diff options
120 files changed, 6492 insertions, 8178 deletions
@@ -3,6 +3,10 @@ Changes between 0.9.6 and 0.9.7 [xx XXX 2000] + *) Merge in replacement ASN1 code from the ASN1 branch. This almost + completely replaces the old ASN1 functionality. + [Steve Henson] + *) Change BN_mod_exp_recp so that negative moduli are tolerated (the sign is ignored). Similarly, ignore the sign in BN_MONT_CTX_set so that BN_mod_exp_mont and BN_mod_exp_mont_word work diff --git a/README.ASN1 b/README.ASN1 new file mode 100644 index 0000000000..11bcfaf4dd --- /dev/null +++ b/README.ASN1 @@ -0,0 +1,187 @@ + +OpenSSL ASN1 Revision +===================== + +This document describes some of the issues relating to the new ASN1 code. + +Previous OpenSSL ASN1 problems +============================= + +OK why did the OpenSSL ASN1 code need revising in the first place? Well +there are lots of reasons some of which are included below... + +1. The code is difficult to read and write. For every single ASN1 structure +(e.g. SEQUENCE) four functions need to be written for new, free, encode and +decode operations. This is a very painful and error prone operation. Very few +people have ever written any OpenSSL ASN1 and those that have usually wish +they hadn't. + +2. Partly because of 1. the code is bloated and takes up a disproportionate +amount of space. The SEQUENCE encoder is particularly bad: it essentially +contains two copies of the same operation, one to compute the SEQUENCE length +and the other to encode it. + +3. The code is memory based: that is it expects to be able to read the whole +structure from memory. This is fine for small structures but if you have a +(say) 1Gb PKCS#7 signedData structure it isn't such a good idea... + +4. The code for the ASN1 IMPLICIT tag is evil. It is handled by temporarily +changing the tag to the expected one, attempting to read it, then changing it +back again. This means that decode buffers have to be writable even though they +are ultimately unchanged. This gets in the way of constification. + +5. The handling of EXPLICIT isn't much better. It adds a chunk of code into +the decoder and encoder for every EXPLICIT tag. + +6. APPLICATION and PRIVATE tags aren't even supported at all. + +7. Even IMPLICIT isn't complete: there is no support for implicitly tagged +types that are not OPTIONAL. + +8. Much of the code assumes that a tag will fit in a single octet. This is +only true if the tag is 30 or less (mercifully tags over 30 are rare). + +9. The ASN1 CHOICE type has to be largely handled manually, there aren't any +macros that properly support it. + +10. Encoders have no concept of OPTIONAL and have no error checking. If the +passed structure contains a NULL in a mandatory field it will not be encoded, +resulting in an invalid structure. + +11. It is tricky to add ASN1 encoders and decoders to external applications. + +Template model +============== + +One of the major problems with revision is the sheer volume of the ASN1 code. +Attempts to change (for example) the IMPLICIT behaviour would result in a +modification of *every* single decode function. + +I decided to adopt a template based approach. I'm using the term 'template' +in a manner similar to SNACC templates: it has nothing to do with C++ +templates. + +A template is a description of an ASN1 module as several constant C structures. +It describes in a machine readable way exactly how the ASN1 structure should +behave. If this template contains enough detail then it is possible to write +versions of new, free, encode, decode (and possibly others operations) that +operate on templates. + +Instead of having to write code to handle each operation only a single +template needs to be written. If new operations are needed (such as a 'print' +operation) only a single new template based function needs to be written +which will then automatically handle all existing templates. + +Plans for revision +================== + +The revision will consist of the following steps. Other than the first two +these can be handled in any order. + +o Design and write template new, free, encode and decode operations, initially +memory based. *DONE* + +o Convert existing ASN1 code to template form. *IN PROGRESS* + +o Convert an existing ASN1 compiler (probably SNACC) to output templates +in OpenSSL form. + +o Add support for BIO based ASN1 encoders and decoders to handle large +structures, initially blocking I/O. + +o Add support for non blocking I/O: this is quite a bit harder than blocking +I/O. + +o Add new ASN1 structures, such as OCSP, CRMF, S/MIME v3 (CMS), attribute +certificates etc etc. + +Description of major changes +============================ + +The BOOLEAN type now takes three values. 0xff is TRUE, 0 is FALSE and -1 is +absent. The meaning of absent depends on the context. If for example the +boolean type is DEFAULT FALSE (as in the case of the critical flag for +certificate extensions) then -1 is FALSE, if DEFAULT TRUE then -1 is TRUE. +Usually the value will only ever be read via an API which will hide this from +an application. + +There is an evil bug in the old ASN1 code that mishandles OPTIONAL with +SEQUENCE OF or SET OF. These are both implemented as a STACK structure. The +old code would omit the structure if the STACK was NULL (which is fine) or if +it had zero elements (which is NOT OK). This causes problems because an empty +SEQUENCE OF or SET OF will result in an empty STACK when it is decoded but when +it is encoded it will be omitted resulting in different encodings. The new code +only omits the encoding if the STACK is NULL, if it contains zero elements it +is encoded and empty. There is an additional problem though: because an empty +STACK was omitted, sometimes the corresponding *_new() function would +initialize the STACK to empty so an application could immediately use it, if +this is done with the new code (i.e. a NULL) it wont work. Therefore a new +STACK should be allocated first. One instance of this is the X509_CRL list of +revoked certificates: a helper function X509_CRL_add0_revoked() has been added +for this purpose. + +The X509_ATTRIBUTE structure used to have an element called 'set' which took +the value 1 if the attribute value was a SET OF or 0 if it was a single. Due +to the behaviour of CHOICE in the new code this has been changed to a field +called 'single' which is 0 for a SET OF and 1 for single. The old field has +been deleted to deliberately break source compatibility. Since this structure +is normally accessed via higher level functions this shouldn't break too much. + +The X509_REQ_INFO certificate request info structure no longer has a field +called 'req_kludge'. This used to be set to 1 if the attributes field was +(incorrectly) omitted. You can check to see if the field is omitted now by +checking if the attributes field is NULL. Similarly if you need to omit +the field then free attributes and set it to NULL. + +The top level 'detached' field in the PKCS7 structure is no longer set when +a PKCS#7 structure is read in. PKCS7_is_detached() should be called instead. +The behaviour of PKCS7_get_detached() is unaffected. + +The values of 'type' in the GENERAL_NAME structure have changed. This is +because the old code use the ASN1 initial octet as the selector. The new +code uses the index in the ASN1_CHOICE template. + +The DIST_POINT_NAME structure has changed to be a true CHOICE type. + +typedef struct DIST_POINT_NAME_st { +int type; +union { + STACK_OF(GENERAL_NAME) *fullname; + STACK_OF(X509_NAME_ENTRY) *relativename; +} name; +} DIST_POINT_NAME; + +This means that name.fullname or name.relativename should be set +and type reflects the option. That is if name.fullname is set then +type is 0 and if name.relativename is set type is 1. + +With the old code using the i2d functions would typically involve: + +unsigned char *buf, *p; +int len; +/* Find length of encoding */ +len = i2d_SOMETHING(x, NULL); +/* Allocate buffer */ +buf = OPENSSL_malloc(len); +if(buf == NULL) { + /* Malloc error */ +} +/* Use temp variable because &p gets updated to point to end of + * encoding. + */ +p = buf; +i2d_SOMETHING(x, &p); + + +Using the new i2d you can also do: + +unsigned char *buf = NULL; +int len; +len = i2d_SOMETHING(x, &buf); +if(len < 0) { + /* Malloc error */ +} + +and it will automatically allocate and populate a buffer with the +encoding. After this call 'buf' will point to the start of the +encoding which is len bytes long. @@ -1201,7 +1201,7 @@ bad: if (!a2i_ASN1_INTEGER(hex,r->serialNumber, buf[0],BSIZE)) goto err; - sk_X509_REVOKED_push(ci->revoked,r); + X509_CRL_add0_revoked(crl,r); } } /* sort the data so it will be written in serial diff --git a/apps/req.c b/apps/req.c index 4c4b9e3eac..7b8b4dbd60 100644 --- a/apps/req.c +++ b/apps/req.c @@ -752,8 +752,11 @@ loop: } i=make_REQ(req,pkey,!x509); - if (kludge >= 0) - req->req_info->req_kludge=kludge; + if ((kludge > 0) && !sk_X509_ATTRIBUTE_num(req->req_info->attributes)) + { + sk_X509_ATTRIBUTE_free(req->req_info->attributes); + req->req_info->attributes = NULL; + } if (!i) { BIO_printf(bio_err,"problems making Certificate Request\n"); diff --git a/crypto/asn1/Makefile.ssl b/crypto/asn1/Makefile.ssl index 3e88b3e409..5dd662843b 100644 --- a/crypto/asn1/Makefile.ssl +++ b/crypto/asn1/Makefile.ssl @@ -23,39 +23,33 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC= a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \ - a_null.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_bmp.c \ - a_enum.c a_vis.c a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \ - x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c \ - x_name.c x_cinf.c x_x509.c x_x509a.c x_crl.c x_info.c x_spki.c nsseq.c \ - d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c \ - d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c \ + a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c \ + a_enum.c a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \ + x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_bignum.c \ + x_long.c x_name.c x_x509.c x_x509a.c x_crl.c x_info.c x_spki.c nsseq.c \ d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\ t_req.c t_x509.c t_x509a.c t_crl.c t_pkey.c t_spki.c t_bitst.c \ - p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c \ - p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c \ - f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c \ + tasn_new.c tasn_fre.c tasn_enc.c tasn_dec.c tasn_utl.c tasn_typ.c \ + f_int.c f_string.c n_pkey.c \ f_enum.c a_hdr.c x_pkey.c a_bool.c x_exten.c \ asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c a_strnid.c \ evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \ - a_null.o a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_bmp.o \ - a_enum.o a_vis.o a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \ - x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o \ - x_name.o x_cinf.o x_x509.o x_x509a.o x_crl.o x_info.o x_spki.o nsseq.o \ - d2i_r_pr.o i2d_r_pr.o d2i_r_pu.o i2d_r_pu.o \ - d2i_s_pr.o i2d_s_pr.o d2i_s_pu.o i2d_s_pu.o \ + a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \ + a_enum.o a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \ + x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_bignum.o \ + x_long.o x_name.o x_x509.o x_x509a.o x_crl.o x_info.o x_spki.o nsseq.o \ d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \ t_req.o t_x509.o t_x509a.o t_crl.o t_pkey.o t_spki.o t_bitst.o \ - p7_i_s.o p7_signi.o p7_signd.o p7_recip.o p7_enc_c.o p7_evp.o \ - p7_dgst.o p7_s_e.o p7_enc.o p7_lib.o \ - f_int.o f_string.o i2d_dhp.o i2d_dsap.o d2i_dhp.o d2i_dsap.o n_pkey.o \ + tasn_new.o tasn_fre.o tasn_enc.o tasn_dec.o tasn_utl.o tasn_typ.o \ + f_int.o f_string.o n_pkey.o \ f_enum.o a_hdr.o x_pkey.o a_bool.o x_exten.o \ asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o a_strnid.o \ evp_asn1.o asn_pack.o p5_pbe.o p5_pbev2.o p8_pkey.o SRC= $(LIBSRC) -EXHEADER= asn1.h asn1_mac.h +EXHEADER= asn1.h asn1_mac.h asn1t.h HEADER= $(EXHEADER) ALL= $(GENERAL) $(SRC) $(HEADER) @@ -124,30 +118,22 @@ a_bitstr.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h a_bitstr.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h a_bitstr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h a_bitstr.o: ../cryptlib.h -a_bmp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_bmp.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_bmp.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h -a_bmp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_bmp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_bmp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -a_bmp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_bmp.o: ../cryptlib.h -a_bool.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_bool.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_bool.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h -a_bool.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_bool.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_bool.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -a_bool.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_bool.o: ../cryptlib.h -a_bytes.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -a_bytes.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_bytes.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_bytes.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -a_bytes.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_bytes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_bytes.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_bytes.o: ../../include/openssl/symhacks.h ../cryptlib.h +a_bool.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +a_bool.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +a_bool.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +a_bool.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +a_bool.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +a_bool.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +a_bool.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +a_bool.o: ../../include/openssl/symhacks.h ../cryptlib.h +a_bytes.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +a_bytes.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h +a_bytes.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h +a_bytes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +a_bytes.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +a_bytes.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +a_bytes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +a_bytes.o: ../cryptlib.h a_d2i_fp.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h a_d2i_fp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h a_d2i_fp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -177,14 +163,14 @@ a_digest.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h a_digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h a_digest.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h a_digest.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -a_dup.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -a_dup.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_dup.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_dup.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -a_dup.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_dup.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_dup.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_dup.o: ../../include/openssl/symhacks.h ../cryptlib.h +a_dup.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +a_dup.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h +a_dup.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h +a_dup.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +a_dup.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h +a_dup.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +a_dup.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +a_dup.o: ../cryptlib.h a_enum.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h a_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h a_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h @@ -209,12 +195,11 @@ a_hdr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h a_hdr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h a_hdr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h a_hdr.o: ../../include/openssl/symhacks.h ../cryptlib.h -a_i2d_fp.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -a_i2d_fp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_i2d_fp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_i2d_fp.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -a_i2d_fp.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_i2d_fp.o: ../../include/openssl/opensslconf.h +a_i2d_fp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +a_i2d_fp.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h +a_i2d_fp.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h +a_i2d_fp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +a_i2d_fp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h a_i2d_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h a_i2d_fp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h a_i2d_fp.o: ../cryptlib.h @@ -242,14 +227,6 @@ a_meth.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h a_meth.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h a_meth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h a_meth.o: ../cryptlib.h -a_null.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_null.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_null.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h -a_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -a_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_null.o: ../cryptlib.h a_object.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h a_object.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h a_object.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h @@ -331,15 +308,15 @@ a_strnid.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h a_strnid.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h a_strnid.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h a_strnid.o: ../cryptlib.h -a_time.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_time.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_time.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h -a_time.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_time.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_time.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -a_time.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_time.o: ../cryptlib.h -a_type.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +a_time.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +a_time.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +a_time.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +a_time.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +a_time.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +a_time.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +a_time.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +a_time.o: ../../include/openssl/symhacks.h ../cryptlib.h +a_type.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h a_type.o: ../../include/openssl/bio.h ../../include/openssl/bn.h a_type.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h a_type.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h @@ -383,26 +360,17 @@ a_verify.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h a_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h a_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h a_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -a_vis.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_vis.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_vis.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h -a_vis.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_vis.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_vis.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -a_vis.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_vis.o: ../cryptlib.h asn1_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h asn1_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h asn1_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h asn1_err.o: ../../include/openssl/opensslconf.h asn1_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h asn1_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -asn1_lib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -asn1_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -asn1_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -asn1_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -asn1_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -asn1_lib.o: ../../include/openssl/opensslconf.h +asn1_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +asn1_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h +asn1_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h +asn1_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +asn1_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h asn1_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h asn1_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h asn1_lib.o: ../cryptlib.h @@ -423,27 +391,6 @@ asn_pack.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h asn_pack.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h asn_pack.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h asn_pack.o: ../cryptlib.h -d2i_dhp.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -d2i_dhp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -d2i_dhp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -d2i_dhp.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h -d2i_dhp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -d2i_dhp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -d2i_dhp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -d2i_dhp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -d2i_dhp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -d2i_dhp.o: ../cryptlib.h -d2i_dsap.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -d2i_dsap.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -d2i_dsap.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -d2i_dsap.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -d2i_dsap.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -d2i_dsap.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -d2i_dsap.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -d2i_dsap.o: ../../include/openssl/opensslconf.h -d2i_dsap.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -d2i_dsap.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -d2i_dsap.o: ../cryptlib.h d2i_pr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h d2i_pr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h d2i_pr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -480,48 +427,6 @@ d2i_pu.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h d2i_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h d2i_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h d2i_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h -d2i_r_pr.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -d2i_r_pr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -d2i_r_pr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -d2i_r_pr.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -d2i_r_pr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -d2i_r_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -d2i_r_pr.o: ../../include/openssl/opensslconf.h -d2i_r_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h -d2i_r_pr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -d2i_r_pr.o: ../../include/openssl/symhacks.h ../cryptlib.h -d2i_r_pu.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -d2i_r_pu.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -d2i_r_pu.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -d2i_r_pu.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -d2i_r_pu.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -d2i_r_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -d2i_r_pu.o: ../../include/openssl/opensslconf.h -d2i_r_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h -d2i_r_pu.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -d2i_r_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h -d2i_s_pr.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -d2i_s_pr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -d2i_s_pr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -d2i_s_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -d2i_s_pr.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -d2i_s_pr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -d2i_s_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -d2i_s_pr.o: ../../include/openssl/opensslconf.h -d2i_s_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -d2i_s_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -d2i_s_pr.o: ../cryptlib.h -d2i_s_pu.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -d2i_s_pu.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -d2i_s_pu.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -d2i_s_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -d2i_s_pu.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -d2i_s_pu.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -d2i_s_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -d2i_s_pu.o: ../../include/openssl/opensslconf.h -d2i_s_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -d2i_s_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -d2i_s_pu.o: ../cryptlib.h evp_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h evp_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h evp_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h @@ -555,25 +460,6 @@ f_string.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h f_string.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h f_string.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h f_string.o: ../cryptlib.h -i2d_dhp.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -i2d_dhp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -i2d_dhp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -i2d_dhp.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h -i2d_dhp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -i2d_dhp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -i2d_dhp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -i2d_dhp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -i2d_dhp.o: ../cryptlib.h -i2d_dsap.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -i2d_dsap.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -i2d_dsap.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -i2d_dsap.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -i2d_dsap.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -i2d_dsap.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -i2d_dsap.o: ../../include/openssl/opensslconf.h -i2d_dsap.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -i2d_dsap.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -i2d_dsap.o: ../cryptlib.h i2d_pr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h i2d_pr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h i2d_pr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -610,88 +496,47 @@ i2d_pu.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h i2d_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h i2d_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h i2d_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h -i2d_r_pr.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -i2d_r_pr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -i2d_r_pr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -i2d_r_pr.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -i2d_r_pr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -i2d_r_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -i2d_r_pr.o: ../../include/openssl/opensslconf.h -i2d_r_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h -i2d_r_pr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -i2d_r_pr.o: ../../include/openssl/symhacks.h ../cryptlib.h -i2d_r_pu.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -i2d_r_pu.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -i2d_r_pu.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -i2d_r_pu.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -i2d_r_pu.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -i2d_r_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -i2d_r_pu.o: ../../include/openssl/opensslconf.h -i2d_r_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h -i2d_r_pu.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -i2d_r_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h -i2d_s_pr.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -i2d_s_pr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -i2d_s_pr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -i2d_s_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -i2d_s_pr.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -i2d_s_pr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -i2d_s_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -i2d_s_pr.o: ../../include/openssl/opensslconf.h -i2d_s_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -i2d_s_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -i2d_s_pr.o: ../cryptlib.h -i2d_s_pu.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -i2d_s_pu.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -i2d_s_pu.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -i2d_s_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h -i2d_s_pu.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -i2d_s_pu.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -i2d_s_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -i2d_s_pu.o: ../../include/openssl/opensslconf.h -i2d_s_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h -i2d_s_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -i2d_s_pu.o: ../cryptlib.h n_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -n_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -n_pkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -n_pkey.o: ../../include/openssl/des.h ../../include/openssl/dh.h -n_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -n_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -n_pkey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -n_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -n_pkey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -n_pkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -n_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -n_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h -n_pkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -n_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h -n_pkey.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -n_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -n_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -n_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -n_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -nsseq.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +n_pkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h +n_pkey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +n_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +n_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +n_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +n_pkey.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +n_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h +n_pkey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h +n_pkey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h +n_pkey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +n_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +n_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +n_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h +n_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h +n_pkey.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +n_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +n_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +n_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +n_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +n_pkey.o: ../cryptlib.h +nsseq.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h nsseq.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h nsseq.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h nsseq.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h nsseq.o: ../../include/openssl/des.h ../../include/openssl/dh.h nsseq.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -nsseq.o: ../../include/openssl/err.h ../../include/openssl/evp.h -nsseq.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -nsseq.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -nsseq.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -nsseq.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -nsseq.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -nsseq.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -nsseq.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -nsseq.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h -nsseq.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -nsseq.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -nsseq.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -nsseq.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p5_pbe.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +nsseq.o: ../../include/openssl/evp.h ../../include/openssl/idea.h +nsseq.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h +nsseq.o: ../../include/openssl/md4.h ../../include/openssl/md5.h +nsseq.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +nsseq.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +nsseq.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h +nsseq.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +nsseq.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h +nsseq.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h +nsseq.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +nsseq.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +nsseq.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +nsseq.o: ../../include/openssl/x509_vfy.h +p5_pbe.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h p5_pbe.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h p5_pbe.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h p5_pbe.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h @@ -712,7 +557,7 @@ p5_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h p5_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h p5_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h p5_pbe.o: ../cryptlib.h -p5_pbev2.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +p5_pbev2.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h p5_pbev2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h p5_pbev2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h p5_pbev2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h @@ -733,207 +578,7 @@ p5_pbev2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h p5_pbev2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h p5_pbev2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h p5_pbev2.o: ../cryptlib.h -p7_dgst.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -p7_dgst.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p7_dgst.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p7_dgst.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p7_dgst.o: ../../include/openssl/des.h ../../include/openssl/dh.h -p7_dgst.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -p7_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p7_dgst.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p7_dgst.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p7_dgst.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p7_dgst.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p7_dgst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p7_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h -p7_dgst.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p7_dgst.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h -p7_dgst.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p7_dgst.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p7_dgst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p7_dgst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p7_dgst.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -p7_enc.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -p7_enc.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p7_enc.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p7_enc.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p7_enc.o: ../../include/openssl/des.h ../../include/openssl/dh.h -p7_enc.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -p7_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p7_enc.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p7_enc.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p7_enc.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p7_enc.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p7_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p7_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h -p7_enc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p7_enc.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h -p7_enc.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p7_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p7_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p7_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p7_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -p7_enc_c.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -p7_enc_c.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p7_enc_c.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p7_enc_c.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p7_enc_c.o: ../../include/openssl/des.h ../../include/openssl/dh.h -p7_enc_c.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -p7_enc_c.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p7_enc_c.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p7_enc_c.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p7_enc_c.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p7_enc_c.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p7_enc_c.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p7_enc_c.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h -p7_enc_c.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p7_enc_c.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h -p7_enc_c.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p7_enc_c.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p7_enc_c.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p7_enc_c.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p7_enc_c.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -p7_evp.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -p7_evp.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p7_evp.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p7_evp.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p7_evp.o: ../../include/openssl/des.h ../../include/openssl/dh.h -p7_evp.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -p7_evp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p7_evp.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p7_evp.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p7_evp.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p7_evp.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p7_evp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p7_evp.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h -p7_evp.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p7_evp.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h -p7_evp.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p7_evp.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p7_evp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p7_evp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p7_evp.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -p7_i_s.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -p7_i_s.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p7_i_s.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p7_i_s.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p7_i_s.o: ../../include/openssl/des.h ../../include/openssl/dh.h -p7_i_s.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -p7_i_s.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p7_i_s.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p7_i_s.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p7_i_s.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p7_i_s.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p7_i_s.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p7_i_s.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h -p7_i_s.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p7_i_s.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h -p7_i_s.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p7_i_s.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p7_i_s.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p7_i_s.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p7_i_s.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -p7_lib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -p7_lib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p7_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p7_lib.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p7_lib.o: ../../include/openssl/des.h ../../include/openssl/dh.h -p7_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -p7_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p7_lib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p7_lib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p7_lib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p7_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p7_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p7_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h -p7_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p7_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h -p7_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p7_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p7_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p7_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p7_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -p7_recip.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -p7_recip.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p7_recip.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p7_recip.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p7_recip.o: ../../include/openssl/des.h ../../include/openssl/dh.h -p7_recip.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -p7_recip.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p7_recip.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p7_recip.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p7_recip.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p7_recip.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p7_recip.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p7_recip.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h -p7_recip.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p7_recip.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h -p7_recip.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p7_recip.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p7_recip.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p7_recip.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p7_recip.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -p7_s_e.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -p7_s_e.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p7_s_e.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p7_s_e.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p7_s_e.o: ../../include/openssl/des.h ../../include/openssl/dh.h -p7_s_e.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -p7_s_e.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p7_s_e.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p7_s_e.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p7_s_e.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p7_s_e.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p7_s_e.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p7_s_e.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h -p7_s_e.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p7_s_e.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h -p7_s_e.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p7_s_e.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p7_s_e.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p7_s_e.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p7_s_e.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -p7_signd.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -p7_signd.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p7_signd.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p7_signd.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p7_signd.o: ../../include/openssl/des.h ../../include/openssl/dh.h -p7_signd.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -p7_signd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p7_signd.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p7_signd.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p7_signd.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p7_signd.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p7_signd.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p7_signd.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h -p7_signd.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p7_signd.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h -p7_signd.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p7_signd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p7_signd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p7_signd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p7_signd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -p7_signi.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -p7_signi.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p7_signi.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p7_signi.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p7_signi.o: ../../include/openssl/des.h ../../include/openssl/dh.h -p7_signi.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -p7_signi.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p7_signi.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p7_signi.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p7_signi.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p7_signi.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p7_signi.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p7_signi.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h -p7_signi.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -p7_signi.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h -p7_signi.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -p7_signi.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -p7_signi.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p7_signi.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p7_signi.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -p8_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +p8_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h p8_pkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h p8_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h p8_pkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h @@ -1025,26 +670,26 @@ t_req.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h t_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h t_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h t_req.o: ../../include/openssl/x509v3.h ../cryptlib.h -t_spki.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -t_spki.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -t_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -t_spki.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -t_spki.o: ../../include/openssl/des.h ../../include/openssl/dh.h -t_spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -t_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -t_spki.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -t_spki.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -t_spki.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -t_spki.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -t_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -t_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h -t_spki.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -t_spki.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h -t_spki.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -t_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -t_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -t_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +t_spki.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +t_spki.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +t_spki.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +t_spki.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +t_spki.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +t_spki.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +t_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h +t_spki.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h +t_spki.o: ../../include/openssl/md2.h ../../include/openssl/md4.h +t_spki.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +t_spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +t_spki.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +t_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h +t_spki.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h +t_spki.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +t_spki.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +t_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +t_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +t_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +t_spki.o: ../cryptlib.h t_x509.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h t_x509.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h t_x509.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -1066,33 +711,71 @@ t_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h t_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h t_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h t_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h -t_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -t_x509a.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -t_x509a.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -t_x509a.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -t_x509a.o: ../../include/openssl/des.h ../../include/openssl/dh.h -t_x509a.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -t_x509a.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -t_x509a.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -t_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -t_x509a.