {
110 return(&x509_dir_lookup); 101 return(&x509_dir_lookup);
111 } 102 }
112 103
113static int dir_ctrl(ctx,cmd,argp,argl,retp) 104static int dir_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
114X509_LOOKUP *ctx; 105 char **retp)
115int cmd;
116long argl;
117char *argp;
118char **retp;
119 { 106 {
120 int ret=0; 107 int ret=0;
121 BY_DIR *ld; 108 BY_DIR *ld;
@@ -147,8 +134,7 @@ char **retp;
147 return(ret); 134 return(ret);
148 } 135 }
149 136
150static int new_dir(lu) 137static int new_dir(X509_LOOKUP *lu)
151X509_LOOKUP *lu;
152 { 138 {
153 BY_DIR *a; 139 BY_DIR *a;
154 140
@@ -167,8 +153,7 @@ X509_LOOKUP *lu;
167 return(1); 153 return(1);
168 } 154 }
169 155
170static void free_dir(lu) 156static void free_dir(X509_LOOKUP *lu)
171X509_LOOKUP *lu;
172 { 157 {
173 BY_DIR *a; 158 BY_DIR *a;
174 int i; 159 int i;
@@ -182,17 +167,18 @@ X509_LOOKUP *lu;
182 Free(a); 167 Free(a);
183 } 168 }
184 169
185static int add_cert_dir(ctx,dir, type) 170static int add_cert_dir(BY_DIR *ctx, const char *dir, int type)
186BY_DIR *ctx;
187char *dir;
188int type;
189 { 171 {
190 int j,len; 172 int j,len;
191 int *ip; 173 int *ip;
192 char *s,*ss,*p; 174 const char *s,*ss,*p;
193 char **pp; 175 char **pp;
194 176
195 if (dir == NULL) return(0); 177 if (dir == NULL || !*dir)
178 {
179 X509err(X509_F_ADD_CERT_DIR,X509_R_INVALID_DIRECTORY);
180 return 0;
181 }
196 182
197 s=dir; 183 s=dir;
198 p=s; 184 p=s;
@@ -243,11 +229,8 @@ int type;
243 return(1); 229 return(1);
244 } 230 }
245 231
246static int get_cert_by_subject(xl,type,name,ret) 232static int get_cert_by_subject(X509_LOOKUP *xl, int type, X509_NAME *name,
247X509_LOOKUP *xl; 233 X509_OBJECT *ret)
248int type;
249X509_NAME *name;
250X509_OBJECT *ret;
251 { 234 {
252 BY_DIR *ctx; 235 BY_DIR *ctx;
253 union { 236 union {
@@ -266,7 +249,7 @@ X509_OBJECT *ret;
266 BUF_MEM *b=NULL; 249 BUF_MEM *b=NULL;
267 struct stat st; 250 struct stat st;
268 X509_OBJECT stmp,*tmp; 251 X509_OBJECT stmp,*tmp;
269 char *postfix=""; 252 const char *postfix="";
270 253
271 if (name == NULL) return(0); 254 if (name == NULL) return(0);
272 255
diff --git a/src/lib/libcrypto/x509/by_file.c b/src/lib/libcrypto/x509/by_file.c
index 09ebb9bf08..00ee5e8bbc 100644
--- a/src/lib/libcrypto/x509/by_file.c
+++ b/src/lib/libcrypto/x509/by_file.c
@@ -63,20 +63,15 @@
63#include <sys/stat.h> 63#include <sys/stat.h>
64 64
65#include "cryptlib.h" 65#include "cryptlib.h"
66#include "lhash.h" 66#include <openssl/lhash.h>
67#include "buffer.h" 67#include <openssl/buffer.h>
68#include "x509.h" 68#include <openssl/x509.h>
69#include "pem.h" 69#include <openssl/pem.h>
70 70
71#ifndef NO_STDIO 71#ifndef NO_STDIO
72 72
73#ifndef NOPROTO 73static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
74static int by_file_ctrl(X509_LOOKUP *ctx,int cmd,char *argc, 74 long argl, char **ret);
75 long argl,char **ret);
76#else
77static int by_file_ctrl();
78#endif
79
80X509_LOOKUP_METHOD x509_file_lookup= 75X509_LOOKUP_METHOD x509_file_lookup=
81 { 76 {
82 "Load file into cache", 77 "Load file into cache",
@@ -91,17 +86,13 @@ X509_LOOKUP_METHOD x509_file_lookup=
91 NULL, /* get_by_alias */ 86 NULL, /* get_by_alias */
92 }; 87 };
93 88
94X509_LOOKUP_METHOD *X509_LOOKUP_file() 89X509_LOOKUP_METHOD *X509_LOOKUP_file(void)
95 { 90 {
96 return(&x509_file_lookup); 91 return(&x509_file_lookup);
97 } 92 }
98 93
99static int by_file_ctrl(ctx,cmd,argp,argl,ret) 94static int by_file_ctrl(X509_LOOKUP *ctx, int cmd, const char *argp, long argl,
100X509_LOOKUP *ctx; 95 char **ret)
101int cmd;
102char *argp;
103long argl;
104char **ret;
105 { 96 {
106 int ok=0,ok2=0; 97 int ok=0,ok2=0;
107 char *file; 98 char *file;
@@ -138,10 +129,7 @@ char **ret;
138 return((ok && ok2)?ok:0); 129 return((ok && ok2)?ok:0);
139 } 130 }
140 131
141int X509_load_cert_file(ctx,file,type) 132int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type)
142X509_LOOKUP *ctx;
143char *file;
144int type;
145 { 133 {
146 int ret=0; 134 int ret=0;
147 BIO *in=NULL; 135 BIO *in=NULL;
@@ -161,7 +149,7 @@ int type;
161 { 149 {
162 for (;;) 150 for (;;)
163 { 151 {
164 x=PEM_read_bio_X509(in,NULL,NULL); 152 x=PEM_read_bio_X509(in,NULL,NULL,NULL);
165 if (x == NULL) 153 if (x == NULL)
166 { 154 {
167 if ((ERR_GET_REASON(ERR_peek_error()) == 155 if ((ERR_GET_REASON(ERR_peek_error()) ==
@@ -208,10 +196,7 @@ err:
208 return(ret); 196 return(ret);
209 } 197 }
210 198
211int X509_load_crl_file(ctx,file,type) 199int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type)
212X509_LOOKUP *ctx;
213char *file;
214int type;
215 { 200 {
216 int ret=0; 201 int ret=0;
217 BIO *in=NULL; 202 BIO *in=NULL;
@@ -231,7 +216,7 @@ int type;
231 { 216 {
232 for (;;) 217 for (;;)
233 { 218 {
234 x=PEM_read_bio_X509_CRL(in,NULL,NULL); 219 x=PEM_read_bio_X509_CRL(in,NULL,NULL,NULL);
235 if (x == NULL) 220 if (x == NULL)
236 { 221 {
237 if ((ERR_GET_REASON(ERR_peek_error()) == 222 if ((ERR_GET_REASON(ERR_peek_error()) ==
diff --git a/src/lib/libcrypto/x509/v3_net.c b/src/lib/libcrypto/x509/v3_net.c
deleted file mode 100644
index 0c2d276d13..0000000000
--- a/src/lib/libcrypto/x509/v3_net.c
+++ /dev/null
@@ -1,87 +0,0 @@
1/* crypto/x509/v3_net.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "stack.h"
61#include "cryptlib.h"
62#include "asn1.h"
63#include "objects.h"
64#include "x509.h"
65
66#define NETSCAPE_X509_EXT_NUM 8
67
68static X509_EXTENSION_METHOD netscape_x509_ext[NETSCAPE_X509_EXT_NUM]={
69{NID_netscape_ca_policy_url, V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
70{NID_netscape_ssl_server_name, V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
71{NID_netscape_revocation_url, V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
72{NID_netscape_base_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
73{NID_netscape_cert_type,V_ASN1_BIT_STRING,X509_EXT_PACK_STRING},
74{NID_netscape_ca_revocation_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
75{NID_netscape_renewal_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
76{NID_netscape_comment,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
77 };
78
79int X509v3_add_netscape_extensions()
80 {
81 int i;
82
83 for (i=0; i<NETSCAPE_X509_EXT_NUM; i++)
84 if (!X509v3_add_extension(&(netscape_x509_ext[i])))
85 return(0);
86 return(1);
87 }
diff --git a/src/lib/libcrypto/x509/v3_x509.c b/src/lib/libcrypto/x509/v3_x509.c
deleted file mode 100644
index f685aa4c71..0000000000
--- a/src/lib/libcrypto/x509/v3_x509.c
+++ /dev/null
@@ -1,253 +0,0 @@
1/* crypto/x509/v3_x509.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include <ctype.h>
61#include "stack.h"
62#include "cryptlib.h"
63#include "bio.h"
64#include "asn1.h"
65#include "objects.h"
66#include "x509.h"
67
68#if 0
69static int i2a_key_usage(BIO *bp, X509 *x);
70static int a2i_key_usage(X509 *x, char *str, int len);
71#endif
72
73int X509v3_get_key_usage(X509 *x);
74int X509v3_set_key_usage(X509 *x,unsigned int use);
75int i2a_X509v3_key_usage(BIO *bp, unsigned int use);
76unsigned int a2i_X509v3_key_usage(char *p);
77
78#define STD_X509_EXT_NUM 9
79
80#if 0
81static X509_OBJECTS std_x509_ext[STD_X509_EXT_NUM]={
82{NID_subject_key_identifier, NULL,NULL},
83{NID_key_usage, a2i_key_usage,i2a_key_usage}, /**/
84{NID_private_key_usage_period, NULL,NULL},
85{NID_subject_alt_name, NULL,NULL},
86{NID_issuer_alt_name, NULL,NULL},
87{NID_basic_constraints, NULL,NULL},
88{NID_crl_number, NULL,NULL},
89{NID_certificate_policies, NULL,NULL},
90{NID_authority_key_identifier, NULL,NULL},
91 };
92#endif
93
94int X509v3_add_standard_extensions()
95 {
96
97#if 0
98 for (i=0; i<STD_X509_EXT_NUM; i++)
99 if (!X509v3_add_extension(&(std_x509_ext[i])))
100 return(0);
101#endif
102 return(1);
103 }
104
105int X509v3_get_key_usage(x)
106X509 *x;
107 {
108 X509_EXTENSION *ext;
109 ASN1_STRING *st;
110 char *p;
111 int i;
112
113 i=X509_get_ext_by_NID(x,NID_key_usage,-1);
114 if (i < 0) return(X509v3_KU_UNDEF);
115 ext=X509_get_ext(x,i);
116 st=X509v3_unpack_string(NULL,V_ASN1_BIT_STRING,
117 X509_EXTENSION_get_data(X509_get_ext(x,i)));
118
119 p=(char *)ASN1_STRING_data(st);
120 if (ASN1_STRING_length(st) == 1)
121 i=p[0];
122 else if (ASN1_STRING_length(st) == 2)
123 i=p[0]|(p[1]<<8);
124 else
125 i=0;
126 return(i);
127 }
128
129static struct
130 {
131 char *name;
132 unsigned int value;
133 } key_usage_data[] ={
134 {"digitalSignature", X509v3_KU_DIGITAL_SIGNATURE},
135 {"nonRepudiation", X509v3_KU_NON_REPUDIATION},
136 {"keyEncipherment", X509v3_KU_KEY_ENCIPHERMENT},
137 {"dataEncipherment", X509v3_KU_DATA_ENCIPHERMENT},
138 {"keyAgreement", X509v3_KU_KEY_AGREEMENT},
139 {"keyCertSign", X509v3_KU_KEY_CERT_SIGN},
140 {"cRLSign", X509v3_KU_CRL_SIGN},
141 {"encipherOnly", X509v3_KU_ENCIPHER_ONLY},
142 {"decipherOnly", X509v3_KU_DECIPHER_ONLY},
143 {NULL,0},
144 };
145
146#if 0
147static int a2i_key_usage(x,str,len)
148X509 *x;
149char *str;
150int len;
151 {
152 return(X509v3_set_key_usage(x,a2i_X509v3_key_usage(str)));
153 }
154
155static int i2a_key_usage(bp,x)
156BIO *bp;
157X509 *x;
158 {
159 return(i2a_X509v3_key_usage(bp,X509v3_get_key_usage(x)));
160 }
161#endif
162
163int i2a_X509v3_key_usage(bp,use)
164BIO *bp;
165unsigned int use;
166 {
167 int i=0,first=1;
168
169 for (;;)
170 {
171 if (use | key_usage_data[i].value)
172 {
173 BIO_printf(bp,"%s%s",((first)?"":" "),
174 key_usage_data[i].name);
175 first=0;
176 }
177 }
178 return(1);
179 }
180
181unsigned int a2i_X509v3_key_usage(p)
182char *p;
183 {
184 unsigned int ret=0;
185 char *q,*s;
186 int i,n;
187
188 q=p;
189 for (;;)
190 {
191 while ((*q != '\0') && isalnum(*q))
192 q++;
193 if (*q == '\0') break;
194 s=q++;
195 while (isalnum(*q))
196 q++;
197 n=q-s;
198 i=0;
199 for (;;)
200 {
201 if (strncmp(key_usage_data[i].name,s,n) == 0)
202 {
203 ret|=key_usage_data[i].value;
204 break;
205 }
206 i++;
207 if (key_usage_data[i].name == NULL)
208 return(X509v3_KU_UNDEF);
209 }
210 }
211 return(ret);
212 }
213
214int X509v3_set_key_usage(x,use)
215X509 *x;
216unsigned int use;
217 {
218 ASN1_OCTET_STRING *os;
219 X509_EXTENSION *ext;
220 int i;
221 unsigned char data[4];
222
223 i=X509_get_ext_by_NID(x,NID_key_usage,-1);
224 if (i < 0)
225 {
226 i=X509_get_ext_count(x)+1;
227 if ((ext=X509_EXTENSION_new()) == NULL) return(0);
228 if (!X509_add_ext(x,ext,i))
229 {
230 X509_EXTENSION_free(ext);
231 return(0);
232 }
233 }
234 else
235 ext=X509_get_ext(x,i);
236
237 /* fill in 'ext' */
238 os=X509_EXTENSION_get_data(ext);
239
240 i=0;
241 if (use > 0)
242 {
243 i=1;
244 data[0]=use&0xff;
245 }
246 if (use > 0xff)
247 {
248 i=2;
249 data[1]=(use>>8)&0xff;
250 }
251 return((X509v3_pack_string(&os,V_ASN1_BIT_STRING,data,i) == NULL)?0:1);
252 }
253
diff --git a/src/lib/libcrypto/x509/x509.doc b/src/lib/libcrypto/x509/x509.doc
deleted file mode 100644
index 73cfc9f034..0000000000
--- a/src/lib/libcrypto/x509/x509.doc
+++ /dev/null
@@ -1,27 +0,0 @@
1X509_verify()
2X509_sign()
3
4X509_get_version()
5X509_get_serialNumber()
6X509_get_issuer()
7X509_get_subject()
8X509_get_notBefore()
9X509_get_notAfter()
10X509_get_pubkey()
11
12X509_set_version()
13X509_set_serialNumber()
14X509_set_issuer()
15X509_set_subject()
16X509_set_notBefore()
17X509_set_notAfter()
18X509_set_pubkey()
19
20X509_get_extensions()
21X509_set_extensions()
22
23X509_EXTENSIONS_clear()
24X509_EXTENSIONS_retrieve()
25X509_EXTENSIONS_add()
26X509_EXTENSIONS_delete()
27
diff --git a/src/lib/libcrypto/x509/x509.err b/src/lib/libcrypto/x509/x509.err
deleted file mode 100644
index 8d0862d7d1..0000000000
--- a/src/lib/libcrypto/x509/x509.err
+++ /dev/null
@@ -1,46 +0,0 @@
1/* Error codes for the X509 functions. */
2
3/* Function codes. */
4#define X509_F_ADD_CERT_DIR 100
5#define X509_F_BY_FILE_CTRL 101
6#define X509_F_DIR_CTRL 102
7#define X509_F_GET_CERT_BY_SUBJECT 103
8#define X509_F_X509V3_ADD_EXT 104
9#define X509_F_X509V3_ADD_EXTENSION 105
10#define X509_F_X509V3_PACK_STRING 106
11#define X509_F_X509V3_UNPACK_STRING 107
12#define X509_F_X509_EXTENSION_CREATE_BY_NID 108
13#define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109
14#define X509_F_X509_GET_PUBKEY_PARAMETERS 110
15#define X509_F_X509_LOAD_CERT_FILE 111
16#define X509_F_X509_LOAD_CRL_FILE 112
17#define X509_F_X509_NAME_ADD_ENTRY 113
18#define X509_F_X509_NAME_ENTRY_CREATE_BY_NID 114
19#define X509_F_X509_NAME_ENTRY_SET_OBJECT 115
20#define X509_F_X509_NAME_ONELINE 116
21#define X509_F_X509_NAME_PRINT 117
22#define X509_F_X509_PRINT_FP 118
23#define X509_F_X509_PUBKEY_GET 119
24#define X509_F_X509_PUBKEY_SET 120
25#define X509_F_X509_REQ_PRINT 121
26#define X509_F_X509_REQ_PRINT_FP 122
27#define X509_F_X509_REQ_TO_X509 123
28#define X509_F_X509_STORE_ADD_CERT 124
29#define X509_F_X509_STORE_ADD_CRL 125
30#define X509_F_X509_TO_X509_REQ 126
31#define X509_F_X509_VERIFY_CERT 127
32
33/* Reason codes. */
34#define X509_R_BAD_X509_FILETYPE 100
35#define X509_R_CERT_ALREADY_IN_HASH_TABLE 101
36#define X509_R_ERR_ASN1_LIB 102
37#define X509_R_LOADING_CERT_DIR 103
38#define X509_R_LOADING_DEFAULTS 104
39#define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105
40#define X509_R_SHOULD_RETRY 106
41#define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107
42#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108
43#define X509_R_UNKNOWN_NID 109
44#define X509_R_UNKNOWN_STRING_TYPE 110
45#define X509_R_UNSUPPORTED_ALGORITHM 111
46#define X509_R_WRONG_LOOKUP_TYPE 112
diff --git a/src/lib/libcrypto/x509/x509.h b/src/lib/libcrypto/x509/x509.h
index 95114f7c43..35f9484f8b 100644
--- a/src/lib/libcrypto/x509/x509.h
+++ b/src/lib/libcrypto/x509/x509.h
@@ -63,28 +63,34 @@
63extern "C" { 63extern "C" {
64#endif 64#endif
65 65
66#include "stack.h" 66#ifdef VMS
67#include "asn1.h" 67#undef X509_REVOKED_get_ext_by_critical
68#define X509_REVOKED_get_ext_by_critical X509_REVOKED_get_ext_by_critic
69#endif
70
71#include <openssl/stack.h>
72#include <openssl/asn1.h>
73#include <openssl/safestack.h>
68 74
69#ifndef NO_RSA 75#ifndef NO_RSA
70#include "rsa.h" 76#include <openssl/rsa.h>
71#else
72#define RSA long
73#endif 77#endif
74 78
75#ifndef NO_DSA 79#ifndef NO_DSA
76#include "dsa.h" 80#include <openssl/dsa.h>
77#else
78#define DSA long
79#endif 81#endif
80 82
81#ifndef NO_DH 83#ifndef NO_DH
82#include "dh.h" 84#include <openssl/dh.h>
83#else
84#define DH long
85#endif 85#endif
86 86
87#include "evp.h" 87#include <openssl/evp.h>
88
89
90#ifdef WIN32
91/* Under Win32 this is defined in wincrypt.h */
92#undef X509_NAME
93#endif
88 94
89#define X509_FILETYPE_PEM 1 95#define X509_FILETYPE_PEM 1
90#define X509_FILETYPE_ASN1 2 96#define X509_FILETYPE_ASN1 2
@@ -114,6 +120,9 @@ typedef struct X509_algor_st
114 ASN1_TYPE *parameter; 120 ASN1_TYPE *parameter;
115 } X509_ALGOR; 121 } X509_ALGOR;
116 122
123DECLARE_STACK_OF(X509_ALGOR)
124DECLARE_ASN1_SET_OF(X509_ALGOR)
125
117typedef struct X509_val_st 126typedef struct X509_val_st
118 { 127 {
119 ASN1_UTCTIME *notBefore; 128 ASN1_UTCTIME *notBefore;
@@ -124,7 +133,7 @@ typedef struct X509_pubkey_st
124 { 133 {
125 X509_ALGOR *algor; 134 X509_ALGOR *algor;
126 ASN1_BIT_STRING *public_key; 135 ASN1_BIT_STRING *public_key;
127 struct evp_pkey_st /* EVP_PKEY*/ *pkey; 136 EVP_PKEY *pkey;
128 } X509_PUBKEY; 137 } X509_PUBKEY;
129 138
130typedef struct X509_sig_st 139typedef struct X509_sig_st
@@ -141,10 +150,13 @@ typedef struct X509_name_entry_st
141 int size; /* temp variable */ 150 int size; /* temp variable */
142 } X509_NAME_ENTRY; 151 } X509_NAME_ENTRY;
143 152
153DECLARE_STACK_OF(X509_NAME_ENTRY)
154DECLARE_ASN1_SET_OF(X509_NAME_ENTRY)
155
144/* we always keep X509_NAMEs in 2 forms. */ 156/* we always keep X509_NAMEs in 2 forms. */
145typedef struct X509_name_st 157typedef struct X509_name_st
146 { 158 {
147 STACK *entries; /* of X509_NAME_ENTRY */ 159 STACK_OF(X509_NAME_ENTRY) *entries;
148 int modified; /* true if 'bytes' needs to be built */ 160 int modified; /* true if 'bytes' needs to be built */
149#ifdef HEADER_BUFFER_H 161#ifdef HEADER_BUFFER_H
150 BUF_MEM *bytes; 162 BUF_MEM *bytes;
@@ -154,6 +166,8 @@ typedef struct X509_name_st
154 unsigned long hash; /* Keep the hash around for lookups */ 166 unsigned long hash; /* Keep the hash around for lookups */
155 } X509_NAME; 167 } X509_NAME;
156 168
169DECLARE_STACK_OF(X509_NAME)
170
157#define X509_EX_V_NETSCAPE_HACK 0x8000 171#define X509_EX_V_NETSCAPE_HACK 0x8000
158#define X509_EX_V_INIT 0x0001 172#define X509_EX_V_INIT 0x0001
159typedef struct X509_extension_st 173typedef struct X509_extension_st
@@ -167,23 +181,23 @@ typedef struct X509_extension_st
167 void (*ex_free)(); /* clear argp stuff */ 181 void (*ex_free)(); /* clear argp stuff */
168 } X509_EXTENSION; 182 } X509_EXTENSION;
169 183
170/* #if 1 */ 184DECLARE_STACK_OF(X509_EXTENSION)
171typedef struct x509_extension_method_st 185DECLARE_ASN1_SET_OF(X509_EXTENSION)
186
187/* a sequence of these are used */
188typedef struct x509_attributes_st
172 { 189 {
173 int nid; 190 ASN1_OBJECT *object;
174 int data_type; 191 int set; /* 1 for a set, 0 for a single item (which is wrong) */
175 int pack_type; 192 union {
176 void (*ex_clear)(); 193 char *ptr;
177 int (*ex_get_bool)(); 194/* 1 */ STACK_OF(ASN1_TYPE) *set;
178 int (*ex_set_bool)(); 195/* 0 */ ASN1_TYPE *single;
179 int (*ex_get_str)(); 196 } value;
180 int (*ex_set_str)(); 197 } X509_ATTRIBUTE;
181 char *(*ex_get_struct)(); 198
182 int (*ex_set_struct)(); 199DECLARE_STACK_OF(X509_ATTRIBUTE)
183 int (*a2i)(); 200DECLARE_ASN1_SET_OF(X509_ATTRIBUTE)
184 int (*i2a)();
185 } X509_EXTENSION_METHOD;
186/* #endif */
187 201
188typedef struct X509_req_info_st 202typedef struct X509_req_info_st
189 { 203 {
@@ -191,7 +205,7 @@ typedef struct X509_req_info_st
191 X509_NAME *subject; 205 X509_NAME *subject;
192 X509_PUBKEY *pubkey; 206 X509_PUBKEY *pubkey;
193 /* d=2 hl=2 l= 0 cons: cont: 00 */ 207 /* d=2 hl=2 l= 0 cons: cont: 00 */
194 STACK /* X509_ATTRIBUTE */ *attributes; /* [ 0 ] */ 208 STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
195 int req_kludge; 209 int req_kludge;
196 } X509_REQ_INFO; 210 } X509_REQ_INFO;
197 211
@@ -214,7 +228,7 @@ typedef struct x509_cinf_st
214 X509_PUBKEY *key; 228 X509_PUBKEY *key;
215 ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */ 229 ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */
216 ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */ 230 ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */
217 STACK /* X509_EXTENSION */ *extensions; /* [ 3 ] optional in v3 */ 231 STACK_OF(X509_EXTENSION) *extensions; /* [ 3 ] optional in v3 */
218 } X509_CINF; 232 } X509_CINF;
219 233
220typedef struct x509_st 234typedef struct x509_st
@@ -227,14 +241,20 @@ typedef struct x509_st
227 char *name; 241 char *name;
228 } X509; 242 } X509;
229 243
244DECLARE_STACK_OF(X509)
245DECLARE_ASN1_SET_OF(X509)
246
230typedef struct X509_revoked_st 247typedef struct X509_revoked_st
231 { 248 {
232 ASN1_INTEGER *serialNumber; 249 ASN1_INTEGER *serialNumber;
233 ASN1_UTCTIME *revocationDate; 250 ASN1_UTCTIME *revocationDate;
234 STACK /* optional X509_EXTENSION */ *extensions; 251 STACK_OF(X509_EXTENSION) /* optional */ *extensions;
235 int sequence; /* load sequence */ 252 int sequence; /* load sequence */
236 } X509_REVOKED; 253 } X509_REVOKED;
237 254
255DECLARE_STACK_OF(X509_REVOKED)
256DECLARE_ASN1_SET_OF(X509_REVOKED)
257
238typedef struct X509_crl_info_st 258typedef struct X509_crl_info_st
239 { 259 {
240 ASN1_INTEGER *version; 260 ASN1_INTEGER *version;
@@ -242,8 +262,8 @@ typedef struct X509_crl_info_st
242 X509_NAME *issuer; 262 X509_NAME *issuer;
243 ASN1_UTCTIME *lastUpdate; 263 ASN1_UTCTIME *lastUpdate;
244 ASN1_UTCTIME *nextUpdate; 264 ASN1_UTCTIME *nextUpdate;
245 STACK /* X509_REVOKED */ *revoked; 265 STACK_OF(X509_REVOKED) *revoked;
246 STACK /* [0] X509_EXTENSION */ *extensions; 266 STACK_OF(X509_EXTENSION) /* [0] */ *extensions;
247 } X509_CRL_INFO; 267 } X509_CRL_INFO;
248 268
249typedef struct X509_crl_st 269typedef struct X509_crl_st
@@ -255,17 +275,8 @@ typedef struct X509_crl_st
255 int references; 275 int references;
256 } X509_CRL; 276 } X509_CRL;
257 277
258/* a sequence of these are used */ 278DECLARE_STACK_OF(X509_CRL)
259typedef struct x509_attributes_st 279DECLARE_ASN1_SET_OF(X509_CRL)
260 {
261 ASN1_OBJECT *object;
262 int set; /* 1 for a set, 0 for a single item (which is wrong) */
263 union {
264 char *ptr;
265/* 1 */ STACK /* ASN1_TYPE */ *set;
266/* 0 */ ASN1_TYPE *single;
267 } value;
268 } X509_ATTRIBUTE;
269 280
270typedef struct private_key_st 281typedef struct private_key_st
271 { 282 {
@@ -301,6 +312,8 @@ typedef struct X509_info_st
301 312
302 int references; 313 int references;
303 } X509_INFO; 314 } X509_INFO;
315
316DECLARE_STACK_OF(X509_INFO)
304#endif 317#endif
305 318
306/* The next 2 structures and their 8 routines were sent to me by 319/* The next 2 structures and their 8 routines were sent to me by
@@ -320,17 +333,55 @@ typedef struct Netscape_spki_st
320 ASN1_BIT_STRING *signature; 333 ASN1_BIT_STRING *signature;
321 } NETSCAPE_SPKI; 334 } NETSCAPE_SPKI;
322 335
323#ifndef HEADER_BN_H 336/* Netscape certificate sequence structure */
324#define BIGNUM char 337typedef struct Netscape_certificate_sequence
325#endif 338 {
339 ASN1_OBJECT *type;
340 STACK_OF(X509) *certs;
341 } NETSCAPE_CERT_SEQUENCE;
326 342
327typedef struct CBCParameter_st 343typedef struct CBCParameter_st
328 { 344 {
329 unsigned char iv[8]; 345 unsigned char iv[8];
330 } CBC_PARAM; 346 } CBC_PARAM;
331 347
332#include "x509_vfy.h" 348/* Password based encryption structure */
333#include "pkcs7.h" 349
350typedef struct PBEPARAM_st {
351ASN1_OCTET_STRING *salt;
352ASN1_INTEGER *iter;
353} PBEPARAM;
354
355/* Password based encryption V2 structures */
356
357typedef struct PBE2PARAM_st {
358X509_ALGOR *keyfunc;
359X509_ALGOR *encryption;
360} PBE2PARAM;
361
362typedef struct PBKDF2PARAM_st {
363ASN1_TYPE *salt; /* Usually OCTET STRING but could be anything */
364ASN1_INTEGER *iter;
365ASN1_INTEGER *keylength;
366X509_ALGOR *prf;
367} PBKDF2PARAM;
368
369
370/* PKCS#8 private key info structure */
371
372typedef struct pkcs8_priv_key_info_st
373 {
374 int broken; /* Flag for various broken formats */
375#define PKCS8_OK 0
376#define PKCS8_NO_OCTET 1
377 ASN1_INTEGER *version;
378 X509_ALGOR *pkeyalg;
379 ASN1_TYPE *pkey; /* Should be OCTET STRING but some are broken */
380 STACK_OF(X509_ATTRIBUTE) *attributes;
381 } PKCS8_PRIV_KEY_INFO;
382
383#include <openssl/x509_vfy.h>
384#include <openssl/pkcs7.h>
334 385
335#ifdef SSLEAY_MACROS 386#ifdef SSLEAY_MACROS
336#define X509_verify(a,r) ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,\ 387#define X509_verify(a,r) ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,\
@@ -355,6 +406,9 @@ typedef struct CBCParameter_st
355 406
356#define X509_dup(x509) (X509 *)ASN1_dup((int (*)())i2d_X509, \ 407#define X509_dup(x509) (X509 *)ASN1_dup((int (*)())i2d_X509, \
357 (char *(*)())d2i_X509,(char *)x509) 408 (char *(*)())d2i_X509,(char *)x509)
409#define X509_ATTRIBUTE_dup(xa) (X509_ATTRIBUTE *)ASN1_dup(\
410 (int (*)())i2d_X509_ATTRIBUTE, \
411 (char *(*)())d2i_X509_ATTRIBUTE,(char *)xa)
358#define X509_EXTENSION_dup(ex) (X509_EXTENSION *)ASN1_dup( \ 412#define X509_EXTENSION_dup(ex) (X509_EXTENSION *)ASN1_dup( \
359 (int (*)())i2d_X509_EXTENSION, \ 413 (int (*)())i2d_X509_EXTENSION, \
360 (char *(*)())d2i_X509_EXTENSION,(char *)ex) 414 (char *(*)())d2i_X509_EXTENSION,(char *)ex)
@@ -442,6 +496,9 @@ typedef struct CBCParameter_st
442#define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \ 496#define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \
443 (unsigned char *)dsa) 497 (unsigned char *)dsa)
444 498
499#define X509_ALGOR_dup(xn) (X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,\
500 (char *(*)())d2i_X509_ALGOR,(char *)xn)
501
445#define X509_NAME_dup(xn) (X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, \ 502#define X509_NAME_dup(xn) (X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, \
446 (char *(*)())d2i_X509_NAME,(char *)xn) 503 (char *(*)())d2i_X509_NAME,(char *)xn)
447#define X509_NAME_ENTRY_dup(ne) (X509_NAME_ENTRY *)ASN1_dup( \ 504#define X509_NAME_ENTRY_dup(ne) (X509_NAME_ENTRY *)ASN1_dup( \
@@ -453,10 +510,12 @@ typedef struct CBCParameter_st
453 ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len) 510 ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len)
454#define X509_NAME_digest(data,type,md,len) \ 511#define X509_NAME_digest(data,type,md,len) \
455 ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len) 512 ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len)
