1 files changed, 37 insertions, 227 deletions
diff --git a/src/lib/libcrypto/x509v3/v3_genn.c b/src/lib/libcrypto/x509v3/v3_genn.c
index d44751458e..650b510980 100644
--- a/src/lib/libcrypto/x509v3/v3_genn.c
+++ b/src/lib/libcrypto/x509v3/v3_genn.c
@@ -59,233 +59,43 @@
 #include <stdio.h>
 #include "cryptlib.h"
-#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
-#include <openssl/asn1_mac.h>
 #include <openssl/conf.h>
 #include <openssl/x509v3.h>
-int i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **pp)
+ASN1_SEQUENCE(OTHERNAME) = {
-{
+        ASN1_SIMPLE(OTHERNAME, type_id, ASN1_OBJECT),
-        unsigned char *p;
+        /* Maybe have a true ANY DEFINED BY later */
-        int ret;
+        ASN1_EXP(OTHERNAME, value, ASN1_ANY, 0)
+} ASN1_SEQUENCE_END(OTHERNAME)
-        ret = 0;
+IMPLEMENT_ASN1_FUNCTIONS(OTHERNAME)
-        /* Save the location of initial TAG */
-        if(pp) p = *pp;
+ASN1_SEQUENCE(EDIPARTYNAME) = {
-        else p = NULL;
+        ASN1_IMP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0),
+        ASN1_IMP_OPT(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1)
-        /* GEN_DNAME needs special treatment because of EXPLICIT tag */
+} ASN1_SEQUENCE_END(EDIPARTYNAME)
-        if(a->type == GEN_DIRNAME) {
+IMPLEMENT_ASN1_FUNCTIONS(EDIPARTYNAME)
-                int v = 0;
-                M_ASN1_I2D_len_EXP_opt(a->d.dirn, i2d_X509_NAME, 4, v);
+ASN1_CHOICE(GENERAL_NAME) = {
-                if(!p) return ret;
+        ASN1_IMP(GENERAL_NAME, d.otherName, OTHERNAME, GEN_OTHERNAME),
-                M_ASN1_I2D_put_EXP_opt(a->d.dirn, i2d_X509_NAME, 4, v);
+        ASN1_IMP(GENERAL_NAME, d.rfc822Name, ASN1_IA5STRING, GEN_EMAIL),
-                *pp = p;
+        ASN1_IMP(GENERAL_NAME, d.dNSName, ASN1_IA5STRING, GEN_DNS),
-                return ret;
+        /* Don't decode this */
-        }
+        ASN1_IMP(GENERAL_NAME, d.x400Address, ASN1_SEQUENCE, GEN_X400),
+        /* X509_NAME is a CHOICE type so use EXPLICIT */
-        switch(a->type) {
+        ASN1_EXP(GENERAL_NAME, d.directoryName, X509_NAME, GEN_DIRNAME),
+        ASN1_IMP(GENERAL_NAME, d.ediPartyName, EDIPARTYNAME, GEN_EDIPARTY),
-                case GEN_X400:
+        ASN1_IMP(GENERAL_NAME, d.uniformResourceIdentifier, ASN1_IA5STRING, GEN_URI),
-                case GEN_EDIPARTY:
+        ASN1_IMP(GENERAL_NAME, d.iPAddress, ASN1_OCTET_STRING, GEN_IPADD),
-                ret = i2d_ASN1_TYPE(a->d.other, pp);
+        ASN1_IMP(GENERAL_NAME, d.registeredID, ASN1_OBJECT, GEN_RID)
-                break;
+} ASN1_CHOICE_END(GENERAL_NAME)
-                case GEN_OTHERNAME:
+IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAME)
-                ret = i2d_OTHERNAME(a->d.otherName, pp);
-                break;
+ASN1_ITEM_TEMPLATE(GENERAL_NAMES) = 
+        ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, GENERAL_NAME)
-                case GEN_EMAIL:
+ASN1_ITEM_TEMPLATE_END(GENERAL_NAMES)
-                case GEN_DNS:
-                case GEN_URI:
+IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAMES)
-                ret = i2d_ASN1_IA5STRING(a->d.ia5, pp);
-                break;
-                case GEN_IPADD:
-                ret = i2d_ASN1_OCTET_STRING(a->d.ip, pp);