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -t_x509a.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -t_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -t_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h -t_x509a.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -t_x509a.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h -t_x509a.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -t_x509a.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -t_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -t_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -x_algor.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +t_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +t_x509a.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +t_x509a.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +t_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +t_x509a.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +t_x509a.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +t_x509a.o: ../../include/openssl/err.h ../../include/openssl/evp.h +t_x509a.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h +t_x509a.o: ../../include/openssl/md2.h ../../include/openssl/md4.h +t_x509a.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +t_x509a.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +t_x509a.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +t_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h +t_x509a.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h +t_x509a.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +t_x509a.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +t_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +t_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +t_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +t_x509a.o: ../cryptlib.h +tasn_dec.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +tasn_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +tasn_dec.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +tasn_dec.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +tasn_dec.o: ../../include/openssl/opensslconf.h +tasn_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +tasn_dec.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +tasn_enc.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +tasn_enc.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +tasn_enc.o: ../../include/openssl/crypto.h ../../include/openssl/obj_mac.h +tasn_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +tasn_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +tasn_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +tasn_fre.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +tasn_fre.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +tasn_fre.o: ../../include/openssl/crypto.h ../../include/openssl/obj_mac.h +tasn_fre.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +tasn_fre.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +tasn_fre.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +tasn_new.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +tasn_new.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +tasn_new.o: ../../include/openssl/crypto.h ../../include/openssl/err.h +tasn_new.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +tasn_new.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +tasn_new.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +tasn_new.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +tasn_typ.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +tasn_typ.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +tasn_typ.o: ../../include/openssl/crypto.h ../../include/openssl/opensslconf.h +tasn_typ.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +tasn_typ.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +tasn_utl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +tasn_utl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +tasn_utl.o: ../../include/openssl/crypto.h ../../include/openssl/err.h +tasn_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +tasn_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +tasn_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +tasn_utl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +x_algor.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h x_algor.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h x_algor.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h x_algor.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h x_algor.o: ../../include/openssl/des.h ../../include/openssl/dh.h -x_algor.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -x_algor.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +x_algor.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h x_algor.o: ../../include/openssl/evp.h ../../include/openssl/idea.h x_algor.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h x_algor.o: ../../include/openssl/md4.h ../../include/openssl/md5.h @@ -1105,8 +788,8 @@ x_algor.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_algor.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_algor.o: ../../include/openssl/sha.h ../../include/openssl/stack.h x_algor.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x_algor.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -x_attrib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +x_algor.o: ../../include/openssl/x509_vfy.h +x_attrib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h x_attrib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h x_attrib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h x_attrib.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h @@ -1126,27 +809,16 @@ x_attrib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_attrib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h x_attrib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x_attrib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -x_cinf.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -x_cinf.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -x_cinf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x_cinf.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -x_cinf.o: ../../include/openssl/des.h ../../include/openssl/dh.h -x_cinf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -x_cinf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x_cinf.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_cinf.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_cinf.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_cinf.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x_cinf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_cinf.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h -x_cinf.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_cinf.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h -x_cinf.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -x_cinf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -x_cinf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_cinf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x_cinf.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -x_crl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +x_bignum.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +x_bignum.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +x_bignum.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_bignum.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +x_bignum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +x_bignum.o: ../../include/openssl/opensslconf.h +x_bignum.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +x_bignum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +x_bignum.o: ../cryptlib.h +x_crl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h x_crl.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h x_crl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h x_crl.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h @@ -1166,13 +838,12 @@ x_crl.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h x_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x_crl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -x_exten.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +x_exten.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h x_exten.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h x_exten.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h x_exten.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h x_exten.o: ../../include/openssl/des.h ../../include/openssl/dh.h -x_exten.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -x_exten.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +x_exten.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h x_exten.o: ../../include/openssl/evp.h ../../include/openssl/idea.h x_exten.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h x_exten.o: ../../include/openssl/md4.h ../../include/openssl/md5.h @@ -1185,28 +856,36 @@ x_exten.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h x_exten.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_exten.o: ../../include/openssl/sha.h ../../include/openssl/stack.h x_exten.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x_exten.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -x_info.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -x_info.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -x_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x_info.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -x_info.o: ../../include/openssl/des.h ../../include/openssl/dh.h -x_info.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -x_info.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x_info.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x_info.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x_info.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x_info.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_info.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h -x_info.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h -x_info.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h -x_info.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h -x_info.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -x_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_info.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x_info.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -x_name.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +x_exten.o: ../../include/openssl/x509_vfy.h +x_info.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +x_info.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +x_info.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x_info.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +x_info.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +x_info.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +x_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x_info.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h +x_info.o: ../../include/openssl/md2.h ../../include/openssl/md4.h +x_info.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +x_info.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +x_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h +x_info.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h +x_info.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +x_info.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +x_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +x_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +x_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +x_info.o: ../cryptlib.h +x_long.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +x_long.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +x_long.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +x_long.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +x_long.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +x_long.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h +x_long.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +x_long.o: ../../include/openssl/symhacks.h ../cryptlib.h +x_name.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h x_name.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h x_name.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h x_name.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h @@ -1246,7 +925,7 @@ x_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h x_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -x_pubkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +x_pubkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h x_pubkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h x_pubkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h x_pubkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h @@ -1266,7 +945,7 @@ x_pubkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_pubkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h x_pubkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x_pubkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -x_req.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +x_req.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h x_req.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h x_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h x_req.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h @@ -1286,7 +965,7 @@ x_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h x_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x_req.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -x_sig.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +x_sig.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h x_sig.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h x_sig.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h x_sig.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h @@ -1306,7 +985,7 @@ x_sig.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_sig.o: ../../include/openssl/sha.h ../../include/openssl/stack.h x_sig.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x_sig.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -x_spki.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +x_spki.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h x_spki.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h x_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h x_spki.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h @@ -1326,7 +1005,7 @@ x_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h x_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -x_val.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +x_val.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h x_val.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h x_val.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h x_val.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h @@ -1346,7 +1025,7 @@ x_val.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x_val.o: ../../include/openssl/sha.h ../../include/openssl/stack.h x_val.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x_val.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -x_x509.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +x_x509.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h x_x509.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h x_x509.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h x_x509.o: ../../include/openssl/cast.h ../../include/openssl/conf.h @@ -1368,7 +1047,7 @@ x_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h x_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h x_x509.o: ../cryptlib.h -x_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +x_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h x_x509a.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h x_x509a.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h x_x509a.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c index 7013a407ad..46e97038a2 100644 --- a/crypto/asn1/a_bitstr.c +++ b/crypto/asn1/a_bitstr.c @@ -60,27 +60,9 @@ #include "cryptlib.h" #include <openssl/asn1.h> -ASN1_BIT_STRING *ASN1_BIT_STRING_new(void) -{ return M_ASN1_BIT_STRING_new(); } - -void ASN1_BIT_STRING_free(ASN1_BIT_STRING *x) -{ M_ASN1_BIT_STRING_free(x); } - int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len) { return M_ASN1_BIT_STRING_set(x, d, len); } -int i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp) -{ - int len, ret; - len = i2c_ASN1_BIT_STRING(a, NULL); - ret=ASN1_object_size(0,len,V_ASN1_BIT_STRING); - if(pp) { - ASN1_put_object(pp,0,len,V_ASN1_BIT_STRING,V_ASN1_UNIVERSAL); - i2c_ASN1_BIT_STRING(a, pp); - } - return ret; -} - int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp) { int ret,j,bits,len; @@ -129,40 +111,6 @@ int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp) return(ret); } - -/* Convert DER encoded ASN1 BIT_STRING to ASN1_BIT_STRING structure */ -ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, unsigned char **pp, - long length) -{ - unsigned char *p; - long len; - int i; - int inf,tag,xclass; - ASN1_BIT_STRING *ret; - - p= *pp; - inf=ASN1_get_object(&p,&len,&tag,&xclass,length); - if (inf & 0x80) - { - i=ASN1_R_BAD_OBJECT_HEADER; - goto err; - } - - if (tag != V_ASN1_BIT_STRING) - { - i=ASN1_R_EXPECTING_A_BIT_STRING; - goto err; - } - if (len < 1) { i=ASN1_R_STRING_TOO_SHORT; goto err; } - ret = c2i_ASN1_BIT_STRING(a, &p, len); - if(ret) *pp = p; - return ret; -err: - ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i); - return(NULL); - -} - ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, unsigned char **pp, long len) { diff --git a/crypto/asn1/a_bmp.c b/crypto/asn1/a_bmp.c deleted file mode 100644 index d9ac5a0475..0000000000 --- a/crypto/asn1/a_bmp.c +++ /dev/null @@ -1,89 +0,0 @@ -/* crypto/asn1/a_bmp.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/asn1.h> - -ASN1_BMPSTRING *ASN1_BMPSTRING_new(void) -{ return M_ASN1_BMPSTRING_new(); } - -void ASN1_BMPSTRING_free(ASN1_BMPSTRING *x) -{ M_ASN1_BMPSTRING_free(x); } - -int i2d_ASN1_BMPSTRING(ASN1_BMPSTRING *a, unsigned char **pp) - { - return(i2d_ASN1_bytes((ASN1_STRING *)a,pp, - V_ASN1_BMPSTRING,V_ASN1_UNIVERSAL)); - } - -ASN1_BMPSTRING *d2i_ASN1_BMPSTRING(ASN1_BMPSTRING **a, unsigned char **pp, - long length) - { - ASN1_BMPSTRING *ret=NULL; - - ret=(ASN1_BMPSTRING *)d2i_ASN1_bytes((ASN1_STRING **)a, - pp,length,V_ASN1_BMPSTRING,V_ASN1_UNIVERSAL); - if (ret == NULL) - { - ASN1err(ASN1_F_D2I_ASN1_BMPSTRING,ERR_R_NESTED_ASN1_ERROR); - return(NULL); - } - return(ret); - } - diff --git a/crypto/asn1/a_bool.c b/crypto/asn1/a_bool.c index 18fa61840b..24333ea4d5 100644 --- a/crypto/asn1/a_bool.c +++ b/crypto/asn1/a_bool.c @@ -58,7 +58,7 @@ #include <stdio.h> #include "cryptlib.h" -#include <openssl/asn1.h> +#include <openssl/asn1t.h> int i2d_ASN1_BOOLEAN(int a, unsigned char **pp) { @@ -110,3 +110,5 @@ err: ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,i); return(ret); } + + diff --git a/crypto/asn1/a_bytes.c b/crypto/asn1/a_bytes.c index 3a0c0c7835..aa4b570d38 100644 --- a/crypto/asn1/a_bytes.c +++ b/crypto/asn1/a_bytes.c @@ -58,19 +58,26 @@ #include <stdio.h> #include "cryptlib.h" -#include <openssl/asn1_mac.h> +#include <openssl/asn1.h> static unsigned long tag2bit[32]={ 0, 0, 0, B_ASN1_BIT_STRING, /* tags 0 - 3 */ B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,/* tags 4- 7 */ B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 8-11 */ B_ASN1_UTF8STRING,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,/* tags 12-15 */ -0, 0, B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING, -B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING,0, -0,B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING, -B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_BMPSTRING,B_ASN1_UNKNOWN, +0, 0, B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING, /* tags 16-19 */ +B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING, /* tags 20-22 */ +B_ASN1_UTCTIME, B_ASN1_GENERALIZEDTIME, /* tags 23-24 */ +B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING, /* tags 25-27 */ +B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_BMPSTRING,B_ASN1_UNKNOWN, /* tags 28-31 */ }; +unsigned long ASN1_tag2bit(int tag) +{ + if((tag < 0) || (tag > 30)) return 0; + return tag2bit[tag]; +} + static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c); /* type is a 'bitmap' of acceptable string types. */ diff --git a/crypto/asn1/a_dup.c b/crypto/asn1/a_dup.c index c3bda58a5d..60e2e9a0a0 100644 --- a/crypto/asn1/a_dup.c +++ b/crypto/asn1/a_dup.c @@ -58,7 +58,7 @@ #include <stdio.h> #include "cryptlib.h" -#include <openssl/asn1_mac.h> +#include <openssl/asn1.h> #define READ_CHUNK 2048 diff --git a/crypto/asn1/a_enum.c b/crypto/asn1/a_enum.c index 1428d1df7a..b507c5ee44 100644 --- a/crypto/asn1/a_enum.c +++ b/crypto/asn1/a_enum.c @@ -65,60 +65,6 @@ * for comments on encoding see a_int.c */ -ASN1_ENUMERATED *ASN1_ENUMERATED_new(void) -{ return M_ASN1_ENUMERATED_new(); } - -void ASN1_ENUMERATED_free(ASN1_ENUMERATED *x) -{ M_ASN1_ENUMERATED_free(x); } - - -int i2d_ASN1_ENUMERATED(ASN1_ENUMERATED *a, unsigned char **pp) -{ - int len, ret; - if(!a) return 0; - len = i2c_ASN1_INTEGER(a, NULL); - ret=ASN1_object_size(0,len,V_ASN1_ENUMERATED); - if(pp) { - ASN1_put_object(pp,0,len,V_ASN1_ENUMERATED,V_ASN1_UNIVERSAL); - i2c_ASN1_INTEGER(a, pp); - } - return ret; -} - -ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a, unsigned char **pp, - long length) -{ - unsigned char *p; - long len; - int i; - int inf,tag,xclass; - ASN1_ENUMERATED *ret; - - p= *pp; - inf=ASN1_get_object(&p,&len,&tag,&xclass,length); - if (inf & 0x80) - { - i=ASN1_R_BAD_OBJECT_HEADER; - goto err; - } - - if (tag != V_ASN1_ENUMERATED) - { - i=ASN1_R_EXPECTING_AN_ENUMERATED; - goto err; - } - ret = c2i_ASN1_INTEGER(a, &p, len); - if(ret) { - ret->type = (V_ASN1_NEG & ret->type) | V_ASN1_ENUMERATED; - *pp = p; - } - return ret; -err: - ASN1err(ASN1_F_D2I_ASN1_ENUMERATED,i); - return(NULL); - -} - int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v) { int i,j,k; diff --git a/crypto/asn1/a_gentm.c b/crypto/asn1/a_gentm.c index 314479a03d..d71c190c77 100644 --- a/crypto/asn1/a_gentm.c +++ b/crypto/asn1/a_gentm.c @@ -63,11 +63,7 @@ #include "cryptlib.h" #include <openssl/asn1.h> -ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_new(void) -{ return M_ASN1_GENERALIZEDTIME_new(); } - -void ASN1_GENERALIZEDTIME_free(ASN1_GENERALIZEDTIME *x) -{ M_ASN1_GENERALIZEDTIME_free(x); } +#if 0 int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **pp) { @@ -116,6 +112,8 @@ err: return(NULL); } +#endif + int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d) { static int min[9]={ 0, 0, 1, 1, 0, 0, 0, 0, 0}; diff --git a/crypto/asn1/a_i2d_fp.c b/crypto/asn1/a_i2d_fp.c index aee29a7790..7b64a5704d 100644 --- a/crypto/asn1/a_i2d_fp.c +++ b/crypto/asn1/a_i2d_fp.c @@ -59,7 +59,7 @@ #include <stdio.h> #include "cryptlib.h" #include <openssl/buffer.h> -#include <openssl/asn1_mac.h> +#include <openssl/asn1.h> #ifndef NO_FP_API int ASN1_i2d_fp(int (*i2d)(), FILE *out, unsigned char *x) diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c index 6f0413f885..c18376be48 100644 --- a/crypto/asn1/a_int.c +++ b/crypto/asn1/a_int.c @@ -60,33 +60,12 @@ #include "cryptlib.h" #include <openssl/asn1.h> -ASN1_INTEGER *ASN1_INTEGER_new(void) -{ return M_ASN1_INTEGER_new();} - -void ASN1_INTEGER_free(ASN1_INTEGER *x) -{ M_ASN1_INTEGER_free(x);} - ASN1_INTEGER *ASN1_INTEGER_dup(ASN1_INTEGER *x) { return M_ASN1_INTEGER_dup(x);} int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y) { return M_ASN1_INTEGER_cmp(x,y);} -/* Output ASN1 INTEGER including tag+length */ - -int i2d_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp) -{ - int len, ret; - if(!a) return 0; - len = i2c_ASN1_INTEGER(a, NULL); - ret=ASN1_object_size(0,len,V_ASN1_INTEGER); - if(pp) { - ASN1_put_object(pp,0,len,V_ASN1_INTEGER,V_ASN1_UNIVERSAL); - i2c_ASN1_INTEGER(a, pp); - } - return ret; -} - /* * This converts an ASN1 INTEGER into its content encoding. * The internal representation is an ASN1_STRING whose data is a big endian @@ -174,39 +153,6 @@ int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp) return(ret); } -/* Convert DER encoded ASN1 INTEGER to ASN1_INTEGER structure */ -ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp, - long length) -{ - unsigned char *p; - long len; - int i; - int inf,tag,xclass; - ASN1_INTEGER *ret; - - p= *pp; - inf=ASN1_get_object(&p,&len,&tag,&xclass,length); - if (inf & 0x80) - { - i=ASN1_R_BAD_OBJECT_HEADER; - goto err; - } - - if (tag != V_ASN1_INTEGER) - { - i=ASN1_R_EXPECTING_AN_INTEGER; - goto err; - } - ret = c2i_ASN1_INTEGER(a, &p, len); - if(ret) *pp = p; - return ret; -err: - ASN1err(ASN1_F_D2I_ASN1_INTEGER,i); - return(NULL); - -} - - /* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp, diff --git a/crypto/asn1/a_octet.c b/crypto/asn1/a_octet.c index 2586f4327d..9690bae0f1 100644 --- a/crypto/asn1/a_octet.c +++ b/crypto/asn1/a_octet.c @@ -60,12 +60,6 @@ #include "cryptlib.h" #include <openssl/asn1.h> -ASN1_OCTET_STRING *ASN1_OCTET_STRING_new(void) -{ return M_ASN1_OCTET_STRING_new(); } - -void ASN1_OCTET_STRING_free(ASN1_OCTET_STRING *x) -{ M_ASN1_OCTET_STRING_free(x); } - ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *x) { return M_ASN1_OCTET_STRING_dup(x); } @@ -75,21 +69,3 @@ int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b) int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, unsigned char *d, int len) { return M_ASN1_OCTET_STRING_set(x, d, len); } -int i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a, unsigned char **pp) -{ return M_i2d_ASN1_OCTET_STRING(a, pp); } - -ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a, - unsigned char **pp, long length) - { - ASN1_OCTET_STRING *ret=NULL; - - ret=(ASN1_OCTET_STRING *)d2i_ASN1_bytes((ASN1_STRING **)a, - pp,length,V_ASN1_OCTET_STRING,V_ASN1_UNIVERSAL); - if (ret == NULL) - { - ASN1err(ASN1_F_D2I_ASN1_OCTET_STRING,ERR_R_NESTED_ASN1_ERROR); - return(NULL); - } - return(ret); - } - diff --git a/crypto/asn1/a_print.c b/crypto/asn1/a_print.c index b7bd2bd18a..8035513f04 100644 --- a/crypto/asn1/a_print.c +++ b/crypto/asn1/a_print.c @@ -60,50 +60,6 @@ #include "cryptlib.h" #include <openssl/asn1.h> -ASN1_IA5STRING *ASN1_IA5STRING_new(void) -{ return M_ASN1_IA5STRING_new();} - -void ASN1_IA5STRING_free(ASN1_IA5STRING *x) -{ M_ASN1_IA5STRING_free(x);} - -int i2d_ASN1_IA5STRING(ASN1_IA5STRING *a, unsigned char **pp) - { return(M_i2d_ASN1_IA5STRING(a,pp)); } - -ASN1_IA5STRING *d2i_ASN1_IA5STRING(ASN1_IA5STRING **a, unsigned char **pp, - long l) - { return(M_d2i_ASN1_IA5STRING(a,pp,l)); } - -ASN1_T61STRING *ASN1_T61STRING_new(void) -{ return M_ASN1_T61STRING_new();} - -void ASN1_T61STRING_free(ASN1_T61STRING *x) -{ M_ASN1_T61STRING_free(x);} - -ASN1_T61STRING *d2i_ASN1_T61STRING(ASN1_T61STRING **a, unsigned char **pp, - long l) - { return(M_d2i_ASN1_T61STRING(a,pp,l)); } - -ASN1_PRINTABLESTRING *ASN1_PRINTABLESTRING_new(void) -{ return M_ASN1_PRINTABLESTRING_new();} - -void ASN1_PRINTABLESTRING_free(ASN1_PRINTABLESTRING *x) -{ M_ASN1_PRINTABLESTRING_free(x);} - -ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a, - unsigned char **pp, long l) - { return(M_d2i_ASN1_PRINTABLESTRING(a,pp, - l)); } - -int i2d_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING *a, unsigned char **pp) - { return(M_i2d_ASN1_PRINTABLESTRING(a,pp)); } - -int i2d_ASN1_PRINTABLE(ASN1_STRING *a, unsigned char **pp) - { return(M_i2d_ASN1_PRINTABLE(a,pp)); } - -ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a, unsigned char **pp, - long l) - { return(M_d2i_ASN1_PRINTABLE(a,pp,l)); } - int ASN1_PRINTABLE_type(unsigned char *s, int len) { int c; @@ -169,29 +125,3 @@ int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s) s->type=ASN1_PRINTABLE_type(s->data,s->length); return(1); } - -ASN1_STRING *DIRECTORYSTRING_new(void) -{ return M_DIRECTORYSTRING_new();} - -void DIRECTORYSTRING_free(ASN1_STRING *x) -{ M_DIRECTORYSTRING_free(x);} - -int i2d_DIRECTORYSTRING(ASN1_STRING *a, unsigned char **pp) - { return(M_i2d_DIRECTORYSTRING(a,pp)); } - -ASN1_STRING *d2i_DIRECTORYSTRING(ASN1_STRING **a, unsigned char **pp, - long l) - { return(M_d2i_DIRECTORYSTRING(a,pp,l)); } - -ASN1_STRING *DISPLAYTEXT_new(void) -{ return M_DISPLAYTEXT_new();} - -void DISPLAYTEXT_free(ASN1_STRING *x) -{ M_DISPLAYTEXT_free(x);} - -int i2d_DISPLAYTEXT(ASN1_STRING *a, unsigned char **pp) - { return(M_i2d_DISPLAYTEXT(a,pp)); } - -ASN1_STRING *d2i_DISPLAYTEXT(ASN1_STRING **a, unsigned char **pp, - long l) - { return(M_d2i_DISPLAYTEXT(a,pp,l)); } diff --git a/crypto/asn1/a_time.c b/crypto/asn1/a_time.c index 8c0ddee4ac..edc4929c36 100644 --- a/crypto/asn1/a_time.c +++ b/crypto/asn1/a_time.c @@ -64,14 +64,13 @@ #include <stdio.h> #include <time.h> #include "cryptlib.h" -#include <openssl/asn1.h> +#include <openssl/asn1t.h> -ASN1_TIME *ASN1_TIME_new(void) -{ return M_ASN1_TIME_new(); } +IMPLEMENT_ASN1_MSTRING(ASN1_TIME, B_ASN1_TIME) -void ASN1_TIME_free(ASN1_TIME *x) -{ M_ASN1_TIME_free(x); } +IMPLEMENT_ASN1_FUNCTIONS(ASN1_TIME) +#if 0 int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp) { #ifdef CHARSET_EBCDIC @@ -95,19 +94,7 @@ int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp) ASN1err(ASN1_F_I2D_ASN1_TIME,ASN1_R_EXPECTING_A_TIME); return -1; } - - -ASN1_TIME *d2i_ASN1_TIME(ASN1_TIME **a, unsigned char **pp, long length) - { - unsigned char tag; - tag = **pp & ~V_ASN1_CONSTRUCTED; - if(tag == (V_ASN1_UTCTIME|V_ASN1_UNIVERSAL)) - return d2i_ASN1_UTCTIME(a, pp, length); - if(tag == (V_ASN1_GENERALIZEDTIME|V_ASN1_UNIVERSAL)) - return d2i_ASN1_GENERALIZEDTIME(a, pp, length); - ASN1err(ASN1_F_D2I_ASN1_TIME,ASN1_R_EXPECTING_A_TIME); - return(NULL); - } +#endif ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t) diff --git a/crypto/asn1/a_type.c b/crypto/asn1/a_type.c index e72a6b29e0..96e111cf23 100644 --- a/crypto/asn1/a_type.c +++ b/crypto/asn1/a_type.c @@ -57,236 +57,8 @@ */ #include <stdio.h> +#include <openssl/asn1t.h> #include "cryptlib.h" -#include <openssl/asn1_mac.h> - -static void ASN1_TYPE_component_free(ASN1_TYPE *a); -int i2d_ASN1_TYPE(ASN1_TYPE *a, unsigned char **pp) - { - int r=0; - - if (a == NULL) return(0); - - switch (a->type) - { - case V_ASN1_NULL: - if (pp != NULL) - ASN1_put_object(pp,0,0,V_ASN1_NULL,V_ASN1_UNIVERSAL); - r=2; - break; - case V_ASN1_INTEGER: - case V_ASN1_NEG_INTEGER: - r=i2d_ASN1_INTEGER(a->value.integer,pp); - break; - case V_ASN1_ENUMERATED: - case V_ASN1_NEG_ENUMERATED: - r=i2d_ASN1_ENUMERATED(a->value.enumerated,pp); - break; - case V_ASN1_BIT_STRING: - r=i2d_ASN1_BIT_STRING(a->value.bit_string,pp); - break; - case V_ASN1_OCTET_STRING: - r=i2d_ASN1_OCTET_STRING(a->value.octet_string,pp); - break; - case V_ASN1_OBJECT: - r=i2d_ASN1_OBJECT(a->value.object,pp); - break; - case V_ASN1_PRINTABLESTRING: - r=M_i2d_ASN1_PRINTABLESTRING(a->value.printablestring,pp); - break; - case V_ASN1_T61STRING: - r=M_i2d_ASN1_T61STRING(a->value.t61string,pp); - break; - case V_ASN1_IA5STRING: - r=M_i2d_ASN1_IA5STRING(a->value.ia5string,pp); - break; - case V_ASN1_GENERALSTRING: - r=M_i2d_ASN1_GENERALSTRING(a->value.generalstring,pp); - break; - case V_ASN1_UNIVERSALSTRING: - r=M_i2d_ASN1_UNIVERSALSTRING(a->value.universalstring,pp); - break; - case V_ASN1_UTF8STRING: - r=M_i2d_ASN1_UTF8STRING(a->value.utf8string,pp); - break; - case V_ASN1_VISIBLESTRING: - r=M_i2d_ASN1_VISIBLESTRING(a->value.visiblestring,pp); - break; - case V_ASN1_BMPSTRING: - r=M_i2d_ASN1_BMPSTRING(a->value.bmpstring,pp); - break; - case V_ASN1_UTCTIME: - r=i2d_ASN1_UTCTIME(a->value.utctime,pp); - break; - case V_ASN1_GENERALIZEDTIME: - r=i2d_ASN1_GENERALIZEDTIME(a->value.generalizedtime,pp); - break; - case V_ASN1_SET: - case V_ASN1_SEQUENCE: - case V_ASN1_OTHER: - default: - if (a->value.set == NULL) - r=0; - else - { - r=a->value.set->length; - if (pp != NULL) - { - memcpy(*pp,a->value.set->data,r); - *pp+=r; - } - } - break; - } - return(r); - } - -ASN1_TYPE *d2i_ASN1_TYPE(ASN1_TYPE **a, unsigned char **pp, long length) - { - ASN1_TYPE *ret=NULL; - unsigned char *q,*p,*max; - int inf,tag,xclass; - long len; - - if ((a == NULL) || ((*a) == NULL)) - { - if ((ret=ASN1_TYPE_new()) == NULL) goto err; - } - else - ret=(*a); - - p= *pp; - q=p; - max=(p+length); - - inf=ASN1_get_object(&q,&len,&tag,&xclass,length); - if (inf & 0x80) goto err; - /* If not universal tag we've no idea what it is */ - if(xclass != V_ASN1_UNIVERSAL) tag = V_ASN1_OTHER; - - ASN1_TYPE_component_free(ret); - - switch (tag) - { - case V_ASN1_NULL: - p=q; - ret->value.ptr=NULL; - break; - case V_ASN1_INTEGER: - if ((ret->value.integer= - d2i_ASN1_INTEGER(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_ENUMERATED: - if ((ret->value.enumerated= - d2i_ASN1_ENUMERATED(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_BIT_STRING: - if ((ret->value.bit_string= - d2i_ASN1_BIT_STRING(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_OCTET_STRING: - if ((ret->value.octet_string= - d2i_ASN1_OCTET_STRING(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_VISIBLESTRING: - if ((ret->value.visiblestring= - d2i_ASN1_VISIBLESTRING(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_UTF8STRING: - if ((ret->value.utf8string= - d2i_ASN1_UTF8STRING(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_OBJECT: - if ((ret->value.object= - d2i_ASN1_OBJECT(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_PRINTABLESTRING: - if ((ret->value.printablestring= - d2i_ASN1_PRINTABLESTRING(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_T61STRING: - if ((ret->value.t61string= - M_d2i_ASN1_T61STRING(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_IA5STRING: - if ((ret->value.ia5string= - M_d2i_ASN1_IA5STRING(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_GENERALSTRING: - if ((ret->value.generalstring= - M_d2i_ASN1_GENERALSTRING(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_UNIVERSALSTRING: - if ((ret->value.universalstring= - M_d2i_ASN1_UNIVERSALSTRING(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_BMPSTRING: - if ((ret->value.bmpstring= - M_d2i_ASN1_BMPSTRING(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_UTCTIME: - if ((ret->value.utctime= - d2i_ASN1_UTCTIME(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_GENERALIZEDTIME: - if ((ret->value.generalizedtime= - d2i_ASN1_GENERALIZEDTIME(NULL,&p,max-p)) == NULL) - goto err; - break; - case V_ASN1_SET: - case V_ASN1_SEQUENCE: - case V_ASN1_OTHER: - default: - /* Sets and sequences are left complete */ - if ((ret->value.set=ASN1_STRING_new()) == NULL) goto err; - ret->value.set->type=tag; - len+=(q-p); - if (!ASN1_STRING_set(ret->value.set,p,(int)len)) goto err; - p+=len; - break; - } - - ret->type=tag; - if (a != NULL) (*a)=ret; - *pp=p; - return(ret); -err: - if ((ret != NULL) && ((a == NULL) || (*a != ret))) ASN1_TYPE_free(ret); - return(NULL); - } - -ASN1_TYPE *ASN1_TYPE_new(void) - { - ASN1_TYPE *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,ASN1_TYPE); - ret->type= -1; - ret->value.ptr=NULL; - return(ret); - M_ASN1_New_Error(ASN1_F_ASN1_TYPE_NEW); - } - -void ASN1_TYPE_free(ASN1_TYPE *a) - { - if (a == NULL) return; - ASN1_TYPE_component_free(a); - OPENSSL_free(a); - } int ASN1_TYPE_get(ASN1_TYPE *a) { @@ -299,54 +71,11 @@ int ASN1_TYPE_get(ASN1_TYPE *a) void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value) { if (a->value.ptr != NULL) - ASN1_TYPE_component_free(a); + ASN1_primitive_free((ASN1_VALUE **)&a, NULL); a->type=type; a->value.ptr=value; } -static void ASN1_TYPE_component_free(ASN1_TYPE *a) - { - if (a == NULL) return; - - if (a->value.ptr != NULL) - { - switch (a->type) - { - case V_ASN1_OBJECT: - ASN1_OBJECT_free(a->value.object); - break; - case V_ASN1_NULL: - break; - case V_ASN1_INTEGER: - case V_ASN1_NEG_INTEGER: - case V_ASN1_ENUMERATED: - case V_ASN1_NEG_ENUMERATED: - case V_ASN1_BIT_STRING: - case V_ASN1_OCTET_STRING: - case V_ASN1_SEQUENCE: - case V_ASN1_SET: - case V_ASN1_NUMERICSTRING: - case V_ASN1_PRINTABLESTRING: - case V_ASN1_T61STRING: - case V_ASN1_VIDEOTEXSTRING: - case V_ASN1_IA5STRING: - case V_ASN1_UTCTIME: - case V_ASN1_GENERALIZEDTIME: - case V_ASN1_GRAPHICSTRING: - case V_ASN1_VISIBLESTRING: - case V_ASN1_GENERALSTRING: - case V_ASN1_UNIVERSALSTRING: - case V_ASN1_BMPSTRING: - case V_ASN1_UTF8STRING: - case V_ASN1_OTHER: - default: - ASN1_STRING_free((ASN1_STRING *)a->value.ptr); - break; - } - a->type=0; - a->value.ptr=NULL; - } - } IMPLEMENT_STACK_OF(ASN1_TYPE) IMPLEMENT_ASN1_SET_OF(ASN1_TYPE) diff --git a/crypto/asn1/a_utctm.c b/crypto/asn1/a_utctm.c index d381c9e0d1..6ddeaff0ec 100644 --- a/crypto/asn1/a_utctm.c +++ b/crypto/asn1/a_utctm.c @@ -66,12 +66,7 @@ #include "cryptlib.h" #include <openssl/asn1.h> -ASN1_UTCTIME *ASN1_UTCTIME_new(void) -{ return M_ASN1_UTCTIME_new(); } - -void ASN1_UTCTIME_free(ASN1_UTCTIME *x) -{ M_ASN1_UTCTIME_free(x); } - +#if 0 int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **pp) { #ifndef CHARSET_EBCDIC @@ -119,6 +114,8 @@ err: return(NULL); } +#endif + int ASN1_UTCTIME_check(ASN1_UTCTIME *d) { static int min[8]={ 0, 1, 1, 0, 0, 0, 0, 0}; diff --git a/crypto/asn1/a_utf8.c b/crypto/asn1/a_utf8.c index 854278f136..508e11e527 100644 --- a/crypto/asn1/a_utf8.c +++ b/crypto/asn1/a_utf8.c @@ -60,33 +60,6 @@ #include "cryptlib.h" #include <openssl/asn1.h> -ASN1_UTF8STRING *ASN1_UTF8STRING_new(void) -{ return M_ASN1_UTF8STRING_new();} - -void ASN1_UTF8STRING_free(ASN1_UTF8STRING *x) -{ M_ASN1_UTF8STRING_free(x);} - -int i2d_ASN1_UTF8STRING(ASN1_UTF8STRING *a, unsigned char **pp) - { - return(i2d_ASN1_bytes((ASN1_STRING *)a,pp, - V_ASN1_UTF8STRING,V_ASN1_UNIVERSAL)); - } - -ASN1_UTF8STRING *d2i_ASN1_UTF8STRING(ASN1_UTF8STRING **a, unsigned char **pp, - long length) - { - ASN1_UTF8STRING *ret=NULL; - - ret=(ASN1_UTF8STRING *)d2i_ASN1_bytes((ASN1_STRING **)a, - pp,length,V_ASN1_UTF8STRING,V_ASN1_UNIVERSAL); - if (ret == NULL) - { - ASN1err(ASN1_F_D2I_ASN1_UTF8STRING,ERR_R_NESTED_ASN1_ERROR); - return(NULL); - } - return(ret); - } - /* UTF8 utilities */ diff --git a/crypto/asn1/a_vis.c b/crypto/asn1/a_vis.c deleted file mode 100644 index 5cfc080bec..0000000000 --- a/crypto/asn1/a_vis.c +++ /dev/null @@ -1,89 +0,0 @@ -/* crypto/asn1/a_vis.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/asn1.h> - -ASN1_VISIBLESTRING *ASN1_VISIBLESTRING_new(void) -{ return M_ASN1_VISIBLESTRING_new(); } - -void ASN1_VISIBLESTRING_free(ASN1_VISIBLESTRING *x) -{ M_ASN1_VISIBLESTRING_free(x); } - -int i2d_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING *a, unsigned char **pp) - { - return(i2d_ASN1_bytes((ASN1_STRING *)a,pp, - V_ASN1_VISIBLESTRING,V_ASN1_UNIVERSAL)); - } - -ASN1_VISIBLESTRING *d2i_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING **a, - unsigned char **pp, long length) - { - ASN1_VISIBLESTRING *ret=NULL; - - ret=(ASN1_VISIBLESTRING *)d2i_ASN1_bytes((ASN1_STRING **)a, - pp,length,V_ASN1_VISIBLESTRING,V_ASN1_UNIVERSAL); - if (ret == NULL) - { - ASN1err(ASN1_F_D2I_ASN1_VISIBLESTRING,ERR_R_NESTED_ASN1_ERROR); - return(NULL); - } - return(ret); - } - diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h index 3daf4e483a..a068035947 100644 --- a/crypto/asn1/asn1.h +++ b/crypto/asn1/asn1.h @@ -84,6 +84,7 @@ extern "C" { #define V_ASN1_APP_CHOOSE -2 /* let the recipient choose */ #define V_ASN1_OTHER -3 /* used in ASN1_TYPE */ +#define V_ASN1_ANY -4 /* used in ASN1 template code */ #define V_ASN1_NEG 0x100 /* negative flag */ @@ -136,6 +137,8 @@ extern "C" { #define B_ASN1_BMPSTRING 0x0800 #define B_ASN1_UNKNOWN 0x1000 #define B_ASN1_UTF8STRING 0x2000 +#define B_ASN1_UTCTIME 0x4000 +#define B_ASN1_GENERALIZEDTIME 0x8000 /* For use with ASN1_mbstring_copy() */ #define MBSTRING_FLAG 0x1000 @@ -193,6 +196,21 @@ typedef struct asn1_string_st long flags; } ASN1_STRING; +/* ASN1_ENCODING structure: this is used to save the received + * encoding of an ASN1 type. This is useful to get round + * problems with invalid encodings which can break signatures. + */ + +typedef struct ASN1_ENCODING_st + { + unsigned char *enc; /* DER encoding */ + long len; /* Length of encoding */ + int modified; /* set to 1 if 'enc' is invalid */ + } ASN1_ENCODING; + +/* Used with ASN1 LONG type: if a long is set to this it is omitted */ +#define ASN1_LONG_UNDEF 0x7fffffffL + #define STABLE_FLAGS_MALLOC 0x01 #define STABLE_NO_MASK 0x02 #define DIRSTRING_TYPE \ @@ -237,6 +255,7 @@ DECLARE_STACK_OF(ASN1_STRING_TABLE) #define ASN1_VISIBLESTRING ASN1_STRING #define ASN1_UTF8STRING ASN1_STRING #define ASN1_BOOLEAN int +#define ASN1_NULL int #else typedef struct asn1_string_st ASN1_INTEGER; typedef struct asn1_string_st ASN1_ENUMERATED; @@ -254,9 +273,40 @@ typedef struct asn1_string_st ASN1_GENERALIZEDTIME; typedef struct asn1_string_st ASN1_VISIBLESTRING; typedef struct asn1_string_st ASN1_UTF8STRING; typedef int ASN1_BOOLEAN; +typedef int ASN1_NULL; #endif -typedef int ASN1_NULL; +/* Declarations for template structures: for full definitions + * see asn1t.h + */ +typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE; +typedef struct ASN1_ITEM_st ASN1_ITEM; +typedef struct ASN1_TLC_st ASN1_TLC; +/* This is just an opaque pointer */ +typedef struct ASN1_VALUE_st ASN1_VALUE; + +/* Declare ASN1 functions: the implement macro in in asn1t.h */ + +#define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type) + +#define DECLARE_ASN1_FUNCTIONS_name(type, name) \ + type *name##_new(void); \ + void name##_free(type *a); \ + DECLARE_ASN1_ENCODE_FUNCTIONS(type, name) + +#define DECLARE_ASN1_ENCODE_FUNCTIONS(type, name) \ + type *d2i_##name(type **a, unsigned char **in, long len); \ + int i2d_##name(type *a, unsigned char **out); \ + extern const ASN1_ITEM name##_it; + +#define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \ + type *d2i_##name(type **a, const unsigned char **in, long len); \ + int i2d_##name(const type *a, unsigned char **out); \ + extern const ASN1_ITEM name##_it; + +#define DECLARE_ASN1_FUNCTIONS_const(name) \ + name *name##_new(void); \ + void name##_free(name *a); /* Parameters used by ASN1_STRING_print_ex() */ @@ -438,12 +488,11 @@ typedef struct BIT_STRING_BITNAME_st { i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_OCTET_STRING,\ V_ASN1_UNIVERSAL) -#define M_ASN1_PRINTABLE_new() ASN1_STRING_type_new(V_ASN1_T61STRING) -#define M_ASN1_PRINTABLE_free(a) ASN1_STRING_free((ASN1_STRING *)a) -#define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\ - pp,a->type,V_ASN1_UNIVERSAL) -#define M_d2i_ASN1_PRINTABLE(a,pp,l) \ - d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \ +#define B_ASN1_TIME \ + B_ASN1_UTCTIME | \ + B_ASN1_GENERALIZEDTIME + +#define B_ASN1_PRINTABLE \ B_ASN1_PRINTABLESTRING| \ B_ASN1_T61STRING| \ B_ASN1_IA5STRING| \ @@ -451,7 +500,28 @@ typedef struct BIT_STRING_BITNAME_st { B_ASN1_UNIVERSALSTRING|\ B_ASN1_BMPSTRING|\ B_ASN1_UTF8STRING|\ - B_ASN1_UNKNOWN) + B_ASN1_UNKNOWN + +#define B_ASN1_DIRECTORYSTRING \ + B_ASN1_PRINTABLESTRING| \ + B_ASN1_TELETEXSTRING|\ + B_ASN1_BMPSTRING|\ + B_ASN1_UNIVERSALSTRING|\ + B_ASN1_UTF8STRING + +#define B_ASN1_DISPLAYTEXT \ + B_ASN1_IA5STRING| \ + B_ASN1_VISIBLESTRING| \ + B_ASN1_BMPSTRING|\ + B_ASN1_UTF8STRING + +#define M_ASN1_PRINTABLE_new() ASN1_STRING_type_new(V_ASN1_T61STRING) +#define M_ASN1_PRINTABLE_free(a) ASN1_STRING_free((ASN1_STRING *)a) +#define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\ + pp,a->type,V_ASN1_UNIVERSAL) +#define M_d2i_ASN1_PRINTABLE(a,pp,l) \ + d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \ + B_ASN1_PRINTABLE) #define M_DIRECTORYSTRING_new() ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING) #define M_DIRECTORYSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) @@ -459,11 +529,7 @@ typedef struct BIT_STRING_BITNAME_st { pp,a->type,V_ASN1_UNIVERSAL) #define M_d2i_DIRECTORYSTRING(a,pp,l) \ d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \ - B_ASN1_PRINTABLESTRING| \ - B_ASN1_TELETEXSTRING|\ - B_ASN1_BMPSTRING|\ - B_ASN1_UNIVERSALSTRING|\ - B_ASN1_UTF8STRING) + B_ASN1_DIRECTORYSTRING) #define M_DISPLAYTEXT_new() ASN1_STRING_type_new(V_ASN1_VISIBLESTRING) #define M_DISPLAYTEXT_free(a) ASN1_STRING_free((ASN1_STRING *)a) @@ -471,9 +537,7 @@ typedef struct BIT_STRING_BITNAME_st { pp,a->type,V_ASN1_UNIVERSAL) #define M_d2i_DISPLAYTEXT(a,pp,l) \ d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \ - B_ASN1_VISIBLESTRING| \ - B_ASN1_BMPSTRING|\ - B_ASN1_UTF8STRING) + B_ASN1_DISPLAYTEXT) #define M_ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING *)\ ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING) @@ -577,10 +641,8 @@ typedef struct BIT_STRING_BITNAME_st { #define IS_SEQUENCE 0 #define IS_SET 1 -ASN1_TYPE * ASN1_TYPE_new(void ); -void ASN1_TYPE_free(ASN1_TYPE *a); -int i2d_ASN1_TYPE(ASN1_TYPE *a,unsigned char **pp); -ASN1_TYPE * d2i_ASN1_TYPE(ASN1_TYPE **a,unsigned char **pp,long length); +DECLARE_ASN1_FUNCTIONS(ASN1_TYPE) + int ASN1_TYPE_get(ASN1_TYPE *a); void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value); @@ -608,12 +670,8 @@ void ASN1_STRING_length_set(ASN1_STRING *x, int n); int ASN1_STRING_type(ASN1_STRING *x); unsigned char * ASN1_STRING_data(ASN1_STRING *x); -ASN1_BIT_STRING * ASN1_BIT_STRING_new(void); -void ASN1_BIT_STRING_free(ASN1_BIT_STRING *a); -int i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp); +DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING) int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp); -ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp, - long length); ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp, long length); int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, @@ -632,12 +690,8 @@ int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value, int i2d_ASN1_BOOLEAN(int a,unsigned char **pp); int d2i_ASN1_BOOLEAN(int *a,unsigned char **pp,long length); -ASN1_INTEGER * ASN1_INTEGER_new(void); -void ASN1_INTEGER_free(ASN1_INTEGER *a); -int i2d_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp); +DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER) int i2c_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp); -ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp, - long length); ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp, long length); ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,unsigned char **pp, @@ -645,11 +699,7 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,unsigned char **pp, ASN1_INTEGER * ASN1_INTEGER_dup(ASN1_INTEGER *x); int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y); -ASN1_ENUMERATED * ASN1_ENUMERATED_new(void); -void ASN1_ENUMERATED_free(ASN1_ENUMERATED *a); -int i2d_ASN1_ENUMERATED(ASN1_ENUMERATED *a,unsigned char **pp); -ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a,unsigned char **pp, - long length); +DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED) int ASN1_UTCTIME_check(ASN1_UTCTIME *a); ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t); @@ -663,90 +713,30 @@ int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *a); ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t); int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str); -ASN1_OCTET_STRING * ASN1_OCTET_STRING_new(void); -void ASN1_OCTET_STRING_free(ASN1_OCTET_STRING *a); -int i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a,unsigned char **pp); -ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a, - unsigned char **pp,long length); +DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING) ASN1_OCTET_STRING * ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *a); int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b); int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, unsigned char *data, int len); -ASN1_VISIBLESTRING * ASN1_VISIBLESTRING_new(void); -void ASN1_VISIBLESTRING_free(ASN1_VISIBLESTRING *a); -int i2d_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING *a,unsigned char **pp); -ASN1_VISIBLESTRING *d2i_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING **a, - unsigned char **pp,long length); - -ASN1_UTF8STRING * ASN1_UTF8STRING_new(void); -void ASN1_UTF8STRING_free(ASN1_UTF8STRING *a); -int i2d_ASN1_UTF8STRING(ASN1_UTF8STRING *a,unsigned char **pp); -ASN1_UTF8STRING *d2i_ASN1_UTF8STRING(ASN1_UTF8STRING **a, - unsigned char **pp,long length); - -ASN1_NULL * ASN1_NULL_new(void); -void ASN1_NULL_free(ASN1_NULL *a); -int i2d_ASN1_NULL(ASN1_NULL *a,unsigned char **pp); -ASN1_NULL *d2i_ASN1_NULL(ASN1_NULL **a, unsigned char **pp,long length); - -ASN1_BMPSTRING * ASN1_BMPSTRING_new(void); -void ASN1_BMPSTRING_free(ASN1_BMPSTRING *a); -int i2d_ASN1_BMPSTRING(ASN1_BMPSTRING *a, unsigned char **pp); -ASN1_BMPSTRING *d2i_ASN1_BMPSTRING(ASN1_BMPSTRING **a, unsigned char **pp, - long length); - +DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING) +DECLARE_ASN1_FUNCTIONS(ASN1_UTF8STRING) +DECLARE_ASN1_FUNCTIONS(ASN1_NULL) +DECLARE_ASN1_FUNCTIONS(ASN1_BMPSTRING) int UTF8_getc(const unsigned char *str, int len, unsigned long *val); int UTF8_putc(unsigned char *str, int len, unsigned long value); -int i2d_ASN1_PRINTABLE(ASN1_STRING *a,unsigned char **pp); -ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a, - unsigned char **pp, long l); - -ASN1_PRINTABLESTRING * ASN1_PRINTABLESTRING_new(void); -void ASN1_PRINTABLESTRING_free(ASN1_PRINTABLESTRING *a); -ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a, - unsigned char **pp, long l); -int i2d_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING *a, unsigned char **pp); - -ASN1_STRING * DIRECTORYSTRING_new(void); -void DIRECTORYSTRING_free(ASN1_STRING *a); -int i2d_DIRECTORYSTRING(ASN1_STRING *a,unsigned char **pp); -ASN1_STRING *d2i_DIRECTORYSTRING(ASN1_STRING **a, unsigned char **pp, - long length); - -ASN1_STRING * DISPLAYTEXT_new(void); -void DISPLAYTEXT_free(ASN1_STRING *a); -int i2d_DISPLAYTEXT(ASN1_STRING *a,unsigned char **pp); -ASN1_STRING *d2i_DISPLAYTEXT(ASN1_STRING **a, unsigned char **pp, long length); - -ASN1_T61STRING * ASN1_T61STRING_new(void); -void ASN1_T61STRING_free(ASN1_IA5STRING *a); -ASN1_T61STRING *d2i_ASN1_T61STRING(ASN1_T61STRING **a, - unsigned char **pp, long l); - -ASN1_IA5STRING * ASN1_IA5STRING_new(void); -void ASN1_IA5STRING_free(ASN1_IA5STRING *a); -int i2d_ASN1_IA5STRING(ASN1_IA5STRING *a,unsigned char **pp); -ASN1_IA5STRING *d2i_ASN1_IA5STRING(ASN1_IA5STRING **a, - unsigned char **pp, long l); - -ASN1_UTCTIME * ASN1_UTCTIME_new(void); -void ASN1_UTCTIME_free(ASN1_UTCTIME *a); -int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a,unsigned char **pp); -ASN1_UTCTIME * d2i_ASN1_UTCTIME(ASN1_UTCTIME **a,unsigned char **pp, - long length); +DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE) -ASN1_GENERALIZEDTIME * ASN1_GENERALIZEDTIME_new(void); -void ASN1_GENERALIZEDTIME_free(ASN1_GENERALIZEDTIME *a); -int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a,unsigned char **pp); -ASN1_GENERALIZEDTIME * d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a,unsigned char **pp, - long length); +DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING) +DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT) +DECLARE_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING) +DECLARE_ASN1_FUNCTIONS(ASN1_T61STRING) +DECLARE_ASN1_FUNCTIONS(ASN1_IA5STRING) +DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME) +DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME) +DECLARE_ASN1_FUNCTIONS(ASN1_TIME) -ASN1_TIME * ASN1_TIME_new(void); -void