513#ifndef PKCS7_ISSUER_AND_SERIAL_digest
456#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \ 514#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
457 ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\ 515 ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\
458 (char *)data,md,len) 516 (char *)data,md,len)
459#endif 517#endif
518#endif
460 519
461#define X509_EXT_PACK_UNKNOWN 1 520#define X509_EXT_PACK_UNKNOWN 1
462#define X509_EXT_PACK_STRING 2 521#define X509_EXT_PACK_STRING 2
@@ -472,25 +531,31 @@ typedef struct CBCParameter_st
472#define X509_name_cmp(a,b) X509_NAME_cmp((a),(b)) 531#define X509_name_cmp(a,b) X509_NAME_cmp((a),(b))
473#define X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm)) 532#define X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm))
474 533
534#define X509_CRL_get_version(x) ASN1_INTEGER_get((x)->crl->version)
535#define X509_CRL_get_lastUpdate(x) ((x)->crl->lastUpdate)
536#define X509_CRL_get_nextUpdate(x) ((x)->crl->nextUpdate)
537#define X509_CRL_get_issuer(x) ((x)->crl->issuer)
538#define X509_CRL_get_REVOKED(x) ((x)->crl->revoked)
539
475/* This one is only used so that a binary form can output, as in 540/* This one is only used so that a binary form can output, as in
476 * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */ 541 * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */
477#define X509_get_X509_PUBKEY(x) ((x)->cert_info->key) 542#define X509_get_X509_PUBKEY(x) ((x)->cert_info->key)
478 543
479#ifndef NOPROTO 544
545const char *X509_verify_cert_error_string(long n);
480 546
481#ifndef SSLEAY_MACROS 547#ifndef SSLEAY_MACROS
482#ifdef HEADER_ENVELOPE_H 548#ifdef HEADER_ENVELOPE_H
483int X509_verify(X509 *a, EVP_PKEY *r); 549int X509_verify(X509 *a, EVP_PKEY *r);
484char *X509_verify_cert_error_string(long n);
485 550
486int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r); 551int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
487int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r); 552int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);
488int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r); 553int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r);
489 554
490int X509_sign(X509 *x, EVP_PKEY *pkey, EVP_MD *md); 555int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md);
491int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, EVP_MD *md); 556int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md);
492int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, EVP_MD *md); 557int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md);
493int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, EVP_MD *md); 558int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md);
494 559
495int X509_digest(X509 *data,EVP_MD *type,unsigned char *md,unsigned int *len); 560int X509_digest(X509 *data,EVP_MD *type,unsigned char *md,unsigned int *len);
496int X509_NAME_digest(X509_NAME *data,EVP_MD *type, 561int X509_NAME_digest(X509_NAME *data,EVP_MD *type,
@@ -498,55 +563,77 @@ int X509_NAME_digest(X509_NAME *data,EVP_MD *type,
498#endif 563#endif
499 564
500#ifndef NO_FP_API 565#ifndef NO_FP_API
501X509 *d2i_X509_fp(FILE *fp, X509 *x509); 566X509 *d2i_X509_fp(FILE *fp, X509 **x509);
502int i2d_X509_fp(FILE *fp,X509 *x509); 567int i2d_X509_fp(FILE *fp,X509 *x509);
503X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL *crl); 568X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL **crl);
504int i2d_X509_CRL_fp(FILE *fp,X509_CRL *crl); 569int i2d_X509_CRL_fp(FILE *fp,X509_CRL *crl);
505X509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ *req); 570X509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ **req);
506int i2d_X509_REQ_fp(FILE *fp,X509_REQ *req); 571int i2d_X509_REQ_fp(FILE *fp,X509_REQ *req);
507RSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA *rsa); 572#ifndef NO_RSA
573RSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA **rsa);
508int i2d_RSAPrivateKey_fp(FILE *fp,RSA *rsa); 574int i2d_RSAPrivateKey_fp(FILE *fp,RSA *rsa);
509DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA *dsa); 575RSA *d2i_RSAPublicKey_fp(FILE *fp,RSA **rsa);
510int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
511RSA *d2i_RSAPublicKey_fp(FILE *fp,RSA *rsa);
512int i2d_RSAPublicKey_fp(FILE *fp,RSA *rsa); 576int i2d_RSAPublicKey_fp(FILE *fp,RSA *rsa);
513#endif 577#endif
578#ifndef NO_DSA
579DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa);
580int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
581X509_SIG *d2i_PKCS8_fp(FILE *fp,X509_SIG **p8);
582int i2d_PKCS8_fp(FILE *fp,X509_SIG *p8);
583PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
584 PKCS8_PRIV_KEY_INFO **p8inf);
585int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,PKCS8_PRIV_KEY_INFO *p8inf);
586#endif
587#endif
514 588
515#ifdef HEADER_BIO_H 589#ifdef HEADER_BIO_H
516X509 *d2i_X509_bio(BIO *bp,X509 *x509); 590X509 *d2i_X509_bio(BIO *bp,X509 **x509);
517int i2d_X509_bio(BIO *bp,X509 *x509); 591int i2d_X509_bio(BIO *bp,X509 *x509);
518X509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL *crl); 592X509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL **crl);
519int i2d_X509_CRL_bio(BIO *bp,X509_CRL *crl); 593int i2d_X509_CRL_bio(BIO *bp,X509_CRL *crl);
520X509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ *req); 594X509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ **req);
521int i2d_X509_REQ_bio(BIO *bp,X509_REQ *req); 595int i2d_X509_REQ_bio(BIO *bp,X509_REQ *req);
522RSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA *rsa); 596#ifndef NO_RSA
597RSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA **rsa);
523int i2d_RSAPrivateKey_bio(BIO *bp,RSA *rsa); 598int i2d_RSAPrivateKey_bio(BIO *bp,RSA *rsa);
524DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA *dsa); 599RSA *d2i_RSAPublicKey_bio(BIO *bp,RSA **rsa);
525int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
526RSA *d2i_RSAPublicKey_bio(BIO *bp,RSA *rsa);
527int i2d_RSAPublicKey_bio(BIO *bp,RSA *rsa); 600int i2d_RSAPublicKey_bio(BIO *bp,RSA *rsa);
528#endif 601#endif
602#ifndef NO_DSA
603DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa);
604int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
605#endif
606X509_SIG *d2i_PKCS8_bio(BIO *bp,X509_SIG **p8);
607int i2d_PKCS8_bio(BIO *bp,X509_SIG *p8);
608PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
609 PKCS8_PRIV_KEY_INFO **p8inf);
610int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,PKCS8_PRIV_KEY_INFO *p8inf);
611#endif
529 612
530X509 *X509_dup(X509 *x509); 613X509 *X509_dup(X509 *x509);
614X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa);
531X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex); 615X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex);
532X509_CRL *X509_CRL_dup(X509_CRL *crl); 616X509_CRL *X509_CRL_dup(X509_CRL *crl);
533X509_REQ *X509_REQ_dup(X509_REQ *req); 617X509_REQ *X509_REQ_dup(X509_REQ *req);
618X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn);
534X509_NAME *X509_NAME_dup(X509_NAME *xn); 619X509_NAME *X509_NAME_dup(X509_NAME *xn);
535X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne); 620X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
621#ifndef NO_RSA
536RSA *RSAPublicKey_dup(RSA *rsa); 622RSA *RSAPublicKey_dup(RSA *rsa);
537RSA *RSAPrivateKey_dup(RSA *rsa); 623RSA *RSAPrivateKey_dup(RSA *rsa);
624#endif
538 625
539#endif /* !SSLEAY_MACROS */ 626#endif /* !SSLEAY_MACROS */
540 627
541int X509_cmp_current_time(ASN1_UTCTIME *s); 628int X509_cmp_current_time(ASN1_UTCTIME *s);
542ASN1_UTCTIME * X509_gmtime_adj(ASN1_UTCTIME *s, long adj); 629ASN1_UTCTIME * X509_gmtime_adj(ASN1_UTCTIME *s, long adj);
543 630
544char * X509_get_default_cert_area(void ); 631const char * X509_get_default_cert_area(void );
545char * X509_get_default_cert_dir(void ); 632const char * X509_get_default_cert_dir(void );
546char * X509_get_default_cert_file(void ); 633const char * X509_get_default_cert_file(void );
547char * X509_get_default_cert_dir_env(void ); 634const char * X509_get_default_cert_dir_env(void );
548char * X509_get_default_cert_file_env(void ); 635const char * X509_get_default_cert_file_env(void );
549char * X509_get_default_private_dir(void ); 636const char * X509_get_default_private_dir(void );
550 637
551X509_REQ * X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, EVP_MD *md); 638X509_REQ * X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, EVP_MD *md);
552X509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey); 639X509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey);
@@ -571,7 +658,8 @@ X509_PUBKEY * d2i_X509_PUBKEY(X509_PUBKEY **a,unsigned char **pp,
571 long length); 658 long length);
572int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey); 659int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
573EVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key); 660EVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key);
574int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK *chain); 661int X509_get_pubkey_parameters(EVP_PKEY *pkey,
662 STACK_OF(X509) *chain);
575 663
576 664
577X509_SIG * X509_SIG_new(void ); 665X509_SIG * X509_SIG_new(void );
@@ -595,6 +683,8 @@ void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a);
595int i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a,unsigned char **pp); 683int i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a,unsigned char **pp);
596X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a,unsigned char **pp, 684X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a,unsigned char **pp,
597 long length); 685 long length);
686X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value);
687
598 688
599X509_EXTENSION *X509_EXTENSION_new(void ); 689X509_EXTENSION *X509_EXTENSION_new(void );
600void X509_EXTENSION_free(X509_EXTENSION *a); 690void X509_EXTENSION_free(X509_EXTENSION *a);
@@ -658,6 +748,12 @@ int i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a,unsigned char **pp);
658NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a,unsigned char **pp, 748NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a,unsigned char **pp,
659 long length); 749 long length);
660 750
751
752int i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **pp);
753NETSCAPE_CERT_SEQUENCE *NETSCAPE_CERT_SEQUENCE_new(void);
754NETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a, unsigned char **pp, long length);
755void NETSCAPE_CERT_SEQUENCE_free(NETSCAPE_CERT_SEQUENCE *a);
756
661#ifdef HEADER_ENVELOPE_H 757#ifdef HEADER_ENVELOPE_H
662X509_INFO * X509_INFO_new(void); 758X509_INFO * X509_INFO_new(void);
663void X509_INFO_free(X509_INFO *a); 759void X509_INFO_free(X509_INFO *a);
@@ -671,7 +767,7 @@ int ASN1_digest(int (*i2d)(),EVP_MD *type,char *data,
671 767
672int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2, 768int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
673 ASN1_BIT_STRING *signature, 769 ASN1_BIT_STRING *signature,
674 char *data,EVP_PKEY *pkey, EVP_MD *type); 770 char *data,EVP_PKEY *pkey, const EVP_MD *type);
675#endif 771#endif
676 772
677int X509_set_version(X509 *x,long version); 773int X509_set_version(X509 *x,long version);
@@ -709,12 +805,14 @@ unsigned long X509_NAME_hash(X509_NAME *x);
709int X509_CRL_cmp(X509_CRL *a,X509_CRL *b); 805int X509_CRL_cmp(X509_CRL *a,X509_CRL *b);
710#ifndef NO_FP_API 806#ifndef NO_FP_API
711int X509_print_fp(FILE *bp,X509 *x); 807int X509_print_fp(FILE *bp,X509 *x);
808int X509_CRL_print_fp(FILE *bp,X509_CRL *x);
712int X509_REQ_print_fp(FILE *bp,X509_REQ *req); 809int X509_REQ_print_fp(FILE *bp,X509_REQ *req);
713#endif 810#endif
714 811
715#ifdef HEADER_BIO_H 812#ifdef HEADER_BIO_H
716int X509_NAME_print(BIO *bp, X509_NAME *name, int obase); 813int X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
717int X509_print(BIO *bp,X509 *x); 814int X509_print(BIO *bp,X509 *x);
815int X509_CRL_print(BIO *bp,X509_CRL *x);
718int X509_REQ_print(BIO *bp,X509_REQ *req); 816int X509_REQ_print(BIO *bp,X509_REQ *req);
719#endif 817#endif
720 818
@@ -745,18 +843,17 @@ int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
745ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne); 843ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
746ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne); 844ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
747 845
748int X509v3_get_ext_count(STACK *x); 846int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x);
749int X509v3_get_ext_by_NID(STACK *x, int nid, int lastpos); 847int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x,
750int X509v3_get_ext_by_OBJ(STACK *x,ASN1_OBJECT *obj,int lastpos); 848 int nid, int lastpos);
751int X509v3_get_ext_by_critical(STACK *x, int crit, int lastpos); 849int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *x,
752X509_EXTENSION *X509v3_get_ext(STACK *x, int loc); 850 ASN1_OBJECT *obj,int lastpos);
753X509_EXTENSION *X509v3_delete_ext(STACK *x, int loc); 851int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *x,
754STACK * X509v3_add_ext(STACK **x, X509_EXTENSION *ex, int loc); 852 int crit, int lastpos);
755 853X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc);
756int X509v3_data_type_by_OBJ(ASN1_OBJECT *obj); 854X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc);
757int X509v3_data_type_by_NID(int nid); 855STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
758int X509v3_pack_type_by_OBJ(ASN1_OBJECT *obj); 856 X509_EXTENSION *ex, int loc);
759int X509v3_pack_type_by_NID(int nid);
760 857
761int X509_get_ext_count(X509 *x); 858int X509_get_ext_count(X509 *x);
762int X509_get_ext_by_NID(X509 *x, int nid, int lastpos); 859int X509_get_ext_by_NID(X509 *x, int nid, int lastpos);
@@ -793,311 +890,49 @@ int X509_EXTENSION_set_data(X509_EXTENSION *ex,
793ASN1_OBJECT * X509_EXTENSION_get_object(X509_EXTENSION *ex); 890ASN1_OBJECT * X509_EXTENSION_get_object(X509_EXTENSION *ex);
794ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne); 891ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
795int X509_EXTENSION_get_critical(X509_EXTENSION *ex); 892int X509_EXTENSION_get_critical(X509_EXTENSION *ex);
796ASN1_OCTET_STRING *X509v3_pack_string(ASN1_OCTET_STRING **ex,int type,
797 unsigned char *bytes, int len);
798ASN1_STRING * X509v3_unpack_string(ASN1_STRING **ex,int type,
799 ASN1_OCTET_STRING *os);
800 893
801int X509_verify_cert(X509_STORE_CTX *ctx); 894int X509_verify_cert(X509_STORE_CTX *ctx);
802 895
803/* lookup a cert from a X509 STACK */ 896/* lookup a cert from a X509 STACK */
804X509 *X509_find_by_issuer_and_serial(STACK *sk,X509_NAME *name, 897X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,X509_NAME *name,
805 ASN1_INTEGER *serial); 898 ASN1_INTEGER *serial);
806X509 *X509_find_by_subject(STACK *sk,X509_NAME *name); 899X509 *X509_find_by_subject(STACK_OF(X509) *sk,X509_NAME *name);
807 900
808#else 901int i2d_PBEPARAM(PBEPARAM *a, unsigned char **pp);
809 902PBEPARAM *PBEPARAM_new(void);
810#ifndef SSLEAY_MACROS 903PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, unsigned char **pp, long length);
811#ifdef HEADER_ENVELOPE_H 904void PBEPARAM_free(PBEPARAM *a);
812int X509_verify(); 905X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, int saltlen);
813int X509_REQ_verify(); 906X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
814int X509_CRL_verify(); 907 unsigned char *salt, int saltlen);
815int NETSCAPE_SPKI_verify(); 908
816 909int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **pp);
817int X509_sign(); 910PBKDF2PARAM *PBKDF2PARAM_new(void);
818int X509_REQ_sign(); 911PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, unsigned char **pp, long length);
819int X509_CRL_sign(); 912void PBKDF2PARAM_free(PBKDF2PARAM *a);
820int NETSCAPE_SPKI_sign(); 913
821 914int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **pp);
822int X509_digest(); 915PBE2PARAM *PBE2PARAM_new(void);
823int X509_NAME_digest(); 916PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, unsigned char **pp, long length);
824#endif 917void PBE2PARAM_free(PBE2PARAM *a);
825 918
826#ifndef NO_FP_API 919/* PKCS#8 utilities */
827X509 *d2i_X509_fp(); 920
828int i2d_X509_fp(); 921int i2d_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO *a, unsigned char **pp);
829X509_CRL *d2i_X509_CRL_fp(); 922PKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new(void);
830int i2d_X509_CRL_fp(); 923PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a,
831X509_REQ *d2i_X509_REQ_fp(); 924 unsigned char **pp, long length);
832int i2d_X509_REQ_fp(); 925void PKCS8_PRIV_KEY_INFO_free(PKCS8_PRIV_KEY_INFO *a);
833RSA *d2i_RSAPrivateKey_fp(); 926
834int i2d_RSAPrivateKey_fp(); 927EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8);
835DSA *d2i_DSAPrivateKey_fp(); 928PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey);
836int i2d_DSAPrivateKey_fp(); 929PKCS8_PRIV_KEY_INFO *PKCS8_set_broken(PKCS8_PRIV_KEY_INFO *p8, int broken);
837RSA *d2i_RSAPublicKey_fp();
838int i2d_RSAPublicKey_fp();
839#endif
840
841X509 *d2i_X509_bio();
842int i2d_X509_bio();
843X509_CRL *d2i_X509_CRL_bio();
844int i2d_X509_CRL_bio();
845X509_REQ *d2i_X509_REQ_bio();
846int i2d_X509_REQ_bio();
847RSA *d2i_RSAPrivateKey_bio();
848int i2d_RSAPrivateKey_bio();
849DSA *d2i_DSAPrivateKey_bio();
850int i2d_DSAPrivateKey_bio();
851RSA *d2i_RSAPublicKey_bio();
852int i2d_RSAPublicKey_bio();
853
854X509 *X509_dup();
855X509_EXTENSION *X509_EXTENSION_dup();
856X509_CRL *X509_CRL_dup();
857X509_REQ *X509_REQ_dup();
858X509_NAME *X509_NAME_dup();
859X509_NAME_ENTRY *X509_NAME_ENTRY_dup();
860RSA *RSAPublicKey_dup();
861RSA *RSAPrivateKey_dup();
862
863#endif /* !SSLEAY_MACROS */
864
865int X509_cmp_current_time();
866ASN1_UTCTIME * X509_gmtime_adj();
867
868char * X509_get_default_cert_area();
869char * X509_get_default_cert_dir();
870char * X509_get_default_cert_file();
871char * X509_get_default_cert_dir_env();
872char * X509_get_default_cert_file_env();
873char * X509_get_default_private_dir();
874
875X509_REQ * X509_to_X509_REQ();
876X509 * X509_REQ_to_X509();
877void ERR_load_X509_strings();
878
879X509_ALGOR * X509_ALGOR_new();
880void X509_ALGOR_free();
881int i2d_X509_ALGOR();
882X509_ALGOR * d2i_X509_ALGOR();
883
884X509_VAL * X509_VAL_new();
885void X509_VAL_free();
886int i2d_X509_VAL();
887X509_VAL * d2i_X509_VAL();
888
889X509_PUBKEY * X509_PUBKEY_new();
890void X509_PUBKEY_free();
891int i2d_X509_PUBKEY();
892X509_PUBKEY * d2i_X509_PUBKEY();
893int X509_PUBKEY_set();
894EVP_PKEY * X509_PUBKEY_get();
895int X509_get_pubkey_parameters();
896
897X509_SIG * X509_SIG_new();
898void X509_SIG_free();
899int i2d_X509_SIG();
900X509_SIG * d2i_X509_SIG();
901
902X509_REQ_INFO *X509_REQ_INFO_new();
903void X509_REQ_INFO_free();
904int i2d_X509_REQ_INFO();
905X509_REQ_INFO *d2i_X509_REQ_INFO();
906
907X509_REQ * X509_REQ_new();
908void X509_REQ_free();
909int i2d_X509_REQ();
910X509_REQ * d2i_X509_REQ();
911
912X509_ATTRIBUTE *X509_ATTRIBUTE_new();
913void X509_ATTRIBUTE_free();
914int i2d_X509_ATTRIBUTE();
915X509_ATTRIBUTE *d2i_X509_ATTRIBUTE();
916
917X509_EXTENSION *X509_EXTENSION_new();
918void X509_EXTENSION_free();
919int i2d_X509_EXTENSION();
920X509_EXTENSION *d2i_X509_EXTENSION();
921
922X509_NAME_ENTRY *X509_NAME_ENTRY_new();
923void X509_NAME_ENTRY_free();
924int i2d_X509_NAME_ENTRY();
925X509_NAME_ENTRY *d2i_X509_NAME_ENTRY();
926
927X509_NAME * X509_NAME_new();
928void X509_NAME_free();
929int i2d_X509_NAME();
930X509_NAME * d2i_X509_NAME();
931int X509_NAME_set();
932
933
934X509_CINF * X509_CINF_new();
935void X509_CINF_free();
936int i2d_X509_CINF();
937X509_CINF * d2i_X509_CINF();
938
939X509 * X509_new();
940void X509_free();
941int i2d_X509();
942X509 * d2i_X509();
943
944X509_REVOKED * X509_REVOKED_new();
945void X509_REVOKED_free();
946int i2d_X509_REVOKED();
947X509_REVOKED * d2i_X509_REVOKED();
948
949X509_CRL_INFO *X509_CRL_INFO_new();
950void X509_CRL_INFO_free();
951int i2d_X509_CRL_INFO();
952X509_CRL_INFO *d2i_X509_CRL_INFO();
953
954X509_CRL * X509_CRL_new();
955void X509_CRL_free();
956int i2d_X509_CRL();
957X509_CRL * d2i_X509_CRL();
958
959X509_PKEY * X509_PKEY_new();
960void X509_PKEY_free();
961int i2d_X509_PKEY();
962X509_PKEY * d2i_X509_PKEY();
963
964NETSCAPE_SPKI * NETSCAPE_SPKI_new();
965void NETSCAPE_SPKI_free();
966int i2d_NETSCAPE_SPKI();
967NETSCAPE_SPKI * d2i_NETSCAPE_SPKI();
968
969NETSCAPE_SPKAC *NETSCAPE_SPKAC_new();
970void NETSCAPE_SPKAC_free();
971int i2d_NETSCAPE_SPKAC();
972NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC();
973
974#ifdef HEADER_ENVELOPE_H
975X509_INFO * X509_INFO_new();
976void X509_INFO_free();
977#endif
978
979char * X509_NAME_oneline();
980
981int ASN1_verify();
982int ASN1_digest();
983int ASN1_sign();
984
985int X509_set_version();
986int X509_set_serialNumber();
987ASN1_INTEGER * X509_get_serialNumber();
988int X509_set_issuer_name();
989X509_NAME * X509_get_issuer_name();
990int X509_set_subject_name();
991X509_NAME * X509_get_subject_name();
992int X509_set_notBefore();
993int X509_set_notAfter();
994int X509_set_pubkey();
995EVP_PKEY * X509_get_pubkey();
996int X509_certificate_type();
997
998int X509_REQ_set_version();
999int X509_REQ_set_subject_name();
1000int X509_REQ_set_pubkey();
1001EVP_PKEY * X509_REQ_get_pubkey();
1002
1003int X509_check_private_key();
1004
1005int X509_issuer_and_serial_cmp();
1006unsigned long X509_issuer_and_serial_hash();
1007
1008int X509_issuer_name_cmp();
1009unsigned long X509_issuer_name_hash();
1010
1011int X509_subject_name_cmp();
1012unsigned long X509_subject_name_hash();
1013
1014int X509_NAME_cmp ();
1015unsigned long X509_NAME_hash();
1016
1017int X509_CRL_cmp();
1018#ifndef NO_FP_API
1019int X509_print_fp();
1020int X509_REQ_print_fp();
1021#endif
1022
1023int X509_NAME_print();
1024int X509_print();
1025int X509_REQ_print();
1026
1027int X509_NAME_entry_count();
1028int X509_NAME_get_text_by_NID();
1029int X509_NAME_get_text_by_OBJ();
1030
1031int X509_NAME_get_index_by_NID();
1032int X509_NAME_get_index_by_OBJ();
1033X509_NAME_ENTRY *X509_NAME_get_entry();
1034X509_NAME_ENTRY *X509_NAME_delete_entry();
1035int X509_NAME_add_entry();
1036X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID();
1037X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ();
1038int X509_NAME_ENTRY_set_object();
1039int X509_NAME_ENTRY_set_data();
1040ASN1_OBJECT * X509_NAME_ENTRY_get_object();
1041ASN1_STRING * X509_NAME_ENTRY_get_data();
1042
1043int X509v3_get_ext_count();
1044int X509v3_get_ext_by_NID();
1045int X509v3_get_ext_by_OBJ();
1046int X509v3_get_ext_by_critical();
1047X509_EXTENSION *X509v3_get_ext();
1048X509_EXTENSION *X509v3_delete_ext();
1049STACK * X509v3_add_ext();
1050
1051int X509v3_data_type_by_OBJ();
1052int X509v3_data_type_by_NID();
1053int X509v3_pack_type_by_OBJ();
1054int X509v3_pack_type_by_NID();
1055
1056int X509_get_ext_count();
1057int X509_get_ext_by_NID();
1058int X509_get_ext_by_OBJ();
1059int X509_get_ext_by_critical();
1060X509_EXTENSION *X509_get_ext();
1061X509_EXTENSION *X509_delete_ext();
1062int X509_add_ext();
1063
1064int X509_CRL_get_ext_count();
1065int X509_CRL_get_ext_by_NID();
1066int X509_CRL_get_ext_by_OBJ();
1067int X509_CRL_get_ext_by_critical();
1068X509_EXTENSION *X509_CRL_get_ext();
1069X509_EXTENSION *X509_CRL_delete_ext();
1070int X509_CRL_add_ext();
1071
1072int X509_REVOKED_get_ext_count();
1073int X509_REVOKED_get_ext_by_NID();
1074int X509_REVOKED_get_ext_by_OBJ();
1075int X509_REVOKED_get_ext_by_critical();
1076X509_EXTENSION *X509_REVOKED_get_ext();
1077X509_EXTENSION *X509_REVOKED_delete_ext();
1078int X509_REVOKED_add_ext();
1079
1080X509_EXTENSION *X509_EXTENSION_create_by_NID();
1081X509_EXTENSION *X509_EXTENSION_create_by_OBJ();
1082int X509_EXTENSION_set_object();
1083int X509_EXTENSION_set_critical();
1084int X509_EXTENSION_set_data();
1085ASN1_OBJECT * X509_EXTENSION_get_object();
1086ASN1_OCTET_STRING *X509_EXTENSION_get_data();
1087int X509_EXTENSION_get_critical();
1088ASN1_OCTET_STRING *X509v3_pack_string();
1089ASN1_STRING * X509v3_unpack_string();
1090
1091int X509_verify_cert();
1092char * X509_verify_cert_error_string();
1093
1094/* lookup a cert from a X509 STACK */
1095X509 *X509_find_by_issuer_and_serial();
1096X509 *X509_find_by_subject();
1097
1098#endif
1099 930
1100/* BEGIN ERROR CODES */ 931/* BEGIN ERROR CODES */
932/* The following lines are auto generated by the script mkerr.pl. Any changes
933 * made after this point may be overwritten when the script is next run.
