summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/libcrypto')
-rw-r--r--src/lib/libcrypto/asn1/n_pkey.c78
-rw-r--r--src/lib/libcrypto/asn1/nsseq.c40
-rw-r--r--src/lib/libcrypto/asn1/p5_pbe.c32
-rw-r--r--src/lib/libcrypto/asn1/p5_pbev2.c78
-rw-r--r--src/lib/libcrypto/asn1/p8_pkey.c56
-rw-r--r--src/lib/libcrypto/asn1/x_algor.c32
-rw-r--r--src/lib/libcrypto/asn1/x_crl.c164
-rw-r--r--src/lib/libcrypto/asn1/x_exten.c40
-rw-r--r--src/lib/libcrypto/asn1/x_name.c32
-rw-r--r--src/lib/libcrypto/asn1/x_nx509.c32
-rw-r--r--src/lib/libcrypto/asn1/x_pubkey.c40
-rw-r--r--src/lib/libcrypto/asn1/x_req.c102
-rw-r--r--src/lib/libcrypto/asn1/x_sig.c32
-rw-r--r--src/lib/libcrypto/asn1/x_spki.c70
-rw-r--r--src/lib/libcrypto/asn1/x_val.c32
-rw-r--r--src/lib/libcrypto/asn1/x_x509.c150
-rw-r--r--src/lib/libcrypto/asn1/x_x509a.c86
17 files changed, 950 insertions, 146 deletions
diff --git a/src/lib/libcrypto/asn1/n_pkey.c b/src/lib/libcrypto/asn1/n_pkey.c
index 198ca97c09..8f65a4b926 100644
--- a/src/lib/libcrypto/asn1/n_pkey.c
+++ b/src/lib/libcrypto/asn1/n_pkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: n_pkey.c,v 1.23 2015/02/10 04:01:26 jsing Exp $ */ 1/* $OpenBSD: n_pkey.c,v 1.24 2015/02/11 03:39:51 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -87,10 +87,40 @@ typedef struct netscape_encrypted_pkey_st {
87} NETSCAPE_ENCRYPTED_PKEY; 87} NETSCAPE_ENCRYPTED_PKEY;
88 88
89 89
90ASN1_BROKEN_SEQUENCE(NETSCAPE_ENCRYPTED_PKEY) = { 90static const ASN1_AUX NETSCAPE_ENCRYPTED_PKEY_aux = {
91 ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY, os, ASN1_OCTET_STRING), 91 .app_data = NULL,
92 ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY, enckey, X509_SIG) 92 .flags = ASN1_AFLG_BROKEN,
93} ASN1_BROKEN_SEQUENCE_END(NETSCAPE_ENCRYPTED_PKEY) 93 .ref_offset = 0,
94 .ref_lock = 0,
95 .asn1_cb = NULL,
96 .enc_offset = 0,
97};
98static const ASN1_TEMPLATE NETSCAPE_ENCRYPTED_PKEY_seq_tt[] = {
99 {
100 .flags = 0,
101 .tag = 0,
102 .offset = offsetof(NETSCAPE_ENCRYPTED_PKEY, os),
103 .field_name = "os",
104 .item = &ASN1_OCTET_STRING_it,
105 },
106 {
107 .flags = 0,
108 .tag = 0,
109 .offset = offsetof(NETSCAPE_ENCRYPTED_PKEY, enckey),
110 .field_name = "enckey",
111 .item = &X509_SIG_it,
112 },
113};
114
115const ASN1_ITEM NETSCAPE_ENCRYPTED_PKEY_it = {
116 .itype = ASN1_ITYPE_SEQUENCE,
117 .utype = V_ASN1_SEQUENCE,
118 .templates = NETSCAPE_ENCRYPTED_PKEY_seq_tt,
119 .tcount = sizeof(NETSCAPE_ENCRYPTED_PKEY_seq_tt) / sizeof(ASN1_TEMPLATE),
120 .funcs = &NETSCAPE_ENCRYPTED_PKEY_aux,
121 .size = sizeof(NETSCAPE_ENCRYPTED_PKEY),
122 .sname = "NETSCAPE_ENCRYPTED_PKEY",
123};
94 124
95DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY) 125DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY)
96DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY, NETSCAPE_ENCRYPTED_PKEY) 126DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY, NETSCAPE_ENCRYPTED_PKEY)
@@ -120,11 +150,39 @@ NETSCAPE_ENCRYPTED_PKEY_free(NETSCAPE_ENCRYPTED_PKEY *a)
120 ASN1_item_free((ASN1_VALUE *)a, &NETSCAPE_ENCRYPTED_PKEY_it); 150 ASN1_item_free((ASN1_VALUE *)a, &NETSCAPE_ENCRYPTED_PKEY_it);
121} 151}
122 152
123ASN1_SEQUENCE(NETSCAPE_PKEY) = { 153static const ASN1_TEMPLATE NETSCAPE_PKEY_seq_tt[] = {
124 ASN1_SIMPLE(NETSCAPE_PKEY, version, LONG), 154 {
125 ASN1_SIMPLE(NETSCAPE_PKEY, algor, X509_ALGOR), 155 .flags = 0,
126 ASN1_SIMPLE(NETSCAPE_PKEY, private_key, ASN1_OCTET_STRING) 156 .tag = 0,
127} ASN1_SEQUENCE_END(NETSCAPE_PKEY) 157 .offset = offsetof(NETSCAPE_PKEY, version),
158 .field_name = "version",
159 .item = &LONG_it,
160 },
161 {
162 .flags = 0,
163 .tag = 0,
164 .offset = offsetof(NETSCAPE_PKEY, algor),
165 .field_name = "algor",
166 .item = &X509_ALGOR_it,
167 },
168 {
169 .flags = 0,
170 .tag = 0,
171 .offset = offsetof(NETSCAPE_PKEY, private_key),
172 .field_name = "private_key",
173 .item = &ASN1_OCTET_STRING_it,
174 },
175};
176
177const ASN1_ITEM NETSCAPE_PKEY_it = {
178 .itype = ASN1_ITYPE_SEQUENCE,
179 .utype = V_ASN1_SEQUENCE,
180 .templates = NETSCAPE_PKEY_seq_tt,
181 .tcount = sizeof(NETSCAPE_PKEY_seq_tt) / sizeof(ASN1_TEMPLATE),
182 .funcs = NULL,
183 .size = sizeof(NETSCAPE_PKEY),
184 .sname = "NETSCAPE_PKEY",
185};
128 186
129DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_PKEY) 187DECLARE_ASN1_FUNCTIONS_const(NETSCAPE_PKEY)
130DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_PKEY, NETSCAPE_PKEY) 188DECLARE_ASN1_ENCODE_FUNCTIONS_const(NETSCAPE_PKEY, NETSCAPE_PKEY)
diff --git a/src/lib/libcrypto/asn1/nsseq.c b/src/lib/libcrypto/asn1/nsseq.c
index ceab3992fd..dff9b189d9 100644
--- a/src/lib/libcrypto/asn1/nsseq.c
+++ b/src/lib/libcrypto/asn1/nsseq.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: nsseq.c,v 1.8 2015/02/09 15:05:59 jsing Exp $ */ 1/* $OpenBSD: nsseq.c,v 1.9 2015/02/11 03:39:51 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -75,10 +75,40 @@ nsseq_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
75 75
76/* Netscape certificate sequence structure */ 76/* Netscape certificate sequence structure */
77 77
78ASN1_SEQUENCE_cb(NETSCAPE_CERT_SEQUENCE, nsseq_cb) = { 78static const ASN1_AUX NETSCAPE_CERT_SEQUENCE_aux = {
79 ASN1_SIMPLE(NETSCAPE_CERT_SEQUENCE, type, ASN1_OBJECT), 79 .app_data = NULL,