ASN1_TIME_free(ASN1_TIME *a); -int i2d_ASN1_TIME(ASN1_TIME *a,unsigned char **pp); -ASN1_TIME * d2i_ASN1_TIME(ASN1_TIME **a,unsigned char **pp, long length); ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s,time_t t); int i2d_ASN1_SET(STACK *a, unsigned char **pp, @@ -787,6 +777,7 @@ int ASN1_PRINTABLE_type(unsigned char *s, int max); int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass); ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp, long length, int Ptag, int Pclass); +unsigned long ASN1_tag2bit(int tag); /* type is one or more of the B_ASN1_ values. */ ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a,unsigned char **pp, long length,int type); @@ -873,6 +864,15 @@ ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid); int ASN1_STRING_TABLE_add(int, long, long, unsigned long, unsigned long); void ASN1_STRING_TABLE_cleanup(void); +/* ASN1 template functions */ + +/* Old API compatible functions */ +ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it); +void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it); +ASN1_VALUE * ASN1_item_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it); +int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); + + /* BEGIN ERROR CODES */ /* The following lines are auto generated by the script mkerr.pl. Any changes * made after this point may be overwritten when the script is next run. @@ -882,297 +882,224 @@ void ASN1_STRING_TABLE_cleanup(void); /* Function codes. */ #define ASN1_F_A2D_ASN1_OBJECT 100 -#define ASN1_F_A2I_ASN1_ENUMERATED 236 -#define ASN1_F_A2I_ASN1_INTEGER 101 -#define ASN1_F_A2I_ASN1_STRING 102 -#define ASN1_F_ACCESS_DESCRIPTION_NEW 291 -#define ASN1_F_ASN1_COLLATE_PRIMITIVE 103 -#define ASN1_F_ASN1_D2I_BIO 104 -#define ASN1_F_ASN1_D2I_FP 105 -#define ASN1_F_ASN1_DUP 106 -#define ASN1_F_ASN1_ENUMERATED_SET 232 -#define ASN1_F_ASN1_ENUMERATED_TO_BN 233 -#define ASN1_F_ASN1_GENERALIZEDTIME_NEW 222 -#define ASN1_F_ASN1_GET_OBJECT 107 -#define ASN1_F_ASN1_HEADER_NEW 108 -#define ASN1_F_ASN1_I2D_BIO 109 -#define ASN1_F_ASN1_I2D_FP 110 -#define ASN1_F_ASN1_INTEGER_SET 111 -#define ASN1_F_ASN1_INTEGER_TO_BN 112 -#define ASN1_F_ASN1_MBSTRING_COPY 282 -#define ASN1_F_ASN1_OBJECT_NEW 113 -#define ASN1_F_ASN1_PACK_STRING 245 -#define ASN1_F_ASN1_PBE_SET 253 -#define ASN1_F_ASN1_SEQ_PACK 246 -#define ASN1_F_ASN1_SEQ_UNPACK 247 -#define ASN1_F_ASN1_SIGN 114 -#define ASN1_F_ASN1_STRING_NEW 115 -#define ASN1_F_ASN1_STRING_TABLE_ADD 283 -#define ASN1_F_ASN1_STRING_TYPE_NEW 116 -#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 117 -#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 118 -#define ASN1_F_ASN1_TYPE_NEW 119 -#define ASN1_F_ASN1_UNPACK_STRING 248 -#define ASN1_F_ASN1_UTCTIME_NEW 120 -#define ASN1_F_ASN1_VERIFY 121 -#define ASN1_F_AUTHORITY_KEYID_NEW 237 -#define ASN1_F_BASIC_CONSTRAINTS_NEW 226 -#define ASN1_F_BN_TO_ASN1_ENUMERATED 234 -#define ASN1_F_BN_TO_ASN1_INTEGER 122 -#define ASN1_F_D2I_ACCESS_DESCRIPTION 284 -#define ASN1_F_D2I_ASN1_BIT_STRING 123 -#define ASN1_F_D2I_ASN1_BMPSTRING 124 -#define ASN1_F_D2I_ASN1_BOOLEAN 125 -#define ASN1_F_D2I_ASN1_BYTES 126 -#define ASN1_F_D2I_ASN1_ENUMERATED 235 -#define ASN1_F_D2I_ASN1_GENERALIZEDTIME 223 -#define ASN1_F_D2I_ASN1_HEADER 127 -#define ASN1_F_D2I_ASN1_INTEGER 128 -#define ASN1_F_D2I_ASN1_NULL 292 -#define ASN1_F_D2I_ASN1_OBJECT 129 -#define ASN1_F_D2I_ASN1_OCTET_STRING 130 -#define ASN1_F_D2I_ASN1_PRINT_TYPE 131 -#define ASN1_F_D2I_ASN1_SET 132 -#define ASN1_F_D2I_ASN1_TIME 224 -#define ASN1_F_D2I_ASN1_TYPE 133 -#define ASN1_F_D2I_ASN1_TYPE_BYTES 134 -#define ASN1_F_D2I_ASN1_UINTEGER 280 -#define ASN1_F_D2I_ASN1_UTCTIME 135 -#define ASN1_F_D2I_ASN1_UTF8STRING 266 -#define ASN1_F_D2I_ASN1_VISIBLESTRING 267 -#define ASN1_F_D2I_AUTHORITY_KEYID 238 -#define ASN1_F_D2I_BASIC_CONSTRAINTS 227 -#define ASN1_F_D2I_DHPARAMS 136 -#define ASN1_F_D2I_DIST_POINT 276 -#define ASN1_F_D2I_DIST_POINT_NAME 277 -#define ASN1_F_D2I_DSAPARAMS 137 -#define ASN1_F_D2I_DSAPRIVATEKEY 138 -#define ASN1_F_D2I_DSAPUBLICKEY 139 -#define ASN1_F_D2I_GENERAL_NAME 230 -#define ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE 228 -#define ASN1_F_D2I_NETSCAPE_PKEY 140 -#define ASN1_F_D2I_NETSCAPE_RSA 141 -#define ASN1_F_D2I_NETSCAPE_RSA_2 142 -#define ASN1_F_D2I_NETSCAPE_SPKAC 143 -#define ASN1_F_D2I_NETSCAPE_SPKI 144 -#define ASN1_F_D2I_NOTICEREF 268 -#define ASN1_F_D2I_OCSP_BASICRESP 293 -#define ASN1_F_D2I_OCSP_CERTID 294 -#define ASN1_F_D2I_OCSP_CERTSTATUS 295 -#define ASN1_F_D2I_OCSP_CRLID 296 -#define ASN1_F_D2I_OCSP_ONEREQ 297 -#define ASN1_F_D2I_OCSP_REQINFO 298 -#define ASN1_F_D2I_OCSP_REQUEST 299 -#define ASN1_F_D2I_OCSP_RESPBYTES 300 -#define ASN1_F_D2I_OCSP_RESPDATA 301 -#define ASN1_F_D2I_OCSP_RESPID 302 -#define ASN1_F_D2I_OCSP_RESPONSE 303 -#define ASN1_F_D2I_OCSP_REVOKEDINFO 304 -#define ASN1_F_D2I_OCSP_SERVICELOC 305 -#define ASN1_F_D2I_OCSP_SIGNATURE 306 -#define ASN1_F_D2I_OCSP_SINGLERESP 307 -#define ASN1_F_D2I_OTHERNAME 287 -#define ASN1_F_D2I_PBE2PARAM 262 -#define ASN1_F_D2I_PBEPARAM 249 -#define ASN1_F_D2I_PBKDF2PARAM 263 -#define ASN1_F_D2I_PKCS12 254 -#define ASN1_F_D2I_PKCS12_BAGS 255 -#define ASN1_F_D2I_PKCS12_MAC_DATA 256 -#define ASN1_F_D2I_PKCS12_SAFEBAG 257 -#define ASN1_F_D2I_PKCS7 145 -#define ASN1_F_D2I_PKCS7_DIGEST 146 -#define ASN1_F_D2I_PKCS7_ENCRYPT 147 -#define ASN1_F_D2I_PKCS7_ENC_CONTENT 148 -#define ASN1_F_D2I_PKCS7_ENVELOPE 149 -#define ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL 150 -#define ASN1_F_D2I_PKCS7_RECIP_INFO 151 -#define ASN1_F_D2I_PKCS7_SIGNED 152 -#define ASN1_F_D2I_PKCS7_SIGNER_INFO 153 -#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE 154 -#define ASN1_F_D2I_PKCS8_PRIV_KEY_INFO 250 -#define ASN1_F_D2I_PKEY_USAGE_PERIOD 239 -#define ASN1_F_D2I_POLICYINFO 269 -#define ASN1_F_D2I_POLICYQUALINFO 270 -#define ASN1_F_D2I_PRIVATEKEY 155 -#define ASN1_F_D2I_PUBLICKEY 156 -#define ASN1_F_D2I_RSAPRIVATEKEY 157 -#define ASN1_F_D2I_RSAPUBLICKEY 158 -#define ASN1_F_D2I_SXNET 241 -#define ASN1_F_D2I_SXNETID 243 -#define ASN1_F_D2I_USERNOTICE 271 -#define ASN1_F_D2I_X509 159 -#define ASN1_F_D2I_X509_ALGOR 160 -#define ASN1_F_D2I_X509_ATTRIBUTE 161 -#define ASN1_F_D2I_X509_CERT_AUX 285 -#define ASN1_F_D2I_X509_CINF 162 -#define ASN1_F_D2I_X509_CRL 163 -#define ASN1_F_D2I_X509_CRL_INFO 164 -#define ASN1_F_D2I_X509_EXTENSION 165 -#define ASN1_F_D2I_X509_KEY 166 -#define ASN1_F_D2I_X509_NAME 167 -#define ASN1_F_D2I_X509_NAME_ENTRY 168 -#define ASN1_F_D2I_X509_PKEY 169 -#define ASN1_F_D2I_X509_PUBKEY 170 -#define ASN1_F_D2I_X509_REQ 171 -#define ASN1_F_D2I_X509_REQ_INFO 172 -#define ASN1_F_D2I_X509_REVOKED 173 -#define ASN1_F_D2I_X509_SIG 174 -#define ASN1_F_D2I_X509_VAL 175 -#define ASN1_F_DIST_POINT_NAME_NEW 278 -#define ASN1_F_DIST_POINT_NEW 279 -#define ASN1_F_GENERAL_NAME_NEW 231 -#define ASN1_F_I2D_ASN1_HEADER 176 -#define ASN1_F_I2D_ASN1_TIME 225 -#define ASN1_F_I2D_DHPARAMS 177 -#define ASN1_F_I2D_DSAPARAMS 178 -#define ASN1_F_I2D_DSAPRIVATEKEY 179 -#define ASN1_F_I2D_DSAPUBLICKEY 180 -#define ASN1_F_I2D_DSA_PUBKEY 290 -#define ASN1_F_I2D_NETSCAPE_RSA 181 -#define ASN1_F_I2D_PKCS7 182 -#define ASN1_F_I2D_PRIVATEKEY 183 -#define ASN1_F_I2D_PUBLICKEY 184 -#define ASN1_F_I2D_RSAPRIVATEKEY 185 -#define ASN1_F_I2D_RSAPUBLICKEY 186 -#define ASN1_F_I2D_RSA_PUBKEY 289 -#define ASN1_F_I2D_X509_ATTRIBUTE 187 -#define ASN1_F_I2T_ASN1_OBJECT 188 -#define ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW 229 -#define ASN1_F_NETSCAPE_PKEY_NEW 189 -#define ASN1_F_NETSCAPE_SPKAC_NEW 190 -#define ASN1_F_NETSCAPE_SPKI_NEW 191 -#define ASN1_F_NOTICEREF_NEW 272 -#define ASN1_F_OCSP_BASICRESP_NEW 308 -#define ASN1_F_OCSP_CERTID_NEW 309 -#define ASN1_F_OCSP_CERTSTATUS_NEW 310 -#define ASN1_F_OCSP_CRLID_NEW 311 -#define ASN1_F_OCSP_ONEREQ_NEW 312 -#define ASN1_F_OCSP_REQINFO_NEW 313 -#define ASN1_F_OCSP_REQUEST_NEW 314 -#define ASN1_F_OCSP_RESPBYTES_NEW 315 -#define ASN1_F_OCSP_RESPDATA_NEW 316 -#define ASN1_F_OCSP_RESPID_NEW 317 -#define ASN1_F_OCSP_RESPONSE_NEW 318 -#define ASN1_F_OCSP_REVOKEDINFO_NEW 319 -#define ASN1_F_OCSP_SERVICELOC_NEW 320 -#define ASN1_F_OCSP_SIGNATURE_NEW 321 -#define ASN1_F_OCSP_SINGLERESP_NEW 322 -#define ASN1_F_OTHERNAME_NEW 288 -#define ASN1_F_PBE2PARAM_NEW 264 -#define ASN1_F_PBEPARAM_NEW 251 -#define ASN1_F_PBKDF2PARAM_NEW 265 -#define ASN1_F_PKCS12_BAGS_NEW 258 -#define ASN1_F_PKCS12_MAC_DATA_NEW 259 -#define ASN1_F_PKCS12_NEW 260 -#define ASN1_F_PKCS12_SAFEBAG_NEW 261 -#define ASN1_F_PKCS5_PBE2_SET 281 -#define ASN1_F_PKCS7_DIGEST_NEW 192 -#define ASN1_F_PKCS7_ENCRYPT_NEW 193 -#define ASN1_F_PKCS7_ENC_CONTENT_NEW 194 -#define ASN1_F_PKCS7_ENVELOPE_NEW 195 -#define ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW 196 -#define ASN1_F_PKCS7_NEW 197 -#define ASN1_F_PKCS7_RECIP_INFO_NEW 198 -#define ASN1_F_PKCS7_SIGNED_NEW 199 -#define ASN1_F_PKCS7_SIGNER_INFO_NEW 200 -#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW 201 -#define ASN1_F_PKCS8_PRIV_KEY_INFO_NEW 252 -#define ASN1_F_PKEY_USAGE_PERIOD_NEW 240 -#define ASN1_F_POLICYINFO_NEW 273 -#define ASN1_F_POLICYQUALINFO_NEW 274 -#define ASN1_F_SXNETID_NEW 244 -#define ASN1_F_SXNET_NEW 242 -#define ASN1_F_USERNOTICE_NEW 275 -#define ASN1_F_X509_ALGOR_NEW 202 -#define ASN1_F_X509_ATTRIBUTE_NEW 203 -#define ASN1_F_X509_CERT_AUX_NEW 286 -#define ASN1_F_X509_CINF_NEW 204 -#define ASN1_F_X509_CRL_INFO_NEW 205 -#define ASN1_F_X509_CRL_NEW 206 -#define ASN1_F_X509_DHPARAMS_NEW 207 -#define ASN1_F_X509_EXTENSION_NEW 208 -#define ASN1_F_X509_INFO_NEW 209 -#define ASN1_F_X509_KEY_NEW 210 -#define ASN1_F_X509_NAME_ENTRY_NEW 211 -#define ASN1_F_X509_NAME_NEW 212 -#define ASN1_F_X509_NEW 213 -#define ASN1_F_X509_PKEY_NEW 214 -#define ASN1_F_X509_PUBKEY_NEW 215 -#define ASN1_F_X509_REQ_INFO_NEW 216 -#define ASN1_F_X509_REQ_NEW 217 -#define ASN1_F_X509_REVOKED_NEW 218 -#define ASN1_F_X509_SIG_NEW 219 -#define ASN1_F_X509_VAL_FREE 220 -#define ASN1_F_X509_VAL_NEW 221 +#define ASN1_F_A2I_ASN1_ENUMERATED 101 +#define ASN1_F_A2I_ASN1_INTEGER 102 +#define ASN1_F_A2I_ASN1_STRING 103 +#define ASN1_F_ASN1_CHECK_TLEN 104 +#define ASN1_F_ASN1_COLLATE_PRIMITIVE 105 +#define ASN1_F_ASN1_COLLECT 106 +#define ASN1_F_ASN1_D2I_BIO 107 +#define ASN1_F_ASN1_D2I_EX_PRIMITIVE 108 +#define ASN1_F_ASN1_D2I_FP 109 +#define ASN1_F_ASN1_DO_ADB 110 +#define ASN1_F_ASN1_DUP 111 +#define ASN1_F_ASN1_ENUMERATED_SET 112 +#define ASN1_F_ASN1_ENUMERATED_TO_BN 113 +#define ASN1_F_ASN1_GET_OBJECT 114 +#define ASN1_F_ASN1_HEADER_NEW 115 +#define ASN1_F_ASN1_I2D_BIO 116 +#define ASN1_F_ASN1_I2D_FP 117 +#define ASN1_F_ASN1_INTEGER_SET 118 +#define ASN1_F_ASN1_INTEGER_TO_BN 119 +#define ASN1_F_ASN1_ITEM_EX_D2I 120 +#define ASN1_F_ASN1_ITEM_NEW 121 +#define ASN1_F_ASN1_MBSTRING_COPY 122 +#define ASN1_F_ASN1_OBJECT_NEW 123 +#define ASN1_F_ASN1_PACK_STRING 124 +#define ASN1_F_ASN1_PBE_SET 125 +#define ASN1_F_ASN1_SEQ_PACK 126 +#define ASN1_F_ASN1_SEQ_UNPACK 127 +#define ASN1_F_ASN1_SIGN 128 +#define ASN1_F_ASN1_STRING_TABLE_ADD 129 +#define ASN1_F_ASN1_STRING_TYPE_NEW 130 +#define ASN1_F_ASN1_TEMPLATE_D2I 131 +#define ASN1_F_ASN1_TEMPLATE_EX_D2I 132 +#define ASN1_F_ASN1_TEMPLATE_NEW 133 +#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134 +#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135 +#define ASN1_F_ASN1_UNPACK_STRING 136 +#define ASN1_F_ASN1_VERIFY 137 +#define ASN1_F_BN_TO_ASN1_ENUMERATED 138 +#define ASN1_F_BN_TO_ASN1_INTEGER 139 +#define ASN1_F_COLLECT_DATA 140 +#define ASN1_F_D2I_ASN1_BIT_STRING 141 +#define ASN1_F_D2I_ASN1_BMPSTRING 178 +#define ASN1_F_D2I_ASN1_BOOLEAN 142 +#define ASN1_F_D2I_ASN1_BYTES 143 +#define ASN1_F_D2I_ASN1_GENERALIZEDTIME 144 +#define ASN1_F_D2I_ASN1_HEADER 145 +#define ASN1_F_D2I_ASN1_INTEGER 146 +#define ASN1_F_D2I_ASN1_NULL 179 +#define ASN1_F_D2I_ASN1_OBJECT 147 +#define ASN1_F_D2I_ASN1_SET 148 +#define ASN1_F_D2I_ASN1_TYPE_BYTES 149 +#define ASN1_F_D2I_ASN1_UINTEGER 150 +#define ASN1_F_D2I_ASN1_UTCTIME 151 +#define ASN1_F_D2I_ASN1_VISIBLESTRING 180 +#define ASN1_F_D2I_DHPARAMS 152 +#define ASN1_F_D2I_DSAPARAMS 153 +#define ASN1_F_D2I_DSAPRIVATEKEY 154 +#define ASN1_F_D2I_DSAPUBLICKEY 155 +#define ASN1_F_D2I_NETSCAPE_RSA 156 +#define ASN1_F_D2I_NETSCAPE_RSA_2 157 +#define ASN1_F_D2I_OCSP_BASICRESP 181 +#define ASN1_F_D2I_OCSP_CERTID 182 +#define ASN1_F_D2I_OCSP_CERTSTATUS 183 +#define ASN1_F_D2I_OCSP_CRLID 184 +#define ASN1_F_D2I_OCSP_ONEREQ 185 +#define ASN1_F_D2I_OCSP_REQINFO 186 +#define ASN1_F_D2I_OCSP_REQUEST 187 +#define ASN1_F_D2I_OCSP_RESPBYTES 188 +#define ASN1_F_D2I_OCSP_RESPDATA 189 +#define ASN1_F_D2I_OCSP_RESPID 190 +#define ASN1_F_D2I_OCSP_RESPONSE 191 +#define ASN1_F_D2I_OCSP_REVOKEDINFO 192 +#define ASN1_F_D2I_OCSP_SERVICELOC 193 +#define ASN1_F_D2I_OCSP_SIGNATURE 194 +#define ASN1_F_D2I_OCSP_SINGLERESP 195 +#define ASN1_F_D2I_PKCS12 196 +#define ASN1_F_D2I_PKCS12_BAGS 197 +#define ASN1_F_D2I_PKCS12_MAC_DATA 198 +#define ASN1_F_D2I_PKCS12_SAFEBAG 199 +#define ASN1_F_D2I_PKCS7 200 +#define ASN1_F_D2I_PKCS7_DIGEST 201 +#define ASN1_F_D2I_PKCS7_ENCRYPT 202 +#define ASN1_F_D2I_PKCS7_ENC_CONTENT 203 +#define ASN1_F_D2I_PKCS7_ENVELOPE 204 +#define ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL 205 +#define ASN1_F_D2I_PKCS7_RECIP_INFO 206 +#define ASN1_F_D2I_PKCS7_SIGNED 207 +#define ASN1_F_D2I_PKCS7_SIGNER_INFO 208 +#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE 209 +#define ASN1_F_D2I_PRIVATEKEY 158 +#define ASN1_F_D2I_PUBLICKEY 159 +#define ASN1_F_D2I_X509 210 +#define ASN1_F_D2I_X509_CINF 211 +#define ASN1_F_D2I_X509_NAME 160 +#define ASN1_F_D2I_X509_PKEY 161 +#define ASN1_F_I2D_ASN1_TIME 162 +#define ASN1_F_I2D_DHPARAMS 163 +#define ASN1_F_I2D_DSAPARAMS 164 +#define ASN1_F_I2D_DSAPRIVATEKEY 165 +#define ASN1_F_I2D_DSAPUBLICKEY 166 +#define ASN1_F_I2D_DSA_PUBKEY 167 +#define ASN1_F_I2D_NETSCAPE_RSA 168 +#define ASN1_F_I2D_PRIVATEKEY 169 +#define ASN1_F_I2D_PUBLICKEY 170 +#define ASN1_F_I2D_RSA_PUBKEY 171 +#define ASN1_F_LONG_C2I 172 +#define ASN1_F_OCSP_BASICRESP_NEW 212 +#define ASN1_F_OCSP_CERTID_NEW 213 +#define ASN1_F_OCSP_CERTSTATUS_NEW 214 +#define ASN1_F_OCSP_CRLID_NEW 215 +#define ASN1_F_OCSP_ONEREQ_NEW 216 +#define ASN1_F_OCSP_REQINFO_NEW 217 +#define ASN1_F_OCSP_REQUEST_NEW 218 +#define ASN1_F_OCSP_RESPBYTES_NEW 219 +#define ASN1_F_OCSP_RESPDATA_NEW 220 +#define ASN1_F_OCSP_RESPID_NEW 221 +#define ASN1_F_OCSP_RESPONSE_NEW 222 +#define ASN1_F_OCSP_REVOKEDINFO_NEW 223 +#define ASN1_F_OCSP_SERVICELOC_NEW 224 +#define ASN1_F_OCSP_SIGNATURE_NEW 225 +#define ASN1_F_OCSP_SINGLERESP_NEW 226 +#define ASN1_F_PKCS12_BAGS_NEW 227 +#define ASN1_F_PKCS12_MAC_DATA_NEW 228 +#define ASN1_F_PKCS12_NEW 229 +#define ASN1_F_PKCS12_SAFEBAG_NEW 230 +#define ASN1_F_PKCS5_PBE2_SET 173 +#define ASN1_F_PKCS7_DIGEST_NEW 231 +#define ASN1_F_PKCS7_ENCRYPT_NEW 232 +#define ASN1_F_PKCS7_ENC_CONTENT_NEW 233 +#define ASN1_F_PKCS7_ENVELOPE_NEW 234 +#define ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW 235 +#define ASN1_F_PKCS7_NEW 236 +#define ASN1_F_PKCS7_RECIP_INFO_NEW 237 +#define ASN1_F_PKCS7_SIGNED_NEW 238 +#define ASN1_F_PKCS7_SIGNER_INFO_NEW 239 +#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW 240 +#define ASN1_F_X509_CINF_NEW 241 +#define ASN1_F_X509_CRL_ADD0_REVOKED 174 +#define ASN1_F_X509_INFO_NEW 175 +#define ASN1_F_X509_NAME_NEW 176 +#define ASN1_F_X509_NEW 242 +#define ASN1_F_X509_PKEY_NEW 177 /* Reason codes. */ -#define ASN1_R_BAD_CLASS 100 -#define ASN1_R_BAD_OBJECT_HEADER 101 -#define ASN1_R_BAD_PASSWORD_READ 102 -#define ASN1_R_BAD_PKCS7_CONTENT 103 -#define ASN1_R_BAD_PKCS7_TYPE 104 -#define ASN1_R_BAD_TAG 105 -#define ASN1_R_BAD_TYPE 106 -#define ASN1_R_BN_LIB 107 -#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 108 -#define ASN1_R_BUFFER_TOO_SMALL 109 -#define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 166 -#define ASN1_R_DATA_IS_WRONG 110 -#define ASN1_R_DECODE_ERROR 155 +#define ASN1_R_AUX_ERROR 100 +#define ASN1_R_BAD_CLASS 101 +#define ASN1_R_BAD_OBJECT_HEADER 102 +#define ASN1_R_BAD_PASSWORD_READ 103 +#define ASN1_R_BAD_PKCS7_CONTENT 171 +#define ASN1_R_BAD_TAG 104 +#define ASN1_R_BAD_TYPE 172 +#define ASN1_R_BN_LIB 105 +#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106 +#define ASN1_R_BUFFER_TOO_SMALL 107 +#define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 108 +#define ASN1_R_DATA_IS_WRONG 109 +#define ASN1_R_DECODE_ERROR 110 #define ASN1_R_DECODING_ERROR 111 -#define ASN1_R_ENCODE_ERROR 156 -#define ASN1_R_ERROR_PARSING_SET_ELEMENT 112 -#define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 157 -#define ASN1_R_EXPECTING_AN_ENUMERATED 154 -#define ASN1_R_EXPECTING_AN_INTEGER 113 -#define ASN1_R_EXPECTING_AN_OBJECT 114 -#define ASN1_R_EXPECTING_AN_OCTET_STRING 115 -#define ASN1_R_EXPECTING_A_BIT_STRING 116 +#define ASN1_R_ENCODE_ERROR 112 +#define ASN1_R_ERROR_PARSING_SET_ELEMENT 113 +#define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 114 +#define ASN1_R_EXPECTING_AN_INTEGER 115 +#define ASN1_R_EXPECTING_AN_OBJECT 116 #define ASN1_R_EXPECTING_A_BOOLEAN 117 -#define ASN1_R_EXPECTING_A_GENERALIZEDTIME 151 -#define ASN1_R_EXPECTING_A_NULL 164 -#define ASN1_R_EXPECTING_A_TIME 152 -#define ASN1_R_EXPECTING_A_UTCTIME 118 -#define ASN1_R_FIRST_NUM_TOO_LARGE 119 -#define ASN1_R_GENERALIZEDTIME_TOO_LONG 153 -#define ASN1_R_HEADER_TOO_LONG 120 -#define ASN1_R_ILLEGAL_CHARACTERS 158 -#define ASN1_R_INVALID_BMPSTRING_LENGTH 159 -#define ASN1_R_INVALID_DIGIT 121 -#define ASN1_R_INVALID_SEPARATOR 122 -#define ASN1_R_INVALID_TIME_FORMAT 123 -#define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 160 -#define ASN1_R_INVALID_UTF8STRING 161 -#define ASN1_R_IV_TOO_LARGE 124 -#define ASN1_R_LENGTH_ERROR 125 -#define ASN1_R_MISSING_SECOND_NUMBER 126 -#define ASN1_R_NON_HEX_CHARACTERS 127 -#define ASN1_R_NOT_ENOUGH_DATA 128 -#define ASN1_R_NULL_IS_WRONG_LENGTH 165 -#define ASN1_R_ODD_NUMBER_OF_CHARS 129 -#define ASN1_R_PARSING 130 -#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 131 -#define ASN1_R_SECOND_NUMBER_TOO_LARGE 132 -#define ASN1_R_SHORT_LINE 133 -#define ASN1_R_STRING_TOO_LONG 163 -#define ASN1_R_STRING_TOO_SHORT 134 -#define ASN1_R_TAG_VALUE_TOO_HIGH 135 -#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 136 -#define ASN1_R_TOO_LONG 137 -#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 138 -#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 139 -#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE 140 -#define ASN1_R_UNKNOWN_FORMAT 162 -#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 141 -#define ASN1_R_UNKNOWN_OBJECT_TYPE 142 -#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 143 -#define ASN1_R_UNSUPPORTED_CIPHER 144 -#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 145 -#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 146 -#define ASN1_R_UTCTIME_TOO_LONG 147 -#define ASN1_R_WRONG_PRINTABLE_TYPE 148 -#define ASN1_R_WRONG_TAG 149 -#define ASN1_R_WRONG_TYPE 150 +#define ASN1_R_EXPECTING_A_NULL 173 +#define ASN1_R_EXPECTING_A_TIME 118 +#define ASN1_R_EXPLICIT_LENGTH_MISMATCH 119 +#define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED 120 +#define ASN1_R_FIELD_MISSING 121 +#define ASN1_R_FIRST_NUM_TOO_LARGE 122 +#define ASN1_R_HEADER_TOO_LONG 123 +#define ASN1_R_ILLEGAL_CHARACTERS 124 +#define ASN1_R_ILLEGAL_NULL 125 +#define ASN1_R_ILLEGAL_OPTIONAL_ANY 126 +#define ASN1_R_ILLEGAL_TAGGED_ANY 127 +#define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128 +#define ASN1_R_INVALID_BMPSTRING_LENGTH 129 +#define ASN1_R_INVALID_DIGIT 130 +#define ASN1_R_INVALID_SEPARATOR 131 +#define ASN1_R_INVALID_TIME_FORMAT 132 +#define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133 +#define ASN1_R_INVALID_UTF8STRING 134 +#define ASN1_R_IV_TOO_LARGE 135 +#define ASN1_R_LENGTH_ERROR 136 +#define ASN1_R_MISSING_EOC 137 +#define ASN1_R_MISSING_SECOND_NUMBER 138 +#define ASN1_R_MSTRING_NOT_UNIVERSAL 139 +#define ASN1_R_MSTRING_WRONG_TAG 140 +#define ASN1_R_NON_HEX_CHARACTERS 141 +#define ASN1_R_NOT_ENOUGH_DATA 142 +#define ASN1_R_NO_MATCHING_CHOICE_TYPE 143 +#define ASN1_R_NULL_IS_WRONG_LENGTH 144 +#define ASN1_R_ODD_NUMBER_OF_CHARS 145 +#define ASN1_R_PARSING 146 +#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 147 +#define ASN1_R_SECOND_NUMBER_TOO_LARGE 148 +#define ASN1_R_SEQUENCE_LENGTH_MISMATCH 149 +#define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 150 +#define ASN1_R_SHORT_LINE 151 +#define ASN1_R_STRING_TOO_LONG 152 +#define ASN1_R_STRING_TOO_SHORT 153 +#define ASN1_R_TAG_VALUE_TOO_HIGH 154 +#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 155 +#define ASN1_R_TOO_LONG 156 +#define ASN1_R_TYPE_NOT_CONSTRUCTED 157 +#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 158 +#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 159 +#define ASN1_R_UNEXPECTED_EOC 160 +#define ASN1_R_UNKNOWN_FORMAT 161 +#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 162 +#define ASN1_R_UNKNOWN_OBJECT_TYPE 163 +#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 164 +#define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 165 +#define ASN1_R_UNSUPPORTED_CIPHER 166 +#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 167 +#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 168 +#define ASN1_R_WRONG_TAG 169 +#define ASN1_R_WRONG_TYPE 170 #ifdef __cplusplus } diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c index 3a53cb33c5..e75dfc71bf 100644 --- a/crypto/asn1/asn1_err.c +++ b/crypto/asn1/asn1_err.c @@ -70,20 +70,24 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_PACK(0,ASN1_F_A2I_ASN1_ENUMERATED,0), "a2i_ASN1_ENUMERATED"}, {ERR_PACK(0,ASN1_F_A2I_ASN1_INTEGER,0), "a2i_ASN1_INTEGER"}, {ERR_PACK(0,ASN1_F_A2I_ASN1_STRING,0), "a2i_ASN1_STRING"}, -{ERR_PACK(0,ASN1_F_ACCESS_DESCRIPTION_NEW,0), "ACCESS_DESCRIPTION_new"}, +{ERR_PACK(0,ASN1_F_ASN1_CHECK_TLEN,0), "ASN1_CHECK_TLEN"}, {ERR_PACK(0,ASN1_F_ASN1_COLLATE_PRIMITIVE,0), "ASN1_COLLATE_PRIMITIVE"}, +{ERR_PACK(0,ASN1_F_ASN1_COLLECT,0), "ASN1_COLLECT"}, {ERR_PACK(0,ASN1_F_ASN1_D2I_BIO,0), "ASN1_d2i_bio"}, +{ERR_PACK(0,ASN1_F_ASN1_D2I_EX_PRIMITIVE,0), "ASN1_D2I_EX_PRIMITIVE"}, {ERR_PACK(0,ASN1_F_ASN1_D2I_FP,0), "ASN1_d2i_fp"}, +{ERR_PACK(0,ASN1_F_ASN1_DO_ADB,0), "ASN1_DO_ADB"}, {ERR_PACK(0,ASN1_F_ASN1_DUP,0), "ASN1_dup"}, {ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_SET,0), "ASN1_ENUMERATED_set"}, {ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_TO_BN,0), "ASN1_ENUMERATED_to_BN"}, -{ERR_PACK(0,ASN1_F_ASN1_GENERALIZEDTIME_NEW,0), "ASN1_GENERALIZEDTIME_new"}, {ERR_PACK(0,ASN1_F_ASN1_GET_OBJECT,0), "ASN1_get_object"}, {ERR_PACK(0,ASN1_F_ASN1_HEADER_NEW,0), "ASN1_HEADER_new"}, {ERR_PACK(0,ASN1_F_ASN1_I2D_BIO,0), "ASN1_i2d_bio"}, {ERR_PACK(0,ASN1_F_ASN1_I2D_FP,0), "ASN1_i2d_fp"}, {ERR_PACK(0,ASN1_F_ASN1_INTEGER_SET,0), "ASN1_INTEGER_set"}, {ERR_PACK(0,ASN1_F_ASN1_INTEGER_TO_BN,0), "ASN1_INTEGER_to_BN"}, +{ERR_PACK(0,ASN1_F_ASN1_ITEM_EX_D2I,0), "ASN1_ITEM_EX_D2I"}, +{ERR_PACK(0,ASN1_F_ASN1_ITEM_NEW,0), "ASN1_item_new"}, {ERR_PACK(0,ASN1_F_ASN1_MBSTRING_COPY,0), "ASN1_mbstring_copy"}, {ERR_PACK(0,ASN1_F_ASN1_OBJECT_NEW,0), "ASN1_OBJECT_new"}, {ERR_PACK(0,ASN1_F_ASN1_PACK_STRING,0), "ASN1_pack_string"}, @@ -91,56 +95,38 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_PACK(0,ASN1_F_ASN1_SEQ_PACK,0), "ASN1_seq_pack"}, {ERR_PACK(0,ASN1_F_ASN1_SEQ_UNPACK,0), "ASN1_seq_unpack"}, {ERR_PACK(0,ASN1_F_ASN1_SIGN,0), "ASN1_sign"}, -{ERR_PACK(0,ASN1_F_ASN1_STRING_NEW,0), "ASN1_STRING_new"}, {ERR_PACK(0,ASN1_F_ASN1_STRING_TABLE_ADD,0), "ASN1_STRING_TABLE_add"}, {ERR_PACK(0,ASN1_F_ASN1_STRING_TYPE_NEW,0), "ASN1_STRING_type_new"}, +{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_D2I,0), "ASN1_TEMPLATE_D2I"}, +{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_EX_D2I,0), "ASN1_TEMPLATE_EX_D2I"}, +{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_NEW,0), "ASN1_TEMPLATE_NEW"}, {ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0), "ASN1_TYPE_get_int_octetstring"}, {ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0), "ASN1_TYPE_get_octetstring"}, -{ERR_PACK(0,ASN1_F_ASN1_TYPE_NEW,0), "ASN1_TYPE_new"}, {ERR_PACK(0,ASN1_F_ASN1_UNPACK_STRING,0), "ASN1_unpack_string"}, -{ERR_PACK(0,ASN1_F_ASN1_UTCTIME_NEW,0), "ASN1_UTCTIME_new"}, {ERR_PACK(0,ASN1_F_ASN1_VERIFY,0), "ASN1_verify"}, -{ERR_PACK(0,ASN1_F_AUTHORITY_KEYID_NEW,0), "AUTHORITY_KEYID_new"}, -{ERR_PACK(0,ASN1_F_BASIC_CONSTRAINTS_NEW,0), "BASIC_CONSTRAINTS_new"}, {ERR_PACK(0,ASN1_F_BN_TO_ASN1_ENUMERATED,0), "BN_to_ASN1_ENUMERATED"}, {ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0), "BN_to_ASN1_INTEGER"}, -{ERR_PACK(0,ASN1_F_D2I_ACCESS_DESCRIPTION,0), "d2i_ACCESS_DESCRIPTION"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0), "d2i_ASN1_BIT_STRING"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_BMPSTRING,0), "d2i_ASN1_BMPSTRING"}, +{ERR_PACK(0,ASN1_F_COLLECT_DATA,0), "COLLECT_DATA"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0), "D2I_ASN1_BIT_STRING"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_BMPSTRING,0), "D2I_ASN1_BMPSTRING"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_BOOLEAN,0), "d2i_ASN1_BOOLEAN"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_BYTES,0), "d2i_ASN1_bytes"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_ENUMERATED,0), "d2i_ASN1_ENUMERATED"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_GENERALIZEDTIME,0), "d2i_ASN1_GENERALIZEDTIME"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_GENERALIZEDTIME,0), "D2I_ASN1_GENERALIZEDTIME"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_HEADER,0), "d2i_ASN1_HEADER"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_INTEGER,0), "d2i_ASN1_INTEGER"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_NULL,0), "d2i_ASN1_NULL"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_INTEGER,0), "D2I_ASN1_INTEGER"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_NULL,0), "D2I_ASN1_NULL"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_OBJECT,0), "d2i_ASN1_OBJECT"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_OCTET_STRING,0), "d2i_ASN1_OCTET_STRING"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_PRINT_TYPE,0), "D2I_ASN1_PRINT_TYPE"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_SET,0), "d2i_ASN1_SET"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_TIME,0), "d2i_ASN1_TIME"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE,0), "d2i_ASN1_TYPE"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE_BYTES,0), "d2i_ASN1_type_bytes"}, {ERR_PACK(0,ASN1_F_D2I_ASN1_UINTEGER,0), "d2i_ASN1_UINTEGER"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_UTCTIME,0), "d2i_ASN1_UTCTIME"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_UTF8STRING,0), "d2i_ASN1_UTF8STRING"}, -{ERR_PACK(0,ASN1_F_D2I_ASN1_VISIBLESTRING,0), "d2i_ASN1_VISIBLESTRING"}, -{ERR_PACK(0,ASN1_F_D2I_AUTHORITY_KEYID,0), "d2i_AUTHORITY_KEYID"}, -{ERR_PACK(0,ASN1_F_D2I_BASIC_CONSTRAINTS,0), "d2i_BASIC_CONSTRAINTS"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_UTCTIME,0), "D2I_ASN1_UTCTIME"}, +{ERR_PACK(0,ASN1_F_D2I_ASN1_VISIBLESTRING,0), "D2I_ASN1_VISIBLESTRING"}, {ERR_PACK(0,ASN1_F_D2I_DHPARAMS,0), "d2i_DHparams"}, -{ERR_PACK(0,ASN1_F_D2I_DIST_POINT,0), "d2i_DIST_POINT"}, -{ERR_PACK(0,ASN1_F_D2I_DIST_POINT_NAME,0), "d2i_DIST_POINT_NAME"}, {ERR_PACK(0,ASN1_F_D2I_DSAPARAMS,0), "d2i_DSAparams"}, {ERR_PACK(0,ASN1_F_D2I_DSAPRIVATEKEY,0), "d2i_DSAPrivateKey"}, {ERR_PACK(0,ASN1_F_D2I_DSAPUBLICKEY,0), "d2i_DSAPublicKey"}, -{ERR_PACK(0,ASN1_F_D2I_GENERAL_NAME,0), "d2i_GENERAL_NAME"}, -{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE,0), "d2i_NETSCAPE_CERT_SEQUENCE"}, -{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_PKEY,0), "D2I_NETSCAPE_PKEY"}, {ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA,0), "d2i_Netscape_RSA"}, {ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA_2,0), "d2i_Netscape_RSA_2"}, -{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKAC,0), "d2i_NETSCAPE_SPKAC"}, -{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKI,0), "d2i_NETSCAPE_SPKI"}, -{ERR_PACK(0,ASN1_F_D2I_NOTICEREF,0), "d2i_NOTICEREF"}, {ERR_PACK(0,ASN1_F_D2I_OCSP_BASICRESP,0), "d2i_OCSP_BASICRESP"}, {ERR_PACK(0,ASN1_F_D2I_OCSP_CERTID,0), "d2i_OCSP_CERTID"}, {ERR_PACK(0,ASN1_F_D2I_OCSP_CERTSTATUS,0), "d2i_OCSP_CERTSTATUS"}, @@ -156,77 +142,37 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_PACK(0,ASN1_F_D2I_OCSP_SERVICELOC,0), "d2i_OCSP_SERVICELOC"}, {ERR_PACK(0,ASN1_F_D2I_OCSP_SIGNATURE,0), "d2i_OCSP_SIGNATURE"}, {ERR_PACK(0,ASN1_F_D2I_OCSP_SINGLERESP,0), "d2i_OCSP_SINGLERESP"}, -{ERR_PACK(0,ASN1_F_D2I_OTHERNAME,0), "d2i_OTHERNAME"}, -{ERR_PACK(0,ASN1_F_D2I_PBE2PARAM,0), "d2i_PBE2PARAM"}, -{ERR_PACK(0,ASN1_F_D2I_PBEPARAM,0), "d2i_PBEPARAM"}, -{ERR_PACK(0,ASN1_F_D2I_PBKDF2PARAM,0), "d2i_PBKDF2PARAM"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS12,0), "d2i_PKCS12"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS12_BAGS,0), "d2i_PKCS12_BAGS"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS12_MAC_DATA,0), "d2i_PKCS12_MAC_DATA"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS12_SAFEBAG,0), "d2i_PKCS12_SAFEBAG"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS7,0), "d2i_PKCS7"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS7_DIGEST,0), "d2i_PKCS7_DIGEST"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENCRYPT,0), "d2i_PKCS7_ENCRYPT"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENC_CONTENT,0), "d2i_PKCS7_ENC_CONTENT"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENVELOPE,0), "d2i_PKCS7_ENVELOPE"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL,0), "d2i_PKCS7_ISSUER_AND_SERIAL"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS7_RECIP_INFO,0), "d2i_PKCS7_RECIP_INFO"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNED,0), "d2i_PKCS7_SIGNED"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNER_INFO,0), "d2i_PKCS7_SIGNER_INFO"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGN_ENVELOPE,0), "d2i_PKCS7_SIGN_ENVELOPE"}, -{ERR_PACK(0,ASN1_F_D2I_PKCS8_PRIV_KEY_INFO,0), "d2i_PKCS8_PRIV_KEY_INFO"}, -{ERR_PACK(0,ASN1_F_D2I_PKEY_USAGE_PERIOD,0), "d2i_PKEY_USAGE_PERIOD"}, -{ERR_PACK(0,ASN1_F_D2I_POLICYINFO,0), "d2i_POLICYINFO"}, -{ERR_PACK(0,ASN1_F_D2I_POLICYQUALINFO,0), "d2i_POLICYQUALINFO"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS12,0), "D2I_PKCS12"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS12_BAGS,0), "D2I_PKCS12_BAGS"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS12_MAC_DATA,0), "D2I_PKCS12_MAC_DATA"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS12_SAFEBAG,0), "D2I_PKCS12_SAFEBAG"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7,0), "D2I_PKCS7"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_DIGEST,0), "D2I_PKCS7_DIGEST"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENCRYPT,0), "D2I_PKCS7_ENCRYPT"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENC_CONTENT,0), "D2I_PKCS7_ENC_CONTENT"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENVELOPE,0), "D2I_PKCS7_ENVELOPE"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL,0), "D2I_PKCS7_ISSUER_AND_SERIAL"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_RECIP_INFO,0), "D2I_PKCS7_RECIP_INFO"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNED,0), "D2I_PKCS7_SIGNED"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNER_INFO,0), "D2I_PKCS7_SIGNER_INFO"}, +{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGN_ENVELOPE,0), "D2I_PKCS7_SIGN_ENVELOPE"}, {ERR_PACK(0,ASN1_F_D2I_PRIVATEKEY,0), "d2i_PrivateKey"}, {ERR_PACK(0,ASN1_F_D2I_PUBLICKEY,0), "d2i_PublicKey"}, -{ERR_PACK(0,ASN1_F_D2I_RSAPRIVATEKEY,0), "d2i_RSAPrivateKey"}, -{ERR_PACK(0,ASN1_F_D2I_RSAPUBLICKEY,0), "d2i_RSAPublicKey"}, -{ERR_PACK(0,ASN1_F_D2I_SXNET,0), "d2i_SXNET"}, -{ERR_PACK(0,ASN1_F_D2I_SXNETID,0), "d2i_SXNETID"}, -{ERR_PACK(0,ASN1_F_D2I_USERNOTICE,0), "d2i_USERNOTICE"}, -{ERR_PACK(0,ASN1_F_D2I_X509,0), "d2i_X509"}, -{ERR_PACK(0,ASN1_F_D2I_X509_ALGOR,0), "d2i_X509_ALGOR"}, -{ERR_PACK(0,ASN1_F_D2I_X509_ATTRIBUTE,0), "d2i_X509_ATTRIBUTE"}, -{ERR_PACK(0,ASN1_F_D2I_X509_CERT_AUX,0), "d2i_X509_CERT_AUX"}, -{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0), "d2i_X509_CINF"}, -{ERR_PACK(0,ASN1_F_D2I_X509_CRL,0), "d2i_X509_CRL"}, -{ERR_PACK(0,ASN1_F_D2I_X509_CRL_INFO,0), "d2i_X509_CRL_INFO"}, -{ERR_PACK(0,ASN1_F_D2I_X509_EXTENSION,0), "d2i_X509_EXTENSION"}, -{ERR_PACK(0,ASN1_F_D2I_X509_KEY,0), "D2I_X509_KEY"}, -{ERR_PACK(0,ASN1_F_D2I_X509_NAME,0), "d2i_X509_NAME"}, -{ERR_PACK(0,ASN1_F_D2I_X509_NAME_ENTRY,0), "d2i_X509_NAME_ENTRY"}, +{ERR_PACK(0,ASN1_F_D2I_X509,0), "D2I_X509"}, +{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0), "D2I_X509_CINF"}, +{ERR_PACK(0,ASN1_F_D2I_X509_NAME,0), "D2I_X509_NAME"}, {ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0), "d2i_X509_PKEY"}, -{ERR_PACK(0,ASN1_F_D2I_X509_PUBKEY,0), "d2i_X509_PUBKEY"}, -{ERR_PACK(0,ASN1_F_D2I_X509_REQ,0), "d2i_X509_REQ"}, -{ERR_PACK(0,ASN1_F_D2I_X509_REQ_INFO,0), "d2i_X509_REQ_INFO"}, -{ERR_PACK(0,ASN1_F_D2I_X509_REVOKED,0), "d2i_X509_REVOKED"}, -{ERR_PACK(0,ASN1_F_D2I_X509_SIG,0), "d2i_X509_SIG"}, -{ERR_PACK(0,ASN1_F_D2I_X509_VAL,0), "d2i_X509_VAL"}, -{ERR_PACK(0,ASN1_F_DIST_POINT_NAME_NEW,0), "DIST_POINT_NAME_new"}, -{ERR_PACK(0,ASN1_F_DIST_POINT_NEW,0), "DIST_POINT_new"}, -{ERR_PACK(0,ASN1_F_GENERAL_NAME_NEW,0), "GENERAL_NAME_new"}, -{ERR_PACK(0,ASN1_F_I2D_ASN1_HEADER,0), "i2d_ASN1_HEADER"}, -{ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0), "i2d_ASN1_TIME"}, +{ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0), "I2D_ASN1_TIME"}, {ERR_PACK(0,ASN1_F_I2D_DHPARAMS,0), "i2d_DHparams"}, {ERR_PACK(0,ASN1_F_I2D_DSAPARAMS,0), "i2d_DSAparams"}, {ERR_PACK(0,ASN1_F_I2D_DSAPRIVATEKEY,0), "i2d_DSAPrivateKey"}, {ERR_PACK(0,ASN1_F_I2D_DSAPUBLICKEY,0), "i2d_DSAPublicKey"}, {ERR_PACK(0,ASN1_F_I2D_DSA_PUBKEY,0), "i2d_DSA_PUBKEY"}, {ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0), "i2d_Netscape_RSA"}, -{ERR_PACK(0,ASN1_F_I2D_PKCS7,0), "i2d_PKCS7"}, {ERR_PACK(0,ASN1_F_I2D_PRIVATEKEY,0), "i2d_PrivateKey"}, {ERR_PACK(0,ASN1_F_I2D_PUBLICKEY,0), "i2d_PublicKey"}, -{ERR_PACK(0,ASN1_F_I2D_RSAPRIVATEKEY,0), "i2d_RSAPrivateKey"}, -{ERR_PACK(0,ASN1_F_I2D_RSAPUBLICKEY,0), "i2d_RSAPublicKey"}, {ERR_PACK(0,ASN1_F_I2D_RSA_PUBKEY,0), "i2d_RSA_PUBKEY"}, -{ERR_PACK(0,ASN1_F_I2D_X509_ATTRIBUTE,0), "i2d_X509_ATTRIBUTE"}, -{ERR_PACK(0,ASN1_F_I2T_ASN1_OBJECT,0), "i2t_ASN1_OBJECT"}, -{ERR_PACK(0,ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW,0), "NETSCAPE_CERT_SEQUENCE_new"}, -{ERR_PACK(0,ASN1_F_NETSCAPE_PKEY_NEW,0), "NETSCAPE_PKEY_NEW"}, -{ERR_PACK(0,ASN1_F_NETSCAPE_SPKAC_NEW,0), "NETSCAPE_SPKAC_new"}, -{ERR_PACK(0,ASN1_F_NETSCAPE_SPKI_NEW,0), "NETSCAPE_SPKI_new"}, -{ERR_PACK(0,ASN1_F_NOTICEREF_NEW,0), "NOTICEREF_new"}, +{ERR_PACK(0,ASN1_F_LONG_C2I,0), "LONG_C2I"}, {ERR_PACK(0,ASN1_F_OCSP_BASICRESP_NEW,0), "OCSP_BASICRESP_new"}, {ERR_PACK(0,ASN1_F_OCSP_CERTID_NEW,0), "OCSP_CERTID_new"}, {ERR_PACK(0,ASN1_F_OCSP_CERTSTATUS_NEW,0), "OCSP_CERTSTATUS_new"}, @@ -242,63 +188,37 @@ static ERR_STRING_DATA ASN1_str_functs[]= {ERR_PACK(0,ASN1_F_OCSP_SERVICELOC_NEW,0), "OCSP_SERVICELOC_new"}, {ERR_PACK(0,ASN1_F_OCSP_SIGNATURE_NEW,0), "OCSP_SIGNATURE_new"}, {ERR_PACK(0,ASN1_F_OCSP_SINGLERESP_NEW,0), "OCSP_SINGLERESP_new"}, -{ERR_PACK(0,ASN1_F_OTHERNAME_NEW,0), "OTHERNAME_new"}, -{ERR_PACK(0,ASN1_F_PBE2PARAM_NEW,0), "PBE2PARAM_new"}, -{ERR_PACK(0,ASN1_F_PBEPARAM_NEW,0), "PBEPARAM_new"}, -{ERR_PACK(0,ASN1_F_PBKDF2PARAM_NEW,0), "PBKDF2PARAM_new"}, -{ERR_PACK(0,ASN1_F_PKCS12_BAGS_NEW,0), "PKCS12_BAGS_new"}, -{ERR_PACK(0,ASN1_F_PKCS12_MAC_DATA_NEW,0), "PKCS12_MAC_DATA_new"}, -{ERR_PACK(0,ASN1_F_PKCS12_NEW,0), "PKCS12_new"}, -{ERR_PACK(0,ASN1_F_PKCS12_SAFEBAG_NEW,0), "PKCS12_SAFEBAG_new"}, +{ERR_PACK(0,ASN1_F_PKCS12_BAGS_NEW,0), "PKCS12_BAGS_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS12_MAC_DATA_NEW,0), "PKCS12_MAC_DATA_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS12_NEW,0), "PKCS12_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS12_SAFEBAG_NEW,0), "PKCS12_SAFEBAG_NEW"}, {ERR_PACK(0,ASN1_F_PKCS5_PBE2_SET,0), "PKCS5_pbe2_set"}, -{ERR_PACK(0,ASN1_F_PKCS7_DIGEST_NEW,0), "PKCS7_DIGEST_new"}, -{ERR_PACK(0,ASN1_F_PKCS7_ENCRYPT_NEW,0), "PKCS7_ENCRYPT_new"}, -{ERR_PACK(0,ASN1_F_PKCS7_ENC_CONTENT_NEW,0), "PKCS7_ENC_CONTENT_new"}, -{ERR_PACK(0,ASN1_F_PKCS7_ENVELOPE_NEW,0), "PKCS7_ENVELOPE_new"}, -{ERR_PACK(0,ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW,0), "PKCS7_ISSUER_AND_SERIAL_new"}, -{ERR_PACK(0,ASN1_F_PKCS7_NEW,0), "PKCS7_new"}, -{ERR_PACK(0,ASN1_F_PKCS7_RECIP_INFO_NEW,0), "PKCS7_RECIP_INFO_new"}, -{ERR_PACK(0,ASN1_F_PKCS7_SIGNED_NEW,0), "PKCS7_SIGNED_new"}, -{ERR_PACK(0,ASN1_F_PKCS7_SIGNER_INFO_NEW,0), "PKCS7_SIGNER_INFO_new"}, -{ERR_PACK(0,ASN1_F_PKCS7_SIGN_ENVELOPE_NEW,0), "PKCS7_SIGN_ENVELOPE_new"}, -{ERR_PACK(0,ASN1_F_PKCS8_PRIV_KEY_INFO_NEW,0), "PKCS8_PRIV_KEY_INFO_new"}, -{ERR_PACK(0,ASN1_F_PKEY_USAGE_PERIOD_NEW,0), "PKEY_USAGE_PERIOD_new"}, -{ERR_PACK(0,ASN1_F_POLICYINFO_NEW,0), "POLICYINFO_new"}, -{ERR_PACK(0,ASN1_F_POLICYQUALINFO_NEW,0), "POLICYQUALINFO_new"}, -{ERR_PACK(0,ASN1_F_SXNETID_NEW,0), "SXNETID_new"}, -{ERR_PACK(0,ASN1_F_SXNET_NEW,0), "SXNET_new"}, -{ERR_PACK(0,ASN1_F_USERNOTICE_NEW,0), "USERNOTICE_new"}, -{ERR_PACK(0,ASN1_F_X509_ALGOR_NEW,0), "X509_ALGOR_new"}, -{ERR_PACK(0,ASN1_F_X509_ATTRIBUTE_NEW,0), "X509_ATTRIBUTE_new"}, -{ERR_PACK(0,ASN1_F_X509_CERT_AUX_NEW,0), "X509_CERT_AUX_new"}, -{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0), "X509_CINF_new"}, -{ERR_PACK(0,ASN1_F_X509_CRL_INFO_NEW,0), "X509_CRL_INFO_new"}, -{ERR_PACK(0,ASN1_F_X509_CRL_NEW,0), "X509_CRL_new"}, -{ERR_PACK(0,ASN1_F_X509_DHPARAMS_NEW,0), "X509_DHPARAMS_NEW"}, -{ERR_PACK(0,ASN1_F_X509_EXTENSION_NEW,0), "X509_EXTENSION_new"}, +{ERR_PACK(0,ASN1_F_PKCS7_DIGEST_NEW,0), "PKCS7_DIGEST_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_ENCRYPT_NEW,0), "PKCS7_ENCRYPT_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_ENC_CONTENT_NEW,0), "PKCS7_ENC_CONTENT_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_ENVELOPE_NEW,0), "PKCS7_ENVELOPE_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW,0), "PKCS7_ISSUER_AND_SERIAL_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_NEW,0), "PKCS7_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_RECIP_INFO_NEW,0), "PKCS7_RECIP_INFO_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_SIGNED_NEW,0), "PKCS7_SIGNED_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_SIGNER_INFO_NEW,0), "PKCS7_SIGNER_INFO_NEW"}, +{ERR_PACK(0,ASN1_F_PKCS7_SIGN_ENVELOPE_NEW,0), "PKCS7_SIGN_ENVELOPE_NEW"}, +{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0), "X509_CINF_NEW"}, +{ERR_PACK(0,ASN1_F_X509_CRL_ADD0_REVOKED,0), "X509_CRL_add0_revoked"}, {ERR_PACK(0,ASN1_F_X509_INFO_NEW,0), "X509_INFO_new"}, -{ERR_PACK(0,ASN1_F_X509_KEY_NEW,0), "X509_KEY_NEW"}, -{ERR_PACK(0,ASN1_F_X509_NAME_ENTRY_NEW,0), "X509_NAME_ENTRY_new"}, -{ERR_PACK(0,ASN1_F_X509_NAME_NEW,0), "X509_NAME_new"}, -{ERR_PACK(0,ASN1_F_X509_NEW,0), "X509_new"}, +{ERR_PACK(0,ASN1_F_X509_NAME_NEW,0), "X509_NAME_NEW"}, +{ERR_PACK(0,ASN1_F_X509_NEW,0), "X509_NEW"}, {ERR_PACK(0,ASN1_F_X509_PKEY_NEW,0), "X509_PKEY_new"}, -{ERR_PACK(0,ASN1_F_X509_PUBKEY_NEW,0), "X509_PUBKEY_new"}, -{ERR_PACK(0,ASN1_F_X509_REQ_INFO_NEW,0), "X509_REQ_INFO_new"}, -{ERR_PACK(0,ASN1_F_X509_REQ_NEW,0), "X509_REQ_new"}, -{ERR_PACK(0,ASN1_F_X509_REVOKED_NEW,0), "X509_REVOKED_new"}, -{ERR_PACK(0,ASN1_F_X509_SIG_NEW,0), "X509_SIG_new"}, -{ERR_PACK(0,ASN1_F_X509_VAL_FREE,0), "X509_VAL_free"}, -{ERR_PACK(0,ASN1_F_X509_VAL_NEW,0), "X509_VAL_new"}, {0,NULL} }; static ERR_STRING_DATA ASN1_str_reasons[]= { +{ASN1_R_AUX_ERROR ,"aux error"}, {ASN1_R_BAD_CLASS ,"bad class"}, {ASN1_R_BAD_OBJECT_HEADER ,"bad object header"}, {ASN1_R_BAD_PASSWORD_READ ,"bad password read"}, {ASN1_R_BAD_PKCS7_CONTENT ,"bad pkcs7 content"}, -{ASN1_R_BAD_PKCS7_TYPE ,"bad pkcs7 type"}, {ASN1_R_BAD_TAG ,"bad tag"}, {ASN1_R_BAD_TYPE ,"bad type"}, {ASN1_R_BN_LIB ,"bn lib"}, @@ -311,20 +231,21 @@ static ERR_STRING_DATA ASN1_str_reasons[]= {ASN1_R_ENCODE_ERROR ,"encode error"}, {ASN1_R_ERROR_PARSING_SET_ELEMENT ,"error parsing set element"}, {ASN1_R_ERROR_SETTING_CIPHER_PARAMS ,"error setting cipher params"}, -{ASN1_R_EXPECTING_AN_ENUMERATED ,"expecting an enumerated"}, {ASN1_R_EXPECTING_AN_INTEGER ,"expecting an integer"}, {ASN1_R_EXPECTING_AN_OBJECT ,"expecting an object"}, -{ASN1_R_EXPECTING_AN_OCTET_STRING ,"expecting an octet string"}, -{ASN1_R_EXPECTING_A_BIT_STRING ,"expecting a bit string"}, {ASN1_R_EXPECTING_A_BOOLEAN ,"expecting a boolean"}, -{ASN1_R_EXPECTING_A_GENERALIZEDTIME ,"expecting a generalizedtime"}, {ASN1_R_EXPECTING_A_NULL ,"expecting a null"}, {ASN1_R_EXPECTING_A_TIME ,"expecting a time"}, -{ASN1_R_EXPECTING_A_UTCTIME ,"expecting a utctime"}, +{ASN1_R_EXPLICIT_LENGTH_MISMATCH ,"explicit length mismatch"}, +{ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED ,"explicit tag not constructed"}, +{ASN1_R_FIELD_MISSING ,"field missing"}, {ASN1_R_FIRST_NUM_TOO_LARGE ,"first num too large"}, -{ASN1_R_GENERALIZEDTIME_TOO_LONG ,"generalizedtime too long"}, {ASN1_R_HEADER_TOO_LONG ,"header too long"}, {ASN1_R_ILLEGAL_CHARACTERS ,"illegal characters"}, +{ASN1_R_ILLEGAL_NULL ,"illegal null"}, +{ASN1_R_ILLEGAL_OPTIONAL_ANY ,"illegal optional any"}, +{ASN1_R_ILLEGAL_TAGGED_ANY ,"illegal tagged any"}, +{ASN1_R_INTEGER_TOO_LARGE_FOR_LONG ,"integer too large for long"}, {ASN1_R_INVALID_BMPSTRING_LENGTH ,"invalid bmpstring length"}, {ASN1_R_INVALID_DIGIT ,"invalid digit"}, {ASN1_R_INVALID_SEPARATOR ,"invalid separator"}, @@ -333,32 +254,38 @@ static ERR_STRING_DATA ASN1_str_reasons[]= {ASN1_R_INVALID_UTF8STRING ,"invalid utf8string"}, {ASN1_R_IV_TOO_LARGE ,"iv too large"}, {ASN1_R_LENGTH_ERROR ,"length error"}, +{ASN1_R_MISSING_EOC ,"missing eoc"}, {ASN1_R_MISSING_SECOND_NUMBER ,"missing second number"}, +{ASN1_R_MSTRING_NOT_UNIVERSAL ,"mstring not universal"}, +{ASN1_R_MSTRING_WRONG_TAG ,"mstring wrong tag"}, {ASN1_R_NON_HEX_CHARACTERS ,"non hex characters"}, {ASN1_R_NOT_ENOUGH_DATA ,"not enough data"}, +{ASN1_R_NO_MATCHING_CHOICE_TYPE ,"no matching choice type"}, {ASN1_R_NULL_IS_WRONG_LENGTH ,"null is wrong length"}, {ASN1_R_ODD_NUMBER_OF_CHARS ,"odd number of chars"}, {ASN1_R_PARSING ,"parsing"}, {ASN1_R_PRIVATE_KEY_HEADER_MISSING ,"private key header missing"}, {ASN1_R_SECOND_NUMBER_TOO_LARGE ,"second number too large"}, +{ASN1_R_SEQUENCE_LENGTH_MISMATCH ,"sequence length mismatch"}, +{ASN1_R_SEQUENCE_NOT_CONSTRUCTED ,"sequence not constructed"}, {ASN1_R_SHORT_LINE ,"short line"}, {ASN1_R_STRING_TOO_LONG ,"string too long"}, {ASN1_R_STRING_TOO_SHORT ,"string too short"}, {ASN1_R_TAG_VALUE_TOO_HIGH ,"tag value too high"}, {ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"}, {ASN1_R_TOO_LONG ,"too long"}, +{ASN1_R_TYPE_NOT_CONSTRUCTED ,"type not constructed"}, {ASN1_R_UNABLE_TO_DECODE_RSA_KEY ,"unable to decode rsa key"}, {ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY ,"unable to decode rsa private key"}, -{ASN1_R_UNKNOWN_ATTRIBUTE_TYPE ,"unknown attribute type"}, +{ASN1_R_UNEXPECTED_EOC ,"unexpected eoc"}, {ASN1_R_UNKNOWN_FORMAT ,"unknown format"}, {ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM ,"unknown message digest algorithm"}, {ASN1_R_UNKNOWN_OBJECT_TYPE ,"unknown object type"}, {ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE ,"unknown public key type"}, +{ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE ,"unsupported any defined by type"}, {ASN1_R_UNSUPPORTED_CIPHER ,"unsupported cipher"}, {ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM ,"unsupported encryption algorithm"}, {ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE ,"unsupported public key type"}, -{ASN1_R_UTCTIME_TOO_LONG ,"utctime too long"}, -{ASN1_R_WRONG_PRINTABLE_TYPE ,"wrong printable type"}, {ASN1_R_WRONG_TAG ,"wrong tag"}, {ASN1_R_WRONG_TYPE ,"wrong type"}, {0,NULL} diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c index 77447a5240..830ff2af3c 100644 --- a/crypto/asn1/asn1_lib.c +++ b/crypto/asn1/asn1_lib.c @@ -59,7 +59,6 @@ #include <stdio.h> #include "cryptlib.h" #include <openssl/asn1.h> -#include <openssl/asn1_mac.h> static int asn1_get_length(unsigned char **pp,int *inf,long *rl,int max); static void asn1_put_length(unsigned char **pp, int length); diff --git a/crypto/asn1/asn1t.h b/crypto/asn1/asn1t.h new file mode 100644 index 0000000000..430c37124a --- /dev/null +++ b/crypto/asn1/asn1t.h @@ -0,0 +1,755 @@ +/* asn1t.h */ +/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL + * project 2000. + */ +/* ==================================================================== + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ +#ifndef HEADER_ASN1T_H +#define HEADER_ASN1T_H + +#include <stddef.h> +#include <openssl/asn1.h> + +/* ASN1 template defines, structures and functions */ + +#ifdef __cplusplus +extern "C" { +#endif + +/* Macros to aid ASN1 template writing */ + +#define ASN1_ITEM_TEMPLATE(tname) \ + const static ASN1_TEMPLATE tname##_item_tt + +#define ASN1_ITEM_TEMPLATE_END(tname) \ + ;\ + const ASN1_ITEM tname##_it = { \ + ASN1_ITYPE_PRIMITIVE,\ + -1,\ + &tname##_item_tt,\ + 0,\ + NULL,\ + 0,\ + #tname \ + } + + +/* This is a ASN1 type which just embeds a template */ + +/* This pair helps declare a SEQUENCE. We can do: + * + * ASN1_SEQUENCE(stname) = { + * ... SEQUENCE components ... + * } ASN1_SEQUENCE_END(stname); + * + * This will produce an ASN1_ITEM called stname_it + * for a structure called stname. + * + * If you want the same structure but a different + * name then use: + * + * ASN1_SEQUENCE(itname) = { + * ... SEQUENCE components ... + * } ASN1_SEQUENCE_END_name(stname, itname); + * + * This will create an item called itname_it using + * a structure called stname. + */ + +#define ASN1_SEQUENCE(tname) \ + const static ASN1_TEMPLATE tname##_seq_tt[] + +#define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname) + +#define ASN1_SEQUENCE_END_name(stname, tname) \ + ;\ + const ASN1_ITEM tname##_it = { \ + ASN1_ITYPE_SEQUENCE,\ + V_ASN1_SEQUENCE,\ + tname##_seq_tt,\ + sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ + NULL,\ + sizeof(stname),\ + #stname \ + } + +#define ASN1_SEQUENCE_cb(tname, cb) \ + const static ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \ + ASN1_SEQUENCE(tname) + +#define ASN1_BROKEN_SEQUENCE(tname) \ + const static ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \ + ASN1_SEQUENCE(tname) + +#define ASN1_SEQUENCE_ref(tname, cb, lck) \ + const static ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \ + ASN1_SEQUENCE(tname) + +#define ASN1_SEQUENCE_enc(tname, enc, cb) \ + const static ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \ + ASN1_SEQUENCE(tname) + +#define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname) + +#define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname) + +#define ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname) + +#define ASN1_SEQUENCE_END_ref(stname, tname) \ + ;\ + const ASN1_ITEM tname##_it = { \ + ASN1_ITYPE_SEQUENCE,\ + V_ASN1_SEQUENCE,\ + tname##_seq_tt,\ + sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ + &tname##_aux,\ + sizeof(stname),\ + #stname \ + } + + +/* This pair helps declare a CHOICE type. We can do: + * + * ASN1_CHOICE(chname) = { + * ... CHOICE options ... + * ASN1_CHOICE_END(chname); + * + * This will produce an ASN1_ITEM called chname_it + * for a structure called chname. The structure + * definition must look like this: + * typedef struct { + * int type; + * union { + * ASN1_SOMETHING *opt1; + * ASN1_SOMEOTHER *opt2; + * } value; + * } chname; + * + * the name of the selector must be 'type'. + * to use an alternative selector name use the + * ASN1_CHOICE_END_selector() version. + */ + +#define ASN1_CHOICE(tname) \ + const static ASN1_TEMPLATE tname##_ch_tt[] + +#define ASN1_CHOICE_cb(tname, cb) \ + const static ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \ + ASN1_CHOICE(tname) + +#define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname) + +#define ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type) + +#define ASN1_CHOICE_END_selector(stname, tname, selname) \ + ;\ + const ASN1_ITEM tname##_it = { \ + ASN1_ITYPE_CHOICE,\ + offsetof(stname,selname) ,\ + tname##_ch_tt,\ + sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\ + NULL,\ + sizeof(stname),\ + #stname \ + } + +#define ASN1_CHOICE_END_cb(stname, tname, selname) \ + ;\ + const ASN1_ITEM tname##_it = { \ + ASN1_ITYPE_CHOICE,\ + offsetof(stname,selname) ,\ + tname##_ch_tt,\ + sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\ + &tname##_aux,\ + sizeof(stname),\ + #stname \ + } + +/* This helps with the template wrapper form of ASN1_ITEM */ + +#define ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \ + (flags), (tag), 0,\ + #name, &(type##_it) } + +/* These help with SEQUENCE or CHOICE components */ + +/* used to declare other types */ + +#define ASN1_EX_TYPE(flags, tag, stname, field, type) { \ + (flags), (tag), offsetof(stname, field),\ + #field, &(type##_it) } + +/* used when the structure is combined with the parent */ + +#define ASN1_EX_COMBINE(flags, tag, type) { \ + (flags)|ASN1_TFLG_COMBINE, (tag), 0, NULL, &(type##_it) } + +/* implicit and explicit helper macros */ + +#define ASN1_IMP_EX(stname, field, type, tag, ex) \ + ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | ex, tag, stname, field, type) + +#define ASN1_EXP_EX(stname, field, type, tag, ex) \ + ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | ex, tag, stname, field, type) + +/* Any defined by macros: the field used is in the table itself */ + +#define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, &(tblname##_adb) } +#define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, &(tblname##_adb) } + +/* Plain simple type */ +#define ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type) + +/* OPTIONAL simple type */ +#define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type) + +/* IMPLICIT tagged simple type */ +#define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0) + +/* IMPLICIT tagged OPTIONAL simple type */ +#define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL) + +/* Same as above but EXPLICIT */ + +#define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0) +#define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL) + +/* SEQUENCE OF type */ +#define ASN1_SEQUENCE_OF(stname, field, type) \ + ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type) + +/* OPTIONAL SEQUENCE OF */ +#define ASN1_SEQUENCE_OF_OPT(stname, field, type) \ + ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type) + +/* Same as above but for SET OF */ + +#define ASN1_SET_OF(stname, field, type) \ + ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type) + +#define ASN1_SET_OF_OPT(stname, field, type) \ + ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type) + +/* Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL */ + +#define ASN1_IMP_SET_OF(stname, field, type, tag) \ + ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF) + +#define ASN1_EXP_SET_OF(stname, field, type, tag) \ + ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF) + +#define ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \ + ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL) + +#define ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \ + ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL) + +#define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \ + ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF) + +#define ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \ + ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL) + +#define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \ + ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF) + +#define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \ + ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL) + +/* Macros for the ASN1_ADB structure */ + +#define ASN1_ADB(name) \ + const static ASN1_ADB_TABLE name##_adbtbl[] + +#define ASN1_ADB_END(name, flags, field, app_table, def, none) \ + ;\ + const static ASN1_ADB name##_adb = {\ + flags,\ + offsetof(name, field),\ + app_table,\ + name##_adbtbl,\ + sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\ + def,\ + none\ + } + +#define ADB_ENTRY(val, template) {val, template} + +#define ASN1_ADB_TEMPLATE(name) \ + const static ASN1_TEMPLATE name##_tt + +/* This is the ASN1 template structure that defines + * a wrapper round the actual type. It determines the + * actual position of the field in the value structure, + * various flags such as OPTIONAL and the field name. + */ + +struct ASN1_TEMPLATE_st { +unsigned long flags; /* Various flags */ +long tag; /* tag, not used if no tagging */ +unsigned long offset; /* Offset of this field in structure */ +#ifndef NO_ASN1_FIELD_NAMES +char *field_name; /* Field name */ +#endif +const void *item; /* Relevant ASN1_ITEM or ASN1_ADB */ +}; + + +typedef struct ASN1_ADB_TABLE_st ASN1_ADB_TABLE; +typedef struct ASN1_ADB_st ASN1_ADB; + +struct ASN1_ADB_st { + unsigned long flags; /* Various flags */ + unsigned long offset; /* Offset of selector field */ + STACK_OF(ASN1_ADB_TABLE) **app_items; /* Application defined items */ + const ASN1_ADB_TABLE *tbl; /* Table of possible types */ + long tblcount; /* Number of entries in tbl */ + const ASN1_TEMPLATE *default_tt; /* Type to use if no match */ + const ASN1_TEMPLATE *null_tt; /* Type to use if selector is NULL */ +}; + +struct ASN1_ADB_TABLE_st { + long value; /* NID for an object or value for an int */ + const ASN1_TEMPLATE tt; /* item for this value */ +}; + +/* template flags */ + +/* Field is optional */ +#define ASN1_TFLG_OPTIONAL (0x1) + +/* Field is a SET OF */ +#define ASN1_TFLG_SET_OF (0x1 << 1) + +/* Field is a SEQUENCE OF */ +#define ASN1_TFLG_SEQUENCE_OF (0x2 << 1) + +#define ASN1_TFLG_SK_MASK (0x3 << 1) + +/* These flags mean the tag should be taken from the + * tag field. If EXPLICIT then the underlying type + * is used for the inner tag. + */ + +/* IMPLICIT tagging */ +#define ASN1_TFLG_IMPTAG (0x1 << 3) + + +/* EXPLICIT tagging, inner tag from underlying type */ +#define ASN1_TFLG_EXPTAG (0x2 << 3) + +#define ASN1_TFLG_TAG_MASK (0x3 << 3) + +/* context specific IMPLICIT */ +#define ASN1_TFLG_IMPLICIT ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT + +/* context specific EXPLICIT */ +#define ASN1_TFLG_EXPLICIT ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT + +/* If tagging is in force these determine the + * type of tag to use. Otherwise the tag is + * determined by the underlying type. These + * values reflect the actual octet format. + */ + +/* Universal tag */ +#define ASN1_TFLG_UNIVERSAL (0x0<<6) +/* Application tag */ +#define ASN1_TFLG_APPLICATION (0x1<<6) +/* Context specific tag */ +#define ASN1_TFLG_CONTEXT (0x2<<6) +/* Private tag */ +#define ASN1_TFLG_PRIVATE (0x3<<6) + +#define ASN1_TFLG_TAG_CLASS (0x3<<6) + +/* These are for ANY DEFINED BY type. In this case + * the 'item' field points to an ASN1_ADB structure + * which contains a table of values to decode the + * relevant type + */ + +#define ASN1_TFLG_ADB_MASK (0x3<<8) + +#define ASN1_TFLG_ADB_OID (0x1<<8) + +#define ASN1_TFLG_ADB_INT (0x1<<9) + +/* This flag means a parent structure is passed + * instead of the field: this is useful is a + * SEQUENCE is being combined with a CHOICE for + * example. Since this means the structure and + * item name will differ we need to use the + * ASN1_CHOICE_END_name() macro for example. + */ + +#define ASN1_TFLG_COMBINE (0x1<<10) + +/* This is the actual ASN1 item itself */ + +struct ASN1_ITEM_st { +char itype; /* The item type, primitive, SEQUENCE, CHOICE or extern */ +long utype; /* underlying type */ +const ASN1_TEMPLATE *templates; /* If SEQUENCE or CHOICE this contains the contents */ +long tcount; /* Number of templates if SEQUENCE or CHOICE */ +const void *funcs; /* functions that handle this type */ +long size; /* Structure size (usually)*/ +#ifndef NO_ASN1_FIELD_NAMES +const char *sname; /* Structure name */ +#endif +}; + +/* These are values for the itype field and + * determine how the type is interpreted. + * + * For PRIMITIVE types the underlying type + * determines the behaviour if items is NULL. + * + * Otherwise templates must contain a single + * template and the type is treated in the + * same way as the type specified in the template. + * + * For SEQUENCE types the templates field points + * to the members, the size field is the + * structure size. + * + * For CHOICE types the templates field points + * to each possible member (typically a union) + * and the 'size' field is the offset of the + * selector. + * + * The 'funcs' field is used for application + * specific functions. + * + * For COMPAT types the funcs field gives a + * set of functions that handle this type, this + * supports the old d2i, i2d convention. + * + * The EXTERN type uses a new style d2i/i2d. + * The new style should be used where possible + * because it avoids things like the d2i IMPLICIT + * hack. + * + * MSTRING is a multiple string type, it is used + * for a CHOICE of character strings where the + * actual strings all occupy an ASN1_STRING + * structure. In this case the 'utype' field + * has a special meaning, it is used as a mask + * of acceptable types using the B_ASN1 constants. + * + */ + +#define ASN1_ITYPE_PRIMITIVE 0x0 + +#define ASN1_ITYPE_SEQUENCE 0x1 + +#define ASN1_ITYPE_CHOICE 0x2 + +#define ASN1_ITYPE_COMPAT 0x3 + +#define ASN1_ITYPE_EXTERN 0x4 + +#define ASN1_ITYPE_MSTRING 0x5 + +/* Cache for ASN1 tag and length, so we + * don't keep re-reading it for things + * like CHOICE + */ + +struct ASN1_TLC_st{ + char valid; /* Values below are valid */ + int ret; /* return value */ + long plen; /* length */ + int ptag; /* class value */ + int pclass; /* class value */ + int hdrlen; /* header length */ +}; + +/* Typedefs for ASN1 function pointers */ + +typedef ASN1_VALUE * ASN1_new_func(void); +typedef void ASN1_free_func(ASN1_VALUE *a); +typedef ASN1_VALUE * ASN1_d2i_func(ASN1_VALUE **a, unsigned char ** in, long length); +typedef int ASN1_i2d_func(ASN1_VALUE * a, unsigned char **in); + +typedef int ASN1_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it, + int tag, int aclass, char opt, ASN1_TLC *ctx); + +typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); +typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it); +typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it); + +typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); +typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); + +typedef struct ASN1_COMPAT_FUNCS_st { + ASN1_new_func *asn1_new; + ASN1_free_func *asn1_free; + ASN1_d2i_func *asn1_d2i; + ASN1_i2d_func *asn1_i2d; +} ASN1_COMPAT_FUNCS; + +typedef struct ASN1_EXTERN_FUNCS_st { + void *app_data; + ASN1_ex_new_func *asn1_ex_new; + ASN1_ex_free_func *asn1_ex_free; + ASN1_ex_free_func *asn1_ex_clear; + ASN1_ex_d2i *asn1_ex_d2i; + ASN1_ex_i2d *asn1_ex_i2d; +} ASN1_EXTERN_FUNCS; + +typedef struct ASN1_PRIMITIVE_FUNCS_st { + void *app_data; + unsigned long flags; + ASN1_ex_new_func *prim_new; + ASN1_ex_free_func *prim_free; + ASN1_ex_free_func *prim_clear; + ASN1_primitive_c2i *prim_c2i; + ASN1_primitive_i2c *prim_i2c; +} ASN1_PRIMITIVE_FUNCS; + +/* This is the ASN1_AUX structure: it handles various + * miscellaneous requirements. For example the use of + * reference counts and an informational callback. + * + * The "informational callback" is called at various + * points during the ASN1 encoding and decoding. It can + * be used to provide minor customisation of the structures + * used. This is most useful where the supplied routines + * *almost* do the right thing but need some extra help + * at a few points. If the callback returns zero then + * it is assumed a fatal error has occurred and the + * main operation should be abandoned. + * + * If major changes in the default behaviour are required + * then an external type is more appropriate. + */ + +typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it); + +typedef struct ASN1_AUX_st { + void *app_data; + int flags; + int ref_offset; /* Offset of reference value */ + int ref_lock; /* Lock type to use */ + ASN1_aux_cb *asn1_cb; + int enc_offset; /* Offset of ASN1_ENCODING structure */ +} ASN1_AUX; + +/* Flags in ASN1_AUX */ + +/* Use a reference count */ +#define ASN1_AFLG_REFCOUNT 1 +/* Save the encoding of structure (useful for signatures) */ +#define ASN1_AFLG_ENCODING 2 +/* The Sequence length is invalid */ +#define ASN1_AFLG_BROKEN 4 + +/* operation values for asn1_cb */ + +#define ASN1_OP_NEW_PRE 0 +#define ASN1_OP_NEW_POST 1 +#define ASN1_OP_FREE_PRE 2 +#define ASN1_OP_FREE_POST 3 +#define ASN1_OP_D2I_PRE 4 +#define ASN1_OP_D2I_POST 5 +#define ASN1_OP_I2D_PRE 6 +#define ASN1_OP_I2D_POST 7 + +/* Macro to implement a primitive type */ +#define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0) +#define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) const ASN1_ITEM itname##_it = \ + { ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname}; + +/* Macro to implement a multi string type */ +#define IMPLEMENT_ASN1_MSTRING(itname, mask) const ASN1_ITEM itname##_it = \ + { ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname}; + +/* Macro to implement an ASN1_ITEM in terms of old style funcs */ + +#define IMPLEMENT_COMPAT_ASN1(sname) IMPLEMENT_COMPAT_ASN1_type(sname, V_ASN1_SEQUENCE) + +#define IMPLEMENT_COMPAT_ASN1_type(sname, tag) \ + static const ASN1_COMPAT_FUNCS sname##_ff = { \ + (ASN1_new_func *)sname##_new, \ + (ASN1_free_func *)sname##_free, \ + (ASN1_d2i_func *)d2i_##sname, \ + (ASN1_i2d_func *)i2d_##sname, \ + }; \ + ASN1_ITEM const sname##_it = { \ + ASN1_ITYPE_COMPAT, \ + tag, \ + NULL, \ + 0, \ + &sname##_ff, \ + 0, \ + #sname \ + } + +#define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \ + const ASN1_ITEM sname##_it = { \ + ASN1_ITYPE_EXTERN, \ + tag, \ + NULL, \ + 0, \ + &fptrs, \ + 0, \ + #sname \ + }; + +/* Macro to implement standard functions in terms of ASN1_ITEM structures */ + +#define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname) + +#define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname) + +#define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \ + IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname) + +#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \ + stname *fname##_new(void) \ + { \ + return (stname *)ASN1_item_new(&itname##_it); \ + } \ + void fname##_free(stname *a) \ + { \ + ASN1_item_free((ASN1_VALUE *)a, &itname##_it); \ + } + +#define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \ + IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \ + IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) + +#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \ + stname *d2i_##fname(stname **a, unsigned char **in, long len) \ + { \ + return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, &itname##_it);\ + } \ + int i2d_##fname(stname *a, unsigned char **out) \ + { \ + return ASN1_item_i2d((ASN1_VALUE *)a, out, &itname##_it);\ + } + +/* This includes evil casts to remove const: they will go away when full + * ASN1 constification is done. + */ +#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ + stname *d2i_##fname(stname **a, const unsigned char **in, long len) \ + { \ + return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, (unsigned char **)in, len, &itname##_it);\ + } \ + int i2d_##fname(const stname *a, unsigned char **out) \ + { \ + return ASN1_item_i2d((ASN1_VALUE *)a, out, &itname##_it);\ + } + +#define IMPLEMENT_ASN1_FUNCTIONS_const(name) \ + IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name) + +#define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \ + IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ + IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) + +/* external definitions for primitive types */ + +extern const ASN1_ITEM ASN1_BOOLEAN_it; +extern const ASN1_ITEM ASN1_TBOOLEAN_it; +extern const ASN1_ITEM ASN1_FBOOLEAN_it; +extern const ASN1_ITEM ASN1_OBJECT_it; +extern const ASN1_ITEM ASN1_ANY_it; +extern const ASN1_ITEM ASN1_SEQUENCE_it; +extern const ASN1_ITEM CBIGNUM_it; +extern const ASN1_ITEM BIGNUM_it; +extern const ASN1_ITEM LONG_it; +extern const ASN1_ITEM ZLONG_it; + +DECLARE_STACK_OF(ASN1_VALUE) + +/* Functions used internally by the ASN1 code */ + +int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it); +void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it); +int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); +int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it); + +void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); +int ASN1_template_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt); +int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it, + int tag, int aclass, char opt, ASN1_TLC *ctx); + +int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); +int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt); +void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it); + +int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); +int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); + +int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it); +int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it); + +ASN1_VALUE ** asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); + +const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr); + +int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it); + +void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it); +void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it); +int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it); +int asn1_enc_save(ASN1_VALUE **pval, unsigned char *in, int inlen, const ASN1_ITEM *it); + +#ifdef __cplusplus +} +#endif +#endif diff --git a/crypto/asn1/d2i_dhp.c b/crypto/asn1/d2i_dhp.c deleted file mode 100644 index d64ec746ce..0000000000 --- a/crypto/asn1/d2i_dhp.c +++ /dev/null @@ -1,101 +0,0 @@ -/* crypto/asn1/d2i_dhp.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_DH -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/bn.h> -#include <openssl/dh.h> -#include <openssl/objects.h> -#include <openssl/asn1_mac.h> - -DH *d2i_DHparams(DH **a, const unsigned char **pp, long length) - { - int i=ERR_R_NESTED_ASN1_ERROR; - ASN1_INTEGER *bs=NULL; - long v=0; - M_ASN1_D2I_vars(a,DH *,DH_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL) goto err_bn; - - if (!M_ASN1_D2I_end_sequence()) - { - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - for (i=0; i<bs->length; i++) - v=(v<<8)|(bs->data[i]); - ret->length=(int)v; - } - - M_ASN1_BIT_STRING_free(bs); - - M_ASN1_D2I_Finish_2(a); - -err_bn: - i=ERR_R_BN_LIB; -err: - ASN1err(ASN1_F_D2I_DHPARAMS,i); - if ((ret != NULL) && ((a == NULL) || (*a != ret))) DH_free(ret); - if (bs != NULL) M_ASN1_BIT_STRING_free(bs); - return(NULL); - } -#endif diff --git a/crypto/asn1/d2i_dsap.c b/crypto/asn1/d2i_dsap.c deleted file mode 100644 index 1b6b7cd5bf..0000000000 --- a/crypto/asn1/d2i_dsap.c +++ /dev/null @@ -1,99 +0,0 @@ -/* crypto/asn1/d2i_dsap.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_DSA -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/bn.h> -#include <openssl/dsa.h> -#include <openssl/objects.h> -#include <openssl/asn1_mac.h> - -#ifndef NO_NEG_PUBKEY_BUG -#define d2i_ASN1_INTEGER d2i_ASN1_UINTEGER -#endif - -DSA *d2i_DSAparams(DSA **a, const unsigned char **pp, long length) - { - int i=ERR_R_NESTED_ASN1_ERROR; - ASN1_INTEGER *bs=NULL; - M_ASN1_D2I_vars(a,DSA *,DSA_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL) goto err_bn; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL) goto err_bn; - - M_ASN1_BIT_STRING_free(bs); - bs = NULL; - - M_ASN1_D2I_Finish_2(a); - -err_bn: - i=ERR_R_BN_LIB; -err: - ASN1err(ASN1_F_D2I_DSAPARAMS,i); - if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_free(ret); - if (bs != NULL) M_ASN1_BIT_STRING_free(bs); - return(NULL); - } -#endif diff --git a/crypto/asn1/d2i_r_pr.c b/crypto/asn1/d2i_r_pr.c deleted file mode 100644 index 46037a04e6..0000000000 --- a/crypto/asn1/d2i_r_pr.c +++ /dev/null @@ -1,129 +0,0 @@ -/* crypto/asn1/d2i_r_pr.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_RSA -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/bn.h> -#include <openssl/rsa.h> -#include <openssl/objects.h> -#include <openssl/asn1_mac.h> - -static ASN1_METHOD method={ - (int (*)()) i2d_RSAPrivateKey, - (char *(*)())d2i_RSAPrivateKey, - (char *(*)())RSA_new, - (void (*)()) RSA_free}; - -ASN1_METHOD *RSAPrivateKey_asn1_meth(void) - { - return(&method); - } - -RSA *d2i_RSAPrivateKey(RSA **a, const unsigned char **pp, long length) - { - int i=ASN1_R_PARSING; - ASN1_INTEGER *bs=NULL; - M_ASN1_D2I_vars(a,RSA *,RSA_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if (bs->length == 0) - ret->version=0; - else ret->version=bs->data[0]; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->n=BN_bin2bn(bs->data,bs->length,ret->n)) == NULL) goto err_bn; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->e=BN_bin2bn(bs->data,bs->length,ret->e)) == NULL) goto err_bn; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->d=BN_bin2bn(bs->data,bs->length,ret->d)) == NULL) goto err_bn; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL) goto err_bn; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->dmp1=BN_bin2bn(bs->data,bs->length,ret->dmp1)) == NULL) - goto err_bn; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->dmq1=BN_bin2bn(bs->data,bs->length,ret->dmq1)) == NULL) - goto err_bn; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->iqmp=BN_bin2bn(bs->data,bs->length,ret->iqmp)) == NULL) - goto err_bn; - - M_ASN1_INTEGER_free(bs); - bs = NULL; - - M_ASN1_D2I_Finish_2(a); -err_bn: - i=ERR_R_BN_LIB; -err: - ASN1err(ASN1_F_D2I_RSAPRIVATEKEY,i); - if ((ret != NULL) && ((a == NULL) || (*a != ret))) RSA_free(ret); - if (bs != NULL) M_ASN1_INTEGER_free(bs); - - return(NULL); - } -#else /* !NO_RSA */ - -# if PEDANTIC -static void *dummy=&dummy; -# endif - -#endif diff --git a/crypto/asn1/d2i_r_pu.c b/crypto/asn1/d2i_r_pu.c deleted file mode 100644 index 0d11d85983..0000000000 --- a/crypto/asn1/d2i_r_pu.c +++ /dev/null @@ -1,103 +0,0 @@ -/* crypto/asn1/d2i_r_pu.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_RSA -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/bn.h> -#include <openssl/rsa.h> -#include <openssl/objects.h> -#include <openssl/asn1_mac.h> - -#ifndef NO_NEG_PUBKEY_BUG -#define d2i_ASN1_INTEGER d2i_ASN1_UINTEGER -#endif - -RSA *d2i_RSAPublicKey(RSA **a, const unsigned char **pp, long length) - { - int i=ASN1_R_PARSING; - ASN1_INTEGER *bs=NULL; - M_ASN1_D2I_vars(a,RSA *,RSA_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->n=BN_bin2bn(bs->data,bs->length,ret->n)) == NULL) goto err_bn; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->e=BN_bin2bn(bs->data,bs->length,ret->e)) == NULL) goto err_bn; - - M_ASN1_INTEGER_free(bs); - bs=NULL; - - M_ASN1_D2I_Finish_2(a); - -err_bn: - i=ERR_R_BN_LIB; -err: - ASN1err(ASN1_F_D2I_RSAPUBLICKEY,i); - if ((ret != NULL) && ((a == NULL) || (*a != ret))) RSA_free(ret); - if (bs != NULL) M_ASN1_INTEGER_free(bs); - return(NULL); - } -#else /* !NO_RSA */ - -# if PEDANTIC -static void *dummy=&dummy; -# endif - -#endif diff --git a/crypto/asn1/d2i_s_pr.c b/crypto/asn1/d2i_s_pr.c deleted file mode 100644 index 4722b26458..0000000000 --- a/crypto/asn1/d2i_s_pr.c +++ /dev/null @@ -1,106 +0,0 @@ -/* crypto/asn1/d2i_s_pr.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */ - -#ifndef NO_DSA -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/bn.h> -#include <openssl/dsa.h> -#include <openssl/objects.h> -#include <openssl/asn1_mac.h> - -DSA *d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length) - { - int i=ASN1_R_PARSING; - ASN1_INTEGER *bs=NULL; - M_ASN1_D2I_vars(a,DSA *,DSA_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if (bs->length == 0) - ret->version=0; - else ret->version=bs->data[0]; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL) goto err_bn; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL) goto err_bn; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->pub_key=BN_bin2bn(bs->data,bs->length,ret->pub_key)) - == NULL) goto err_bn; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->priv_key=BN_bin2bn(bs->data,bs->length,ret->priv_key)) - == NULL) goto err_bn; - - M_ASN1_INTEGER_free(bs); - bs = NULL; - - M_ASN1_D2I_Finish_2(a); -err_bn: - i=ERR_R_BN_LIB; -err: - ASN1err(ASN1_F_D2I_DSAPRIVATEKEY,i); - if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_free(ret); - if (bs != NULL) M_ASN1_INTEGER_free(bs); - return(NULL); - } -#endif diff --git a/crypto/asn1/d2i_s_pu.c b/crypto/asn1/d2i_s_pu.c deleted file mode 100644 index 4d1a772e8c..0000000000 --- a/crypto/asn1/d2i_s_pu.c +++ /dev/null @@ -1,121 +0,0 @@ -/* crypto/asn1/d2i_s_pu.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */ - -#ifndef NO_DSA -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/bn.h> -#include <openssl/dsa.h> -#include <openssl/objects.h> -#include <openssl/asn1_mac.h> - -#ifndef NO_NEG_PUBKEY_BUG -#define d2i_ASN1_INTEGER d2i_ASN1_UINTEGER -#endif - -DSA *d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length) - { - int i=ASN1_R_PARSING; - ASN1_INTEGER *bs=NULL; - M_ASN1_D2I_vars(a,DSA *,DSA_new); - - M_ASN1_D2I_Init(); - if ((length != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) - == (V_ASN1_UNIVERSAL|(V_ASN1_INTEGER)))) - { - c.slen=length; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->pub_key=BN_bin2bn(bs->data,bs->length,ret->pub_key)) - == NULL) - goto err_bn; - ret->write_params=0; - } - else - { - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->pub_key=BN_bin2bn(bs->data,bs->length,ret->pub_key)) - == NULL) - goto err_bn; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) - goto err_bn; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL) - goto err_bn; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL) - goto err_bn; - - ret->write_params=1; - } - - M_ASN1_INTEGER_free(bs); - bs=NULL; - M_ASN1_D2I_Finish_2(a); -err_bn: - i=ERR_R_BN_LIB; -err: - ASN1err(ASN1_F_D2I_DSAPUBLICKEY,i); - if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_free(ret); - if (bs != NULL) M_ASN1_INTEGER_free(bs); - return(NULL); - } -#endif diff --git a/crypto/asn1/i2d_dhp.c b/crypto/asn1/i2d_dhp.c deleted file mode 100644 index 68d0c7434a..0000000000 --- a/crypto/asn1/i2d_dhp.c +++ /dev/null @@ -1,128 +0,0 @@ -/* crypto/asn1/i2d_dhp.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_DH -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/bn.h> -#include <openssl/asn1_mac.h> -#include <openssl/dh.h> - -int i2d_DHparams(const DH *a, unsigned char **pp) - { - BIGNUM *num[3]; - ASN1_INTEGER bs; - unsigned int j,i,tot=0,len,max=0; - int t,ret= -1; - unsigned char *p; - - if (a == NULL) return(0); - num[0]=a->p; - num[1]=a->g; - if (a->length != 0) - { - if ((num[2]=BN_new()) == NULL) goto err; - if (!BN_set_word(num[2],a->length)) goto err; - } - else - num[2]=NULL; - - for (i=0; i<3; i++) - { - if (num[i] == NULL) continue; - j=BN_num_bits(num[i]); - len=((j == 0)?0:((j/8)+1)); - if (len > max) max=len; - len=ASN1_object_size(0,len, - (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER); - tot+=len; - } - - t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE); - if (pp == NULL) - { - if (num[2] != NULL) - BN_free(num[2]); - return(t); - } - - p= *pp; - ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); - - bs.type=V_ASN1_INTEGER; - bs.data=(unsigned char *)OPENSSL_malloc(max+4); - if (bs.data == NULL) - { - ASN1err(ASN1_F_I2D_DHPARAMS,ERR_R_MALLOC_FAILURE); - goto err; - } - - for (i=0; i<3; i++) - { - if (num[i] == NULL) continue; - bs.length=BN_bn2bin(num[i],bs.data); - i2d_ASN1_INTEGER(&bs,&p); - } - OPENSSL_free(bs.data); - ret=t; -err: - if (num[2] != NULL) BN_free(num[2]); - *pp=p; - return(ret); - } -#endif diff --git a/crypto/asn1/i2d_dsap.c b/crypto/asn1/i2d_dsap.c deleted file mode 100644 index 028957992e..0000000000 --- a/crypto/asn1/i2d_dsap.c +++ /dev/null @@ -1,117 +0,0 @@ -/* crypto/asn1/i2d_dsap.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_DSA -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/bn.h> -#include <openssl/asn1_mac.h> -#include <openssl/dsa.h> - -int i2d_DSAparams(const DSA *a, unsigned char **pp) - { - BIGNUM *num[3]; - ASN1_INTEGER bs; - unsigned int j,i,tot=0,len,max=0; - int t,ret= -1; - unsigned char *p; - - if (a == NULL) return(0); - num[0]=a->p; - num[1]=a->q; - num[2]=a->g; - - for (i=0; i<3; i++) - { - if (num[i] == NULL) continue; - j=BN_num_bits(num[i]); - len=((j == 0)?0:((j/8)+1)); - if (len > max) max=len; - len=ASN1_object_size(0,len, - (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER); - tot+=len; - } - - t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE); - if (pp == NULL) return(t); - - p= *pp; - ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); - - bs.type=V_ASN1_INTEGER; - bs.data=(unsigned char *)OPENSSL_malloc(max+4); - if (bs.data == NULL) - { - ASN1err(ASN1_F_I2D_DSAPARAMS,ERR_R_MALLOC_FAILURE); - goto err; - } - - for (i=0; i<3; i++) - { - if (num[i] == NULL) continue; - bs.length=BN_bn2bin(num[i],bs.data); - i2d_ASN1_INTEGER(&bs,&p); - } - OPENSSL_free(bs.data); - ret=t; -err: - *pp=p; - return(ret); - } -#endif - diff --git a/crypto/asn1/i2d_r_pr.c b/crypto/asn1/i2d_r_pr.c deleted file mode 100644 index 518f4af9a6..0000000000 --- a/crypto/asn1/i2d_r_pr.c +++ /dev/null @@ -1,133 +0,0 @@ -/* crypto/asn1/i2d_r_pr.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_RSA -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/bn.h> -#include <openssl/rsa.h> -#include <openssl/objects.h> -#include <openssl/asn1_mac.h> - -int i2d_RSAPrivateKey(const RSA *a, unsigned char **pp) - { - BIGNUM *num[9]; - unsigned char data[1]; - ASN1_INTEGER bs; - unsigned int j,i,tot,t,len,max=0; - unsigned char *p; - - if (a == NULL) return(0); - - num[1]=a->n; - num[2]=a->e; - num[3]=a->d; - num[4]=a->p; - num[5]=a->q; - num[6]=a->dmp1; - num[7]=a->dmq1; - num[8]=a->iqmp; - - bs.length=1; - bs.data=data; - bs.type=V_ASN1_INTEGER; - data[0]=a->version&0x7f; - - tot=i2d_ASN1_INTEGER(&(bs),NULL); - for (i=1; i<9; i++) - { - j=BN_num_bits(num[i]); - len=((j == 0)?0:((j/8)+1)); - if (len > max) max=len; - len=ASN1_object_size(0,len, - (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER); - tot+=len; - } - - t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE); - if (pp == NULL) return(t); - - p= *pp; - ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); - - i2d_ASN1_INTEGER(&bs,&p); - - bs.data=(unsigned char *)OPENSSL_malloc(max+4); - if (bs.data == NULL) - { - ASN1err(ASN1_F_I2D_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE); - return(-1); - } - - for (i=1; i<9; i++) - { - bs.length=BN_bn2bin(num[i],bs.data); - i2d_ASN1_INTEGER(&bs,&p); - } - OPENSSL_free(bs.data); - *pp=p; - return(t); - } -#else /* !NO_RSA */ - -# if PEDANTIC -static void *dummy=&dummy; -# endif - -#endif - diff --git a/crypto/asn1/i2d_r_pu.c b/crypto/asn1/i2d_r_pu.c deleted file mode 100644 index 4a07ff961e..0000000000 --- a/crypto/asn1/i2d_r_pu.c +++ /dev/null @@ -1,118 +0,0 @@ -/* crypto/asn1/i2d_r_pu.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_RSA -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/bn.h> -#include <openssl/rsa.h> -#include <openssl/objects.h> -#include <openssl/asn1_mac.h> - -int i2d_RSAPublicKey(const RSA *a, unsigned char **pp) - { - BIGNUM *num[2]; - ASN1_INTEGER bs; - unsigned int j,i,tot=0,len,max=0,t; - unsigned char *p; - - if (a == NULL) return(0); - - num[0]=a->n; - num[1]=a->e; - - for (i=0; i<2; i++) - { - j=BN_num_bits(num[i]); - len=((j == 0)?0:((j/8)+1)); - if (len > max) max=len; - len=ASN1_object_size(0,len, - (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER); - tot+=len; - } - - t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE); - if (pp == NULL) return(t); - - p= *pp; - ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); - - bs.type=V_ASN1_INTEGER; - bs.data=(unsigned char *)OPENSSL_malloc(max+4); - if (bs.data == NULL) - { - ASN1err(ASN1_F_I2D_RSAPUBLICKEY,ERR_R_MALLOC_FAILURE); - return(-1); - } - - for (i=0; i<2; i++) - { - bs.length=BN_bn2bin(num[i],bs.data); - i2d_ASN1_INTEGER(&bs,&p); - } - OPENSSL_free(bs.data); - *pp=p; - return(t); - } -#else /* !NO_RSA */ - -# if PEDANTIC -static void *dummy=&dummy; -# endif - -#endif diff --git a/crypto/asn1/i2d_s_pr.c b/crypto/asn1/i2d_s_pr.c deleted file mode 100644 index 124ad98285..0000000000 --- a/crypto/asn1/i2d_s_pr.c +++ /dev/null @@ -1,123 +0,0 @@ -/* crypto/asn1/i2d_s_pr.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_DSA -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/bn.h> -#include <openssl/dsa.h> -#include <openssl/objects.h> -#include <openssl/asn1_mac.h> - -int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp) - { - BIGNUM *num[6]; - unsigned char data[1]; - ASN1_INTEGER bs; - unsigned int j,i,tot,t,len,max=0; - unsigned char *p; - - if (a == NULL) return(0); - - num[1]=a->p; - num[2]=a->q; - num[3]=a->g; - num[4]=a->pub_key; - num[5]=a->priv_key; - - bs.length=1; - bs.data=data; - bs.type=V_ASN1_INTEGER; - data[0]=a->version&0x7f; - - tot=i2d_ASN1_INTEGER(&(bs),NULL); - for (i=1; i<6; i++) - { - j=BN_num_bits(num[i]); - len=((j == 0)?0:((j/8)+1)); - if (len > max) max=len; - len=ASN1_object_size(0,len, - (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER); - tot+=len; - } - - t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE); - if (pp == NULL) return(t); - - p= *pp; - ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); - - i2d_ASN1_INTEGER(&bs,&p); - - bs.data=(unsigned char *)OPENSSL_malloc(max+4); - if (bs.data == NULL) - { - ASN1err(ASN1_F_I2D_DSAPRIVATEKEY,ERR_R_MALLOC_FAILURE); - return(-1); - } - - for (i=1; i<6; i++) - { - bs.length=BN_bn2bin(num[i],bs.data); - i2d_ASN1_INTEGER(&bs,&p); - } - OPENSSL_free(bs.data); - *pp=p; - return(t); - } -#endif diff --git a/crypto/asn1/i2d_s_pu.c b/crypto/asn1/i2d_s_pu.c deleted file mode 100644 index 96e9ff595b..0000000000 --- a/crypto/asn1/i2d_s_pu.c +++ /dev/null @@ -1,129 +0,0 @@ -/* crypto/asn1/i2d_s_pu.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef NO_DSA -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/bn.h> -#include <openssl/dsa.h> -#include <openssl/objects.h> -#include <openssl/asn1_mac.h> - -int i2d_DSAPublicKey(const DSA *a, unsigned char **pp) - { - BIGNUM *num[4]; - ASN1_INTEGER bs; - unsigned int j,i,tot=0,len,max=0,t=0,all,n=1; - unsigned char *p; - - if (a == NULL) return(0); - - all=a->write_params; - - num[0]=a->pub_key; - if (all) - { - num[1]=a->p; - num[2]=a->q; - num[3]=a->g; - n=4; - } - - for (i=0; i<n; i++) - { - j=BN_num_bits(num[i]); - len=((j == 0)?0:((j/8)+1)); - if (len > max) max=len; - len=ASN1_object_size(0,len, - (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER); - tot+=len; - } - - if (all) - { - t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE); - if (pp == NULL) return(t); - } - else - { - if (pp == NULL) return(tot); - } - - p= *pp; - if (all) - ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); - - bs.type=V_ASN1_INTEGER; - bs.data=(unsigned char *)OPENSSL_malloc(max+4); - if (bs.data == NULL) - { - ASN1err(ASN1_F_I2D_DSAPUBLICKEY,ERR_R_MALLOC_FAILURE); - return(-1); - } - - for (i=0; i<n; i++) - { - bs.length=BN_bn2bin(num[i],bs.data); - i2d_ASN1_INTEGER(&bs,&p); - } - OPENSSL_free(bs.data); - *pp=p; - if(all) return(t); - else return(tot); - } -#endif diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c index b091eac5d2..82a621224b 100644 --- a/crypto/asn1/n_pkey.c +++ b/crypto/asn1/n_pkey.c @@ -61,6 +61,7 @@ #include "cryptlib.h" #include <openssl/rsa.h> #include <openssl/objects.h> +#include <openssl/asn1t.h> #include <openssl/asn1_mac.h> #include <openssl/evp.h> #include <openssl/x509.h> @@ -70,15 +71,39 @@ typedef struct netscape_pkey_st { - ASN1_INTEGER *version; + long version; X509_ALGOR *algor; ASN1_OCTET_STRING *private_key; } NETSCAPE_PKEY; -static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp); -static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a,unsigned char **pp, long length); -static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void); -static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *); +typedef struct netscape_encrypted_pkey_st + { + ASN1_OCTET_STRING *os; + /* This is the same structure as DigestInfo so use it: + * although this isn't really anything to do with + * digests. + */ + X509_SIG *enckey; + } NETSCAPE_ENCRYPTED_PKEY; + + +ASN1_BROKEN_SEQUENCE(NETSCAPE_ENCRYPTED_PKEY) = { + ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY, os, ASN1_OCTET_STRING), + ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY, enckey, X509_SIG) +} ASN1_BROKEN_SEQUENCE_END(NETSCAPE_ENCRYPTED_PKEY); + +IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY) + +ASN1_SEQUENCE(NETSCAPE_PKEY) = { + ASN1_SIMPLE(NETSCAPE_PKEY, version, LONG), + ASN1_SIMPLE(NETSCAPE_PKEY, algor, X509_ALGOR), + ASN1_SIMPLE(NETSCAPE_PKEY, private_key, ASN1_OCTET_STRING) +} ASN1_SEQUENCE_END(NETSCAPE_PKEY); + +IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_PKEY) + +static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, + int (*cb)(), int sgckey); int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)()) { @@ -87,79 +112,78 @@ int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)()) int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey) { - int i,j,l[6]; - NETSCAPE_PKEY *pkey; + int i, j, ret = 0; + int rsalen, pkeylen, olen; + NETSCAPE_PKEY *pkey = NULL; + NETSCAPE_ENCRYPTED_PKEY *enckey = NULL; unsigned char buf[256],*zz; unsigned char key[EVP_MAX_KEY_LENGTH]; EVP_CIPHER_CTX ctx; - X509_ALGOR *alg=NULL; - ASN1_OCTET_STRING os,os2; - M_ASN1_I2D_vars(a); if (a == NULL) return(0); -#ifdef WIN32 - r=r; /* shut the damn compiler up :-) */ -#endif - - os.data=os2.data=NULL; if ((pkey=NETSCAPE_PKEY_new()) == NULL) goto err; - if (!ASN1_INTEGER_set(pkey->version,0)) goto err; + if ((enckey=NETSCAPE_ENCRYPTED_PKEY_new()) == NULL) goto err; + pkey->version = 0; - if (pkey->algor->algorithm != NULL) - ASN1_OBJECT_free(pkey->algor->algorithm); pkey->algor->algorithm=OBJ_nid2obj(NID_rsaEncryption); if ((pkey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err; pkey->algor->parameter->type=V_ASN1_NULL; - l[0]=i2d_RSAPrivateKey(a,NULL); - pkey->private_key->length=l[0]; + rsalen = i2d_RSAPrivateKey(a, NULL); - os2.length=i2d_NETSCAPE_PKEY(pkey,NULL); - l[1]=i2d_ASN1_OCTET_STRING(&os2,NULL); + /* Fake some octet strings just for the initial length + * calculation. + */ - if ((alg=X509_ALGOR_new()) == NULL) goto err; - if (alg->algorithm != NULL) - ASN1_OBJECT_free(alg->algorithm); - alg->algorithm=OBJ_nid2obj(NID_rc4); - if ((alg->parameter=ASN1_TYPE_new()) == NULL) goto err; - alg->parameter->type=V_ASN1_NULL; + pkey->private_key->length=rsalen; - l[2]=i2d_X509_ALGOR(alg,NULL); - l[3]=ASN1_object_size(1,l[2]+l[1],V_ASN1_SEQUENCE); + pkeylen=i2d_NETSCAPE_PKEY(pkey,NULL); -#ifndef CONST_STRICT - os.data=(unsigned char *)"private-key"; -#endif - os.length=11; - l[4]=i2d_ASN1_OCTET_STRING(&os,NULL); + enckey->enckey->digest->length = pkeylen; + + enckey->os->length = 11; /* "private-key" */ - l[5]=ASN1_object_size(1,l[4]+l[3],V_ASN1_SEQUENCE); + enckey->enckey->algor->algorithm=OBJ_nid2obj(NID_rc4); + if ((enckey->enckey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err; + enckey->enckey->algor->parameter->type=V_ASN1_NULL; if (pp == NULL) { - if (pkey != NULL) NETSCAPE_PKEY_free(pkey); - if (alg != NULL) X509_ALGOR_free(alg); - return(l[5]); + olen = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, NULL); + NETSCAPE_PKEY_free(pkey); + NETSCAPE_ENCRYPTED_PKEY_free(enckey); + return olen; } - if (pkey->private_key->data != NULL) - OPENSSL_free(pkey->private_key->data); - if ((pkey->private_key->data=(unsigned char *)OPENSSL_malloc(l[0])) == NULL) + + /* Since its RC4 encrypted length is actual length */ + if ((zz=(unsigned char *)OPENSSL_malloc(rsalen)) == NULL) { ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); goto err; } - zz=pkey->private_key->data; + + pkey->private_key->data = zz; + /* Write out private key encoding */ i2d_RSAPrivateKey(a,&zz); - if ((os2.data=(unsigned char *)OPENSSL_malloc(os2.length)) == NULL) + if ((zz=OPENSSL_malloc(pkeylen)) == NULL) + { + ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); + goto err; + } + + if (!ASN1_STRING_set(enckey->os, "private-key", -1)) { ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE); goto err; } - zz=os2.data; + enckey->enckey->digest->data = zz; i2d_NETSCAPE_PKEY(pkey,&zz); + + /* Wipe the private key encoding */ + memset(pkey->private_key->data, 0, rsalen); if (cb == NULL) cb=EVP_read_pw_string; @@ -171,7 +195,7 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey) } i = strlen((char *)buf); /* If the key is used for SGC the algorithm is modified a little. */ - if(sgckey){ + if(sgckey) { EVP_MD_CTX mctx; EVP_DigestInit(&mctx, EVP_md5()); EVP_DigestUpdate(&mctx, buf, i); @@ -183,24 +207,18 @@ int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey) EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL); memset(buf,0,256); + /* Encrypt private key in place */ + zz = enckey->enckey->digest->data; EVP_CIPHER_CTX_init(&ctx); EVP_EncryptInit(&ctx,EVP_rc4(),key,NULL); - EVP_EncryptUpdate(&ctx,os2.data,&i,os2.data,os2.length); - EVP_EncryptFinal(&ctx,&(os2.data[i]),&j); + EVP_EncryptUpdate(&ctx,zz,&i,zz,pkeylen); + EVP_EncryptFinal(&ctx,zz + i,&j); EVP_CIPHER_CTX_cleanup(&ctx); - p= *pp; - ASN1_put_object(&p,1,l[4]+l[3],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); - i2d_ASN1_OCTET_STRING(&os,&p); - ASN1_put_object(&p,1,l[2]+l[1],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); - i2d_X509_ALGOR(alg,&p); - i2d_ASN1_OCTET_STRING(&os2,&p); - ret=l[5]; + ret = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, pp); err: - if (os2.data != NULL) OPENSSL_free(os2.data); - if (alg != NULL) X509_ALGOR_free(alg); - if (pkey != NULL) NETSCAPE_PKEY_free(pkey); - r=r; + NETSCAPE_ENCRYPTED_PKEY_free(enckey); + NETSCAPE_PKEY_free(pkey); return(ret); } @@ -213,68 +231,53 @@ RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)( RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey) { RSA *ret=NULL; - ASN1_OCTET_STRING *os=NULL; - ASN1_CTX c; + const unsigned char *p, *kp; + NETSCAPE_ENCRYPTED_PKEY *enckey = NULL; - c.pp=(unsigned char **)pp; /* TMP UGLY CAST */ - c.error=ASN1_R_DECODING_ERROR; + p = *pp; + + enckey = d2i_NETSCAPE_ENCRYPTED_PKEY(NULL, &p, length); + if(!enckey) { + ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_DECODING_ERROR); + return NULL; + } - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING); - if ((os->length != 11) || (strncmp("private-key", - (char *)os->data,os->length) != 0)) + if ((enckey->os->length != 11) || (strncmp("private-key", + (char *)enckey->os->data,11) != 0)) { ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_PRIVATE_KEY_HEADER_MISSING); - M_ASN1_BIT_STRING_free(os); - goto err; + NETSCAPE_ENCRYPTED_PKEY_free(enckey); + return NULL; } - M_ASN1_BIT_STRING_free(os); - c.q=c.p; - if ((ret=d2i_RSA_NET_2(a,(const unsigned char **)&c.p, /* TMP UGLY CAST */ - c.slen,cb, sgckey)) == NULL) goto err; - /* Note: some versions of IIS key files use length values that are - * too small for the surrounding SEQUENCEs. This following line - * effectively disable length checking. - */ - c.slen = 0; - - M_ASN1_D2I_Finish(a,RSA_free,ASN1_F_D2I_NETSCAPE_RSA); + if (OBJ_obj2nid(enckey->enckey->algor->algorithm) != NID_rc4) + { + ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM); + goto err; } + kp = enckey->enckey->digest->data; + if (cb == NULL) + cb=EVP_read_pw_string; + if ((ret=d2i_RSA_NET_2(a, enckey->enckey->digest,cb, sgckey)) == NULL) goto err; -RSA *d2i_Netscape_RSA_2(RSA **a, const unsigned char **pp, long length, - int (*cb)()) -{ - return d2i_RSA_NET_2(a, pp, length, cb, 0); -} + *pp = p; + + err: + NETSCAPE_ENCRYPTED_PKEY_free(enckey); + return ret; + + } -RSA *d2i_RSA_NET_2(RSA **a, const unsigned char **pp, long length, +static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os, int (*cb)(), int sgckey) { NETSCAPE_PKEY *pkey=NULL; RSA *ret=NULL; int i,j; - unsigned char buf[256],*zz; + unsigned char buf[256]; + const unsigned char *zz; unsigned char key[EVP_MAX_KEY_LENGTH]; EVP_CIPHER_CTX ctx; - X509_ALGOR *alg=NULL; - ASN1_OCTET_STRING *os=NULL; - ASN1_CTX c; - c.error=ERR_R_NESTED_ASN1_ERROR; - c.pp=(unsigned char **)pp; - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(alg,d2i_X509_ALGOR); - if (OBJ_obj2nid(alg->algorithm) != NID_rc4) - { - ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM); - goto err; - } - M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING); - if (cb == NULL) - cb=EVP_read_pw_string; i=cb(buf,256,"Enter Private Key password:",0); if (i != 0) { @@ -311,72 +314,14 @@ RSA *d2i_RSA_NET_2(RSA **a, const unsigned char **pp, long length, } zz=pkey->private_key->data; - if ((ret=d2i_RSAPrivateKey(a,(const unsigned char **)&zz, /* TMP UGLY CAST */ - pkey->private_key->length)) == NULL) + if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL) { ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY); goto err; } - if (!asn1_Finish(&c)) goto err; - *pp=c.p; err: - if (pkey != NULL) NETSCAPE_PKEY_free(pkey); - if (os != NULL) M_ASN1_BIT_STRING_free(os); - if (alg != NULL) X509_ALGOR_free(alg); - return(ret); - } - -static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - - M_ASN1_I2D_len(a->version, i2d_ASN1_INTEGER); - M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR); - M_ASN1_I2D_len(a->private_key, i2d_ASN1_OCTET_STRING); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->version, i2d_ASN1_INTEGER); - M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR); - M_ASN1_I2D_put(a->private_key, i2d_ASN1_OCTET_STRING); - - M_ASN1_I2D_finish(); - } - -static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a, unsigned char **pp, - long length) - { - M_ASN1_D2I_vars(a,NETSCAPE_PKEY *,NETSCAPE_PKEY_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER); - M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR); - M_ASN1_D2I_get(ret->private_key,d2i_ASN1_OCTET_STRING); - M_ASN1_D2I_Finish(a,NETSCAPE_PKEY_free,ASN1_F_D2I_NETSCAPE_PKEY); - } - -static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void) - { - NETSCAPE_PKEY *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,NETSCAPE_PKEY); - M_ASN1_New(ret->version,M_ASN1_INTEGER_new); - M_ASN1_New(ret->algor,X509_ALGOR_new); - M_ASN1_New(ret->private_key,M_ASN1_OCTET_STRING_new); + NETSCAPE_PKEY_free(pkey); return(ret); - M_ASN1_New_Error(ASN1_F_NETSCAPE_PKEY_NEW); - } - -static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *a) - { - if (a == NULL) return; - M_ASN1_INTEGER_free(a->version); - X509_ALGOR_free(a->algor); - M_ASN1_OCTET_STRING_free(a->private_key); - OPENSSL_free(a); } #endif /* NO_RC4 */ diff --git a/crypto/asn1/nsseq.c b/crypto/asn1/nsseq.c index 6e7f09ba23..36e5dce359 100644 --- a/crypto/asn1/nsseq.c +++ b/crypto/asn1/nsseq.c @@ -58,61 +58,25 @@ #include <stdio.h> #include <stdlib.h> -#include <openssl/asn1_mac.h> -#include <openssl/err.h> +#include <openssl/asn1t.h> #include <openssl/x509.h> #include <openssl/objects.h> -/* Netscape certificate sequence structure */ - -int i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **pp) +static int nsseq_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) { - int v = 0; - M_ASN1_I2D_vars(a); - M_ASN1_I2D_len (a->type, i2d_ASN1_OBJECT); - M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(X509,a->certs,i2d_X509,0, - V_ASN1_SEQUENCE,v); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put (a->type, i2d_ASN1_OBJECT); - M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(X509,a->certs,i2d_X509,0, - V_ASN1_SEQUENCE,v); - - M_ASN1_I2D_finish(); + if(operation == ASN1_OP_NEW_POST) { + NETSCAPE_CERT_SEQUENCE *nsseq; + nsseq = (NETSCAPE_CERT_SEQUENCE *)*pval; + nsseq->type = OBJ_nid2obj(NID_netscape_cert_sequence); + } + return 1; } -NETSCAPE_CERT_SEQUENCE *NETSCAPE_CERT_SEQUENCE_new(void) -{ - NETSCAPE_CERT_SEQUENCE *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, NETSCAPE_CERT_SEQUENCE); - /* Note hardcoded object type */ - ret->type = OBJ_nid2obj(NID_netscape_cert_sequence); - ret->certs = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW); -} +/* Netscape certificate sequence structure */ -NETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a, - unsigned char **pp, long length) -{ - M_ASN1_D2I_vars(a,NETSCAPE_CERT_SEQUENCE *, - NETSCAPE_CERT_SEQUENCE_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get (ret->type, d2i_ASN1_OBJECT); - M_ASN1_D2I_get_EXP_set_opt_type(X509,ret->certs,d2i_X509,X509_free,0, - V_ASN1_SEQUENCE); - M_ASN1_D2I_Finish(a, NETSCAPE_CERT_SEQUENCE_free, - ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE); -} +ASN1_SEQUENCE_cb(NETSCAPE_CERT_SEQUENCE, nsseq_cb) = { + ASN1_SIMPLE(NETSCAPE_CERT_SEQUENCE, type, ASN1_OBJECT), + ASN1_EXP_SEQUENCE_OF_OPT(NETSCAPE_CERT_SEQUENCE, certs, X509, 0) +} ASN1_SEQUENCE_END_cb(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE); -void NETSCAPE_CERT_SEQUENCE_free (NETSCAPE_CERT_SEQUENCE *a) -{ - if (a == NULL) return; - ASN1_OBJECT_free(a->type); - if(a->certs) - sk_X509_pop_free(a->certs, X509_free); - OPENSSL_free (a); -} +IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE) diff --git a/crypto/asn1/p5_pbe.c b/crypto/asn1/p5_pbe.c index b7ed538eb2..eedeb9ee3e 100644 --- a/crypto/asn1/p5_pbe.c +++ b/crypto/asn1/p5_pbe.c @@ -58,53 +58,18 @@ #include <stdio.h> #include "cryptlib.h" -#include <openssl/asn1_mac.h> +#include <openssl/asn1t.h> #include <openssl/x509.h> #include <openssl/rand.h> /* PKCS#5 password based encryption structure */ -int i2d_PBEPARAM(PBEPARAM *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - M_ASN1_I2D_len (a->salt, i2d_ASN1_OCTET_STRING); - M_ASN1_I2D_len (a->iter, i2d_ASN1_INTEGER); - - M_ASN1_I2D_seq_total (); - - M_ASN1_I2D_put (a->salt, i2d_ASN1_OCTET_STRING); - M_ASN1_I2D_put (a->iter, i2d_ASN1_INTEGER); - M_ASN1_I2D_finish(); -} - -PBEPARAM *PBEPARAM_new(void) -{ - PBEPARAM *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, PBEPARAM); - M_ASN1_New(ret->iter,M_ASN1_INTEGER_new); - M_ASN1_New(ret->salt,M_ASN1_OCTET_STRING_new); - return (ret); - M_ASN1_New_Error(ASN1_F_PBEPARAM_NEW); -} - -PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, unsigned char **pp, long length) -{ - M_ASN1_D2I_vars(a,PBEPARAM *,PBEPARAM_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get (ret->salt, d2i_ASN1_OCTET_STRING); - M_ASN1_D2I_get (ret->iter, d2i_ASN1_INTEGER); - M_ASN1_D2I_Finish(a, PBEPARAM_free, ASN1_F_D2I_PBEPARAM); -} +ASN1_SEQUENCE(PBEPARAM) = { + ASN1_SIMPLE(PBEPARAM, salt, ASN1_OCTET_STRING), + ASN1_SIMPLE(PBEPARAM, iter, ASN1_INTEGER) +} ASN1_SEQUENCE_END(PBEPARAM); -void PBEPARAM_free (PBEPARAM *a) -{ - if(a==NULL) return; - M_ASN1_OCTET_STRING_free(a->salt); - M_ASN1_INTEGER_free (a->iter); - OPENSSL_free (a); -} +IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM) /* Return an algorithm identifier for a PKCS#5 PBE algorithm */ diff --git a/crypto/asn1/p5_pbev2.c b/crypto/asn1/p5_pbev2.c index 6a7b578c0e..82526f38fd 100644 --- a/crypto/asn1/p5_pbev2.c +++ b/crypto/asn1/p5_pbev2.c @@ -58,108 +58,27 @@ #include <stdio.h> #include "cryptlib.h" -#include <openssl/asn1_mac.h> +#include <openssl/asn1t.h> #include <openssl/x509.h> #include <openssl/rand.h> /* PKCS#5 v2.0 password based encryption structures */ -int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - M_ASN1_I2D_len (a->keyfunc, i2d_X509_ALGOR); - M_ASN1_I2D_len (a->encryption, i2d_X509_ALGOR); - - M_ASN1_I2D_seq_total (); - - M_ASN1_I2D_put (a->keyfunc, i2d_X509_ALGOR); - M_ASN1_I2D_put (a->encryption, i2d_X509_ALGOR); - - M_ASN1_I2D_finish(); -} - -PBE2PARAM *PBE2PARAM_new(void) -{ - PBE2PARAM *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, PBE2PARAM); - M_ASN1_New(ret->keyfunc,X509_ALGOR_new); - M_ASN1_New(ret->encryption,X509_ALGOR_new); - return (ret); - M_ASN1_New_Error(ASN1_F_PBE2PARAM_NEW); -} - -PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, unsigned char **pp, long length) -{ - M_ASN1_D2I_vars(a,PBE2PARAM *,PBE2PARAM_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get (ret->keyfunc, d2i_X509_ALGOR); - M_ASN1_D2I_get (ret->encryption, d2i_X509_ALGOR); - M_ASN1_D2I_Finish(a, PBE2PARAM_free, ASN1_F_D2I_PBE2PARAM); -} - -void PBE2PARAM_free (PBE2PARAM *a) -{ - if(a==NULL) return; - X509_ALGOR_free(a->keyfunc); - X509_ALGOR_free(a->encryption); - OPENSSL_free (a); -} - -int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - M_ASN1_I2D_len (a->salt, i2d_ASN1_TYPE); - M_ASN1_I2D_len (a->iter, i2d_ASN1_INTEGER); - M_ASN1_I2D_len (a->keylength, i2d_ASN1_INTEGER); - M_ASN1_I2D_len (a->prf, i2d_X509_ALGOR); +ASN1_SEQUENCE(PBE2PARAM) = { + ASN1_SIMPLE(PBE2PARAM, keyfunc, X509_ALGOR), + ASN1_SIMPLE(PBE2PARAM, encryption, X509_ALGOR) +} ASN1_SEQUENCE_END(PBE2PARAM); - M_ASN1_I2D_seq_total (); +IMPLEMENT_ASN1_FUNCTIONS(PBE2PARAM) - M_ASN1_I2D_put (a->salt, i2d_ASN1_TYPE); - M_ASN1_I2D_put (a->iter, i2d_ASN1_INTEGER); - M_ASN1_I2D_put (a->keylength, i2d_ASN1_INTEGER); - M_ASN1_I2D_put (a->prf, i2d_X509_ALGOR); +ASN1_SEQUENCE(PBKDF2PARAM) = { + ASN1_SIMPLE(PBKDF2PARAM, salt, ASN1_ANY), + ASN1_SIMPLE(PBKDF2PARAM, iter, ASN1_INTEGER), + ASN1_OPT(PBKDF2PARAM, keylength, ASN1_INTEGER), + ASN1_OPT(PBKDF2PARAM, prf, X509_ALGOR) +} ASN1_SEQUENCE_END(PBKDF2PARAM); - M_ASN1_I2D_finish(); -} - -PBKDF2PARAM *PBKDF2PARAM_new(void) -{ - PBKDF2PARAM *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, PBKDF2PARAM); - M_ASN1_New(ret->salt, ASN1_TYPE_new); - M_ASN1_New(ret->iter, M_ASN1_INTEGER_new); - ret->keylength = NULL; - ret->prf = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_PBKDF2PARAM_NEW); -} - -PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, unsigned char **pp, - long length) -{ - M_ASN1_D2I_vars(a,PBKDF2PARAM *,PBKDF2PARAM_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get (ret->salt, d2i_ASN1_TYPE); - M_ASN1_D2I_get (ret->iter, d2i_ASN1_INTEGER); - M_ASN1_D2I_get_opt (ret->keylength, d2i_ASN1_INTEGER, V_ASN1_INTEGER); - M_ASN1_D2I_get_opt (ret->prf, d2i_X509_ALGOR, V_ASN1_SEQUENCE); - M_ASN1_D2I_Finish(a, PBKDF2PARAM_free, ASN1_F_D2I_PBKDF2PARAM); -} - -void PBKDF2PARAM_free (PBKDF2PARAM *a) -{ - if(a==NULL) return; - ASN1_TYPE_free(a->salt); - M_ASN1_INTEGER_free(a->iter); - M_ASN1_INTEGER_free(a->keylength); - X509_ALGOR_free(a->prf); - OPENSSL_free (a); -} +IMPLEMENT_ASN1_FUNCTIONS(PBKDF2PARAM) /* Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm: * yes I know this is horrible! diff --git a/crypto/asn1/p7_dgst.c b/crypto/asn1/p7_dgst.c deleted file mode 100644 index c170244616..0000000000 --- a/crypto/asn1/p7_dgst.c +++ /dev/null @@ -1,121 +0,0 @@ -/* crypto/asn1/p7_dgst.