-                break;
-        
-                case GEN_RID:
-                ret = i2d_ASN1_OBJECT(a->d.rid, pp);
-                break;
-        }
-        /* Replace TAG with IMPLICIT value */
-        if(p) *p = (*p & V_ASN1_CONSTRUCTED) | a->type;
-        return ret;
-}
-GENERAL_NAME *GENERAL_NAME_new()
-{
-        GENERAL_NAME *ret=NULL;
-        ASN1_CTX c;
-        M_ASN1_New_Malloc(ret, GENERAL_NAME);
-        ret->type = -1;
-        ret->d.ptr = NULL;
-        return (ret);
-        M_ASN1_New_Error(ASN1_F_GENERAL_NAME_NEW);
-}
-GENERAL_NAME *d2i_GENERAL_NAME(GENERAL_NAME **a, unsigned char **pp,
-                                                                 long length)
-{
-        unsigned char _tmp;
-        M_ASN1_D2I_vars(a,GENERAL_NAME *,GENERAL_NAME_new);
-        M_ASN1_D2I_Init();
-        c.slen = length;
-        _tmp = M_ASN1_next;
-        ret->type = _tmp & ~V_ASN1_CONSTRUCTED;
-        switch(ret->type) {
-                /* Just put these in a "blob" for now */
-                case GEN_X400:
-                case GEN_EDIPARTY:
-                M_ASN1_D2I_get_imp(ret->d.other, d2i_ASN1_TYPE,V_ASN1_SEQUENCE);
-                break;
-                case GEN_OTHERNAME:
-                M_ASN1_D2I_get_imp(ret->d.otherName, d2i_OTHERNAME,V_ASN1_SEQUENCE);
-                break;
-                case GEN_EMAIL:
-                case GEN_DNS:
-                case GEN_URI:
-                M_ASN1_D2I_get_imp(ret->d.ia5, d2i_ASN1_IA5STRING,
-                                                        V_ASN1_IA5STRING);
-                break;
-                case GEN_DIRNAME:
-                M_ASN1_D2I_get_EXP_opt(ret->d.dirn, d2i_X509_NAME, 4);
-                break;
-                case GEN_IPADD:
-                M_ASN1_D2I_get_imp(ret->d.ip, d2i_ASN1_OCTET_STRING,
-                                                        V_ASN1_OCTET_STRING);
-                break;
-        
-                case GEN_RID:
-                M_ASN1_D2I_get_imp(ret->d.rid, d2i_ASN1_OBJECT,V_ASN1_OBJECT);
-                break;
-                default:
-                c.error = ASN1_R_BAD_TAG;
-                goto err;
-        }
-        c.slen = 0;
-        M_ASN1_D2I_Finish(a, GENERAL_NAME_free, ASN1_F_D2I_GENERAL_NAME);
-}
-void GENERAL_NAME_free(GENERAL_NAME *a)
-{
-        if (a == NULL) return;
-        switch(a->type) {
-                case GEN_X400:
-                case GEN_EDIPARTY:
-                ASN1_TYPE_free(a->d.other);
-                break;
-                case GEN_OTHERNAME:
-                OTHERNAME_free(a->d.otherName);
-                break;
-                case GEN_EMAIL:
-                case GEN_DNS:
-                case GEN_URI:
-                M_ASN1_IA5STRING_free(a->d.ia5);
-                break;
-                case GEN_DIRNAME:
-                X509_NAME_free(a->d.dirn);
-                break;
-                case GEN_IPADD:
-                M_ASN1_OCTET_STRING_free(a->d.ip);
-                break;
-        
-                case GEN_RID:
-                ASN1_OBJECT_free(a->d.rid);
-                break;
-        }
-        OPENSSL_free (a);
-}
-/* Now the GeneralNames versions: a SEQUENCE OF GeneralName. These are needed as
- * explicit functions.