80 ASN1_EXP_SEQUENCE_OF_OPT(NETSCAPE_CERT_SEQUENCE, certs, X509, 0) 80 .flags = 0,
81} ASN1_SEQUENCE_END_cb(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE) 81 .ref_offset = 0,
82 .ref_lock = 0,
83 .asn1_cb = nsseq_cb,
84 .enc_offset = 0,
85};
86static const ASN1_TEMPLATE NETSCAPE_CERT_SEQUENCE_seq_tt[] = {
87 {
88 .flags = 0,
89 .tag = 0,
90 .offset = offsetof(NETSCAPE_CERT_SEQUENCE, type),
91 .field_name = "type",
92 .item = &ASN1_OBJECT_it,
93 },
94 {
95 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
96 .tag = 0,
97 .offset = offsetof(NETSCAPE_CERT_SEQUENCE, certs),
98 .field_name = "certs",
99 .item = &X509_it,
100 },
101};
102
103const ASN1_ITEM NETSCAPE_CERT_SEQUENCE_it = {
104 .itype = ASN1_ITYPE_SEQUENCE,
105 .utype = V_ASN1_SEQUENCE,
106 .templates = NETSCAPE_CERT_SEQUENCE_seq_tt,
107 .tcount = sizeof(NETSCAPE_CERT_SEQUENCE_seq_tt) / sizeof(ASN1_TEMPLATE),
108 .funcs = &NETSCAPE_CERT_SEQUENCE_aux,
109 .size = sizeof(NETSCAPE_CERT_SEQUENCE),
110 .sname = "NETSCAPE_CERT_SEQUENCE",
111};
82 112
83 113
84NETSCAPE_CERT_SEQUENCE * 114NETSCAPE_CERT_SEQUENCE *
diff --git a/src/lib/libcrypto/asn1/p5_pbe.c b/src/lib/libcrypto/asn1/p5_pbe.c
index 7491a5bdc7..6d08cb28a1 100644
--- a/src/lib/libcrypto/asn1/p5_pbe.c
+++ b/src/lib/libcrypto/asn1/p5_pbe.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p5_pbe.c,v 1.18 2015/02/09 15:05:59 jsing Exp $ */ 1/* $OpenBSD: p5_pbe.c,v 1.19 2015/02/11 03:39:51 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -66,10 +66,32 @@
66 66
67/* PKCS#5 password based encryption structure */ 67/* PKCS#5 password based encryption structure */
68 68
69ASN1_SEQUENCE(PBEPARAM) = { 69static const ASN1_TEMPLATE PBEPARAM_seq_tt[] = {
70 ASN1_SIMPLE(PBEPARAM, salt, ASN1_OCTET_STRING), 70 {
71 ASN1_SIMPLE(PBEPARAM, iter, ASN1_INTEGER) 71 .flags = 0,
72} ASN1_SEQUENCE_END(PBEPARAM) 72 .tag = 0,
73 .offset = offsetof(PBEPARAM, salt),
74 .field_name = "salt",
75 .item = &ASN1_OCTET_STRING_it,
76 },
77 {
78 .flags = 0,
79 .tag = 0,
80 .offset = offsetof(PBEPARAM, iter),
81 .field_name = "iter",
82 .item = &ASN1_INTEGER_it,
83 },
84};
85
86const ASN1_ITEM PBEPARAM_it = {
87 .itype = ASN1_ITYPE_SEQUENCE,
88 .utype = V_ASN1_SEQUENCE,
89 .templates = PBEPARAM_seq_tt,
90 .tcount = sizeof(PBEPARAM_seq_tt) / sizeof(ASN1_TEMPLATE),
91 .funcs = NULL,
92 .size = sizeof(PBEPARAM),
93 .sname = "PBEPARAM",
94};
73 95
74 96
75PBEPARAM * 97PBEPARAM *
diff --git a/src/lib/libcrypto/asn1/p5_pbev2.c b/src/lib/libcrypto/asn1/p5_pbev2.c
index 1189e7e26b..f967f25d3d 100644
--- a/src/lib/libcrypto/asn1/p5_pbev2.c
+++ b/src/lib/libcrypto/asn1/p5_pbev2.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p5_pbev2.c,v 1.19 2015/02/09 15:05:59 jsing Exp $ */ 1/* $OpenBSD: p5_pbev2.c,v 1.20 2015/02/11 03:39:51 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999-2004. 3 * project 1999-2004.
4 */ 4 */
@@ -66,10 +66,32 @@
66 66
67/* PKCS#5 v2.0 password based encryption structures */ 67/* PKCS#5 v2.0 password based encryption structures */
68 68
69ASN1_SEQUENCE(PBE2PARAM) = { 69static const ASN1_TEMPLATE PBE2PARAM_seq_tt[] = {
70 ASN1_SIMPLE(PBE2PARAM, keyfunc, X509_ALGOR), 70 {
71 ASN1_SIMPLE(PBE2PARAM, encryption, X509_ALGOR) 71 .flags = 0,
72} ASN1_SEQUENCE_END(PBE2PARAM) 72 .tag = 0,
73 .offset = offsetof(PBE2PARAM, keyfunc),
74 .field_name = "keyfunc",
75 .item = &X509_ALGOR_it,
76 },
77 {
78 .flags = 0,
79 .tag = 0,
80 .offset = offsetof(PBE2PARAM, encryption),
81 .field_name = "encryption",
82 .item = &X509_ALGOR_it,
83 },
84};
85
86const ASN1_ITEM PBE2PARAM_it = {
87 .itype = ASN1_ITYPE_SEQUENCE,
88 .utype = V_ASN1_SEQUENCE,
89 .templates = PBE2PARAM_seq_tt,
90 .tcount = sizeof(PBE2PARAM_seq_tt) / sizeof(ASN1_TEMPLATE),
91 .funcs = NULL,
92 .size = sizeof(PBE2PARAM),
93 .sname = "PBE2PARAM",
94};
73 95
74 96
75PBE2PARAM * 97PBE2PARAM *
@@ -97,12 +119,46 @@ PBE2PARAM_free(PBE2PARAM *a)
97 ASN1_item_free((ASN1_VALUE *)a, &PBE2PARAM_it); 119 ASN1_item_free((ASN1_VALUE *)a, &PBE2PARAM_it);
98} 120}
99 121
100ASN1_SEQUENCE(PBKDF2PARAM) = { 122static const ASN1_TEMPLATE PBKDF2PARAM_seq_tt[] = {
101 ASN1_SIMPLE(PBKDF2PARAM, salt, ASN1_ANY), 123 {
102 ASN1_SIMPLE(PBKDF2PARAM, iter, ASN1_INTEGER), 124 .flags = 0,
103 ASN1_OPT(PBKDF2PARAM, keylength, ASN1_INTEGER), 125 .tag = 0,
104 ASN1_OPT(PBKDF2PARAM, prf, X509_ALGOR) 126 .offset = offsetof(PBKDF2PARAM, salt),
105} ASN1_SEQUENCE_END(PBKDF2PARAM) 127 .field_name = "salt",
128 .item = &ASN1_ANY_it,
129 },
130 {
131 .flags = 0,
132 .tag = 0,
133 .offset = offsetof(PBKDF2PARAM, iter),
134 .field_name = "iter",
135 .item = &ASN1_INTEGER_it,
136 },
137 {
138 .flags = ASN1_TFLG_OPTIONAL,
139 .tag = 0,
140 .offset = offsetof(PBKDF2PARAM, keylength),
141 .field_name = "keylength",
142 .item = &ASN1_INTEGER_it,
143 },
144 {
145 .flags = ASN1_TFLG_OPTIONAL,
146 .tag = 0,
147 .offset = offsetof(PBKDF2PARAM, prf),
148 .field_name = "prf",
149 .item = &X509_ALGOR_it,
150 },
151};
152
153const ASN1_ITEM PBKDF2PARAM_it = {
154 .itype = ASN1_ITYPE_SEQUENCE,
155 .utype = V_ASN1_SEQUENCE,
156 .templates = PBKDF2PARAM_seq_tt,
157 .tcount = sizeof(PBKDF2PARAM_seq_tt) / sizeof(ASN1_TEMPLATE),
158 .funcs = NULL,
159 .size = sizeof(PBKDF2PARAM),
160 .sname = "PBKDF2PARAM",
161};
106 162
107 163
108PBKDF2PARAM * 164PBKDF2PARAM *