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/asn1_mac.h> -#include <openssl/x509.h> - -int i2d_PKCS7_DIGEST(PKCS7_DIGEST *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER); - M_ASN1_I2D_len(a->md,i2d_X509_ALGOR); - M_ASN1_I2D_len(a->contents,i2d_PKCS7); - M_ASN1_I2D_len(a->digest,i2d_ASN1_OCTET_STRING); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER); - M_ASN1_I2D_put(a->md,i2d_X509_ALGOR); - M_ASN1_I2D_put(a->contents,i2d_PKCS7); - M_ASN1_I2D_put(a->digest,i2d_ASN1_OCTET_STRING); - - M_ASN1_I2D_finish(); - } - -PKCS7_DIGEST *d2i_PKCS7_DIGEST(PKCS7_DIGEST **a, unsigned char **pp, - long length) - { - M_ASN1_D2I_vars(a,PKCS7_DIGEST *,PKCS7_DIGEST_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER); - M_ASN1_D2I_get(ret->md,d2i_X509_ALGOR); - M_ASN1_D2I_get(ret->contents,d2i_PKCS7); - M_ASN1_D2I_get(ret->digest,d2i_ASN1_OCTET_STRING); - - M_ASN1_D2I_Finish(a,PKCS7_DIGEST_free,ASN1_F_D2I_PKCS7_DIGEST); - } - -PKCS7_DIGEST *PKCS7_DIGEST_new(void) - { - PKCS7_DIGEST *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,PKCS7_DIGEST); - M_ASN1_New(ret->version,M_ASN1_INTEGER_new); - M_ASN1_New(ret->md,X509_ALGOR_new); - M_ASN1_New(ret->contents,PKCS7_new); - M_ASN1_New(ret->digest,M_ASN1_OCTET_STRING_new); - return(ret); - M_ASN1_New_Error(ASN1_F_PKCS7_DIGEST_NEW); - } - -void PKCS7_DIGEST_free(PKCS7_DIGEST *a) - { - if (a == NULL) return; - M_ASN1_INTEGER_free(a->version); - X509_ALGOR_free(a->md); - PKCS7_free(a->contents); - M_ASN1_OCTET_STRING_free(a->digest); - OPENSSL_free(a); - } - diff --git a/crypto/asn1/p7_enc.c b/crypto/asn1/p7_enc.c deleted file mode 100644 index 38ccafbdb0..0000000000 --- a/crypto/asn1/p7_enc.c +++ /dev/null @@ -1,111 +0,0 @@ -/* crypto/asn1/p7_enc.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/asn1_mac.h> -#include <openssl/x509.h> - -int i2d_PKCS7_ENCRYPT(PKCS7_ENCRYPT *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER); - M_ASN1_I2D_len(a->enc_data,i2d_PKCS7_ENC_CONTENT); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER); - M_ASN1_I2D_put(a->enc_data,i2d_PKCS7_ENC_CONTENT); - - M_ASN1_I2D_finish(); - } - -PKCS7_ENCRYPT *d2i_PKCS7_ENCRYPT(PKCS7_ENCRYPT **a, unsigned char **pp, - long length) - { - M_ASN1_D2I_vars(a,PKCS7_ENCRYPT *,PKCS7_ENCRYPT_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER); - M_ASN1_D2I_get(ret->enc_data,d2i_PKCS7_ENC_CONTENT); - - M_ASN1_D2I_Finish(a,PKCS7_ENCRYPT_free,ASN1_F_D2I_PKCS7_ENCRYPT); - } - -PKCS7_ENCRYPT *PKCS7_ENCRYPT_new(void) - { - PKCS7_ENCRYPT *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,PKCS7_ENCRYPT); - M_ASN1_New(ret->version,M_ASN1_INTEGER_new); - M_ASN1_New(ret->enc_data,PKCS7_ENC_CONTENT_new); - return(ret); - M_ASN1_New_Error(ASN1_F_PKCS7_ENCRYPT_NEW); - } - -void PKCS7_ENCRYPT_free(PKCS7_ENCRYPT *a) - { - if (a == NULL) return; - M_ASN1_INTEGER_free(a->version); - PKCS7_ENC_CONTENT_free(a->enc_data); - OPENSSL_free(a); - } - diff --git a/crypto/asn1/p7_enc_c.c b/crypto/asn1/p7_enc_c.c deleted file mode 100644 index 031178ab52..0000000000 --- a/crypto/asn1/p7_enc_c.c +++ /dev/null @@ -1,120 +0,0 @@ -/* crypto/asn1/p7_enc_c.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/asn1_mac.h> -#include <openssl/x509.h> - -int i2d_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->content_type,i2d_ASN1_OBJECT); - M_ASN1_I2D_len(a->algorithm,i2d_X509_ALGOR); - M_ASN1_I2D_len_IMP_opt(a->enc_data,i2d_ASN1_OCTET_STRING); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->content_type,i2d_ASN1_OBJECT); - M_ASN1_I2D_put(a->algorithm,i2d_X509_ALGOR); - M_ASN1_I2D_put_IMP_opt(a->enc_data,i2d_ASN1_OCTET_STRING,0); - - M_ASN1_I2D_finish(); - } - -PKCS7_ENC_CONTENT *d2i_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT **a, - unsigned char **pp, long length) - { - M_ASN1_D2I_vars(a,PKCS7_ENC_CONTENT *,PKCS7_ENC_CONTENT_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->content_type,d2i_ASN1_OBJECT); - M_ASN1_D2I_get(ret->algorithm,d2i_X509_ALGOR); - M_ASN1_D2I_get_IMP_opt(ret->enc_data,d2i_ASN1_OCTET_STRING,0, - V_ASN1_OCTET_STRING); - - M_ASN1_D2I_Finish(a,PKCS7_ENC_CONTENT_free, - ASN1_F_D2I_PKCS7_ENC_CONTENT); - } - -PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new(void) - { - PKCS7_ENC_CONTENT *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,PKCS7_ENC_CONTENT); - /* M_ASN1_New(ret->content_type,ASN1_OBJECT_new); */ - /* We will almost always want this: so make it the default */ - ret->content_type=OBJ_nid2obj(NID_pkcs7_data); - M_ASN1_New(ret->algorithm,X509_ALGOR_new); - ret->enc_data=NULL; - return(ret); - M_ASN1_New_Error(ASN1_F_PKCS7_ENC_CONTENT_NEW); - } - -void PKCS7_ENC_CONTENT_free(PKCS7_ENC_CONTENT *a) - { - if (a == NULL) return; - ASN1_OBJECT_free(a->content_type); - X509_ALGOR_free(a->algorithm); - M_ASN1_OCTET_STRING_free(a->enc_data); - OPENSSL_free(a); - } - diff --git a/crypto/asn1/p7_evp.c b/crypto/asn1/p7_evp.c deleted file mode 100644 index 60be3e5f66..0000000000 --- a/crypto/asn1/p7_evp.c +++ /dev/null @@ -1,119 +0,0 @@ -/* crypto/asn1/p7_evp.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/asn1_mac.h> -#include <openssl/x509.h> - -int i2d_PKCS7_ENVELOPE(PKCS7_ENVELOPE *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER); - M_ASN1_I2D_len_SET_type(PKCS7_RECIP_INFO,a->recipientinfo, - i2d_PKCS7_RECIP_INFO); - M_ASN1_I2D_len(a->enc_data,i2d_PKCS7_ENC_CONTENT); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER); - M_ASN1_I2D_put_SET_type(PKCS7_RECIP_INFO,a->recipientinfo, - i2d_PKCS7_RECIP_INFO); - M_ASN1_I2D_put(a->enc_data,i2d_PKCS7_ENC_CONTENT); - - M_ASN1_I2D_finish(); - } - -PKCS7_ENVELOPE *d2i_PKCS7_ENVELOPE(PKCS7_ENVELOPE **a, unsigned char **pp, - long length) - { - M_ASN1_D2I_vars(a,PKCS7_ENVELOPE *,PKCS7_ENVELOPE_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER); - M_ASN1_D2I_get_set_type(PKCS7_RECIP_INFO,ret->recipientinfo, - d2i_PKCS7_RECIP_INFO,PKCS7_RECIP_INFO_free); - M_ASN1_D2I_get(ret->enc_data,d2i_PKCS7_ENC_CONTENT); - - M_ASN1_D2I_Finish(a,PKCS7_ENVELOPE_free,ASN1_F_D2I_PKCS7_ENVELOPE); - } - -PKCS7_ENVELOPE *PKCS7_ENVELOPE_new(void) - { - PKCS7_ENVELOPE *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,PKCS7_ENVELOPE); - M_ASN1_New(ret->version,M_ASN1_INTEGER_new); - M_ASN1_New(ret->recipientinfo,sk_PKCS7_RECIP_INFO_new_null); - M_ASN1_New(ret->enc_data,PKCS7_ENC_CONTENT_new); - return(ret); - M_ASN1_New_Error(ASN1_F_PKCS7_ENVELOPE_NEW); - } - -void PKCS7_ENVELOPE_free(PKCS7_ENVELOPE *a) - { - if (a == NULL) return; - M_ASN1_INTEGER_free(a->version); - sk_PKCS7_RECIP_INFO_pop_free(a->recipientinfo,PKCS7_RECIP_INFO_free); - PKCS7_ENC_CONTENT_free(a->enc_data); - OPENSSL_free(a); - } - diff --git a/crypto/asn1/p7_i_s.c b/crypto/asn1/p7_i_s.c deleted file mode 100644 index 4a7260a5c8..0000000000 --- a/crypto/asn1/p7_i_s.c +++ /dev/null @@ -1,111 +0,0 @@ -/* crypto/asn1/p7_i_s.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/asn1_mac.h> -#include <openssl/x509.h> - -int i2d_PKCS7_ISSUER_AND_SERIAL(PKCS7_ISSUER_AND_SERIAL *a, - unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->issuer,i2d_X509_NAME); - M_ASN1_I2D_len(a->serial,i2d_ASN1_INTEGER); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->issuer,i2d_X509_NAME); - M_ASN1_I2D_put(a->serial,i2d_ASN1_INTEGER); - - M_ASN1_I2D_finish(); - } - -PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL(PKCS7_ISSUER_AND_SERIAL **a, unsigned char **pp, long length) - { - M_ASN1_D2I_vars(a,PKCS7_ISSUER_AND_SERIAL *,PKCS7_ISSUER_AND_SERIAL_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME); - M_ASN1_D2I_get(ret->serial,d2i_ASN1_INTEGER); - M_ASN1_D2I_Finish(a,PKCS7_ISSUER_AND_SERIAL_free, - ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL); - } - -PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new(void) - { - PKCS7_ISSUER_AND_SERIAL *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,PKCS7_ISSUER_AND_SERIAL); - M_ASN1_New(ret->issuer,X509_NAME_new); - M_ASN1_New(ret->serial,M_ASN1_INTEGER_new); - return(ret); - M_ASN1_New_Error(ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW); - } - -void PKCS7_ISSUER_AND_SERIAL_free(PKCS7_ISSUER_AND_SERIAL *a) - { - if (a == NULL) return; - X509_NAME_free(a->issuer); - M_ASN1_INTEGER_free(a->serial); - OPENSSL_free(a); - } - diff --git a/crypto/asn1/p7_lib.c b/crypto/asn1/p7_lib.c deleted file mode 100644 index b1196ef581..0000000000 --- a/crypto/asn1/p7_lib.c +++ /dev/null @@ -1,391 +0,0 @@ -/* crypto/asn1/p7_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/asn1_mac.h> -#include <openssl/pkcs7.h> -#include <openssl/objects.h> - -#ifdef PKCS7_INDEFINITE_ENCODING - -int i2d_PKCS7(PKCS7 *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - if (a->asn1 != NULL) - { - if (pp == NULL) - return((int)a->length); - memcpy(*pp,a->asn1,(int)a->length); - *pp+=a->length; - return((int)a->length); - } - - ret+=4; /* sequence, BER header plus '0 0' end padding */ - M_ASN1_I2D_len(a->type,i2d_ASN1_OBJECT); - if (a->d.ptr != NULL) - { - ret+=4; /* explicit tag [ 0 ] BER plus '0 0' */ - switch (OBJ_obj2nid(a->type)) - { - case NID_pkcs7_data: - M_ASN1_I2D_len(a->d.data,i2d_ASN1_OCTET_STRING); - break; - case NID_pkcs7_signed: - M_ASN1_I2D_len(a->d.sign,i2d_PKCS7_SIGNED); - break; - case NID_pkcs7_enveloped: - M_ASN1_I2D_len(a->d.enveloped,i2d_PKCS7_ENVELOPE); - break; - case NID_pkcs7_signedAndEnveloped: - M_ASN1_I2D_len(a->d.signed_and_enveloped, - i2d_PKCS7_SIGN_ENVELOPE); - break; - case NID_pkcs7_digest: - M_ASN1_I2D_len(a->d.digest,i2d_PKCS7_DIGEST); - break; - case NID_pkcs7_encrypted: - M_ASN1_I2D_len(a->d.encrypted,i2d_PKCS7_ENCRYPT); - break; - default: - M_ASN1_I2D_len(a->d.other,i2d_ASN1_TYPE); - break; - } - } - r=ret; - if (pp == NULL) return(r); - p= *pp; - M_ASN1_I2D_INF_seq_start(V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); - M_ASN1_I2D_put(a->type,i2d_ASN1_OBJECT); - - if (a->d.ptr != NULL) - { - M_ASN1_I2D_INF_seq_start(0,V_ASN1_CONTEXT_SPECIFIC); - switch (OBJ_obj2nid(a->type)) - { - case NID_pkcs7_data: - M_ASN1_I2D_put(a->d.data,i2d_ASN1_OCTET_STRING); - break; - case NID_pkcs7_signed: - M_ASN1_I2D_put(a->d.sign,i2d_PKCS7_SIGNED); - break; - case NID_pkcs7_enveloped: - M_ASN1_I2D_put(a->d.enveloped,i2d_PKCS7_ENVELOPE); - break; - case NID_pkcs7_signedAndEnveloped: - M_ASN1_I2D_put(a->d.signed_and_enveloped, - i2d_PKCS7_SIGN_ENVELOPE); - break; - case NID_pkcs7_digest: - M_ASN1_I2D_put(a->d.digest,i2d_PKCS7_DIGEST); - break; - case NID_pkcs7_encrypted: - M_ASN1_I2D_put(a->d.encrypted,i2d_PKCS7_ENCRYPT); - break; - default: - M_ASN1_I2D_put(a->d.other,i2d_ASN1_TYPE); - break; - } - M_ASN1_I2D_INF_seq_end(); - } - M_ASN1_I2D_INF_seq_end(); - M_ASN1_I2D_finish(); - } - -#else - -int i2d_PKCS7(PKCS7 *a, unsigned char **pp) - { - int explen = 0; - M_ASN1_I2D_vars(a); - - if (a->asn1 != NULL) - { - if (pp == NULL) - return((int)a->length); - memcpy(*pp,a->asn1,(int)a->length); - *pp+=a->length; - return((int)a->length); - } - - M_ASN1_I2D_len(a->type,i2d_ASN1_OBJECT); - if (a->d.ptr != NULL) - { - /* Save current length */ - r = ret; - switch (OBJ_obj2nid(a->type)) - { - case NID_pkcs7_data: - M_ASN1_I2D_len(a->d.data,i2d_ASN1_OCTET_STRING); - break; - case NID_pkcs7_signed: - M_ASN1_I2D_len(a->d.sign,i2d_PKCS7_SIGNED); - break; - case NID_pkcs7_enveloped: - M_ASN1_I2D_len(a->d.enveloped,i2d_PKCS7_ENVELOPE); - break; - case NID_pkcs7_signedAndEnveloped: - M_ASN1_I2D_len(a->d.signed_and_enveloped, - i2d_PKCS7_SIGN_ENVELOPE); - break; - case NID_pkcs7_digest: - M_ASN1_I2D_len(a->d.digest,i2d_PKCS7_DIGEST); - break; - case NID_pkcs7_encrypted: - M_ASN1_I2D_len(a->d.encrypted,i2d_PKCS7_ENCRYPT); - break; - default: - M_ASN1_I2D_len(a->d.other,i2d_ASN1_TYPE); - break; - } - /* Work out explicit tag content size */ - explen = ret - r; - /* Work out explicit tag size: Note: ASN1_object_size - * includes the content length. - */ - ret = r + ASN1_object_size(1, explen, 0); - } - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->type,i2d_ASN1_OBJECT); - - if (a->d.ptr != NULL) - { - ASN1_put_object(&p, 1, explen, 0, V_ASN1_CONTEXT_SPECIFIC); - switch (OBJ_obj2nid(a->type)) - { - case NID_pkcs7_data: - M_ASN1_I2D_put(a->d.data,i2d_ASN1_OCTET_STRING); - break; - case NID_pkcs7_signed: - M_ASN1_I2D_put(a->d.sign,i2d_PKCS7_SIGNED); - break; - case NID_pkcs7_enveloped: - M_ASN1_I2D_put(a->d.enveloped,i2d_PKCS7_ENVELOPE); - break; - case NID_pkcs7_signedAndEnveloped: - M_ASN1_I2D_put(a->d.signed_and_enveloped, - i2d_PKCS7_SIGN_ENVELOPE); - break; - case NID_pkcs7_digest: - M_ASN1_I2D_put(a->d.digest,i2d_PKCS7_DIGEST); - break; - case NID_pkcs7_encrypted: - M_ASN1_I2D_put(a->d.encrypted,i2d_PKCS7_ENCRYPT); - break; - default: - M_ASN1_I2D_put(a->d.other,i2d_ASN1_TYPE); - break; - } - } - M_ASN1_I2D_finish(); - } - -#endif - -PKCS7 *d2i_PKCS7(PKCS7 **a, unsigned char **pp, long length) - { - M_ASN1_D2I_vars(a,PKCS7 *,PKCS7_new); - - if ((a != NULL) && ((*a) != NULL)) - { - if ((*a)->asn1 != NULL) - { - OPENSSL_free((*a)->asn1); - (*a)->asn1=NULL; - } - (*a)->length=0; - } - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->type,d2i_ASN1_OBJECT); - if (!M_ASN1_D2I_end_sequence()) - { - int Tinf,Ttag,Tclass; - long Tlen; - - if (M_ASN1_next != (V_ASN1_CONSTRUCTED| - V_ASN1_CONTEXT_SPECIFIC|0)) - { - c.error=ASN1_R_BAD_PKCS7_CONTENT; - c.line=__LINE__; - goto err; - } - - ret->detached=0; - - c.q=c.p; - Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass, - (c.inf & 1)?(length+ *pp-c.q):c.slen); - if (Tinf & 0x80) { c.line=__LINE__; goto err; } - c.slen-=(c.p-c.q); - - switch (OBJ_obj2nid(ret->type)) - { - case NID_pkcs7_data: - M_ASN1_D2I_get(ret->d.data,d2i_ASN1_OCTET_STRING); - break; - case NID_pkcs7_signed: - M_ASN1_D2I_get(ret->d.sign,d2i_PKCS7_SIGNED); - if (ret->d.sign->contents->d.ptr == NULL) - ret->detached=1; - break; - case NID_pkcs7_enveloped: - M_ASN1_D2I_get(ret->d.enveloped,d2i_PKCS7_ENVELOPE); - break; - case NID_pkcs7_signedAndEnveloped: - M_ASN1_D2I_get(ret->d.signed_and_enveloped, - d2i_PKCS7_SIGN_ENVELOPE); - break; - case NID_pkcs7_digest: - M_ASN1_D2I_get(ret->d.digest,d2i_PKCS7_DIGEST); - break; - case NID_pkcs7_encrypted: - M_ASN1_D2I_get(ret->d.encrypted,d2i_PKCS7_ENCRYPT); - break; - default: - M_ASN1_D2I_get(ret->d.other,d2i_ASN1_TYPE); - break; - } - if (Tinf == (1|V_ASN1_CONSTRUCTED)) - { - if (!ASN1_check_infinite_end(&c.p,c.slen)) - { - c.error=ERR_R_MISSING_ASN1_EOS; - c.line=__LINE__; - goto err; - } - } - } - else - ret->detached=1; - - M_ASN1_D2I_Finish(a,PKCS7_free,ASN1_F_D2I_PKCS7); - } - -PKCS7 *PKCS7_new(void) - { - PKCS7 *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,PKCS7); - ret->type=OBJ_nid2obj(NID_undef); - ret->asn1=NULL; - ret->length=0; - ret->detached=0; - ret->d.ptr=NULL; - return(ret); - M_ASN1_New_Error(ASN1_F_PKCS7_NEW); - } - -void PKCS7_free(PKCS7 *a) - { - if (a == NULL) return; - - PKCS7_content_free(a); - if (a->type != NULL) - { - ASN1_OBJECT_free(a->type); - } - OPENSSL_free(a); - } - -void PKCS7_content_free(PKCS7 *a) - { - if(a == NULL) - return; - - if (a->asn1 != NULL) OPENSSL_free(a->asn1); - - if (a->d.ptr != NULL) - { - if (a->type == NULL) return; - - switch (OBJ_obj2nid(a->type)) - { - case NID_pkcs7_data: - M_ASN1_OCTET_STRING_free(a->d.data); - break; - case NID_pkcs7_signed: - PKCS7_SIGNED_free(a->d.sign); - break; - case NID_pkcs7_enveloped: - PKCS7_ENVELOPE_free(a->d.enveloped); - break; - case NID_pkcs7_signedAndEnveloped: - PKCS7_SIGN_ENVELOPE_free(a->d.signed_and_enveloped); - break; - case NID_pkcs7_digest: - PKCS7_DIGEST_free(a->d.digest); - break; - case NID_pkcs7_encrypted: - PKCS7_ENCRYPT_free(a->d.encrypted); - break; - default: - ASN1_TYPE_free(a->d.other); - break; - } - } - a->d.ptr=NULL; - } - -IMPLEMENT_STACK_OF(PKCS7) -IMPLEMENT_ASN1_SET_OF(PKCS7) diff --git a/crypto/asn1/p7_recip.c b/crypto/asn1/p7_recip.c deleted file mode 100644 index 5f6c88a2fa..0000000000 --- a/crypto/asn1/p7_recip.c +++ /dev/null @@ -1,125 +0,0 @@ -/* crypto/asn1/p7_recip.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/asn1_mac.h> -#include <openssl/x509.h> - -int i2d_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER); - M_ASN1_I2D_len(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL); - M_ASN1_I2D_len(a->key_enc_algor,i2d_X509_ALGOR); - M_ASN1_I2D_len(a->enc_key,i2d_ASN1_OCTET_STRING); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER); - M_ASN1_I2D_put(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL); - M_ASN1_I2D_put(a->key_enc_algor,i2d_X509_ALGOR); - M_ASN1_I2D_put(a->enc_key,i2d_ASN1_OCTET_STRING); - - M_ASN1_I2D_finish(); - } - -PKCS7_RECIP_INFO *d2i_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO **a, - unsigned char **pp, long length) - { - M_ASN1_D2I_vars(a,PKCS7_RECIP_INFO *,PKCS7_RECIP_INFO_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER); - M_ASN1_D2I_get(ret->issuer_and_serial,d2i_PKCS7_ISSUER_AND_SERIAL); - M_ASN1_D2I_get(ret->key_enc_algor,d2i_X509_ALGOR); - M_ASN1_D2I_get(ret->enc_key,d2i_ASN1_OCTET_STRING); - - M_ASN1_D2I_Finish(a,PKCS7_RECIP_INFO_free,ASN1_F_D2I_PKCS7_RECIP_INFO); - } - -PKCS7_RECIP_INFO *PKCS7_RECIP_INFO_new(void) - { - PKCS7_RECIP_INFO *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,PKCS7_RECIP_INFO); - M_ASN1_New(ret->version,M_ASN1_INTEGER_new); - M_ASN1_New(ret->issuer_and_serial,PKCS7_ISSUER_AND_SERIAL_new); - M_ASN1_New(ret->key_enc_algor,X509_ALGOR_new); - M_ASN1_New(ret->enc_key,M_ASN1_OCTET_STRING_new); - ret->cert=NULL; - return(ret); - M_ASN1_New_Error(ASN1_F_PKCS7_RECIP_INFO_NEW); - } - -void PKCS7_RECIP_INFO_free(PKCS7_RECIP_INFO *a) - { - if (a == NULL) return; - M_ASN1_INTEGER_free(a->version); - PKCS7_ISSUER_AND_SERIAL_free(a->issuer_and_serial); - X509_ALGOR_free(a->key_enc_algor); - M_ASN1_OCTET_STRING_free(a->enc_key); - if (a->cert != NULL) X509_free(a->cert); - OPENSSL_free(a); - } - -IMPLEMENT_STACK_OF(PKCS7_RECIP_INFO) -IMPLEMENT_ASN1_SET_OF(PKCS7_RECIP_INFO) diff --git a/crypto/asn1/p7_s_e.c b/crypto/asn1/p7_s_e.c deleted file mode 100644 index 709eb24b27..0000000000 --- a/crypto/asn1/p7_s_e.c +++ /dev/null @@ -1,145 +0,0 @@ -/* crypto/asn1/p7_s_e.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/asn1_mac.h> -#include <openssl/x509.h> - -int i2d_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER); - M_ASN1_I2D_len_SET_type(PKCS7_RECIP_INFO,a->recipientinfo, - i2d_PKCS7_RECIP_INFO); - M_ASN1_I2D_len_SET_type(X509_ALGOR,a->md_algs,i2d_X509_ALGOR); - M_ASN1_I2D_len(a->enc_data,i2d_PKCS7_ENC_CONTENT); - M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(X509,a->cert,i2d_X509,0); - M_ASN1_I2D_len_IMP_SET_opt_type(X509_CRL,a->crl,i2d_X509_CRL,1); - M_ASN1_I2D_len_SET_type(PKCS7_SIGNER_INFO,a->signer_info, - i2d_PKCS7_SIGNER_INFO); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER); - M_ASN1_I2D_put_SET_type(PKCS7_RECIP_INFO,a->recipientinfo, - i2d_PKCS7_RECIP_INFO); - M_ASN1_I2D_put_SET_type(X509_ALGOR,a->md_algs,i2d_X509_ALGOR); - M_ASN1_I2D_put(a->enc_data,i2d_PKCS7_ENC_CONTENT); - M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(X509,a->cert,i2d_X509,0); - M_ASN1_I2D_put_IMP_SET_opt_type(X509_CRL,a->crl,i2d_X509_CRL,1); - M_ASN1_I2D_put_SET_type(PKCS7_SIGNER_INFO,a->signer_info, - i2d_PKCS7_SIGNER_INFO); - - M_ASN1_I2D_finish(); - } - -PKCS7_SIGN_ENVELOPE *d2i_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE **a, - unsigned char **pp, long length) - { - M_ASN1_D2I_vars(a,PKCS7_SIGN_ENVELOPE *,PKCS7_SIGN_ENVELOPE_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER); - M_ASN1_D2I_get_set_type(PKCS7_RECIP_INFO,ret->recipientinfo, - d2i_PKCS7_RECIP_INFO,PKCS7_RECIP_INFO_free); - M_ASN1_D2I_get_set_type(X509_ALGOR,ret->md_algs,d2i_X509_ALGOR, - X509_ALGOR_free); - M_ASN1_D2I_get(ret->enc_data,d2i_PKCS7_ENC_CONTENT); - M_ASN1_D2I_get_IMP_set_opt_type(X509,ret->cert,d2i_X509,X509_free,0); - M_ASN1_D2I_get_IMP_set_opt_type(X509_CRL,ret->crl,d2i_X509_CRL, - X509_CRL_free,1); - M_ASN1_D2I_get_set_type(PKCS7_SIGNER_INFO,ret->signer_info, - d2i_PKCS7_SIGNER_INFO,PKCS7_SIGNER_INFO_free); - - M_ASN1_D2I_Finish(a,PKCS7_SIGN_ENVELOPE_free, - ASN1_F_D2I_PKCS7_SIGN_ENVELOPE); - } - -PKCS7_SIGN_ENVELOPE *PKCS7_SIGN_ENVELOPE_new(void) - { - PKCS7_SIGN_ENVELOPE *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,PKCS7_SIGN_ENVELOPE); - M_ASN1_New(ret->version,M_ASN1_INTEGER_new); - M_ASN1_New(ret->recipientinfo,sk_PKCS7_RECIP_INFO_new_null); - M_ASN1_New(ret->md_algs,sk_X509_ALGOR_new_null); - M_ASN1_New(ret->enc_data,PKCS7_ENC_CONTENT_new); - ret->cert=NULL; - ret->crl=NULL; - M_ASN1_New(ret->signer_info,sk_PKCS7_SIGNER_INFO_new_null); - return(ret); - M_ASN1_New_Error(ASN1_F_PKCS7_SIGN_ENVELOPE_NEW); - } - -void PKCS7_SIGN_ENVELOPE_free(PKCS7_SIGN_ENVELOPE *a) - { - if (a == NULL) return; - M_ASN1_INTEGER_free(a->version); - sk_PKCS7_RECIP_INFO_pop_free(a->recipientinfo,PKCS7_RECIP_INFO_free); - sk_X509_ALGOR_pop_free(a->md_algs,X509_ALGOR_free); - PKCS7_ENC_CONTENT_free(a->enc_data); - sk_X509_pop_free(a->cert,X509_free); - sk_X509_CRL_pop_free(a->crl,X509_CRL_free); - sk_PKCS7_SIGNER_INFO_pop_free(a->signer_info,PKCS7_SIGNER_INFO_free); - OPENSSL_free(a); - } - diff --git a/crypto/asn1/p7_signd.c b/crypto/asn1/p7_signd.c deleted file mode 100644 index c835f5475f..0000000000 --- a/crypto/asn1/p7_signd.c +++ /dev/null @@ -1,135 +0,0 @@ -/* crypto/asn1/p7_signd.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/asn1_mac.h> -#include <openssl/x509.h> - -int i2d_PKCS7_SIGNED(PKCS7_SIGNED *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER); - M_ASN1_I2D_len_SET_type(X509_ALGOR,a->md_algs,i2d_X509_ALGOR); - M_ASN1_I2D_len(a->contents,i2d_PKCS7); - M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(X509,a->cert,i2d_X509,0); - M_ASN1_I2D_len_IMP_SET_opt_type(X509_CRL,a->crl,i2d_X509_CRL,1); - M_ASN1_I2D_len_SET_type(PKCS7_SIGNER_INFO,a->signer_info, - i2d_PKCS7_SIGNER_INFO); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER); - M_ASN1_I2D_put_SET_type(X509_ALGOR,a->md_algs,i2d_X509_ALGOR); - M_ASN1_I2D_put(a->contents,i2d_PKCS7); - M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(X509,a->cert,i2d_X509,0); - M_ASN1_I2D_put_IMP_SET_opt_type(X509_CRL,a->crl,i2d_X509_CRL,1); - M_ASN1_I2D_put_SET_type(PKCS7_SIGNER_INFO,a->signer_info, - i2d_PKCS7_SIGNER_INFO); - - M_ASN1_I2D_finish(); - } - -PKCS7_SIGNED *d2i_PKCS7_SIGNED(PKCS7_SIGNED **a, unsigned char **pp, - long length) - { - M_ASN1_D2I_vars(a,PKCS7_SIGNED *,PKCS7_SIGNED_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER); - M_ASN1_D2I_get_set_type(X509_ALGOR,ret->md_algs,d2i_X509_ALGOR, - X509_ALGOR_free); - M_ASN1_D2I_get(ret->contents,d2i_PKCS7); - M_ASN1_D2I_get_IMP_set_opt_type(X509,ret->cert,d2i_X509,X509_free,0); - M_ASN1_D2I_get_IMP_set_opt_type(X509_CRL,ret->crl,d2i_X509_CRL, - X509_CRL_free,1); - M_ASN1_D2I_get_set_type(PKCS7_SIGNER_INFO,ret->signer_info, - d2i_PKCS7_SIGNER_INFO,PKCS7_SIGNER_INFO_free); - - M_ASN1_D2I_Finish(a,PKCS7_SIGNED_free,ASN1_F_D2I_PKCS7_SIGNED); - } - -PKCS7_SIGNED *PKCS7_SIGNED_new(void) - { - PKCS7_SIGNED *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,PKCS7_SIGNED); - M_ASN1_New(ret->version,M_ASN1_INTEGER_new); - M_ASN1_New(ret->md_algs,sk_X509_ALGOR_new_null); - M_ASN1_New(ret->contents,PKCS7_new); - ret->cert=NULL; - ret->crl=NULL; - M_ASN1_New(ret->signer_info,sk_PKCS7_SIGNER_INFO_new_null); - return(ret); - M_ASN1_New_Error(ASN1_F_PKCS7_SIGNED_NEW); - } - -void PKCS7_SIGNED_free(PKCS7_SIGNED *a) - { - if (a == NULL) return; - M_ASN1_INTEGER_free(a->version); - sk_X509_ALGOR_pop_free(a->md_algs,X509_ALGOR_free); - PKCS7_free(a->contents); - sk_X509_pop_free(a->cert,X509_free); - sk_X509_CRL_pop_free(a->crl,X509_CRL_free); - sk_PKCS7_SIGNER_INFO_pop_free(a->signer_info,PKCS7_SIGNER_INFO_free); - OPENSSL_free(a); - } diff --git a/crypto/asn1/p7_signi.c b/crypto/asn1/p7_signi.c deleted file mode 100644 index 248bf00945..0000000000 --- a/crypto/asn1/p7_signi.c +++ /dev/null @@ -1,150 +0,0 @@ -/* crypto/asn1/p7_signi.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/asn1_mac.h> -#include <openssl/x509.h> - -int i2d_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER); - M_ASN1_I2D_len(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL); - M_ASN1_I2D_len(a->digest_alg,i2d_X509_ALGOR); - M_ASN1_I2D_len_IMP_SET_opt_type(X509_ATTRIBUTE,a->auth_attr, - i2d_X509_ATTRIBUTE,0); - M_ASN1_I2D_len(a->digest_enc_alg,i2d_X509_ALGOR); - M_ASN1_I2D_len(a->enc_digest,i2d_ASN1_OCTET_STRING); - M_ASN1_I2D_len_IMP_SET_opt_type(X509_ATTRIBUTE,a->unauth_attr, - i2d_X509_ATTRIBUTE,1); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER); - M_ASN1_I2D_put(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL); - M_ASN1_I2D_put(a->digest_alg,i2d_X509_ALGOR); - M_ASN1_I2D_put_IMP_SET_opt_type(X509_ATTRIBUTE,a->auth_attr, - i2d_X509_ATTRIBUTE,0); - M_ASN1_I2D_put(a->digest_enc_alg,i2d_X509_ALGOR); - M_ASN1_I2D_put(a->enc_digest,i2d_ASN1_OCTET_STRING); - M_ASN1_I2D_put_IMP_SET_opt_type(X509_ATTRIBUTE,a->unauth_attr, - i2d_X509_ATTRIBUTE,1); - - M_ASN1_I2D_finish(); - } - -PKCS7_SIGNER_INFO *d2i_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO **a, - unsigned char **pp, long length) - { - M_ASN1_D2I_vars(a,PKCS7_SIGNER_INFO *,PKCS7_SIGNER_INFO_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER); - M_ASN1_D2I_get(ret->issuer_and_serial,d2i_PKCS7_ISSUER_AND_SERIAL); - M_ASN1_D2I_get(ret->digest_alg,d2i_X509_ALGOR); - M_ASN1_D2I_get_IMP_set_opt_type(X509_ATTRIBUTE,ret->auth_attr, - d2i_X509_ATTRIBUTE,X509_ATTRIBUTE_free, - 0); - M_ASN1_D2I_get(ret->digest_enc_alg,d2i_X509_ALGOR); - M_ASN1_D2I_get(ret->enc_digest,d2i_ASN1_OCTET_STRING); - M_ASN1_D2I_get_IMP_set_opt_type(X509_ATTRIBUTE,ret->unauth_attr, - d2i_X509_ATTRIBUTE, - X509_ATTRIBUTE_free,1); - - M_ASN1_D2I_Finish(a,PKCS7_SIGNER_INFO_free, - ASN1_F_D2I_PKCS7_SIGNER_INFO); - } - -PKCS7_SIGNER_INFO *PKCS7_SIGNER_INFO_new(void) - { - PKCS7_SIGNER_INFO *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,PKCS7_SIGNER_INFO); - M_ASN1_New(ret->version,M_ASN1_INTEGER_new); - M_ASN1_New(ret->issuer_and_serial,PKCS7_ISSUER_AND_SERIAL_new); - M_ASN1_New(ret->digest_alg,X509_ALGOR_new); - ret->auth_attr=NULL; - M_ASN1_New(ret->digest_enc_alg,X509_ALGOR_new); - M_ASN1_New(ret->enc_digest,M_ASN1_OCTET_STRING_new); - ret->unauth_attr=NULL; - ret->pkey=NULL; - return(ret); - M_ASN1_New_Error(ASN1_F_PKCS7_SIGNER_INFO_NEW); - } - -void PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a) - { - if (a == NULL) return; - M_ASN1_INTEGER_free(a->version); - PKCS7_ISSUER_AND_SERIAL_free(a->issuer_and_serial); - X509_ALGOR_free(a->digest_alg); - sk_X509_ATTRIBUTE_pop_free(a->auth_attr,X509_ATTRIBUTE_free); - X509_ALGOR_free(a->digest_enc_alg); - M_ASN1_OCTET_STRING_free(a->enc_digest); - sk_X509_ATTRIBUTE_pop_free(a->unauth_attr,X509_ATTRIBUTE_free); - if (a->pkey != NULL) - EVP_PKEY_free(a->pkey); - OPENSSL_free(a); - } - -IMPLEMENT_STACK_OF(PKCS7_SIGNER_INFO) -IMPLEMENT_ASN1_SET_OF(PKCS7_SIGNER_INFO) diff --git a/crypto/asn1/p8_pkey.c b/crypto/asn1/p8_pkey.c index fa6cbfb6f8..e218899985 100644 --- a/crypto/asn1/p8_pkey.c +++ b/crypto/asn1/p8_pkey.c @@ -58,70 +58,27 @@ #include <stdio.h> #include "cryptlib.h" -#include <openssl/asn1_mac.h> +#include <openssl/asn1t.h> #include <openssl/x509.h> -int i2d_PKCS8_PRIV_KEY_INFO (PKCS8_PRIV_KEY_INFO *a, unsigned char **pp) +/* Minor tweak to operation: zero private key data */ +static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) { - - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len (a->version, i2d_ASN1_INTEGER); - M_ASN1_I2D_len (a->pkeyalg, i2d_X509_ALGOR); - M_ASN1_I2D_len (a->pkey, i2d_ASN1_TYPE); - M_ASN1_I2D_len_IMP_SET_opt_type (X509_ATTRIBUTE, a->attributes, - i2d_X509_ATTRIBUTE, 0); - - M_ASN1_I2D_seq_total (); - - M_ASN1_I2D_put (a->version, i2d_ASN1_INTEGER); - M_ASN1_I2D_put (a->pkeyalg, i2d_X509_ALGOR); - M_ASN1_I2D_put (a->pkey, i2d_ASN1_TYPE); - M_ASN1_I2D_put_IMP_SET_opt_type (X509_ATTRIBUTE, a->attributes, - i2d_X509_ATTRIBUTE, 0); - - M_ASN1_I2D_finish(); + /* Since the structure must still be valid use ASN1_OP_FREE_PRE */ + if(operation == ASN1_OP_FREE_PRE) { + PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval; + if (key->pkey->value.octet_string) + memset(key->pkey->value.octet_string->data, + 0, key->pkey->value.octet_string->length); + } + return 1; } -PKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new(void) -{ - PKCS8_PRIV_KEY_INFO *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, PKCS8_PRIV_KEY_INFO); - M_ASN1_New (ret->version, M_ASN1_INTEGER_new); - M_ASN1_New (ret->pkeyalg, X509_ALGOR_new); - M_ASN1_New (ret->pkey, ASN1_TYPE_new); - ret->attributes = NULL; - ret->broken = PKCS8_OK; - return (ret); - M_ASN1_New_Error(ASN1_F_PKCS8_PRIV_KEY_INFO_NEW); -} +ASN1_SEQUENCE_cb(PKCS8_PRIV_KEY_INFO, pkey_cb) = { + ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, version, ASN1_INTEGER), + ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkeyalg, X509_ALGOR), + ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkey, ASN1_ANY), + ASN1_IMP_SET_OF_OPT(PKCS8_PRIV_KEY_INFO, attributes, X509_ATTRIBUTE, 0) +} ASN1_SEQUENCE_END_cb(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO); -PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a, - unsigned char **pp, long length) -{ - M_ASN1_D2I_vars(a,PKCS8_PRIV_KEY_INFO *,PKCS8_PRIV_KEY_INFO_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get (ret->version, d2i_ASN1_INTEGER); - M_ASN1_D2I_get (ret->pkeyalg, d2i_X509_ALGOR); - M_ASN1_D2I_get (ret->pkey, d2i_ASN1_TYPE); - M_ASN1_D2I_get_IMP_set_opt_type(X509_ATTRIBUTE, ret->attributes, - d2i_X509_ATTRIBUTE, - X509_ATTRIBUTE_free, 0); - M_ASN1_D2I_Finish(a, PKCS8_PRIV_KEY_INFO_free, ASN1_F_D2I_PKCS8_PRIV_KEY_INFO); -} - -void PKCS8_PRIV_KEY_INFO_free (PKCS8_PRIV_KEY_INFO *a) -{ - if (a == NULL) return; - M_ASN1_INTEGER_free (a->version); - X509_ALGOR_free(a->pkeyalg); - /* Clear sensitive data */ - if (a->pkey->value.octet_string) - memset (a->pkey->value.octet_string->data, - 0, a->pkey->value.octet_string->length); - ASN1_TYPE_free (a->pkey); - sk_X509_ATTRIBUTE_pop_free (a->attributes, X509_ATTRIBUTE_free); - OPENSSL_free (a); -} +IMPLEMENT_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO) diff --git a/crypto/asn1/t_req.c b/crypto/asn1/t_req.c index ea1af092db..b80ea1857f 100644 --- a/crypto/asn1/t_req.c +++ b/crypto/asn1/t_req.c @@ -145,13 +145,10 @@ int X509_REQ_print(BIO *bp, X509_REQ *x) if (BIO_puts(bp,str) <= 0) goto err; sk=x->req_info->attributes; - if ((sk == NULL) || (sk_X509_ATTRIBUTE_num(sk) == 0)) + if (sk_X509_ATTRIBUTE_num(sk) == 0) { - if (!x->req_info->req_kludge) - { - sprintf(str,"%12sa0:00\n",""); - if (BIO_puts(bp,str) <= 0) goto err; - } + sprintf(str,"%12sa0:00\n",""); + if (BIO_puts(bp,str) <= 0) goto err; } else { @@ -170,7 +167,13 @@ int X509_REQ_print(BIO *bp, X509_REQ *x) if (BIO_puts(bp,str) <= 0) goto err; if ((j=i2a_ASN1_OBJECT(bp,a->object)) > 0) { - if (a->set) + if (a->single) + { + t=a->value.single; + type=t->type; + bs=t->value.bit_string; + } + else { ii=0; count=sk_ASN1_TYPE_num(a->value.set); @@ -179,12 +182,6 @@ get_next: type=at->type; bs=at->value.asn1_string; } - else - { - t=a->value.single; - type=t->type; - bs=t->value.bit_string; - } } for (j=25-j; j>0; j--) if (BIO_write(bp," ",1) != 1) goto err; diff --git a/crypto/asn1/t_spki.c b/crypto/asn1/t_spki.c index d708434fca..f27342136d 100644 --- a/crypto/asn1/t_spki.c +++ b/crypto/asn1/t_spki.c @@ -59,7 +59,7 @@ #include <stdio.h> #include "cryptlib.h" #include <openssl/x509.h> -#include <openssl/asn1_mac.h> +#include <openssl/asn1.h> /* Print out an SPKI */ diff --git a/crypto/asn1/t_x509a.c b/crypto/asn1/t_x509a.c index f06af5b576..7d4a6e6084 100644 --- a/crypto/asn1/t_x509a.c +++ b/crypto/asn1/t_x509a.c @@ -59,7 +59,7 @@ #include <stdio.h> #include "cryptlib.h" #include <openssl/evp.h> -#include <openssl/asn1_mac.h> +#include <openssl/asn1.h> #include <openssl/x509.h> /* X509_CERT_AUX and string set routines diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c new file mode 100644 index 0000000000..0caa8f6bd3 --- /dev/null +++ b/crypto/asn1/tasn_dec.c @@ -0,0 +1,910 @@ +/* tasn_dec.c */ +/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL + * project 2000. + */ +/* ==================================================================== + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + + +#include <stddef.h> +#include <openssl/asn1.h> +#include <openssl/asn1t.h> +#include <openssl/objects.h> +#include <openssl/buffer.h> +#include <openssl/err.h> + +static int asn1_check_eoc(unsigned char **in, long len); +static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass); +static int collect_data(BUF_MEM *buf, unsigned char **p, long plen); +static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf, char *cst, + unsigned char **in, long len, int exptag, int expclass, char opt, ASN1_TLC *ctx); +static int asn1_template_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx); +static int asn1_template_noexp_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx); +static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long len, + const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx); + +/* Macro to initialize and invalidate the cache */ + +#define asn1_tlc_clear(c) if(c) (c)->valid = 0 + +/* Decode an ASN1 item, this currently behaves just + * like a standard 'd2i' function. 'in' points to + * a buffer to read the data from, in future we will + * have more advanced versions that can input data + * a piece at a time and this will simply be a special + * case. + */ + +ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it) +{ + ASN1_TLC c; + ASN1_VALUE *ptmpval = NULL; + if(!pval) pval = &ptmpval; + asn1_tlc_clear(&c); + if(ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0) + return *pval; + return NULL; +} + +int ASN1_template_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt) +{ + ASN1_TLC c; + asn1_tlc_clear(&c); + return asn1_template_ex_d2i(pval, in, len, tt, 0, &c); +} + + +/* Decode an item, taking care of IMPLICIT tagging, if any. + * If 'opt' set and tag mismatch return -1 to handle OPTIONAL + */ + +int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it, + int tag, int aclass, char opt, ASN1_TLC *ctx) +{ + const ASN1_TEMPLATE *tt, *errtt = NULL; + const ASN1_COMPAT_FUNCS *cf; + const ASN1_EXTERN_FUNCS *ef; + const ASN1_AUX *aux = it->funcs; + ASN1_aux_cb *asn1_cb; + unsigned char *p, *q, imphack = 0, oclass; + char seq_eoc, seq_nolen, cst, isopt; + long tmplen; + int i; + int otag; + int ret = 0; + ASN1_VALUE *pchval, **pchptr, *ptmpval; + if(!pval) return 0; + if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb; + else asn1_cb = 0; + + switch(it->itype) { + + case ASN1_ITYPE_PRIMITIVE: + if(it->templates) + return asn1_template_ex_d2i(pval, in, len, it->templates, opt, ctx); + return asn1_d2i_ex_primitive(pval, in, len, it, tag, aclass, opt, ctx); + break; + + case ASN1_ITYPE_MSTRING: + p = *in; + /* Just read in tag and class */ + ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL, &p, len, -1, 0, 1, ctx); + if(!ret) { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); + goto err; + } + /* Must be UNIVERSAL class */ + if(oclass != V_ASN1_UNIVERSAL) { + /* If OPTIONAL, assume this is OK */ + if(opt) return -1; + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_NOT_UNIVERSAL); + goto err; + } + /* Check tag matches bit map */ + if(!(ASN1_tag2bit(otag) & it->utype)) { + /* If OPTIONAL, assume this is OK */ + if(opt) return -1; + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_WRONG_TAG); + goto err; + } + return asn1_d2i_ex_primitive(pval, in, len, it, otag, 0, 0, ctx); + + case ASN1_ITYPE_EXTERN: + /* Use new style d2i */ + ef = it->funcs; + return ef->asn1_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx); + + case ASN1_ITYPE_COMPAT: + /* we must resort to old style evil hackery */ + cf = it->funcs; + + /* If OPTIONAL see if it is there */ + if(opt) { + int exptag; + p = *in; + if(tag == -1) exptag = it->utype; + else exptag = tag; + /* Don't care about anything other than presence of expected tag */ + ret = asn1_check_tlen(NULL, NULL, NULL, NULL, NULL, &p, len, exptag, aclass, 1, ctx); + if(!ret) { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); + goto err; + } + if(ret == -1) return -1; + } + /* This is the old style evil hack IMPLICIT handling: + * since the underlying code is expecting a tag and + * class other than the one present we change the + * buffer temporarily then change it back afterwards. + * This doesn't and never did work for tags > 30. + * + * Yes this is *horrible* but it is only needed for + * old style d2i which will hopefully not be around + * for much longer. + * FIXME: should copy the buffer then modify it so + * the input buffer can be const: we should *always* + * copy because the old style d2i might modify the + * buffer. + */ + + if(tag != -1) { + p = *in; + imphack = *p; + *p = (*p & V_ASN1_CONSTRUCTED) | it->utype; + } + + ptmpval = cf->asn1_d2i(pval, in, len); + + if(tag != -1) *p = imphack; + + if(ptmpval) return 1; + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); + goto err; + + + case ASN1_ITYPE_CHOICE: + if(asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it)) + goto auxerr; + /* CHOICE type, try each possibility in turn */ + pchval = NULL; + p = *in; + for(i = 0, tt=it->templates; i < it->tcount; i++, tt++) { + /* We mark field as OPTIONAL so its absence + * can be recognised. + */ + ret = asn1_template_ex_d2i(&pchval, &p, len, tt, 1, ctx); + /* If field not present, try the next one */ + if(ret == -1) continue; + /* If positive return, read OK, break loop */ + if(ret > 0) break; + /* Otherwise must be an ASN1 parsing error */ + errtt = tt; + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); + return 0; + } + /* Did we fall off the end without reading anything? */ + if(i == it->tcount) { + /* If OPTIONAL, this is OK */ + if(opt) return -1; + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_NO_MATCHING_CHOICE_TYPE); + return 0; + } + /* Otherwise we got a match, allocate structure and populate it */ + if(!*pval) { + if(!ASN1_item_ex_new(pval, it)) { + errtt = tt; + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); + return 0; + } + } + pchptr = asn1_get_field_ptr(pval, tt); + *pchptr = pchval; + asn1_set_choice_selector(pval, i, it); + *in = p; + if(asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it)) + goto auxerr; + return 1; + + case ASN1_ITYPE_SEQUENCE: + p = *in; + tmplen = len; + + /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */ + if(tag == -1) { + tag = V_ASN1_SEQUENCE; + aclass = V_ASN1_UNIVERSAL; + } + /* Get SEQUENCE length and update len, p */ + ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst, &p, len, tag, aclass, opt, ctx); + if(!ret) { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); + goto err; + } else if(ret == -1) return -1; + if(aux && (aux->flags & ASN1_AFLG_BROKEN)) { + len = tmplen - (p - *in); + seq_nolen = 1; + } else seq_nolen = seq_eoc; /* If indefinite we don't do a length check */ + if(!cst) { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_NOT_CONSTRUCTED); + goto err; + } + + if(!*pval) { + if(!ASN1_item_ex_new(pval, it)) { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR); + goto err; + } + } + if(asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it)) + goto auxerr; + + /* Get each field entry */ + for(i = 0, tt = it->templates; i < it->tcount; i++, tt++) { + const ASN1_TEMPLATE *seqtt; + ASN1_VALUE **pseqval; + seqtt = asn1_do_adb(pval, tt, 1); + if(!seqtt) goto err; + pseqval = asn1_get_field_ptr(pval, seqtt); + /* Have we ran out of data? */ + if(!len) break; + q = p; + if(asn1_check_eoc(&p, len)) { + if(!seq_eoc) { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_UNEXPECTED_EOC); + goto err; + } + len -= p - q; + seq_eoc = 0; + q = p; + break; + } + /* This determines the OPTIONAL flag value. The field cannot + * be omitted if it is the last of a SEQUENCE and there is + * still data to be read. This isn't strictly necessary but + * it increases efficiency in some cases. + */ + if(i == (it->tcount - 1)) isopt = 0; + else isopt = seqtt->flags & ASN1_TFLG_OPTIONAL; + /* attempt to read in field, allowing each to be OPTIONAL */ + ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx); + if(!ret) { + errtt = seqtt; + goto err; + } else if(ret == -1) { + /* OPTIONAL component absent. Free and zero the field + */ + ASN1_template_free(pseqval, seqtt); + continue; + } + /* Update length */ + len -= p - q; + } + /* Check for EOC if expecting one */ + if(seq_eoc && !asn1_check_eoc(&p, len)) { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MISSING_EOC); + goto err; + } + /* Check all data read */ + if(!seq_nolen && len) { + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_LENGTH_MISMATCH); + goto err; + } + + /* If we get here we've got no more data in the SEQUENCE, + * however we may not have read all fields so check all + * remaining are OPTIONAL and clear any that are. + */ + for(; i < it->tcount; tt++, i++) { + const ASN1_TEMPLATE *seqtt; + seqtt = asn1_do_adb(pval, tt, 1); + if(!seqtt) goto err; + if(seqtt->flags & ASN1_TFLG_OPTIONAL) { + ASN1_VALUE **pseqval; + pseqval = asn1_get_field_ptr(pval, seqtt); + ASN1_template_free(pseqval, seqtt); + } else { + errtt = seqtt; + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_FIELD_MISSING); + goto err; + } + } + /* Save encoding */ + if(!asn1_enc_save(pval, *in, p - *in, it)) goto auxerr; + *in = p; + if(asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it)) + goto auxerr; + return 1; + + default: + return 0; + } + auxerr: + ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR); + err: + ASN1_item_ex_free(pval, it); + if(errtt) ERR_add_error_data(4, "Field=", errtt->field_name, ", Type=", it->sname); + else ERR_add_error_data(2, "Type=", it->sname); + return 0; +} + +/* Templates are handled with two separate functions. One handles any EXPLICIT tag and the other handles the + * rest. + */ + +int asn1_template_ex_d2i(ASN1_VALUE **val, unsigned char **in, long inlen, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx) +{ + int flags, aclass; + int ret; + long len; + unsigned char *p, *q; + char exp_eoc; + if(!val) return 0; + flags = tt->flags; + aclass = flags & ASN1_TFLG_TAG_CLASS; + + p = *in; + + /* Check if EXPLICIT tag expected */ + if(flags & ASN1_TFLG_EXPTAG) { + char cst; + /* Need to work out amount of data available to the inner content and where it + * starts: so read in EXPLICIT header to get the info. + */ + ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst, &p, inlen, tt->tag, aclass, opt, ctx); + q = p; + if(!ret) { + ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR); + return 0; + } else if(ret == -1) return -1; + if(!cst) { + ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED); + return 0; + } + /* We've found the field so it can't be OPTIONAL now */ + ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx); + if(!ret) { + ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR); + return 0; + } + /* We read the field in OK so update length */ + len -= p - q; + if(exp_eoc) { + /* If NDEF we must have an EOC here */ + if(!asn1_check_eoc(&p, len)) { + ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_MISSING_EOC); + goto err; + } + } else { + /* Otherwise we must hit the EXPLICIT tag end or its an error */ + if(len) { + ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_EXPLICIT_LENGTH_MISMATCH); + goto err; + } + } + } else + return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx); + + *in = p; + return 1; + + err: + ASN1_template_free(val, tt); + *val = NULL; + return 0; +} + +static int asn1_template_noexp_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx) +{ + int flags, aclass; + int ret; + unsigned char *p, *q; + if(!val) return 0; + flags = tt->flags; + aclass = flags & ASN1_TFLG_TAG_CLASS; + + p = *in; + q = p; + + if(flags & ASN1_TFLG_SK_MASK) { + /* SET OF, SEQUENCE OF */ + int sktag, skaclass; + char sk_eoc; + /* First work out expected inner tag value */ + if(flags & ASN1_TFLG_IMPTAG) { + sktag = tt->tag; + skaclass = aclass; + } else { + skaclass = V_ASN1_UNIVERSAL; + if(flags & ASN1_TFLG_SET_OF) sktag = V_ASN1_SET; + else sktag = V_ASN1_SEQUENCE; + } + /* Get the tag */ + ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL, &p, len, sktag, skaclass, opt, ctx); + if(!ret) { + ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR); + return 0; + } else if(ret == -1) return -1; + if(!*val) *val = (ASN1_VALUE *)sk_new_null(); + else { + /* We've got a valid STACK: free up any items present */ + STACK *sktmp = (STACK *)*val; + ASN1_VALUE *vtmp; + while(sk_num(sktmp) > 0) { + vtmp = (ASN1_VALUE *)sk_pop(sktmp); + ASN1_item_ex_free(&vtmp, tt->item); + } + } + + if(!*val) { + ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_MALLOC_FAILURE); + goto err; + } + /* Read as many items as we can */ + while(len > 0) { + ASN1_VALUE *skfield; + q = p; + /* See if EOC found */ + if(asn1_check_eoc(&p, len)) { + if(!sk_eoc) { + ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_UNEXPECTED_EOC); + goto err; + } + len -= p - q; + sk_eoc = 0; + break; + } + skfield = NULL; + if(!ASN1_item_ex_d2i(&skfield, &p, len, tt->item, -1, 0, 0, ctx)) { + ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR); + goto err; + } + len -= p - q; + if(!sk_push((STACK *)*val, (char *)skfield)) { + ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_MALLOC_FAILURE); + goto err; + } + } + if(sk_eoc) { + ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_MISSING_EOC); + goto err; + } + } else if(flags & ASN1_TFLG_IMPTAG) { + /* IMPLICIT tagging */ + ret = ASN1_item_ex_d2i(val, &p, len, tt->item, tt->tag, aclass, opt, ctx); + if(!ret) { + ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR); + goto err; + } else if(ret == -1) return -1; + } else { + /* Nothing special */ + ret = ASN1_item_ex_d2i(val, &p, len, tt->item, -1, 0, opt, ctx); + if(!ret) { + ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR); + goto err; + } else if(ret == -1) return -1; + } + + *in = p; + return 1; + + err: + ASN1_template_free(val, tt); + *val = NULL; + return 0; +} + +static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inlen, + const ASN1_ITEM *it, + int tag, int aclass, char opt, ASN1_TLC *ctx) +{ + int ret = 0, utype; + long plen; + char cst, inf, free_cont = 0; + unsigned char *p; + BUF_MEM buf; + unsigned char *cont = NULL; + long len; + if(!pval) { + ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_NULL); + return 0; /* Should never happen */ + } + + if(it->itype == ASN1_ITYPE_MSTRING) { + utype = tag; + tag = -1; + } else utype = it->utype; + + if(utype == V_ASN1_ANY) { + /* If type is ANY need to figure out type from tag */ + unsigned char oclass; + if(tag >= 0) { + ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_TAGGED_ANY); + return 0; + } + if(opt) { + ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_OPTIONAL_ANY); + return 0; + } + p = *in; + ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL, &p, inlen, -1, 0, 0, ctx); + if(!ret) { + ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR); + return 0; + } + if(oclass != V_ASN1_UNIVERSAL) utype = V_ASN1_OTHER; + } + if(tag == -1) { + tag = utype; + aclass = V_ASN1_UNIVERSAL; + } + p = *in; + /* Check header */ + ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst, &p, inlen, tag, aclass, opt, ctx); + if(!ret) { + ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR); + return 0; + } else if(ret == -1) return -1; + /* SEQUENCE, SET and "OTHER" are left in encoded form */ + if((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) { + /* SEQUENCE and SET must be constructed */ + if((utype != V_ASN1_OTHER) && !cst) { + ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_TYPE_NOT_CONSTRUCTED); + return 0; + } + + cont = *in; + /* If indefinite length constructed find the real end */ + if(inf) { + asn1_collect(NULL, &p, plen, inf, -1, -1); + len = p - cont; + } else { + len = p - cont + plen; + p += plen; + buf.data = NULL; + } + } else if(cst) { + buf.length = 0; + buf.max = 0; + buf.data = NULL; + /* Should really check the internal tags are correct but + * some things may get this wrong. The relevant specs + * say that constructed string types should be OCTET STRINGs + * internally irrespective of the type. So instead just check + * for UNIVERSAL class and ignore the tag. + */ + asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL); + cont = (unsigned char *)buf.data; + len = buf.length; + free_cont = 1; + } else { + cont = p; + len = plen; + p += plen; + } + + /* We now have content length and type: translate into a structure */ + if(!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it)) goto err; + + *in = p; + ret = 1; + err: + if(free_cont && buf.data) OPENSSL_free(buf.data); + return ret; +} + +/* Translate ASN1 content octets into a structure */ + +int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it) +{ + ASN1_STRING *stmp; + ASN1_TYPE *typ = NULL; + int ret = 0; + const ASN1_PRIMITIVE_FUNCS *pf; + pf = it->funcs; + if(pf && pf->prim_c2i) return pf->prim_c2i(pval, cont, len, utype, free_cont, it); + /* If ANY type clear type and set pointer to internal value */ + if(it->utype == V_ASN1_ANY) { + if(!*pval) { + typ = ASN1_TYPE_new(); + *pval = (ASN1_VALUE *)typ; + } else typ = (ASN1_TYPE *)pval; + if(utype != typ->type) ASN1_TYPE_set(typ, utype, NULL); + pval = (ASN1_VALUE **)&typ->value.ptr; + } + switch(utype) { + case V_ASN1_OBJECT: + if(!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len)) goto err; + break; + + case V_ASN1_NULL: + if(len) { + ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_NULL_IS_WRONG_LENGTH); + goto err; + } + *pval = (ASN1_VALUE *)1; + break; + + case V_ASN1_BOOLEAN: + if(len != 1) { + ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_BOOLEAN_IS_WRONG_LENGTH); + goto err; + } else { + ASN1_BOOLEAN *tbool; + tbool = (ASN1_BOOLEAN *)pval; + *tbool = *cont; + } + break; + + case V_ASN1_BIT_STRING: + if(!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len)) goto err; + break; + + case V_ASN1_INTEGER: + case V_ASN1_NEG_INTEGER: + case V_ASN1_ENUMERATED: + case V_ASN1_NEG_ENUMERATED: + if(!c2i_ASN1_INTEGER((ASN1_INTEGER **)pval, &cont, len)) goto err; + break; + + case V_ASN1_OCTET_STRING: + case V_ASN1_NUMERICSTRING: + case V_ASN1_PRINTABLESTRING: + case V_ASN1_T61STRING: + case V_ASN1_VIDEOTEXSTRING: + case V_ASN1_IA5STRING: + case V_ASN1_UTCTIME: + case V_ASN1_GENERALIZEDTIME: + case V_ASN1_GRAPHICSTRING: + case V_ASN1_VISIBLESTRING: + case V_ASN1_GENERALSTRING: + case V_ASN1_UNIVERSALSTRING: + case V_ASN1_BMPSTRING: + case V_ASN1_UTF8STRING: + case V_ASN1_OTHER: + case V_ASN1_SET: + case V_ASN1_SEQUENCE: + default: + /* All based on ASN1_STRING and handled the same */ + if(!