934 */
935
1101/* Error codes for the X509 functions. */ 936/* Error codes for the X509 functions. */
1102 937
1103/* Function codes. */ 938/* Function codes. */
@@ -1106,9 +941,7 @@ X509 *X509_find_by_subject();
1106#define X509_F_DIR_CTRL 102 941#define X509_F_DIR_CTRL 102
1107#define X509_F_GET_CERT_BY_SUBJECT 103 942#define X509_F_GET_CERT_BY_SUBJECT 103
1108#define X509_F_X509V3_ADD_EXT 104 943#define X509_F_X509V3_ADD_EXT 104
1109#define X509_F_X509V3_ADD_EXTENSION 105 944#define X509_F_X509_CHECK_PRIVATE_KEY 128
1110#define X509_F_X509V3_PACK_STRING 106
1111#define X509_F_X509V3_UNPACK_STRING 107
1112#define X509_F_X509_EXTENSION_CREATE_BY_NID 108 945#define X509_F_X509_EXTENSION_CREATE_BY_NID 108
1113#define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109 946#define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109
1114#define X509_F_X509_GET_PUBKEY_PARAMETERS 110 947#define X509_F_X509_GET_PUBKEY_PARAMETERS 110
@@ -1132,19 +965,23 @@ X509 *X509_find_by_subject();
1132 965
1133/* Reason codes. */ 966/* Reason codes. */
1134#define X509_R_BAD_X509_FILETYPE 100 967#define X509_R_BAD_X509_FILETYPE 100
968#define X509_R_CANT_CHECK_DH_KEY 114
1135#define X509_R_CERT_ALREADY_IN_HASH_TABLE 101 969#define X509_R_CERT_ALREADY_IN_HASH_TABLE 101
1136#define X509_R_ERR_ASN1_LIB 102 970#define X509_R_ERR_ASN1_LIB 102
971#define X509_R_INVALID_DIRECTORY 113
972#define X509_R_KEY_TYPE_MISMATCH 115
973#define X509_R_KEY_VALUES_MISMATCH 116
1137#define X509_R_LOADING_CERT_DIR 103 974#define X509_R_LOADING_CERT_DIR 103
1138#define X509_R_LOADING_DEFAULTS 104 975#define X509_R_LOADING_DEFAULTS 104
1139#define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105 976#define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105
1140#define X509_R_SHOULD_RETRY 106 977#define X509_R_SHOULD_RETRY 106
1141#define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107 978#define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107
1142#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108 979#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108
980#define X509_R_UNKNOWN_KEY_TYPE 117
1143#define X509_R_UNKNOWN_NID 109 981#define X509_R_UNKNOWN_NID 109
1144#define X509_R_UNKNOWN_STRING_TYPE 110
1145#define X509_R_UNSUPPORTED_ALGORITHM 111 982#define X509_R_UNSUPPORTED_ALGORITHM 111
1146#define X509_R_WRONG_LOOKUP_TYPE 112 983#define X509_R_WRONG_LOOKUP_TYPE 112
1147 984
1148#ifdef __cplusplus 985#ifdef __cplusplus
1149} 986}
1150#endif 987#endif
diff --git a/src/lib/libcrypto/x509/x509_cmp.c b/src/lib/libcrypto/x509/x509_cmp.c
index f9d9510ac5..9a93bae3ff 100644
--- a/src/lib/libcrypto/x509/x509_cmp.c
+++ b/src/lib/libcrypto/x509/x509_cmp.c
@@ -60,13 +60,11 @@
60#include <sys/types.h> 60#include <sys/types.h>
61#include <sys/stat.h> 61#include <sys/stat.h>
62#include "cryptlib.h" 62#include "cryptlib.h"
63#include "asn1.h" 63#include <openssl/asn1.h>
64#include "objects.h" 64#include <openssl/objects.h>
65#include "x509.h" 65#include <openssl/x509.h>
66 66
67int X509_issuer_and_serial_cmp(a,b) 67int X509_issuer_and_serial_cmp(X509 *a, X509 *b)
68X509 *a;
69X509 *b;
70 { 68 {
71 int i; 69 int i;
72 X509_CINF *ai,*bi; 70 X509_CINF *ai,*bi;
@@ -79,8 +77,7 @@ X509 *b;
79 } 77 }
80 78
81#ifndef NO_MD5 79#ifndef NO_MD5
82unsigned long X509_issuer_and_serial_hash(a) 80unsigned long X509_issuer_and_serial_hash(X509 *a)
83X509 *a;
84 { 81 {
85 unsigned long ret=0; 82 unsigned long ret=0;
86 MD5_CTX ctx; 83 MD5_CTX ctx;
@@ -101,70 +98,59 @@ X509 *a;
101 } 98 }
102#endif 99#endif
103 100
104int X509_issuer_name_cmp(a, b) 101int X509_issuer_name_cmp(X509 *a, X509 *b)
105X509 *a;
106X509 *b;
107 { 102 {
108 return(X509_NAME_cmp(a->cert_info->issuer,b->cert_info->issuer)); 103 return(X509_NAME_cmp(a->cert_info->issuer,b->cert_info->issuer));
109 } 104 }
110 105
111int X509_subject_name_cmp(a, b) 106int X509_subject_name_cmp(X509 *a, X509 *b)
112X509 *a;
113X509 *b;
114 { 107 {
115 return(X509_NAME_cmp(a->cert_info->subject,b->cert_info->subject)); 108 return(X509_NAME_cmp(a->cert_info->subject,b->cert_info->subject));
116 } 109 }
117 110
118int X509_CRL_cmp(a, b) 111int X509_CRL_cmp(X509_CRL *a, X509_CRL *b)
119X509_CRL *a;
120X509_CRL *b;
121 { 112 {
122 return(X509_NAME_cmp(a->crl->issuer,b->crl->issuer)); 113 return(X509_NAME_cmp(a->crl->issuer,b->crl->issuer));
123 } 114 }
124 115
125X509_NAME *X509_get_issuer_name(a) 116X509_NAME *X509_get_issuer_name(X509 *a)
126X509 *a;
127 { 117 {
128 return(a->cert_info->issuer); 118 return(a->cert_info->issuer);
129 } 119 }
130 120
131unsigned long X509_issuer_name_hash(x) 121unsigned long X509_issuer_name_hash(X509 *x)
132X509 *x;
133 { 122 {
134 return(X509_NAME_hash(x->cert_info->issuer)); 123 return(X509_NAME_hash(x->cert_info->issuer));
135 } 124 }
136 125
137X509_NAME *X509_get_subject_name(a) 126X509_NAME *X509_get_subject_name(X509 *a)
138X509 *a;
139 { 127 {
140 return(a->cert_info->subject); 128 return(a->cert_info->subject);
141 } 129 }
142 130
143ASN1_INTEGER *X509_get_serialNumber(a) 131ASN1_INTEGER *X509_get_serialNumber(X509 *a)
144X509 *a;
145 { 132 {
146 return(a->cert_info->serialNumber); 133 return(a->cert_info->serialNumber);
147 } 134 }
148 135
149unsigned long X509_subject_name_hash(x) 136unsigned long X509_subject_name_hash(X509 *x)
150X509 *x;
151 { 137 {
152 return(X509_NAME_hash(x->cert_info->subject)); 138 return(X509_NAME_hash(x->cert_info->subject));
153 } 139 }
154 140
155int X509_NAME_cmp(a, b) 141int X509_NAME_cmp(X509_NAME *a, X509_NAME *b)
156X509_NAME *a;
157X509_NAME *b;
158 { 142 {
159 int i,j; 143 int i,j;
160 X509_NAME_ENTRY *na,*nb; 144 X509_NAME_ENTRY *na,*nb;
161 145
162 if (sk_num(a->entries) != sk_num(b->entries)) 146 if (sk_X509_NAME_ENTRY_num(a->entries)
163 return(sk_num(a->entries)-sk_num(b->entries)); 147 != sk_X509_NAME_ENTRY_num(b->entries))
164 for (i=sk_num(a->entries)-1; i>=0; i--) 148 return sk_X509_NAME_ENTRY_num(a->entries)
149 -sk_X509_NAME_ENTRY_num(b->entries);
150 for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--)
165 { 151 {
166 na=(X509_NAME_ENTRY *)sk_value(a->entries,i); 152 na=sk_X509_NAME_ENTRY_value(a->entries,i);
167 nb=(X509_NAME_ENTRY *)sk_value(b->entries,i); 153 nb=sk_X509_NAME_ENTRY_value(b->entries,i);
168 j=na->value->length-nb->value->length; 154 j=na->value->length-nb->value->length;
169 if (j) return(j); 155 if (j) return(j);
170 j=memcmp(na->value->data,nb->value->data, 156 j=memcmp(na->value->data,nb->value->data,
@@ -177,10 +163,10 @@ X509_NAME *b;
177 /* We will check the object types after checking the values 163 /* We will check the object types after checking the values
178 * since the values will more often be different than the object 164 * since the values will more often be different than the object
179 * types. */ 165 * types. */
180 for (i=sk_num(a->entries)-1; i>=0; i--) 166 for (i=sk_X509_NAME_ENTRY_num(a->entries)-1; i>=0; i--)
181 { 167 {
182 na=(X509_NAME_ENTRY *)sk_value(a->entries,i); 168 na=sk_X509_NAME_ENTRY_value(a->entries,i);
183 nb=(X509_NAME_ENTRY *)sk_value(b->entries,i); 169 nb=sk_X509_NAME_ENTRY_value(b->entries,i);
184 j=OBJ_cmp(na->object,nb->object); 170 j=OBJ_cmp(na->object,nb->object);
185 if (j) return(j); 171 if (j) return(j);
186 } 172 }
@@ -190,8 +176,7 @@ X509_NAME *b;
190#ifndef NO_MD5 176#ifndef NO_MD5
191/* I now DER encode the name and hash it. Since I cache the DER encoding, 177/* I now DER encode the name and hash it. Since I cache the DER encoding,
192 * this is reasonably effiecent. */ 178 * this is reasonably effiecent. */
193unsigned long X509_NAME_hash(x) 179unsigned long X509_NAME_hash(X509_NAME *x)
194X509_NAME *x;
195 { 180 {
196 unsigned long ret=0; 181 unsigned long ret=0;
197 unsigned char md[16]; 182 unsigned char md[16];
@@ -217,10 +202,8 @@ X509_NAME *x;
217#endif 202#endif
218 203
219/* Search a stack of X509 for a match */ 204/* Search a stack of X509 for a match */
220X509 *X509_find_by_issuer_and_serial(sk,name,serial) 205X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk, X509_NAME *name,
221STACK *sk; 206 ASN1_INTEGER *serial)
222X509_NAME *name;
223ASN1_INTEGER *serial;
224 { 207 {
225 int i; 208 int i;
226 X509_CINF cinf; 209 X509_CINF cinf;
@@ -230,28 +213,81 @@ ASN1_INTEGER *serial;
230 cinf.serialNumber=serial; 213 cinf.serialNumber=serial;
231 cinf.issuer=name; 214 cinf.issuer=name;
232 215
233 for (i=0; i<sk_num(sk); i++) 216 for (i=0; i<sk_X509_num(sk); i++)
234 { 217 {
235 x509=(X509 *)sk_value(sk,i); 218 x509=sk_X509_value(sk,i);
236 if (X509_issuer_and_serial_cmp(x509,&x) == 0) 219 if (X509_issuer_and_serial_cmp(x509,&x) == 0)
237 return(x509); 220 return(x509);
238 } 221 }
239 return(NULL); 222 return(NULL);
240 } 223 }
241 224
242X509 *X509_find_by_subject(sk,name) 225X509 *X509_find_by_subject(STACK_OF(X509) *sk, X509_NAME *name)
243STACK *sk;
244X509_NAME *name;
245 { 226 {
246 X509 *x509; 227 X509 *x509;
247 int i; 228 int i;
248 229
249 for (i=0; i<sk_num(sk); i++) 230 for (i=0; i<sk_X509_num(sk); i++)
250 { 231 {
251 x509=(X509 *)sk_value(sk,i); 232 x509=sk_X509_value(sk,i);
252 if (X509_NAME_cmp(X509_get_subject_name(x509),name) == 0) 233 if (X509_NAME_cmp(X509_get_subject_name(x509),name) == 0)
253 return(x509); 234 return(x509);
254 } 235 }
255 return(NULL); 236 return(NULL);
256 } 237 }
257 238
239EVP_PKEY *X509_get_pubkey(X509 *x)
240 {
241 if ((x == NULL) || (x->cert_info == NULL))
242 return(NULL);
243 return(X509_PUBKEY_get(x->cert_info->key));
244 }
245
246int X509_check_private_key(X509 *x, EVP_PKEY *k)
247 {
248 EVP_PKEY *xk=NULL;
249 int ok=0;
250
251 xk=X509_get_pubkey(x);
252 if (xk->type != k->type)
253 {
254 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_TYPE_MISMATCH);
255 goto err;
256 }
257 switch (k->type)
258 {
259#ifndef NO_RSA
260 case EVP_PKEY_RSA:
261 if (BN_cmp(xk->pkey.rsa->n,k->pkey.rsa->n) != 0
262 || BN_cmp(xk->pkey.rsa->e,k->pkey.rsa->e) != 0)
263 {
264 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH);
265 goto err;
266 }
267 break;
268#endif
269#ifndef NO_DSA
270 case EVP_PKEY_DSA:
271 if (BN_cmp(xk->pkey.dsa->pub_key,k->pkey.dsa->pub_key) != 0)
272 {
273 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_KEY_VALUES_MISMATCH);
274 goto err;
275 }
276 break;
277#endif
278#ifndef NO_DH
279 case EVP_PKEY_DH:
280 /* No idea */
281 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_CANT_CHECK_DH_KEY);
282 goto err;
283#endif
284 default:
285 X509err(X509_F_X509_CHECK_PRIVATE_KEY,X509_R_UNKNOWN_KEY_TYPE);
286 goto err;
287 }
288
289 ok=1;
290err:
291 EVP_PKEY_free(xk);
292 return(ok);
293 }
diff --git a/src/lib/libcrypto/x509/x509_d2.c b/src/lib/libcrypto/x509/x509_d2.c
index 01e22f4cb4..3e7ec5b432 100644
--- a/src/lib/libcrypto/x509/x509_d2.c
+++ b/src/lib/libcrypto/x509/x509_d2.c
@@ -60,12 +60,11 @@
60#include <sys/types.h> 60#include <sys/types.h>
61#include <sys/stat.h> 61#include <sys/stat.h>
62#include "cryptlib.h" 62#include "cryptlib.h"
63#include "crypto.h" 63#include <openssl/crypto.h>
64#include "x509.h" 64#include <openssl/x509.h>
65 65
66#ifndef NO_STDIO 66#ifndef NO_STDIO
67int X509_STORE_set_default_paths(ctx) 67int X509_STORE_set_default_paths(X509_STORE *ctx)
68X509_STORE *ctx;
69 { 68 {
70 X509_LOOKUP *lookup; 69 X509_LOOKUP *lookup;
71 70
@@ -83,10 +82,8 @@ X509_STORE *ctx;
83 return(1); 82 return(1);
84 } 83 }
85 84
86int X509_STORE_load_locations(ctx,file,path) 85int X509_STORE_load_locations(X509_STORE *ctx, const char *file,
87X509_STORE *ctx; 86 const char *path)
88char *file;
89char *path;
90 { 87 {
91 X509_LOOKUP *lookup; 88 X509_LOOKUP *lookup;
92 89
diff --git a/src/lib/libcrypto/x509/x509_def.c b/src/lib/libcrypto/x509/x509_def.c
index d9ab39b15a..c4bee71569 100644
--- a/src/lib/libcrypto/x509/x509_def.c
+++ b/src/lib/libcrypto/x509/x509_def.c
@@ -60,24 +60,24 @@
60#include <sys/types.h> 60#include <sys/types.h>
61#include <sys/stat.h> 61#include <sys/stat.h>
62#include "cryptlib.h" 62#include "cryptlib.h"
63#include "crypto.h" 63#include <openssl/crypto.h>
64#include "x509.h" 64#include <openssl/x509.h>
65 65
66char *X509_get_default_private_dir() 66const char *X509_get_default_private_dir(void)
67 { return(X509_PRIVATE_DIR); } 67 { return(X509_PRIVATE_DIR); }
68 68
69char *X509_get_default_cert_area() 69const char *X509_get_default_cert_area(void)
70 { return(X509_CERT_AREA); } 70 { return(X509_CERT_AREA); }
71 71
72char *X509_get_default_cert_dir() 72const char *X509_get_default_cert_dir(void)
73 { return(X509_CERT_DIR); } 73 { return(X509_CERT_DIR); }
74 74
75char *X509_get_default_cert_file() 75const char *X509_get_default_cert_file(void)
76 { return(X509_CERT_FILE); } 76 { return(X509_CERT_FILE); }
77 77
78char *X509_get_default_cert_dir_env() 78const char *X509_get_default_cert_dir_env(void)
79 { return(X509_CERT_DIR_EVP); } 79 { return(X509_CERT_DIR_EVP); }
80 80
81char *X509_get_default_cert_file_env() 81const char *X509_get_default_cert_file_env(void)
82 { return(X509_CERT_FILE_EVP); } 82 { return(X509_CERT_FILE_EVP); }
83 83
diff --git a/src/lib/libcrypto/x509/x509_err.c b/src/lib/libcrypto/x509/x509_err.c
index 9304721612..9afd4ccde5 100644
--- a/src/lib/libcrypto/x509/x509_err.c
+++ b/src/lib/libcrypto/x509/x509_err.c
@@ -1,63 +1,65 @@
1/* lib/x509/x509_err.c */ 1/* crypto/x509/x509_err.c */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com) 2/* ====================================================================
3 * All rights reserved. 3 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
4 * 4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without 5 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions 6 * modification, are permitted provided that the following conditions
25 * are met: 7 * are met:
26 * 1. Redistributions of source code must retain the copyright 8 *
27 * notice, this list of conditions and the following disclaimer. 9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 *
28 * 2. Redistributions in binary form must reproduce the above copyright 12 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the 13 * notice, this list of conditions and the following disclaimer in
30 * documentation and/or other materials provided with the distribution. 14 * the documentation and/or other materials provided with the
31 * 3. All advertising materials mentioning features or use of this software 15 * distribution.
32 * must display the following acknowledgement: 16 *
33 * "This product includes cryptographic software written by 17 * 3. All advertising materials mentioning features or use of this
34 * Eric Young (eay@cryptsoft.com)" 18 * software must display the following acknowledgment:
35 * The word 'cryptographic' can be left out if the rouines from the library 19 * "This product includes software developed by the OpenSSL Project
36 * being used are not cryptographic related :-). 20 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
37 * 4. If you include any Windows specific code (or a derivative thereof) from 21 *
38 * the apps directory (application code) you must include an acknowledgement: 22 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" 23 * endorse or promote products derived from this software without
40 * 24 * prior written permission. For written permission, please contact
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND 25 * openssl-core@OpenSSL.org.
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 26 *
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 27 * 5. Products derived from this software may not be called "OpenSSL"
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 28 * nor may "OpenSSL" appear in their names without prior written
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 29 * permission of the OpenSSL Project.
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 30 *
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 31 * 6. Redistributions of any form whatsoever must retain the following
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 32 * acknowledgment:
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 33 * "This product includes software developed by the OpenSSL Project
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
51 * SUCH DAMAGE. 35 *
52 * 36 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
53 * The licence and distribution terms for any publically available version or 37 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
54 * derivative of this code cannot be changed. i.e. this code cannot simply be 38 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
55 * copied and put under another distribution licence 39 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
56 * [including the GNU Public Licence.] 40 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47 * OF THE POSSIBILITY OF SUCH DAMAGE.
48 * ====================================================================
49 *
50 * This product includes cryptographic software written by Eric Young
51 * (eay@cryptsoft.com). This product includes software written by Tim
52 * Hudson (tjh@cryptsoft.com).
53 *
57 */ 54 */
55
56/* NOTE: this file was auto generated by the mkerr.pl script: any changes
57 * made to it will be overwritten when the script next updates this file.
