1 files changed, 46 insertions, 42 deletions
diff --git a/src/lib/libcrypto/x509v3/v3_bitst.c b/src/lib/libcrypto/x509v3/v3_bitst.c
index 058d0d4dce..31549cf003 100644
--- a/src/lib/libcrypto/x509v3/v3_bitst.c
+++ b/src/lib/libcrypto/x509v3/v3_bitst.c
@@ -10,7 +10,7 @@
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
- *    notice, this list of conditions and the following disclaimer. 
+ *    notice, this list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
@@ -62,74 +62,80 @@
 #include <openssl/x509v3.h>
 static BIT_STRING_BITNAME ns_cert_type_table[] = {
-{0, "SSL Client", "client"},
+        {0, "SSL Client", "client"},
-{1, "SSL Server", "server"},
+        {1, "SSL Server", "server"},
-{2, "S/MIME", "email"},
+        {2, "S/MIME", "email"},
-{3, "Object Signing", "objsign"},
+        {3, "Object Signing", "objsign"},
-{4, "Unused", "reserved"},
+        {4, "Unused", "reserved"},
-{5, "SSL CA", "sslCA"},
+        {5, "SSL CA", "sslCA"},
-{6, "S/MIME CA", "emailCA"},
+        {6, "S/MIME CA", "emailCA"},
-{7, "Object Signing CA", "objCA"},
+        {7, "Object Signing CA", "objCA"},
-{-1, NULL, NULL}
+        {-1, NULL, NULL}
 };
 static BIT_STRING_BITNAME key_usage_type_table[] = {
-{0, "Digital Signature", "digitalSignature"},
+        {0, "Digital Signature", "digitalSignature"},
-{1, "Non Repudiation", "nonRepudiation"},
+        {1, "Non Repudiation", "nonRepudiation"},
-{2, "Key Encipherment", "keyEncipherment"},
+        {2, "Key Encipherment", "keyEncipherment"},
-{3, "Data Encipherment", "dataEncipherment"},
+        {3, "Data Encipherment", "dataEncipherment"},
-{4, "Key Agreement", "keyAgreement"},
+        {4, "Key Agreement", "keyAgreement"},
-{5, "Certificate Sign", "keyCertSign"},
+        {5, "Certificate Sign", "keyCertSign"},
-{6, "CRL Sign", "cRLSign"},
+        {6, "CRL Sign", "cRLSign"},
-{7, "Encipher Only", "encipherOnly"},
+        {7, "Encipher Only", "encipherOnly"},
-{8, "Decipher Only", "decipherOnly"},
+        {8, "Decipher Only", "decipherOnly"},
-{-1, NULL, NULL}
+        {-1, NULL, NULL}
 };
+const X509V3_EXT_METHOD v3_nscert =
+    EXT_BITSTRING(NID_netscape_cert_type, ns_cert_type_table);
+const X509V3_EXT_METHOD v3_key_usage =
+    EXT_BITSTRING(NID_key_usage, key_usage_type_table);
-const X509V3_EXT_METHOD v3_nscert = EXT_BITSTRING(NID_netscape_cert_type, ns_cert_type_table);
+STACK_OF(CONF_VALUE) *
-const X509V3_EXT_METHOD v3_key_usage = EXT_BITSTRING(NID_key_usage, key_usage_type_table);
+i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, ASN1_BIT_STRING *bits,
+    STACK_OF(CONF_VALUE) *ret)
-STACK_OF(CONF_VALUE) *i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
-             ASN1_BIT_STRING *bits, STACK_OF(CONF_VALUE) *ret)
 {
        BIT_STRING_BITNAME *bnam;
-        for(bnam =method->usr_data; bnam->lname; bnam++) {
-                if(ASN1_BIT_STRING_get_bit(bits, bnam->bitnum)) 
+        for (bnam = method->usr_data; bnam->lname; bnam++) {
+                if (ASN1_BIT_STRING_get_bit(bits, bnam->bitnum))
                        X509V3_add_value(bnam->lname, NULL, &ret);
        }
        return ret;
 }
-        
-ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
+ASN1_BIT_STRING *
-             X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
+v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,
+    STACK_OF(CONF_VALUE) *nval)
 {
        CONF_VALUE *val;
        ASN1_BIT_STRING *bs;
        int i;
        BIT_STRING_BITNAME *bnam;
-        if(!(bs = M_ASN1_BIT_STRING_new())) {
-                X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,ERR_R_MALLOC_FAILURE);
+        if (!(bs = M_ASN1_BIT_STRING_new())) {
+                X509V3err(X509V3_F_V2I_ASN1_BIT_STRING, ERR_R_MALLOC_FAILURE);
                return NULL;
        }
-        for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
