1 files changed, 62 insertions, 70 deletions
diff --git a/src/lib/libcrypto/x509v3/v3_extku.c b/src/lib/libcrypto/x509v3/v3_extku.c
index 53ec40a027..b1cfaba1aa 100644
--- a/src/lib/libcrypto/x509v3/v3_extku.c
+++ b/src/lib/libcrypto/x509v3/v3_extku.c
@@ -59,92 +59,84 @@
 #include <stdio.h>
 #include "cryptlib.h"
-#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
 #include <openssl/conf.h>
 #include <openssl/x509v3.h>
-static STACK_OF(ASN1_OBJECT) *v2i_ext_ku(X509V3_EXT_METHOD *method,
+static void *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
                                X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static STACK_OF(CONF_VALUE) *i2v_ext_ku(X509V3_EXT_METHOD *method,
+static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
-                STACK_OF(ASN1_OBJECT) *eku, STACK_OF(CONF_VALUE) *extlist);
+                void *eku, STACK_OF(CONF_VALUE) *extlist);
 X509V3_EXT_METHOD v3_ext_ku = {
-NID_ext_key_usage, 0,
+        NID_ext_key_usage, 0,
-(X509V3_EXT_NEW)ext_ku_new,
+        ASN1_ITEM_ref(EXTENDED_KEY_USAGE),
-(X509V3_EXT_FREE)ext_ku_free,
+        0,0,0,0,
-(X509V3_EXT_D2I)d2i_ext_ku,
+        0,0,
-(X509V3_EXT_I2D)i2d_ext_ku,
+        i2v_EXTENDED_KEY_USAGE,
-NULL, NULL,
+        v2i_EXTENDED_KEY_USAGE,
-(X509V3_EXT_I2V)i2v_ext_ku,
+        0,0,
-(X509V3_EXT_V2I)v2i_ext_ku,
+        NULL
-NULL,NULL,
-NULL
 };
-STACK_OF(ASN1_OBJECT) *ext_ku_new(void)
+/* NB OCSP acceptable responses also is a SEQUENCE OF OBJECT */
-{
+X509V3_EXT_METHOD v3_ocsp_accresp = {
-        return sk_ASN1_OBJECT_new_null();
+        NID_id_pkix_OCSP_acceptableResponses, 0,
-}
+        ASN1_ITEM_ref(EXTENDED_KEY_USAGE),
+        0,0,0,0,
-void ext_ku_free(STACK_OF(ASN1_OBJECT) *eku)
+        0,0,
-{
+        i2v_EXTENDED_KEY_USAGE,
-        sk_ASN1_OBJECT_pop_free(eku, ASN1_OBJECT_free);
+        v2i_EXTENDED_KEY_USAGE,
-        return;
+        0,0,
-}
+        NULL
+};
-int i2d_ext_ku(STACK_OF(ASN1_OBJECT) *a, unsigned char **pp)
-{
-        return i2d_ASN1_SET_OF_ASN1_OBJECT(a, pp, i2d_ASN1_OBJECT,
-                                V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE);
-}
-STACK_OF(ASN1_OBJECT) *d2i_ext_ku(STACK_OF(ASN1_OBJECT) **a,
-                                        unsigned char **pp, long length)
-{
-        return d2i_ASN1_SET_OF_ASN1_OBJECT(a, pp, length, d2i_ASN1_OBJECT,
-                         ASN1_OBJECT_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-}
+ASN1_ITEM_TEMPLATE(EXTENDED_KEY_USAGE) = 
+        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, EXTENDED_KEY_USAGE, ASN1_OBJECT)
+ASN1_ITEM_TEMPLATE_END(EXTENDED_KEY_USAGE)
+IMPLEMENT_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
-static STACK_OF(CONF_VALUE) *i2v_ext_ku(X509V3_EXT_METHOD *method,
+static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
-                STACK_OF(ASN1_OBJECT) *eku, STACK_OF(CONF_VALUE) *ext_list)
+                void *a, STACK_OF(CONF_VALUE) *ext_list)
 {
-int i;
+        EXTENDED_KEY_USAGE *eku = a;
-ASN1_OBJECT *obj;
+        int i;
-char obj_tmp[80];
+        ASN1_OBJECT *obj;
-for(i = 0; i < sk_ASN1_OBJECT_num(eku); i++) {
+        char obj_tmp[80];
-        obj = sk_ASN1_OBJECT_value(eku, i);
+        for(i = 0; i < sk_ASN1_OBJECT_num(eku); i++) {
-        i2t_ASN1_OBJECT(obj_tmp, 80, obj);
+                obj = sk_ASN1_OBJECT_value(eku, i);
-        X509V3_add_value(NULL, obj_tmp, &ext_list);
+                i2t_ASN1_OBJECT(obj_tmp, 80, obj);
-}
+                X509V3_add_value(NULL, obj_tmp, &ext_list);
-return ext_list;
+        }
+        return ext_list;