58 */
59
58#include <stdio.h> 60#include <stdio.h>
59#include "err.h" 61#include <openssl/err.h>
60#include "x509.h" 62#include <openssl/x509.h>
61 63
62/* BEGIN ERROR CODES */ 64/* BEGIN ERROR CODES */
63#ifndef NO_ERR 65#ifndef NO_ERR
@@ -68,14 +70,12 @@ static ERR_STRING_DATA X509_str_functs[]=
68{ERR_PACK(0,X509_F_DIR_CTRL,0), "DIR_CTRL"}, 70{ERR_PACK(0,X509_F_DIR_CTRL,0), "DIR_CTRL"},
69{ERR_PACK(0,X509_F_GET_CERT_BY_SUBJECT,0), "GET_CERT_BY_SUBJECT"}, 71{ERR_PACK(0,X509_F_GET_CERT_BY_SUBJECT,0), "GET_CERT_BY_SUBJECT"},
70{ERR_PACK(0,X509_F_X509V3_ADD_EXT,0), "X509v3_add_ext"}, 72{ERR_PACK(0,X509_F_X509V3_ADD_EXT,0), "X509v3_add_ext"},
71{ERR_PACK(0,X509_F_X509V3_ADD_EXTENSION,0), "X509V3_ADD_EXTENSION"}, 73{ERR_PACK(0,X509_F_X509_CHECK_PRIVATE_KEY,0), "X509_check_private_key"},
72{ERR_PACK(0,X509_F_X509V3_PACK_STRING,0), "X509v3_pack_string"},
73{ERR_PACK(0,X509_F_X509V3_UNPACK_STRING,0), "X509v3_unpack_string"},
74{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_NID,0), "X509_EXTENSION_create_by_NID"}, 74{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_NID,0), "X509_EXTENSION_create_by_NID"},
75{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_OBJ,0), "X509_EXTENSION_create_by_OBJ"}, 75{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_OBJ,0), "X509_EXTENSION_create_by_OBJ"},
76{ERR_PACK(0,X509_F_X509_GET_PUBKEY_PARAMETERS,0), "X509_get_pubkey_parameters"}, 76{ERR_PACK(0,X509_F_X509_GET_PUBKEY_PARAMETERS,0), "X509_get_pubkey_parameters"},
77{ERR_PACK(0,X509_F_X509_LOAD_CERT_FILE,0), "X509_LOAD_CERT_FILE"}, 77{ERR_PACK(0,X509_F_X509_LOAD_CERT_FILE,0), "X509_load_cert_file"},
78{ERR_PACK(0,X509_F_X509_LOAD_CRL_FILE,0), "X509_LOAD_CRL_FILE"}, 78{ERR_PACK(0,X509_F_X509_LOAD_CRL_FILE,0), "X509_load_crl_file"},
79{ERR_PACK(0,X509_F_X509_NAME_ADD_ENTRY,0), "X509_NAME_add_entry"}, 79{ERR_PACK(0,X509_F_X509_NAME_ADD_ENTRY,0), "X509_NAME_add_entry"},
80{ERR_PACK(0,X509_F_X509_NAME_ENTRY_CREATE_BY_NID,0), "X509_NAME_ENTRY_create_by_NID"}, 80{ERR_PACK(0,X509_F_X509_NAME_ENTRY_CREATE_BY_NID,0), "X509_NAME_ENTRY_create_by_NID"},
81{ERR_PACK(0,X509_F_X509_NAME_ENTRY_SET_OBJECT,0), "X509_NAME_ENTRY_set_object"}, 81{ERR_PACK(0,X509_F_X509_NAME_ENTRY_SET_OBJECT,0), "X509_NAME_ENTRY_set_object"},
@@ -87,39 +87,43 @@ static ERR_STRING_DATA X509_str_functs[]=
87{ERR_PACK(0,X509_F_X509_REQ_PRINT,0), "X509_REQ_print"}, 87{ERR_PACK(0,X509_F_X509_REQ_PRINT,0), "X509_REQ_print"},
88{ERR_PACK(0,X509_F_X509_REQ_PRINT_FP,0), "X509_REQ_print_fp"}, 88{ERR_PACK(0,X509_F_X509_REQ_PRINT_FP,0), "X509_REQ_print_fp"},
89{ERR_PACK(0,X509_F_X509_REQ_TO_X509,0), "X509_REQ_to_X509"}, 89{ERR_PACK(0,X509_F_X509_REQ_TO_X509,0), "X509_REQ_to_X509"},
90{ERR_PACK(0,X509_F_X509_STORE_ADD_CERT,0), "X509_STORE_ADD_CERT"}, 90{ERR_PACK(0,X509_F_X509_STORE_ADD_CERT,0), "X509_STORE_add_cert"},
91{ERR_PACK(0,X509_F_X509_STORE_ADD_CRL,0), "X509_STORE_ADD_CRL"}, 91{ERR_PACK(0,X509_F_X509_STORE_ADD_CRL,0), "X509_STORE_add_crl"},
92{ERR_PACK(0,X509_F_X509_TO_X509_REQ,0), "X509_to_X509_REQ"}, 92{ERR_PACK(0,X509_F_X509_TO_X509_REQ,0), "X509_to_X509_REQ"},
93{ERR_PACK(0,X509_F_X509_VERIFY_CERT,0), "X509_verify_cert"}, 93{ERR_PACK(0,X509_F_X509_VERIFY_CERT,0), "X509_verify_cert"},
94{0,NULL}, 94{0,NULL}
95 }; 95 };
96 96
97static ERR_STRING_DATA X509_str_reasons[]= 97static ERR_STRING_DATA X509_str_reasons[]=
98 { 98 {
99{X509_R_BAD_X509_FILETYPE ,"bad x509 filetype"}, 99{X509_R_BAD_X509_FILETYPE ,"bad x509 filetype"},
100{X509_R_CANT_CHECK_DH_KEY ,"cant check dh key"},
100{X509_R_CERT_ALREADY_IN_HASH_TABLE ,"cert already in hash table"}, 101{X509_R_CERT_ALREADY_IN_HASH_TABLE ,"cert already in hash table"},
101{X509_R_ERR_ASN1_LIB ,"err asn1 lib"}, 102{X509_R_ERR_ASN1_LIB ,"err asn1 lib"},
103{X509_R_INVALID_DIRECTORY ,"invalid directory"},
104{X509_R_KEY_TYPE_MISMATCH ,"key type mismatch"},
105{X509_R_KEY_VALUES_MISMATCH ,"key values mismatch"},
102{X509_R_LOADING_CERT_DIR ,"loading cert dir"}, 106{X509_R_LOADING_CERT_DIR ,"loading cert dir"},
103{X509_R_LOADING_DEFAULTS ,"loading defaults"}, 107{X509_R_LOADING_DEFAULTS ,"loading defaults"},
104{X509_R_NO_CERT_SET_FOR_US_TO_VERIFY ,"no cert set for us to verify"}, 108{X509_R_NO_CERT_SET_FOR_US_TO_VERIFY ,"no cert set for us to verify"},
105{X509_R_SHOULD_RETRY ,"should retry"}, 109{X509_R_SHOULD_RETRY ,"should retry"},
106{X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN,"unable to find parameters in chain"}, 110{X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN,"unable to find parameters in chain"},
107{X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY ,"unable to get certs public key"}, 111{X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY ,"unable to get certs public key"},
112{X509_R_UNKNOWN_KEY_TYPE ,"unknown key type"},
108{X509_R_UNKNOWN_NID ,"unknown nid"}, 113{X509_R_UNKNOWN_NID ,"unknown nid"},
109{X509_R_UNKNOWN_STRING_TYPE ,"unknown string type"},
110{X509_R_UNSUPPORTED_ALGORITHM ,"unsupported algorithm"}, 114{X509_R_UNSUPPORTED_ALGORITHM ,"unsupported algorithm"},
111{X509_R_WRONG_LOOKUP_TYPE ,"wrong lookup type"}, 115{X509_R_WRONG_LOOKUP_TYPE ,"wrong lookup type"},
112{0,NULL}, 116{0,NULL}
113 }; 117 };
114 118
115#endif 119#endif
116 120
117void ERR_load_X509_strings() 121void ERR_load_X509_strings(void)
118 { 122 {
119 static int init=1; 123 static int init=1;
120 124
121 if (init); 125 if (init)
122 {; 126 {
123 init=0; 127 init=0;
124#ifndef NO_ERR 128#ifndef NO_ERR
125 ERR_load_strings(ERR_LIB_X509,X509_str_functs); 129 ERR_load_strings(ERR_LIB_X509,X509_str_functs);
diff --git a/src/lib/libcrypto/x509/x509_ext.c b/src/lib/libcrypto/x509/x509_ext.c
index 1d76ecfcfd..f8565a60b2 100644
--- a/src/lib/libcrypto/x509/x509_ext.c
+++ b/src/lib/libcrypto/x509/x509_ext.c
@@ -57,166 +57,118 @@
57 */ 57 */
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "stack.h" 60#include <openssl/stack.h>
61#include "cryptlib.h" 61#include "cryptlib.h"
62#include "asn1.h" 62#include <openssl/asn1.h>
63#include "objects.h" 63#include <openssl/objects.h>
64#include "evp.h" 64#include <openssl/evp.h>
65#include "x509.h" 65#include <openssl/x509.h>
66 66
67int X509_CRL_get_ext_count(x) 67int X509_CRL_get_ext_count(X509_CRL *x)
68X509_CRL *x;
69 { 68 {
70 return(X509v3_get_ext_count(x->crl->extensions)); 69 return(X509v3_get_ext_count(x->crl->extensions));
71 } 70 }
72 71
73int X509_CRL_get_ext_by_NID(x,nid,lastpos) 72int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int lastpos)
74X509_CRL *x;
75int nid;
76int lastpos;
77 { 73 {
78 return(X509v3_get_ext_by_NID(x->crl->extensions,nid,lastpos)); 74 return(X509v3_get_ext_by_NID(x->crl->extensions,nid,lastpos));
79 } 75 }
80 76
81int X509_CRL_get_ext_by_OBJ(x,obj,lastpos) 77int X509_CRL_get_ext_by_OBJ(X509_CRL *x, ASN1_OBJECT *obj, int lastpos)
82X509_CRL *x;
83ASN1_OBJECT *obj;
84int lastpos;
85 { 78 {
86 return(X509v3_get_ext_by_OBJ(x->crl->extensions,obj,lastpos)); 79 return(X509v3_get_ext_by_OBJ(x->crl->extensions,obj,lastpos));
87 } 80 }
88 81
89int X509_CRL_get_ext_by_critical(x,crit,lastpos) 82int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int lastpos)
90X509_CRL *x;
91int crit;
92int lastpos;
93 { 83 {
94 return(X509v3_get_ext_by_critical(x->crl->extensions,crit,lastpos)); 84 return(X509v3_get_ext_by_critical(x->crl->extensions,crit,lastpos));
95 } 85 }
96 86
97X509_EXTENSION *X509_CRL_get_ext(x,loc) 87X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc)
98X509_CRL *x;
99int loc;
100 { 88 {
101 return(X509v3_get_ext(x->crl->extensions,loc)); 89 return(X509v3_get_ext(x->crl->extensions,loc));
102 } 90 }
103 91
104X509_EXTENSION *X509_CRL_delete_ext(x,loc) 92X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc)
105X509_CRL *x;
106int loc;
107 { 93 {
108 return(X509v3_delete_ext(x->crl->extensions,loc)); 94 return(X509v3_delete_ext(x->crl->extensions,loc));
109 } 95 }
110 96
111int X509_CRL_add_ext(x,ex,loc) 97int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc)
112X509_CRL *x;
113X509_EXTENSION *ex;
114int loc;
115 { 98 {
116 return(X509v3_add_ext(&(x->crl->extensions),ex,loc) != NULL); 99 return(X509v3_add_ext(&(x->crl->extensions),ex,loc) != NULL);
117 } 100 }
118 101
119int X509_get_ext_count(x) 102int X509_get_ext_count(X509 *x)
120X509 *x;
121 { 103 {
122 return(X509v3_get_ext_count(x->cert_info->extensions)); 104 return(X509v3_get_ext_count(x->cert_info->extensions));
123 } 105 }
124 106
125int X509_get_ext_by_NID(x,nid,lastpos) 107int X509_get_ext_by_NID(X509 *x, int nid, int lastpos)
126X509 *x;
127int nid;
128int lastpos;
129 { 108 {
130 return(X509v3_get_ext_by_NID(x->cert_info->extensions,nid,lastpos)); 109 return(X509v3_get_ext_by_NID(x->cert_info->extensions,nid,lastpos));
131 } 110 }
132 111
133int X509_get_ext_by_OBJ(x,obj,lastpos) 112int X509_get_ext_by_OBJ(X509 *x, ASN1_OBJECT *obj, int lastpos)
134X509 *x;
135ASN1_OBJECT *obj;
136int lastpos;
137 { 113 {
138 return(X509v3_get_ext_by_OBJ(x->cert_info->extensions,obj,lastpos)); 114 return(X509v3_get_ext_by_OBJ(x->cert_info->extensions,obj,lastpos));
139 } 115 }
140 116
141int X509_get_ext_by_critical(x,crit,lastpos) 117int X509_get_ext_by_critical(X509 *x, int crit, int lastpos)
142X509 *x;
143int crit;
144int lastpos;
145 { 118 {
146 return(X509v3_get_ext_by_critical(x->cert_info->extensions,crit,lastpos)); 119 return(X509v3_get_ext_by_critical(x->cert_info->extensions,crit,lastpos));
147 } 120 }
148 121
149X509_EXTENSION *X509_get_ext(x,loc) 122X509_EXTENSION *X509_get_ext(X509 *x, int loc)
150X509 *x;
151int loc;
152 { 123 {
153 return(X509v3_get_ext(x->cert_info->extensions,loc)); 124 return(X509v3_get_ext(x->cert_info->extensions,loc));
154 } 125 }
155 126
156X509_EXTENSION *X509_delete_ext(x,loc) 127X509_EXTENSION *X509_delete_ext(X509 *x, int loc)
157X509 *x;
158int loc;
159 { 128 {
160 return(X509v3_delete_ext(x->cert_info->extensions,loc)); 129 return(X509v3_delete_ext(x->cert_info->extensions,loc));
161 } 130 }
162 131
163int X509_add_ext(x,ex,loc) 132int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc)
164X509 *x;
165X509_EXTENSION *ex;
166int loc;
167 { 133 {
168 return(X509v3_add_ext(&(x->cert_info->extensions),ex,loc) != NULL); 134 return(X509v3_add_ext(&(x->cert_info->extensions),ex,loc) != NULL);
169 } 135 }
170 136
171int X509_REVOKED_get_ext_count(x) 137int X509_REVOKED_get_ext_count(X509_REVOKED *x)
172X509_REVOKED *x;
173 { 138 {
174 return(X509v3_get_ext_count(x->extensions)); 139 return(X509v3_get_ext_count(x->extensions));
175 } 140 }
176 141
177int X509_REVOKED_get_ext_by_NID(x,nid,lastpos) 142int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int lastpos)
178X509_REVOKED *x;
179int nid;
180int lastpos;
181 { 143 {
182 return(X509v3_get_ext_by_NID(x->extensions,nid,lastpos)); 144 return(X509v3_get_ext_by_NID(x->extensions,nid,lastpos));
183 } 145 }
184 146
185int X509_REVOKED_get_ext_by_OBJ(x,obj,lastpos) 147int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x, ASN1_OBJECT *obj,
186X509_REVOKED *x; 148 int lastpos)
187ASN1_OBJECT *obj;
188int lastpos;
189 { 149 {
190 return(X509v3_get_ext_by_OBJ(x->extensions,obj,lastpos)); 150 return(X509v3_get_ext_by_OBJ(x->extensions,obj,lastpos));
191 } 151 }
192 152
193int X509_REVOKED_get_ext_by_critical(x,crit,lastpos) 153int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int lastpos)
194X509_REVOKED *x;
195int crit;
196int lastpos;
197 { 154 {
198 return(X509v3_get_ext_by_critical(x->extensions,crit,lastpos)); 155 return(X509v3_get_ext_by_critical(x->extensions,crit,lastpos));
199 } 156 }
200 157
201X509_EXTENSION *X509_REVOKED_get_ext(x,loc) 158X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc)
202X509_REVOKED *x;
203int loc;
204 { 159 {
205 return(X509v3_get_ext(x->extensions,loc)); 160 return(X509v3_get_ext(x->extensions,loc));
206 } 161 }
207 162
208X509_EXTENSION *X509_REVOKED_delete_ext(x,loc) 163X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc)
209X509_REVOKED *x;
210int loc;
211 { 164 {
212 return(X509v3_delete_ext(x->extensions,loc)); 165 return(X509v3_delete_ext(x->extensions,loc));
213 } 166 }
214 167
215int X509_REVOKED_add_ext(x,ex,loc) 168int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc)
216X509_REVOKED *x;
217X509_EXTENSION *ex;
218int loc;
219 { 169 {
220 return(X509v3_add_ext(&(x->extensions),ex,loc) != NULL); 170 return(X509v3_add_ext(&(x->extensions),ex,loc) != NULL);
221 } 171 }
222 172
173IMPLEMENT_STACK_OF(X509_EXTENSION)
174IMPLEMENT_ASN1_SET_OF(X509_EXTENSION)
diff --git a/src/lib/libcrypto/x509/x509_lu.c b/src/lib/libcrypto/x509/x509_lu.c
index 2c7e10a46e..18bfecb11e 100644
--- a/src/lib/libcrypto/x509/x509_lu.c
+++ b/src/lib/libcrypto/x509/x509_lu.c
@@ -58,14 +58,13 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "lhash.h" 61#include <openssl/lhash.h>
62#include "x509.h" 62#include <openssl/x509.h>
63 63
64static STACK *x509_store_meth=NULL; 64static STACK *x509_store_meth=NULL;
65static STACK *x509_store_ctx_meth=NULL; 65static STACK *x509_store_ctx_meth=NULL;
66 66
67X509_LOOKUP *X509_LOOKUP_new(method) 67X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method)
68X509_LOOKUP_METHOD *method;
69 { 68 {
70 X509_LOOKUP *ret; 69 X509_LOOKUP *ret;
71 70
@@ -85,8 +84,7 @@ X509_LOOKUP_METHOD *method;
85 return(ret); 84 return(ret);
86 } 85 }
87 86
88void X509_LOOKUP_free(ctx) 87void X509_LOOKUP_free(X509_LOOKUP *ctx)
89X509_LOOKUP *ctx;
90 { 88 {
91 if (ctx == NULL) return; 89 if (ctx == NULL) return;
92 if ( (ctx->method != NULL) && 90 if ( (ctx->method != NULL) &&
@@ -95,8 +93,7 @@ X509_LOOKUP *ctx;
95 Free(ctx); 93 Free(ctx);
96 } 94 }
97 95
98int X509_LOOKUP_init(ctx) 96int X509_LOOKUP_init(X509_LOOKUP *ctx)
99X509_LOOKUP *ctx;
100 { 97 {
101 if (ctx->method == NULL) return(0); 98 if (ctx->method == NULL) return(0);
102 if (ctx->method->init != NULL) 99 if (ctx->method->init != NULL)
@@ -105,22 +102,17 @@ X509_LOOKUP *ctx;
105 return(1); 102 return(1);
106 } 103 }
107 104
108int X509_LOOKUP_shutdown(ctx) 105int X509_LOOKUP_shutdown(X509_LOOKUP *ctx)
109X509_LOOKUP *ctx;
110 { 106 {
111 if (ctx->method == NULL) return(0); 107 if (ctx->method == NULL) return(0);
112 if (ctx->method->init != NULL) 108 if (ctx->method->shutdown != NULL)
113 return(ctx->method->shutdown(ctx)); 109 return(ctx->method->shutdown(ctx));
114 else 110 else
115 return(1); 111 return(1);
116 } 112 }
117 113
118int X509_LOOKUP_ctrl(ctx,cmd,argc,argl,ret) 114int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
119X509_LOOKUP *ctx; 115 char **ret)
120int cmd;
121char *argc;
122long argl;
123char **ret;
124 { 116 {
125 if (ctx->method == NULL) return(-1); 117 if (ctx->method == NULL) return(-1);
126 if (ctx->method->ctrl != NULL) 118 if (ctx->method->ctrl != NULL)
@@ -129,11 +121,8 @@ char **ret;
129 return(1); 121 return(1);
130 } 122 }
131 123
132int X509_LOOKUP_by_subject(ctx,type,name,ret) 124int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
133X509_LOOKUP *ctx; 125 X509_OBJECT *ret)
134int type;
135X509_NAME *name;
136X509_OBJECT *ret;
137 { 126 {
138 if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL)) 127 if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL))
139 return(X509_LU_FAIL); 128 return(X509_LU_FAIL);
@@ -141,12 +130,8 @@ X509_OBJECT *ret;
141 return(ctx->method->get_by_subject(ctx,type,name,ret)); 130 return(ctx->method->get_by_subject(ctx,type,name,ret));
142 } 131 }
143 132
144int X509_LOOKUP_by_issuer_serial(ctx,type,name,serial,ret) 133int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
145X509_LOOKUP *ctx; 134 ASN1_INTEGER *serial, X509_OBJECT *ret)
146int type;
147X509_NAME *name;
148ASN1_INTEGER *serial;
149X509_OBJECT *ret;
150 { 135 {
151 if ((ctx->method == NULL) || 136 if ((ctx->method == NULL) ||
152 (ctx->method->get_by_issuer_serial == NULL)) 137 (ctx->method->get_by_issuer_serial == NULL))
@@ -154,32 +139,23 @@ X509_OBJECT *ret;
154 return(ctx->method->get_by_issuer_serial(ctx,type,name,serial,ret)); 139 return(ctx->method->get_by_issuer_serial(ctx,type,name,serial,ret));
155 } 140 }
156 141
157int X509_LOOKUP_by_fingerprint(ctx,type,bytes,len,ret) 142int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
158X509_LOOKUP *ctx; 143 unsigned char *bytes, int len, X509_OBJECT *ret)
159int type;
160unsigned char *bytes;
161int len;
162X509_OBJECT *ret;
163 { 144 {
164 if ((ctx->method == NULL) || (ctx->method->get_by_fingerprint == NULL)) 145 if ((ctx->method == NULL) || (ctx->method->get_by_fingerprint == NULL))
165 return(X509_LU_FAIL); 146 return(X509_LU_FAIL);
166 return(ctx->method->get_by_fingerprint(ctx,type,bytes,len,ret)); 147 return(ctx->method->get_by_fingerprint(ctx,type,bytes,len,ret));
167 } 148 }
168 149
169int X509_LOOKUP_by_alias(ctx,type,str,len,ret) 150int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str, int len,
170X509_LOOKUP *ctx; 151 X509_OBJECT *ret)
171int type;
172char *str;
173int len;
174X509_OBJECT *ret;
175 { 152 {
176 if ((ctx->method == NULL) || (ctx->method->get_by_alias == NULL)) 153 if ((ctx->method == NULL) || (ctx->method->get_by_alias == NULL))
177 return(X509_LU_FAIL); 154 return(X509_LU_FAIL);
178 return(ctx->method->get_by_alias(ctx,str,len,ret)); 155 return(ctx->method->get_by_alias(ctx,type,str,len,ret));
179 } 156 }
180 157
181static unsigned long x509_object_hash(a) 158static unsigned long x509_object_hash(X509_OBJECT *a)
182X509_OBJECT *a;
183 { 159 {
184 unsigned long h; 160 unsigned long h;
185 161
@@ -197,8 +173,7 @@ X509_OBJECT *a;
197 return(h); 173 return(h);
198 } 174 }
199 175
200static int x509_object_cmp(a,b) 176static int x509_object_cmp(X509_OBJECT *a, X509_OBJECT *b)
201X509_OBJECT *a,*b;
202 { 177 {
203 int ret; 178 int ret;
204 179
@@ -218,7 +193,7 @@ X509_OBJECT *a,*b;
218 return(ret); 193 return(ret);
219 } 194 }
220 195
221X509_STORE *X509_STORE_new() 196X509_STORE *X509_STORE_new(void)
222 { 197 {
223 X509_STORE *ret; 198 X509_STORE *ret;
224 199
@@ -226,16 +201,16 @@ X509_STORE *X509_STORE_new()
226 return(NULL); 201 return(NULL);
227 ret->certs=lh_new(x509_object_hash,x509_object_cmp); 202 ret->certs=lh_new(x509_object_hash,x509_object_cmp);
228 ret->cache=1; 203 ret->cache=1;
229 ret->get_cert_methods=sk_new_null(); 204 ret->get_cert_methods=sk_X509_LOOKUP_new_null();
230 ret->verify=NULL; 205 ret->verify=NULL;
231 ret->verify_cb=NULL; 206 ret->verify_cb=NULL;
232 memset(&ret->ex_data,0,sizeof(CRYPTO_EX_DATA)); 207 memset(&ret->ex_data,0,sizeof(CRYPTO_EX_DATA));
233 ret->references=1; 208 ret->references=1;
209 ret->depth=0;
234 return(ret); 210 return(ret);
235 } 211 }
236 212
237static void cleanup(a) 213static void cleanup(X509_OBJECT *a)
238X509_OBJECT *a;
239 { 214 {
240 if (a->type == X509_LU_X509) 215 if (a->type == X509_LU_X509)
241 { 216 {
@@ -251,21 +226,23 @@ X509_OBJECT *a;
251 Free(a); 226 Free(a);
252 } 227 }
253 228
254void X509_STORE_free(vfy) 229void X509_STORE_free(X509_STORE *vfy)
255X509_STORE *vfy;
256 { 230 {
257 int i; 231 int i;
258 STACK *sk; 232 STACK_OF(X509_LOOKUP) *sk;
259 X509_LOOKUP *lu; 233 X509_LOOKUP *lu;
260 234
235 if(vfy == NULL)
236 return;
237
261 sk=vfy->get_cert_methods; 238 sk=vfy->get_cert_methods;
262 for (i=0; i<sk_num(sk); i++) 239 for (i=0; i<sk_X509_LOOKUP_num(sk); i++)
263 { 240 {
264 lu=(X509_LOOKUP *)sk_value(sk,i); 241 lu=sk_X509_LOOKUP_value(sk,i);
265 X509_LOOKUP_shutdown(lu); 242 X509_LOOKUP_shutdown(lu);
266 X509_LOOKUP_free(lu); 243 X509_LOOKUP_free(lu);
267 } 244 }
268 sk_free(sk); 245 sk_X509_LOOKUP_free(sk);
269 246
270 CRYPTO_free_ex_data(x509_store_meth,(char *)vfy,&vfy->ex_data); 247 CRYPTO_free_ex_data(x509_store_meth,(char *)vfy,&vfy->ex_data);
271 lh_doall(vfy->certs,cleanup); 248 lh_doall(vfy->certs,cleanup);
@@ -273,18 +250,16 @@ X509_STORE *vfy;
273 Free(vfy); 250 Free(vfy);
274 } 251 }
275 252
276X509_LOOKUP *X509_STORE_add_lookup(v,m) 253X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m)
277X509_STORE *v;
278X509_LOOKUP_METHOD *m;
279 { 254 {
280 int i; 255 int i;
281 STACK *sk; 256 STACK_OF(X509_LOOKUP) *sk;
282 X509_LOOKUP *lu; 257 X509_LOOKUP *lu;
283 258
284 sk=v->get_cert_methods; 259 sk=v->get_cert_methods;
285 for (i=0; i<sk_num(sk); i++) 260 for (i=0; i<sk_X509_LOOKUP_num(sk); i++)
286 { 261 {
287 lu=(X509_LOOKUP *)sk_value(sk,i); 262 lu=sk_X509_LOOKUP_value(sk,i);
288 if (m == lu->method) 263 if (m == lu->method)
289 { 264 {
290 return(lu); 265 return(lu);
@@ -297,7 +272,7 @@ X509_LOOKUP_METHOD *m;
297 else 272 else
298 { 273 {
299 lu->store_ctx=v; 274 lu->store_ctx=v;
300 if (sk_push(v->get_cert_methods,(char *)lu)) 275 if (sk_X509_LOOKUP_push(v->get_cert_methods,lu))
301 return(lu); 276 return(lu);
302 else 277 else
303 { 278 {
@@ -307,24 +282,21 @@ X509_LOOKUP_METHOD *m;
307 } 282 }
308 } 283 }
309 284
310int X509_STORE_get_by_subject(vs,type,name,ret) 285int X509_STORE_get_by_subject(X509_STORE_CTX *vs, int type, X509_NAME *name,
311X509_STORE_CTX *vs; 286 X509_OBJECT *ret)
312int type;
313X509_NAME *name;
314X509_OBJECT *ret;
315 { 287 {
316 X509_STORE *ctx=vs->ctx; 288 X509_STORE *ctx=vs->ctx;
317 X509_LOOKUP *lu; 289 X509_LOOKUP *lu;
318 X509_OBJECT stmp,*tmp; 290 X509_OBJECT stmp,*tmp;
319 int i,j; 291 int i,j;
320 292
321 tmp=X509_OBJECT_retrive_by_subject(ctx->certs,type,name); 293 tmp=X509_OBJECT_retrieve_by_subject(ctx->certs,type,name);
322 294
323 if (tmp == NULL) 295 if (tmp == NULL)
324 { 296 {
325 for (i=vs->current_method; i<sk_num(ctx->get_cert_methods); i++) 297 for (i=vs->current_method; i<sk_X509_LOOKUP_num(ctx->get_cert_methods); i++)
326 { 298 {
327 lu=(X509_LOOKUP *)sk_value(ctx->get_cert_methods,i); 299 lu=sk_X509_LOOKUP_value(ctx->get_cert_methods,i);
328 j=X509_LOOKUP_by_subject(lu,type,name,&stmp); 300 j=X509_LOOKUP_by_subject(lu,type,name,&stmp);
329 if (j < 0) 301 if (j < 0)
330 { 302 {
@@ -353,8 +325,7 @@ X509_OBJECT *ret;
353 return(1); 325 return(1);
354 } 326 }
355 327
356void X509_OBJECT_up_ref_count(a) 328void X509_OBJECT_up_ref_count(X509_OBJECT *a)
357X509_OBJECT *a;
358 { 329 {
359 switch (a->type) 330 switch (a->type)
360 { 331 {
@@ -367,8 +338,7 @@ X509_OBJECT *a;
367 } 338 }
368 } 339 }
369 340
370void X509_OBJECT_free_contents(a) 341void X509_OBJECT_free_contents(X509_OBJECT *a)
371X509_OBJECT *a;
372 { 342 {
373 switch (a->type) 343 switch (a->type)
374 { 344 {
@@ -381,10 +351,8 @@ X509_OBJECT *a;
381 } 351 }
382 } 352 }
383 353
384X509_OBJECT *X509_OBJECT_retrive_by_subject(h,type,name) 354X509_OBJECT *X509_OBJECT_retrieve_by_subject(LHASH *h, int type,
385LHASH *h; 355 X509_NAME *name)
386int type;
387X509_NAME *name;
388 { 356 {
389 X509_OBJECT stmp,*tmp; 357 X509_OBJECT stmp,*tmp;
390 X509 x509_s; 358 X509 x509_s;
@@ -413,11 +381,8 @@ X509_NAME *name;
413 return(tmp); 381 return(tmp);
414 } 382 }
415 383
416void X509_STORE_CTX_init(ctx,store,x509,chain) 384void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, X509 *x509,
417X509_STORE_CTX *ctx; 385 STACK_OF(X509) *chain)
418X509_STORE *store;
419X509 *x509;
420STACK *chain;
421 { 386 {
422 ctx->ctx=store; 387 ctx->ctx=store;
423 ctx->current_method=0; 388 ctx->current_method=0;
@@ -426,21 +391,21 @@ STACK *chain;
426 ctx->last_untrusted=0; 391 ctx->last_untrusted=0;
427 ctx->valid=0; 392 ctx->valid=0;
428 ctx->chain=NULL; 393 ctx->chain=NULL;
429 ctx->depth=10; 394 ctx->depth=9;
430 ctx->error=0; 395 ctx->error=0;
431 ctx->current_cert=NULL; 396 ctx->current_cert=NULL;
432 memset(&(ctx->ex_data),0,sizeof(CRYPTO_EX_DATA)); 397 memset(&(ctx->ex_data),0,sizeof(CRYPTO_EX_DATA));
433 } 398 }
434 399
435void X509_STORE_CTX_cleanup(ctx) 400void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
436X509_STORE_CTX *ctx;
437 { 401 {
438 if (ctx->chain != NULL) 402 if (ctx->chain != NULL)
439 { 403 {
440 sk_pop_free(ctx->chain,X509_free); 404 sk_X509_pop_free(ctx->chain,X509_free);
441 ctx->chain=NULL; 405 ctx->chain=NULL;
442 } 406 }
443 CRYPTO_free_ex_data(x509_store_ctx_meth,(char *)ctx,&(ctx->ex_data)); 407 CRYPTO_free_ex_data(x509_store_ctx_meth,(char *)ctx,&(ctx->ex_data));
444 memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA)); 408 memset(&ctx->ex_data,0,sizeof(CRYPTO_EX_DATA));
445 } 409 }
446 410
411IMPLEMENT_STACK_OF(X509_LOOKUP)
diff --git a/src/lib/libcrypto/x509/x509_obj.c b/src/lib/libcrypto/x509/x509_obj.c
index c0576fd6f6..691b71f031 100644
--- a/src/lib/libcrypto/x509/x509_obj.c
+++ b/src/lib/libcrypto/x509/x509_obj.c
@@ -58,27 +58,27 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "lhash.h" 61#include <openssl/lhash.h>
62#include "objects.h" 62#include <openssl/objects.h>
63#include "x509.h" 63#include <openssl/x509.h>
64#include "buffer.h" 64#include <openssl/buffer.h>
65 65
66char *X509_NAME_oneline(a,buf,len) 66char *X509_NAME_oneline(X509_NAME *a, char *buf, int len)
67X509_NAME *a;
68char *buf;
69int len;
70 { 67 {
71 X509_NAME_ENTRY *ne; 68 X509_NAME_ENTRY *ne;
72 unsigned int i; 69int i;
73 int n,lold,l,l1,l2,num,j,type; 70 int n,lold,l,l1,l2,num,j,type;
74 char *s,*p; 71 const char *s;
72 char *p;
75 unsigned char *q; 73 unsigned char *q;
76 BUF_MEM *b=NULL; 74 BUF_MEM *b=NULL;
77 static char hex[17]="0123456789ABCDEF"; 75 static char hex[17]="0123456789ABCDEF";
78 int gs_doit[4]; 76 int gs_doit[4];
79 char tmp_buf[80]; 77 char tmp_buf[80];
78#ifdef CHARSET_EBCDIC
79 char ebcdic_buf[1024];
80#endif
80 81
81 if (a == NULL) return("NO X509_NAME");
82 if (buf == NULL) 82 if (buf == NULL)
83 { 83 {