*pval) { + stmp = ASN1_STRING_type_new(utype); + if(!stmp) { + ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE); + goto err; + } + *pval = (ASN1_VALUE *)stmp; + } else { + stmp = (ASN1_STRING *)*pval; + stmp->type = utype; + } + /* If we've already allocated a buffer use it */ + if(*free_cont) { + if(stmp->data) OPENSSL_free(stmp->data); + stmp->data = cont; + stmp->length = len; + *free_cont = 0; + } else { + if(!ASN1_STRING_set(stmp, cont, len)) { + ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE); + ASN1_STRING_free(stmp); + *pval = NULL; + goto err; + } + } + break; + } + /* If ASN1_ANY and NULL type fix up value */ + if(typ && utype==V_ASN1_NULL) typ->value.ptr = NULL; + + ret = 1; + err: + if(!ret) ASN1_TYPE_free(typ); + return ret; +} + +/* This function collects the asn1 data from a constructred string + * type into a buffer. The values of 'in' and 'len' should refer + * to the contents of the constructed type and 'inf' should be set + * if it is indefinite length. If 'buf' is NULL then we just want + * to find the end of the current structure: useful for indefinite + * length constructed stuff. + */ + +static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass) +{ + unsigned char *p, *q; + long plen; + char cst, ininf; + p = *in; + inf &= 1; + /* If no buffer and not indefinite length constructed just pass over the encoded data */ + if(!buf && !inf) { + *in += len; + return 1; + } + while(len > 0) { + q = p; + /* Check for EOC */ + if(asn1_check_eoc(&p, len)) { + /* EOC is illegal outside indefinite length constructed form */ + if(!inf) { + ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_UNEXPECTED_EOC); + return 0; + } + inf = 0; + break; + } + if(!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p, len, tag, aclass, 0, NULL)) { + ASN1err(ASN1_F_ASN1_COLLECT, ERR_R_NESTED_ASN1_ERROR); + return 0; + } + /* If indefinite length constructed update max length */ + if(cst) { + if(!asn1_collect(buf, &p, plen, ininf, tag, aclass)) return 0; + } else { + if(!collect_data(buf, &p, plen)) return 0; + } + len -= p - q; + } + if(inf) { + ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_MISSING_EOC); + return 0; + } + *in = p; + return 1; +} + +static int collect_data(BUF_MEM *buf, unsigned char **p, long plen) +{ + int len; + if(buf) { + len = buf->length; + if(!BUF_MEM_grow(buf, len + plen)) { + ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE); + return 0; + } + memcpy(buf->data + len, *p, plen); + } + *p += plen; + return 1; +} + +/* Check for ASN1 EOC and swallow it if found */ + +static int asn1_check_eoc(unsigned char **in, long len) +{ + unsigned char *p; + if(len < 2) return 0; + p = *in; + if(!p[0] && !p[1]) { + *in += 2; + return 1; + } + return 0; +} + +/* Check an ASN1 tag and length: a bit like ASN1_get_object + * but it sets the length for indefinite length constructed + * form, we don't know the exact length but we can set an + * upper bound to the amount of data available minus the + * header length just read. + */ + +static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf, char *cst, + unsigned char **in, long len, int exptag, int expclass, char opt, ASN1_TLC *ctx) +{ + int i; + int ptag, pclass; + long plen; + unsigned char *p, *q; + p = *in; + q = p; + + if(ctx && ctx->valid) { + i = ctx->ret; + plen = ctx->plen; + pclass = ctx->pclass; + ptag = ctx->ptag; + p += ctx->hdrlen; + } else { + i = ASN1_get_object(&p, &plen, &ptag, &pclass, len); + if(ctx) { + ctx->ret = i; + ctx->plen = plen; + ctx->pclass = pclass; + ctx->ptag = ptag; + ctx->hdrlen = p - q; + ctx->valid = 1; + } + /* If definite length, length + header can't exceed total + * amount of data available. + */ + if(!(i & 1) && ((plen + ctx->hdrlen) > len)) { + ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_TOO_LONG); + asn1_tlc_clear(ctx); + return 0; + } + } + + if(i & 0x80) { + ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_BAD_OBJECT_HEADER); + asn1_tlc_clear(ctx); + return 0; + } + if(exptag >= 0) { + if((exptag != ptag) || (expclass != pclass)) { + /* If type is OPTIONAL, not an error, but indicate missing + * type. + */ + if(opt) return -1; + asn1_tlc_clear(ctx); + ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_WRONG_TAG); + return 0; + } + /* We have a tag and class match, so assume we are going to do something with it */ + asn1_tlc_clear(ctx); + } + + if(i & 1) plen = len - (p - q); + + if(inf) *inf = i & 1; + + if(cst) *cst = i & V_ASN1_CONSTRUCTED; + + if(olen) *olen = plen; + if(oclass) *oclass = pclass; + if(otag) *otag = ptag; + + *in = p; + return 1; +} diff --git a/crypto/asn1/tasn_enc.c b/crypto/asn1/tasn_enc.c new file mode 100644 index 0000000000..f6d33e1776 --- /dev/null +++ b/crypto/asn1/tasn_enc.c @@ -0,0 +1,485 @@ +/* tasn_enc.c */ +/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL + * project 2000. + */ +/* ==================================================================== + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + + +#include <stddef.h> +#include <openssl/asn1.h> +#include <openssl/asn1t.h> +#include <openssl/objects.h> + +static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); +static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *seq, unsigned char **out, int skcontlen, const ASN1_ITEM *item, int isset); + +/* Encode an ASN1 item, this is compatible with the + * standard 'i2d' function. 'out' points to + * a buffer to output the data to, in future we will + * have more advanced versions that can output data + * a piece at a time and this will simply be a special + * case. + * + * The new i2d has one additional feature. If the output + * buffer is NULL (i.e. *out == NULL) then a buffer is + * allocated and populated with the encoding. + */ + + +int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it) +{ + if(out && !*out) { + unsigned char *p, *buf; + int len; + len = ASN1_item_ex_i2d(&val, NULL, it, -1, 0); + if(len <= 0) return len; + buf = OPENSSL_malloc(len); + if(!buf) return -1; + p = buf; + ASN1_item_ex_i2d(&val, &p, it, -1, 0); + *out = buf; + return len; + } + + return ASN1_item_ex_i2d(&val, out, it, -1, 0); +} + +/* Encode an item, taking care of IMPLICIT tagging (if any). + * This function performs the normal item handling: it can be + * used in external types. + */ + +int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass) +{ + const ASN1_TEMPLATE *tt = NULL; + unsigned char *p = NULL; + int i, seqcontlen, seqlen; + ASN1_STRING *strtmp; + const ASN1_COMPAT_FUNCS *cf; + const ASN1_EXTERN_FUNCS *ef; + const ASN1_AUX *aux = it->funcs; + ASN1_aux_cb *asn1_cb; + if((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval) return 0; + if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb; + else asn1_cb = 0; + + switch(it->itype) { + + case ASN1_ITYPE_PRIMITIVE: + if(it->templates) + return ASN1_template_i2d(pval, out, it->templates); + return asn1_i2d_ex_primitive(pval, out, it, tag, aclass); + break; + + case ASN1_ITYPE_MSTRING: + strtmp = (ASN1_STRING *)*pval; + return asn1_i2d_ex_primitive(pval, out, it, -1, 0); + + case ASN1_ITYPE_CHOICE: + if(asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it)) + return 0; + i = asn1_get_choice_selector(pval, it); + if((i >= 0) && (i < it->tcount)) { + ASN1_VALUE **pchval; + const ASN1_TEMPLATE *chtt; + chtt = it->templates + i; + pchval = asn1_get_field_ptr(pval, chtt); + return ASN1_template_i2d(pchval, out, chtt); + } + /* Fixme: error condition if selector out of range */ + if(asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it)) + return 0; + break; + + case ASN1_ITYPE_EXTERN: + /* If new style i2d it does all the work */ + ef = it->funcs; + return ef->asn1_ex_i2d(pval, out, it, tag, aclass); + + case ASN1_ITYPE_COMPAT: + /* old style hackery... */ + cf = it->funcs; + if(out) p = *out; + i = cf->asn1_i2d(*pval, out); + /* Fixup for IMPLICIT tag: note this messes up for tags > 30, + * but so did the old code. Tags > 30 are very rare anyway. + */ + if(out && (tag != -1)) + *p = aclass | tag | (*p & V_ASN1_CONSTRUCTED); + return i; + + case ASN1_ITYPE_SEQUENCE: + i = asn1_enc_restore(&seqcontlen, out, pval, it); + /* An error occurred */ + if(i < 0) return 0; + /* We have a valid cached encoding... */ + if(i > 0) return seqcontlen; + /* Otherwise carry on */ + seqcontlen = 0; + /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */ + if(tag == -1) { + tag = V_ASN1_SEQUENCE; + aclass = V_ASN1_UNIVERSAL; + } + if(asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it)) + return 0; + /* First work out sequence content length */ + for(i = 0, tt = it->templates; i < it->tcount; tt++, i++) { + const ASN1_TEMPLATE *seqtt; + ASN1_VALUE **pseqval; + seqtt = asn1_do_adb(pval, tt, 1); + if(!seqtt) return 0; + pseqval = asn1_get_field_ptr(pval, seqtt); + /* FIXME: check for errors in enhanced version */ + /* FIXME: special handling of indefinite length encoding */ + seqcontlen += ASN1_template_i2d(pseqval, NULL, seqtt); + } + seqlen = ASN1_object_size(1, seqcontlen, tag); + if(!out) return seqlen; + /* Output SEQUENCE header */ + ASN1_put_object(out, 1, seqcontlen, tag, aclass); + for(i = 0, tt = it->templates; i < it->tcount; tt++, i++) { + const ASN1_TEMPLATE *seqtt; + ASN1_VALUE **pseqval; + seqtt = asn1_do_adb(pval, tt, 1); + if(!seqtt) return 0; + pseqval = asn1_get_field_ptr(pval, seqtt); + /* FIXME: check for errors in enhanced version */ + ASN1_template_i2d(pseqval, out, seqtt); + } + if(asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it)) + return 0; + return seqlen; + + default: + return 0; + } + return 0; +} + +int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt) +{ + int i, ret, flags, aclass; + flags = tt->flags; + aclass = flags & ASN1_TFLG_TAG_CLASS; + if(flags & ASN1_TFLG_SK_MASK) { + /* SET OF, SEQUENCE OF */ + STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval; + int isset, sktag, skaclass; + int skcontlen, sklen; + ASN1_VALUE *skitem; + if(!*pval) return 0; + isset = flags & ASN1_TFLG_SET_OF; + /* First work out inner tag value */ + if(flags & ASN1_TFLG_IMPTAG) { + sktag = tt->tag; + skaclass = aclass; + } else { + skaclass = V_ASN1_UNIVERSAL; + if(isset) sktag = V_ASN1_SET; + else sktag = V_ASN1_SEQUENCE; + } + /* Now work out length of items */ + skcontlen = 0; + for(i = 0; i < sk_ASN1_VALUE_num(sk); i++) { + skitem = sk_ASN1_VALUE_value(sk, i); + skcontlen += ASN1_item_ex_i2d(&skitem, NULL, tt->item, -1, 0); + } + sklen = ASN1_object_size(1, skcontlen, sktag); + /* If EXPLICIT need length of surrounding tag */ + if(flags & ASN1_TFLG_EXPTAG) + ret = ASN1_object_size(1, sklen, tt->tag); + else ret = sklen; + + if(!out) return ret; + + /* Now encode this lot... */ + /* EXPLICIT tag */ + if(flags & ASN1_TFLG_EXPTAG) + ASN1_put_object(out, 1, sklen, tt->tag, aclass); + /* SET or SEQUENCE and IMPLICIT tag */ + ASN1_put_object(out, 1, skcontlen, sktag, skaclass); + /* And finally the stuff itself */ + asn1_set_seq_out(sk, out, skcontlen, tt->item, isset); + + return ret; + } + + if(flags & ASN1_TFLG_EXPTAG) { + /* EXPLICIT tagging */ + /* Find length of tagged item */ + i = ASN1_item_ex_i2d(pval, NULL, tt->item, -1, 0); + if(!i) return 0; + /* Find length of EXPLICIT tag */ + ret = ASN1_object_size(1, i, tt->tag); + if(out) { + /* Output tag and item */ + ASN1_put_object(out, 1, i, tt->tag, aclass); + ASN1_item_ex_i2d(pval, out, tt->item, -1, 0); + } + return ret; + } + if(flags & ASN1_TFLG_IMPTAG) { + /* IMPLICIT tagging */ + return ASN1_item_ex_i2d(pval, out, tt->item, tt->tag, aclass); + } + /* Nothing special: treat as normal */ + return ASN1_item_ex_i2d(pval, out, tt->item, -1, 0); +} + +/* Temporary structure used to hold DER encoding of items for SET OF */ + +typedef struct { + unsigned char *data; + int length; +} DER_ENC; + +static int der_cmp(const void *a, const void *b) +{ + const DER_ENC *d1 = a, *d2 = b; + int cmplen, i; + cmplen = (d1->length < d2->length) ? d1->length : d2->length; + i = memcmp(d1->data, d2->data, cmplen); + if(i) return i; + return d1->length - d2->length; +} + +/* Output the content octets of SET OF or SEQUENCE OF */ + +static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, int skcontlen, const ASN1_ITEM *item, int do_sort) +{ + int i; + ASN1_VALUE *skitem; + unsigned char *tmpdat, *p; + DER_ENC *derlst, *tder; + if(do_sort) { + /* Don't need to sort less than 2 items */ + if(sk_ASN1_VALUE_num(sk) < 2) do_sort = 0; + else { + derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk) * sizeof(*derlst)); + tmpdat = OPENSSL_malloc(skcontlen); + if(!derlst || !tmpdat) return 0; + } + } + /* If not sorting just output each item */ + if(!do_sort) { + for(i = 0; i < sk_ASN1_VALUE_num(sk); i++) { + skitem = sk_ASN1_VALUE_value(sk, i); + ASN1_item_i2d(skitem, out, item); + } + return 1; + } + p = tmpdat; + /* Doing sort: build up a list of each member's DER encoding */ + for(i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) { + skitem = sk_ASN1_VALUE_value(sk, i); + tder->data = p; + tder->length = ASN1_item_i2d(skitem, &p, item); + } + /* Now sort them */ + qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp); + /* Output sorted DER encoding */ + p = *out; + for(i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) { + memcpy(p, tder->data, tder->length); + p += tder->length; + } + *out = p; + OPENSSL_free(derlst); + OPENSSL_free(tmpdat); + return 1; +} + +static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass) +{ + int len; + int utype; + int usetag; + + utype = it->utype; + + /* Get length of content octets and maybe find + * out the underlying type. + */ + + len = asn1_ex_i2c(pval, NULL, &utype, it); + + /* If SEQUENCE, SET or OTHER then header is + * included in pseudo content octets so don't + * include tag+length. We need to check here + * because the call to asn1_ex_i2c() could change + * utype. + */ + if((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || + (utype == V_ASN1_OTHER)) + usetag = 0; + else usetag = 1; + + /* -1 means omit type */ + + if(len == -1) return 0; + + /* If not implicitly tagged get tag from underlying type */ + if(tag == -1) tag = utype; + + /* Output tag+length followed by content octets */ + if(out) { + if(usetag) ASN1_put_object(out, 0, len, tag, aclass); + asn1_ex_i2c(pval, *out, &utype, it); + *out += len; + } + + if(usetag) return ASN1_object_size(0, len, tag); + return len; +} + +/* Produce content octets from a structure */ + +int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_ITEM *it) +{ + ASN1_BOOLEAN *tbool = NULL; + ASN1_STRING *strtmp; + ASN1_OBJECT *otmp; + int utype; + unsigned char *cont, c; + int len; + const ASN1_PRIMITIVE_FUNCS *pf; + pf = it->funcs; + if(pf && pf->prim_i2c) return pf->prim_i2c(pval, cout, putype, it); + + /* Should type be omitted? */ + if((it->itype != ASN1_ITYPE_PRIMITIVE) || (it->utype != V_ASN1_BOOLEAN)) { + if(!*pval) return -1; + } + + if(it->itype == ASN1_ITYPE_MSTRING) { + /* If MSTRING type set the underlying type */ + strtmp = (ASN1_STRING *)*pval; + utype = strtmp->type; + *putype = utype; + } else if(it->utype == V_ASN1_ANY) { + /* If ANY set type and pointer to value */ + ASN1_TYPE *typ; + typ = (ASN1_TYPE *)*pval; + utype = typ->type; + *putype = utype; + pval = (ASN1_VALUE **)&typ->value.ptr; + } else utype = *putype; + + switch(utype) { + case V_ASN1_OBJECT: + otmp = (ASN1_OBJECT *)*pval; + cont = otmp->data; + len = otmp->length; + break; + + case V_ASN1_NULL: + cont = NULL; + len = 0; + break; + + case V_ASN1_BOOLEAN: + tbool = (ASN1_BOOLEAN *)pval; + if(*tbool == -1) return -1; + /* Default handling if value == size field then omit */ + if(*tbool && (it->size > 0)) return -1; + if(!*tbool && !it->size) return -1; + c = (unsigned char)*tbool; + cont = &c; + len = 1; + break; + + case V_ASN1_BIT_STRING: + return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval, cout ? &cout : NULL); + break; + + case V_ASN1_INTEGER: + case V_ASN1_NEG_INTEGER: + case V_ASN1_ENUMERATED: + case V_ASN1_NEG_ENUMERATED: + /* These are all have the same content format + * as ASN1_INTEGER + */ + return i2c_ASN1_INTEGER((ASN1_INTEGER *)*pval, cout ? &cout : NULL); + break; + + case V_ASN1_OCTET_STRING: + case V_ASN1_NUMERICSTRING: + case V_ASN1_PRINTABLESTRING: + case V_ASN1_T61STRING: + case V_ASN1_VIDEOTEXSTRING: + case V_ASN1_IA5STRING: + case V_ASN1_UTCTIME: + case V_ASN1_GENERALIZEDTIME: + case V_ASN1_GRAPHICSTRING: + case V_ASN1_VISIBLESTRING: + case V_ASN1_GENERALSTRING: + case V_ASN1_UNIVERSALSTRING: + case V_ASN1_BMPSTRING: + case V_ASN1_UTF8STRING: + case V_ASN1_SEQUENCE: + case V_ASN1_SET: + default: + /* All based on ASN1_STRING and handled the same */ + strtmp = (ASN1_STRING *)*pval; + cont = strtmp->data; + len = strtmp->length; + + break; + + } + if(cout && len) memcpy(cout, cont, len); + return len; +} diff --git a/crypto/asn1/tasn_fre.c b/crypto/asn1/tasn_fre.c new file mode 100644 index 0000000000..75a4a6f634 --- /dev/null +++ b/crypto/asn1/tasn_fre.c @@ -0,0 +1,225 @@ +/* tasn_fre.c */ +/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL + * project 2000. + */ +/* ==================================================================== + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + + +#include <stddef.h> +#include <openssl/asn1.h> +#include <openssl/asn1t.h> +#include <openssl/objects.h> + +static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine); + +/* Free up an ASN1 structure */ + +void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it) +{ + asn1_item_combine_free(&val, it, 0); +} + +void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + asn1_item_combine_free(pval, it, 0); +} + +static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine) +{ + const ASN1_TEMPLATE *tt = NULL, *seqtt; + const ASN1_EXTERN_FUNCS *ef; + const ASN1_COMPAT_FUNCS *cf; + const ASN1_AUX *aux = it->funcs; + ASN1_aux_cb *asn1_cb; + int i; + if(!pval) return; + if((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval) return; + if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb; + else asn1_cb = 0; + + switch(it->itype) { + + case ASN1_ITYPE_PRIMITIVE: + if(it->templates) ASN1_template_free(pval, it->templates); + else ASN1_primitive_free(pval, it); + break; + + case ASN1_ITYPE_MSTRING: + ASN1_primitive_free(pval, it); + break; + + case ASN1_ITYPE_CHOICE: + if(asn1_cb) { + i = asn1_cb(ASN1_OP_FREE_PRE, pval, it); + if(i == 2) return; + } + i = asn1_get_choice_selector(pval, it); + if(asn1_cb) asn1_cb(ASN1_OP_FREE_PRE, pval, it); + if((i >= 0) && (i < it->tcount)) { + ASN1_VALUE **pchval; + tt = it->templates + i; + pchval = asn1_get_field_ptr(pval, tt); + ASN1_template_free(pchval, tt); + } + if(asn1_cb) asn1_cb(ASN1_OP_FREE_POST, pval, it); + if(!combine) { + OPENSSL_free(*pval); + *pval = NULL; + } + break; + + case ASN1_ITYPE_COMPAT: + cf = it->funcs; + if(cf && cf->asn1_free) cf->asn1_free(*pval); + break; + + case ASN1_ITYPE_EXTERN: + ef = it->funcs; + if(ef && ef->asn1_ex_free) ef->asn1_ex_free(pval, it); + break; + + case ASN1_ITYPE_SEQUENCE: + if(asn1_do_lock(pval, -1, it) > 0) return; + if(asn1_cb) { + i = asn1_cb(ASN1_OP_FREE_PRE, pval, it); + if(i == 2) return; + } + asn1_enc_free(pval, it); + /* If we free up as normal we will invalidate any + * ANY DEFINED BY field and we wont be able to + * determine the type of the field it defines. So + * free up in reverse order. + */ + tt = it->templates + it->tcount - 1; + for(i = 0; i < it->tcount; tt--, i++) { + ASN1_VALUE **pseqval; + seqtt = asn1_do_adb(pval, tt, 0); + if(!seqtt) continue; + pseqval = asn1_get_field_ptr(pval, seqtt); + ASN1_template_free(pseqval, seqtt); + } + if(asn1_cb) asn1_cb(ASN1_OP_FREE_POST, pval, it); + if(!combine) { + OPENSSL_free(*pval); + *pval = NULL; + } + break; + } +} + +void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) +{ + int i; + if(tt->flags & ASN1_TFLG_SK_MASK) { + STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval; + for(i = 0; i < sk_ASN1_VALUE_num(sk); i++) { + ASN1_VALUE *vtmp; + vtmp = sk_ASN1_VALUE_value(sk, i); + asn1_item_combine_free(&vtmp, tt->item, 0); + } + sk_ASN1_VALUE_free(sk); + *pval = NULL; + } else asn1_item_combine_free(pval, tt->item, tt->flags & ASN1_TFLG_COMBINE); +} + +void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + int utype; + if(it) { + const ASN1_PRIMITIVE_FUNCS *pf; + pf = it->funcs; + if(pf && pf->prim_free) { + pf->prim_free(pval, it); + return; + } + } + /* Special case: if 'it' is NULL free contents of ASN1_TYPE */ + if(!it) { + ASN1_TYPE *typ = (ASN1_TYPE *)*pval; + utype = typ->type; + pval = (ASN1_VALUE **)&typ->value.ptr; + if(!*pval) return; + } else if(it->itype == ASN1_ITYPE_MSTRING) { + utype = -1; + if(!*pval) return; + } else { + utype = it->utype; + if((utype != V_ASN1_BOOLEAN) && !*pval) return; + } + + switch(utype) { + case V_ASN1_OBJECT: + ASN1_OBJECT_free((ASN1_OBJECT *)*pval); + break; + + case V_ASN1_BOOLEAN: + *(ASN1_BOOLEAN *)pval = it->size; + return; + + case V_ASN1_NULL: + break; + + case V_ASN1_ANY: + ASN1_primitive_free(pval, NULL); + OPENSSL_free(*pval); + break; + + default: + ASN1_STRING_free((ASN1_STRING *)*pval); + *pval = NULL; + break; + } + *pval = NULL; +} diff --git a/crypto/asn1/tasn_new.c b/crypto/asn1/tasn_new.c new file mode 100644 index 0000000000..d6f1155928 --- /dev/null +++ b/crypto/asn1/tasn_new.c @@ -0,0 +1,313 @@ +/* tasn_new.c */ +/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL + * project 2000. + */ +/* ==================================================================== + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + + +#include <stddef.h> +#include <openssl/asn1.h> +#include <openssl/objects.h> +#include <openssl/err.h> +#include <openssl/asn1t.h> + +static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine); +static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it); +static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); +void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it); + +ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it) +{ + ASN1_VALUE *ret = NULL; + if(ASN1_item_ex_new(&ret, it) > 0) return ret; + return NULL; +} + +/* Allocate an ASN1 structure */ + +int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + return asn1_item_ex_combine_new(pval, it, 0); +} + +static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine) +{ + const ASN1_TEMPLATE *tt = NULL; + const ASN1_COMPAT_FUNCS *cf; + const ASN1_EXTERN_FUNCS *ef; + const ASN1_AUX *aux = it->funcs; + ASN1_aux_cb *asn1_cb; + ASN1_VALUE **pseqval; + int i; + if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb; + else asn1_cb = 0; + + if(!combine) *pval = NULL; + + switch(it->itype) { + + case ASN1_ITYPE_EXTERN: + ef = it->funcs; + if(ef && ef->asn1_ex_new) { + if(!ef->asn1_ex_new(pval, it)) + goto memerr; + } + break; + + case ASN1_ITYPE_COMPAT: + cf = it->funcs; + if(cf && cf->asn1_new) { + *pval = cf->asn1_new(); + if(!*pval) goto memerr; + } + break; + + case ASN1_ITYPE_PRIMITIVE: + if(it->templates) { + if(!ASN1_template_new(pval, it->templates)) + goto memerr; + } else { + if(!ASN1_primitive_new(pval, it)) + goto memerr; + } + break; + + case ASN1_ITYPE_MSTRING: + if(!ASN1_primitive_new(pval, it)) + goto memerr; + break; + + case ASN1_ITYPE_CHOICE: + if(asn1_cb) { + i = asn1_cb(ASN1_OP_NEW_PRE, pval, it); + if(!i) goto auxerr; + if(i==2) return 1; + } + if(!combine) { + *pval = OPENSSL_malloc(it->size); + if(!*pval) goto memerr; + memset(*pval, 0, it->size); + } + asn1_set_choice_selector(pval, -1, it); + if(asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it)) + goto auxerr; + break; + + case ASN1_ITYPE_SEQUENCE: + if(asn1_cb) { + i = asn1_cb(ASN1_OP_NEW_PRE, pval, it); + if(!i) goto auxerr; + if(i==2) return 1; + } + if(!combine) { + *pval = OPENSSL_malloc(it->size); + if(!*pval) goto memerr; + memset(*pval, 0, it->size); + asn1_do_lock(pval, 0, it); + asn1_enc_init(pval, it); + } + for(i = 0, tt = it->templates; i < it->tcount; tt++, i++) { + pseqval = asn1_get_field_ptr(pval, tt); + if(!ASN1_template_new(pseqval, tt)) goto memerr; + } + if(asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it)) + goto auxerr; + break; + } + return 1; + + memerr: + ASN1err(ASN1_F_ASN1_ITEM_NEW, ERR_R_MALLOC_FAILURE); + return 0; + + auxerr: + ASN1err(ASN1_F_ASN1_ITEM_NEW, ASN1_R_AUX_ERROR); + ASN1_item_ex_free(pval, it); + return 0; + +} + +static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + const ASN1_EXTERN_FUNCS *ef; + + switch(it->itype) { + + case ASN1_ITYPE_EXTERN: + ef = it->funcs; + if(ef && ef->asn1_ex_clear) + ef->asn1_ex_clear(pval, it); + else *pval = NULL; + break; + + + case ASN1_ITYPE_PRIMITIVE: + if(it->templates) + asn1_template_clear(pval, it->templates); + else + asn1_primitive_clear(pval, it); + break; + + case ASN1_ITYPE_MSTRING: + asn1_primitive_clear(pval, it); + break; + + case ASN1_ITYPE_COMPAT: + case ASN1_ITYPE_CHOICE: + case ASN1_ITYPE_SEQUENCE: + *pval = NULL; + break; + } +} + + +int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) +{ + const ASN1_ITEM *it = tt->item; + if(tt->flags & ASN1_TFLG_OPTIONAL) { + asn1_template_clear(pval, tt); + return 1; + } + /* If ANY DEFINED BY nothing to do */ + + if(tt->flags & ASN1_TFLG_ADB_MASK) { + *pval = NULL; + return 1; + } + /* If SET OF or SEQUENCE OF, its a STACK */ + if(tt->flags & ASN1_TFLG_SK_MASK) { + STACK_OF(ASN1_VALUE) *skval; + skval = sk_ASN1_VALUE_new_null(); + if(!skval) { + ASN1err(ASN1_F_ASN1_TEMPLATE_NEW, ERR_R_MALLOC_FAILURE); + return 0; + } + *pval = (ASN1_VALUE *)skval; + return 1; + } + /* Otherwise pass it back to the item routine */ + return asn1_item_ex_combine_new(pval, it, tt->flags & ASN1_TFLG_COMBINE); +} + +void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) +{ + /* If ADB or STACK just NULL the field */ + if(tt->flags & (ASN1_TFLG_ADB_MASK|ASN1_TFLG_SK_MASK)) + *pval = NULL; + else + asn1_item_clear(pval, tt->item); +} + + +/* NB: could probably combine most of the real XXX_new() behaviour and junk all the old + * functions. + */ + +int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + ASN1_TYPE *typ; + int utype; + const ASN1_PRIMITIVE_FUNCS *pf; + pf = it->funcs; + if(pf && pf->prim_new) return pf->prim_new(pval, it); + if(!it || (it->itype == ASN1_ITYPE_MSTRING)) utype = -1; + else utype = it->utype; + switch(utype) { + case V_ASN1_OBJECT: + *pval = (ASN1_VALUE *)OBJ_nid2obj(NID_undef); + return 1; + + case V_ASN1_BOOLEAN: + *(ASN1_BOOLEAN *)pval = it->size; + return 1; + + case V_ASN1_NULL: + *pval = (ASN1_VALUE *)1; + return 1; + + case V_ASN1_ANY: + typ = OPENSSL_malloc(sizeof(ASN1_TYPE)); + if(!typ) return 0; + typ->value.ptr = NULL; + typ->type = -1; + *pval = (ASN1_VALUE *)typ; + break; + + default: + *pval = (ASN1_VALUE *)ASN1_STRING_type_new(utype); + break; + } + if(*pval) return 1; + return 0; +} + +void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + int utype; + const ASN1_PRIMITIVE_FUNCS *pf; + pf = it->funcs; + if(pf) { + if(pf->prim_clear) + pf->prim_clear(pval, it); + else + *pval = NULL; + return; + } + if(!it || (it->itype == ASN1_ITYPE_MSTRING)) utype = -1; + else utype = it->utype; + if(utype == V_ASN1_BOOLEAN) + *(ASN1_BOOLEAN *)pval = it->size; + else *pval = NULL; +} diff --git a/crypto/asn1/tasn_prn.c b/crypto/asn1/tasn_prn.c new file mode 100644 index 0000000000..a0c71ea992 --- /dev/null +++ b/crypto/asn1/tasn_prn.c @@ -0,0 +1,196 @@ +/* tasn_prn.c */ +/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL + * project 2000. + */ +/* ==================================================================== + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + + +#include <stddef.h> +#include <openssl/asn1.h> +#include <openssl/objects.h> +#include <openssl/buffer.h> +#include <openssl/err.h> +#include <openssl/nasn.h> + +/* Print routines. Print out a whole structure from a template. + */ + +static int asn1_item_print_nm(BIO *out, void *fld, int indent, const ASN1_ITEM *it, const char *name); + +int ASN1_item_print(BIO *out, void *fld, int indent, const ASN1_ITEM *it) +{ + return asn1_item_print_nm(out, fld, indent, it, it->sname); +} + +static int asn1_item_print_nm(BIO *out, void *fld, int indent, const ASN1_ITEM *it, const char *name) +{ + ASN1_STRING *str; + const ASN1_TEMPLATE *tt; + void *tmpfld; + int i; + if(!fld) { + BIO_printf(out, "%*s%s ABSENT\n", indent, "", name); + return 1; + } + switch(it->itype) { + + case ASN1_ITYPE_PRIMITIVE: + if(it->templates) + return ASN1_template_print(out, fld, indent, it->templates); + return asn1_primitive_print(out, fld, it->utype, indent, name); + break; + + case ASN1_ITYPE_MSTRING: + str = fld; + return asn1_primitive_print(out, fld, str->type, indent, name); + + case ASN1_ITYPE_EXTERN: + BIO_printf(out, "%*s%s:EXTERNAL TYPE %s %s\n", indent, "", name, it->sname, fld ? "" : "ABSENT"); + return 1; + case ASN1_ITYPE_COMPAT: + BIO_printf(out, "%*s%s:COMPATIBLE TYPE %s %s\n", indent, "", name, it->sname, fld ? "" : "ABSENT"); + return 1; + + + case ASN1_ITYPE_CHOICE: + /* CHOICE type, get selector */ + i = asn1_get_choice_selector(fld, it); + /* This should never happen... */ + if((i < 0) || (i >= it->tcount)) { + BIO_printf(out, "%s selector [%d] out of range\n", it->sname, i); + return 1; + } + tt = it->templates + i; + tmpfld = asn1_get_field(fld, tt); + return ASN1_template_print(out, tmpfld, indent, tt); + + case ASN1_ITYPE_SEQUENCE: + BIO_printf(out, "%*s%s {\n", indent, "", name); + /* Get each field entry */ + for(i = 0, tt = it->templates; i < it->tcount; i++, tt++) { + tmpfld = asn1_get_field(fld, tt); + ASN1_template_print(out, tmpfld, indent + 2, tt); + } + BIO_printf(out, "%*s}\n", indent, ""); + return 1; + + default: + return 0; + } +} + +int ASN1_template_print(BIO *out, void *fld, int indent, const ASN1_TEMPLATE *tt) +{ + int i, flags; + //if(!fld) return 0; + flags = tt->flags; + if(flags & ASN1_TFLG_SK_MASK) { + char *tname; + void *skitem; + /* SET OF, SEQUENCE OF */ + if(flags & ASN1_TFLG_SET_OF) tname = "SET"; + else tname = "SEQUENCE"; + if(fld) { + BIO_printf(out, "%*s%s OF %s {\n", indent, "", tname, tt->field_name); + for(i = 0; i < sk_num(fld); i++) { + skitem = sk_value(fld, i); + asn1_item_print_nm(out, skitem, indent + 2, tt->item, ""); + } + BIO_printf(out, "%*s}\n", indent, ""); + } else + BIO_printf(out, "%*s%s OF %s ABSENT\n", indent, "", tname, tt->field_name); + return 1; + } + return asn1_item_print_nm(out, fld, indent, tt->item, tt->field_name); +} + +static int asn1_primitive_print(BIO *out, void *fld, long utype, int indent, const char *name) +{ + ASN1_STRING *str = fld; + if(fld) { + if(utype == V_ASN1_BOOLEAN) { + int *bool = fld; +if(*bool == -1) printf("BOOL MISSING\n"); + BIO_printf(out, "%*s%s:%s", indent, "", "BOOLEAN", *bool ? "TRUE" : "FALSE"); + } else if((utype == V_ASN1_INTEGER) + || (utype == V_ASN1_ENUMERATED)) { + char *s, *nm; + s = i2s_ASN1_INTEGER(NULL, fld); + if(utype == V_ASN1_INTEGER) nm = "INTEGER"; + else nm = "ENUMERATED"; + BIO_printf(out, "%*s%s:%s", indent, "", nm, s); + OPENSSL_free(s); + } else if(utype == V_ASN1_NULL) { + BIO_printf(out, "%*s%s", indent, "", "NULL"); + } else if(utype == V_ASN1_UTCTIME) { + BIO_printf(out, "%*s%s:%s:", indent, "", name, "UTCTIME"); + ASN1_UTCTIME_print(out, str); + } else if(utype == V_ASN1_GENERALIZEDTIME) { + BIO_printf(out, "%*s%s:%s:", indent, "", name, "GENERALIZEDTIME"); + ASN1_GENERALIZEDTIME_print(out, str); + } else if(utype == V_ASN1_OBJECT) { + char objbuf[80], *ln; + ln = OBJ_nid2ln(OBJ_obj2nid(fld)); + if(!ln) ln = ""; + OBJ_obj2txt(objbuf, 80, fld, 1); + BIO_printf(out, "%*s%s:%s (%s)", indent, "", "OBJECT", ln, objbuf); + } else { + BIO_printf(out, "%*s%s:", indent, "", name); + ASN1_STRING_print_ex(out, str, ASN1_STRFLGS_DUMP_UNKNOWN|ASN1_STRFLGS_SHOW_TYPE); + } + BIO_printf(out, "\n"); + } else BIO_printf(out, "%*s%s [ABSENT]\n", indent, "", name); + return 1; +} diff --git a/crypto/asn1/tasn_typ.c b/crypto/asn1/tasn_typ.c new file mode 100644 index 0000000000..188311ccd9 --- /dev/null +++ b/crypto/asn1/tasn_typ.c @@ -0,0 +1,130 @@ +/* tasn_typ.c */ +/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL + * project 2000. + */ +/* ==================================================================== + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ +#include <stdio.h> +#include <openssl/asn1.h> +#include <openssl/asn1t.h> + +/* Declarations for string types */ + + +IMPLEMENT_ASN1_TYPE(ASN1_INTEGER) +IMPLEMENT_ASN1_FUNCTIONS(ASN1_INTEGER) + +IMPLEMENT_ASN1_TYPE(ASN1_ENUMERATED) +IMPLEMENT_ASN1_FUNCTIONS(ASN1_ENUMERATED) + +IMPLEMENT_ASN1_TYPE(ASN1_BIT_STRING) +IMPLEMENT_ASN1_FUNCTIONS(ASN1_BIT_STRING) + +IMPLEMENT_ASN1_TYPE(ASN1_OCTET_STRING) +IMPLEMENT_ASN1_FUNCTIONS(ASN1_OCTET_STRING) + +IMPLEMENT_ASN1_TYPE(ASN1_NULL) +IMPLEMENT_ASN1_FUNCTIONS(ASN1_NULL) + +IMPLEMENT_ASN1_TYPE(ASN1_OBJECT) + +IMPLEMENT_ASN1_TYPE(ASN1_UTF8STRING) +IMPLEMENT_ASN1_FUNCTIONS(ASN1_UTF8STRING) + +IMPLEMENT_ASN1_TYPE(ASN1_PRINTABLESTRING) +IMPLEMENT_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING) + +IMPLEMENT_ASN1_TYPE(ASN1_T61STRING) +IMPLEMENT_ASN1_FUNCTIONS(ASN1_T61STRING) + +IMPLEMENT_ASN1_TYPE(ASN1_IA5STRING) +IMPLEMENT_ASN1_FUNCTIONS(ASN1_IA5STRING) + +IMPLEMENT_ASN1_TYPE(ASN1_UTCTIME) +IMPLEMENT_ASN1_FUNCTIONS(ASN1_UTCTIME) + +IMPLEMENT_ASN1_TYPE(ASN1_GENERALIZEDTIME) +IMPLEMENT_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME) + +IMPLEMENT_ASN1_TYPE(ASN1_VISIBLESTRING) +IMPLEMENT_ASN1_FUNCTIONS(ASN1_VISIBLESTRING) + +IMPLEMENT_ASN1_TYPE(ASN1_UNIVERSALSTRING) +IMPLEMENT_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING) + +IMPLEMENT_ASN1_TYPE(ASN1_BMPSTRING) +IMPLEMENT_ASN1_FUNCTIONS(ASN1_BMPSTRING) + +IMPLEMENT_ASN1_TYPE(ASN1_ANY) + +/* Just swallow an ASN1_SEQUENCE in an ASN1_STRING */ +IMPLEMENT_ASN1_TYPE(ASN1_SEQUENCE) + +IMPLEMENT_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE) + +/* Multistring types */ + +IMPLEMENT_ASN1_MSTRING(ASN1_PRINTABLE, B_ASN1_PRINTABLE) +IMPLEMENT_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE) + +IMPLEMENT_ASN1_MSTRING(DISPLAYTEXT, B_ASN1_DISPLAYTEXT) +IMPLEMENT_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT) + +IMPLEMENT_ASN1_MSTRING(DIRECTORYSTRING, B_ASN1_DIRECTORYSTRING) +IMPLEMENT_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING) + +/* Three separate BOOLEAN type: normal, DEFAULT TRUE and DEFAULT FALSE */ +IMPLEMENT_ASN1_TYPE_ex(ASN1_BOOLEAN, ASN1_BOOLEAN, -1) +IMPLEMENT_ASN1_TYPE_ex(ASN1_TBOOLEAN, ASN1_BOOLEAN, 1) +IMPLEMENT_ASN1_TYPE_ex(ASN1_FBOOLEAN, ASN1_BOOLEAN, 0) diff --git a/crypto/asn1/tasn_utl.c b/crypto/asn1/tasn_utl.c new file mode 100644 index 0000000000..16b2c14781 --- /dev/null +++ b/crypto/asn1/tasn_utl.c @@ -0,0 +1,252 @@ +/* tasn_utl.c */ +/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL + * project 2000. + */ +/* ==================================================================== + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + + +#include <stddef.h> +#include <openssl/asn1.h> +#include <openssl/asn1t.h> +#include <openssl/objects.h> +#include <openssl/err.h> + +/* Utility functions for manipulating fields and offsets */ + +/* Add 'offset' to 'addr' */ +#define offset2ptr(addr, offset) (void *)(((char *) addr) + offset) + +/* Given an ASN1_ITEM CHOICE type return + * the selector value + */ + +int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + int *sel = offset2ptr(*pval, it->utype); + return *sel; +} + +/* Given an ASN1_ITEM CHOICE type set + * the selector value, return old value. + */ + +int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it) +{ + int *sel, ret; + sel = offset2ptr(*pval, it->utype); + ret = *sel; + *sel = value; + return ret; +} + +/* Do reference counting. The value 'op' decides what to do. + * if it is +1 then the count is incremented. If op is 0 count is + * set to 1. If op is -1 count is decremented and the return value + * is the current refrence count or 0 if no reference count exists. + */ + +int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it) +{ + const ASN1_AUX *aux; + int *lck, ret; + if(it->itype != ASN1_ITYPE_SEQUENCE) return 0; + aux = it->funcs; + if(!aux || !(aux->flags & ASN1_AFLG_REFCOUNT)) return 0; + lck = offset2ptr(*pval, aux->ref_offset); + if(op == 0) { + *lck = 1; + return 1; + } + ret = CRYPTO_add(lck, op, aux->ref_lock); +#ifdef REF_PRINT + fprintf(stderr, "%s: Reference Count: %d\n", it->sname, *lck); +#endif +#ifdef REF_CHECK + if(ret < 0) + fprintf(stderr, "%s, bad reference count\n", it->sname); +#endif + return ret; +} + +static ASN1_ENCODING *asn1_get_enc_ptr(ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + const ASN1_AUX *aux; + if(!pval || !*pval) return NULL; + aux = it->funcs; + if(!aux || !(aux->flags & ASN1_AFLG_ENCODING)) return NULL; + return offset2ptr(*pval, aux->enc_offset); +} + +void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + ASN1_ENCODING *enc; + enc = asn1_get_enc_ptr(pval, it); + if(enc) { + enc->enc = NULL; + enc->len = 0; + enc->modified = 1; + } +} + +void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + ASN1_ENCODING *enc; + enc = asn1_get_enc_ptr(pval, it); + if(enc) { + if(enc->enc) OPENSSL_free(enc->enc); + enc->enc = NULL; + enc->len = 0; + enc->modified = 1; + } +} + +int asn1_enc_save(ASN1_VALUE **pval, unsigned char *in, int inlen, const ASN1_ITEM *it) +{ + ASN1_ENCODING *enc; + enc = asn1_get_enc_ptr(pval, it); + if(!enc) return 1; + + if(enc->enc) OPENSSL_free(enc->enc); + enc->enc = OPENSSL_malloc(inlen); + if(!enc->enc) return 0; + memcpy(enc->enc, in, inlen); + enc->len = inlen; + enc->modified = 0; + + return 1; +} + +int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + ASN1_ENCODING *enc; + enc = asn1_get_enc_ptr(pval, it); + if(!enc || enc->modified) return 0; + if(out) { + memcpy(*out, enc->enc, enc->len); + *out += enc->len; + } + if(len) *len = enc->len; + return 1; +} + +/* Given an ASN1_TEMPLATE get a pointer to a field */ +ASN1_VALUE ** asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt) +{ + ASN1_VALUE **pvaltmp; + if(tt->flags & ASN1_TFLG_COMBINE) return pval; + pvaltmp = offset2ptr(*pval, tt->offset); + /* NOTE for BOOLEAN types the field is just a plain + * int so we can't return int **, so settle for + * (int *). + */ + return pvaltmp; +} + +/* Handle ANY DEFINED BY template, find the selector, look up + * the relevant ASN1_TEMPLATE in the table and return it. + */ + +const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr) +{ + const ASN1_ADB *adb; + const ASN1_ADB_TABLE *atbl; + long selector; + ASN1_VALUE **sfld; + int i; + if(!(tt->flags & ASN1_TFLG_ADB_MASK)) return tt; + + /* Else ANY DEFINED BY ... get the table */ + adb = tt->item; + + /* Get the selector field */ + sfld = offset2ptr(*pval, adb->offset); + + /* Check if NULL */ + if(!sfld) { + if(!adb->null_tt) goto err; + return adb->null_tt; + } + + /* Convert type to a long: + * NB: don't check for NID_undef here because it + * might be a legitimate value in the table + */ + if(tt->flags & ASN1_TFLG_ADB_OID) + selector = OBJ_obj2nid((ASN1_OBJECT *)*sfld); + else + selector = ASN1_INTEGER_get((ASN1_INTEGER *)*sfld); + + /* Try to find matching entry in table + * Maybe should check application types first to + * allow application override? Might also be useful + * to have a flag which indicates table is sorted and + * we can do a binary search. For now stick to a + * linear search. + */ + + for(atbl = adb->tbl, i = 0; i < adb->tblcount; i++, atbl++) + if(atbl->value == selector) return &atbl->tt; + + /* FIXME: need to search application table too */ + + /* No match, return default type */ + if(!adb->default_tt) goto err; + return adb->default_tt; + + err: + /* FIXME: should log the value or OID of unsupported type */ + if(nullerr) ASN1err(ASN1_F_ASN1_DO_ADB, ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE); + return NULL; +} diff --git a/crypto/asn1/x_algor.c b/crypto/asn1/x_algor.c index 853a8dfeef..c1cf2a5f8e 100644 --- a/crypto/asn1/x_algor.c +++ b/crypto/asn1/x_algor.c @@ -1,118 +1,72 @@ -/* crypto/asn1/x_algor.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* x_algor.c */ +/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL + * project 2000. + */ +/* ==================================================================== + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * */ -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/asn1_mac.h> +#include <stddef.h> #include <openssl/x509.h> +#include <openssl/asn1.h> +#include <openssl/asn1t.h> -int i2d_X509_ALGOR(X509_ALGOR *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->algorithm,i2d_ASN1_OBJECT); - if (a->parameter != NULL) - { M_ASN1_I2D_len(a->parameter,i2d_ASN1_TYPE); } - - M_ASN1_I2D_seq_total(); - M_ASN1_I2D_put(a->algorithm,i2d_ASN1_OBJECT); - if (a->parameter != NULL) - { M_ASN1_I2D_put(a->parameter,i2d_ASN1_TYPE); } - - M_ASN1_I2D_finish(); - } - -X509_ALGOR *d2i_X509_ALGOR(X509_ALGOR **a, unsigned char **pp, long length) - { - M_ASN1_D2I_vars(a,X509_ALGOR *,X509_ALGOR_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->algorithm,d2i_ASN1_OBJECT); - if (!M_ASN1_D2I_end_sequence()) - { M_ASN1_D2I_get(ret->parameter,d2i_ASN1_TYPE); } - else - { - ASN1_TYPE_free(ret->parameter); - ret->parameter=NULL; - } - M_ASN1_D2I_Finish(a,X509_ALGOR_free,ASN1_F_D2I_X509_ALGOR); - } - -X509_ALGOR *X509_ALGOR_new(void) - { - X509_ALGOR *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_ALGOR); - ret->algorithm=OBJ_nid2obj(NID_undef); - ret->parameter=NULL; - return(ret); - M_ASN1_New_Error(ASN1_F_X509_ALGOR_NEW); - } +ASN1_SEQUENCE(X509_ALGOR) = { + ASN1_SIMPLE(X509_ALGOR, algorithm, ASN1_OBJECT), + ASN1_OPT(X509_ALGOR, parameter, ASN1_ANY) +} ASN1_SEQUENCE_END(X509_ALGOR); -void X509_ALGOR_free(X509_ALGOR *a) - { - if (a == NULL) return; - ASN1_OBJECT_free(a->algorithm); - ASN1_TYPE_free(a->parameter); - OPENSSL_free(a); - } +IMPLEMENT_ASN1_FUNCTIONS(X509_ALGOR) IMPLEMENT_STACK_OF(X509_ALGOR) IMPLEMENT_ASN1_SET_OF(X509_ALGOR) diff --git a/crypto/asn1/x_attrib.c b/crypto/asn1/x_attrib.c index 14e5ea27aa..3c0d3ab759 100644 --- a/crypto/asn1/x_attrib.c +++ b/crypto/asn1/x_attrib.c @@ -59,64 +59,41 @@ #include <stdio.h> #include "cryptlib.h" #include <openssl/objects.h> -#include <openssl/asn1_mac.h> +#include <openssl/asn1t.h> #include <openssl/x509.h> -/* sequence */ -int i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a, unsigned char **pp) - { - int k=0; - int r=0,ret=0; - unsigned char **p=NULL; - - if (a == NULL) return(0); - - p=NULL; - for (;;) - { - if (k) - { - r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); - if (pp == NULL) return(r); - p=pp; - ASN1_put_object(p,1,ret,V_ASN1_SEQUENCE, - V_ASN1_UNIVERSAL); - } - - ret+=i2d_ASN1_OBJECT(a->object,p); - if (a->set) - ret+=i2d_ASN1_SET_OF_ASN1_TYPE(a->value.set,p,i2d_ASN1_TYPE, - V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET); - else - ret+=i2d_ASN1_TYPE(a->value.single,p); - if (k++) return(r); - } - } - -X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a, unsigned char **pp, - long length) - { - M_ASN1_D2I_vars(a,X509_ATTRIBUTE *,X509_ATTRIBUTE_new); +/* X509_ATTRIBUTE: this has the following form: + * + * typedef struct x509_attributes_st + * { + * ASN1_OBJECT *object; + * int single; + * union { + * char *ptr; + * STACK_OF(ASN1_TYPE) *set; + * ASN1_TYPE *single; + * } value; + * } X509_ATTRIBUTE; + * + * this needs some extra thought because the CHOICE type is + * merged with the main structure and because the value can + * be anything at all we *must* try the SET OF first because + * the ASN1_ANY type will swallow anything including the whole + * SET OF structure. + */ - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT); +ASN1_CHOICE(X509_ATTRIBUTE_SET) = { + ASN1_SET_OF(X509_ATTRIBUTE, value.set, ASN1_ANY), + ASN1_SIMPLE(X509_ATTRIBUTE, value.single, ASN1_ANY) +} ASN1_CHOICE_END_selector(X509_ATTRIBUTE, X509_ATTRIBUTE_SET, single); - if ((c.slen != 0) && - (M_ASN1_next == (V_ASN1_CONSTRUCTED|V_ASN1_UNIVERSAL|V_ASN1_SET))) - { - ret->set=1; - M_ASN1_D2I_get_set_type(ASN1_TYPE,ret->value.set,d2i_ASN1_TYPE, - ASN1_TYPE_free); - } - else - { - ret->set=0; - M_ASN1_D2I_get(ret->value.single,d2i_ASN1_TYPE); - } +ASN1_SEQUENCE(X509_ATTRIBUTE) = { + ASN1_SIMPLE(X509_ATTRIBUTE, object, ASN1_OBJECT), + /* CHOICE type merged with parent */ + ASN1_EX_COMBINE(0, 0, X509_ATTRIBUTE_SET) +} ASN1_SEQUENCE_END(X509_ATTRIBUTE); - M_ASN1_D2I_Finish(a,X509_ATTRIBUTE_free,ASN1_F_D2I_X509_ATTRIBUTE); - } +IMPLEMENT_ASN1_FUNCTIONS(X509_ATTRIBUTE) X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value) { @@ -126,7 +103,7 @@ X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value) if ((ret=X509_ATTRIBUTE_new()) == NULL) return(NULL); ret->object=OBJ_nid2obj(nid); - ret->set=1; + ret->single=0; if ((ret->value.set=sk_ASN1_TYPE_new_null()) == NULL) goto err; if ((val=ASN1_TYPE_new()) == NULL) goto err; if (!sk_ASN1_TYPE_push(ret->value.set,val)) goto err; @@ -138,28 +115,3 @@ err: if (val != NULL) ASN1_TYPE_free(val); return(NULL); } - -X509_ATTRIBUTE *X509_ATTRIBUTE_new(void) - { - X509_ATTRIBUTE *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_ATTRIBUTE); - ret->object=OBJ_nid2obj(NID_undef); - ret->set=0; - ret->value.ptr=NULL; - return(ret); - M_ASN1_New_Error(ASN1_F_X509_ATTRIBUTE_NEW); - } - -void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a) - { - if (a == NULL) return; - ASN1_OBJECT_free(a->object); - if (a->set) - sk_ASN1_TYPE_pop_free(a->value.set,ASN1_TYPE_free); - else - ASN1_TYPE_free(a->value.single); - OPENSSL_free(a); - } - diff --git a/crypto/asn1/x_bignum.c b/crypto/asn1/x_bignum.c new file mode 100644 index 0000000000..6d59f5c8ba --- /dev/null +++ b/crypto/asn1/x_bignum.c @@ -0,0 +1,132 @@ +/* x_bignum.c */ +/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL + * project 2000. + */ +/* ==================================================================== + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include <stdio.h> +#include "cryptlib.h" +#include <openssl/asn1t.h> + +/* Custom primitive type for BIGNUM handling. This reads in an ASN1_INTEGER as a + * BIGNUM directly. Currently it ignores the sign which isn't a problem since all + * BIGNUMs used are non negative and anything that looks negative is normally due + * to an encoding error. + */ + +#define BN_SENSITIVE 1 + +static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it); +static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it); + +static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); +static int bn_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); + +static ASN1_PRIMITIVE_FUNCS bignum_pf = { + NULL, 0, + bn_new, + bn_free, + 0, + bn_c2i, + bn_i2c +}; + +const ASN1_ITEM BIGNUM_it = { ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &bignum_pf, 0, "BIGNUM"}; +const ASN1_ITEM CBIGNUM_it = { ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &bignum_pf, BN_SENSITIVE, "BIGNUM"}; + +static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + *pval = (ASN1_VALUE *)BN_new(); + if(*pval) return 1; + else return 0; +} + +static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + if(!*pval) return; + if(it->size & BN_SENSITIVE) BN_clear_free((BIGNUM *)*pval); + else BN_free((BIGNUM *)*pval); + *pval = NULL; +} + +static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it) +{ + BIGNUM *bn; + int pad; + if(!*pval) return -1; + bn = (BIGNUM *)*pval; + /* If MSB set in an octet we need a padding byte */ + if(BN_num_bits(bn) & 0x7) pad = 0; + else pad = 1; + if(cont) { + if(pad) *cont++ = 0; + BN_bn2bin(bn, cont); + } + return pad + BN_num_bytes(bn); +} + +static int bn_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it) +{ + BIGNUM *bn; + if(!