diff --git a/src/lib/libcrypto/asn1/p8_pkey.c b/src/lib/libcrypto/asn1/p8_pkey.c
index f8688ebc17..486aa8d42c 100644
--- a/src/lib/libcrypto/asn1/p8_pkey.c
+++ b/src/lib/libcrypto/asn1/p8_pkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: p8_pkey.c,v 1.13 2015/02/09 15:05:59 jsing Exp $ */ 1/* $OpenBSD: p8_pkey.c,v 1.14 2015/02/11 03:39:51 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -75,12 +75,54 @@ pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
75 return 1; 75 return 1;
76} 76}
77 77
78ASN1_SEQUENCE_cb(PKCS8_PRIV_KEY_INFO, pkey_cb) = { 78static const ASN1_AUX PKCS8_PRIV_KEY_INFO_aux = {
79 ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, version, ASN1_INTEGER), 79 .app_data = NULL,
80 ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkeyalg, X509_ALGOR), 80 .flags = 0,
81 ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkey, ASN1_ANY), 81 .ref_offset = 0,
82 ASN1_IMP_SET_OF_OPT(PKCS8_PRIV_KEY_INFO, attributes, X509_ATTRIBUTE, 0) 82 .ref_lock = 0,
83} ASN1_SEQUENCE_END_cb(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO) 83 .asn1_cb = pkey_cb,
84 .enc_offset = 0,
85};
86static const ASN1_TEMPLATE PKCS8_PRIV_KEY_INFO_seq_tt[] = {
87 {
88 .flags = 0,
89 .tag = 0,
90 .offset = offsetof(PKCS8_PRIV_KEY_INFO, version),
91 .field_name = "version",
92 .item = &ASN1_INTEGER_it,
93 },
94 {
95 .flags = 0,
96 .tag = 0,
97 .offset = offsetof(PKCS8_PRIV_KEY_INFO, pkeyalg),
98 .field_name = "pkeyalg",
99 .item = &X509_ALGOR_it,
100 },
101 {
102 .flags = 0,
103 .tag = 0,
104 .offset = offsetof(PKCS8_PRIV_KEY_INFO, pkey),
105 .field_name = "pkey",
106 .item = &ASN1_ANY_it,
107 },
108 {
109 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
110 .tag = 0,
111 .offset = offsetof(PKCS8_PRIV_KEY_INFO, attributes),
112 .field_name = "attributes",
113 .item = &X509_ATTRIBUTE_it,
114 },
115};
116
117const ASN1_ITEM PKCS8_PRIV_KEY_INFO_it = {
118 .itype = ASN1_ITYPE_SEQUENCE,
119 .utype = V_ASN1_SEQUENCE,
120 .templates = PKCS8_PRIV_KEY_INFO_seq_tt,
121 .tcount = sizeof(PKCS8_PRIV_KEY_INFO_seq_tt) / sizeof(ASN1_TEMPLATE),
122 .funcs = &PKCS8_PRIV_KEY_INFO_aux,
123 .size = sizeof(PKCS8_PRIV_KEY_INFO),
124 .sname = "PKCS8_PRIV_KEY_INFO",
125};
84 126
85 127
86PKCS8_PRIV_KEY_INFO * 128PKCS8_PRIV_KEY_INFO *
diff --git a/src/lib/libcrypto/asn1/x_algor.c b/src/lib/libcrypto/asn1/x_algor.c
index f7cae9499a..c10e114318 100644
--- a/src/lib/libcrypto/asn1/x_algor.c
+++ b/src/lib/libcrypto/asn1/x_algor.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x_algor.c,v 1.18 2015/02/10 08:33:10 jsing Exp $ */ 1/* $OpenBSD: x_algor.c,v 1.19 2015/02/11 03:39:51 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -61,10 +61,32 @@
61#include <openssl/asn1.h> 61#include <openssl/asn1.h>
62#include <openssl/asn1t.h> 62#include <openssl/asn1t.h>
63 63
64ASN1_SEQUENCE(X509_ALGOR) = { 64static const ASN1_TEMPLATE X509_ALGOR_seq_tt[] = {
65 ASN1_SIMPLE(X509_ALGOR, algorithm, ASN1_OBJECT), 65 {
66 ASN1_OPT(X509_ALGOR, parameter, ASN1_ANY) 66 .flags = 0,
67} ASN1_SEQUENCE_END(X509_ALGOR) 67 .tag = 0,
68 .offset = offsetof(X509_ALGOR, algorithm),
69 .field_name = "algorithm",
70 .item = &ASN1_OBJECT_it,
71 },
72 {
73 .flags = ASN1_TFLG_OPTIONAL,
74 .tag = 0,
75 .offset = offsetof(X509_ALGOR, parameter),
76 .field_name = "parameter",
77 .item = &ASN1_ANY_it,
78 },
79};
80
81const ASN1_ITEM X509_ALGOR_it = {
82 .itype = ASN1_ITYPE_SEQUENCE,
83 .utype = V_ASN1_SEQUENCE,
84 .templates = X509_ALGOR_seq_tt,
85 .tcount = sizeof(X509_ALGOR_seq_tt) / sizeof(ASN1_TEMPLATE),
86 .funcs = NULL,
87 .size = sizeof(X509_ALGOR),
88 .sname = "X509_ALGOR",
89};
68 90
69ASN1_ITEM_TEMPLATE(X509_ALGORS) = 91ASN1_ITEM_TEMPLATE(X509_ALGORS) =
70 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, algorithms, X509_ALGOR) 92 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, algorithms, X509_ALGOR)
diff --git a/src/lib/libcrypto/asn1/x_crl.c b/src/lib/libcrypto/asn1/x_crl.c
index 536aa74e00..338a784189 100644
--- a/src/lib/libcrypto/asn1/x_crl.c
+++ b/src/lib/libcrypto/asn1/x_crl.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x_crl.c,v 1.22 2015/02/10 08:33:10 jsing Exp $ */ 1/* $OpenBSD: x_crl.c,v 1.23 2015/02/11 03:39:51 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -71,11 +71,39 @@ static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
71 const X509_REVOKED * const *b); 71 const X509_REVOKED * const *b);
72static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp); 72static void setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp);
73 73
74ASN1_SEQUENCE(X509_REVOKED) = { 74static const ASN1_TEMPLATE X509_REVOKED_seq_tt[] = {
75 ASN1_SIMPLE(X509_REVOKED, serialNumber, ASN1_INTEGER), 75 {
76 ASN1_SIMPLE(X509_REVOKED, revocationDate, ASN1_TIME), 76 .flags = 0,
77 ASN1_SEQUENCE_OF_OPT(X509_REVOKED, extensions, X509_EXTENSION) 77 .tag = 0,
78} ASN1_SEQUENCE_END(X509_REVOKED) 78 .offset = offsetof(X509_REVOKED, serialNumber),
79 .field_name = "serialNumber",
80 .item = &ASN1_INTEGER_it,
81 },
82 {
83 .flags = 0,
84 .tag = 0,
85 .offset = offsetof(X509_REVOKED, revocationDate),
86 .field_name = "revocationDate",
87 .item = &ASN1_TIME_it,
88 },
89 {
90 .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
91 .tag = 0,
92 .offset = offsetof(X509_REVOKED, extensions),
93 .field_name = "extensions",