84 if ((b=BUF_MEM_new()) == NULL) goto err; 84 if ((b=BUF_MEM_new()) == NULL) goto err;
@@ -86,12 +86,22 @@ int len;
86 b->data[0]='\0'; 86 b->data[0]='\0';
87 len=200; 87 len=200;
88 } 88 }
89 if (a == NULL)
90 {
91 if(b)
92 {
93 buf=b->data;
94 Free(b);
95 }
96 strncpy(buf,"NO X509_NAME",len);
97 return buf;
98 }
89 99
90 len--; /* space for '\0' */ 100 len--; /* space for '\0' */
91 l=0; 101 l=0;
92 for (i=0; (int)i<sk_num(a->entries); i++) 102 for (i=0; i<sk_X509_NAME_ENTRY_num(a->entries); i++)
93 { 103 {
94 ne=(X509_NAME_ENTRY *)sk_value(a->entries,i); 104 ne=sk_X509_NAME_ENTRY_value(a->entries,i);
95 n=OBJ_obj2nid(ne->object); 105 n=OBJ_obj2nid(ne->object);
96 if ((n == NID_undef) || ((s=OBJ_nid2sn(n)) == NULL)) 106 if ((n == NID_undef) || ((s=OBJ_nid2sn(n)) == NULL))
97 { 107 {
@@ -103,6 +113,19 @@ int len;
103 type=ne->value->type; 113 type=ne->value->type;
104 num=ne->value->length; 114 num=ne->value->length;
105 q=ne->value->data; 115 q=ne->value->data;
116#ifdef CHARSET_EBCDIC
117 if (type == V_ASN1_GENERALSTRING ||
118 type == V_ASN1_VISIBLESTRING ||
119 type == V_ASN1_PRINTABLESTRING ||
120 type == V_ASN1_TELETEXSTRING ||
121 type == V_ASN1_VISIBLESTRING ||
122 type == V_ASN1_IA5STRING) {
123 ascii2ebcdic(ebcdic_buf, q,
124 (num > sizeof ebcdic_buf)
125 ? sizeof ebcdic_buf : num);
126 q=ebcdic_buf;
127 }
128#endif
106 129
107 if ((type == V_ASN1_GENERALSTRING) && ((num%4) == 0)) 130 if ((type == V_ASN1_GENERALSTRING) && ((num%4) == 0))
108 { 131 {
@@ -125,7 +148,12 @@ int len;
125 { 148 {
126 if (!gs_doit[j&3]) continue; 149 if (!gs_doit[j&3]) continue;
127 l2++; 150 l2++;
151#ifndef CHARSET_EBCDIC
128 if ((q[j] < ' ') || (q[j] > '~')) l2+=3; 152 if ((q[j] < ' ') || (q[j] > '~')) l2+=3;
153#else
154 if ((os_toascii[q[j]] < os_toascii[' ']) ||
155 (os_toascii[q[j]] > os_toascii['~'])) l2+=3;
156#endif
129 } 157 }
130 158
131 lold=l; 159 lold=l;
@@ -145,11 +173,14 @@ int len;
145 memcpy(p,s,(unsigned int)l1); p+=l1; 173 memcpy(p,s,(unsigned int)l1); p+=l1;
146 *(p++)='='; 174 *(p++)='=';
147 175
176#ifndef CHARSET_EBCDIC /* q was assigned above already. */
148 q=ne->value->data; 177 q=ne->value->data;
178#endif
149 179
150 for (j=0; j<num; j++) 180 for (j=0; j<num; j++)
151 { 181 {
152 if (!gs_doit[j&3]) continue; 182 if (!gs_doit[j&3]) continue;
183#ifndef CHARSET_EBCDIC
153 n=q[j]; 184 n=q[j];
154 if ((n < ' ') || (n > '~')) 185 if ((n < ' ') || (n > '~'))
155 { 186 {
@@ -160,13 +191,26 @@ int len;
160 } 191 }
161 else 192 else
162 *(p++)=n; 193 *(p++)=n;
194#else
195 n=os_toascii[q[j]];
196 if ((n < os_toascii[' ']) ||
197 (n > os_toascii['~']))
198 {
199 *(p++)='\\';
200 *(p++)='x';
201 *(p++)=hex[(n>>4)&0x0f];
202 *(p++)=hex[n&0x0f];
203 }
204 else
205 *(p++)=q[j];
206#endif
163 } 207 }
164 *p='\0'; 208 *p='\0';
165 } 209 }
166 if (b != NULL) 210 if (b != NULL)
167 { 211 {
168 p=b->data; 212 p=b->data;
169 Free((char *)b); 213 Free(b);
170 } 214 }
171 else 215 else
172 p=buf; 216 p=buf;
diff --git a/src/lib/libcrypto/x509/x509_r2x.c b/src/lib/libcrypto/x509/x509_r2x.c
index 6aec2427f7..bb4697ae60 100644
--- a/src/lib/libcrypto/x509/x509_r2x.c
+++ b/src/lib/libcrypto/x509/x509_r2x.c
@@ -58,22 +58,16 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "bn.h" 61#include <openssl/bn.h>
62#include "evp.h" 62#include <openssl/evp.h>
63#include "asn1.h" 63#include <openssl/asn1.h>
64#include "x509.h" 64#include <openssl/x509.h>
65#include "objects.h" 65#include <openssl/objects.h>
66#include "buffer.h" 66#include <openssl/buffer.h>
67#include "pem.h"
68 67
69X509 *X509_REQ_to_X509(r,days,pkey) 68X509 *X509_REQ_to_X509(X509_REQ *r, int days, EVP_PKEY *pkey)
70X509_REQ *r;
71int days;
72EVP_PKEY *pkey;
73 { 69 {
74 X509 *ret=NULL; 70 X509 *ret=NULL;
75 int er=1;
76 X509_REQ_INFO *ri=NULL;
77 X509_CINF *xi=NULL; 71 X509_CINF *xi=NULL;
78 X509_NAME *xn; 72 X509_NAME *xn;
79 73
@@ -84,13 +78,9 @@ EVP_PKEY *pkey;
84 } 78 }
85 79
86 /* duplicate the request */ 80 /* duplicate the request */
87 ri=(X509_REQ_INFO *)ASN1_dup(i2d_X509_REQ_INFO,
88 (char *(*)())d2i_X509_REQ_INFO,(char *)r->req_info);
89 if (ri == NULL) goto err;
90
91 xi=ret->cert_info; 81 xi=ret->cert_info;
92 82
93 if (sk_num(ri->attributes) != 0) 83 if (sk_X509_ATTRIBUTE_num(r->req_info->attributes) != 0)
94 { 84 {
95 if ((xi->version=ASN1_INTEGER_new()) == NULL) goto err; 85 if ((xi->version=ASN1_INTEGER_new()) == NULL) goto err;
96 if (!ASN1_INTEGER_set(xi->version,2)) goto err; 86 if (!ASN1_INTEGER_set(xi->version,2)) goto err;
@@ -109,13 +99,11 @@ EVP_PKEY *pkey;
109 99
110 if (!X509_sign(ret,pkey,EVP_md5())) 100 if (!X509_sign(ret,pkey,EVP_md5()))
111 goto err; 101 goto err;
112 er=0; 102 if (0)
113err:
114 if (er)
115 { 103 {
104err:
116 X509_free(ret); 105 X509_free(ret);
117 X509_REQ_INFO_free(ri); 106 ret=NULL;
118 return(NULL);
119 } 107 }
120 return(ret); 108 return(ret);
121 } 109 }
diff --git a/src/lib/libcrypto/x509/x509_req.c b/src/lib/libcrypto/x509/x509_req.c
index 5004365bad..2ef94decd1 100644
--- a/src/lib/libcrypto/x509/x509_req.c
+++ b/src/lib/libcrypto/x509/x509_req.c
@@ -58,22 +58,20 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "bn.h" 61#include <openssl/bn.h>
62#include "evp.h" 62#include <openssl/evp.h>
63#include "asn1.h" 63#include <openssl/asn1.h>
64#include "x509.h" 64#include <openssl/x509.h>
65#include "objects.h" 65#include <openssl/objects.h>
66#include "buffer.h" 66#include <openssl/buffer.h>
67#include "pem.h" 67#include <openssl/pem.h>
68 68
69X509_REQ *X509_to_X509_REQ(x,pkey,md) 69X509_REQ *X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, EVP_MD *md)
70X509 *x;
71EVP_PKEY *pkey;
72EVP_MD *md;
73 { 70 {
74 X509_REQ *ret; 71 X509_REQ *ret;
75 X509_REQ_INFO *ri; 72 X509_REQ_INFO *ri;
76 int i; 73 int i;
74 EVP_PKEY *pktmp;
77 75
78 ret=X509_REQ_new(); 76 ret=X509_REQ_new();
79 if (ret == NULL) 77 if (ret == NULL)
@@ -92,7 +90,9 @@ EVP_MD *md;
92 if (!X509_REQ_set_subject_name(ret,X509_get_subject_name(x))) 90 if (!X509_REQ_set_subject_name(ret,X509_get_subject_name(x)))
93 goto err; 91 goto err;
94 92
95 i=X509_REQ_set_pubkey(ret,X509_get_pubkey(x)); 93 pktmp = X509_get_pubkey(x);
94 i=X509_REQ_set_pubkey(ret,pktmp);
95 EVP_PKEY_free(pktmp);
96 if (!i) goto err; 96 if (!i) goto err;
97 97
98 if (pkey != NULL) 98 if (pkey != NULL)
@@ -106,8 +106,7 @@ err:
106 return(NULL); 106 return(NULL);
107 } 107 }
108 108
109EVP_PKEY *X509_REQ_get_pubkey(req) 109EVP_PKEY *X509_REQ_get_pubkey(X509_REQ *req)
110X509_REQ *req;
111 { 110 {
112 if ((req == NULL) || (req->req_info == NULL)) 111 if ((req == NULL) || (req->req_info == NULL))
113 return(NULL); 112 return(NULL);
diff --git a/src/lib/libcrypto/x509/x509_set.c b/src/lib/libcrypto/x509/x509_set.c
index 5d0a3a0c0e..5a6f7b414f 100644
--- a/src/lib/libcrypto/x509/x509_set.c
+++ b/src/lib/libcrypto/x509/x509_set.c
@@ -58,14 +58,12 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "asn1.h" 61#include <openssl/asn1.h>
62#include "objects.h" 62#include <openssl/objects.h>
63#include "evp.h" 63#include <openssl/evp.h>
64#include "x509.h" 64#include <openssl/x509.h>
65 65
66int X509_set_version(x,version) 66int X509_set_version(X509 *x, long version)
67X509 *x;
68long version;
69 { 67 {
70 if (x == NULL) return(0); 68 if (x == NULL) return(0);
71 if (x->cert_info->version == NULL) 69 if (x->cert_info->version == NULL)
@@ -76,9 +74,7 @@ long version;
76 return(ASN1_INTEGER_set(x->cert_info->version,version)); 74 return(ASN1_INTEGER_set(x->cert_info->version,version));
77 } 75 }
78 76
79int X509_set_serialNumber(x,serial) 77int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial)
80X509 *x;
81ASN1_INTEGER *serial;
82 { 78 {
83 ASN1_INTEGER *in; 79 ASN1_INTEGER *in;
84 80
@@ -96,25 +92,19 @@ ASN1_INTEGER *serial;
96 return(in != NULL); 92 return(in != NULL);
97 } 93 }
98 94
99int X509_set_issuer_name(x,name) 95int X509_set_issuer_name(X509 *x, X509_NAME *name)
100X509 *x;
101X509_NAME *name;
102 { 96 {
103 if ((x == NULL) || (x->cert_info == NULL)) return(0); 97 if ((x == NULL) || (x->cert_info == NULL)) return(0);
104 return(X509_NAME_set(&x->cert_info->issuer,name)); 98 return(X509_NAME_set(&x->cert_info->issuer,name));
105 } 99 }
106 100
107int X509_set_subject_name(x,name) 101int X509_set_subject_name(X509 *x, X509_NAME *name)
108X509 *x;
109X509_NAME *name;
110 { 102 {
111 if ((x == NULL) || (x->cert_info == NULL)) return(0); 103 if ((x == NULL) || (x->cert_info == NULL)) return(0);
112 return(X509_NAME_set(&x->cert_info->subject,name)); 104 return(X509_NAME_set(&x->cert_info->subject,name));
113 } 105 }
114 106
115int X509_set_notBefore(x,tm) 107int X509_set_notBefore(X509 *x, ASN1_UTCTIME *tm)
116X509 *x;
117ASN1_UTCTIME *tm;
118 { 108 {
119 ASN1_UTCTIME *in; 109 ASN1_UTCTIME *in;
120 110
@@ -132,9 +122,7 @@ ASN1_UTCTIME *tm;
132 return(in != NULL); 122 return(in != NULL);
133 } 123 }
134 124
135int X509_set_notAfter(x,tm) 125int X509_set_notAfter(X509 *x, ASN1_UTCTIME *tm)
136X509 *x;
137ASN1_UTCTIME *tm;
138 { 126 {
139 ASN1_UTCTIME *in; 127 ASN1_UTCTIME *in;
140 128
@@ -152,9 +140,7 @@ ASN1_UTCTIME *tm;
152 return(in != NULL); 140 return(in != NULL);
153 } 141 }
154 142
155int X509_set_pubkey(x,pkey) 143int X509_set_pubkey(X509 *x, EVP_PKEY *pkey)
156X509 *x;
157EVP_PKEY *pkey;
158 { 144 {
159 if ((x == NULL) || (x->cert_info == NULL)) return(0); 145 if ((x == NULL) || (x->cert_info == NULL)) return(0);
160 return(X509_PUBKEY_set(&(x->cert_info->key),pkey)); 146 return(X509_PUBKEY_set(&(x->cert_info->key),pkey));
diff --git a/src/lib/libcrypto/x509/x509_txt.c b/src/lib/libcrypto/x509/x509_txt.c
index 408d1c277c..11a3d2012f 100644
--- a/src/lib/libcrypto/x509/x509_txt.c
+++ b/src/lib/libcrypto/x509/x509_txt.c
@@ -62,16 +62,14 @@
62#include <sys/types.h> 62#include <sys/types.h>
63 63
64#include "cryptlib.h" 64#include "cryptlib.h"
65#include "lhash.h" 65#include <openssl/lhash.h>
66#include "buffer.h" 66#include <openssl/buffer.h>
67#include "evp.h" 67#include <openssl/evp.h>
68#include "asn1.h" 68#include <openssl/asn1.h>
69#include "x509.h" 69#include <openssl/x509.h>
70#include "objects.h" 70#include <openssl/objects.h>
71#include "pem.h"
72 71
73char *X509_verify_cert_error_string(n) 72const char *X509_verify_cert_error_string(long n)
74long n;
75 { 73 {
76 static char buf[100]; 74 static char buf[100];
77 75
@@ -121,6 +119,8 @@ long n;
121 return("unable to verify the first certificate"); 119 return("unable to verify the first certificate");
122 case X509_V_ERR_CERT_CHAIN_TOO_LONG: 120 case X509_V_ERR_CERT_CHAIN_TOO_LONG:
123 return("certificate chain too long"); 121 return("certificate chain too long");
122 case X509_V_ERR_CERT_REVOKED:
123 return("certificate revoked");
124 case X509_V_ERR_APPLICATION_VERIFICATION: 124 case X509_V_ERR_APPLICATION_VERIFICATION:
125 return("application verification failure"); 125 return("application verification failure");
126 default: 126 default:
diff --git a/src/lib/libcrypto/x509/x509_v3.c b/src/lib/libcrypto/x509/x509_v3.c
index 1c03602f0b..dd2f9f1b17 100644
--- a/src/lib/libcrypto/x509/x509_v3.c
+++ b/src/lib/libcrypto/x509/x509_v3.c
@@ -57,34 +57,21 @@
57 */ 57 */
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "stack.h" 60#include <openssl/stack.h>
61#include "cryptlib.h" 61#include "cryptlib.h"
62#include "asn1.h" 62#include <openssl/asn1.h>
63#include "objects.h" 63#include <openssl/objects.h>
64#include "evp.h" 64#include <openssl/evp.h>
65#include "x509.h" 65#include <openssl/x509.h>
66 66
67#ifndef NOPROTO 67int X509v3_get_ext_count(const STACK_OF(X509_EXTENSION) *x)
68static X509_EXTENSION_METHOD *find_by_nid(int nid);
69static int xem_cmp(X509_EXTENSION_METHOD **a, X509_EXTENSION_METHOD **b);
70#else
71static X509_EXTENSION_METHOD *find_by_nid();
72static int xem_cmp();
73#endif
74
75static STACK *extensions=NULL;
76
77int X509v3_get_ext_count(x)
78STACK *x;
79 { 68 {
80 if (x == NULL) return(0); 69 if (x == NULL) return(0);
81 return(sk_num(x)); 70 return(sk_X509_EXTENSION_num(x));
82 } 71 }
83 72
84int X509v3_get_ext_by_NID(x,nid,lastpos) 73int X509v3_get_ext_by_NID(const STACK_OF(X509_EXTENSION) *x, int nid,
85STACK *x; 74 int lastpos)
86int nid;
87int lastpos;
88 { 75 {
89 ASN1_OBJECT *obj; 76 ASN1_OBJECT *obj;
90 77
@@ -93,10 +80,8 @@ int lastpos;
93 return(X509v3_get_ext_by_OBJ(x,obj,lastpos)); 80 return(X509v3_get_ext_by_OBJ(x,obj,lastpos));
94 } 81 }
95 82
96int X509v3_get_ext_by_OBJ(sk,obj,lastpos) 83int X509v3_get_ext_by_OBJ(const STACK_OF(X509_EXTENSION) *sk, ASN1_OBJECT *obj,
97STACK *sk; 84 int lastpos)
98ASN1_OBJECT *obj;
99int lastpos;
100 { 85 {
101 int n; 86 int n;
102 X509_EXTENSION *ex; 87 X509_EXTENSION *ex;
@@ -105,20 +90,18 @@ int lastpos;
105 lastpos++; 90 lastpos++;
106 if (lastpos < 0) 91 if (lastpos < 0)
107 lastpos=0; 92 lastpos=0;
108 n=sk_num(sk); 93 n=sk_X509_EXTENSION_num(sk);
109 for ( ; lastpos < n; lastpos++) 94 for ( ; lastpos < n; lastpos++)
110 { 95 {
111 ex=(X509_EXTENSION *)sk_value(sk,lastpos); 96 ex=sk_X509_EXTENSION_value(sk,lastpos);
112 if (OBJ_cmp(ex->object,obj) == 0) 97 if (OBJ_cmp(ex->object,obj) == 0)
113 return(lastpos); 98 return(lastpos);
114 } 99 }
115 return(-1); 100 return(-1);
116 } 101 }
117 102
118int X509v3_get_ext_by_critical(sk,crit,lastpos) 103int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *sk, int crit,
119STACK *sk; 104 int lastpos)
120int crit;
121int lastpos;
122 { 105 {
123 int n; 106 int n;
124 X509_EXTENSION *ex; 107 X509_EXTENSION *ex;
@@ -127,10 +110,10 @@ int lastpos;
127 lastpos++; 110 lastpos++;
128 if (lastpos < 0) 111 if (lastpos < 0)
129 lastpos=0; 112 lastpos=0;
130 n=sk_num(sk); 113 n=sk_X509_EXTENSION_num(sk);
131 for ( ; lastpos < n; lastpos++) 114 for ( ; lastpos < n; lastpos++)
132 { 115 {
133 ex=(X509_EXTENSION *)sk_value(sk,lastpos); 116 ex=sk_X509_EXTENSION_value(sk,lastpos);
134 if ( (ex->critical && crit) || 117 if ( (ex->critical && crit) ||
135 (!ex->critical && !crit)) 118 (!ex->critical && !crit))
136 return(lastpos); 119 return(lastpos);
@@ -138,52 +121,46 @@ int lastpos;
138 return(-1); 121 return(-1);
139 } 122 }
140 123
141X509_EXTENSION *X509v3_get_ext(x,loc) 124X509_EXTENSION *X509v3_get_ext(const STACK_OF(X509_EXTENSION) *x, int loc)
142STACK *x;
143int loc;
144 { 125 {
145 if ((x == NULL) || (sk_num(x) <= loc) || (loc < 0)) 126 if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0)
146 return(NULL); 127 return NULL;
147 else 128 else
148 return((X509_EXTENSION *)sk_value(x,loc)); 129 return sk_X509_EXTENSION_value(x,loc);
149 } 130 }
150 131
151X509_EXTENSION *X509v3_delete_ext(x,loc) 132X509_EXTENSION *X509v3_delete_ext(STACK_OF(X509_EXTENSION) *x, int loc)
152STACK *x;
153int loc;
154 { 133 {
155 X509_EXTENSION *ret; 134 X509_EXTENSION *ret;
156 135
157 if ((x == NULL) || (sk_num(x) <= loc) || (loc < 0)) 136 if (x == NULL || sk_X509_EXTENSION_num(x) <= loc || loc < 0)
158 return(NULL); 137 return(NULL);
159 ret=(X509_EXTENSION *)sk_delete(x,loc); 138 ret=sk_X509_EXTENSION_delete(x,loc);
160 return(ret); 139 return(ret);
161 } 140 }
162 141
163STACK *X509v3_add_ext(x,ex,loc) 142STACK_OF(X509_EXTENSION) *X509v3_add_ext(STACK_OF(X509_EXTENSION) **x,
164STACK **x; 143 X509_EXTENSION *ex, int loc)
165X509_EXTENSION *ex;
166int loc;
167 { 144 {
168 X509_EXTENSION *new_ex=NULL; 145 X509_EXTENSION *new_ex=NULL;
169 int n; 146 int n;
170 STACK *sk=NULL; 147 STACK_OF(X509_EXTENSION) *sk=NULL;
171 148
172 if ((x != NULL) && (*x == NULL)) 149 if ((x != NULL) && (*x == NULL))
173 { 150 {
174 if ((sk=sk_new_null()) == NULL) 151 if ((sk=sk_X509_EXTENSION_new_null()) == NULL)
175 goto err; 152 goto err;
176 } 153 }
177 else 154 else
178 sk= *x; 155 sk= *x;
179 156
180 n=sk_num(sk); 157 n=sk_X509_EXTENSION_num(sk);
181 if (loc > n) loc=n; 158 if (loc > n) loc=n;
182 else if (loc < 0) loc=n; 159 else if (loc < 0) loc=n;
183 160
184 if ((new_ex=X509_EXTENSION_dup(ex)) == NULL) 161 if ((new_ex=X509_EXTENSION_dup(ex)) == NULL)
185 goto err2; 162 goto err2;
186 if (!sk_insert(sk,(char *)new_ex,loc)) 163 if (!sk_X509_EXTENSION_insert(sk,new_ex,loc))
187 goto err; 164 goto err;
188 if ((x != NULL) && (*x == NULL)) 165 if ((x != NULL) && (*x == NULL))
189 *x=sk; 166 *x=sk;
@@ -192,15 +169,12 @@ err:
192 X509err(X509_F_X509V3_ADD_EXT,ERR_R_MALLOC_FAILURE); 169 X509err(X509_F_X509V3_ADD_EXT,ERR_R_MALLOC_FAILURE);
193err2: 170err2:
194 if (new_ex != NULL) X509_EXTENSION_free(new_ex); 171 if (new_ex != NULL) X509_EXTENSION_free(new_ex);
195 if (sk != NULL) sk_free(sk); 172 if (sk != NULL) sk_X509_EXTENSION_free(sk);
196 return(NULL); 173 return(NULL);
197 } 174 }
198 175
199X509_EXTENSION *X509_EXTENSION_create_by_NID(ex,nid,crit,data) 176X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex, int nid,
200X509_EXTENSION **ex; 177 int crit, ASN1_OCTET_STRING *data)
201int nid;
202int crit;
203ASN1_OCTET_STRING *data;
204 { 178 {
205 ASN1_OBJECT *obj; 179 ASN1_OBJECT *obj;
206 X509_EXTENSION *ret; 180 X509_EXTENSION *ret;
@@ -216,11 +190,8 @@ ASN1_OCTET_STRING *data;
216 return(ret); 190 return(ret);
217 } 191 }
218 192
219X509_EXTENSION *X509_EXTENSION_create_by_OBJ(ex,obj,crit,data) 193X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
220X509_EXTENSION **ex; 194 ASN1_OBJECT *obj, int crit, ASN1_OCTET_STRING *data)
221ASN1_OBJECT *obj;
222int crit;
223ASN1_OCTET_STRING *data;
224 { 195 {
225 X509_EXTENSION *ret; 196 X509_EXTENSION *ret;
226 197
@@ -250,9 +221,7 @@ err:
250 return(NULL); 221 return(NULL);
251 } 222 }
252 223
253int X509_EXTENSION_set_object(ex,obj) 224int X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj)
254X509_EXTENSION *ex;
255ASN1_OBJECT *obj;
256 { 225 {
257 if ((ex == NULL) || (obj == NULL)) 226 if ((ex == NULL) || (obj == NULL))
258 return(0); 227 return(0);
@@ -261,18 +230,14 @@ ASN1_OBJECT *obj;
261 return(1); 230 return(1);
262 } 231 }
263 232
264int X509_EXTENSION_set_critical(ex,crit) 233int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit)
265X509_EXTENSION *ex;
266int crit;
267 { 234 {
268 if (ex == NULL) return(0); 235 if (ex == NULL) return(0);
269 ex->critical=(crit)?0xFF:0; 236 ex->critical=(crit)?0xFF:0;
270 return(1); 237 return(1);
271 } 238 }
272 239
273int X509_EXTENSION_set_data(ex,data) 240int X509_EXTENSION_set_data(X509_EXTENSION *ex, ASN1_OCTET_STRING *data)
274X509_EXTENSION *ex;
275ASN1_OCTET_STRING *data;
276 { 241 {
277 int i; 242 int i;
278 243
@@ -282,128 +247,20 @@ ASN1_OCTET_STRING *data;
282 return(1); 247 return(1);
283 } 248 }
284 249
285ASN1_OBJECT *X509_EXTENSION_get_object(ex) 250ASN1_OBJECT *X509_EXTENSION_get_object(X509_EXTENSION *ex)
286X509_EXTENSION *ex;
287 { 251 {
288 if (ex == NULL) return(NULL); 252 if (ex == NULL) return(NULL);
289 return(ex->object); 253 return(ex->object);
290 } 254 }
291 255
292ASN1_OCTET_STRING *X509_EXTENSION_get_data(ex) 256ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ex)
293X509_EXTENSION *ex;
294 { 257 {
295 if (ex == NULL) return(NULL); 258 if (ex == NULL) return(NULL);
296 return(ex->value); 259 return(ex->value);
297 } 260 }
298 261
299int X509_EXTENSION_get_critical(ex) 262int X509_EXTENSION_get_critical(X509_EXTENSION *ex)
300X509_EXTENSION *ex;
301 { 263 {
302 if (ex == NULL) return(0); 264 if (ex == NULL) return(0);
303 return(ex->critical); 265 return(ex->critical);
304 } 266 }
305
306int X509v3_data_type_by_OBJ(obj)
307ASN1_OBJECT *obj;
308 {
309 int nid;
310
311 nid=OBJ_obj2nid(obj);
312 if (nid == V_ASN1_UNDEF) return(V_ASN1_UNDEF);
313 return(X509v3_data_type_by_NID(nid));
314 }
315
316int X509v3_data_type_by_NID(nid)
317int nid;
318 {
319 X509_EXTENSION_METHOD *x;
320
321 x=find_by_nid(nid);
322 if (x == NULL)
323 return(V_ASN1_UNDEF);
324 else
325 return(x->data_type);
326 }
327
328int X509v3_pack_type_by_OBJ(obj)
329ASN1_OBJECT *obj;
330 {
331 int nid;
332
333 nid=OBJ_obj2nid(obj);
334 if (nid == NID_undef) return(X509_EXT_PACK_UNKNOWN);
335 return(X509v3_pack_type_by_NID(nid));
336 }
337
338int X509v3_pack_type_by_NID(nid)
339int nid;
340 {
341 X509_EXTENSION_METHOD *x;
342
343 x=find_by_nid(nid);
344 if (x == NULL)
345 return(X509_EXT_PACK_UNKNOWN);
346 else
347 return(x->pack_type);
348 }
349
350static X509_EXTENSION_METHOD *find_by_nid(nid)
351int nid;
352 {
353 X509_EXTENSION_METHOD x;
354 int i;
355
356 x.nid=nid;
357 if (extensions == NULL) return(NULL);
358 i=sk_find(extensions,(char *)&x);
359 if (i < 0)
360 return(NULL);
361 else
362 return((X509_EXTENSION_METHOD *)sk_value(extensions,i));
363 }
364
365static int xem_cmp(a,b)
366X509_EXTENSION_METHOD **a,**b;
367 {
368 return((*a)->nid-(*b)->nid);
369 }
370
371void X509v3_cleanup_extensions()
372 {
373 int i;
374
375 if (extensions != NULL)
376 {
377 for (i=0; i<sk_num(extensions); i++)
378 Free(sk_value(extensions,i));
379 sk_free(extensions);
380 extensions=NULL;
381 }
382 }
383
384int X509v3_add_extension(x)
385X509_EXTENSION_METHOD *x;
386 {
387 X509_EXTENSION_METHOD *newx;
388
389 if (extensions == NULL)
390 {
391 extensions=sk_new(xem_cmp);
392 if (extensions == NULL) goto err;
393 }
394 newx=(X509_EXTENSION_METHOD *)Malloc(sizeof(X509_EXTENSION_METHOD));
395 if (newx == NULL) goto err;
396 newx->nid=x->nid;
397 newx->data_type=x->data_type;
398 newx->pack_type=x->pack_type;
399 if (!sk_push(extensions,(char *)newx))
400 {
401 Free(newx);
402 goto err;
403 }
404 return(1);
405err:
406 X509err(X509_F_X509V3_ADD_EXTENSION,ERR_R_MALLOC_FAILURE);
407 return(0);
408 }
409
diff --git a/src/lib/libcrypto/x509/x509_vfy.c b/src/lib/libcrypto/x509/x509_vfy.c
index c1be91edba..c72ee4a385 100644
--- a/src/lib/libcrypto/x509/x509_vfy.c
+++ b/src/lib/libcrypto/x509/x509_vfy.c
@@ -62,25 +62,19 @@
62#include <sys/types.h> 62#include <sys/types.h>
63#include <sys/stat.h> 63#include <sys/stat.h>
64 64
65#include "crypto.h" 65#include <openssl/crypto.h>
66#include "cryptlib.h" 66#include "cryptlib.h"
67#include "lhash.h" 67#include <openssl/lhash.h>
68#include "buffer.h" 68#include <openssl/buffer.h>
69#include "evp.h" 69#include <openssl/evp.h>
70#include "asn1.h" 70#include <openssl/asn1.h>
71#include "x509.h" 71#include <openssl/x509.h>
72#include "objects.h" 72#include <openssl/objects.h>
73#include "pem.h" 73
74
75#ifndef NOPROTO
76static int null_callback(int ok,X509_STORE_CTX *e); 74static int null_callback(int ok,X509_STORE_CTX *e);
77static int internal_verify(X509_STORE_CTX *ctx); 75static int internal_verify(X509_STORE_CTX *ctx);
78#else 76const char *X509_version="X.509" OPENSSL_VERSION_PTEXT;
79static int null_callback();
80static int internal_verify();
81#endif
82 77
83char *X509_version="X509 part of SSLeay 0.9.0b 29-Jun-1998";
84static STACK *x509_store_ctx_method=NULL; 78static STACK *x509_store_ctx_method=NULL;
85static int x509_store_ctx_num=0; 79static int x509_store_ctx_num=0;
86#if 0 80#if 0
@@ -88,23 +82,19 @@ static int x509_store_num=1;
88static STACK *x509_store_method=NULL; 82static STACK *x509_store_method=NULL;
89#endif 83#endif
90 84
91static int null_callback(ok,e) 85static int null_callback(int ok, X509_STORE_CTX *e)
92int ok;
93X509_STORE_CTX *e;
94 { 86 {
95 return(ok); 87 return(ok);
96 } 88 }
97 89
98#if 0 90#if 0
99static int x509_subject_cmp(a,b) 91static int x509_subject_cmp(X509 **a, X509 **b)
100X509 **a,**b;
101 { 92 {
102 return(X509_subject_name_cmp(*a,*b)); 93 return(X509_subject_name_cmp(*a,*b));
103 } 94 }
104#endif 95#endif
105 96
106int X509_verify_cert(ctx) 97int X509_verify_cert(X509_STORE_CTX *ctx)
107X509_STORE_CTX *ctx;
108 { 98 {
109 X509 *x,*xtmp,*chain_ss=NULL; 99 X509 *x,*xtmp,*chain_ss=NULL;
110 X509_NAME *xn; 100 X509_NAME *xn;
@@ -112,7 +102,7 @@ X509_STORE_CTX *ctx;
112 int depth,i,ok=0; 102 int depth,i,ok=0;
113 int num; 103 int num;
114 int (*cb)(); 104 int (*cb)();
115 STACK *sktmp=NULL; 105 STACK_OF(X509) *sktmp=NULL;
116 106
117 if (ctx->cert == NULL) 107 if (ctx->cert == NULL)
118 { 108 {
@@ -127,8 +117,8 @@ X509_STORE_CTX *ctx;
127 * present and that the first entry is in place */ 117 * present and that the first entry is in place */
128 if (ctx->chain == NULL) 118 if (ctx->chain == NULL)
129 { 119 {
130 if ( ((ctx->chain=sk_new_null()) == NULL) || 120 if ( ((ctx->chain=sk_X509_new_null()) == NULL) ||
131 (!sk_push(ctx->chain,(char *)ctx->cert))) 121 (!sk_X509_push(ctx->chain,ctx->cert)))
132 { 122 {
133 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); 123 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
134 goto end; 124 goto end;
@@ -138,21 +128,26 @@ X509_STORE_CTX *ctx;
138 } 128 }
139 129
140 /* We use a temporary so we can chop and hack at it */ 130 /* We use a temporary so we can chop and hack at it */
141 if ((ctx->untrusted != NULL) && (sktmp=sk_dup(ctx->untrusted)) == NULL) 131 if (ctx->untrusted != NULL
132 && (sktmp=sk_X509_dup(ctx->untrusted)) == NULL)
142 { 133 {
143 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); 134 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
144 goto end; 135 goto end;
145 } 136 }
146 137
147 num=sk_num(ctx->chain); 138 num=sk_X509_num(ctx->chain);
148 x=(X509 *)sk_value(ctx->chain,num-1); 139 x=sk_X509_value(ctx->chain,num-1);
149 depth=ctx->depth; 140 depth=ctx->depth;
150 141
151 142
152 for (;;) 143 for (;;)
153 { 144 {
154 /* If we have enough, we break */ 145 /* If we have enough, we break */
155 if (depth <= num) break; 146 if (depth < num) break; /* FIXME: If this happens, we should take
147 * note of it and, if appropriate, use the
148 * X509_V_ERR_CERT_CHAIN_TOO_LONG error
149 * code later.