*pval) bn_new(pval, it); + bn = (BIGNUM *)*pval; + if(!BN_bin2bn(cont, len, bn)) { + bn_free(pval, it); + return 0; + } + return 1; +} + + diff --git a/crypto/asn1/x_crl.c b/crypto/asn1/x_crl.c index 1f302d0e01..bf13df8161 100644 --- a/crypto/asn1/x_crl.c +++ b/crypto/asn1/x_crl.c @@ -58,275 +58,75 @@ #include <stdio.h> #include "cryptlib.h" -#include <openssl/asn1_mac.h> +#include <openssl/asn1t.h> #include <openssl/x509.h> static int X509_REVOKED_cmp(const X509_REVOKED * const *a, const X509_REVOKED * const *b); static int X509_REVOKED_seq_cmp(const X509_REVOKED * const *a, const X509_REVOKED * const *b); -int i2d_X509_REVOKED(X509_REVOKED *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->serialNumber,i2d_ASN1_INTEGER); - M_ASN1_I2D_len(a->revocationDate,i2d_ASN1_TIME); - M_ASN1_I2D_len_SEQUENCE_opt_type(X509_EXTENSION,a->extensions, - i2d_X509_EXTENSION); - - M_ASN1_I2D_seq_total(); - M_ASN1_I2D_put(a->serialNumber,i2d_ASN1_INTEGER); - M_ASN1_I2D_put(a->revocationDate,i2d_ASN1_TIME); - M_ASN1_I2D_put_SEQUENCE_opt_type(X509_EXTENSION,a->extensions, - i2d_X509_EXTENSION); - - M_ASN1_I2D_finish(); - } - -X509_REVOKED *d2i_X509_REVOKED(X509_REVOKED **a, unsigned char **pp, - long length) - { - M_ASN1_D2I_vars(a,X509_REVOKED *,X509_REVOKED_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->serialNumber,d2i_ASN1_INTEGER); - M_ASN1_D2I_get(ret->revocationDate,d2i_ASN1_TIME); - M_ASN1_D2I_get_seq_opt_type(X509_EXTENSION,ret->extensions, - d2i_X509_EXTENSION,X509_EXTENSION_free); - M_ASN1_D2I_Finish(a,X509_REVOKED_free,ASN1_F_D2I_X509_REVOKED); - } - -int i2d_X509_CRL_INFO(X509_CRL_INFO *a, unsigned char **pp) - { - int v1=0; - long l=0; +ASN1_SEQUENCE(X509_REVOKED) = { + ASN1_SIMPLE(X509_REVOKED,serialNumber, ASN1_INTEGER), + ASN1_SIMPLE(X509_REVOKED,revocationDate, ASN1_TIME), + ASN1_SEQUENCE_OF_OPT(X509_REVOKED,extensions, X509_EXTENSION) +} ASN1_SEQUENCE_END(X509_REVOKED); + +/* The X509_CRL_INFO structure needs a bit of customisation. This is actually + * mirroring the old behaviour: its purpose is to allow the use of + * sk_X509_REVOKED_find to lookup revoked certificates. Unfortunately + * this will zap the original order and the signature so we keep a copy + * of the original positions and reorder appropriately before encoding. + * + * Might want to see if there's a better way of doing this later... + */ +static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + X509_CRL_INFO *a = (X509_CRL_INFO *)*pval; + int i; int (*old_cmp)(const X509_REVOKED * const *, const X509_REVOKED * const *); - M_ASN1_I2D_vars(a); - - old_cmp=sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_seq_cmp); - sk_X509_REVOKED_sort(a->revoked); - sk_X509_REVOKED_set_cmp_func(a->revoked,old_cmp); - - if ((a->version != NULL) && ((l=ASN1_INTEGER_get(a->version)) != 0)) - { - M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER); - } - M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR); - M_ASN1_I2D_len(a->issuer,i2d_X509_NAME); - M_ASN1_I2D_len(a->lastUpdate,i2d_ASN1_TIME); - if (a->nextUpdate != NULL) - { M_ASN1_I2D_len(a->nextUpdate,i2d_ASN1_TIME); } - M_ASN1_I2D_len_SEQUENCE_opt_type(X509_REVOKED,a->revoked, - i2d_X509_REVOKED); - M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions, - i2d_X509_EXTENSION,0, - V_ASN1_SEQUENCE,v1); - - M_ASN1_I2D_seq_total(); - - if ((a->version != NULL) && (l != 0)) - { - M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER); - } - M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR); - M_ASN1_I2D_put(a->issuer,i2d_X509_NAME); - M_ASN1_I2D_put(a->lastUpdate,i2d_ASN1_TIME); - if (a->nextUpdate != NULL) - { M_ASN1_I2D_put(a->nextUpdate,i2d_ASN1_TIME); } - M_ASN1_I2D_put_SEQUENCE_opt_type(X509_REVOKED,a->revoked, - i2d_X509_REVOKED); - M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions, - i2d_X509_EXTENSION,0, - V_ASN1_SEQUENCE,v1); - M_ASN1_I2D_finish(); - } - -X509_CRL_INFO *d2i_X509_CRL_INFO(X509_CRL_INFO **a, unsigned char **pp, - long length) - { - int i,ver=0; - M_ASN1_D2I_vars(a,X509_CRL_INFO *,X509_CRL_INFO_new); - - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get_opt(ret->version,d2i_ASN1_INTEGER,V_ASN1_INTEGER); - if (ret->version != NULL) - ver=ret->version->data[0]; - - if ((ver == 0) && (ret->version != NULL)) - { - M_ASN1_INTEGER_free(ret->version); - ret->version=NULL; - } - M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR); - M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME); - M_ASN1_D2I_get(ret->lastUpdate,d2i_ASN1_TIME); - /* Manually handle the OPTIONAL ASN1_TIME stuff */ - /* First try UTCTime */ - M_ASN1_D2I_get_opt(ret->nextUpdate,d2i_ASN1_UTCTIME, V_ASN1_UTCTIME); - /* If that doesn't work try GeneralizedTime */ - if(!ret->nextUpdate) - M_ASN1_D2I_get_opt(ret->nextUpdate,d2i_ASN1_GENERALIZEDTIME, - V_ASN1_GENERALIZEDTIME); - if (ret->revoked != NULL) - { - while (sk_X509_REVOKED_num(ret->revoked)) - X509_REVOKED_free(sk_X509_REVOKED_pop(ret->revoked)); - } - M_ASN1_D2I_get_seq_opt_type(X509_REVOKED,ret->revoked,d2i_X509_REVOKED, - X509_REVOKED_free); - - if (ret->revoked != NULL) - { - for (i=0; i<sk_X509_REVOKED_num(ret->revoked); i++) - { - sk_X509_REVOKED_value(ret->revoked,i)->sequence=i; - } - } - - if (ret->extensions != NULL) - { - while (sk_X509_EXTENSION_num(ret->extensions)) - X509_EXTENSION_free( - sk_X509_EXTENSION_pop(ret->extensions)); - } - - M_ASN1_D2I_get_EXP_set_opt_type(X509_EXTENSION,ret->extensions, - d2i_X509_EXTENSION, - X509_EXTENSION_free,0, - V_ASN1_SEQUENCE); - - M_ASN1_D2I_Finish(a,X509_CRL_INFO_free,ASN1_F_D2I_X509_CRL_INFO); - } - -int i2d_X509_CRL(X509_CRL *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->crl,i2d_X509_CRL_INFO); - M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR); - M_ASN1_I2D_len(a->signature,i2d_ASN1_BIT_STRING); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->crl,i2d_X509_CRL_INFO); - M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR); - M_ASN1_I2D_put(a->signature,i2d_ASN1_BIT_STRING); - - M_ASN1_I2D_finish(); - } - -X509_CRL *d2i_X509_CRL(X509_CRL **a, unsigned char **pp, long length) - { - M_ASN1_D2I_vars(a,X509_CRL *,X509_CRL_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->crl,d2i_X509_CRL_INFO); - M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR); - M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING); - - M_ASN1_D2I_Finish(a,X509_CRL_free,ASN1_F_D2I_X509_CRL); - } - - -X509_REVOKED *X509_REVOKED_new(void) - { - X509_REVOKED *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_REVOKED); - M_ASN1_New(ret->serialNumber,M_ASN1_INTEGER_new); - M_ASN1_New(ret->revocationDate,M_ASN1_UTCTIME_new); - ret->extensions=NULL; - return(ret); - M_ASN1_New_Error(ASN1_F_X509_REVOKED_NEW); - } - -X509_CRL_INFO *X509_CRL_INFO_new(void) - { - X509_CRL_INFO *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_CRL_INFO); - ret->version=NULL; - M_ASN1_New(ret->sig_alg,X509_ALGOR_new); - M_ASN1_New(ret->issuer,X509_NAME_new); - M_ASN1_New(ret->lastUpdate,M_ASN1_UTCTIME_new); - ret->nextUpdate=NULL; - M_ASN1_New(ret->revoked,sk_X509_REVOKED_new_null); - M_ASN1_New(ret->extensions,sk_X509_EXTENSION_new_null); - sk_X509_REVOKED_set_cmp_func(ret->revoked,X509_REVOKED_cmp); - return(ret); - M_ASN1_New_Error(ASN1_F_X509_CRL_INFO_NEW); - } - -X509_CRL *X509_CRL_new(void) - { - X509_CRL *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_CRL); - ret->references=1; - M_ASN1_New(ret->crl,X509_CRL_INFO_new); - M_ASN1_New(ret->sig_alg,X509_ALGOR_new); - M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new); - return(ret); - M_ASN1_New_Error(ASN1_F_X509_CRL_NEW); - } - -void X509_REVOKED_free(X509_REVOKED *a) - { - if (a == NULL) return; - M_ASN1_INTEGER_free(a->serialNumber); - M_ASN1_UTCTIME_free(a->revocationDate); - sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free); - OPENSSL_free(a); - } - -void X509_CRL_INFO_free(X509_CRL_INFO *a) - { - if (a == NULL) return; - M_ASN1_INTEGER_free(a->version); - X509_ALGOR_free(a->sig_alg); - X509_NAME_free(a->issuer); - M_ASN1_UTCTIME_free(a->lastUpdate); - if (a->nextUpdate) - M_ASN1_UTCTIME_free(a->nextUpdate); - sk_X509_REVOKED_pop_free(a->revoked,X509_REVOKED_free); - sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free); - OPENSSL_free(a); - } - -void X509_CRL_free(X509_CRL *a) - { - int i; - - if (a == NULL) return; - - i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_CRL); -#ifdef REF_PRINT - REF_PRINT("X509_CRL",a); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"X509_CRL_free, bad reference count\n"); - abort(); - } -#endif - - X509_CRL_INFO_free(a->crl); - X509_ALGOR_free(a->sig_alg); - M_ASN1_BIT_STRING_free(a->signature); - OPENSSL_free(a); + if(!a || !a->revoked) return 1; + switch(operation) { + + /* Save original order */ + case ASN1_OP_D2I_POST: + for (i=0; i<sk_X509_REVOKED_num(a->revoked); i++) + sk_X509_REVOKED_value(a->revoked,i)->sequence=i; + sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_cmp); + break; + + /* Restore original order */ + case ASN1_OP_I2D_PRE: + old_cmp=sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_seq_cmp); + sk_X509_REVOKED_sort(a->revoked); + sk_X509_REVOKED_set_cmp_func(a->revoked,old_cmp); + break; } + return 1; +} + + +ASN1_SEQUENCE_cb(X509_CRL_INFO, crl_inf_cb) = { + ASN1_OPT(X509_CRL_INFO, version, ASN1_INTEGER), + ASN1_SIMPLE(X509_CRL_INFO, sig_alg, X509_ALGOR), + ASN1_SIMPLE(X509_CRL_INFO, issuer, X509_NAME), + ASN1_SIMPLE(X509_CRL_INFO, lastUpdate, ASN1_TIME), + ASN1_OPT(X509_CRL_INFO, nextUpdate, ASN1_TIME), + ASN1_SEQUENCE_OF_OPT(X509_CRL_INFO, revoked, X509_REVOKED), + ASN1_EXP_SEQUENCE_OF_OPT(X509_CRL_INFO, extensions, X509_EXTENSION, 0) +} ASN1_SEQUENCE_END_cb(X509_CRL_INFO, X509_CRL_INFO); + +ASN1_SEQUENCE_ref(X509_CRL, 0, CRYPTO_LOCK_X509_CRL) = { + ASN1_SIMPLE(X509_CRL, crl, X509_CRL_INFO), + ASN1_SIMPLE(X509_CRL, sig_alg, X509_ALGOR), + ASN1_SIMPLE(X509_CRL, signature, ASN1_BIT_STRING) +} ASN1_SEQUENCE_END_ref(X509_CRL, X509_CRL); + +IMPLEMENT_ASN1_FUNCTIONS(X509_REVOKED) +IMPLEMENT_ASN1_FUNCTIONS(X509_CRL_INFO) +IMPLEMENT_ASN1_FUNCTIONS(X509_CRL) static int X509_REVOKED_cmp(const X509_REVOKED * const *a, const X509_REVOKED * const *b) @@ -342,6 +142,19 @@ static int X509_REVOKED_seq_cmp(const X509_REVOKED * const *a, return((*a)->sequence-(*b)->sequence); } +int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev) +{ + X509_CRL_INFO *inf; + inf = crl->crl; + if(!inf->revoked) + inf->revoked = sk_X509_REVOKED_new(X509_REVOKED_cmp); + if(!inf->revoked || !sk_X509_REVOKED_push(inf->revoked, rev)) { + ASN1err(ASN1_F_X509_CRL_ADD0_REVOKED, ERR_R_MALLOC_FAILURE); + return 0; + } + return 1; +} + IMPLEMENT_STACK_OF(X509_REVOKED) IMPLEMENT_ASN1_SET_OF(X509_REVOKED) IMPLEMENT_STACK_OF(X509_CRL) diff --git a/crypto/asn1/x_exten.c b/crypto/asn1/x_exten.c index fbfd963b40..97e13f8dd1 100644 --- a/crypto/asn1/x_exten.c +++ b/crypto/asn1/x_exten.c @@ -1,139 +1,70 @@ -/* crypto/asn1/x_exten.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* x_exten.c */ +/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL + * project 2000. + */ +/* ==================================================================== + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * */ -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/objects.h> -#include <openssl/asn1_mac.h> +#include <stddef.h> #include <openssl/x509.h> +#include <openssl/asn1.h> +#include <openssl/asn1t.h> -int i2d_X509_EXTENSION(X509_EXTENSION *a, unsigned char **pp) - { - int k=0; - int r=0,ret=0; - unsigned char **p=NULL; - - if (a == NULL) return(0); - - p=NULL; - for (;;) - { - if (k) - { - r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); - if (pp == NULL) return(r); - p=pp; - ASN1_put_object(p,1,ret,V_ASN1_SEQUENCE, - V_ASN1_UNIVERSAL); - } - - ret+=i2d_ASN1_OBJECT(a->object,p); - if ((a->critical) || a->netscape_hack) - ret+=i2d_ASN1_BOOLEAN(a->critical,p); - ret+=i2d_ASN1_OCTET_STRING(a->value,p); - if (k++) return(r); - } - } - -X509_EXTENSION *d2i_X509_EXTENSION(X509_EXTENSION **a, unsigned char **pp, - long length) - { - int i; - M_ASN1_D2I_vars(a,X509_EXTENSION *,X509_EXTENSION_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT); - - ret->netscape_hack=0; - if ((c.slen != 0) && - (M_ASN1_next == (V_ASN1_UNIVERSAL|V_ASN1_BOOLEAN))) - { - c.q=c.p; - if (d2i_ASN1_BOOLEAN(&i,&c.p,c.slen) < 0) goto err; - ret->critical=i; - c.slen-=(c.p-c.q); - if (ret->critical == 0) ret->netscape_hack=1; - } - M_ASN1_D2I_get(ret->value,d2i_ASN1_OCTET_STRING); - - M_ASN1_D2I_Finish(a,X509_EXTENSION_free,ASN1_F_D2I_X509_EXTENSION); - } - -X509_EXTENSION *X509_EXTENSION_new(void) - { - X509_EXTENSION *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_EXTENSION); - ret->object=OBJ_nid2obj(NID_undef); - M_ASN1_New(ret->value,M_ASN1_OCTET_STRING_new); - ret->critical=0; - ret->netscape_hack=0; - return(ret); - M_ASN1_New_Error(ASN1_F_X509_EXTENSION_NEW); - } - -void X509_EXTENSION_free(X509_EXTENSION *a) - { - if (a == NULL) return; - ASN1_OBJECT_free(a->object); - M_ASN1_OCTET_STRING_free(a->value); - OPENSSL_free(a); - } +ASN1_SEQUENCE(X509_EXTENSION) = { + ASN1_SIMPLE(X509_EXTENSION, object, ASN1_OBJECT), + ASN1_OPT(X509_EXTENSION, critical, ASN1_BOOLEAN), + ASN1_SIMPLE(X509_EXTENSION, value, ASN1_OCTET_STRING) +} ASN1_SEQUENCE_END(X509_EXTENSION); +IMPLEMENT_ASN1_FUNCTIONS(X509_EXTENSION) diff --git a/crypto/asn1/x_info.c b/crypto/asn1/x_info.c index 5e62fc2f6f..d44f6cdb01 100644 --- a/crypto/asn1/x_info.c +++ b/crypto/asn1/x_info.c @@ -59,7 +59,7 @@ #include <stdio.h> #include "cryptlib.h" #include <openssl/evp.h> -#include <openssl/asn1_mac.h> +#include <openssl/asn1.h> #include <openssl/x509.h> X509_INFO *X509_INFO_new(void) diff --git a/crypto/asn1/x_long.c b/crypto/asn1/x_long.c new file mode 100644 index 0000000000..845bc2df01 --- /dev/null +++ b/crypto/asn1/x_long.c @@ -0,0 +1,158 @@ +/* x_long.c */ +/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL + * project 2000. + */ +/* ==================================================================== + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include <stdio.h> +#include "cryptlib.h" +#include <openssl/asn1t.h> + +/* Custom primitive type for long handling. This converts between an ASN1_INTEGER + * and a long directly. + */ + + +static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it); +static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it); + +static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it); +static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it); + +static ASN1_PRIMITIVE_FUNCS long_pf = { + NULL, 0, + long_new, + long_free, + long_free, /* Clear should set to initial value */ + long_c2i, + long_i2c +}; + +const ASN1_ITEM LONG_it = { ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, ASN1_LONG_UNDEF, "LONG"}; +const ASN1_ITEM ZLONG_it = { ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, 0, "ZLONG"}; + +static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + *(long *)pval = it->size; + return 1; +} + +static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + *(long *)pval = it->size; +} + +static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it) +{ + long ltmp; + unsigned long utmp; + int clen, pad, i; + ltmp = *(long *)pval; + if(ltmp == it->size) return -1; + /* Convert the long to positive: we subtract one if negative so + * we can cleanly handle the padding if only the MSB of the leading + * octet is set. + */ + if(ltmp < 0) utmp = -ltmp - 1; + else utmp = ltmp; + clen = BN_num_bits_word(utmp); + /* If MSB of leading octet set we need to pad */ + if(!(clen & 0x7)) pad = 1; + else pad = 0; + + /* Convert number of bits to number of octets */ + clen = (clen + 7) >> 3; + + if(cont) { + if(pad) *cont++ = (ltmp < 0) ? 0xff : 0; + for(i = clen - 1; i >= 0; i--) { + cont[i] = (unsigned char)(utmp & 0xff); + if(ltmp < 0) cont[i] ^= 0xff; + utmp >>= 8; + } + } + return clen + pad; +} + +static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it) +{ + int neg, i; + long ltmp; + unsigned long utmp = 0; + if(len > sizeof(long)) { + ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); + return 0; + } + /* Is it negative? */ + if(len && (cont[0] & 0x80)) neg = 1; + else neg = 0; + utmp = 0; + for(i = 0; i < len; i++) { + utmp <<= 8; + if(neg) utmp |= cont[i] ^ 0xff; + else utmp |= cont[i]; + } + ltmp = (long)utmp; + if(neg) { + ltmp++; + ltmp = -ltmp; + } + if(ltmp == it->size) { + ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG); + return 0; + } + *(long *)pval = ltmp; + return 1; +} diff --git a/crypto/asn1/x_name.c b/crypto/asn1/x_name.c index b832deb928..5da0669492 100644 --- a/crypto/asn1/x_name.c +++ b/crypto/asn1/x_name.c @@ -58,204 +58,188 @@ #include <stdio.h> #include "cryptlib.h" -#include <openssl/objects.h> -#include <openssl/asn1_mac.h> +#include <openssl/asn1t.h> #include <openssl/x509.h> -static int i2d_X509_NAME_entries(X509_NAME *a); -int i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->object,i2d_ASN1_OBJECT); - M_ASN1_I2D_len(a->value,i2d_ASN1_PRINTABLE); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->object,i2d_ASN1_OBJECT); - M_ASN1_I2D_put(a->value,i2d_ASN1_PRINTABLE); - - M_ASN1_I2D_finish(); - } - -X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **a, unsigned char **pp, - long length) - { - M_ASN1_D2I_vars(a,X509_NAME_ENTRY *,X509_NAME_ENTRY_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT); - M_ASN1_D2I_get(ret->value,d2i_ASN1_PRINTABLE); - ret->set=0; - M_ASN1_D2I_Finish(a,X509_NAME_ENTRY_free,ASN1_F_D2I_X509_NAME_ENTRY); - } - -int i2d_X509_NAME(X509_NAME *a, unsigned char **pp) - { - int ret; - - if (a == NULL) return(0); - if (a->modified) - { - ret=i2d_X509_NAME_entries(a); - if (ret < 0) return(ret); - } - - ret=a->bytes->length; - if (pp != NULL) - { - memcpy(*pp,a->bytes->data,ret); - *pp+=ret; - } - return(ret); - } +static int x509_name_ex_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it, + int tag, int aclass, char opt, ASN1_TLC *ctx); -static int i2d_X509_NAME_entries(X509_NAME *a) - { - X509_NAME_ENTRY *ne,*fe=NULL; - STACK_OF(X509_NAME_ENTRY) *sk; - BUF_MEM *buf=NULL; - int set=0,r,ret=0; - int i; - unsigned char *p; - int size=0; +static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass); +static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it); +static void x509_name_ex_free(ASN1_VALUE **val, const ASN1_ITEM *it); - sk=a->entries; - for (i=0; i<sk_X509_NAME_ENTRY_num(sk); i++) - { - ne=sk_X509_NAME_ENTRY_value(sk,i); - if (fe == NULL) - { - fe=ne; - size=0; - } +static int x509_name_encode(X509_NAME *a); - if (ne->set != set) - { - ret+=ASN1_object_size(1,size,V_ASN1_SET); - fe->size=size; - fe=ne; - size=0; - set=ne->set; - } - size+=i2d_X509_NAME_ENTRY(ne,NULL); - } - - ret+=ASN1_object_size(1,size,V_ASN1_SET); - if (fe != NULL) - fe->size=size; - - r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); +ASN1_SEQUENCE(X509_NAME_ENTRY) = { + ASN1_SIMPLE(X509_NAME_ENTRY, object, ASN1_OBJECT), + ASN1_SIMPLE(X509_NAME_ENTRY, value, ASN1_PRINTABLE) +} ASN1_SEQUENCE_END(X509_NAME_ENTRY); - buf=a->bytes; - if (!BUF_MEM_grow(buf,r)) goto err; - p=(unsigned char *)buf->data; +IMPLEMENT_ASN1_FUNCTIONS(X509_NAME_ENTRY) - ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); - - set= -1; - for (i=0; i<sk_X509_NAME_ENTRY_num(sk); i++) - { - ne=sk_X509_NAME_ENTRY_value(sk,i); - if (set != ne->set) - { - set=ne->set; - ASN1_put_object(&p,1,ne->size, - V_ASN1_SET,V_ASN1_UNIVERSAL); - } - i2d_X509_NAME_ENTRY(ne,&p); - } - a->modified=0; - return(r); -err: - return(-1); - } +/* For the "Name" type we need a SEQUENCE OF { SET OF X509_NAME_ENTRY } + * so declare two template wrappers for this + */ -X509_NAME *d2i_X509_NAME(X509_NAME **a, unsigned char **pp, long length) - { - int set=0,i; - int idx=0; - unsigned char *orig; - M_ASN1_D2I_vars(a,X509_NAME *,X509_NAME_new); +ASN1_ITEM_TEMPLATE(X509_NAME_ENTRIES) = + ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, RDNS, X509_NAME_ENTRY) +ASN1_ITEM_TEMPLATE_END(X509_NAME_ENTRIES); - orig= *pp; - if (sk_X509_NAME_ENTRY_num(ret->entries) > 0) - { - while (sk_X509_NAME_ENTRY_num(ret->entries) > 0) - X509_NAME_ENTRY_free( - sk_X509_NAME_ENTRY_pop(ret->entries)); - } +ASN1_ITEM_TEMPLATE(X509_NAME_INTERNAL) = + ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Name, X509_NAME_ENTRIES) +ASN1_ITEM_TEMPLATE_END(X509_NAME_INTERNAL); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - for (;;) - { - if (M_ASN1_D2I_end_sequence()) break; - M_ASN1_D2I_get_set_type(X509_NAME_ENTRY,ret->entries, - d2i_X509_NAME_ENTRY, - X509_NAME_ENTRY_free); - for (; idx < sk_X509_NAME_ENTRY_num(ret->entries); idx++) - { - sk_X509_NAME_ENTRY_value(ret->entries,idx)->set=set; - } - set++; - } +/* Normally that's where it would end: we'd have two nested STACK structures + * representing the ASN1. Unfortunately X509_NAME uses a completely different + * form and caches encodings so we have to process the internal form and convert + * to the external form. + */ - i=(int)(c.p-orig); - if (!BUF_MEM_grow(ret->bytes,i)) goto err; - memcpy(ret->bytes->data,orig,i); - ret->bytes->length=i; - ret->modified=0; +const ASN1_EXTERN_FUNCS x509_name_ff = { + NULL, + x509_name_ex_new, + x509_name_ex_free, + 0, /* Default clear behaviour is OK */ + x509_name_ex_d2i, + x509_name_ex_i2d +}; - M_ASN1_D2I_Finish(a,X509_NAME_free,ASN1_F_D2I_X509_NAME); - } +IMPLEMENT_EXTERN_ASN1(X509_NAME, V_ASN1_SEQUENCE, x509_name_ff) -X509_NAME *X509_NAME_new(void) - { - X509_NAME *ret=NULL; - ASN1_CTX c; +IMPLEMENT_ASN1_FUNCTIONS(X509_NAME) - M_ASN1_New_Malloc(ret,X509_NAME); +static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it) +{ + X509_NAME *ret = NULL; + ret = OPENSSL_malloc(sizeof(X509_NAME)); + if(!ret) goto memerr; if ((ret->entries=sk_X509_NAME_ENTRY_new_null()) == NULL) - { c.line=__LINE__; goto err2; } - M_ASN1_New(ret->bytes,BUF_MEM_new); + goto memerr; + if((ret->bytes = BUF_MEM_new()) == NULL) goto memerr; ret->modified=1; - return(ret); - M_ASN1_New_Error(ASN1_F_X509_NAME_NEW); - } - -X509_NAME_ENTRY *X509_NAME_ENTRY_new(void) - { - X509_NAME_ENTRY *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_NAME_ENTRY); -/* M_ASN1_New(ret->object,ASN1_OBJECT_new);*/ - ret->object=NULL; - ret->set=0; - M_ASN1_New(ret->value,ASN1_STRING_new); - return(ret); - M_ASN1_New_Error(ASN1_F_X509_NAME_ENTRY_NEW); - } - -void X509_NAME_free(X509_NAME *a) - { - if(a == NULL) + *val = (ASN1_VALUE *)ret; + return 1; + memerr: + ASN1err(ASN1_F_X509_NAME_NEW, ERR_R_MALLOC_FAILURE); + return 0; +} + +static void x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + X509_NAME *a; + if(!pval || !*pval) return; + a = (X509_NAME *)*pval; BUF_MEM_free(a->bytes); sk_X509_NAME_ENTRY_pop_free(a->entries,X509_NAME_ENTRY_free); OPENSSL_free(a); + *pval = NULL; +} + +/* Used with sk_pop_free() to free up the internal representation. + * NB: we only free the STACK and not its contents because it is + * already present in the X509_NAME structure. + */ + +static void sk_internal_free(void *a) +{ + sk_free(a); +} + +static int x509_name_ex_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it, + int tag, int aclass, char opt, ASN1_TLC *ctx) +{ + unsigned char *p = *in, *q; + STACK *intname = NULL; + int i, j, ret; + X509_NAME *nm = NULL; + STACK_OF(X509_NAME_ENTRY) *entries; + X509_NAME_ENTRY *entry; + q = p; + + /* Get internal representation of Name */ + ret = ASN1_item_ex_d2i((ASN1_VALUE **)&intname, &p, len, &X509_NAME_INTERNAL_it, + tag, aclass, opt, ctx); + + if(ret <= 0) return ret; + + if(*val) x509_name_ex_free(val, NULL); + if(!x509_name_ex_new((ASN1_VALUE **)&nm, NULL)) goto err; + /* We've decoded it: now cache encoding */ + if(!BUF_MEM_grow(nm->bytes, p - q)) goto err; + memcpy(nm->bytes->data, q, p - q); + + /* Convert internal representation to X509_NAME structure */ + for(i = 0; i < sk_num(intname); i++) { + entries = (STACK_OF(X509_NAME_ENTRY) *)sk_value(intname, i); + for(j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) { + entry = sk_X509_NAME_ENTRY_value(entries, j); + entry->set = i; + if(!sk_X509_NAME_ENTRY_push(nm->entries, entry)) + goto err; + } + sk_X509_NAME_ENTRY_free(entries); } + sk_free(intname); + nm->modified = 0; + *val = (ASN1_VALUE *)nm; + *in = p; + return ret; + err: + ASN1err(ASN1_F_D2I_X509_NAME, ERR_R_NESTED_ASN1_ERROR); + return 0; +} + +static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass) +{ + int ret; + X509_NAME *a = (X509_NAME *)*val; + if(a->modified) { + ret = x509_name_encode((X509_NAME *)a); + if(ret < 0) return ret; + } + ret = a->bytes->length; + if(out != NULL) { + memcpy(*out,a->bytes->data,ret); + *out+=ret; + } + return ret; +} -void X509_NAME_ENTRY_free(X509_NAME_ENTRY *a) - { - if (a == NULL) return; - ASN1_OBJECT_free(a->object); - M_ASN1_BIT_STRING_free(a->value); - OPENSSL_free(a); +static int x509_name_encode(X509_NAME *a) +{ + STACK *intname = NULL; + int len; + unsigned char *p; + STACK_OF(X509_NAME_ENTRY) *entries = NULL; + X509_NAME_ENTRY *entry; + int i, set = -1; + intname = sk_new_null(); + if(!intname) goto memerr; + for(i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) { + entry = sk_X509_NAME_ENTRY_value(a->entries, i); + if(entry->set != set) { + entries = sk_X509_NAME_ENTRY_new_null(); + if(!entries) goto memerr; + if(!sk_push(intname, (char *)entries)) goto memerr; + set = entry->set; + } + if(!sk_X509_NAME_ENTRY_push(entries, entry)) goto memerr; } + len = ASN1_item_ex_i2d((ASN1_VALUE **)&intname, NULL, &X509_NAME_INTERNAL_it, -1, -1); + if (!BUF_MEM_grow(a->bytes,len)) goto memerr; + p=(unsigned char *)a->bytes->data; + ASN1_item_ex_i2d((ASN1_VALUE **)&intname, &p, &X509_NAME_INTERNAL_it, -1, -1); + sk_pop_free(intname, sk_internal_free); + a->modified = 0; + return len; + memerr: + sk_pop_free(intname, sk_internal_free); + ASN1err(ASN1_F_D2I_X509_NAME, ERR_R_MALLOC_FAILURE); + return -1; +} + int X509_NAME_set(X509_NAME **xn, X509_NAME *name) { diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c index 8d1dbce22e..8cef2cfb17 100644 --- a/crypto/asn1/x_pubkey.c +++ b/crypto/asn1/x_pubkey.c @@ -58,62 +58,25 @@ #include <stdio.h> #include "cryptlib.h" -#include <openssl/asn1_mac.h> +#include <openssl/asn1t.h> #include <openssl/x509.h> -int i2d_X509_PUBKEY(X509_PUBKEY *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR); - M_ASN1_I2D_len(a->public_key, i2d_ASN1_BIT_STRING); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR); - M_ASN1_I2D_put(a->public_key, i2d_ASN1_BIT_STRING); - - M_ASN1_I2D_finish(); - } - -X509_PUBKEY *d2i_X509_PUBKEY(X509_PUBKEY **a, unsigned char **pp, - long length) - { - M_ASN1_D2I_vars(a,X509_PUBKEY *,X509_PUBKEY_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR); - M_ASN1_D2I_get(ret->public_key,d2i_ASN1_BIT_STRING); - if (ret->pkey != NULL) - { - EVP_PKEY_free(ret->pkey); - ret->pkey=NULL; - } - M_ASN1_D2I_Finish(a,X509_PUBKEY_free,ASN1_F_D2I_X509_PUBKEY); +/* Minor tweak to operation: free up EVP_PKEY */ +static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + if(operation == ASN1_OP_FREE_POST) { + X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval; + EVP_PKEY_free(pubkey->pkey); } + return 1; +} -X509_PUBKEY *X509_PUBKEY_new(void) - { - X509_PUBKEY *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_PUBKEY); - M_ASN1_New(ret->algor,X509_ALGOR_new); - M_ASN1_New(ret->public_key,M_ASN1_BIT_STRING_new); - ret->pkey=NULL; - return(ret); - M_ASN1_New_Error(ASN1_F_X509_PUBKEY_NEW); - } +ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = { + ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR), + ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING) +} ASN1_SEQUENCE_END_cb(X509_PUBKEY, X509_PUBKEY); -void X509_PUBKEY_free(X509_PUBKEY *a) - { - if (a == NULL) return; - X509_ALGOR_free(a->algor); - M_ASN1_BIT_STRING_free(a->public_key); - if (a->pkey != NULL) EVP_PKEY_free(a->pkey); - OPENSSL_free(a); - } +IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY) int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey) { diff --git a/crypto/asn1/x_req.c b/crypto/asn1/x_req.c index 6dddd4f653..84a5ca65df 100644 --- a/crypto/asn1/x_req.c +++ b/crypto/asn1/x_req.c @@ -58,200 +58,54 @@ #include <stdio.h> #include "cryptlib.h" -#include <openssl/asn1_mac.h> +#include <openssl/asn1t.h> #include <openssl/x509.h> -int i2d_X509_REQ_INFO(X509_REQ_INFO *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - if(a->asn1) { - if(pp) { - memcpy(*pp, a->asn1, a->length); - *pp += a->length; - } - return a->length; - } - - M_ASN1_I2D_len(a->version, i2d_ASN1_INTEGER); - M_ASN1_I2D_len(a->subject, i2d_X509_NAME); - M_ASN1_I2D_len(a->pubkey, i2d_X509_PUBKEY); - - /* this is a *nasty* hack reported to be required to - * allow some CA Software to accept the cert request. - * It is not following the PKCS standards ... - * PKCS#10 pg 5 - * attributes [0] IMPLICIT Attributes - * NOTE: no OPTIONAL ... so it *must* be there - */ - if (a->req_kludge) - { - M_ASN1_I2D_len_IMP_SET_opt_type(X509_ATTRIBUTE,a->attributes,i2d_X509_ATTRIBUTE,0); - } - else - { - M_ASN1_I2D_len_IMP_SET_type(X509_ATTRIBUTE,a->attributes, - i2d_X509_ATTRIBUTE,0); - } - - M_ASN1_I2D_seq_total(); - M_ASN1_I2D_put(a->version, i2d_ASN1_INTEGER); - M_ASN1_I2D_put(a->subject, i2d_X509_NAME); - M_ASN1_I2D_put(a->pubkey, i2d_X509_PUBKEY); +/* X509_REQ_INFO is handled in an unusual way to get round + * invalid encodings. Some broken certificate requests don't + * encode the attributes field if it is empty. This is in + * violation of PKCS#10 but we need to tolerate it. We do + * this by making the attributes field OPTIONAL then using + * the callback to initialise it to an empty STACK. + * + * This means that the field will be correctly encoded unless + * we NULL out the field. + * + * As a result we no longer need the req_kludge field because + * the information is now contained in the attributes field: + * 1. If it is NULL then it's the invalid omission. + * 2. If it is empty it is the correct encoding. + * 3. If it is not empty then some attributes are present. + * + */ - /* this is a *nasty* hack reported to be required by some CA's. - * It is not following the PKCS standards ... - * PKCS#10 pg 5 - * attributes [0] IMPLICIT Attributes - * NOTE: no OPTIONAL ... so it *must* be there - */ - if (a->req_kludge) - { - M_ASN1_I2D_put_IMP_SET_opt_type(X509_ATTRIBUTE,a->attributes, - i2d_X509_ATTRIBUTE,0); - } - else - { - M_ASN1_I2D_put_IMP_SET_type(X509_ATTRIBUTE,a->attributes, - i2d_X509_ATTRIBUTE,0); - } +static int rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + X509_REQ_INFO *rinf = (X509_REQ_INFO *)*pval; - M_ASN1_I2D_finish(); + if(operation == ASN1_OP_NEW_POST) { + rinf->attributes = sk_X509_ATTRIBUTE_new_null(); + if(!rinf->attributes) return 0; } - -X509_REQ_INFO *d2i_X509_REQ_INFO(X509_REQ_INFO **a, unsigned char **pp, - long length) - { - M_ASN1_D2I_vars(a,X509_REQ_INFO *,X509_REQ_INFO_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER); - M_ASN1_D2I_get(ret->subject,d2i_X509_NAME); - M_ASN1_D2I_get(ret->pubkey,d2i_X509_PUBKEY); - - /* this is a *nasty* hack to allow for some CA's that - * have been reported as requiring it. - * It is not following the PKCS standards ... - * PKCS#10 pg 5 - * attributes [0] IMPLICIT Attributes - * NOTE: no OPTIONAL ... so it *must* be there + return 1; +} + +ASN1_SEQUENCE_enc(X509_REQ_INFO, enc, rinf_cb) = { + ASN1_SIMPLE(X509_REQ_INFO, version, ASN1_INTEGER), + ASN1_SIMPLE(X509_REQ_INFO, subject, X509_NAME), + ASN1_SIMPLE(X509_REQ_INFO, pubkey, X509_PUBKEY), + /* This isn't really OPTIONAL but it gets round invalid + * encodings */ - if (asn1_Finish(&c)) - ret->req_kludge=1; - else - { - M_ASN1_D2I_get_IMP_set_type(X509_ATTRIBUTE,ret->attributes, - d2i_X509_ATTRIBUTE, - X509_ATTRIBUTE_free,0); - } - - M_ASN1_D2I_Finish(a,X509_REQ_INFO_free,ASN1_F_D2I_X509_REQ_INFO); - } - -X509_REQ_INFO *X509_REQ_INFO_new(void) - { - X509_REQ_INFO *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_REQ_INFO); - M_ASN1_New(ret->version,M_ASN1_INTEGER_new); - M_ASN1_New(ret->subject,X509_NAME_new); - M_ASN1_New(ret->pubkey,X509_PUBKEY_new); - M_ASN1_New(ret->attributes,sk_X509_ATTRIBUTE_new_null); - ret->req_kludge=0; - ret->asn1 = NULL; - return(ret); - M_ASN1_New_Error(ASN1_F_X509_REQ_INFO_NEW); - } - -void X509_REQ_INFO_free(X509_REQ_INFO *a) - { - if (a == NULL) return; - if(a->asn1) OPENSSL_free(a->asn1); - M_ASN1_INTEGER_free(a->version); - X509_NAME_free(a->subject); - X509_PUBKEY_free(a->pubkey); - sk_X509_ATTRIBUTE_pop_free(a->attributes,X509_ATTRIBUTE_free); - OPENSSL_free(a); - } + ASN1_IMP_SET_OF_OPT(X509_REQ_INFO, attributes, X509_ATTRIBUTE, 0) +} ASN1_SEQUENCE_END_enc(X509_REQ_INFO, X509_REQ_INFO); -int i2d_X509_REQ(X509_REQ *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - M_ASN1_I2D_len(a->req_info, i2d_X509_REQ_INFO); - M_ASN1_I2D_len(a->sig_alg, i2d_X509_ALGOR); - M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->req_info, i2d_X509_REQ_INFO); - M_ASN1_I2D_put(a->sig_alg, i2d_X509_ALGOR); - M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING); - - M_ASN1_I2D_finish(); - } - -X509_REQ *d2i_X509_REQ(X509_REQ **a, unsigned char **pp, long length) - { - M_ASN1_D2I_vars(a,X509_REQ *,X509_REQ_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->req_info,d2i_X509_REQ_INFO); - - /* Keep a copy of the original encoding for signature checking */ - ret->req_info->length = c.p - c.q; - if(!(ret->req_info->asn1 = OPENSSL_malloc(ret->req_info->length))) { - c.line=__LINE__; - c.error = ERR_R_MALLOC_FAILURE; - goto err; - } - - memcpy(ret->req_info->asn1, c.q, ret->req_info->length); - - M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR); - M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING); - M_ASN1_D2I_Finish(a,X509_REQ_free,ASN1_F_D2I_X509_REQ); - } - -X509_REQ *X509_REQ_new(void) - { - X509_REQ *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_REQ); - ret->references=1; - M_ASN1_New(ret->req_info,X509_REQ_INFO_new); - M_ASN1_New(ret->sig_alg,X509_ALGOR_new); - M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new); - return(ret); - M_ASN1_New_Error(ASN1_F_X509_REQ_NEW); - } - -void X509_REQ_free(X509_REQ *a) - { - int i; - - if (a == NULL) return; - - i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_REQ); -#ifdef REF_PRINT - REF_PRINT("X509_REQ",a); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"X509_REQ_free, bad reference count\n"); - abort(); - } -#endif - - X509_REQ_INFO_free(a->req_info); - X509_ALGOR_free(a->sig_alg); - M_ASN1_BIT_STRING_free(a->signature); - OPENSSL_free(a); - } +IMPLEMENT_ASN1_FUNCTIONS(X509_REQ_INFO) +ASN1_SEQUENCE_ref(X509_REQ, 0, CRYPTO_LOCK_X509_INFO) = { + ASN1_SIMPLE(X509_REQ, req_info, X509_REQ_INFO), + ASN1_SIMPLE(X509_REQ, sig_alg, X509_ALGOR), + ASN1_SIMPLE(X509_REQ, signature, ASN1_BIT_STRING) +} ASN1_SEQUENCE_END_ref(X509_REQ, X509_REQ); +IMPLEMENT_ASN1_FUNCTIONS(X509_REQ) diff --git a/crypto/asn1/x_sig.c b/crypto/asn1/x_sig.c index d79f147647..e53d0a3057 100644 --- a/crypto/asn1/x_sig.c +++ b/crypto/asn1/x_sig.c @@ -58,53 +58,12 @@ #include <stdio.h> #include "cryptlib.h" -#include <openssl/asn1_mac.h> +#include <openssl/asn1t.h> #include <openssl/x509.h> -int i2d_X509_SIG(X509_SIG *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR); - M_ASN1_I2D_len(a->digest, i2d_ASN1_OCTET_STRING); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR); - M_ASN1_I2D_put(a->digest, i2d_ASN1_OCTET_STRING); - - M_ASN1_I2D_finish(); - } - -X509_SIG *d2i_X509_SIG(X509_SIG **a, unsigned char **pp, long length) - { - M_ASN1_D2I_vars(a,X509_SIG *,X509_SIG_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR); - M_ASN1_D2I_get(ret->digest,d2i_ASN1_OCTET_STRING); - M_ASN1_D2I_Finish(a,X509_SIG_free,ASN1_F_D2I_X509_SIG); - } - -X509_SIG *X509_SIG_new(void) - { - X509_SIG *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_SIG); - M_ASN1_New(ret->algor,X509_ALGOR_new); - M_ASN1_New(ret->digest,M_ASN1_OCTET_STRING_new); - return(ret); - M_ASN1_New_Error(ASN1_F_X509_SIG_NEW); - } - -void X509_SIG_free(X509_SIG *a) - { - if (a == NULL) return; - X509_ALGOR_free(a->algor); - M_ASN1_OCTET_STRING_free(a->digest); - OPENSSL_free(a); - } - +ASN1_SEQUENCE(X509_SIG) = { + ASN1_SIMPLE(X509_SIG, algor, X509_ALGOR), + ASN1_SIMPLE(X509_SIG, digest, ASN1_OCTET_STRING) +} ASN1_SEQUENCE_END(X509_SIG); +IMPLEMENT_ASN1_FUNCTIONS(X509_SIG) diff --git a/crypto/asn1/x_spki.c b/crypto/asn1/x_spki.c index 4f01888f7d..87dfb41b3e 100644 --- a/crypto/asn1/x_spki.c +++ b/crypto/asn1/x_spki.c @@ -63,104 +63,19 @@ #include <stdio.h> #include "cryptlib.h" #include <openssl/x509.h> -#include <openssl/asn1_mac.h> +#include <openssl/asn1t.h> -int i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); +ASN1_SEQUENCE(NETSCAPE_SPKAC) = { + ASN1_SIMPLE(NETSCAPE_SPKAC, pubkey, X509_PUBKEY), + ASN1_SIMPLE(NETSCAPE_SPKAC, challenge, ASN1_IA5STRING) +} ASN1_SEQUENCE_END(NETSCAPE_SPKAC); - M_ASN1_I2D_len(a->pubkey, i2d_X509_PUBKEY); - M_ASN1_I2D_len(a->challenge, i2d_ASN1_IA5STRING); +IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_SPKAC) - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->pubkey, i2d_X509_PUBKEY); - M_ASN1_I2D_put(a->challenge, i2d_ASN1_IA5STRING); - - M_ASN1_I2D_finish(); - } - -NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a, unsigned char **pp, - long length) - { - M_ASN1_D2I_vars(a,NETSCAPE_SPKAC *,NETSCAPE_SPKAC_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->pubkey,d2i_X509_PUBKEY); - M_ASN1_D2I_get(ret->challenge,d2i_ASN1_IA5STRING); - M_ASN1_D2I_Finish(a,NETSCAPE_SPKAC_free,ASN1_F_D2I_NETSCAPE_SPKAC); - } - -NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(void) - { - NETSCAPE_SPKAC *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,NETSCAPE_SPKAC); - M_ASN1_New(ret->pubkey,X509_PUBKEY_new); - M_ASN1_New(ret->challenge,M_ASN1_IA5STRING_new); - return(ret); - M_ASN1_New_Error(ASN1_F_NETSCAPE_SPKAC_NEW); - } - -void NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a) - { - if (a == NULL) return; - X509_PUBKEY_free(a->pubkey); - M_ASN1_IA5STRING_free(a->challenge); - OPENSSL_free(a); - } - -int i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->spkac, i2d_NETSCAPE_SPKAC); - M_ASN1_I2D_len(a->sig_algor, i2d_X509_ALGOR); - M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->spkac, i2d_NETSCAPE_SPKAC); - M_ASN1_I2D_put(a->sig_algor, i2d_X509_ALGOR); - M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING); - - M_ASN1_I2D_finish(); - } - -NETSCAPE_SPKI *d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **a, unsigned char **pp, - long length) - { - M_ASN1_D2I_vars(a,NETSCAPE_SPKI *,NETSCAPE_SPKI_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->spkac,d2i_NETSCAPE_SPKAC); - M_ASN1_D2I_get(ret->sig_algor,d2i_X509_ALGOR); - M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING); - M_ASN1_D2I_Finish(a,NETSCAPE_SPKI_free,ASN1_F_D2I_NETSCAPE_SPKI); - } - -NETSCAPE_SPKI *NETSCAPE_SPKI_new(void) - { - NETSCAPE_SPKI *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,NETSCAPE_SPKI); - M_ASN1_New(ret->spkac,NETSCAPE_SPKAC_new); - M_ASN1_New(ret->sig_algor,X509_ALGOR_new); - M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new); - return(ret); - M_ASN1_New_Error(ASN1_F_NETSCAPE_SPKI_NEW); - } - -void NETSCAPE_SPKI_free(NETSCAPE_SPKI *a) - { - if (a == NULL) return; - NETSCAPE_SPKAC_free(a->spkac); - X509_ALGOR_free(a->sig_algor); - M_ASN1_BIT_STRING_free(a->signature); - OPENSSL_free(a); - } +ASN1_SEQUENCE(NETSCAPE_SPKI) = { + ASN1_SIMPLE(NETSCAPE_SPKI, spkac, NETSCAPE_SPKAC), + ASN1_SIMPLE(NETSCAPE_SPKI, sig_algor, X509_ALGOR), + ASN1_SIMPLE(NETSCAPE_SPKI, signature, ASN1_BIT_STRING) +} ASN1_SEQUENCE_END(NETSCAPE_SPKI); +IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_SPKI) diff --git a/crypto/asn1/x_val.c b/crypto/asn1/x_val.c index 0f8f020b57..48edf88e81 100644 --- a/crypto/asn1/x_val.c +++ b/crypto/asn1/x_val.c @@ -58,52 +58,10 @@ #include <stdio.h> #include "cryptlib.h" -#include <openssl/asn1_mac.h> +#include <openssl/asn1t.h> #include <openssl/x509.h> -int i2d_X509_VAL(X509_VAL *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->notBefore,i2d_ASN1_TIME); - M_ASN1_I2D_len(a->notAfter,i2d_ASN1_TIME); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->notBefore,i2d_ASN1_TIME); - M_ASN1_I2D_put(a->notAfter,i2d_ASN1_TIME); - - M_ASN1_I2D_finish(); - } - -X509_VAL *d2i_X509_VAL(X509_VAL **a, unsigned char **pp, long length) - { - M_ASN1_D2I_vars(a,X509_VAL *,X509_VAL_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->notBefore,d2i_ASN1_TIME); - M_ASN1_D2I_get(ret->notAfter,d2i_ASN1_TIME); - M_ASN1_D2I_Finish(a,X509_VAL_free,ASN1_F_D2I_X509_VAL); - } - -X509_VAL *X509_VAL_new(void) - { - X509_VAL *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509_VAL); - M_ASN1_New(ret->notBefore,M_ASN1_TIME_new); - M_ASN1_New(ret->notAfter,M_ASN1_TIME_new); - return(ret); - M_ASN1_New_Error(ASN1_F_X509_VAL_NEW); - } - -void X509_VAL_free(X509_VAL *a) - { - if (a == NULL) return; - M_ASN1_TIME_free(a->notBefore); - M_ASN1_TIME_free(a->notAfter); - OPENSSL_free(a); - } - +ASN1_SEQUENCE(X509_VAL) = { + ASN1_SIMPLE(X509_VAL, notBefore, ASN1_TIME), + ASN1_SIMPLE(X509_VAL, notAfter, ASN1_TIME) +} ASN1_SEQUENCE_END(X509_VAL); diff --git a/crypto/asn1/x_x509.c b/crypto/asn1/x_x509.c index 61ba856b17..3209583f7c 100644 --- a/crypto/asn1/x_x509.c +++ b/crypto/asn1/x_x509.c @@ -59,107 +59,83 @@ #include <stdio.h> #include "cryptlib.h" #include <openssl/evp.h> -#include <openssl/asn1_mac.h> +#include <openssl/asn1t.h> #include <openssl/x509.h> #include <openssl/x509v3.h> static int x509_meth_num = 0; static STACK_OF(CRYPTO_EX_DATA_FUNCS) *x509_meth = NULL; -static ASN1_METHOD meth={ - (int (*)()) i2d_X509, - (char *(*)())d2i_X509, - (char *(*)())X509_new, - (void (*)()) X509_free}; +ASN1_SEQUENCE(X509_CINF) = { + ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0), + ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER), + ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR), + ASN1_SIMPLE(X509_CINF, issuer, X509_NAME), + ASN1_SIMPLE(X509_CINF, validity, X509_VAL), + ASN1_SIMPLE(X509_CINF, subject, X509_NAME), + ASN1_SIMPLE(X509_CINF, key, X509_PUBKEY), + ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1), + ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2), + ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3) +} ASN1_SEQUENCE_END(X509_CINF); + +IMPLEMENT_ASN1_FUNCTIONS(X509_CINF) +/* X509 top level structure needs a bit of customisation */ + +static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + X509 *ret = (X509 *)*pval; + + switch(operation) { + + case ASN1_OP_NEW_POST: + ret->valid=0; + ret->name = NULL; + ret->ex_flags = 0; + ret->ex_pathlen = -1; + ret->skid = NULL; + ret->akid = NULL; + ret->aux = NULL; + CRYPTO_new_ex_data(x509_meth, ret, &ret->ex_data); + break; + + case ASN1_OP_D2I_POST: + if (ret->name != NULL) OPENSSL_free(ret->name); + ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0); + break; + + case ASN1_OP_FREE_POST: + CRYPTO_free_ex_data(x509_meth,ret,&ret->ex_data); + X509_CERT_AUX_free(ret->aux); + ASN1_OCTET_STRING_free(ret->skid); + AUTHORITY_KEYID_free(ret->akid); + + if (ret->name != NULL) OPENSSL_free(ret->name); + break; -ASN1_METHOD *X509_asn1_meth(void) - { - return(&meth); } -int i2d_X509(X509 *a, unsigned char **pp) - { - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->cert_info, i2d_X509_CINF); - M_ASN1_I2D_len(a->sig_alg, i2d_X509_ALGOR); - M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING); + return 1; - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->cert_info, i2d_X509_CINF); - M_ASN1_I2D_put(a->sig_alg, i2d_X509_ALGOR); - M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING); - - M_ASN1_I2D_finish(); - } - -X509 *d2i_X509(X509 **a, unsigned char **pp, long length) - { - M_ASN1_D2I_vars(a,X509 *,X509_new); +} - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->cert_info,d2i_X509_CINF); - M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR); - M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING); - if (ret->name != NULL) OPENSSL_free(ret->name); - ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0); +ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = { + ASN1_SIMPLE(X509, cert_info, X509_CINF), + ASN1_SIMPLE(X509, sig_alg, X509_ALGOR), + ASN1_SIMPLE(X509, signature, ASN1_BIT_STRING) +} ASN1_SEQUENCE_END_ref(X509, X509); - M_ASN1_D2I_Finish(a,X509_free,ASN1_F_D2I_X509); - } +IMPLEMENT_ASN1_FUNCTIONS(X509) -X509 *X509_new(void) - { - X509 *ret=NULL; - ASN1_CTX c; - - M_ASN1_New_Malloc(ret,X509); - ret->valid=0; - ret->references=1; - ret->name = NULL; - ret->ex_flags = 0; - ret->ex_pathlen = -1; - ret->skid = NULL; - ret->akid = NULL; - ret->aux = NULL; - M_ASN1_New(ret->cert_info,X509_CINF_new); - M_ASN1_New(ret->sig_alg,X509_ALGOR_new); - M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new); - CRYPTO_new_ex_data(x509_meth, ret, &ret->ex_data); - return(ret); - M_ASN1_New_Error(ASN1_F_X509_NEW); - } +static ASN1_METHOD meth={ + (int (*)()) i2d_X509, + (char *(*)())d2i_X509, + (char *(*)())X509_new, + (void (*)()) X509_free}; -void X509_free(X509 *a) +ASN1_METHOD *X509_asn1_meth(void) { - int i; - - if (a == NULL) return; - - i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509); -#ifdef REF_PRINT - REF_PRINT("X509",a); -#endif - if (i > 0) return; -#ifdef REF_CHECK - if (i < 0) - { - fprintf(stderr,"X509_free, bad reference count\n"); - abort(); - } -#endif - - CRYPTO_free_ex_data(x509_meth,a,&a->ex_data); - X509_CINF_free(a->cert_info); - X509_ALGOR_free(a->sig_alg); - M_ASN1_BIT_STRING_free(a->signature); - X509_CERT_AUX_free(a->aux); - ASN1_OCTET_STRING_free(a->skid); - AUTHORITY_KEYID_free(a->akid); - - if (a->name != NULL) OPENSSL_free(a->name); - OPENSSL_free(a); + return(&meth); } int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, diff --git a/crypto/asn1/x_x509a.c b/crypto/asn1/x_x509a.c index ebcce87bf2..67d7fff642 100644 --- a/crypto/asn1/x_x509a.c +++ b/crypto/asn1/x_x509a.c @@ -59,7 +59,7 @@ #include <stdio.h> #include "cryptlib.h" #include <openssl/evp.h> -#include <openssl/asn1_mac.h> +#include <openssl/asn1t.h> #include <openssl/x509.h> /* X509_CERT_AUX routines. These are used to encode additional @@ -71,72 +71,15 @@ static X509_CERT_AUX *aux_get(X509 *x); -X509_CERT_AUX *d2i_X509_CERT_AUX(X509_CERT_AUX **a, unsigned char **pp, long length) -{ - M_ASN1_D2I_vars(a, X509_CERT_AUX *, X509_CERT_AUX_new); - - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - - M_ASN1_D2I_get_seq_opt_type(ASN1_OBJECT, ret->trust, - d2i_ASN1_OBJECT, ASN1_OBJECT_free); - M_ASN1_D2I_get_IMP_set_opt_type(ASN1_OBJECT, ret->reject, - d2i_ASN1_OBJECT, ASN1_OBJECT_free, 0); - M_ASN1_D2I_get_opt(ret->alias, d2i_ASN1_UTF8STRING, V_ASN1_UTF8STRING); - M_ASN1_D2I_get_opt(ret->keyid, d2i_ASN1_OCTET_STRING, V_ASN1_OCTET_STRING); - M_ASN1_D2I_get_IMP_set_opt_type(X509_ALGOR, ret->other, - d2i_X509_ALGOR, X509_ALGOR_free, 1); - - M_ASN1_D2I_Finish(a, X509_CERT_AUX_free, ASN1_F_D2I_X509_CERT_AUX); -} - -X509_CERT_AUX *X509_CERT_AUX_new() -{ - X509_CERT_AUX *ret = NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, X509_CERT_AUX); - ret->trust = NULL; - ret->reject = NULL; - ret->alias = NULL; - ret->keyid = NULL; - ret->other = NULL; - return(ret); - M_ASN1_New_Error(ASN1_F_X509_CERT_AUX_NEW); -} - -void X509_CERT_AUX_free(X509_CERT_AUX *a) -{ - if(a == NULL) return; - sk_ASN1_OBJECT_pop_free(a->trust, ASN1_OBJECT_free); - sk_ASN1_OBJECT_pop_free(a->reject, ASN1_OBJECT_free); - ASN1_UTF8STRING_free(a->alias); - ASN1_OCTET_STRING_free(a->keyid); - sk_X509_ALGOR_pop_free(a->other, X509_ALGOR_free); - OPENSSL_free(a); -} - -int i2d_X509_CERT_AUX(X509_CERT_AUX *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len_SEQUENCE_opt_type(ASN1_OBJECT, a->trust, i2d_ASN1_OBJECT); - M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(ASN1_OBJECT, a->reject, i2d_ASN1_OBJECT, 0); - - M_ASN1_I2D_len(a->alias, i2d_ASN1_UTF8STRING); - M_ASN1_I2D_len(a->keyid, i2d_ASN1_OCTET_STRING); - M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(X509_ALGOR, a->other, i2d_X509_ALGOR, 1); +ASN1_SEQUENCE(X509_CERT_AUX) = { + ASN1_SEQUENCE_OF_OPT(X509_CERT_AUX, trust, ASN1_OBJECT), + ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, reject, ASN1_OBJECT, 0), + ASN1_OPT(X509_CERT_AUX, alias, ASN1_UTF8STRING), + ASN1_OPT(X509_CERT_AUX, keyid, ASN1_OCTET_STRING), + ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, other, X509_ALGOR, 1) +} ASN1_SEQUENCE_END(X509_CERT_AUX); - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put_SEQUENCE_opt_type(ASN1_OBJECT, a->trust, i2d_ASN1_OBJECT); - M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(ASN1_OBJECT, a->reject, i2d_ASN1_OBJECT, 0); - - M_ASN1_I2D_put(a->alias, i2d_ASN1_UTF8STRING); - M_ASN1_I2D_put(a->keyid, i2d_ASN1_OCTET_STRING); - M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(X509_ALGOR, a->other, i2d_X509_ALGOR, 1); - - M_ASN1_I2D_finish(); -} +IMPLEMENT_ASN1_FUNCTIONS(X509_CERT_AUX) static X509_CERT_AUX *aux_get(X509 *x) { diff --git a/crypto/dh/Makefile.ssl b/crypto/dh/Makefile.ssl index 470cca3b4c..ccbac65a92 100644 --- a/crypto/dh/Makefile.ssl +++ b/crypto/dh/Makefile.ssl @@ -22,8 +22,8 @@ TEST= dhtest.c APPS= LIB=$(TOP)/libcrypto.a -LIBSRC= dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c -LIBOBJ= dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o +LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c +LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o SRC= $(LIBSRC) @@ -79,6 +79,16 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. +dh_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +dh_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +dh_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +dh_asn1.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h +dh_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +dh_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h +dh_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +dh_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h +dh_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +dh_asn1.o: ../cryptlib.h dh_check.o: ../../include/openssl/bio.h ../../include/openssl/bn.h dh_check.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dh_check.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h diff --git a/crypto/asn1/a_null.c b/crypto/dh/dh_asn1.c index 119fd784be..1f26be7ae7 100644 --- a/crypto/asn1/a_null.c +++ b/crypto/dh/dh_asn1.c @@ -1,9 +1,9 @@ -/* a_null.c */ +/* dh_asn1.c */ /* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL - * project 1999. + * project 2000. */ /* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -58,62 +58,30 @@ #include <stdio.h> #include "cryptlib.h" -#include <openssl/asn1.h> +#include <openssl/bn.h> +#include <openssl/dh.h> +#include <openssl/objects.h> +#include <openssl/asn1t.h> -/* ASN1 functions for NULL type. For compatibility with other ASN1 code - * it returns a pointer to an "ASN1_NULL" structure. The new/free functions - * don't need to do any allocating because nothing is stored in a NULL. - */ - -int i2d_ASN1_NULL(ASN1_NULL *a, unsigned char **pp) - { - if(!a) return 0; - if (pp) ASN1_put_object(pp,0,0,V_ASN1_NULL,V_ASN1_UNIVERSAL); - return 2; - } - -ASN1_NULL *d2i_ASN1_NULL(ASN1_NULL **a, unsigned char **pp, long length) - { - ASN1_NULL *ret = NULL; - unsigned char *p; - long len; - int inf,tag,xclass; - int i=0; - - p= *pp; - inf=ASN1_get_object(&p,&len,&tag,&xclass,length); - if (inf & 0x80) - { - i=ASN1_R_BAD_OBJECT_HEADER; - goto err; - } - - if (tag != V_ASN1_NULL) - { - i=ASN1_R_EXPECTING_A_NULL; - goto err; - } - - if (len != 0) - { - i=ASN1_R_NULL_IS_WRONG_LENGTH; - goto err; - } - ret=(ASN1_NULL *)1; - if (a != NULL) (*a)=ret; - *pp=p; - return(ret); -err: - ASN1err(ASN1_F_D2I_ASN1_NULL,i); - return(ret); - } - -ASN1_NULL *ASN1_NULL_new(void) +/* Override the default free and new methods */ +static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) { - return (ASN1_NULL *)1; + if(operation == ASN1_OP_NEW_PRE) { + *pval = (ASN1_VALUE *)DH_new(); + if(*pval) return 2; + return 0; + } else if(operation == ASN1_OP_FREE_PRE) { + DH_free((DH *)*pval); + *pval = NULL; + return 2; + } + return 1; } -void ASN1_NULL_free(ASN1_NULL *a) -{ - return; -} +ASN1_SEQUENCE_cb(DHparams, dh_cb) = { + ASN1_SIMPLE(DH, p, BIGNUM), + ASN1_SIMPLE(DH, g, BIGNUM), + ASN1_OPT(DH, length, ZLONG), +} ASN1_SEQUENCE_END_cb(DH, DHparams); + +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DH, DHparams, DHparams) diff --git a/crypto/dsa/Makefile.ssl b/crypto/dsa/Makefile.ssl index effcbb708e..e7351630e0 100644 --- a/crypto/dsa/Makefile.ssl +++ b/crypto/dsa/Makefile.ssl @@ -81,7 +81,7 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -dsa_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +dsa_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h dsa_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h dsa_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h dsa_asn1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h index 4608b0f75e..9d72647808 100644 --- a/crypto/dsa/dsa.h +++ b/crypto/dsa/dsa.h @@ -246,6 +246,7 @@ DH *DSA_dup_DH(const DSA *r); #define DSA_F_DSA_SIG_NEW 109 #define DSA_F_DSA_VERIFY 108 #define DSA_F_I2D_DSA_SIG 111 +#define DSA_F_SIG_CB 114 /* Reason codes. */ #define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100 diff --git a/crypto/dsa/dsa_asn1.c b/crypto/dsa/dsa_asn1.c index 134fbeebf8..fba2f73023 100644 --- a/crypto/dsa/dsa_asn1.c +++ b/crypto/dsa/dsa_asn1.c @@ -1,97 +1,140 @@ -/* crypto/dsa/dsa_asn1.c */ +/* dsa_asn1.c */ +/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL + * project 2000. + */ +/* ==================================================================== + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ #include <stdio.h> #include "cryptlib.h" #include <openssl/dsa.h> #include <openssl/asn1.h> -#include <openssl/asn1_mac.h> +#include <openssl/asn1t.h> -DSA_SIG *DSA_SIG_new(void) +/* Override the default new methods */ +static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) { - DSA_SIG *ret; - - ret = OPENSSL_malloc(sizeof(DSA_SIG)); - if (ret == NULL) - { - DSAerr(DSA_F_DSA_SIG_NEW,ERR_R_MALLOC_FAILURE); - return(NULL); - } - ret->r = NULL; - ret->s = NULL; - return(ret); + if(operation == ASN1_OP_NEW_PRE) { + DSA_SIG *sig; + sig = OPENSSL_malloc(sizeof(DSA_SIG)); + sig->r = NULL; + sig->s = NULL; + *pval = (ASN1_VALUE *)sig; + if(sig) return 2; + DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE); + return 0; + } + return 1; } -void DSA_SIG_free(DSA_SIG *r) +ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = { + ASN1_SIMPLE(DSA_SIG, r, CBIGNUM), + ASN1_SIMPLE(DSA_SIG, s, CBIGNUM) +} ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG); + +IMPLEMENT_ASN1_FUNCTIONS_const(DSA_SIG) + +/* Override the default free and new methods */ +static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) { - if (r == NULL) return; - if (r->r) BN_clear_free(r->r); - if (r->s) BN_clear_free(r->s); - OPENSSL_free(r); + if(operation == ASN1_OP_NEW_PRE) { + *pval = (ASN1_VALUE *)DSA_new(); + if(*pval) return 2; + return 0; + } else if(operation == ASN1_OP_FREE_PRE) { + DSA_free((DSA *)*pval); + *pval = NULL; + return 2; + } + return 1; } -int i2d_DSA_SIG(const DSA_SIG *v, unsigned char **pp) -{ - int t=0,len; - ASN1_INTEGER rbs,sbs; - unsigned char *p; +ASN1_SEQUENCE_cb(DSAPrivateKey, dsa_cb) = { + ASN1_SIMPLE(DSA, version, LONG), + ASN1_SIMPLE(DSA, p, BIGNUM), + ASN1_SIMPLE(DSA, q, BIGNUM), + ASN1_SIMPLE(DSA, g, BIGNUM), + ASN1_SIMPLE(DSA, pub_key, BIGNUM), + ASN1_SIMPLE(DSA, priv_key, BIGNUM) +} ASN1_SEQUENCE_END_cb(DSA, DSAPrivateKey); - rbs.data=OPENSSL_malloc(BN_num_bits(v->r)/8+1); - if (rbs.data == NULL) - { - DSAerr(DSA_F_I2D_DSA_SIG, ERR_R_MALLOC_FAILURE); - return(0); - } - rbs.type=V_ASN1_INTEGER; - rbs.length=BN_bn2bin(v->r,rbs.data); - sbs.data=OPENSSL_malloc(BN_num_bits(v->s)/8+1); - if (sbs.data == NULL) - { - OPENSSL_free(rbs.data); - DSAerr(DSA_F_I2D_DSA_SIG, ERR_R_MALLOC_FAILURE); - return(0); - } - sbs.type=V_ASN1_INTEGER; - sbs.length=BN_bn2bin(v->s,sbs.data); +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPrivateKey, DSAPrivateKey) - len=i2d_ASN1_INTEGER(&rbs,NULL); - len+=i2d_ASN1_INTEGER(&sbs,NULL); +ASN1_SEQUENCE_cb(DSAparams, dsa_cb) = { + ASN1_SIMPLE(DSA, p, BIGNUM), + ASN1_SIMPLE(DSA, q, BIGNUM), + ASN1_SIMPLE(DSA, g, BIGNUM), +} ASN1_SEQUENCE_END_cb(DSA, DSAparams); - if (pp) - { - p=*pp; - ASN1_put_object(&p,1,len,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); - i2d_ASN1_INTEGER(&rbs,&p); - i2d_ASN1_INTEGER(&sbs,&p); - } - t=ASN1_object_size(1,len,V_ASN1_SEQUENCE); - OPENSSL_free(rbs.data); - OPENSSL_free(sbs.data); - return(t); -} +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAparams, DSAparams) -DSA_SIG *d2i_DSA_SIG(DSA_SIG **a, const unsigned char **pp, long length) -{ - int i=ERR_R_NESTED_ASN1_ERROR; - ASN1_INTEGER *bs=NULL; - M_ASN1_D2I_vars(a,DSA_SIG *,DSA_SIG_new); +/* DSA public key is a bit trickier... its effectively a CHOICE type + * decided by a field called write_params which can either write out + * just the public key as an INTEGER or the parameters and public key + * in a SEQUENCE + */ - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->r=BN_bin2bn(bs->data,bs->length,ret->r)) == NULL) - goto err_bn; - M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER); - if ((ret->s=BN_bin2bn(bs->data,bs->length,ret->s)) == NULL) - goto err_bn; - M_ASN1_BIT_STRING_free(bs); - bs = NULL; - M_ASN1_D2I_Finish_2(a); +ASN1_SEQUENCE(dsa_pub_internal) = { + ASN1_SIMPLE(DSA, pub_key, BIGNUM), + ASN1_SIMPLE(DSA, p, BIGNUM), + ASN1_SIMPLE(DSA, q, BIGNUM), + ASN1_SIMPLE(DSA, g, BIGNUM) +} ASN1_SEQUENCE_END_name(DSA, dsa_pub_internal); -err_bn: - i=ERR_R_BN_LIB; -err: - DSAerr(DSA_F_D2I_DSA_SIG,i); - if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_SIG_free(ret); - if (bs != NULL) M_ASN1_BIT_STRING_free(bs); - return(NULL); -} +ASN1_CHOICE_cb(DSAPublicKey, dsa_cb) = { + ASN1_SIMPLE(DSA, pub_key, BIGNUM), + ASN1_EX_COMBINE(0, 0, dsa_pub_internal) +} ASN1_CHOICE_END_cb(DSA, DSAPublicKey, write_params); + +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey) diff --git a/crypto/dsa/dsa_err.c b/crypto/dsa/dsa_err.c index 2b3ab3a9ad..37ecc18393 100644 --- a/crypto/dsa/dsa_err.c +++ b/crypto/dsa/dsa_err.c @@ -79,6 +79,7 @@ static ERR_STRING_DATA DSA_str_functs[]= {ERR_PACK(0,DSA_F_DSA_SIG_NEW,0), "DSA_SIG_new"}, {ERR_PACK(0,DSA_F_DSA_VERIFY,0), "DSA_verify"}, {ERR_PACK(0,DSA_F_I2D_DSA_SIG,0), "i2d_DSA_SIG"}, +{ERR_PACK(0,DSA_F_SIG_CB,0), "SIG_CB"}, {0,NULL} }; diff --git a/crypto/pkcs12/Makefile.ssl b/crypto/pkcs12/Makefile.ssl index 4ed1b2654f..794185354e 100644 --- a/crypto/pkcs12/Makefile.ssl +++ b/crypto/pkcs12/Makefile.ssl @@ -22,12 +22,12 @@ TEST= APPS= LIB=$(TOP)/libcrypto.a -LIBSRC= p12_add.c p12_attr.c p12_bags.c p12_crpt.c p12_crt.c p12_decr.c \ - p12_init.c p12_key.c p12_kiss.c p12_lib.c p12_mac.c p12_mutl.c\ - p12_sbag.c p12_utl.c p12_npas.c pk12err.c -LIBOBJ= p12_add.o p12_attr.o p12_bags.o p12_crpt.o p12_crt.o p12_decr.o \ - p12_init.o p12_key.o p12_kiss.o p12_lib.o p12_mac.o p12_mutl.o\ - p12_sbag.o p12_utl.o p12_npas.o pk12err.o +LIBSRC= p12_add.c p12_asn.c p12_attr.c p12_crpt.c p12_crt.c p12_decr.c \ + p12_init.c p12_key.c p12_kiss.c p12_mutl.c\ + p12_utl.c p12_npas.c pk12err.c +LIBOBJ= p12_add.o p12_asn.o p12_attr.o p12_crpt.o p12_crt.o p12_decr.o \ + p12_init.o p12_key.o p12_kiss.o p12_mutl.o\ + p12_utl.o p12_npas.o pk12err.o SRC= $(LIBSRC) @@ -105,6 +105,27 @@ p12_add.