 }
-static STACK_OF(ASN1_OBJECT) *v2i_ext_ku(X509V3_EXT_METHOD *method,
+static void *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
                                X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
 {
-STACK_OF(ASN1_OBJECT) *extku;
+        EXTENDED_KEY_USAGE *extku;
-char *extval;
+        char *extval;
-ASN1_OBJECT *objtmp;
+        ASN1_OBJECT *objtmp;
-CONF_VALUE *val;
+        CONF_VALUE *val;
-int i;
+        int i;
-if(!(extku = sk_ASN1_OBJECT_new_null())) {
+        if(!(extku = sk_ASN1_OBJECT_new_null())) {
-        X509V3err(X509V3_F_V2I_EXT_KU,ERR_R_MALLOC_FAILURE);
+                X509V3err(X509V3_F_V2I_EXT_KU,ERR_R_MALLOC_FAILURE);
-        return NULL;
-}
-for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-        val = sk_CONF_VALUE_value(nval, i);
-        if(val->value) extval = val->value;
-        else extval = val->name;
-        if(!(objtmp = OBJ_txt2obj(extval, 0))) {
-                sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free);
-                X509V3err(X509V3_F_V2I_EXT_KU,X509V3_R_INVALID_OBJECT_IDENTIFIER);
-                X509V3_conf_err(val);
                return NULL;
        }
-        sk_ASN1_OBJECT_push(extku, objtmp);
-}
+        for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
-return extku;
+                val = sk_CONF_VALUE_value(nval, i);
+                if(val->value) extval = val->value;
+                else extval = val->name;
+                if(!(objtmp = OBJ_txt2obj(extval, 0))) {
+                        sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free);
+                        X509V3err(X509V3_F_V2I_EXT_KU,X509V3_R_INVALID_OBJECT_IDENTIFIER);
+                        X509V3_conf_err(val);
+                        return NULL;
+                }
+                sk_ASN1_OBJECT_push(extku, objtmp);
+        }
+        return extku;
 }

diff --git a/src/lib/libcrypto/x509v3/v3_extku.c b/src/lib/libcrypto/x509v3/v3_extku.c index 53ec40a027..b1cfaba1aa 100644 --- a/src/lib/libcrypto/x509v3/v3_extku.c +++ b/src/lib/libcrypto/x509v3/v3_extku.c
@@ -59,92 +59,84 @@
59		59
60	#include <stdio.h>	60	#include <stdio.h>
61	#include "cryptlib.h"	61	#include "cryptlib.h"
62	#include <openssl/asn1.h>	62	#include <openssl/asn1t.h>
63	#include <openssl/conf.h>	63	#include <openssl/conf.h>
64	#include <openssl/x509v3.h>	64	#include <openssl/x509v3.h>
65		65
66	static STACK_OF(ASN1_OBJECT) v2i_ext_ku(X509V3_EXT_METHOD method,	66	static void v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD method,
67	X509V3_CTX ctx, STACK_OF(CONF_VALUE) nval);	67	X509V3_CTX ctx, STACK_OF(CONF_VALUE) nval);
68	static STACK_OF(CONF_VALUE) i2v_ext_ku(X509V3_EXT_METHOD method,	68	static STACK_OF(CONF_VALUE) i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD method,
69	STACK_OF(ASN1_OBJECT) eku, STACK_OF(CONF_VALUE) extlist);	69	void eku, STACK_OF(CONF_VALUE) extlist);
		70
70	X509V3_EXT_METHOD v3_ext_ku = {	71	X509V3_EXT_METHOD v3_ext_ku = {
71	NID_ext_key_usage, 0,	72	NID_ext_key_usage, 0,
72	(X509V3_EXT_NEW)ext_ku_new,	73	ASN1_ITEM_ref(EXTENDED_KEY_USAGE),
73	(X509V3_EXT_FREE)ext_ku_free,	74	0,0,0,0,
74	(X509V3_EXT_D2I)d2i_ext_ku,	75	0,0,
75	(X509V3_EXT_I2D)i2d_ext_ku,	76	i2v_EXTENDED_KEY_USAGE,
76	NULL, NULL,	77	v2i_EXTENDED_KEY_USAGE,
77	(X509V3_EXT_I2V)i2v_ext_ku,	78	0,0,
78	(X509V3_EXT_V2I)v2i_ext_ku,	79	NULL
79	NULL,NULL,
80	NULL
81	};	80	};
82		81
83	STACK_OF(ASN1_OBJECT) *ext_ku_new(void)	82	/* NB OCSP acceptable responses also is a SEQUENCE OF OBJECT */
84	{	83	X509V3_EXT_METHOD v3_ocsp_accresp = {