150 */
156 151
157 /* If we are self signed, we break */ 152 /* If we are self signed, we break */
158 xn=X509_get_issuer_name(x); 153 xn=X509_get_issuer_name(x);
@@ -165,13 +160,13 @@ X509_STORE_CTX *ctx;
165 xtmp=X509_find_by_subject(sktmp,xn); 160 xtmp=X509_find_by_subject(sktmp,xn);
166 if (xtmp != NULL) 161 if (xtmp != NULL)
167 { 162 {
168 if (!sk_push(ctx->chain,(char *)xtmp)) 163 if (!sk_X509_push(ctx->chain,xtmp))
169 { 164 {
170 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); 165 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
171 goto end; 166 goto end;
172 } 167 }
173 CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509); 168 CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509);
174 sk_delete_ptr(sktmp,(char *)xtmp); 169 sk_X509_delete_ptr(sktmp,xtmp);
175 ctx->last_untrusted++; 170 ctx->last_untrusted++;
176 x=xtmp; 171 x=xtmp;
177 num++; 172 num++;
@@ -187,13 +182,13 @@ X509_STORE_CTX *ctx;
187 * certificates. We now need to add at least one trusted one, 182 * certificates. We now need to add at least one trusted one,
188 * if possible, otherwise we complain. */ 183 * if possible, otherwise we complain. */
189 184
190 i=sk_num(ctx->chain); 185 i=sk_X509_num(ctx->chain);
191 x=(X509 *)sk_value(ctx->chain,i-1); 186 x=sk_X509_value(ctx->chain,i-1);
192 if (X509_NAME_cmp(X509_get_subject_name(x),X509_get_issuer_name(x)) 187 if (X509_NAME_cmp(X509_get_subject_name(x),X509_get_issuer_name(x))
193 == 0) 188 == 0)
194 { 189 {
195 /* we have a self signed certificate */ 190 /* we have a self signed certificate */
196 if (sk_num(ctx->chain) == 1) 191 if (sk_X509_num(ctx->chain) == 1)
197 { 192 {
198 ctx->error=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT; 193 ctx->error=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT;
199 ctx->current_cert=x; 194 ctx->current_cert=x;
@@ -204,10 +199,10 @@ X509_STORE_CTX *ctx;
204 else 199 else
205 { 200 {
206 /* worry more about this one elsewhere */ 201 /* worry more about this one elsewhere */
207 chain_ss=(X509 *)sk_pop(ctx->chain); 202 chain_ss=sk_X509_pop(ctx->chain);
208 ctx->last_untrusted--; 203 ctx->last_untrusted--;
209 num--; 204 num--;
210 x=(X509 *)sk_value(ctx->chain,num-1); 205 x=sk_X509_value(ctx->chain,num-1);
211 } 206 }
212 } 207 }
213 208
@@ -215,7 +210,7 @@ X509_STORE_CTX *ctx;
215 for (;;) 210 for (;;)
216 { 211 {
217 /* If we have enough, we break */ 212 /* If we have enough, we break */
218 if (depth <= num) break; 213 if (depth < num) break;
219 214
220 /* If we are self signed, we break */ 215 /* If we are self signed, we break */
221 xn=X509_get_issuer_name(x); 216 xn=X509_get_issuer_name(x);
@@ -240,7 +235,7 @@ X509_STORE_CTX *ctx;
240 break; 235 break;
241 } 236 }
242 x=obj.data.x509; 237 x=obj.data.x509;
243 if (!sk_push(ctx->chain,(char *)obj.data.x509)) 238 if (!sk_X509_push(ctx->chain,obj.data.x509))
244 { 239 {
245 X509_OBJECT_free_contents(&obj); 240 X509_OBJECT_free_contents(&obj);
246 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE); 241 X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
@@ -264,7 +259,7 @@ X509_STORE_CTX *ctx;
264 else 259 else
265 { 260 {
266 261
267 sk_push(ctx->chain,(char *)chain_ss); 262 sk_X509_push(ctx->chain,chain_ss);
268 num++; 263 num++;
269 ctx->last_untrusted=num; 264 ctx->last_untrusted=num;
270 ctx->current_cert=chain_ss; 265 ctx->current_cert=chain_ss;
@@ -285,14 +280,17 @@ X509_STORE_CTX *ctx;
285 ok=ctx->ctx->verify(ctx); 280 ok=ctx->ctx->verify(ctx);
286 else 281 else
287 ok=internal_verify(ctx); 282 ok=internal_verify(ctx);
283 if (0)
284 {
288end: 285end:
289 if (sktmp != NULL) sk_free(sktmp); 286 X509_get_pubkey_parameters(NULL,ctx->chain);
287 }
288 if (sktmp != NULL) sk_X509_free(sktmp);
290 if (chain_ss != NULL) X509_free(chain_ss); 289 if (chain_ss != NULL) X509_free(chain_ss);
291 return(ok); 290 return(ok);
292 } 291 }
293 292
294static int internal_verify(ctx) 293static int internal_verify(X509_STORE_CTX *ctx)
295X509_STORE_CTX *ctx;
296 { 294 {
297 int i,ok=0,n; 295 int i,ok=0,n;
298 X509 *xs,*xi; 296 X509 *xs,*xi;
@@ -302,10 +300,10 @@ X509_STORE_CTX *ctx;
302 cb=ctx->ctx->verify_cb; 300 cb=ctx->ctx->verify_cb;
303 if (cb == NULL) cb=null_callback; 301 if (cb == NULL) cb=null_callback;
304 302
305 n=sk_num(ctx->chain); 303 n=sk_X509_num(ctx->chain);
306 ctx->error_depth=n-1; 304 ctx->error_depth=n-1;
307 n--; 305 n--;
308 xi=(X509 *)sk_value(ctx->chain,n); 306 xi=sk_X509_value(ctx->chain,n);
309 if (X509_NAME_cmp(X509_get_subject_name(xi), 307 if (X509_NAME_cmp(X509_get_subject_name(xi),
310 X509_get_issuer_name(xi)) == 0) 308 X509_get_issuer_name(xi)) == 0)
311 xs=xi; 309 xs=xi;
@@ -322,7 +320,7 @@ X509_STORE_CTX *ctx;
322 { 320 {
323 n--; 321 n--;
324 ctx->error_depth=n; 322 ctx->error_depth=n;
325 xs=(X509 *)sk_value(ctx->chain,n); 323 xs=sk_X509_value(ctx->chain,n);
326 } 324 }
327 } 325 }
328 326
@@ -341,11 +339,13 @@ X509_STORE_CTX *ctx;
341 } 339 }
342 if (X509_verify(xs,pkey) <= 0) 340 if (X509_verify(xs,pkey) <= 0)
343 { 341 {
342 EVP_PKEY_free(pkey);
344 ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE; 343 ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
345 ctx->current_cert=xs; 344 ctx->current_cert=xs;
346 ok=(*cb)(0,ctx); 345 ok=(*cb)(0,ctx);
347 if (!ok) goto end; 346 if (!ok) goto end;
348 } 347 }
348 EVP_PKEY_free(pkey);
349 pkey=NULL; 349 pkey=NULL;
350 350
351 i=X509_cmp_current_time(X509_get_notBefore(xs)); 351 i=X509_cmp_current_time(X509_get_notBefore(xs));
@@ -394,7 +394,7 @@ X509_STORE_CTX *ctx;
394 if (n >= 0) 394 if (n >= 0)
395 { 395 {
396 xi=xs; 396 xi=xs;
397 xs=(X509 *)sk_value(ctx->chain,n); 397 xs=sk_X509_value(ctx->chain,n);
398 } 398 }
399 } 399 }
400 ok=1; 400 ok=1;
@@ -402,8 +402,7 @@ end:
402 return(ok); 402 return(ok);
403 } 403 }
404 404
405int X509_cmp_current_time(ctm) 405int X509_cmp_current_time(ASN1_UTCTIME *ctm)
406ASN1_UTCTIME *ctm;
407 { 406 {
408 char *str; 407 char *str;
409 ASN1_UTCTIME atm; 408 ASN1_UTCTIME atm;
@@ -434,7 +433,7 @@ ASN1_UTCTIME *ctm;
434 offset=((str[1]-'0')*10+(str[2]-'0'))*60; 433 offset=((str[1]-'0')*10+(str[2]-'0'))*60;
435 offset+=(str[3]-'0')*10+(str[4]-'0'); 434 offset+=(str[3]-'0')*10+(str[4]-'0');
436 if (*str == '-') 435 if (*str == '-')
437 offset=-offset; 436 offset= -offset;
438 } 437 }
439 atm.type=V_ASN1_UTCTIME; 438 atm.type=V_ASN1_UTCTIME;
440 atm.length=sizeof(buff2); 439 atm.length=sizeof(buff2);
@@ -443,9 +442,9 @@ ASN1_UTCTIME *ctm;
443 X509_gmtime_adj(&atm,-offset); 442 X509_gmtime_adj(&atm,-offset);
444 443
445 i=(buff1[0]-'0')*10+(buff1[1]-'0'); 444 i=(buff1[0]-'0')*10+(buff1[1]-'0');
446 if (i < 70) i+=100; 445 if (i < 50) i+=100; /* cf. RFC 2459 */
447 j=(buff2[0]-'0')*10+(buff2[1]-'0'); 446 j=(buff2[0]-'0')*10+(buff2[1]-'0');
448 if (j < 70) j+=100; 447 if (j < 50) j+=100;
449 448
450 if (i < j) return (-1); 449 if (i < j) return (-1);
451 if (i > j) return (1); 450 if (i > j) return (1);
@@ -456,9 +455,7 @@ ASN1_UTCTIME *ctm;
456 return(i); 455 return(i);
457 } 456 }
458 457
459ASN1_UTCTIME *X509_gmtime_adj(s, adj) 458ASN1_UTCTIME *X509_gmtime_adj(ASN1_UTCTIME *s, long adj)
460ASN1_UTCTIME *s;
461long adj;
462 { 459 {
463 time_t t; 460 time_t t;
464 461
@@ -467,18 +464,16 @@ long adj;
467 return(ASN1_UTCTIME_set(s,t)); 464 return(ASN1_UTCTIME_set(s,t));
468 } 465 }
469 466
470int X509_get_pubkey_parameters(pkey,chain) 467int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK_OF(X509) *chain)
471EVP_PKEY *pkey;
472STACK *chain;
473 { 468 {
474 EVP_PKEY *ktmp=NULL,*ktmp2; 469 EVP_PKEY *ktmp=NULL,*ktmp2;
475 int i,j; 470 int i,j;
476 471
477 if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) return(1); 472 if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) return(1);
478 473
479 for (i=0; i<sk_num(chain); i++) 474 for (i=0; i<sk_X509_num(chain); i++)
480 { 475 {
481 ktmp=X509_get_pubkey((X509 *)sk_value(chain,i)); 476 ktmp=X509_get_pubkey(sk_X509_value(chain,i));
482 if (ktmp == NULL) 477 if (ktmp == NULL)
483 { 478 {
484 X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY); 479 X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY);
@@ -488,6 +483,7 @@ STACK *chain;
488 break; 483 break;
489 else 484 else
490 { 485 {
486 EVP_PKEY_free(ktmp);
491 ktmp=NULL; 487 ktmp=NULL;
492 } 488 }
493 } 489 }
@@ -500,63 +496,17 @@ STACK *chain;
500 /* first, populate the other certs */ 496 /* first, populate the other certs */
501 for (j=i-1; j >= 0; j--) 497 for (j=i-1; j >= 0; j--)
502 { 498 {
503 ktmp2=X509_get_pubkey((X509 *)sk_value(chain,j)); 499 ktmp2=X509_get_pubkey(sk_X509_value(chain,j));
504 EVP_PKEY_copy_parameters(ktmp2,ktmp); 500 EVP_PKEY_copy_parameters(ktmp2,ktmp);
501 EVP_PKEY_free(ktmp2);
505 } 502 }
506 503
507 if (pkey != NULL) 504 if (pkey != NULL) EVP_PKEY_copy_parameters(pkey,ktmp);
508 EVP_PKEY_copy_parameters(pkey,ktmp); 505 EVP_PKEY_free(ktmp);
509 return(1); 506 return(1);
510 } 507 }
511 508
512EVP_PKEY *X509_get_pubkey(x) 509int X509_STORE_add_cert(X509_STORE *ctx, X509 *x)
513X509 *x;
514 {
515 if ((x == NULL) || (x->cert_info == NULL))
516 return(NULL);
517 return(X509_PUBKEY_get(x->cert_info->key));
518 }
519
520int X509_check_private_key(x,k)
521X509 *x;
522EVP_PKEY *k;
523 {
524 EVP_PKEY *xk=NULL;
525 int ok=0;
526
527 xk=X509_get_pubkey(x);
528 if (xk->type != k->type) goto err;
529 switch (k->type)
530 {
531#ifndef NO_RSA
532 case EVP_PKEY_RSA:
533 if (BN_cmp(xk->pkey.rsa->n,k->pkey.rsa->n) != 0) goto err;
534 if (BN_cmp(xk->pkey.rsa->e,k->pkey.rsa->e) != 0) goto err;
535 break;
536#endif
537#ifndef NO_DSA
538 case EVP_PKEY_DSA:
539 if (BN_cmp(xk->pkey.dsa->pub_key,k->pkey.dsa->pub_key) != 0)
540 goto err;
541 break;
542#endif
543#ifndef NO_DH
544 case EVP_PKEY_DH:
545 /* No idea */
546 goto err;
547#endif
548 default:
549 goto err;
550 }
551
552 ok=1;
553err:
554 return(ok);
555 }
556
557int X509_STORE_add_cert(ctx,x)
558X509_STORE *ctx;
559X509 *x;
560 { 510 {
561 X509_OBJECT *obj,*r; 511 X509_OBJECT *obj,*r;
562 int ret=1; 512 int ret=1;
@@ -591,9 +541,7 @@ X509 *x;
591 return(ret); 541 return(ret);
592 } 542 }
593 543
594int X509_STORE_add_crl(ctx,x) 544int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x)
595X509_STORE *ctx;
596X509_CRL *x;
597 { 545 {
598 X509_OBJECT *obj,*r; 546 X509_OBJECT *obj,*r;
599 int ret=1; 547 int ret=1;
@@ -628,12 +576,8 @@ X509_CRL *x;
628 return(ret); 576 return(ret);
629 } 577 }
630 578
631int X509_STORE_CTX_get_ex_new_index(argl,argp,new_func,dup_func,free_func) 579int X509_STORE_CTX_get_ex_new_index(long argl, char *argp, int (*new_func)(),
632long argl; 580 int (*dup_func)(), void (*free_func)())
633char *argp;
634int (*new_func)();
635int (*dup_func)();
636void (*free_func)();
637 { 581 {
638 x509_store_ctx_num++; 582 x509_store_ctx_num++;
639 return(CRYPTO_get_ex_new_index(x509_store_ctx_num-1, 583 return(CRYPTO_get_ex_new_index(x509_store_ctx_num-1,
@@ -641,64 +585,55 @@ void (*free_func)();
641 argl,argp,new_func,dup_func,free_func)); 585 argl,argp,new_func,dup_func,free_func));
642 } 586 }
643 587
644int X509_STORE_CTX_set_ex_data(ctx,idx,data) 588int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx, int idx, void *data)
645X509_STORE_CTX *ctx;
646int idx;
647char *data;
648 { 589 {
649 return(CRYPTO_set_ex_data(&ctx->ex_data,idx,data)); 590 return(CRYPTO_set_ex_data(&ctx->ex_data,idx,data));
650 } 591 }
651 592
652char *X509_STORE_CTX_get_ex_data(ctx,idx) 593void *X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx, int idx)
653X509_STORE_CTX *ctx;
654int idx;
655 { 594 {
656 return(CRYPTO_get_ex_data(&ctx->ex_data,idx)); 595 return(CRYPTO_get_ex_data(&ctx->ex_data,idx));
657 } 596 }
658 597
659int X509_STORE_CTX_get_error(ctx) 598int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx)
660X509_STORE_CTX *ctx;
661 { 599 {
662 return(ctx->error); 600 return(ctx->error);
663 } 601 }
664 602
665void X509_STORE_CTX_set_error(ctx,err) 603void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx, int err)
666X509_STORE_CTX *ctx;
667int err;
668 { 604 {
669 ctx->error=err; 605 ctx->error=err;
670 } 606 }
671 607
672int X509_STORE_CTX_get_error_depth(ctx) 608int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx)
673X509_STORE_CTX *ctx;
674 { 609 {
675 return(ctx->error_depth); 610 return(ctx->error_depth);
676 } 611 }
677 612
678X509 *X509_STORE_CTX_get_current_cert(ctx) 613X509 *X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx)
679X509_STORE_CTX *ctx;
680 { 614 {
681 return(ctx->current_cert); 615 return(ctx->current_cert);
682 } 616 }
683 617
684STACK *X509_STORE_CTX_get_chain(ctx) 618STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx)
685X509_STORE_CTX *ctx;
686 { 619 {
687 return(ctx->chain); 620 return(ctx->chain);
688 } 621 }
689 622
690void X509_STORE_CTX_set_cert(ctx,x) 623void X509_STORE_CTX_set_cert(X509_STORE_CTX *ctx, X509 *x)
691X509_STORE_CTX *ctx;
692X509 *x;
693 { 624 {
694 ctx->cert=x; 625 ctx->cert=x;
695 } 626 }
696 627
697void X509_STORE_CTX_set_chain(ctx,sk) 628void X509_STORE_CTX_set_chain(X509_STORE_CTX *ctx, STACK_OF(X509) *sk)
698X509_STORE_CTX *ctx;
699STACK *sk;
700 { 629 {
701 ctx->untrusted=sk; 630 ctx->untrusted=sk;
702 } 631 }
703 632
633IMPLEMENT_STACK_OF(X509)
634IMPLEMENT_ASN1_SET_OF(X509)
635
636IMPLEMENT_STACK_OF(X509_NAME)
704 637
638IMPLEMENT_STACK_OF(X509_ATTRIBUTE)
639IMPLEMENT_ASN1_SET_OF(X509_ATTRIBUTE)
diff --git a/src/lib/libcrypto/x509/x509_vfy.h b/src/lib/libcrypto/x509/x509_vfy.h
index dfc060f899..ecfd4cf9ed 100644
--- a/src/lib/libcrypto/x509/x509_vfy.h
+++ b/src/lib/libcrypto/x509/x509_vfy.h
@@ -56,6 +56,12 @@
56 * [including the GNU Public Licence.] 56 * [including the GNU Public Licence.]