- */
-STACK_OF(GENERAL_NAME) *GENERAL_NAMES_new()
-{
-        return sk_GENERAL_NAME_new_null();
-}
-void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *a)
-{
-        sk_GENERAL_NAME_pop_free(a, GENERAL_NAME_free);
-}
-STACK_OF(GENERAL_NAME) *d2i_GENERAL_NAMES(STACK_OF(GENERAL_NAME) **a,
-                                         unsigned char **pp, long length)
-{
-return d2i_ASN1_SET_OF_GENERAL_NAME(a, pp, length, d2i_GENERAL_NAME,
-                         GENERAL_NAME_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-}
-int i2d_GENERAL_NAMES(STACK_OF(GENERAL_NAME) *a, unsigned char **pp)
-{
-return i2d_ASN1_SET_OF_GENERAL_NAME(a, pp, i2d_GENERAL_NAME, V_ASN1_SEQUENCE,
-                                                 V_ASN1_UNIVERSAL, IS_SEQUENCE);
-}
-IMPLEMENT_STACK_OF(GENERAL_NAME)
-IMPLEMENT_ASN1_SET_OF(GENERAL_NAME)
-int i2d_OTHERNAME(OTHERNAME *a, unsigned char **pp)
-{
-        int v = 0;
-        M_ASN1_I2D_vars(a);
-        M_ASN1_I2D_len(a->type_id, i2d_ASN1_OBJECT);
-        M_ASN1_I2D_len_EXP_opt(a->value, i2d_ASN1_TYPE, 0, v);
-        M_ASN1_I2D_seq_total();
-        M_ASN1_I2D_put(a->type_id, i2d_ASN1_OBJECT);
-        M_ASN1_I2D_put_EXP_opt(a->value, i2d_ASN1_TYPE, 0, v);
-        M_ASN1_I2D_finish();
-}
-OTHERNAME *OTHERNAME_new(void)
-{
-        OTHERNAME *ret=NULL;
-        ASN1_CTX c;
-        M_ASN1_New_Malloc(ret, OTHERNAME);
-        ret->type_id = OBJ_nid2obj(NID_undef);
-        M_ASN1_New(ret->value, ASN1_TYPE_new);
-        return (ret);
-        M_ASN1_New_Error(ASN1_F_OTHERNAME_NEW);
-}
-OTHERNAME *d2i_OTHERNAME(OTHERNAME **a, unsigned char **pp, long length)
-{
-        M_ASN1_D2I_vars(a,OTHERNAME *,OTHERNAME_new);
-        M_ASN1_D2I_Init();
-        M_ASN1_D2I_start_sequence();
-        M_ASN1_D2I_get(ret->type_id, d2i_ASN1_OBJECT);
-        M_ASN1_D2I_get_EXP_opt(ret->value, d2i_ASN1_TYPE, 0);
-        M_ASN1_D2I_Finish(a, OTHERNAME_free, ASN1_F_D2I_OTHERNAME);
-}
-void OTHERNAME_free(OTHERNAME *a)
-{
-        if (a == NULL) return;
-        ASN1_OBJECT_free(a->type_id);
-        ASN1_TYPE_free(a->value);
-        OPENSSL_free (a);
-}

diff --git a/src/lib/libcrypto/x509v3/v3_genn.c b/src/lib/libcrypto/x509v3/v3_genn.c index d44751458e..650b510980 100644 --- a/src/lib/libcrypto/x509v3/v3_genn.c +++ b/src/lib/libcrypto/x509v3/v3_genn.c
@@ -59,233 +59,43 @@
59		59
60	#include <stdio.h>	60	#include <stdio.h>
61	#include "cryptlib.h"	61	#include "cryptlib.h"
62	#include <openssl/asn1.h>	62	#include <openssl/asn1t.h>
63	#include <openssl/asn1_mac.h>
64	#include <openssl/conf.h>	63	#include <openssl/conf.h>
65	#include <openssl/x509v3.h>	64	#include <openssl/x509v3.h>
66		65
67	int i2d_GENERAL_NAME(GENERAL_NAME a, unsigned char *pp)	66	ASN1_SEQUENCE(OTHERNAME) = {
68	{	67	ASN1_SIMPLE(OTHERNAME, type_id, ASN1_OBJECT),
69	unsigned char *p;	68	/* Maybe have a true ANY DEFINED BY later */
70	int ret;	69	ASN1_EXP(OTHERNAME, value, ASN1_ANY, 0)
71		70	} ASN1_SEQUENCE_END(OTHERNAME)
72	ret = 0;	71
73		72	IMPLEMENT_ASN1_FUNCTIONS(OTHERNAME)
74	/* Save the location of initial TAG */	73
75	if(pp) p = *pp;	74	ASN1_SEQUENCE(EDIPARTYNAME) = {
76	else p = NULL;	75	ASN1_IMP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0),
77		76	ASN1_IMP_OPT(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1)
78	/* GEN_DNAME needs special treatment because of EXPLICIT tag */	77	} ASN1_SEQUENCE_END(EDIPARTYNAME)
79		78
80	if(a->type == GEN_DIRNAME) {	79	IMPLEMENT_ASN1_FUNCTIONS(EDIPARTYNAME)
81	int v = 0;	80
82	M_ASN1_I2D_len_EXP_opt(a->d.dirn, i2d_X509_NAME, 4, v);	81	ASN1_CHOICE(GENERAL_NAME) = {
83	if(!p) return ret;	82	ASN1_IMP(GENERAL_NAME, d.otherName, OTHERNAME, GEN_OTHERNAME),
84	M_ASN1_I2D_put_EXP_opt(a->d.dirn, i2d_X509_NAME, 4, v);	83	ASN1_IMP(GENERAL_NAME, d.rfc822Name, ASN1_IA5STRING, GEN_EMAIL),