94 .item = &X509_EXTENSION_it,
95 },
96};
97
98const ASN1_ITEM X509_REVOKED_it = {
99 .itype = ASN1_ITYPE_SEQUENCE,
100 .utype = V_ASN1_SEQUENCE,
101 .templates = X509_REVOKED_seq_tt,
102 .tcount = sizeof(X509_REVOKED_seq_tt) / sizeof(ASN1_TEMPLATE),
103 .funcs = NULL,
104 .size = sizeof(X509_REVOKED),
105 .sname = "X509_REVOKED",
106};
79 107
80static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r); 108static int def_crl_verify(X509_CRL *crl, EVP_PKEY *r);
81static int def_crl_lookup(X509_CRL *crl, X509_REVOKED **ret, 109static int def_crl_lookup(X509_CRL *crl, X509_REVOKED **ret,
@@ -111,15 +139,75 @@ crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
111} 139}
112 140
113 141
114ASN1_SEQUENCE_enc(X509_CRL_INFO, enc, crl_inf_cb) = { 142static const ASN1_AUX X509_CRL_INFO_aux = {
115 ASN1_OPT(X509_CRL_INFO, version, ASN1_INTEGER), 143 .app_data = NULL,
116 ASN1_SIMPLE(X509_CRL_INFO, sig_alg, X509_ALGOR), 144 .flags = ASN1_AFLG_ENCODING,
117 ASN1_SIMPLE(X509_CRL_INFO, issuer, X509_NAME), 145 .ref_offset = 0,
118 ASN1_SIMPLE(X509_CRL_INFO, lastUpdate, ASN1_TIME), 146 .ref_lock = 0,
119 ASN1_OPT(X509_CRL_INFO, nextUpdate, ASN1_TIME), 147 .asn1_cb = crl_inf_cb,
120 ASN1_SEQUENCE_OF_OPT(X509_CRL_INFO, revoked, X509_REVOKED), 148 .enc_offset = offsetof(X509_CRL_INFO, enc),
121 ASN1_EXP_SEQUENCE_OF_OPT(X509_CRL_INFO, extensions, X509_EXTENSION, 0) 149};
122} ASN1_SEQUENCE_END_enc(X509_CRL_INFO, X509_CRL_INFO) 150static const ASN1_TEMPLATE X509_CRL_INFO_seq_tt[] = {
151 {
152 .flags = ASN1_TFLG_OPTIONAL,
153 .tag = 0,
154 .offset = offsetof(X509_CRL_INFO, version),
155 .field_name = "version",
156 .item = &ASN1_INTEGER_it,
157 },
158 {
159 .flags = 0,
160 .tag = 0,
161 .offset = offsetof(X509_CRL_INFO, sig_alg),
162 .field_name = "sig_alg",
163 .item = &X509_ALGOR_it,
164 },
165 {
166 .flags = 0,
167 .tag = 0,
168 .offset = offsetof(X509_CRL_INFO, issuer),
169 .field_name = "issuer",
170 .item = &X509_NAME_it,
171 },
172 {
173 .flags = 0,
174 .tag = 0,
175 .offset = offsetof(X509_CRL_INFO, lastUpdate),
176 .field_name = "lastUpdate",
177 .item = &ASN1_TIME_it,
178 },
179 {
180 .flags = ASN1_TFLG_OPTIONAL,
181 .tag = 0,
182 .offset = offsetof(X509_CRL_INFO, nextUpdate),
183 .field_name = "nextUpdate",
184 .item = &ASN1_TIME_it,
185 },
186 {
187 .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
188 .tag = 0,
189 .offset = offsetof(X509_CRL_INFO, revoked),
190 .field_name = "revoked",
191 .item = &X509_REVOKED_it,
192 },
193 {
194 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
195 .tag = 0,
196 .offset = offsetof(X509_CRL_INFO, extensions),
197 .field_name = "extensions",
198 .item = &X509_EXTENSION_it,
199 },
200};
201
202const ASN1_ITEM X509_CRL_INFO_it = {
203 .itype = ASN1_ITYPE_SEQUENCE,
204 .utype = V_ASN1_SEQUENCE,
205 .templates = X509_CRL_INFO_seq_tt,
206 .tcount = sizeof(X509_CRL_INFO_seq_tt) / sizeof(ASN1_TEMPLATE),
207 .funcs = &X509_CRL_INFO_aux,
208 .size = sizeof(X509_CRL_INFO),
209 .sname = "X509_CRL_INFO",
210};
123 211
124/* Set CRL entry issuer according to CRL certificate issuer extension. 212/* Set CRL entry issuer according to CRL certificate issuer extension.
125 * Check for unhandled critical CRL entry extensions. 213 * Check for unhandled critical CRL entry extensions.
@@ -331,11 +419,47 @@ setup_idp(X509_CRL *crl, ISSUING_DIST_POINT *idp)
331 DIST_POINT_set_dpname(idp->distpoint, X509_CRL_get_issuer(crl)); 419 DIST_POINT_set_dpname(idp->distpoint, X509_CRL_get_issuer(crl));
332} 420}
333 421
334ASN1_SEQUENCE_ref(X509_CRL, crl_cb, CRYPTO_LOCK_X509_CRL) = { 422static const ASN1_AUX X509_CRL_aux = {
335 ASN1_SIMPLE(X509_CRL, crl, X509_CRL_INFO), 423 .app_data = NULL,
336 ASN1_SIMPLE(X509_CRL, sig_alg, X509_ALGOR), 424 .flags = ASN1_AFLG_REFCOUNT,
337 ASN1_SIMPLE(X509_CRL, signature, ASN1_BIT_STRING) 425 .ref_offset = offsetof(X509_CRL, references),
338} ASN1_SEQUENCE_END_ref(X509_CRL, X509_CRL) 426 .ref_lock = CRYPTO_LOCK_X509_CRL,
427 .asn1_cb = crl_cb,
428 .enc_offset = 0,
429};
430static const ASN1_TEMPLATE X509_CRL_seq_tt[] = {
431 {
432 .flags = 0,
433 .tag = 0,
434 .offset = offsetof(X509_CRL, crl),
435 .field_name = "crl",
436 .item = &X509_CRL_INFO_it,
437 },
438 {
439 .flags = 0,
440 .tag = 0,
441 .offset = offsetof(X509_CRL, sig_alg),
442 .field_name = "sig_alg",
443 .item = &X509_ALGOR_it,
444 },
445 {
446 .flags = 0,
447 .tag = 0,
448 .offset = offsetof(X509_CRL, signature),
449 .field_name = "signature",
450 .item = &ASN1_BIT_STRING_it,
451 },
452};
453
454const ASN1_ITEM X509_CRL_it = {
455 .itype = ASN1_ITYPE_SEQUENCE,
456 .utype = V_ASN1_SEQUENCE,
457 .templates = X509_CRL_seq_tt,
458 .tcount = sizeof(X509_CRL_seq_tt) / sizeof(ASN1_TEMPLATE),
459 .funcs = &X509_CRL_aux,
460 .size = sizeof(X509_CRL),
461 .sname = "X509_CRL",
462};
339 463
340 464
341X509_REVOKED * 465X509_REVOKED *
diff --git a/src/lib/libcrypto/asn1/x_exten.c b/src/lib/libcrypto/asn1/x_exten.c
index 755faebeba..6f82a71d68 100644
--- a/src/lib/libcrypto/asn1/x_exten.c
+++ b/src/lib/libcrypto/asn1/x_exten.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x_exten.c,v 1.13 2015/02/10 06:36:30 jsing Exp $ */ 1/* $OpenBSD: x_exten.c,v 1.14 2015/02/11 03:39:51 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -61,11 +61,39 @@
61#include <openssl/asn1.h> 61#include <openssl/asn1.h>