57 */ 57 */
58 58
59#ifndef HEADER_X509_H
60#include <openssl/x509.h>
61/* openssl/x509.h ends up #include-ing this file at about the only
62 * appropriate moment. */
63#endif
64
59#ifndef HEADER_X509_VFY_H 65#ifndef HEADER_X509_VFY_H
60#define HEADER_X509_VFY_H 66#define HEADER_X509_VFY_H
61 67
@@ -63,8 +69,8 @@
63extern "C" { 69extern "C" {
64#endif 70#endif
65 71
66#include "bio.h" 72#include <openssl/bio.h>
67#include "crypto.h" 73#include <openssl/crypto.h>
68 74
69/* Outer object */ 75/* Outer object */
70typedef struct x509_hash_dir_st 76typedef struct x509_hash_dir_st
@@ -119,21 +125,33 @@ typedef struct x509_object_st
119 } data; 125 } data;
120 } X509_OBJECT; 126 } X509_OBJECT;
121 127
128typedef struct x509_lookup_st X509_LOOKUP;
129
130DECLARE_STACK_OF(X509_LOOKUP)
131
122/* This is a static that defines the function interface */ 132/* This is a static that defines the function interface */
123typedef struct x509_lookup_method_st 133typedef struct x509_lookup_method_st
124 { 134 {
125 char *name; 135 const char *name;
126 int (*new_item)(); 136 int (*new_item)(X509_LOOKUP *ctx);
127 void (*free)(); 137 void (*free)(X509_LOOKUP *ctx);
128 int (*init)(/* meth, char ** */); 138 int (*init)(X509_LOOKUP *ctx);
129 int (*shutdown)( /* meth, char ** */); 139 int (*shutdown)(X509_LOOKUP *ctx);
130 int (*ctrl)( /* meth, char **, int cmd, char *argp, int argi */); 140 int (*ctrl)(X509_LOOKUP *ctx,int cmd,const char *argc,long argl,
131 int (*get_by_subject)(/* meth, char **, XNAME *, X509 **ret */); 141 char **ret);
132 int (*get_by_issuer_serial)(); 142 int (*get_by_subject)(X509_LOOKUP *ctx,int type,X509_NAME *name,
133 int (*get_by_fingerprint)(); 143 X509_OBJECT *ret);
134 int (*get_by_alias)(); 144 int (*get_by_issuer_serial)(X509_LOOKUP *ctx,int type,X509_NAME *name,
145 ASN1_INTEGER *serial,X509_OBJECT *ret);
146 int (*get_by_fingerprint)(X509_LOOKUP *ctx,int type,
147 unsigned char *bytes,int len,
148 X509_OBJECT *ret);
149 int (*get_by_alias)(X509_LOOKUP *ctx,int type,char *str,int len,
150 X509_OBJECT *ret);
135 } X509_LOOKUP_METHOD; 151 } X509_LOOKUP_METHOD;
136 152
153typedef struct x509_store_state_st X509_STORE_CTX;
154
137/* This is used to hold everything. It is used for all certificate 155/* This is used to hold everything. It is used for all certificate
138 * validation. Once we have a certificate chain, the 'verify' 156 * validation. Once we have a certificate chain, the 'verify'
139 * function is then called to actually check the cert chain. */ 157 * function is then called to actually check the cert chain. */
@@ -148,13 +166,13 @@ typedef struct x509_store_st
148#endif 166#endif
149 167
150 /* These are external lookup methods */ 168 /* These are external lookup methods */
151 STACK *get_cert_methods;/* X509_LOOKUP */ 169 STACK_OF(X509_LOOKUP) *get_cert_methods;
152 int (*verify)(); /* called to verify a certificate */ 170 int (*verify)(X509_STORE_CTX *ctx); /* called to verify a certificate */
153 int (*verify_cb)(); /* error callback */ 171 int (*verify_cb)(int ok,X509_STORE_CTX *ctx); /* error callback */
154 172
155 CRYPTO_EX_DATA ex_data; 173 CRYPTO_EX_DATA ex_data;
156 int references; 174 int references;
157 int depth; /* how deep to look */ 175 int depth; /* how deep to look (still unused -- X509_STORE_CTX's depth is used) */
158 } X509_STORE; 176 } X509_STORE;
159 177
160#define X509_STORE_set_depth(ctx,d) ((ctx)->depth=(d)) 178#define X509_STORE_set_depth(ctx,d) ((ctx)->depth=(d))
@@ -163,7 +181,7 @@ typedef struct x509_store_st
163#define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func)) 181#define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func))
164 182
165/* This is the functions plus an instance of the local variables. */ 183/* This is the functions plus an instance of the local variables. */
166typedef struct x509_lookup_st 184struct x509_lookup_st
167 { 185 {
168 int init; /* have we been started */ 186 int init; /* have we been started */
169 int skip; /* don't use us. */ 187 int skip; /* don't use us. */
@@ -171,25 +189,25 @@ typedef struct x509_lookup_st
171 char *method_data; /* method data */ 189 char *method_data; /* method data */
172 190
173 X509_STORE *store_ctx; /* who owns us */ 191 X509_STORE *store_ctx; /* who owns us */
174 } X509_LOOKUP; 192 };
175 193
176/* This is a temporary used when processing cert chains. Since the 194/* This is a temporary used when processing cert chains. Since the
177 * gathering of the cert chain can take some time (and have to be 195 * gathering of the cert chain can take some time (and have to be
178 * 'retried', this needs to be kept and passed around. */ 196 * 'retried', this needs to be kept and passed around. */
179typedef struct x509_store_state_st 197struct x509_store_state_st /* X509_STORE_CTX */
180 { 198 {
181 X509_STORE *ctx; 199 X509_STORE *ctx;
182 int current_method; /* used when looking up certs */ 200 int current_method; /* used when looking up certs */
183 201
184 /* The following are set by the caller */ 202 /* The following are set by the caller */
185 X509 *cert; /* The cert to check */ 203 X509 *cert; /* The cert to check */
186 STACK *untrusted; /* chain of X509s - untrusted - passed in */ 204 STACK_OF(X509) *untrusted; /* chain of X509s - untrusted - passed in */
187 205
188 /* The following is built up */ 206 /* The following is built up */
189 int depth; /* how far to go looking up certs */ 207 int depth; /* how far to go looking up certs */
190 int valid; /* if 0, rebuild chain */ 208 int valid; /* if 0, rebuild chain */
191 int last_untrusted; /* index of last untrusted cert */ 209 int last_untrusted; /* index of last untrusted cert */
192 STACK *chain; /* chain of X509s - built up and trusted */ 210 STACK_OF(X509) *chain; /* chain of X509s - built up and trusted */
193 211
194 /* When something goes wrong, this is why */ 212 /* When something goes wrong, this is why */
195 int error_depth; 213 int error_depth;
@@ -197,7 +215,9 @@ typedef struct x509_store_state_st
197 X509 *current_cert; 215 X509 *current_cert;
198 216
199 CRYPTO_EX_DATA ex_data; 217 CRYPTO_EX_DATA ex_data;
200 } X509_STORE_CTX; 218 };
219
220#define X509_STORE_CTX_set_depth(ctx,d) ((ctx)->depth=(d))
201 221
202#define X509_STORE_CTX_set_app_data(ctx,data) \ 222#define X509_STORE_CTX_set_app_data(ctx,data) \
203 X509_STORE_CTX_set_ex_data(ctx,0,data) 223 X509_STORE_CTX_set_ex_data(ctx,0,data)
@@ -207,11 +227,9 @@ typedef struct x509_store_state_st
207#define X509_L_FILE_LOAD 1 227#define X509_L_FILE_LOAD 1
208#define X509_L_ADD_DIR 2 228#define X509_L_ADD_DIR 2
209 229
210X509_LOOKUP_METHOD *X509_LOOKUP_file();
211#define X509_LOOKUP_load_file(x,name,type) \ 230#define X509_LOOKUP_load_file(x,name,type) \
212 X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL) 231 X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL)
213 232
214X509_LOOKUP_METHOD *X509_LOOKUP_dir();
215#define X509_LOOKUP_add_dir(x,name,type) \ 233#define X509_LOOKUP_add_dir(x,name,type) \
216 X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL) 234 X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL)
217 235
@@ -243,9 +261,23 @@ X509_LOOKUP_METHOD *X509_LOOKUP_dir();
243/* The application is not happy */ 261/* The application is not happy */
244#define X509_V_ERR_APPLICATION_VERIFICATION 50 262#define X509_V_ERR_APPLICATION_VERIFICATION 50
245 263
246#ifndef NOPROTO 264 /* These functions are being redefined in another directory,
265 and clash when the linker is case-insensitive, so let's
266 hide them a little, by giving them an extra 'o' at the
267 beginning of the name... */
268#ifdef VMS
269#undef X509v3_cleanup_extensions
270#define X509v3_cleanup_extensions oX509v3_cleanup_extensions
271#undef X509v3_add_extension
272#define X509v3_add_extension oX509v3_add_extension
273#undef X509v3_add_netscape_extensions
274#define X509v3_add_netscape_extensions oX509v3_add_netscape_extensions
275#undef X509v3_add_standard_extensions
276#define X509v3_add_standard_extensions oX509v3_add_standard_extensions
277#endif
278
247#ifdef HEADER_LHASH_H 279#ifdef HEADER_LHASH_H
248X509_OBJECT *X509_OBJECT_retrive_by_subject(LHASH *h,int type,X509_NAME *name); 280X509_OBJECT *X509_OBJECT_retrieve_by_subject(LHASH *h,int type,X509_NAME *name);
249#endif 281#endif
250void X509_OBJECT_up_ref_count(X509_OBJECT *a); 282void X509_OBJECT_up_ref_count(X509_OBJECT *a);
251void X509_OBJECT_free_contents(X509_OBJECT *a); 283void X509_OBJECT_free_contents(X509_OBJECT *a);
@@ -253,7 +285,7 @@ X509_STORE *X509_STORE_new(void );
253void X509_STORE_free(X509_STORE *v); 285void X509_STORE_free(X509_STORE *v);
254 286
255void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store, 287void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
256 X509 *x509, STACK *chain); 288 X509 *x509, STACK_OF(X509) *chain);
257void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx); 289void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
258 290
259X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m); 291X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
@@ -267,17 +299,14 @@ int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
267int X509_STORE_get_by_subject(X509_STORE_CTX *vs,int type,X509_NAME *name, 299int X509_STORE_get_by_subject(X509_STORE_CTX *vs,int type,X509_NAME *name,
268 X509_OBJECT *ret); 300 X509_OBJECT *ret);
269 301
270int X509_LOOKUP_ctrl(X509_LOOKUP *ctx,int cmd,char *argc,long argl,char **ret); 302int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc,
303 long argl, char **ret);
271 304
272#ifndef NO_STDIO 305#ifndef NO_STDIO
273int X509_load_cert_file(X509_LOOKUP *ctx, char *file, int type); 306int X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);
274int X509_load_crl_file(X509_LOOKUP *ctx, char *file, int type); 307int X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);
275#endif 308#endif
276 309
277void X509v3_cleanup_extensions(void );
278int X509v3_add_extension(X509_EXTENSION_METHOD *x);
279int X509v3_add_netscape_extensions(void );
280int X509v3_add_standard_extensions(void );
281 310
282X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method); 311X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
283void X509_LOOKUP_free(X509_LOOKUP *ctx); 312void X509_LOOKUP_free(X509_LOOKUP *ctx);
@@ -294,82 +323,21 @@ int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
294 323
295#ifndef NO_STDIO 324#ifndef NO_STDIO
296int X509_STORE_load_locations (X509_STORE *ctx, 325int X509_STORE_load_locations (X509_STORE *ctx,
297 char *file, char *dir); 326 const char *file, const char *dir);
298int X509_STORE_set_default_paths(X509_STORE *ctx); 327int X509_STORE_set_default_paths(X509_STORE *ctx);
299#endif 328#endif
300 329
301int X509_STORE_CTX_get_ex_new_index(long argl, char *argp, int (*new_func)(), 330int X509_STORE_CTX_get_ex_new_index(long argl, char *argp, int (*new_func)(),
302 int (*dup_func)(), void (*free_func)()); 331 int (*dup_func)(), void (*free_func)());
303int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx,int idx,char *data); 332int X509_STORE_CTX_set_ex_data(X509_STORE_CTX *ctx,int idx,void *data);
304char * X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx,int idx); 333void * X509_STORE_CTX_get_ex_data(X509_STORE_CTX *ctx,int idx);
305int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx); 334int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
306void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s); 335void X509_STORE_CTX_set_error(X509_STORE_CTX *ctx,int s);
307int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx); 336int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
308X509 * X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx); 337X509 * X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
309STACK * X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx); 338STACK_OF(X509) *X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
310void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x); 339void X509_STORE_CTX_set_cert(X509_STORE_CTX *c,X509 *x);
311void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK /* X509 */ *sk); 340void X509_STORE_CTX_set_chain(X509_STORE_CTX *c,STACK_OF(X509) *sk);
312
313#else
314
315#ifdef HEADER_LHASH_H
316X509_OBJECT *X509_OBJECT_retrive_by_subject();
317#endif
318void X509_OBJECT_up_ref_count();
319void X509_OBJECT_free_contents();
320X509_STORE *X509_STORE_new();
321void X509_STORE_free();
322
323void X509_STORE_CTX_init();
324void X509_STORE_CTX_cleanup();
325
326X509_LOOKUP *X509_STORE_add_lookup();
327
328X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir();
329X509_LOOKUP_METHOD *X509_LOOKUP_file();
330
331int X509_STORE_add_cert();
332int X509_STORE_add_crl();
333
334int X509_STORE_get_by_subject();
335
336int X509_LOOKUP_ctrl();
337
338#ifndef NO_STDIO
339int X509_load_cert_file();
340int X509_load_crl_file();
341#endif
342
343void X509v3_cleanup_extensions();
344int X509v3_add_extension();
345int X509v3_add_netscape_extensions();
346int X509v3_add_standard_extensions();
347
348X509_LOOKUP *X509_LOOKUP_new();
349void X509_LOOKUP_free();
350int X509_LOOKUP_init();
351int X509_LOOKUP_by_subject();
352int X509_LOOKUP_by_issuer_serial();
353int X509_LOOKUP_by_fingerprint();
354int X509_LOOKUP_by_alias();
355int X509_LOOKUP_shutdown();
356
357#ifndef NO_STDIO
358int X509_STORE_load_locations ();
359int X509_STORE_set_default_paths();
360#endif
361
362int X509_STORE_CTX_set_ex_data();
363char * X509_STORE_CTX_get_ex_data();
364int X509_STORE_CTX_get_error();
365void X509_STORE_CTX_set_error();
366int X509_STORE_CTX_get_error_depth();
367X509 * X509_STORE_CTX_get_current_cert();
368STACK * X509_STORE_CTX_get_chain();
369void X509_STORE_CTX_set_cert();
370void X509_STORE_CTX_set_chain();
371
372#endif
373 341
374#ifdef __cplusplus 342#ifdef __cplusplus
375} 343}
diff --git a/src/lib/libcrypto/x509/x509name.c b/src/lib/libcrypto/x509/x509name.c
index 650e71b1b5..2a422be350 100644
--- a/src/lib/libcrypto/x509/x509name.c
+++ b/src/lib/libcrypto/x509/x509name.c
@@ -57,18 +57,14 @@
57 */ 57 */
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "stack.h" 60#include <openssl/stack.h>
61#include "cryptlib.h" 61#include "cryptlib.h"
62#include "asn1.h" 62#include <openssl/asn1.h>
63#include "objects.h" 63#include <openssl/objects.h>
64#include "evp.h" 64#include <openssl/evp.h>
65#include "x509.h" 65#include <openssl/x509.h>
66 66
67int X509_NAME_get_text_by_NID(name,nid,buf,len) 67int X509_NAME_get_text_by_NID(X509_NAME *name, int nid, char *buf, int len)
68X509_NAME *name;
69int nid;
70char *buf;
71int len;
72 { 68 {
73 ASN1_OBJECT *obj; 69 ASN1_OBJECT *obj;
74 70
@@ -77,11 +73,8 @@ int len;
77 return(X509_NAME_get_text_by_OBJ(name,obj,buf,len)); 73 return(X509_NAME_get_text_by_OBJ(name,obj,buf,len));
78 } 74 }
79 75
80int X509_NAME_get_text_by_OBJ(name,obj,buf,len) 76int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj, char *buf,
81X509_NAME *name; 77 int len)
82ASN1_OBJECT *obj;
83char *buf;
84int len;
85 { 78 {
86 int i; 79 int i;
87 ASN1_STRING *data; 80 ASN1_STRING *data;
@@ -96,17 +89,13 @@ int len;
96 return(i); 89 return(i);
97 } 90 }
98 91
99int X509_NAME_entry_count(name) 92int X509_NAME_entry_count(X509_NAME *name)
100X509_NAME *name;
101 { 93 {
102 if (name == NULL) return(0); 94 if (name == NULL) return(0);
103 return(sk_num(name->entries)); 95 return(sk_X509_NAME_ENTRY_num(name->entries));
104 } 96 }
105 97
106int X509_NAME_get_index_by_NID(name,nid,lastpos) 98int X509_NAME_get_index_by_NID(X509_NAME *name, int nid, int lastpos)
107X509_NAME *name;
108int nid;
109int lastpos;
110 { 99 {
111 ASN1_OBJECT *obj; 100 ASN1_OBJECT *obj;
112 101
@@ -116,61 +105,57 @@ int lastpos;
116 } 105 }
117 106
118/* NOTE: you should be passsing -1, not 0 as lastpos */ 107/* NOTE: you should be passsing -1, not 0 as lastpos */
119int X509_NAME_get_index_by_OBJ(name,obj,lastpos) 108int X509_NAME_get_index_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
120X509_NAME *name; 109 int lastpos)
121ASN1_OBJECT *obj;
122int lastpos;
123 { 110 {
124 int n; 111 int n;
125 X509_NAME_ENTRY *ne; 112 X509_NAME_ENTRY *ne;
126 STACK *sk; 113 STACK_OF(X509_NAME_ENTRY) *sk;
127 114
128 if (name == NULL) return(-1); 115 if (name == NULL) return(-1);
129 if (lastpos < 0) 116 if (lastpos < 0)
130 lastpos= -1; 117 lastpos= -1;
131 sk=name->entries; 118 sk=name->entries;
132 n=sk_num(sk); 119 n=sk_X509_NAME_ENTRY_num(sk);
133 for (lastpos++; lastpos < n; lastpos++) 120 for (lastpos++; lastpos < n; lastpos++)
134 { 121 {
135 ne=(X509_NAME_ENTRY *)sk_value(sk,lastpos); 122 ne=sk_X509_NAME_ENTRY_value(sk,lastpos);
136 if (OBJ_cmp(ne->object,obj) == 0) 123 if (OBJ_cmp(ne->object,obj) == 0)
137 return(lastpos); 124 return(lastpos);
138 } 125 }
139 return(-1); 126 return(-1);
140 } 127 }
141 128
142X509_NAME_ENTRY *X509_NAME_get_entry(name,loc) 129X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc)
143X509_NAME *name;
144int loc;
145 { 130 {
146 if ( (name == NULL) || (sk_num(name->entries) <= loc) || (loc < 0)) 131 if(name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc
132 || loc < 0)
147 return(NULL); 133 return(NULL);
148 else 134 else
149 return((X509_NAME_ENTRY *)sk_value(name->entries,loc)); 135 return(sk_X509_NAME_ENTRY_value(name->entries,loc));
150 } 136 }
151 137
152X509_NAME_ENTRY *X509_NAME_delete_entry(name,loc) 138X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc)
153X509_NAME *name;
154int loc;
155 { 139 {
156 X509_NAME_ENTRY *ret; 140 X509_NAME_ENTRY *ret;
157 int i,j,n,set_prev,set_next; 141 int i,n,set_prev,set_next;
158 STACK *sk; 142 STACK_OF(X509_NAME_ENTRY) *sk;
159 143
160 if ((name == NULL) || (sk_num(name->entries) <= loc) || (loc < 0)) 144 if (name == NULL || sk_X509_NAME_ENTRY_num(name->entries) <= loc
145 || loc < 0)
161 return(NULL); 146 return(NULL);
162 sk=name->entries; 147 sk=name->entries;
163 ret=(X509_NAME_ENTRY *)sk_delete(sk,loc); 148 ret=sk_X509_NAME_ENTRY_delete(sk,loc);
164 n=sk_num(sk); 149 n=sk_X509_NAME_ENTRY_num(sk);
165 name->modified=1; 150 name->modified=1;
166 if (loc == n) return(ret); 151 if (loc == n) return(ret);
167 152
168 /* else we need to fixup the set field */ 153 /* else we need to fixup the set field */
169 if (loc != 0) 154 if (loc != 0)
170 set_prev=((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set; 155 set_prev=(sk_X509_NAME_ENTRY_value(sk,loc-1))->set;
171 else 156 else
172 set_prev=ret->set-1; 157 set_prev=ret->set-1;
173 set_next=((X509_NAME_ENTRY *)sk_value(sk,loc))->set; 158 set_next=sk_X509_NAME_ENTRY_value(sk,loc)->set;
174 159
175 /* set_prev is the previous set 160 /* set_prev is the previous set
176 * set is the current set 161 * set is the current set
@@ -181,29 +166,23 @@ int loc;
181 * so basically only if prev and next differ by 2, then 166 * so basically only if prev and next differ by 2, then
182 * re-number down by 1 */ 167 * re-number down by 1 */
183 if (set_prev+1 < set_next) 168 if (set_prev+1 < set_next)
184 {
185 j=set_next-set_prev-1;
186 for (i=loc; i<n; i++) 169 for (i=loc; i<n; i++)
187 ((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set-=j; 170 sk_X509_NAME_ENTRY_value(sk,i)->set--;
188 }
189 return(ret); 171 return(ret);
190 } 172 }
191 173
192/* if set is -1, append to previous set, 0 'a new one', and 1, 174/* if set is -1, append to previous set, 0 'a new one', and 1,
193 * prepend to the guy we are about to stomp on. */ 175 * prepend to the guy we are about to stomp on. */
194int X509_NAME_add_entry(name,ne,loc,set) 176int X509_NAME_add_entry(X509_NAME *name, X509_NAME_ENTRY *ne, int loc,
195X509_NAME *name; 177 int set)
196X509_NAME_ENTRY *ne;
197int loc;
198int set;
199 { 178 {
200 X509_NAME_ENTRY *new_name=NULL; 179 X509_NAME_ENTRY *new_name=NULL;
201 int n,i,inc; 180 int n,i,inc;
202 STACK *sk; 181 STACK_OF(X509_NAME_ENTRY) *sk;
203 182
204 if (name == NULL) return(0); 183 if (name == NULL) return(0);
205 sk=name->entries; 184 sk=name->entries;
206 n=sk_num(sk); 185 n=sk_X509_NAME_ENTRY_num(sk);
207 if (loc > n) loc=n; 186 if (loc > n) loc=n;
208 else if (loc < 0) loc=n; 187 else if (loc < 0) loc=n;
209 188
@@ -218,7 +197,7 @@ int set;
218 } 197 }
219 else 198 else
220 { 199 {
221 set=((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set; 200 set=sk_X509_NAME_ENTRY_value(sk,loc-1)->set;
222 inc=0; 201 inc=0;
223 } 202 }
224 } 203 }
@@ -227,43 +206,38 @@ int set;
227 if (loc >= n) 206 if (loc >= n)
228 { 207 {
229 if (loc != 0) 208 if (loc != 0)
230 set=((X509_NAME_ENTRY *) 209 set=sk_X509_NAME_ENTRY_value(sk,loc-1)->set+1;
231 sk_value(sk,loc-1))->set+1;
232 else 210 else
233 set=0; 211 set=0;
234 } 212 }
235 else 213 else
236 set=((X509_NAME_ENTRY *)sk_value(sk,loc))->set; 214 set=sk_X509_NAME_ENTRY_value(sk,loc)->set;
237 inc=(set == 0)?1:0; 215 inc=(set == 0)?1:0;
238 } 216 }
239 217
240 if ((new_name=X509_NAME_ENTRY_dup(ne)) == NULL) 218 if ((new_name=X509_NAME_ENTRY_dup(ne)) == NULL)
241 goto err; 219 goto err;
242 new_name->set=set; 220 new_name->set=set;
243 if (!sk_insert(sk,(char *)new_name,loc)) 221 if (!sk_X509_NAME_ENTRY_insert(sk,new_name,loc))
244 { 222 {
245 X509err(X509_F_X509_NAME_ADD_ENTRY,ERR_R_MALLOC_FAILURE); 223 X509err(X509_F_X509_NAME_ADD_ENTRY,ERR_R_MALLOC_FAILURE);
246 goto err; 224 goto err;
247 } 225 }
248 if (inc) 226 if (inc)
249 { 227 {
250 n=sk_num(sk); 228 n=sk_X509_NAME_ENTRY_num(sk);
251 for (i=loc+1; i<n; i++) 229 for (i=loc+1; i<n; i++)
252 ((X509_NAME_ENTRY *)sk_value(sk,i-1))->set+=1; 230 sk_X509_NAME_ENTRY_value(sk,i-1)->set+=1;
253 } 231 }
254 return(1); 232 return(1);
255err: 233err:
256 if (new_name != NULL) 234 if (new_name != NULL)
257 X509_NAME_ENTRY_free(ne); 235 X509_NAME_ENTRY_free(new_name);
258 return(0); 236 return(0);
259 } 237 }
260 238
261X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(ne,nid,type,bytes,len) 239X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
262X509_NAME_ENTRY **ne; 240 int type, unsigned char *bytes, int len)
263int nid;
264int type;
265unsigned char *bytes;
266int len;
267 { 241 {
268 ASN1_OBJECT *obj; 242 ASN1_OBJECT *obj;
269 243
@@ -276,12 +250,8 @@ int len;
276 return(X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len)); 250 return(X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len));
277 } 251 }
278 252
279X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len) 253X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
280X509_NAME_ENTRY **ne; 254 ASN1_OBJECT *obj, int type, unsigned char *bytes, int len)
281ASN1_OBJECT *obj;
282int type;
283unsigned char *bytes;
284int len;
285 { 255 {
286 X509_NAME_ENTRY *ret; 256 X509_NAME_ENTRY *ret;
287 257
@@ -306,9 +276,7 @@ err:
306 return(NULL); 276 return(NULL);
307 } 277 }
308 278
309int X509_NAME_ENTRY_set_object(ne,obj) 279int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj)
310X509_NAME_ENTRY *ne;
311ASN1_OBJECT *obj;
312 { 280 {
313 if ((ne == NULL) || (obj == NULL)) 281 if ((ne == NULL) || (obj == NULL))
314 { 282 {
@@ -320,11 +288,8 @@ ASN1_OBJECT *obj;
320 return((ne->object == NULL)?0:1); 288 return((ne->object == NULL)?0:1);
321 } 289 }
322 290
323int X509_NAME_ENTRY_set_data(ne,type,bytes,len) 291int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
324X509_NAME_ENTRY *ne; 292 unsigned char *bytes, int len)
325int type;
326unsigned char *bytes;
327int len;
328 { 293 {
329 int i; 294 int i;
330 295
@@ -342,15 +307,13 @@ int len;
342 return(1); 307 return(1);
343 } 308 }
344 309
345ASN1_OBJECT *X509_NAME_ENTRY_get_object(ne) 310ASN1_OBJECT *X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne)
346X509_NAME_ENTRY *ne;
347 { 311 {
348 if (ne == NULL) return(NULL); 312 if (ne == NULL) return(NULL);
349 return(ne->object); 313 return(ne->object);
350 } 314 }
351 315
352ASN1_STRING *X509_NAME_ENTRY_get_data(ne) 316ASN1_STRING *X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne)
353X509_NAME_ENTRY *ne;
354 { 317 {
355 if (ne == NULL) return(NULL); 318 if (ne == NULL) return(NULL);
356 return(ne->value); 319 return(ne->value);
diff --git a/src/lib/libcrypto/x509/x509pack.c b/src/lib/libcrypto/x509/x509pack.c
deleted file mode 100644
index 846f125859..0000000000
--- a/src/lib/libcrypto/x509/x509pack.c
+++ /dev/null
@@ -1,157 +0,0 @@
1/* crypto/x509/x509pack.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "stack.h"
61#include "cryptlib.h"
62#include "asn1.h"
63#include "objects.h"
64#include "evp.h"
65#include "x509.h"
66
67ASN1_OCTET_STRING *X509v3_pack_string(ex,type,bytes,len)
68ASN1_OCTET_STRING **ex;
69int type;
70unsigned char *bytes;
71int len;
72 {
73 ASN1_OCTET_STRING *os;
74 ASN1_STRING str;
75 unsigned char *p;
76 int i;
77
78 if ((ex == NULL) || (*ex == NULL))
79 os=ASN1_OCTET_STRING_new();
80 else
81 os= *ex;
82
83 if (len < 0) len=strlen((char *)bytes);
84 str.length=len;
85 str.type=type;
86 str.data=bytes;
87
88 /* str now holds the data, we just have to copy it into ->value */
89
90 switch (type)
91 {
92 case V_ASN1_BIT_STRING:
93 i=i2d_ASN1_BIT_STRING((ASN1_BIT_STRING *)&str,NULL);
94 if (!ASN1_STRING_set((ASN1_STRING *)os,NULL,i))
95 goto err;
96 p=(unsigned char *)os->data;
97 i2d_ASN1_BIT_STRING((ASN1_BIT_STRING *)&str,&p);
98 break;
99 case V_ASN1_OCTET_STRING:
100 i=i2d_ASN1_OCTET_STRING((ASN1_OCTET_STRING *)&str,NULL);
101 if (!ASN1_STRING_set((ASN1_STRING *)os,NULL,i))
102 goto err;
103 p=(unsigned char *)os->data;
104 i2d_ASN1_OCTET_STRING((ASN1_OCTET_STRING *)&str,&p);
105 break;
106 case V_ASN1_IA5STRING:
107 case V_ASN1_PRINTABLESTRING:
108 case V_ASN1_T61STRING:
109 i=i2d_ASN1_bytes(&str,NULL,type,V_ASN1_UNIVERSAL);
110 if (!ASN1_STRING_set((ASN1_STRING *)os,NULL,i))
111 goto err;
112 p=(unsigned char *)os->data;
113 i=i2d_ASN1_bytes(&str,&p,type,V_ASN1_UNIVERSAL);
114 break;
115 default:
116 X509err(X509_F_X509V3_PACK_STRING,X509_R_UNKNOWN_STRING_TYPE);
117 goto err;
118 }
119 os->length=i;
120
121 if ((ex != NULL) && (os != *ex))
122 *ex=os;
123 return(os);
124err:
125 return(NULL);
126 }
127
128ASN1_STRING *X509v3_unpack_string(ex,type,os)
129ASN1_STRING **ex;
130int type;
131ASN1_OCTET_STRING *os;
132 {
133 unsigned char *p;
134 ASN1_STRING *ret=NULL;
135
136 p=os->data;
137 switch (type)
138 {
139 case V_ASN1_BIT_STRING:
140 ret=(ASN1_STRING *)d2i_ASN1_BIT_STRING(
141 (ASN1_BIT_STRING **)ex,&p,os->length);
142 break;
143 case V_ASN1_OCTET_STRING:
144 ret=(ASN1_STRING *)d2i_ASN1_OCTET_STRING(
145 (ASN1_BIT_STRING **)ex,&p,os->length);
146 break;
147 case V_ASN1_IA5STRING:
148 case V_ASN1_PRINTABLESTRING:
149 case V_ASN1_T61STRING:
150 ret=(ASN1_STRING *)d2i_ASN1_PRINTABLE(ex,&p,os->length);
151 break;
152 default:
153 X509err(X509_F_X509V3_UNPACK_STRING,X509_R_UNKNOWN_STRING_TYPE);
154 }
155 return(ret);
156 }
157
diff --git a/src/lib/libcrypto/x509/x509rset.c b/src/lib/libcrypto/x509/x509rset.c
index 323b25470a..d9f6b57372 100644
--- a/src/lib/libcrypto/x509/x509rset.c
+++ b/src/lib/libcrypto/x509/x509rset.c
@@ -58,30 +58,24 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "asn1.h" 61#include <openssl/asn1.h>
62#include "objects.h" 62#include <openssl/objects.h>
63#include "evp.h" 63#include <openssl/evp.h>
64#include "x509.h" 64#include <openssl/x509.h>
65 65
66int X509_REQ_set_version(x,version) 66int X509_REQ_set_version(X509_REQ *x, long version)
67X509_REQ *x;
68long version;
69 { 67 {
70 if (x == NULL) return(0); 68 if (x == NULL) return(0);
71 return(ASN1_INTEGER_set(x->req_info->version,version)); 69 return(ASN1_INTEGER_set(x->req_info->version,version));
72 } 70 }
73 71
74int X509_REQ_set_subject_name(x,name) 72int X509_REQ_set_subject_name(X509_REQ *x, X509_NAME *name)
75X509_REQ *x;
76X509_NAME *name;
77 { 73 {
78 if ((x == NULL) || (x->req_info == NULL)) return(0); 74 if ((x == NULL) || (x->req_info == NULL)) return(0);
79 return(X509_NAME_set(&x->req_info->subject,name)); 75 return(X509_NAME_set(&x->req_info->subject,name));
80 } 76 }
81 77
82int X509_REQ_set_pubkey(x,pkey) 78int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey)
83X509_REQ *x;
84EVP_PKEY *pkey;
85 { 79 {
86 if ((x == NULL) || (x->req_info == NULL)) return(0); 80 if ((x == NULL) || (x->req_info == NULL)) return(0);
87 return(X509_PUBKEY_set(&x->req_info->pubkey,pkey)); 81 return(X509_PUBKEY_set(&x->req_info->pubkey,pkey));
diff --git a/src/lib/libcrypto/x509/x509type.c b/src/lib/libcrypto/x509/x509type.c
index 42c23bcfca..8e78b34458 100644
--- a/src/lib/libcrypto/x509/x509type.c
+++ b/src/lib/libcrypto/x509/x509type.c
@@ -58,13 +58,11 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#include "cryptlib.h" 60#include "cryptlib.h"
61#include "evp.h" 61#include <openssl/evp.h>
62#include "objects.h" 62#include <openssl/objects.h>
63#include "x509.h" 63#include <openssl/x509.h>
64 64
65int X509_certificate_type(x,pkey) 65int X509_certificate_type(X509 *x, EVP_PKEY *pkey)
66X509 *x;
67EVP_PKEY *pkey;
68 { 66 {
69 EVP_PKEY *pk; 67 EVP_PKEY *pk;
70 int ret=0,i; 68 int ret=0,i;
@@ -108,8 +106,9 @@ EVP_PKEY *pkey;
108 break; 106 break;
109 } 107 }
110 108
111 if (EVP_PKEY_size(pkey) <= 512) 109 if (EVP_PKEY_size(pk) <= 512)
112 ret|=EVP_PKT_EXP; 110 ret|=EVP_PKT_EXP;
111 if(pkey==NULL) EVP_PKEY_free(pk);
113 return(ret); 112 return(ret);
114 } 113 }
115 114
diff --git a/src/lib/libcrypto/x509/x509v3.doc b/src/lib/libcrypto/x509/x509v3.doc
deleted file mode 100644
index 1e760a9469..0000000000
--- a/src/lib/libcrypto/x509/x509v3.doc
+++ /dev/null
@@ -1,24 +0,0 @@
1The 'new' system.