85	*pp = p;	84	ASN1_IMP(GENERAL_NAME, d.dNSName, ASN1_IA5STRING, GEN_DNS),
86	return ret;	85	/* Don't decode this */
87	}	86	ASN1_IMP(GENERAL_NAME, d.x400Address, ASN1_SEQUENCE, GEN_X400),
88		87	/* X509_NAME is a CHOICE type so use EXPLICIT */
89	switch(a->type) {	88	ASN1_EXP(GENERAL_NAME, d.directoryName, X509_NAME, GEN_DIRNAME),
90		89	ASN1_IMP(GENERAL_NAME, d.ediPartyName, EDIPARTYNAME, GEN_EDIPARTY),
91	case GEN_X400:	90	ASN1_IMP(GENERAL_NAME, d.uniformResourceIdentifier, ASN1_IA5STRING, GEN_URI),
92	case GEN_EDIPARTY:	91	ASN1_IMP(GENERAL_NAME, d.iPAddress, ASN1_OCTET_STRING, GEN_IPADD),
93	ret = i2d_ASN1_TYPE(a->d.other, pp);	92	ASN1_IMP(GENERAL_NAME, d.registeredID, ASN1_OBJECT, GEN_RID)
94	break;	93	} ASN1_CHOICE_END(GENERAL_NAME)
95		94
96	case GEN_OTHERNAME:	95	IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAME)
97	ret = i2d_OTHERNAME(a->d.otherName, pp);	96
98	break;	97	ASN1_ITEM_TEMPLATE(GENERAL_NAMES) =
99		98	ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, GENERAL_NAME)
100	case GEN_EMAIL:	99	ASN1_ITEM_TEMPLATE_END(GENERAL_NAMES)
101	case GEN_DNS:	100
102	case GEN_URI:	101	IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAMES)
103	ret = i2d_ASN1_IA5STRING(a->d.ia5, pp);
104	break;
105
106	case GEN_IPADD:
107	ret = i2d_ASN1_OCTET_STRING(a->d.ip, pp);
108	break;
109
110	case GEN_RID:
111	ret = i2d_ASN1_OBJECT(a->d.rid, pp);
112	break;
113	}
114	/* Replace TAG with IMPLICIT value */
115	if(p) p = (p & V_ASN1_CONSTRUCTED) \| a->type;
116	return ret;
117	}
118
119	GENERAL_NAME *GENERAL_NAME_new()
120	{
121	GENERAL_NAME *ret=NULL;
122	ASN1_CTX c;
123	M_ASN1_New_Malloc(ret, GENERAL_NAME);
124	ret->type = -1;
125	ret->d.ptr = NULL;
126	return (ret);
127	M_ASN1_New_Error(ASN1_F_GENERAL_NAME_NEW);
128	}
129
130	GENERAL_NAME d2i_GENERAL_NAME(GENERAL_NAME a, unsigned char *pp,
131	long length)
132	{
133	unsigned char _tmp;
134	M_ASN1_D2I_vars(a,GENERAL_NAME *,GENERAL_NAME_new);
135	M_ASN1_D2I_Init();
136	c.slen = length;
137
138	_tmp = M_ASN1_next;
139	ret->type = _tmp & ~V_ASN1_CONSTRUCTED;
140
141	switch(ret->type) {
142	/* Just put these in a "blob" for now */
143	case GEN_X400:
144	case GEN_EDIPARTY:
145	M_ASN1_D2I_get_imp(ret->d.other, d2i_ASN1_TYPE,V_ASN1_SEQUENCE);
146	break;
147
148	case GEN_OTHERNAME:
149	M_ASN1_D2I_get_imp(ret->d.otherName, d2i_OTHERNAME,V_ASN1_SEQUENCE);
150	break;
151
152	case GEN_EMAIL:
153	case GEN_DNS:
154	case GEN_URI:
155	M_ASN1_D2I_get_imp(ret->d.ia5, d2i_ASN1_IA5STRING,
156	V_ASN1_IA5STRING);
157	break;
158
159	case GEN_DIRNAME:
160	M_ASN1_D2I_get_EXP_opt(ret->d.dirn, d2i_X509_NAME, 4);
161	break;
162
163	case GEN_IPADD:
164	M_ASN1_D2I_get_imp(ret->d.ip, d2i_ASN1_OCTET_STRING,
165	V_ASN1_OCTET_STRING);
166	break;
167
168	case GEN_RID:
169	M_ASN1_D2I_get_imp(ret->d.rid, d2i_ASN1_OBJECT,V_ASN1_OBJECT);
170	break;
171
172	default:
173	c.error = ASN1_R_BAD_TAG;
174	goto err;
175	}
176
177	c.slen = 0;
178	M_ASN1_D2I_Finish(a, GENERAL_NAME_free, ASN1_F_D2I_GENERAL_NAME);
179	}
180
181	void GENERAL_NAME_free(GENERAL_NAME *a)
182	{
183	if (a == NULL) return;
184	switch(a->type) {
185	case GEN_X400:
186	case GEN_EDIPARTY:
187	ASN1_TYPE_free(a->d.other);
188	break;
189
190	case GEN_OTHERNAME:
191	OTHERNAME_free(a->d.otherName);
192	break;
193
194	case GEN_EMAIL:
195	case GEN_DNS:
196	case GEN_URI:
197
198	M_ASN1_IA5STRING_free(a->d.ia5);
199	break;
200
201	case GEN_DIRNAME:
202	X509_NAME_free(a->d.dirn);
203	break;
204
205	case GEN_IPADD:
206	M_ASN1_OCTET_STRING_free(a->d.ip);
207	break;
208
209	case GEN_RID:
210	ASN1_OBJECT_free(a->d.rid);
211	break;
212
213	}
214	OPENSSL_free (a);
215	}
216
217	/* Now the GeneralNames versions: a SEQUENCE OF GeneralName. These are needed as
218	* explicit functions.