62#include <openssl/asn1t.h> 62#include <openssl/asn1t.h>
63 63
64ASN1_SEQUENCE(X509_EXTENSION) = { 64static const ASN1_TEMPLATE X509_EXTENSION_seq_tt[] = {
65 ASN1_SIMPLE(X509_EXTENSION, object, ASN1_OBJECT), 65 {
66 ASN1_OPT(X509_EXTENSION, critical, ASN1_BOOLEAN), 66 .flags = 0,
67 ASN1_SIMPLE(X509_EXTENSION, value, ASN1_OCTET_STRING) 67 .tag = 0,
68} ASN1_SEQUENCE_END(X509_EXTENSION) 68 .offset = offsetof(X509_EXTENSION, object),
69 .field_name = "object",
70 .item = &ASN1_OBJECT_it,
71 },
72 {
73 .flags = ASN1_TFLG_OPTIONAL,
74 .tag = 0,
75 .offset = offsetof(X509_EXTENSION, critical),
76 .field_name = "critical",
77 .item = &ASN1_BOOLEAN_it,
78 },
79 {
80 .flags = 0,
81 .tag = 0,
82 .offset = offsetof(X509_EXTENSION, value),
83 .field_name = "value",
84 .item = &ASN1_OCTET_STRING_it,
85 },
86};
87
88const ASN1_ITEM X509_EXTENSION_it = {
89 .itype = ASN1_ITYPE_SEQUENCE,
90 .utype = V_ASN1_SEQUENCE,
91 .templates = X509_EXTENSION_seq_tt,
92 .tcount = sizeof(X509_EXTENSION_seq_tt) / sizeof(ASN1_TEMPLATE),
93 .funcs = NULL,
94 .size = sizeof(X509_EXTENSION),
95 .sname = "X509_EXTENSION",
96};
69 97
70ASN1_ITEM_TEMPLATE(X509_EXTENSIONS) = 98ASN1_ITEM_TEMPLATE(X509_EXTENSIONS) =
71 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Extension, X509_EXTENSION) 99 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Extension, X509_EXTENSION)
diff --git a/src/lib/libcrypto/asn1/x_name.c b/src/lib/libcrypto/asn1/x_name.c
index a985cf19ce..d6d5bea369 100644
--- a/src/lib/libcrypto/asn1/x_name.c
+++ b/src/lib/libcrypto/asn1/x_name.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x_name.c,v 1.24 2015/02/10 08:33:10 jsing Exp $ */ 1/* $OpenBSD: x_name.c,v 1.25 2015/02/11 03:39:51 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -87,10 +87,32 @@ static int i2d_name_canon(STACK_OF(STACK_OF_X509_NAME_ENTRY) *intname,
87static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval, int indent, 87static int x509_name_ex_print(BIO *out, ASN1_VALUE **pval, int indent,
88 const char *fname, const ASN1_PCTX *pctx); 88 const char *fname, const ASN1_PCTX *pctx);
89 89
90ASN1_SEQUENCE(X509_NAME_ENTRY) = { 90static const ASN1_TEMPLATE X509_NAME_ENTRY_seq_tt[] = {
91 ASN1_SIMPLE(X509_NAME_ENTRY, object, ASN1_OBJECT), 91 {
92 ASN1_SIMPLE(X509_NAME_ENTRY, value, ASN1_PRINTABLE) 92 .flags = 0,
93} ASN1_SEQUENCE_END(X509_NAME_ENTRY) 93 .tag = 0,
94 .offset = offsetof(X509_NAME_ENTRY, object),
95 .field_name = "object",
96 .item = &ASN1_OBJECT_it,
97 },
98 {
99 .flags = 0,
100 .tag = 0,
101 .offset = offsetof(X509_NAME_ENTRY, value),
102 .field_name = "value",
103 .item = &ASN1_PRINTABLE_it,
104 },
105};
106
107const ASN1_ITEM X509_NAME_ENTRY_it = {
108 .itype = ASN1_ITYPE_SEQUENCE,
109 .utype = V_ASN1_SEQUENCE,
110 .templates = X509_NAME_ENTRY_seq_tt,
111 .tcount = sizeof(X509_NAME_ENTRY_seq_tt) / sizeof(ASN1_TEMPLATE),
112 .funcs = NULL,
113 .size = sizeof(X509_NAME_ENTRY),
114 .sname = "X509_NAME_ENTRY",
115};
94 116
95 117
96X509_NAME_ENTRY * 118X509_NAME_ENTRY *
diff --git a/src/lib/libcrypto/asn1/x_nx509.c b/src/lib/libcrypto/asn1/x_nx509.c
index 9738560c19..f36f1d9eca 100644
--- a/src/lib/libcrypto/asn1/x_nx509.c
+++ b/src/lib/libcrypto/asn1/x_nx509.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x_nx509.c,v 1.4 2015/02/09 15:05:59 jsing Exp $ */ 1/* $OpenBSD: x_nx509.c,v 1.5 2015/02/11 03:39:51 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2005. 3 * project 2005.
4 */ 4 */
@@ -63,10 +63,32 @@
63 63
64/* Old netscape certificate wrapper format */ 64/* Old netscape certificate wrapper format */
65 65
66ASN1_SEQUENCE(NETSCAPE_X509) = { 66static const ASN1_TEMPLATE NETSCAPE_X509_seq_tt[] = {
67 ASN1_SIMPLE(NETSCAPE_X509, header, ASN1_OCTET_STRING), 67 {
68 ASN1_OPT(NETSCAPE_X509, cert, X509) 68 .flags = 0,
69} ASN1_SEQUENCE_END(NETSCAPE_X509) 69 .tag = 0,
70 .offset = offsetof(NETSCAPE_X509, header),
71 .field_name = "header",
72 .item = &ASN1_OCTET_STRING_it,
73 },
74 {
75 .flags = ASN1_TFLG_OPTIONAL,
76 .tag = 0,
77 .offset = offsetof(NETSCAPE_X509, cert),
78 .field_name = "cert",
79 .item = &X509_it,
80 },
81};
82
83const ASN1_ITEM NETSCAPE_X509_it = {
84 .itype = ASN1_ITYPE_SEQUENCE,
85 .utype = V_ASN1_SEQUENCE,
86 .templates = NETSCAPE_X509_seq_tt,
87 .tcount = sizeof(NETSCAPE_X509_seq_tt) / sizeof(ASN1_TEMPLATE),
88 .funcs = NULL,
89 .size = sizeof(NETSCAPE_X509),
90 .sname = "NETSCAPE_X509",
91};
70 92
71 93
72NETSCAPE_X509 * 94NETSCAPE_X509 *
diff --git a/src/lib/libcrypto/asn1/x_pubkey.c b/src/lib/libcrypto/asn1/x_pubkey.c
index 0c7d01e60d..55084182cc 100644
--- a/src/lib/libcrypto/asn1/x_pubkey.c
+++ b/src/lib/libcrypto/asn1/x_pubkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x_pubkey.c,v 1.23 2015/02/09 15:05:59 jsing Exp $ */ 1/* $OpenBSD: x_pubkey.c,v 1.24 2015/02/11 03:39:51 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -84,10 +84,40 @@ pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
84 return 1; 84 return 1;
85} 85}
86 86
87ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = { 87static const ASN1_AUX X509_PUBKEY_aux = {
88 ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR), 88 .app_data = NULL,
89 ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING) 89 .flags = 0,