85	return sk_ASN1_OBJECT_new_null();	84	NID_id_pkix_OCSP_acceptableResponses, 0,
86	}	85	ASN1_ITEM_ref(EXTENDED_KEY_USAGE),
87		86	0,0,0,0,
88	void ext_ku_free(STACK_OF(ASN1_OBJECT) *eku)	87	0,0,
89	{	88	i2v_EXTENDED_KEY_USAGE,
90	sk_ASN1_OBJECT_pop_free(eku, ASN1_OBJECT_free);	89	v2i_EXTENDED_KEY_USAGE,
91	return;	90	0,0,
92	}	91	NULL
93		92	};
94	int i2d_ext_ku(STACK_OF(ASN1_OBJECT) a, unsigned char *pp)
95	{
96	return i2d_ASN1_SET_OF_ASN1_OBJECT(a, pp, i2d_ASN1_OBJECT,
97	V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE);
98	}
99
100	STACK_OF(ASN1_OBJECT) d2i_ext_ku(STACK_OF(ASN1_OBJECT) *a,
101	unsigned char **pp, long length)
102	{
103	return d2i_ASN1_SET_OF_ASN1_OBJECT(a, pp, length, d2i_ASN1_OBJECT,
104	ASN1_OBJECT_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
105	}
106		93
		94	ASN1_ITEM_TEMPLATE(EXTENDED_KEY_USAGE) =
		95	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, EXTENDED_KEY_USAGE, ASN1_OBJECT)
		96	ASN1_ITEM_TEMPLATE_END(EXTENDED_KEY_USAGE)
107		97
		98	IMPLEMENT_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
108		99
109	static STACK_OF(CONF_VALUE) i2v_ext_ku(X509V3_EXT_METHOD method,	100	static STACK_OF(CONF_VALUE) i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD method,
110	STACK_OF(ASN1_OBJECT) eku, STACK_OF(CONF_VALUE) ext_list)	101	void a, STACK_OF(CONF_VALUE) ext_list)
111	{	102	{
112	int i;	103	EXTENDED_KEY_USAGE *eku = a;
113	ASN1_OBJECT *obj;	104	int i;
114	char obj_tmp[80];	105	ASN1_OBJECT *obj;
115	for(i = 0; i < sk_ASN1_OBJECT_num(eku); i++) {	106	char obj_tmp[80];
116	obj = sk_ASN1_OBJECT_value(eku, i);	107	for(i = 0; i < sk_ASN1_OBJECT_num(eku); i++) {
117	i2t_ASN1_OBJECT(obj_tmp, 80, obj);	108	obj = sk_ASN1_OBJECT_value(eku, i);
118	X509V3_add_value(NULL, obj_tmp, &ext_list);	109	i2t_ASN1_OBJECT(obj_tmp, 80, obj);
119	}	110	X509V3_add_value(NULL, obj_tmp, &ext_list);
120	return ext_list;	111	}
		112	return ext_list;
121	}	113	}
122		114
123	static STACK_OF(ASN1_OBJECT) v2i_ext_ku(X509V3_EXT_METHOD method,	115	static void v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD method,
124	X509V3_CTX ctx, STACK_OF(CONF_VALUE) nval)	116	X509V3_CTX ctx, STACK_OF(CONF_VALUE) nval)
125	{	117	{
126	STACK_OF(ASN1_OBJECT) *extku;	118	EXTENDED_KEY_USAGE *extku;
127	char *extval;	119	char *extval;
128	ASN1_OBJECT *objtmp;	120	ASN1_OBJECT *objtmp;
129	CONF_VALUE *val;	121	CONF_VALUE *val;
130	int i;	122	int i;
131		123
132	if(!(extku = sk_ASN1_OBJECT_new_null())) {	124	if(!(extku = sk_ASN1_OBJECT_new_null())) {
133	X509V3err(X509V3_F_V2I_EXT_KU,ERR_R_MALLOC_FAILURE);	125	X509V3err(X509V3_F_V2I_EXT_KU,ERR_R_MALLOC_FAILURE);
134	return NULL;
135	}
136
137	for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
138	val = sk_CONF_VALUE_value(nval, i);
139	if(val->value) extval = val->value;
140	else extval = val->name;
141	if(!(objtmp = OBJ_txt2obj(extval, 0))) {
142	sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free);
143	X509V3err(X509V3_F_V2I_EXT_KU,X509V3_R_INVALID_OBJECT_IDENTIFIER);
144	X509V3_conf_err(val);
145	return NULL;	126	return NULL;
146	}	127	}
147	sk_ASN1_OBJECT_push(extku, objtmp);	128
148	}	129	for(i = 0; i < sk_CONF_VALUE_num(nval); i++) {
149	return extku;	130	val = sk_CONF_VALUE_value(nval, i);
		131	if(val->value) extval = val->value;
		132	else extval = val->name;
		133	if(!(objtmp = OBJ_txt2obj(extval, 0))) {
		134	sk_ASN1_OBJECT_pop_free(extku, ASN1_OBJECT_free);
		135	X509V3err(X509V3_F_V2I_EXT_KU,X509V3_R_INVALID_OBJECT_IDENTIFIER);
		136	X509V3_conf_err(val);
		137	return NULL;
		138	}
		139	sk_ASN1_OBJECT_push(extku, objtmp);
		140	}
		141	return extku;
150	}	142	}