2
3The X509_EXTENSION_METHOD includes extensions and attributes and/or names.
4Basically everthing that can be added to an X509 with an OID identifying it.
5
6It operates via 2 methods per object id.
7int a2i_XXX(X509 *x,char *str,int len);
8int i2a_XXX(BIO *bp,X509 *x);
9
10The a2i_XXX function will add the object with a value converted from the
11string into the X509. Len can be -1 in which case the length is calculated
12via strlen(str). Applications can always use direct knowledge to load and
13unload the relevent objects themselves.
14
15i2a_XXX will print to the passed BIO, a text representation of the
16relevet object. Use a memory BIO if you want it printed to a buffer :-).
17
18X509_add_by_NID(X509 *x,int nid,char *str,int len);
19X509_add_by_OBJ(X509 *x,ASN1_OBJECT *obj,char *str,int len);
20
21X509_print_by_name(BIO *bp,X509 *x);
22X509_print_by_NID(BIO *bp,X509 *x);
23X509_print_by_OBJ(BIO *bp,X509 *x);
24
diff --git a/src/lib/libcrypto/x509/x_all.c b/src/lib/libcrypto/x509/x_all.c
index b7dde23e9a..f2af895df0 100644
--- a/src/lib/libcrypto/x509/x_all.c
+++ b/src/lib/libcrypto/x509/x_all.c
@@ -58,90 +58,74 @@
58 58
59#include <stdio.h> 59#include <stdio.h>
60#undef SSLEAY_MACROS 60#undef SSLEAY_MACROS
61#include "stack.h" 61#include <openssl/stack.h>
62#include "cryptlib.h" 62#include "cryptlib.h"
63#include "buffer.h" 63#include <openssl/buffer.h>
64#include "asn1.h" 64#include <openssl/asn1.h>
65#include "evp.h" 65#include <openssl/evp.h>
66#include "x509.h" 66#include <openssl/x509.h>
67 67
68int X509_verify(a,r) 68int X509_verify(X509 *a, EVP_PKEY *r)
69X509 *a;
70EVP_PKEY *r;
71 { 69 {
72 return(ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg, 70 return(ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,
73 a->signature,(char *)a->cert_info,r)); 71 a->signature,(char *)a->cert_info,r));
74 } 72 }
75 73
76int X509_REQ_verify(a,r) 74int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r)
77X509_REQ *a;
78EVP_PKEY *r;
79 { 75 {
80 return( ASN1_verify((int (*)())i2d_X509_REQ_INFO, 76 return( ASN1_verify((int (*)())i2d_X509_REQ_INFO,
81 a->sig_alg,a->signature,(char *)a->req_info,r)); 77 a->sig_alg,a->signature,(char *)a->req_info,r));
82 } 78 }
83 79
84int X509_CRL_verify(a,r) 80int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r)
85X509_CRL *a;
86EVP_PKEY *r;
87 { 81 {
88 return(ASN1_verify((int (*)())i2d_X509_CRL_INFO, 82 return(ASN1_verify((int (*)())i2d_X509_CRL_INFO,
89 a->sig_alg, a->signature,(char *)a->crl,r)); 83 a->sig_alg, a->signature,(char *)a->crl,r));
90 } 84 }
91 85
92int NETSCAPE_SPKI_verify(a,r) 86int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r)
93NETSCAPE_SPKI *a;
94EVP_PKEY *r;
95 { 87 {
96 return(ASN1_verify((int (*)())i2d_NETSCAPE_SPKAC, 88 return(ASN1_verify((int (*)())i2d_NETSCAPE_SPKAC,
97 a->sig_algor,a->signature, (char *)a->spkac,r)); 89 a->sig_algor,a->signature, (char *)a->spkac,r));
98 } 90 }
99 91
100int X509_sign(x,pkey,md) 92int X509_sign(X509 *x, EVP_PKEY *pkey, const EVP_MD *md)
101X509 *x;
102EVP_PKEY *pkey;
103EVP_MD *md;
104 { 93 {
105 return(ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, 94 return(ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature,
106 x->sig_alg, x->signature, (char *)x->cert_info,pkey,md)); 95 x->sig_alg, x->signature, (char *)x->cert_info,pkey,md));
107 } 96 }
108 97
109int X509_REQ_sign(x,pkey,md) 98int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, const EVP_MD *md)
110X509_REQ *x;
111EVP_PKEY *pkey;
112EVP_MD *md;
113 { 99 {
114 return(ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, 100 return(ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL,
115 x->signature, (char *)x->req_info,pkey,md)); 101 x->signature, (char *)x->req_info,pkey,md));
116 } 102 }
117 103
118int X509_CRL_sign(x,pkey,md) 104int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, const EVP_MD *md)
119X509_CRL *x;
120EVP_PKEY *pkey;
121EVP_MD *md;
122 { 105 {
123 return(ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg, 106 return(ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,
124 x->sig_alg, x->signature, (char *)x->crl,pkey,md)); 107 x->sig_alg, x->signature, (char *)x->crl,pkey,md));
125 } 108 }
126 109
127int NETSCAPE_SPKI_sign(x,pkey,md) 110int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, const EVP_MD *md)
128NETSCAPE_SPKI *x;
129EVP_PKEY *pkey;
130EVP_MD *md;
131 { 111 {
132 return(ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, 112 return(ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL,
133 x->signature, (char *)x->spkac,pkey,md)); 113 x->signature, (char *)x->spkac,pkey,md));
134 } 114 }
135 115
136X509 *X509_dup(x509) 116X509_ATTRIBUTE *X509_ATTRIBUTE_dup(X509_ATTRIBUTE *xa)
137X509 *x509; 117 {
118 return((X509_ATTRIBUTE *)ASN1_dup((int (*)())i2d_X509_ATTRIBUTE,
119 (char *(*)())d2i_X509_ATTRIBUTE,(char *)xa));
120 }
121
122X509 *X509_dup(X509 *x509)
138 { 123 {
139 return((X509 *)ASN1_dup((int (*)())i2d_X509, 124 return((X509 *)ASN1_dup((int (*)())i2d_X509,
140 (char *(*)())d2i_X509,(char *)x509)); 125 (char *(*)())d2i_X509,(char *)x509));
141 } 126 }
142 127
143X509_EXTENSION *X509_EXTENSION_dup(ex) 128X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex)
144X509_EXTENSION *ex;
145 { 129 {
146 return((X509_EXTENSION *)ASN1_dup( 130 return((X509_EXTENSION *)ASN1_dup(
147 (int (*)())i2d_X509_EXTENSION, 131 (int (*)())i2d_X509_EXTENSION,
@@ -149,237 +133,184 @@ X509_EXTENSION *ex;
149 } 133 }
150 134
151#ifndef NO_FP_API 135#ifndef NO_FP_API
152X509 *d2i_X509_fp(fp,x509) 136X509 *d2i_X509_fp(FILE *fp, X509 **x509)
153FILE *fp;
154X509 *x509;
155 { 137 {
156 return((X509 *)ASN1_d2i_fp((char *(*)())X509_new, 138 return((X509 *)ASN1_d2i_fp((char *(*)())X509_new,
157 (char *(*)())d2i_X509, (fp),(unsigned char **)(x509))); 139 (char *(*)())d2i_X509, (fp),(unsigned char **)(x509)));
158 } 140 }
159 141
160int i2d_X509_fp(fp,x509) 142int i2d_X509_fp(FILE *fp, X509 *x509)
161FILE *fp;
162X509 *x509;
163 { 143 {
164 return(ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509)); 144 return(ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509));
165 } 145 }
166#endif 146#endif
167 147
168X509 *d2i_X509_bio(bp,x509) 148X509 *d2i_X509_bio(BIO *bp, X509 **x509)
169BIO *bp;
170X509 *x509;
171 { 149 {
172 return((X509 *)ASN1_d2i_bio((char *(*)())X509_new, 150 return((X509 *)ASN1_d2i_bio((char *(*)())X509_new,
173 (char *(*)())d2i_X509, (bp),(unsigned char **)(x509))); 151 (char *(*)())d2i_X509, (bp),(unsigned char **)(x509)));
174 } 152 }
175 153
176int i2d_X509_bio(bp,x509) 154int i2d_X509_bio(BIO *bp, X509 *x509)
177BIO *bp;
178X509 *x509;
179 { 155 {
180 return(ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509)); 156 return(ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509));
181 } 157 }
182 158
183X509_CRL *X509_CRL_dup(crl) 159X509_CRL *X509_CRL_dup(X509_CRL *crl)
184X509_CRL *crl;
185 { 160 {
186 return((X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL, 161 return((X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL,
187 (char *(*)())d2i_X509_CRL,(char *)crl)); 162 (char *(*)())d2i_X509_CRL,(char *)crl));
188 } 163 }
189 164
190#ifndef NO_FP_API 165#ifndef NO_FP_API
191X509_CRL *d2i_X509_CRL_fp(fp,crl) 166X509_CRL *d2i_X509_CRL_fp(FILE *fp, X509_CRL **crl)
192FILE *fp;
193X509_CRL *crl;
194 { 167 {
195 return((X509_CRL *)ASN1_d2i_fp((char *(*)()) 168 return((X509_CRL *)ASN1_d2i_fp((char *(*)())
196 X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp), 169 X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),
197 (unsigned char **)(crl))); 170 (unsigned char **)(crl)));
198 } 171 }
199 172
200int i2d_X509_CRL_fp(fp,crl) 173int i2d_X509_CRL_fp(FILE *fp, X509_CRL *crl)
201FILE *fp;
202X509_CRL *crl;
203 { 174 {
204 return(ASN1_i2d_fp(i2d_X509_CRL,fp,(unsigned char *)crl)); 175 return(ASN1_i2d_fp(i2d_X509_CRL,fp,(unsigned char *)crl));
205 } 176 }
206#endif 177#endif
207 178
208X509_CRL *d2i_X509_CRL_bio(bp,crl) 179X509_CRL *d2i_X509_CRL_bio(BIO *bp, X509_CRL **crl)
209BIO *bp;
210X509_CRL *crl;
211 { 180 {
212 return((X509_CRL *)ASN1_d2i_bio((char *(*)()) 181 return((X509_CRL *)ASN1_d2i_bio((char *(*)())
213 X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp), 182 X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),
214 (unsigned char **)(crl))); 183 (unsigned char **)(crl)));
215 } 184 }
216 185
217int i2d_X509_CRL_bio(bp,crl) 186int i2d_X509_CRL_bio(BIO *bp, X509_CRL *crl)
218BIO *bp;
219X509_CRL *crl;
220 { 187 {
221 return(ASN1_i2d_bio(i2d_X509_CRL,bp,(unsigned char *)crl)); 188 return(ASN1_i2d_bio(i2d_X509_CRL,bp,(unsigned char *)crl));
222 } 189 }
223 190
224PKCS7 *PKCS7_dup(p7) 191PKCS7 *PKCS7_dup(PKCS7 *p7)
225PKCS7 *p7;
226 { 192 {
227 return((PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7, 193 return((PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7,
228 (char *(*)())d2i_PKCS7,(char *)p7)); 194 (char *(*)())d2i_PKCS7,(char *)p7));
229 } 195 }
230 196
231#ifndef NO_FP_API 197#ifndef NO_FP_API
232PKCS7 *d2i_PKCS7_fp(fp,p7) 198PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7)
233FILE *fp;
234PKCS7 *p7;
235 { 199 {
236 return((PKCS7 *)ASN1_d2i_fp((char *(*)()) 200 return((PKCS7 *)ASN1_d2i_fp((char *(*)())
237 PKCS7_new,(char *(*)())d2i_PKCS7, (fp), 201 PKCS7_new,(char *(*)())d2i_PKCS7, (fp),
238 (unsigned char **)(p7))); 202 (unsigned char **)(p7)));
239 } 203 }
240 204
241int i2d_PKCS7_fp(fp,p7) 205int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7)
242FILE *fp;
243PKCS7 *p7;
244 { 206 {
245 return(ASN1_i2d_fp(i2d_PKCS7,fp,(unsigned char *)p7)); 207 return(ASN1_i2d_fp(i2d_PKCS7,fp,(unsigned char *)p7));
246 } 208 }
247#endif 209#endif
248 210
249PKCS7 *d2i_PKCS7_bio(bp,p7) 211PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7)
250BIO *bp;
251PKCS7 *p7;
252 { 212 {
253 return((PKCS7 *)ASN1_d2i_bio((char *(*)()) 213 return((PKCS7 *)ASN1_d2i_bio((char *(*)())
254 PKCS7_new,(char *(*)())d2i_PKCS7, (bp), 214 PKCS7_new,(char *(*)())d2i_PKCS7, (bp),
255 (unsigned char **)(p7))); 215 (unsigned char **)(p7)));
256 } 216 }
257 217
258int i2d_PKCS7_bio(bp,p7) 218int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7)
259BIO *bp;
260PKCS7 *p7;
261 { 219 {
262 return(ASN1_i2d_bio(i2d_PKCS7,bp,(unsigned char *)p7)); 220 return(ASN1_i2d_bio(i2d_PKCS7,bp,(unsigned char *)p7));
263 } 221 }
264 222
265X509_REQ *X509_REQ_dup(req) 223X509_REQ *X509_REQ_dup(X509_REQ *req)
266X509_REQ *req;
267 { 224 {
268 return((X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ, 225 return((X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ,
269 (char *(*)())d2i_X509_REQ,(char *)req)); 226 (char *(*)())d2i_X509_REQ,(char *)req));
270 } 227 }
271 228
272#ifndef NO_FP_API 229#ifndef NO_FP_API
273X509_REQ *d2i_X509_REQ_fp(fp,req) 230X509_REQ *d2i_X509_REQ_fp(FILE *fp, X509_REQ **req)
274FILE *fp;
275X509_REQ *req;
276 { 231 {
277 return((X509_REQ *)ASN1_d2i_fp((char *(*)()) 232 return((X509_REQ *)ASN1_d2i_fp((char *(*)())
278 X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp), 233 X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),
279 (unsigned char **)(req))); 234 (unsigned char **)(req)));
280 } 235 }
281 236
282int i2d_X509_REQ_fp(fp,req) 237int i2d_X509_REQ_fp(FILE *fp, X509_REQ *req)
283FILE *fp;
284X509_REQ *req;
285 { 238 {
286 return(ASN1_i2d_fp(i2d_X509_REQ,fp,(unsigned char *)req)); 239 return(ASN1_i2d_fp(i2d_X509_REQ,fp,(unsigned char *)req));
287 } 240 }
288#endif 241#endif
289 242
290X509_REQ *d2i_X509_REQ_bio(bp,req) 243X509_REQ *d2i_X509_REQ_bio(BIO *bp, X509_REQ **req)
291BIO *bp;
292X509_REQ *req;
293 { 244 {
294 return((X509_REQ *)ASN1_d2i_bio((char *(*)()) 245 return((X509_REQ *)ASN1_d2i_bio((char *(*)())
295 X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp), 246 X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),
296 (unsigned char **)(req))); 247 (unsigned char **)(req)));
297 } 248 }
298 249
299int i2d_X509_REQ_bio(bp,req) 250int i2d_X509_REQ_bio(BIO *bp, X509_REQ *req)
300BIO *bp;
301X509_REQ *req;
302 { 251 {
303 return(ASN1_i2d_bio(i2d_X509_REQ,bp,(unsigned char *)req)); 252 return(ASN1_i2d_bio(i2d_X509_REQ,bp,(unsigned char *)req));
304 } 253 }
305 254
306#ifndef NO_RSA 255#ifndef NO_RSA
307RSA *RSAPublicKey_dup(rsa) 256RSA *RSAPublicKey_dup(RSA *rsa)
308RSA *rsa;
309 { 257 {
310 return((RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey, 258 return((RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey,
311 (char *(*)())d2i_RSAPublicKey,(char *)rsa)); 259 (char *(*)())d2i_RSAPublicKey,(char *)rsa));
312 } 260 }
313 261
314RSA *RSAPrivateKey_dup(rsa) 262RSA *RSAPrivateKey_dup(RSA *rsa)
315RSA *rsa;
316 { 263 {
317 return((RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey, 264 return((RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey,
318 (char *(*)())d2i_RSAPrivateKey,(char *)rsa)); 265 (char *(*)())d2i_RSAPrivateKey,(char *)rsa));
319 } 266 }
320 267
321#ifndef NO_FP_API 268#ifndef NO_FP_API
322RSA *d2i_RSAPrivateKey_fp(fp,rsa) 269RSA *d2i_RSAPrivateKey_fp(FILE *fp, RSA **rsa)
323FILE *fp;
324RSA *rsa;
325 { 270 {
326 return((RSA *)ASN1_d2i_fp((char *(*)()) 271 return((RSA *)ASN1_d2i_fp((char *(*)())
327 RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp), 272 RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp),
328 (unsigned char **)(rsa))); 273 (unsigned char **)(rsa)));
329 } 274 }
330 275
331int i2d_RSAPrivateKey_fp(fp,rsa) 276int i2d_RSAPrivateKey_fp(FILE *fp, RSA *rsa)
332FILE *fp;
333RSA *rsa;
334 { 277 {
335 return(ASN1_i2d_fp(i2d_RSAPrivateKey,fp,(unsigned char *)rsa)); 278 return(ASN1_i2d_fp(i2d_RSAPrivateKey,fp,(unsigned char *)rsa));
336 } 279 }
337 280
338RSA *d2i_RSAPublicKey_fp(fp,rsa) 281RSA *d2i_RSAPublicKey_fp(FILE *fp, RSA **rsa)
339FILE *fp;
340RSA *rsa;
341 { 282 {
342 return((RSA *)ASN1_d2i_fp((char *(*)()) 283 return((RSA *)ASN1_d2i_fp((char *(*)())
343 RSA_new,(char *(*)())d2i_RSAPublicKey, (fp), 284 RSA_new,(char *(*)())d2i_RSAPublicKey, (fp),
344 (unsigned char **)(rsa))); 285 (unsigned char **)(rsa)));
345 } 286 }
346 287
347int i2d_RSAPublicKey_fp(fp,rsa) 288int i2d_RSAPublicKey_fp(FILE *fp, RSA *rsa)
348FILE *fp;
349RSA *rsa;
350 { 289 {
351 return(ASN1_i2d_fp(i2d_RSAPublicKey,fp,(unsigned char *)rsa)); 290 return(ASN1_i2d_fp(i2d_RSAPublicKey,fp,(unsigned char *)rsa));
352 } 291 }
353#endif 292#endif
354 293
355RSA *d2i_RSAPrivateKey_bio(bp,rsa) 294RSA *d2i_RSAPrivateKey_bio(BIO *bp, RSA **rsa)
356BIO *bp;
357RSA *rsa;
358 { 295 {
359 return((RSA *)ASN1_d2i_bio((char *(*)()) 296 return((RSA *)ASN1_d2i_bio((char *(*)())
360 RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp), 297 RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp),
361 (unsigned char **)(rsa))); 298 (unsigned char **)(rsa)));
362 } 299 }
363 300
364int i2d_RSAPrivateKey_bio(bp,rsa) 301int i2d_RSAPrivateKey_bio(BIO *bp, RSA *rsa)
365BIO *bp;
366RSA *rsa;
367 { 302 {
368 return(ASN1_i2d_bio(i2d_RSAPrivateKey,bp,(unsigned char *)rsa)); 303 return(ASN1_i2d_bio(i2d_RSAPrivateKey,bp,(unsigned char *)rsa));
369 } 304 }
370 305
371RSA *d2i_RSAPublicKey_bio(bp,rsa) 306RSA *d2i_RSAPublicKey_bio(BIO *bp, RSA **rsa)
372BIO *bp;
373RSA *rsa;
374 { 307 {
375 return((RSA *)ASN1_d2i_bio((char *(*)()) 308 return((RSA *)ASN1_d2i_bio((char *(*)())
376 RSA_new,(char *(*)())d2i_RSAPublicKey, (bp), 309 RSA_new,(char *(*)())d2i_RSAPublicKey, (bp),
377 (unsigned char **)(rsa))); 310 (unsigned char **)(rsa)));
378 } 311 }
379 312
380int i2d_RSAPublicKey_bio(bp,rsa) 313int i2d_RSAPublicKey_bio(BIO *bp, RSA *rsa)
381BIO *bp;
382RSA *rsa;
383 { 314 {
384 return(ASN1_i2d_bio(i2d_RSAPublicKey,bp,(unsigned char *)rsa)); 315 return(ASN1_i2d_bio(i2d_RSAPublicKey,bp,(unsigned char *)rsa));
385 } 316 }
@@ -387,79 +318,120 @@ RSA *rsa;
387 318
388#ifndef NO_DSA 319#ifndef NO_DSA
389#ifndef NO_FP_API 320#ifndef NO_FP_API
390DSA *d2i_DSAPrivateKey_fp(fp,dsa) 321DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA **dsa)
391FILE *fp;
392DSA *dsa;
393 { 322 {
394 return((DSA *)ASN1_d2i_fp((char *(*)()) 323 return((DSA *)ASN1_d2i_fp((char *(*)())
395 DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), 324 DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp),
396 (unsigned char **)(dsa))); 325 (unsigned char **)(dsa)));
397 } 326 }
398 327
399int i2d_DSAPrivateKey_fp(fp,dsa) 328int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa)
400FILE *fp;
401DSA *dsa;
402 { 329 {
403 return(ASN1_i2d_fp(i2d_DSAPrivateKey,fp,(unsigned char *)dsa)); 330 return(ASN1_i2d_fp(i2d_DSAPrivateKey,fp,(unsigned char *)dsa));
404 } 331 }
405#endif 332#endif
406 333
407DSA *d2i_DSAPrivateKey_bio(bp,dsa) 334DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA **dsa)
408BIO *bp;
409DSA *dsa;
410 { 335 {
411 return((DSA *)ASN1_d2i_bio((char *(*)()) 336 return((DSA *)ASN1_d2i_bio((char *(*)())
412 DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), 337 DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp),
413 (unsigned char **)(dsa))); 338 (unsigned char **)(dsa)));
414 } 339 }
415 340
416int i2d_DSAPrivateKey_bio(bp,dsa) 341int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa)
417BIO *bp;
418DSA *dsa;
419 { 342 {
420 return(ASN1_i2d_bio(i2d_DSAPrivateKey,bp,(unsigned char *)dsa)); 343 return(ASN1_i2d_bio(i2d_DSAPrivateKey,bp,(unsigned char *)dsa));
421 } 344 }
422#endif 345#endif
423 346
424X509_NAME *X509_NAME_dup(xn) 347X509_ALGOR *X509_ALGOR_dup(X509_ALGOR *xn)
425X509_NAME *xn; 348 {
349 return((X509_ALGOR *)ASN1_dup((int (*)())i2d_X509_ALGOR,
350 (char *(*)())d2i_X509_ALGOR,(char *)xn));
351 }
352
353X509_NAME *X509_NAME_dup(X509_NAME *xn)
426 { 354 {
427 return((X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, 355 return((X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME,
428 (char *(*)())d2i_X509_NAME,(char *)xn)); 356 (char *(*)())d2i_X509_NAME,(char *)xn));
429 } 357 }
430 358
431X509_NAME_ENTRY *X509_NAME_ENTRY_dup(ne) 359X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne)
432X509_NAME_ENTRY *ne;
433 { 360 {
434 return((X509_NAME_ENTRY *)ASN1_dup((int (*)())i2d_X509_NAME_ENTRY, 361 return((X509_NAME_ENTRY *)ASN1_dup((int (*)())i2d_X509_NAME_ENTRY,
435 (char *(*)())d2i_X509_NAME_ENTRY,(char *)ne)); 362 (char *(*)())d2i_X509_NAME_ENTRY,(char *)ne));
436 } 363 }
437 364
438int X509_digest(data,type,md,len) 365int X509_digest(X509 *data, EVP_MD *type, unsigned char *md,
439X509 *data; 366 unsigned int *len)
440EVP_MD *type;
441unsigned char *md;
442unsigned int *len;
443 { 367 {
444 return(ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len)); 368 return(ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len));
445 } 369 }
446 370
447int X509_NAME_digest(data,type,md,len) 371int X509_NAME_digest(X509_NAME *data, EVP_MD *type, unsigned char *md,
448X509_NAME *data; 372 unsigned int *len)
449EVP_MD *type;
450unsigned char *md;
451unsigned int *len;
452 { 373 {
453 return(ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len)); 374 return(ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len));
454 } 375 }
455 376
456int PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) 377int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, EVP_MD *type,
457PKCS7_ISSUER_AND_SERIAL *data; 378 unsigned char *md, unsigned int *len)
458EVP_MD *type;
459unsigned char *md;
460unsigned int *len;
461 { 379 {
462 return(ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type, 380 return(ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,
463 (char *)data,md,len)); 381 (char *)data,md,len));
464 } 382 }
465 383
384
385#ifndef NO_FP_API
386X509_SIG *d2i_PKCS8_fp(FILE *fp, X509_SIG **p8)
387 {
388 return((X509_SIG *)ASN1_d2i_fp((char *(*)())X509_SIG_new,
389 (char *(*)())d2i_X509_SIG, (fp),(unsigned char **)(p8)));
390 }
391
392int i2d_PKCS8_fp(FILE *fp, X509_SIG *p8)
393 {
394 return(ASN1_i2d_fp(i2d_X509_SIG,fp,(unsigned char *)p8));
395 }
396#endif
397
398X509_SIG *d2i_PKCS8_bio(BIO *bp, X509_SIG **p8)
399 {
400 return((X509_SIG *)ASN1_d2i_bio((char *(*)())X509_SIG_new,
401 (char *(*)())d2i_X509_SIG, (bp),(unsigned char **)(p8)));
402 }
403
404int i2d_PKCS8_bio(BIO *bp, X509_SIG *p8)
405 {
406 return(ASN1_i2d_bio(i2d_X509_SIG,bp,(unsigned char *)p8));
407 }
408
409#ifndef NO_FP_API
410PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_fp(FILE *fp,
411 PKCS8_PRIV_KEY_INFO **p8inf)
412 {
413 return((PKCS8_PRIV_KEY_INFO *)ASN1_d2i_fp(
414 (char *(*)())PKCS8_PRIV_KEY_INFO_new,
415 (char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (fp),
416 (unsigned char **)(p8inf)));
417 }
418
419int i2d_PKCS8_PRIV_KEY_INFO_fp(FILE *fp, PKCS8_PRIV_KEY_INFO *p8inf)
420 {
421 return(ASN1_i2d_fp(i2d_PKCS8_PRIV_KEY_INFO,fp,(unsigned char *)p8inf));
422 }
423#endif
424
425PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO_bio(BIO *bp,
426 PKCS8_PRIV_KEY_INFO **p8inf)
427 {
428 return((PKCS8_PRIV_KEY_INFO *)ASN1_d2i_bio(
429 (char *(*)())PKCS8_PRIV_KEY_INFO_new,
430 (char *(*)())d2i_PKCS8_PRIV_KEY_INFO, (bp),
431 (unsigned char **)(p8inf)));
432 }
433
434int i2d_PKCS8_PRIV_KEY_INFO_bio(BIO *bp, PKCS8_PRIV_KEY_INFO *p8inf)
435 {
436 return(ASN1_i2d_bio(i2d_PKCS8_PRIV_KEY_INFO,bp,(unsigned char *)p8inf));
437 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-26 07:41:27 +0000