90} ASN1_SEQUENCE_END_cb(X509_PUBKEY, X509_PUBKEY) 90 .ref_offset = 0,
91 .ref_lock = 0,
92 .asn1_cb = pubkey_cb,
93 .enc_offset = 0,
94};
95static const ASN1_TEMPLATE X509_PUBKEY_seq_tt[] = {
96 {
97 .flags = 0,
98 .tag = 0,
99 .offset = offsetof(X509_PUBKEY, algor),
100 .field_name = "algor",
101 .item = &X509_ALGOR_it,
102 },
103 {
104 .flags = 0,
105 .tag = 0,
106 .offset = offsetof(X509_PUBKEY, public_key),
107 .field_name = "public_key",
108 .item = &ASN1_BIT_STRING_it,
109 },
110};
111
112const ASN1_ITEM X509_PUBKEY_it = {
113 .itype = ASN1_ITYPE_SEQUENCE,
114 .utype = V_ASN1_SEQUENCE,
115 .templates = X509_PUBKEY_seq_tt,
116 .tcount = sizeof(X509_PUBKEY_seq_tt) / sizeof(ASN1_TEMPLATE),
117 .funcs = &X509_PUBKEY_aux,
118 .size = sizeof(X509_PUBKEY),
119 .sname = "X509_PUBKEY",
120};
91 121
92 122
93X509_PUBKEY * 123X509_PUBKEY *
diff --git a/src/lib/libcrypto/asn1/x_req.c b/src/lib/libcrypto/asn1/x_req.c
index 6ffcb9d03c..5e8aa21b0d 100644
--- a/src/lib/libcrypto/asn1/x_req.c
+++ b/src/lib/libcrypto/asn1/x_req.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x_req.c,v 1.13 2015/02/10 05:25:45 jsing Exp $ */ 1/* $OpenBSD: x_req.c,v 1.14 2015/02/11 03:39:51 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -92,15 +92,57 @@ rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
92 return 1; 92 return 1;
93} 93}
94 94
95ASN1_SEQUENCE_enc(X509_REQ_INFO, enc, rinf_cb) = { 95static const ASN1_AUX X509_REQ_INFO_aux = {
96 ASN1_SIMPLE(X509_REQ_INFO, version, ASN1_INTEGER), 96 .app_data = NULL,
97 ASN1_SIMPLE(X509_REQ_INFO, subject, X509_NAME), 97 .flags = ASN1_AFLG_ENCODING,
98 ASN1_SIMPLE(X509_REQ_INFO, pubkey, X509_PUBKEY), 98 .ref_offset = 0,
99 .ref_lock = 0,
100 .asn1_cb = rinf_cb,
101 .enc_offset = offsetof(X509_REQ_INFO, enc),
102};
103static const ASN1_TEMPLATE X509_REQ_INFO_seq_tt[] = {
104 {
105 .flags = 0,
106 .tag = 0,
107 .offset = offsetof(X509_REQ_INFO, version),
108 .field_name = "version",
109 .item = &ASN1_INTEGER_it,
110 },
111 {
112 .flags = 0,
113 .tag = 0,
114 .offset = offsetof(X509_REQ_INFO, subject),
115 .field_name = "subject",
116 .item = &X509_NAME_it,
117 },
118 {
119 .flags = 0,
120 .tag = 0,
121 .offset = offsetof(X509_REQ_INFO, pubkey),
122 .field_name = "pubkey",
123 .item = &X509_PUBKEY_it,
124 },
99 /* This isn't really OPTIONAL but it gets round invalid 125 /* This isn't really OPTIONAL but it gets round invalid
100 * encodings 126 * encodings
101 */ 127 */
102 ASN1_IMP_SET_OF_OPT(X509_REQ_INFO, attributes, X509_ATTRIBUTE, 0) 128 {
103} ASN1_SEQUENCE_END_enc(X509_REQ_INFO, X509_REQ_INFO) 129 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
130 .tag = 0,
131 .offset = offsetof(X509_REQ_INFO, attributes),
132 .field_name = "attributes",
133 .item = &X509_ATTRIBUTE_it,
134 },
135};
136
137const ASN1_ITEM X509_REQ_INFO_it = {
138 .itype = ASN1_ITYPE_SEQUENCE,
139 .utype = V_ASN1_SEQUENCE,
140 .templates = X509_REQ_INFO_seq_tt,
141 .tcount = sizeof(X509_REQ_INFO_seq_tt) / sizeof(ASN1_TEMPLATE),
142 .funcs = &X509_REQ_INFO_aux,
143 .size = sizeof(X509_REQ_INFO),
144 .sname = "X509_REQ_INFO",
145};
104 146
105 147
106X509_REQ_INFO * 148X509_REQ_INFO *
@@ -128,11 +170,47 @@ X509_REQ_INFO_free(X509_REQ_INFO *a)
128 ASN1_item_free((ASN1_VALUE *)a, &X509_REQ_INFO_it); 170 ASN1_item_free((ASN1_VALUE *)a, &X509_REQ_INFO_it);
129} 171}
130 172
131ASN1_SEQUENCE_ref(X509_REQ, 0, CRYPTO_LOCK_X509_REQ) = { 173static const ASN1_AUX X509_REQ_aux = {
132 ASN1_SIMPLE(X509_REQ, req_info, X509_REQ_INFO), 174 .app_data = NULL,
133 ASN1_SIMPLE(X509_REQ, sig_alg, X509_ALGOR), 175 .flags = ASN1_AFLG_REFCOUNT,
134 ASN1_SIMPLE(X509_REQ, signature, ASN1_BIT_STRING) 176 .ref_offset = offsetof(X509_REQ, references),
135} ASN1_SEQUENCE_END_ref(X509_REQ, X509_REQ) 177 .ref_lock = CRYPTO_LOCK_X509_REQ,
178 .asn1_cb = 0,
179 .enc_offset = 0,
180};
181static const ASN1_TEMPLATE X509_REQ_seq_tt[] = {
182 {
183 .flags = 0,
184 .tag = 0,
185 .offset = offsetof(X509_REQ, req_info),
186 .field_name = "req_info",
187 .item = &X509_REQ_INFO_it,
188 },
189 {
190 .flags = 0,
191 .tag = 0,
192 .offset = offsetof(X509_REQ, sig_alg),
193 .field_name = "sig_alg",
194 .item = &X509_ALGOR_it,
195 },
196 {
197 .flags = 0,
198 .tag = 0,
199 .offset = offsetof(X509_REQ, signature),
200 .field_name = "signature",
201 .item = &ASN1_BIT_STRING_it,
202 },
203};
204
205const ASN1_ITEM X509_REQ_it = {
206 .itype = ASN1_ITYPE_SEQUENCE,
207 .utype = V_ASN1_SEQUENCE,
208 .templates = X509_REQ_seq_tt,
209 .tcount = sizeof(X509_REQ_seq_tt) / sizeof(ASN1_TEMPLATE),
210 .funcs = &X509_REQ_aux,
211 .size = sizeof(X509_REQ),
212 .sname = "X509_REQ",
213};
136 214
137 215
138X509_REQ * 216X509_REQ *
diff --git a/src/lib/libcrypto/asn1/x_sig.c b/src/lib/libcrypto/asn1/x_sig.c
index 7c4c8c9c55..090a454ffb 100644
--- a/src/lib/libcrypto/asn1/x_sig.c
+++ b/src/lib/libcrypto/asn1/x_sig.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x_sig.c,v 1.9 2015/02/09 15:05:59 jsing Exp $ */ 1/* $OpenBSD: x_sig.c,v 1.10 2015/02/11 03:39:51 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -61,10 +61,32 @@
61#include <openssl/asn1t.h> 61#include <openssl/asn1t.h>
62#include <openssl/x509.h> 62#include <openssl/x509.h>
63 63
64ASN1_SEQUENCE(X509_SIG) = { 64static const ASN1_TEMPLATE X509_SIG_seq_tt[] = {