+        for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
                val = sk_CONF_VALUE_value(nval, i);
-                for(bnam = method->usr_data; bnam->lname; bnam++) {
+                for (bnam = method->usr_data; bnam->lname; bnam++) {
-                        if(!strcmp(bnam->sname, val->name) ||
+                        if (!strcmp(bnam->sname, val->name) ||
-                                !strcmp(bnam->lname, val->name) ) {
+                            !strcmp(bnam->lname, val->name) ) {
-                                if(!ASN1_BIT_STRING_set_bit(bs, bnam->bitnum, 1)) {
+                                if (!ASN1_BIT_STRING_set_bit(bs,
+                                    bnam->bitnum, 1)) {
                                        X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,
-                                                ERR_R_MALLOC_FAILURE);
+                                            ERR_R_MALLOC_FAILURE);
                                        M_ASN1_BIT_STRING_free(bs);
                                        return NULL;
                                }
                                break;
                        }
                }
-                if(!bnam->lname) {
+                if (!bnam->lname) {
                        X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,
-                                        X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT);
+                            X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT);
                        X509V3_conf_err(val);
                        M_ASN1_BIT_STRING_free(bs);
                        return NULL;
@@ -137,5 +143,3 @@ ASN1_BIT_STRING *v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD *method,
        }
        return bs;
 }
-

diff --git a/src/lib/libcrypto/x509v3/v3_bitst.c b/src/lib/libcrypto/x509v3/v3_bitst.c index 058d0d4dce..31549cf003 100644 --- a/src/lib/libcrypto/x509v3/v3_bitst.c +++ b/src/lib/libcrypto/x509v3/v3_bitst.c
@@ -10,7 +10,7 @@
10	* are met:	10	* are met:
11	*	11	*
12	* 1. Redistributions of source code must retain the above copyright	12	* 1. Redistributions of source code must retain the above copyright
13	* notice, this list of conditions and the following disclaimer.	13	* notice, this list of conditions and the following disclaimer.
14	*	14	*
15	* 2. Redistributions in binary form must reproduce the above copyright	15	* 2. Redistributions in binary form must reproduce the above copyright
16	* notice, this list of conditions and the following disclaimer in	16	* notice, this list of conditions and the following disclaimer in
@@ -62,74 +62,80 @@
62	#include <openssl/x509v3.h>	62	#include <openssl/x509v3.h>
63		63
64	static BIT_STRING_BITNAME ns_cert_type_table[] = {	64	static BIT_STRING_BITNAME ns_cert_type_table[] = {
65	{0, "SSL Client", "client"},	65	{0, "SSL Client", "client"},
66	{1, "SSL Server", "server"},	66	{1, "SSL Server", "server"},
67	{2, "S/MIME", "email"},	67	{2, "S/MIME", "email"},
68	{3, "Object Signing", "objsign"},	68	{3, "Object Signing", "objsign"},
69	{4, "Unused", "reserved"},	69	{4, "Unused", "reserved"},
70	{5, "SSL CA", "sslCA"},	70	{5, "SSL CA", "sslCA"},
71	{6, "S/MIME CA", "emailCA"},	71	{6, "S/MIME CA", "emailCA"},
72	{7, "Object Signing CA", "objCA"},	72	{7, "Object Signing CA", "objCA"},
73	{-1, NULL, NULL}	73	{-1, NULL, NULL}
74	};	74	};
75		75
76	static BIT_STRING_BITNAME key_usage_type_table[] = {	76	static BIT_STRING_BITNAME key_usage_type_table[] = {
77	{0, "Digital Signature", "digitalSignature"},	77	{0, "Digital Signature", "digitalSignature"},
78	{1, "Non Repudiation", "nonRepudiation"},	78	{1, "Non Repudiation", "nonRepudiation"},
79	{2, "Key Encipherment", "keyEncipherment"},	79	{2, "Key Encipherment", "keyEncipherment"},