219	*/
220
221	STACK_OF(GENERAL_NAME) *GENERAL_NAMES_new()
222	{
223	return sk_GENERAL_NAME_new_null();
224	}
225
226	void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *a)
227	{
228	sk_GENERAL_NAME_pop_free(a, GENERAL_NAME_free);
229	}
230
231	STACK_OF(GENERAL_NAME) d2i_GENERAL_NAMES(STACK_OF(GENERAL_NAME) *a,
232	unsigned char **pp, long length)
233	{
234	return d2i_ASN1_SET_OF_GENERAL_NAME(a, pp, length, d2i_GENERAL_NAME,
235	GENERAL_NAME_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
236	}
237
238	int i2d_GENERAL_NAMES(STACK_OF(GENERAL_NAME) a, unsigned char *pp)
239	{
240	return i2d_ASN1_SET_OF_GENERAL_NAME(a, pp, i2d_GENERAL_NAME, V_ASN1_SEQUENCE,
241	V_ASN1_UNIVERSAL, IS_SEQUENCE);
242	}
243
244	IMPLEMENT_STACK_OF(GENERAL_NAME)
245	IMPLEMENT_ASN1_SET_OF(GENERAL_NAME)
246
247	int i2d_OTHERNAME(OTHERNAME a, unsigned char *pp)
248	{
249	int v = 0;
250	M_ASN1_I2D_vars(a);
251
252	M_ASN1_I2D_len(a->type_id, i2d_ASN1_OBJECT);
253	M_ASN1_I2D_len_EXP_opt(a->value, i2d_ASN1_TYPE, 0, v);
254
255	M_ASN1_I2D_seq_total();
256
257	M_ASN1_I2D_put(a->type_id, i2d_ASN1_OBJECT);
258	M_ASN1_I2D_put_EXP_opt(a->value, i2d_ASN1_TYPE, 0, v);
259
260	M_ASN1_I2D_finish();
261	}
262
263	OTHERNAME *OTHERNAME_new(void)
264	{
265	OTHERNAME *ret=NULL;
266	ASN1_CTX c;
267	M_ASN1_New_Malloc(ret, OTHERNAME);
268	ret->type_id = OBJ_nid2obj(NID_undef);
269	M_ASN1_New(ret->value, ASN1_TYPE_new);
270	return (ret);
271	M_ASN1_New_Error(ASN1_F_OTHERNAME_NEW);
272	}
273
274	OTHERNAME d2i_OTHERNAME(OTHERNAME a, unsigned char *pp, long length)
275	{
276	M_ASN1_D2I_vars(a,OTHERNAME *,OTHERNAME_new);
277	M_ASN1_D2I_Init();
278	M_ASN1_D2I_start_sequence();
279	M_ASN1_D2I_get(ret->type_id, d2i_ASN1_OBJECT);
280	M_ASN1_D2I_get_EXP_opt(ret->value, d2i_ASN1_TYPE, 0);
281	M_ASN1_D2I_Finish(a, OTHERNAME_free, ASN1_F_D2I_OTHERNAME);
282	}
283
284	void OTHERNAME_free(OTHERNAME *a)
285	{
286	if (a == NULL) return;
287	ASN1_OBJECT_free(a->type_id);
288	ASN1_TYPE_free(a->value);
289	OPENSSL_free (a);
290	}
291