65 ASN1_SIMPLE(X509_SIG, algor, X509_ALGOR), 65 {
66 ASN1_SIMPLE(X509_SIG, digest, ASN1_OCTET_STRING) 66 .flags = 0,
67} ASN1_SEQUENCE_END(X509_SIG) 67 .tag = 0,
68 .offset = offsetof(X509_SIG, algor),
69 .field_name = "algor",
70 .item = &X509_ALGOR_it,
71 },
72 {
73 .flags = 0,
74 .tag = 0,
75 .offset = offsetof(X509_SIG, digest),
76 .field_name = "digest",
77 .item = &ASN1_OCTET_STRING_it,
78 },
79};
80
81const ASN1_ITEM X509_SIG_it = {
82 .itype = ASN1_ITYPE_SEQUENCE,
83 .utype = V_ASN1_SEQUENCE,
84 .templates = X509_SIG_seq_tt,
85 .tcount = sizeof(X509_SIG_seq_tt) / sizeof(ASN1_TEMPLATE),
86 .funcs = NULL,
87 .size = sizeof(X509_SIG),
88 .sname = "X509_SIG",
89};
68 90
69 91
70X509_SIG * 92X509_SIG *
diff --git a/src/lib/libcrypto/asn1/x_spki.c b/src/lib/libcrypto/asn1/x_spki.c
index fc056ff53b..6250c1343b 100644
--- a/src/lib/libcrypto/asn1/x_spki.c
+++ b/src/lib/libcrypto/asn1/x_spki.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x_spki.c,v 1.9 2015/02/09 15:05:59 jsing Exp $ */ 1/* $OpenBSD: x_spki.c,v 1.10 2015/02/11 03:39:51 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -65,10 +65,32 @@
65#include <openssl/x509.h> 65#include <openssl/x509.h>
66#include <openssl/asn1t.h> 66#include <openssl/asn1t.h>
67 67
68ASN1_SEQUENCE(NETSCAPE_SPKAC) = { 68static const ASN1_TEMPLATE NETSCAPE_SPKAC_seq_tt[] = {
69 ASN1_SIMPLE(NETSCAPE_SPKAC, pubkey, X509_PUBKEY), 69 {
70 ASN1_SIMPLE(NETSCAPE_SPKAC, challenge, ASN1_IA5STRING) 70 .flags = 0,
71} ASN1_SEQUENCE_END(NETSCAPE_SPKAC) 71 .tag = 0,
72 .offset = offsetof(NETSCAPE_SPKAC, pubkey),
73 .field_name = "pubkey",
74 .item = &X509_PUBKEY_it,
75 },
76 {
77 .flags = 0,
78 .tag = 0,
79 .offset = offsetof(NETSCAPE_SPKAC, challenge),
80 .field_name = "challenge",
81 .item = &ASN1_IA5STRING_it,
82 },
83};
84
85const ASN1_ITEM NETSCAPE_SPKAC_it = {
86 .itype = ASN1_ITYPE_SEQUENCE,
87 .utype = V_ASN1_SEQUENCE,
88 .templates = NETSCAPE_SPKAC_seq_tt,
89 .tcount = sizeof(NETSCAPE_SPKAC_seq_tt) / sizeof(ASN1_TEMPLATE),
90 .funcs = NULL,
91 .size = sizeof(NETSCAPE_SPKAC),
92 .sname = "NETSCAPE_SPKAC",
93};
72 94
73 95
74NETSCAPE_SPKAC * 96NETSCAPE_SPKAC *
@@ -96,11 +118,39 @@ NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a)
96 ASN1_item_free((ASN1_VALUE *)a, &NETSCAPE_SPKAC_it); 118 ASN1_item_free((ASN1_VALUE *)a, &NETSCAPE_SPKAC_it);
97} 119}
98 120
99ASN1_SEQUENCE(NETSCAPE_SPKI) = { 121static const ASN1_TEMPLATE NETSCAPE_SPKI_seq_tt[] = {
100 ASN1_SIMPLE(NETSCAPE_SPKI, spkac, NETSCAPE_SPKAC), 122 {
101 ASN1_SIMPLE(NETSCAPE_SPKI, sig_algor, X509_ALGOR), 123 .flags = 0,
102 ASN1_SIMPLE(NETSCAPE_SPKI, signature, ASN1_BIT_STRING) 124 .tag = 0,
103} ASN1_SEQUENCE_END(NETSCAPE_SPKI) 125 .offset = offsetof(NETSCAPE_SPKI, spkac),
126 .field_name = "spkac",
127 .item = &NETSCAPE_SPKAC_it,
128 },
129 {
130 .flags = 0,
131 .tag = 0,
132 .offset = offsetof(NETSCAPE_SPKI, sig_algor),
133 .field_name = "sig_algor",
134 .item = &X509_ALGOR_it,
135 },
136 {
137 .flags = 0,
138 .tag = 0,
139 .offset = offsetof(NETSCAPE_SPKI, signature),
140 .field_name = "signature",
141 .item = &ASN1_BIT_STRING_it,
142 },
143};
144
145const ASN1_ITEM NETSCAPE_SPKI_it = {
146 .itype = ASN1_ITYPE_SEQUENCE,
147 .utype = V_ASN1_SEQUENCE,
148 .templates = NETSCAPE_SPKI_seq_tt,
149 .tcount = sizeof(NETSCAPE_SPKI_seq_tt) / sizeof(ASN1_TEMPLATE),
150 .funcs = NULL,
151 .size = sizeof(NETSCAPE_SPKI),
152 .sname = "NETSCAPE_SPKI",
153};
104 154
105 155
106NETSCAPE_SPKI * 156NETSCAPE_SPKI *
diff --git a/src/lib/libcrypto/asn1/x_val.c b/src/lib/libcrypto/asn1/x_val.c
index 27835e94da..3f1d830d3e 100644
--- a/src/lib/libcrypto/asn1/x_val.c
+++ b/src/lib/libcrypto/asn1/x_val.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x_val.c,v 1.9 2015/02/09 15:05:59 jsing Exp $ */ 1/* $OpenBSD: x_val.c,v 1.10 2015/02/11 03:39:51 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -61,10 +61,32 @@
61#include <openssl/asn1t.h> 61#include <openssl/asn1t.h>
62#include <openssl/x509.h> 62#include <openssl/x509.h>
63 63
64ASN1_SEQUENCE(X509_VAL) = { 64static const ASN1_TEMPLATE X509_VAL_seq_tt[] = {
65 ASN1_SIMPLE(X509_VAL, notBefore, ASN1_TIME), 65 {
66 ASN1_SIMPLE(X509_VAL, notAfter, ASN1_TIME) 66 .flags = 0,
67} ASN1_SEQUENCE_END(X509_VAL) 67 .tag = 0,
68 .offset = offsetof(X509_VAL, notBefore),
69 .field_name = "notBefore",
70 .item = &ASN1_TIME_it,
71 },
72 {
73 .flags = 0,
74 .tag = 0,
75 .offset = offsetof(X509_VAL, notAfter),
76 .field_name = "notAfter",
77 .item = &ASN1_TIME_it,
78 },
79};
80
81const ASN1_ITEM X509_VAL_it = {
82 .itype = ASN1_ITYPE_SEQUENCE,
83 .utype = V_ASN1_SEQUENCE,
84 .templates = X509_VAL_seq_tt,
85 .tcount = sizeof(X509_VAL_seq_tt) / sizeof(ASN1_TEMPLATE),
86 .funcs = NULL,
87 .size = sizeof(X509_VAL),
88 .sname = "X509_VAL",
89};
68 90
69 91
70X509_VAL * 92X509_VAL *
diff --git a/src/lib/libcrypto/asn1/x_x509.c b/src/lib/libcrypto/asn1/x_x509.c
index 756848fe19..1f29d5498a 100644
--- a/src/lib/libcrypto/asn1/x_x509.c
+++ b/src/lib/libcrypto/asn1/x_x509.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x_x509.c,v 1.21 2015/02/10 13:28:17 jsing Exp $ */ 1/* $OpenBSD: x_x509.c,v 1.22 2015/02/11 03:39:51 jsing Exp $ */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) 2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved. 3 * All rights reserved.