80	{3, "Data Encipherment", "dataEncipherment"},	80	{3, "Data Encipherment", "dataEncipherment"},
81	{4, "Key Agreement", "keyAgreement"},	81	{4, "Key Agreement", "keyAgreement"},
82	{5, "Certificate Sign", "keyCertSign"},	82	{5, "Certificate Sign", "keyCertSign"},
83	{6, "CRL Sign", "cRLSign"},	83	{6, "CRL Sign", "cRLSign"},
84	{7, "Encipher Only", "encipherOnly"},	84	{7, "Encipher Only", "encipherOnly"},
85	{8, "Decipher Only", "decipherOnly"},	85	{8, "Decipher Only", "decipherOnly"},
86	{-1, NULL, NULL}	86	{-1, NULL, NULL}
87	};	87	};
88		88
89		89
		90	const X509V3_EXT_METHOD v3_nscert =
		91	EXT_BITSTRING(NID_netscape_cert_type, ns_cert_type_table);
		92	const X509V3_EXT_METHOD v3_key_usage =
		93	EXT_BITSTRING(NID_key_usage, key_usage_type_table);
90		94
91	const X509V3_EXT_METHOD v3_nscert = EXT_BITSTRING(NID_netscape_cert_type, ns_cert_type_table);	95	STACK_OF(CONF_VALUE) *
92	const X509V3_EXT_METHOD v3_key_usage = EXT_BITSTRING(NID_key_usage, key_usage_type_table);	96	i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD method, ASN1_BIT_STRING bits,
93		97	STACK_OF(CONF_VALUE) *ret)
94	STACK_OF(CONF_VALUE) i2v_ASN1_BIT_STRING(X509V3_EXT_METHOD method,
95	ASN1_BIT_STRING bits, STACK_OF(CONF_VALUE) ret)
96	{	98	{
97	BIT_STRING_BITNAME *bnam;	99	BIT_STRING_BITNAME *bnam;
98	for(bnam =method->usr_data; bnam->lname; bnam++) {	100
99	if(ASN1_BIT_STRING_get_bit(bits, bnam->bitnum))	101	for (bnam = method->usr_data; bnam->lname; bnam++) {
		102	if (ASN1_BIT_STRING_get_bit(bits, bnam->bitnum))
100	X509V3_add_value(bnam->lname, NULL, &ret);	103	X509V3_add_value(bnam->lname, NULL, &ret);
101	}	104	}
102	return ret;	105	return ret;
103	}	106	}
104		107
105	ASN1_BIT_STRING v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD method,	108	ASN1_BIT_STRING *
106	X509V3_CTX ctx, STACK_OF(CONF_VALUE) nval)	109	v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD method, X509V3_CTX ctx,
		110	STACK_OF(CONF_VALUE) *nval)
107	{	111	{
108	CONF_VALUE *val;	112	CONF_VALUE *val;
109	ASN1_BIT_STRING *bs;	113	ASN1_BIT_STRING *bs;
110	int i;	114	int i;
111	BIT_STRING_BITNAME *bnam;	115	BIT_STRING_BITNAME *bnam;
112	if(!(bs = M_ASN1_BIT_STRING_new())) {	116
113	X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,ERR_R_MALLOC_FAILURE);	117	if (!(bs = M_ASN1_BIT_STRING_new())) {
		118	X509V3err(X509V3_F_V2I_ASN1_BIT_STRING, ERR_R_MALLOC_FAILURE);
114	return NULL;	119	return NULL;
115	}	120	}
116	for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {	121	for (i = 0; i < sk_CONF_VALUE_num(nval); i++) {
117	val = sk_CONF_VALUE_value(nval, i);	122	val = sk_CONF_VALUE_value(nval, i);
118	for(bnam = method->usr_data; bnam->lname; bnam++) {	123	for (bnam = method->usr_data; bnam->lname; bnam++) {
119	if(!strcmp(bnam->sname, val->name) \|\|	124	if (!strcmp(bnam->sname, val->name) \|\|
120	!strcmp(bnam->lname, val->name) ) {	125	!strcmp(bnam->lname, val->name) ) {
121	if(!ASN1_BIT_STRING_set_bit(bs, bnam->bitnum, 1)) {	126	if (!ASN1_BIT_STRING_set_bit(bs,
		127	bnam->bitnum, 1)) {
122	X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,	128	X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,
123	ERR_R_MALLOC_FAILURE);	129	ERR_R_MALLOC_FAILURE);
124	M_ASN1_BIT_STRING_free(bs);	130	M_ASN1_BIT_STRING_free(bs);
125	return NULL;	131	return NULL;
126	}	132	}
127	break;	133	break;
128	}	134	}
129	}	135	}
130	if(!bnam->lname) {	136	if (!bnam->lname) {
131	X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,	137	X509V3err(X509V3_F_V2I_ASN1_BIT_STRING,
132	X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT);	138	X509V3_R_UNKNOWN_BIT_STRING_ARGUMENT);
133	X509V3_conf_err(val);	139	X509V3_conf_err(val);
134	M_ASN1_BIT_STRING_free(bs);	140	M_ASN1_BIT_STRING_free(bs);
135	return NULL;	141	return NULL;
@@ -137,5 +143,3 @@ ASN1_BIT_STRING v2i_ASN1_BIT_STRING(X509V3_EXT_METHOD method,
137	}	143	}
138	return bs;	144	return bs;
139	}	145	}
140
141