4 * 4 *
@@ -65,18 +65,96 @@
65#include <openssl/x509.h> 65#include <openssl/x509.h>
66#include <openssl/x509v3.h> 66#include <openssl/x509v3.h>
67 67
68ASN1_SEQUENCE_enc(X509_CINF, enc, 0) = { 68static const ASN1_AUX X509_CINF_aux = {
69 ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0), 69 .app_data = NULL,
70 ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER), 70 .flags = ASN1_AFLG_ENCODING,
71 ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR), 71 .ref_offset = 0,
72 ASN1_SIMPLE(X509_CINF, issuer, X509_NAME), 72 .ref_lock = 0,
73 ASN1_SIMPLE(X509_CINF, validity, X509_VAL), 73 .asn1_cb = 0,
74 ASN1_SIMPLE(X509_CINF, subject, X509_NAME), 74 .enc_offset = offsetof(X509_CINF, enc),
75 ASN1_SIMPLE(X509_CINF, key, X509_PUBKEY), 75};
76 ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1), 76static const ASN1_TEMPLATE X509_CINF_seq_tt[] = {
77 ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2), 77 {
78 ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3) 78 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
79} ASN1_SEQUENCE_END_enc(X509_CINF, X509_CINF) 79 .tag = 0,
80 .offset = offsetof(X509_CINF, version),
81 .field_name = "version",
82 .item = &ASN1_INTEGER_it,
83 },
84 {
85 .flags = 0,
86 .tag = 0,
87 .offset = offsetof(X509_CINF, serialNumber),
88 .field_name = "serialNumber",
89 .item = &ASN1_INTEGER_it,
90 },
91 {
92 .flags = 0,
93 .tag = 0,
94 .offset = offsetof(X509_CINF, signature),
95 .field_name = "signature",
96 .item = &X509_ALGOR_it,
97 },
98 {
99 .flags = 0,
100 .tag = 0,
101 .offset = offsetof(X509_CINF, issuer),
102 .field_name = "issuer",
103 .item = &X509_NAME_it,
104 },
105 {
106 .flags = 0,
107 .tag = 0,
108 .offset = offsetof(X509_CINF, validity),
109 .field_name = "validity",
110 .item = &X509_VAL_it,
111 },
112 {
113 .flags = 0,
114 .tag = 0,
115 .offset = offsetof(X509_CINF, subject),
116 .field_name = "subject",
117 .item = &X509_NAME_it,
118 },
119 {
120 .flags = 0,
121 .tag = 0,
122 .offset = offsetof(X509_CINF, key),
123 .field_name = "key",
124 .item = &X509_PUBKEY_it,
125 },
126 {
127 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
128 .tag = 1,
129 .offset = offsetof(X509_CINF, issuerUID),
130 .field_name = "issuerUID",
131 .item = &ASN1_BIT_STRING_it,
132 },
133 {
134 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
135 .tag = 2,
136 .offset = offsetof(X509_CINF, subjectUID),
137 .field_name = "subjectUID",
138 .item = &ASN1_BIT_STRING_it,
139 },
140 {
141 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
142 .tag = 3,
143 .offset = offsetof(X509_CINF, extensions),
144 .field_name = "extensions",
145 .item = &X509_EXTENSION_it,
146 },
147};
148
149const ASN1_ITEM X509_CINF_it = {
150 .itype = ASN1_ITYPE_SEQUENCE,
151 .utype = V_ASN1_SEQUENCE,
152 .templates = X509_CINF_seq_tt,
153 .tcount = sizeof(X509_CINF_seq_tt) / sizeof(ASN1_TEMPLATE),
154 .funcs = &X509_CINF_aux,
155 .size = sizeof(X509_CINF),
156 .sname = "X509_CINF",
157};
80 158
81 159
82X509_CINF * 160X509_CINF *
@@ -148,11 +226,47 @@ x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
148 return 1; 226 return 1;
149} 227}
150 228
151ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = { 229static const ASN1_AUX X509_aux = {
152 ASN1_SIMPLE(X509, cert_info, X509_CINF), 230 .app_data = NULL,
153 ASN1_SIMPLE(X509, sig_alg, X509_ALGOR), 231 .flags = ASN1_AFLG_REFCOUNT,
154 ASN1_SIMPLE(X509, signature, ASN1_BIT_STRING) 232 .ref_offset = offsetof(X509, references),
155} ASN1_SEQUENCE_END_ref(X509, X509) 233 .ref_lock = CRYPTO_LOCK_X509,
234 .asn1_cb = x509_cb,
235 .enc_offset = 0,
236};
237static const ASN1_TEMPLATE X509_seq_tt[] = {
238 {
239 .flags = 0,
240 .tag = 0,
241 .offset = offsetof(X509, cert_info),
242 .field_name = "cert_info",
243 .item = &X509_CINF_it,
244 },
245 {
246 .flags = 0,
247 .tag = 0,
248 .offset = offsetof(X509, sig_alg),
249 .field_name = "sig_alg",
250 .item = &X509_ALGOR_it,
251 },
252 {
253 .flags = 0,
254 .tag = 0,
255 .offset = offsetof(X509, signature),
256 .field_name = "signature",
257 .item = &ASN1_BIT_STRING_it,
258 },
259};
260
261const ASN1_ITEM X509_it = {
262 .itype = ASN1_ITYPE_SEQUENCE,
263 .utype = V_ASN1_SEQUENCE,
264 .templates = X509_seq_tt,
265 .tcount = sizeof(X509_seq_tt) / sizeof(ASN1_TEMPLATE),
266 .funcs = &X509_aux,
267 .size = sizeof(X509),
268 .sname = "X509",
269};
156 270
157 271
158X509 * 272X509 *
diff --git a/src/lib/libcrypto/asn1/x_x509a.c b/src/lib/libcrypto/asn1/x_x509a.c
index 8a3561e882..be8ebbdcbb 100644
--- a/src/lib/libcrypto/asn1/x_x509a.c
+++ b/src/lib/libcrypto/asn1/x_x509a.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: x_x509a.c,v 1.11 2015/02/09 15:05:59 jsing Exp $ */ 1/* $OpenBSD: x_x509a.c,v 1.12 2015/02/11 03:39:51 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 1999. 3 * project 1999.
4 */ 4 */
@@ -71,13 +71,53 @@
71 71
72static X509_CERT_AUX *aux_get(X509 *x); 72static X509_CERT_AUX *aux_get(X509 *x);
73 73
74ASN1_SEQUENCE(X509_CERT_AUX) = { 74static const ASN1_TEMPLATE X509_CERT_AUX_seq_tt[] = {
75 ASN1_SEQUENCE_OF_OPT(X509_CERT_AUX, trust, ASN1_OBJECT), 75 {
76 ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, reject, ASN1_OBJECT, 0), 76 .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
77 ASN1_OPT(X509_CERT_AUX, alias, ASN1_UTF8STRING), 77 .tag = 0,
78 ASN1_OPT(X509_CERT_AUX, keyid, ASN1_OCTET_STRING), 78 .offset = offsetof(X509_CERT_AUX, trust),
79 ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, other, X509_ALGOR, 1) 79 .field_name = "trust",
80} ASN1_SEQUENCE_END(X509_CERT_AUX) 80 .item = &ASN1_OBJECT_it,
81 },
82 {
83 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
84 .tag = 0,
85 .offset = offsetof(X509_CERT_AUX, reject),
86 .field_name = "reject",
87 .item = &ASN1_OBJECT_it,
88 },
89 {
90 .flags = ASN1_TFLG_OPTIONAL,
91 .tag = 0,
92 .offset = offsetof(X509_CERT_AUX, alias),
93 .field_name = "alias",
94 .item = &ASN1_UTF8STRING_it,
95 },
96 {
97 .flags = ASN1_TFLG_OPTIONAL,
98 .tag = 0,
99 .offset = offsetof(X509_CERT_AUX, keyid),
100 .field_name = "keyid",
101 .item = &ASN1_OCTET_STRING_it,
102 },
103 {
104 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
105 .tag = 1,
106 .offset = offsetof(X509_CERT_AUX, other),
107 .field_name = "other",
108 .item = &X509_ALGOR_it,
109 },
110};
111
112const ASN1_ITEM X509_CERT_AUX_it = {
113 .itype = ASN1_ITYPE_SEQUENCE,
114 .utype = V_ASN1_SEQUENCE,
115 .templates = X509_CERT_AUX_seq_tt,
116 .tcount = sizeof(X509_CERT_AUX_seq_tt) / sizeof(ASN1_TEMPLATE),
117 .funcs = NULL,
118 .size = sizeof(X509_CERT_AUX),
119 .sname = "X509_CERT_AUX",
120};
81 121
82 122
83X509_CERT_AUX * 123X509_CERT_AUX *
@@ -217,10 +257,32 @@ X509_reject_clear(X509 *x)
217 } 257 }
218} 258}
219 259
220ASN1_SEQUENCE(X509_CERT_PAIR) = { 260static const ASN1_TEMPLATE X509_CERT_PAIR_seq_tt[] = {
221 ASN1_EXP_OPT(X509_CERT_PAIR, forward, X509, 0), 261 {
222 ASN1_EXP_OPT(X509_CERT_PAIR, reverse, X509, 1) 262 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
223} ASN1_SEQUENCE_END(X509_CERT_PAIR) 263 .tag = 0,
264 .offset = offsetof(X509_CERT_PAIR, forward),
265 .field_name = "forward",
266 .item = &X509_it,
267 },
268 {
269 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
270 .tag = 1,
271 .offset = offsetof(X509_CERT_PAIR, reverse),
272 .field_name = "reverse",
273 .item = &X509_it,
274 },
275};
276
277const ASN1_ITEM X509_CERT_PAIR_it = {
278 .itype = ASN1_ITYPE_SEQUENCE,
279 .utype = V_ASN1_SEQUENCE,
280 .templates = X509_CERT_PAIR_seq_tt,
281 .tcount = sizeof(X509_CERT_PAIR_seq_tt) / sizeof(ASN1_TEMPLATE),
282 .funcs = NULL,
283 .size = sizeof(X509_CERT_PAIR),
284 .sname = "X509_CERT_PAIR",
285};
224 286
225 287
226X509_CERT_PAIR * 288X509_CERT_PAIR *
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-04-27 01:57:24 +0000