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h p12_add.o: ../../include/openssl/sha.h ../../include/openssl/stack.h p12_add.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h p12_add.o: ../../include/openssl/x509_vfy.h ../cryptlib.h +p12_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +p12_asn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +p12_asn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h +p12_asn.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h +p12_asn.o: ../../include/openssl/des.h ../../include/openssl/dh.h +p12_asn.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h +p12_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +p12_asn.o: ../../include/openssl/evp.h ../../include/openssl/idea.h +p12_asn.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h +p12_asn.o: ../../include/openssl/md4.h ../../include/openssl/md5.h +p12_asn.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +p12_asn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +p12_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h +p12_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h +p12_asn.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h +p12_asn.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h +p12_asn.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h +p12_asn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h +p12_asn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h +p12_asn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h +p12_asn.o: ../cryptlib.h p12_attr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p12_attr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p12_attr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -126,27 +147,6 @@ p12_attr.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h p12_attr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h p12_attr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h p12_attr.o: ../cryptlib.h -p12_bags.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -p12_bags.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p12_bags.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p12_bags.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p12_bags.o: ../../include/openssl/des.h ../../include/openssl/dh.h -p12_bags.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -p12_bags.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p12_bags.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p12_bags.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p12_bags.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p12_bags.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p12_bags.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p12_bags.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h -p12_bags.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p12_bags.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_bags.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h -p12_bags.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p12_bags.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p12_bags.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_bags.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_bags.o: ../cryptlib.h p12_crpt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p12_crpt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p12_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -271,48 +271,6 @@ p12_kiss.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h p12_kiss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h p12_kiss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h p12_kiss.o: ../cryptlib.h -p12_lib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -p12_lib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p12_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p12_lib.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p12_lib.o: ../../include/openssl/des.h ../../include/openssl/dh.h -p12_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -p12_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p12_lib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p12_lib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p12_lib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p12_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p12_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p12_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h -p12_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p12_lib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_lib.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h -p12_lib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p12_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p12_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_lib.o: ../cryptlib.h -p12_mac.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -p12_mac.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p12_mac.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p12_mac.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p12_mac.o: ../../include/openssl/des.h ../../include/openssl/dh.h -p12_mac.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -p12_mac.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p12_mac.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p12_mac.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p12_mac.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p12_mac.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p12_mac.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p12_mac.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h -p12_mac.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p12_mac.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_mac.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h -p12_mac.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p12_mac.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p12_mac.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_mac.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_mac.o: ../cryptlib.h p12_mutl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p12_mutl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p12_mutl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h @@ -354,27 +312,6 @@ p12_npas.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h p12_npas.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h p12_npas.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h p12_npas.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_sbag.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -p12_sbag.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -p12_sbag.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -p12_sbag.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -p12_sbag.o: ../../include/openssl/des.h ../../include/openssl/dh.h -p12_sbag.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -p12_sbag.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -p12_sbag.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -p12_sbag.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -p12_sbag.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -p12_sbag.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -p12_sbag.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p12_sbag.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h -p12_sbag.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h -p12_sbag.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h -p12_sbag.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h -p12_sbag.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h -p12_sbag.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p12_sbag.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p12_sbag.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p12_sbag.o: ../cryptlib.h p12_utl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h p12_utl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h p12_utl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h diff --git a/crypto/pkcs12/p12_asn.c b/crypto/pkcs12/p12_asn.c new file mode 100644 index 0000000000..cbee7336d9 --- /dev/null +++ b/crypto/pkcs12/p12_asn.c @@ -0,0 +1,114 @@ +/* p12_asn.c */ +/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL + * project 1999. + */ +/* ==================================================================== + * Copyright (c) 1999 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include <stdio.h> +#include "cryptlib.h" +#include <openssl/asn1t.h> +#include <openssl/pkcs12.h> + +/* PKCS#12 ASN1 module */ + +ASN1_SEQUENCE(PKCS12) = { + ASN1_SIMPLE(PKCS12, version, ASN1_INTEGER), + ASN1_SIMPLE(PKCS12, authsafes, PKCS7), + ASN1_OPT(PKCS12, mac, PKCS12_MAC_DATA) +} ASN1_SEQUENCE_END(PKCS12); + +IMPLEMENT_ASN1_FUNCTIONS(PKCS12) + +ASN1_SEQUENCE(PKCS12_MAC_DATA) = { + ASN1_SIMPLE(PKCS12_MAC_DATA, dinfo, X509_SIG), + ASN1_SIMPLE(PKCS12_MAC_DATA, salt, ASN1_OCTET_STRING), + ASN1_OPT(PKCS12_MAC_DATA, iter, ASN1_INTEGER) +} ASN1_SEQUENCE_END(PKCS12_MAC_DATA); + +IMPLEMENT_ASN1_FUNCTIONS(PKCS12_MAC_DATA) + +ASN1_ADB_TEMPLATE(bag_default) = ASN1_EXP(PKCS12_BAGS, value.other, ASN1_ANY, 0); + +ASN1_ADB(PKCS12_BAGS) = { + ADB_ENTRY(NID_x509Certificate, ASN1_EXP(PKCS12_BAGS, value.x509cert, ASN1_OCTET_STRING, 0)), + ADB_ENTRY(NID_x509Certificate, ASN1_EXP(PKCS12_BAGS, value.x509crl, ASN1_OCTET_STRING, 0)), + ADB_ENTRY(NID_x509Certificate, ASN1_EXP(PKCS12_BAGS, value.sdsicert, ASN1_IA5STRING, 0)), +} ASN1_ADB_END(PKCS12_BAGS, 0, type, 0, &bag_default_tt, NULL); + +ASN1_SEQUENCE(PKCS12_BAGS) = { + ASN1_SIMPLE(PKCS12_BAGS, type, ASN1_OBJECT), + ASN1_ADB_OBJECT(PKCS12_BAGS), +} ASN1_SEQUENCE_END(PKCS12_BAGS); + +IMPLEMENT_ASN1_FUNCTIONS(PKCS12_BAGS) + +ASN1_ADB_TEMPLATE(safebag_default) = ASN1_EXP(PKCS12_SAFEBAG, value.other, ASN1_ANY, 0); + +ASN1_ADB(PKCS12_SAFEBAG) = { + ADB_ENTRY(NID_keyBag, ASN1_EXP(PKCS12_SAFEBAG, value.keybag, PKCS8_PRIV_KEY_INFO, 0)), + ADB_ENTRY(NID_pkcs8ShroudedKeyBag, ASN1_EXP(PKCS12_SAFEBAG, value.keybag, X509_SIG, 0)), + ADB_ENTRY(NID_safeContentsBag, ASN1_EXP_SET_OF(PKCS12_SAFEBAG, value.safes, PKCS12_SAFEBAG, 0)), + ADB_ENTRY(NID_certBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag, PKCS12_BAGS, 0)), + ADB_ENTRY(NID_crlBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag, PKCS12_BAGS, 0)), + ADB_ENTRY(NID_secretBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag, PKCS12_BAGS, 0)) +} ASN1_ADB_END(PKCS12_SAFEBAG, 0, type, 0, &safebag_default_tt, NULL); + +ASN1_SEQUENCE(PKCS12_SAFEBAG) = { + ASN1_SIMPLE(PKCS12_SAFEBAG, type, ASN1_OBJECT), + ASN1_ADB_OBJECT(PKCS12_SAFEBAG), + ASN1_SET_OF_OPT(PKCS12_SAFEBAG, attrib, X509_ATTRIBUTE) +} ASN1_SEQUENCE_END(PKCS12_SAFEBAG); + +IMPLEMENT_ASN1_FUNCTIONS(PKCS12_SAFEBAG) diff --git a/crypto/pkcs12/p12_attr.c b/crypto/pkcs12/p12_attr.c index f1a210b5d2..64bf4173fc 100644 --- a/crypto/pkcs12/p12_attr.c +++ b/crypto/pkcs12/p12_attr.c @@ -92,7 +92,7 @@ int PKCS12_add_localkeyid (PKCS12_SAFEBAG *bag, unsigned char *name, return 0; } sk_ASN1_TYPE_push (attrib->value.set,keyid); - attrib->set = 1; + attrib->single = 0; if (!bag->attrib && !(bag->attrib = sk_X509_ATTRIBUTE_new_null ())) { PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE); return 0; @@ -134,7 +134,7 @@ int PKCS8_add_keyusage (PKCS8_PRIV_KEY_INFO *p8, int usage) return 0; } sk_ASN1_TYPE_push (attrib->value.set,keyid); - attrib->set = 1; + attrib->single = 0; if (!p8->attributes && !(p8->attributes = sk_X509_ATTRIBUTE_new_null ())) { PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE); @@ -201,7 +201,7 @@ int PKCS12_add_friendlyname_uni (PKCS12_SAFEBAG *bag, return 0; } sk_ASN1_TYPE_push (attrib->value.set,fname); - attrib->set = 1; + attrib->single = 0; if (!bag->attrib && !(bag->attrib = sk_X509_ATTRIBUTE_new_null ())) { PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI, ERR_R_MALLOC_FAILURE); diff --git a/crypto/pkcs12/pkcs12.h b/crypto/pkcs12/pkcs12.h index 502fceff95..d58a140017 100644 --- a/crypto/pkcs12/pkcs12.h +++ b/crypto/pkcs12/pkcs12.h @@ -120,7 +120,6 @@ union { ASN1_TYPE *other; }value; STACK_OF(X509_ATTRIBUTE) *attrib; -ASN1_TYPE *rest; } PKCS12_SAFEBAG; DECLARE_STACK_OF(PKCS12_SAFEBAG) @@ -249,24 +248,12 @@ int PKCS12_setup_mac(PKCS12 *p12, int iter, unsigned char *salt, int saltlen, EVP_MD *md_type); unsigned char *asc2uni(const char *asc, unsigned char **uni, int *unilen); char *uni2asc(unsigned char *uni, int unilen); -int i2d_PKCS12_BAGS(PKCS12_BAGS *a, unsigned char **pp); -PKCS12_BAGS *PKCS12_BAGS_new(void); -PKCS12_BAGS *d2i_PKCS12_BAGS(PKCS12_BAGS **a, unsigned char **pp, long length); -void PKCS12_BAGS_free(PKCS12_BAGS *a); -int i2d_PKCS12(PKCS12 *a, unsigned char **pp); -PKCS12 *d2i_PKCS12(PKCS12 **a, unsigned char **pp, long length); -PKCS12 *PKCS12_new(void); -void PKCS12_free(PKCS12 *a); -int i2d_PKCS12_MAC_DATA(PKCS12_MAC_DATA *a, unsigned char **pp); -PKCS12_MAC_DATA *PKCS12_MAC_DATA_new(void); -PKCS12_MAC_DATA *d2i_PKCS12_MAC_DATA(PKCS12_MAC_DATA **a, unsigned char **pp, - long length); -void PKCS12_MAC_DATA_free(PKCS12_MAC_DATA *a); -int i2d_PKCS12_SAFEBAG(PKCS12_SAFEBAG *a, unsigned char **pp); -PKCS12_SAFEBAG *PKCS12_SAFEBAG_new(void); -PKCS12_SAFEBAG *d2i_PKCS12_SAFEBAG(PKCS12_SAFEBAG **a, unsigned char **pp, - long length); -void PKCS12_SAFEBAG_free(PKCS12_SAFEBAG *a); + +DECLARE_ASN1_FUNCTIONS(PKCS12) +DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA) +DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG) +DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS) + void ERR_load_PKCS12_strings(void); void PKCS12_PBE_add(void); int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert, diff --git a/crypto/pkcs7/Makefile.ssl b/crypto/pkcs7/Makefile.ssl index a5be0e04d2..ab87fb7056 100644 --- a/crypto/pkcs7/Makefile.ssl +++ b/crypto/pkcs7/Makefile.ssl @@ -25,8 +25,10 @@ TEST= APPS= LIB=$(TOP)/libcrypto.a -LIBSRC= pk7_lib.c pkcs7err.c pk7_doit.c pk7_smime.c pk7_attr.c pk7_mime.c -LIBOBJ= pk7_lib.o pkcs7err.o pk7_doit.o pk7_smime.o pk7_attr.o pk7_mime.o +LIBSRC= pk7_asn1.c pk7_lib.c pkcs7err.c pk7_doit.c pk7_smime.c pk7_attr.c \ + pk7_mime.c +LIBOBJ= pk7_asn1.o pk7_lib.o pkcs7err.o pk7_doit.o pk7_smime.o pk7_attr.o \ + pk7_mime.o SRC= $(LIBSRC) @@ -98,6 +100,26 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. +pk7_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +pk7_asn1.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +pk7_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h +pk7_asn1.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h +pk7_asn1.o: ../../include/openssl/des.h ../../include/openssl/dh.h +pk7_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h +pk7_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +pk7_asn1.o: ../../include/openssl/evp.h ../../include/openssl/idea.h +pk7_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h +pk7_asn1.o: ../../include/openssl/md4.h ../../include/openssl/md5.h +pk7_asn1.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +pk7_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +pk7_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h +pk7_asn1.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h +pk7_asn1.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h +pk7_asn1.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h +pk7_asn1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h +pk7_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h +pk7_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h +pk7_asn1.o: ../../include/openssl/x509_vfy.h ../cryptlib.h pk7_attr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h pk7_attr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h pk7_attr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h diff --git a/crypto/pkcs7/pk7_asn1.c b/crypto/pkcs7/pk7_asn1.c new file mode 100644 index 0000000000..777a8619d6 --- /dev/null +++ b/crypto/pkcs7/pk7_asn1.c @@ -0,0 +1,175 @@ +/* pk7_asn.c */ +/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL + * project 2000. + */ +/* ==================================================================== + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include <stdio.h> +#include "cryptlib.h" +#include <openssl/asn1t.h> +#include <openssl/pkcs7.h> + +/* PKCS#7 ASN1 module */ + +/* This is the ANY DEFINED BY table for the top level PKCS#7 structure */ + +ASN1_ADB_TEMPLATE(p7default) = ASN1_EXP_OPT(PKCS7, d.other, ASN1_ANY, 0); + +ASN1_ADB(PKCS7) = { + ADB_ENTRY(NID_pkcs7_data, ASN1_EXP_OPT(PKCS7, d.data, ASN1_OCTET_STRING, 0)), + ADB_ENTRY(NID_pkcs7_signed, ASN1_EXP_OPT(PKCS7, d.sign, PKCS7_SIGNED, 0)), + ADB_ENTRY(NID_pkcs7_enveloped, ASN1_EXP_OPT(PKCS7, d.enveloped, PKCS7_ENVELOPE, 0)), + ADB_ENTRY(NID_pkcs7_signedAndEnveloped, ASN1_EXP_OPT(PKCS7, d.signed_and_enveloped, PKCS7_SIGN_ENVELOPE, 0)), + ADB_ENTRY(NID_pkcs7_digest, ASN1_EXP_OPT(PKCS7, d.digest, PKCS7_DIGEST, 0)), + ADB_ENTRY(NID_pkcs7_encrypted, ASN1_EXP_OPT(PKCS7, d.encrypted, PKCS7_ENCRYPT, 0)) +} ASN1_ADB_END(PKCS7, 0, type, 0, &p7default_tt, NULL); + +ASN1_SEQUENCE(PKCS7) = { + ASN1_SIMPLE(PKCS7, type, ASN1_OBJECT), + ASN1_ADB_OBJECT(PKCS7) +}ASN1_SEQUENCE_END(PKCS7); + +IMPLEMENT_ASN1_FUNCTIONS(PKCS7) + +ASN1_SEQUENCE(PKCS7_SIGNED) = { + ASN1_SIMPLE(PKCS7_SIGNED, version, ASN1_INTEGER), + ASN1_SET_OF(PKCS7_SIGNED, md_algs, X509_ALGOR), + ASN1_SIMPLE(PKCS7_SIGNED, contents, PKCS7), + ASN1_IMP_SEQUENCE_OF_OPT(PKCS7_SIGNED, cert, X509, 0), + ASN1_IMP_SET_OF_OPT(PKCS7_SIGNED, crl, X509_CRL, 1), + ASN1_SET_OF(PKCS7_SIGNED, signer_info, PKCS7_SIGNER_INFO) +} ASN1_SEQUENCE_END(PKCS7_SIGNED); + +IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGNED) + +/* Minor tweak to operation: free up EVP_PKEY */ +static int si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + if(operation == ASN1_OP_FREE_POST) { + PKCS7_SIGNER_INFO *si = (PKCS7_SIGNER_INFO *)*pval; + EVP_PKEY_free(si->pkey); + } + return 1; +} + +ASN1_SEQUENCE_cb(PKCS7_SIGNER_INFO, si_cb) = { + ASN1_SIMPLE(PKCS7_SIGNER_INFO, version, ASN1_INTEGER), + ASN1_SIMPLE(PKCS7_SIGNER_INFO, issuer_and_serial, PKCS7_ISSUER_AND_SERIAL), + ASN1_SIMPLE(PKCS7_SIGNER_INFO, digest_alg, X509_ALGOR), + ASN1_IMP_SET_OF_OPT(PKCS7_SIGNER_INFO, auth_attr, X509_ATTRIBUTE, 0), + ASN1_SIMPLE(PKCS7_SIGNER_INFO, digest_enc_alg, X509_ALGOR), + ASN1_SIMPLE(PKCS7_SIGNER_INFO, enc_digest, ASN1_OCTET_STRING), + ASN1_IMP_SET_OF_OPT(PKCS7_SIGNER_INFO, unauth_attr, X509_ATTRIBUTE, 1) +} ASN1_SEQUENCE_END_cb(PKCS7_SIGNER_INFO, PKCS7_SIGNER_INFO); + +IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO) + +ASN1_SEQUENCE(PKCS7_ISSUER_AND_SERIAL) = { + ASN1_SIMPLE(PKCS7_ISSUER_AND_SERIAL, issuer, X509_NAME), + ASN1_SIMPLE(PKCS7_ISSUER_AND_SERIAL, serial, ASN1_INTEGER) +} ASN1_SEQUENCE_END(PKCS7_ISSUER_AND_SERIAL); + +IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL) + +ASN1_SEQUENCE(PKCS7_ENVELOPE) = { + ASN1_SIMPLE(PKCS7_ENVELOPE, version, ASN1_INTEGER), + ASN1_SET_OF(PKCS7_ENVELOPE, recipientinfo, PKCS7_RECIP_INFO), + ASN1_SIMPLE(PKCS7_ENVELOPE, enc_data, PKCS7_ENC_CONTENT) +} ASN1_SEQUENCE_END(PKCS7_ENVELOPE); + +IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENVELOPE) + +ASN1_SEQUENCE(PKCS7_RECIP_INFO) = { + ASN1_SIMPLE(PKCS7_RECIP_INFO, version, ASN1_INTEGER), + ASN1_SIMPLE(PKCS7_RECIP_INFO, issuer_and_serial, PKCS7_ISSUER_AND_SERIAL), + ASN1_SIMPLE(PKCS7_RECIP_INFO, key_enc_algor, X509_ALGOR), + ASN1_SIMPLE(PKCS7_RECIP_INFO, enc_key, ASN1_OCTET_STRING) +} ASN1_SEQUENCE_END(PKCS7_RECIP_INFO); + +IMPLEMENT_ASN1_FUNCTIONS(PKCS7_RECIP_INFO) + +ASN1_SEQUENCE(PKCS7_ENC_CONTENT) = { + ASN1_SIMPLE(PKCS7_ENC_CONTENT, content_type, ASN1_OBJECT), + ASN1_SIMPLE(PKCS7_ENC_CONTENT, algorithm, X509_ALGOR), + ASN1_IMP_OPT(PKCS7_ENC_CONTENT, enc_data, ASN1_OCTET_STRING, 0) +} ASN1_SEQUENCE_END(PKCS7_ENC_CONTENT); + +IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT) + +ASN1_SEQUENCE(PKCS7_SIGN_ENVELOPE) = { + ASN1_SIMPLE(PKCS7_SIGN_ENVELOPE, version, ASN1_INTEGER), + ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, recipientinfo, PKCS7_RECIP_INFO), + ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, md_algs, X509_ALGOR), + ASN1_SIMPLE(PKCS7_SIGN_ENVELOPE, enc_data, PKCS7_ENC_CONTENT), + ASN1_IMP_SET_OF_OPT(PKCS7_SIGN_ENVELOPE, cert, X509, 0), + ASN1_IMP_SET_OF_OPT(PKCS7_SIGN_ENVELOPE, crl, X509_CRL, 1), + ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, signer_info, PKCS7_SIGNER_INFO) +} ASN1_SEQUENCE_END(PKCS7_SIGN_ENVELOPE); + +IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE) + +ASN1_SEQUENCE(PKCS7_ENCRYPT) = { + ASN1_SIMPLE(PKCS7_ENCRYPT, version, ASN1_INTEGER), + ASN1_SIMPLE(PKCS7_ENCRYPT, enc_data, PKCS7_ENC_CONTENT) +} ASN1_SEQUENCE_END(PKCS7_ENCRYPT); + +IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENCRYPT) + +ASN1_SEQUENCE(PKCS7_DIGEST) = { + ASN1_SIMPLE(PKCS7_DIGEST, version, ASN1_INTEGER), + ASN1_SIMPLE(PKCS7_DIGEST, md, X509_ALGOR), + ASN1_SIMPLE(PKCS7_DIGEST, contents, PKCS7), + ASN1_SIMPLE(PKCS7_DIGEST, digest, ASN1_OCTET_STRING) +} ASN1_SEQUENCE_END(PKCS7_DIGEST); diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c index 099e9651c1..d294c5e288 100644 --- a/crypto/pkcs7/pk7_doit.c +++ b/crypto/pkcs7/pk7_doit.c @@ -219,7 +219,7 @@ BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio) } if (bio == NULL) { - if (p7->detached) + if (PKCS7_is_detached(p7)) bio=BIO_new(BIO_s_null()); else { if (PKCS7_type_is_signed(p7) && @@ -419,7 +419,7 @@ BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert) } #if 1 - if (p7->detached || (in_bio != NULL)) + if (PKCS7_is_detached(p7) || (in_bio != NULL)) { bio=in_bio; } @@ -606,7 +606,7 @@ int PKCS7_dataFinal(PKCS7 *p7, BIO *bio) } } - if (!p7->detached) + if (!PKCS7_is_detached(p7)) { btmp=BIO_find_type(bio,BIO_TYPE_MEM); if (btmp == NULL) @@ -838,7 +838,7 @@ static ASN1_TYPE *get_attribute(STACK_OF(X509_ATTRIBUTE) *sk, int nid) xa=sk_X509_ATTRIBUTE_value(sk,i); if (OBJ_cmp(xa->object,o) == 0) { - if (xa->set && sk_ASN1_TYPE_num(xa->value.set)) + if (!xa->single && sk_ASN1_TYPE_num(xa->value.set)) return(sk_ASN1_TYPE_value(xa->value.set,0)); else return(NULL); diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c index 45973fe850..9ceeab6c58 100644 --- a/crypto/pkcs7/pk7_lib.c +++ b/crypto/pkcs7/pk7_lib.c @@ -84,7 +84,11 @@ long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg) case PKCS7_OP_GET_DETACHED_SIGNATURE: if (nid == NID_pkcs7_signed) { - ret=p7->detached; + if(!p7->d.sign || !p7->d.sign->contents->d.ptr) + ret = 1; + else ret = 0; + + p7->detached = ret; } else { @@ -144,7 +148,7 @@ int PKCS7_set_type(PKCS7 *p7, int type) { ASN1_OBJECT *obj; - PKCS7_content_free(p7); + /*PKCS7_content_free(p7);*/ obj=OBJ_nid2obj(type); /* will not fail */ switch (type) diff --git a/crypto/pkcs7/pkcs7.h b/crypto/pkcs7/pkcs7.h index 1b817e605d..1dfbace15b 100644 --- a/crypto/pkcs7/pkcs7.h +++ b/crypto/pkcs7/pkcs7.h @@ -235,6 +235,8 @@ DECLARE_PKCS12_STACK_OF(PKCS7) #define PKCS7_get_detached(p) \ PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL) +#define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7)) + #ifdef SSLEAY_MACROS #ifndef PKCS7_ISSUER_AND_SERIAL_digest #define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \ @@ -268,14 +270,7 @@ DECLARE_PKCS12_STACK_OF(PKCS7) #define SMIME_BINARY PKCS7_BINARY #define SMIME_NOATTR PKCS7_NOATTR -PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new(void ); -void PKCS7_ISSUER_AND_SERIAL_free( - PKCS7_ISSUER_AND_SERIAL *a); -int i2d_PKCS7_ISSUER_AND_SERIAL( - PKCS7_ISSUER_AND_SERIAL *a,unsigned char **pp); -PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL( - PKCS7_ISSUER_AND_SERIAL **a, - unsigned char **pp, long length); +DECLARE_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL) #ifndef SSLEAY_MACROS int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,const EVP_MD *type, @@ -289,69 +284,15 @@ PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 **p7); int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7); #endif -PKCS7_SIGNER_INFO *PKCS7_SIGNER_INFO_new(void); -void PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a); -int i2d_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO *a, - unsigned char **pp); -PKCS7_SIGNER_INFO *d2i_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO **a, - unsigned char **pp,long length); - -PKCS7_RECIP_INFO *PKCS7_RECIP_INFO_new(void); -void PKCS7_RECIP_INFO_free(PKCS7_RECIP_INFO *a); -int i2d_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO *a, - unsigned char **pp); -PKCS7_RECIP_INFO *d2i_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO **a, - unsigned char **pp,long length); - -PKCS7_SIGNED *PKCS7_SIGNED_new(void); -void PKCS7_SIGNED_free(PKCS7_SIGNED *a); -int i2d_PKCS7_SIGNED(PKCS7_SIGNED *a, - unsigned char **pp); -PKCS7_SIGNED *d2i_PKCS7_SIGNED(PKCS7_SIGNED **a, - unsigned char **pp,long length); - -PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new(void); -void PKCS7_ENC_CONTENT_free(PKCS7_ENC_CONTENT *a); -int i2d_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT *a, - unsigned char **pp); -PKCS7_ENC_CONTENT *d2i_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT **a, - unsigned char **pp,long length); - -PKCS7_ENVELOPE *PKCS7_ENVELOPE_new(void); -void PKCS7_ENVELOPE_free(PKCS7_ENVELOPE *a); -int i2d_PKCS7_ENVELOPE(PKCS7_ENVELOPE *a, - unsigned char **pp); -PKCS7_ENVELOPE *d2i_PKCS7_ENVELOPE(PKCS7_ENVELOPE **a, - unsigned char **pp,long length); - -PKCS7_SIGN_ENVELOPE *PKCS7_SIGN_ENVELOPE_new(void); -void PKCS7_SIGN_ENVELOPE_free(PKCS7_SIGN_ENVELOPE *a); -int i2d_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE *a, - unsigned char **pp); -PKCS7_SIGN_ENVELOPE *d2i_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE **a, - unsigned char **pp,long length); - -PKCS7_DIGEST *PKCS7_DIGEST_new(void); -void PKCS7_DIGEST_free(PKCS7_DIGEST *a); -int i2d_PKCS7_DIGEST(PKCS7_DIGEST *a, - unsigned char **pp); -PKCS7_DIGEST *d2i_PKCS7_DIGEST(PKCS7_DIGEST **a, - unsigned char **pp,long length); - -PKCS7_ENCRYPT *PKCS7_ENCRYPT_new(void); -void PKCS7_ENCRYPT_free(PKCS7_ENCRYPT *a); -int i2d_PKCS7_ENCRYPT(PKCS7_ENCRYPT *a, - unsigned char **pp); -PKCS7_ENCRYPT *d2i_PKCS7_ENCRYPT(PKCS7_ENCRYPT **a, - unsigned char **pp,long length); - -PKCS7 *PKCS7_new(void); -void PKCS7_free(PKCS7 *a); -void PKCS7_content_free(PKCS7 *a); -int i2d_PKCS7(PKCS7 *a, - unsigned char **pp); -PKCS7 *d2i_PKCS7(PKCS7 **a, - unsigned char **pp,long length); +DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO) +DECLARE_ASN1_FUNCTIONS(PKCS7_RECIP_INFO) +DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNED) +DECLARE_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT) +DECLARE_ASN1_FUNCTIONS(PKCS7_ENVELOPE) +DECLARE_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE) +DECLARE_ASN1_FUNCTIONS(PKCS7_DIGEST) +DECLARE_ASN1_FUNCTIONS(PKCS7_ENCRYPT) +DECLARE_ASN1_FUNCTIONS(PKCS7) void ERR_load_PKCS7_strings(void); diff --git a/crypto/rsa/Makefile.ssl b/crypto/rsa/Makefile.ssl index ede3989052..6f18d2bf04 100644 --- a/crypto/rsa/Makefile.ssl +++ b/crypto/rsa/Makefile.ssl @@ -23,9 +23,11 @@ APPS= LIB=$(TOP)/libcrypto.a LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \ - rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c + rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \ + rsa_asn1.c LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \ - rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o + rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \ + rsa_asn1.o SRC= $(LIBSRC) @@ -81,6 +83,15 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. +rsa_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +rsa_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h +rsa_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h +rsa_asn1.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +rsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h +rsa_asn1.o: ../../include/openssl/opensslconf.h +rsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h +rsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h +rsa_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h rsa_chk.o: ../../include/openssl/bio.h ../../include/openssl/bn.h rsa_chk.o: ../../include/openssl/crypto.h ../../include/openssl/err.h rsa_chk.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h index ede65003e1..a488b80763 100644 --- a/crypto/rsa/rsa.h +++ b/crypto/rsa/rsa.h @@ -119,7 +119,7 @@ struct rsa_st /* The first parameter is used to pickup errors where * this is passed instead of aEVP_PKEY, it is set to 0 */ int pad; - int version; + long version; #if 0 RSA_METHOD *meth; #else @@ -236,7 +236,6 @@ int RSA_print(BIO *bp, const RSA *r,int offset); int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey); RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey); -RSA *d2i_RSA_NET_2(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey); int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)()); RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)()); diff --git a/crypto/rsa/rsa_asn1.c b/crypto/rsa/rsa_asn1.c new file mode 100644 index 0000000000..0585b241e6 --- /dev/null +++ b/crypto/rsa/rsa_asn1.c @@ -0,0 +1,111 @@ +/* rsa_asn1.c */ +/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL + * project 2000. + */ +/* ==================================================================== + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ + +#include <stdio.h> +#include "cryptlib.h" +#include <openssl/bn.h> +#include <openssl/rsa.h> +#include <openssl/asn1t.h> + +static ASN1_METHOD method={ + (int (*)()) i2d_RSAPrivateKey, + (char *(*)())d2i_RSAPrivateKey, + (char *(*)())RSA_new, + (void (*)()) RSA_free}; + +ASN1_METHOD *RSAPrivateKey_asn1_meth(void) + { + return(&method); + } + +/* Override the default free and new methods */ +static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it) +{ + if(operation == ASN1_OP_NEW_PRE) { + *pval = (ASN1_VALUE *)RSA_new(); + if(*pval) return 2; + return 0; + } else if(operation == ASN1_OP_FREE_PRE) { + RSA_free((RSA *)*pval); + *pval = NULL; + return 2; + } + return 1; +} + +ASN1_SEQUENCE_cb(RSAPrivateKey, rsa_cb) = { + ASN1_SIMPLE(RSA, version, LONG), + ASN1_SIMPLE(RSA, n, BIGNUM), + ASN1_SIMPLE(RSA, e, BIGNUM), + ASN1_SIMPLE(RSA, d, BIGNUM), + ASN1_SIMPLE(RSA, p, BIGNUM), + ASN1_SIMPLE(RSA, q, BIGNUM), + ASN1_SIMPLE(RSA, dmp1, BIGNUM), + ASN1_SIMPLE(RSA, dmq1, BIGNUM), + ASN1_SIMPLE(RSA, iqmp, BIGNUM) +} ASN1_SEQUENCE_END_cb(RSA, RSAPrivateKey); + + +ASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = { + ASN1_SIMPLE(RSA, n, BIGNUM), + ASN1_SIMPLE(RSA, e, BIGNUM), +} ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey); + +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPrivateKey, RSAPrivateKey) + +IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPublicKey, RSAPublicKey) diff --git a/crypto/stack/safestack.h b/crypto/stack/safestack.h index 38eea51547..67bce3f5ea 100644 --- a/crypto/stack/safestack.h +++ b/crypto/stack/safestack.h @@ -304,6 +304,26 @@ STACK_OF(type) \ #define sk_ASN1_TYPE_pop(st) SKM_sk_pop(ASN1_TYPE, (st)) #define sk_ASN1_TYPE_sort(st) SKM_sk_sort(ASN1_TYPE, (st)) +#define sk_ASN1_VALUE_new(st) SKM_sk_new(ASN1_VALUE, (st)) +#define sk_ASN1_VALUE_new_null() SKM_sk_new_null(ASN1_VALUE) +#define sk_ASN1_VALUE_free(st) SKM_sk_free(ASN1_VALUE, (st)) +#define sk_ASN1_VALUE_num(st) SKM_sk_num(ASN1_VALUE, (st)) +#define sk_ASN1_VALUE_value(st, i) SKM_sk_value(ASN1_VALUE, (st), (i)) +#define sk_ASN1_VALUE_set(st, i, val) SKM_sk_set(ASN1_VALUE, (st), (i), (val)) +#define sk_ASN1_VALUE_zero(st) SKM_sk_zero(ASN1_VALUE, (st)) +#define sk_ASN1_VALUE_push(st, val) SKM_sk_push(ASN1_VALUE, (st), (val)) +#define sk_ASN1_VALUE_unshift(st, val) SKM_sk_unshift(ASN1_VALUE, (st), (val)) +#define sk_ASN1_VALUE_find(st, val) SKM_sk_find(ASN1_VALUE, (st), (val)) +#define sk_ASN1_VALUE_delete(st, i) SKM_sk_delete(ASN1_VALUE, (st), (i)) +#define sk_ASN1_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_VALUE, (st), (ptr)) +#define sk_ASN1_VALUE_insert(st, val, i) SKM_sk_insert(ASN1_VALUE, (st), (val), (i)) +#define sk_ASN1_VALUE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_VALUE, (st), (cmp)) +#define sk_ASN1_VALUE_dup(st) SKM_sk_dup(ASN1_VALUE, st) +#define sk_ASN1_VALUE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_VALUE, (st), (free_func)) +#define sk_ASN1_VALUE_shift(st) SKM_sk_shift(ASN1_VALUE, (st)) +#define sk_ASN1_VALUE_pop(st) SKM_sk_pop(ASN1_VALUE, (st)) +#define sk_ASN1_VALUE_sort(st) SKM_sk_sort(ASN1_VALUE, (st)) + #define sk_BIO_new(st) SKM_sk_new(BIO, (st)) #define sk_BIO_new_null() SKM_sk_new_null(BIO) #define sk_BIO_free(st) SKM_sk_free(BIO, (st)) diff --git a/crypto/x509/Makefile.ssl b/crypto/x509/Makefile.ssl index 94020e42aa..c3ee997b8b 100644 --- a/crypto/x509/Makefile.ssl +++ b/crypto/x509/Makefile.ssl @@ -481,18 +481,18 @@ x509rset.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h x509rset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h x509rset.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h x509rset.o: ../../include/openssl/x509_vfy.h ../cryptlib.h -x509spki.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h -x509spki.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h -x509spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x509spki.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h -x509spki.o: ../../include/openssl/des.h ../../include/openssl/dh.h -x509spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -x509spki.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -x509spki.o: ../../include/openssl/evp.h ../../include/openssl/idea.h -x509spki.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h -x509spki.o: ../../include/openssl/md4.h ../../include/openssl/md5.h -x509spki.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h -x509spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h +x509spki.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h +x509spki.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h +x509spki.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h +x509spki.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +x509spki.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +x509spki.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h +x509spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h +x509spki.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h +x509spki.o: ../../include/openssl/md2.h ../../include/openssl/md4.h +x509spki.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h +x509spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h +x509spki.o: ../../include/openssl/opensslconf.h x509spki.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h x509spki.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h x509spki.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h index 228a0b7062..82714b7601 100644 --- a/crypto/x509/x509.h +++ b/crypto/x509/x509.h @@ -182,11 +182,8 @@ DECLARE_STACK_OF(X509_NAME) typedef struct X509_extension_st { ASN1_OBJECT *object; - short critical; - short netscape_hack; + ASN1_BOOLEAN critical; ASN1_OCTET_STRING *value; - struct v3_ext_method *method; /* V3 method to use */ - void *ext_val; /* extension value */ } X509_EXTENSION; DECLARE_STACK_OF(X509_EXTENSION) @@ -196,27 +193,26 @@ DECLARE_ASN1_SET_OF(X509_EXTENSION) typedef struct x509_attributes_st { ASN1_OBJECT *object; - int set; /* 1 for a set, 0 for a single item (which is wrong) */ + int single; /* 0 for a set, 1 for a single item (which is wrong) */ union { char *ptr; -/* 1 */ STACK_OF(ASN1_TYPE) *set; -/* 0 */ ASN1_TYPE *single; +/* 0 */ STACK_OF(ASN1_TYPE) *set; +/* 1 */ ASN1_TYPE *single; } value; } X509_ATTRIBUTE; DECLARE_STACK_OF(X509_ATTRIBUTE) DECLARE_ASN1_SET_OF(X509_ATTRIBUTE) + typedef struct X509_req_info_st { - unsigned char *asn1; - int length; + ASN1_ENCODING enc; ASN1_INTEGER *version; X509_NAME *subject; X509_PUBKEY *pubkey; /* d=2 hl=2 l= 0 cons: cont: 00 */ STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */ - int req_kludge; } X509_REQ_INFO; typedef struct X509_req_st @@ -827,23 +823,11 @@ X509_REQ * X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey, const EVP_MD *md); X509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey); void ERR_load_X509_strings(void ); -X509_ALGOR * X509_ALGOR_new(void ); -void X509_ALGOR_free(X509_ALGOR *a); -int i2d_X509_ALGOR(X509_ALGOR *a,unsigned char **pp); -X509_ALGOR * d2i_X509_ALGOR(X509_ALGOR **a,unsigned char **pp, - long length); +DECLARE_ASN1_FUNCTIONS(X509_ALGOR) +DECLARE_ASN1_FUNCTIONS(X509_VAL) -X509_VAL * X509_VAL_new(void ); -void X509_VAL_free(X509_VAL *a); -int i2d_X509_VAL(X509_VAL *a,unsigned char **pp); -X509_VAL * d2i_X509_VAL(X509_VAL **a,unsigned char **pp, - long length); +DECLARE_ASN1_FUNCTIONS(X509_PUBKEY) -X509_PUBKEY * X509_PUBKEY_new(void ); -void X509_PUBKEY_free(X509_PUBKEY *a); -int i2d_X509_PUBKEY(X509_PUBKEY *a,unsigned char **pp); -X509_PUBKEY * d2i_X509_PUBKEY(X509_PUBKEY **a,unsigned char **pp, - long length); int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey); EVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key); int X509_get_pubkey_parameters(EVP_PKEY *pkey, @@ -862,58 +846,26 @@ DSA * d2i_DSA_PUBKEY(DSA **a,unsigned char **pp, long length); #endif -X509_SIG * X509_SIG_new(void ); -void X509_SIG_free(X509_SIG *a); -int i2d_X509_SIG(X509_SIG *a,unsigned char **pp); -X509_SIG * d2i_X509_SIG(X509_SIG **a,unsigned char **pp,long length); - -X509_REQ_INFO *X509_REQ_INFO_new(void); -void X509_REQ_INFO_free(X509_REQ_INFO *a); -int i2d_X509_REQ_INFO(X509_REQ_INFO *a,unsigned char **pp); -X509_REQ_INFO *d2i_X509_REQ_INFO(X509_REQ_INFO **a,unsigned char **pp, - long length); - -X509_REQ * X509_REQ_new(void); -void X509_REQ_free(X509_REQ *a); -int i2d_X509_REQ(X509_REQ *a,unsigned char **pp); -X509_REQ * d2i_X509_REQ(X509_REQ **a,unsigned char **pp,long length); +DECLARE_ASN1_FUNCTIONS(X509_SIG) +DECLARE_ASN1_FUNCTIONS(X509_REQ_INFO) +DECLARE_ASN1_FUNCTIONS(X509_REQ) -X509_ATTRIBUTE *X509_ATTRIBUTE_new(void ); -void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a); -int i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a,unsigned char **pp); -X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a,unsigned char **pp, - long length); +DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE) X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value); +DECLARE_ASN1_FUNCTIONS(X509_EXTENSION) -X509_EXTENSION *X509_EXTENSION_new(void ); -void X509_EXTENSION_free(X509_EXTENSION *a); -int i2d_X509_EXTENSION(X509_EXTENSION *a,unsigned char **pp); -X509_EXTENSION *d2i_X509_EXTENSION(X509_EXTENSION **a,unsigned char **pp, - long length); +DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY) -X509_NAME_ENTRY *X509_NAME_ENTRY_new(void); -void X509_NAME_ENTRY_free(X509_NAME_ENTRY *a); -int i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *a,unsigned char **pp); -X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **a,unsigned char **pp, - long length); +DECLARE_ASN1_FUNCTIONS(X509_NAME) -X509_NAME * X509_NAME_new(void); -void X509_NAME_free(X509_NAME *a); -int i2d_X509_NAME(X509_NAME *a,unsigned char **pp); -X509_NAME * d2i_X509_NAME(X509_NAME **a,unsigned char **pp,long length); int X509_NAME_set(X509_NAME **xn, X509_NAME *name); +DECLARE_ASN1_FUNCTIONS(X509_CINF) -X509_CINF * X509_CINF_new(void); -void X509_CINF_free(X509_CINF *a); -int i2d_X509_CINF(X509_CINF *a,unsigned char **pp); -X509_CINF * d2i_X509_CINF(X509_CINF **a,unsigned char **pp,long length); +DECLARE_ASN1_FUNCTIONS(X509) +DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX) -X509 * X509_new(void); -void X509_free(X509 *a); -int i2d_X509(X509 *a,unsigned char **pp); -X509 * d2i_X509(X509 **a,unsigned char **pp,long length); int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func); int X509_set_ex_data(X509 *r, int idx, void *arg); @@ -921,11 +873,6 @@ void *X509_get_ex_data(X509 *r, int idx); int i2d_X509_AUX(X509 *a,unsigned char **pp); X509 * d2i_X509_AUX(X509 **a,unsigned char **pp,long length); -X509_CERT_AUX * X509_CERT_AUX_new(void); -void X509_CERT_AUX_free(X509_CERT_AUX *a); -int i2d_X509_CERT_AUX(X509_CERT_AUX *a,unsigned char **pp); -X509_CERT_AUX * d2i_X509_CERT_AUX(X509_CERT_AUX **a,unsigned char **pp, - long length); int X509_alias_set1(X509 *x, unsigned char *name, int len); int X509_keyid_set1(X509 *x, unsigned char *id, int len); unsigned char * X509_alias_get0(X509 *x, int *len); @@ -935,44 +882,20 @@ int X509_add1_reject_object(X509 *x, ASN1_OBJECT *obj); void X509_trust_clear(X509 *x); void X509_reject_clear(X509 *x); -X509_REVOKED * X509_REVOKED_new(void); -void X509_REVOKED_free(X509_REVOKED *a); -int i2d_X509_REVOKED(X509_REVOKED *a,unsigned char **pp); -X509_REVOKED * d2i_X509_REVOKED(X509_REVOKED **a,unsigned char **pp,long length); +DECLARE_ASN1_FUNCTIONS(X509_REVOKED) +DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO) +DECLARE_ASN1_FUNCTIONS(X509_CRL) -X509_CRL_INFO *X509_CRL_INFO_new(void); -void X509_CRL_INFO_free(X509_CRL_INFO *a); -int i2d_X509_CRL_INFO(X509_CRL_INFO *a,unsigned char **pp); -X509_CRL_INFO *d2i_X509_CRL_INFO(X509_CRL_INFO **a,unsigned char **pp, - long length); - -X509_CRL * X509_CRL_new(void); -void X509_CRL_free(X509_CRL *a); -int i2d_X509_CRL(X509_CRL *a,unsigned char **pp); -X509_CRL * d2i_X509_CRL(X509_CRL **a,unsigned char **pp,long length); +int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev); X509_PKEY * X509_PKEY_new(void ); void X509_PKEY_free(X509_PKEY *a); int i2d_X509_PKEY(X509_PKEY *a,unsigned char **pp); X509_PKEY * d2i_X509_PKEY(X509_PKEY **a,unsigned char **pp,long length); -NETSCAPE_SPKI * NETSCAPE_SPKI_new(void ); -void NETSCAPE_SPKI_free(NETSCAPE_SPKI *a); -int i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a,unsigned char **pp); -NETSCAPE_SPKI * d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **a,unsigned char **pp, - long length); - -NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(void ); -void NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a); -int i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a,unsigned char **pp); -NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a,unsigned char **pp, - long length); - - -int i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **pp); -NETSCAPE_CERT_SEQUENCE *NETSCAPE_CERT_SEQUENCE_new(void); -NETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a, unsigned char **pp, long length); -void NETSCAPE_CERT_SEQUENCE_free(NETSCAPE_CERT_SEQUENCE *a); +DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI) +DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC) +DECLARE_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE) #ifndef NO_EVP X509_INFO * X509_INFO_new(void); @@ -1192,31 +1115,17 @@ X509 *X509_find_by_issuer_and_serial(STACK_OF(X509) *sk,X509_NAME *name, ASN1_INTEGER *serial); X509 *X509_find_by_subject(STACK_OF(X509) *sk,X509_NAME *name); -int i2d_PBEPARAM(PBEPARAM *a, unsigned char **pp); -PBEPARAM *PBEPARAM_new(void); -PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, unsigned char **pp, long length); -void PBEPARAM_free(PBEPARAM *a); +DECLARE_ASN1_FUNCTIONS(PBEPARAM) +DECLARE_ASN1_FUNCTIONS(PBE2PARAM) +DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM) + X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, int saltlen); X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter, unsigned char *salt, int saltlen); -int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **pp); -PBKDF2PARAM *PBKDF2PARAM_new(void); -PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, unsigned char **pp, long length); -void PBKDF2PARAM_free(PBKDF2PARAM *a); - -int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **pp); -PBE2PARAM *PBE2PARAM_new(void); -PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, unsigned char **pp, long length); -void PBE2PARAM_free(PBE2PARAM *a); - /* PKCS#8 utilities */ -int i2d_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO *a, unsigned char **pp); -PKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new(void); -PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a, - unsigned char **pp, long length); -void PKCS8_PRIV_KEY_INFO_free(PKCS8_PRIV_KEY_INFO *a); +DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO) EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8); PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey); diff --git a/crypto/x509/x509_att.c b/crypto/x509/x509_att.c index caafde658f..f074d2ab18 100644 --- a/crypto/x509/x509_att.c +++ b/crypto/x509/x509_att.c @@ -283,7 +283,7 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err; if(!(ttmp = ASN1_TYPE_new())) goto err; if(!sk_ASN1_TYPE_push(attr->value.set, ttmp)) goto err; - attr->set = 1; + attr->single = 0; ASN1_TYPE_set(ttmp, atype, stmp); return 1; err: @@ -293,7 +293,7 @@ int X509_ATTRIBUTE_set1_data(X509_ATTRIBUTE *attr, int attrtype, void *data, int int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr) { - if(attr->set) return sk_ASN1_TYPE_num(attr->value.set); + if(!attr->single) return sk_ASN1_TYPE_num(attr->value.set); if(attr->value.single) return 1; return 0; } @@ -321,6 +321,6 @@ ASN1_TYPE *X509_ATTRIBUTE_get0_type(X509_ATTRIBUTE *attr, int idx) { if (attr == NULL) return(NULL); if(idx >= X509_ATTRIBUTE_count(attr)) return NULL; - if(attr->set) return sk_ASN1_TYPE_value(attr->value.set, idx); + if(!attr->single) return sk_ASN1_TYPE_value(attr->value.set, idx); else return attr->value.single; } diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c index 7eca1bd57a..e2766e1a5f 100644 --- a/crypto/x509/x509_req.c +++ b/crypto/x509/x509_req.c @@ -156,9 +156,9 @@ STACK_OF(X509_EXTENSION) *X509_REQ_get_extensions(X509_REQ *req) for(i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) { attr = sk_X509_ATTRIBUTE_value(sk, i); if(X509_REQ_extension_nid(OBJ_obj2nid(attr->object))) { - if(attr->set && sk_ASN1_TYPE_num(attr->value.set)) + if(attr->single) ext = attr->value.single; + else if(sk_ASN1_TYPE_num(attr->value.set)) ext = sk_ASN1_TYPE_value(attr->value.set, 0); - else ext = attr->value.single; break; } } @@ -199,7 +199,7 @@ int X509_REQ_add_extensions_nid(X509_REQ *req, STACK_OF(X509_EXTENSION) *exts, if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err; if(!sk_ASN1_TYPE_push(attr->value.set, at)) goto err; at = NULL; - attr->set = 1; + attr->single = 0; attr->object = OBJ_nid2obj(nid); if(!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr)) goto err; return 1; diff --git a/crypto/x509/x509_v3.c b/crypto/x509/x509_v3.c index 52887986fe..b5f7daa2e5 100644 --- a/crypto/x509/x509_v3.c +++ b/crypto/x509/x509_v3.c @@ -115,8 +115,8 @@ int X509v3_get_ext_by_critical(const STACK_OF(X509_EXTENSION) *sk, int crit, for ( ; lastpos < n; lastpos++) { ex=sk_X509_EXTENSION_value(sk,lastpos); - if ( (ex->critical && crit) || - (!ex->critical && !crit)) + if ( ((ex->critical > 0) && crit) || + (!(ex->critical <= 0) && !crit)) return(lastpos); } return(-1); @@ -234,7 +234,7 @@ int X509_EXTENSION_set_object(X509_EXTENSION *ex, ASN1_OBJECT *obj) int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit) { if (ex == NULL) return(0); - ex->critical=(crit)?0xFF:0; + ex->critical=(crit)?0xFF:-1; return(1); } @@ -263,5 +263,6 @@ ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ex) int X509_EXTENSION_get_critical(X509_EXTENSION *ex) { if (ex == NULL) return(0); - return(ex->critical); + if(ex->critical > 0) return 1; + return 0; } diff --git a/crypto/x509/x509spki.c b/crypto/x509/x509spki.c index fd0a534d88..4c3af946ec 100644 --- a/crypto/x509/x509spki.c +++ b/crypto/x509/x509spki.c @@ -59,7 +59,6 @@ #include <stdio.h> #include "cryptlib.h" #include <openssl/x509.h> -#include <openssl/asn1_mac.h> int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey) { diff --git a/crypto/x509v3/Makefile.ssl b/crypto/x509v3/Makefile.ssl index 5db86b9bef..0c59c84041 100644 --- a/crypto/x509v3/Makefile.ssl +++ b/crypto/x509v3/Makefile.ssl @@ -83,7 +83,7 @@ clean: # DO NOT DELETE THIS LINE -- make depend depends on it. -v3_akey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +v3_akey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h v3_akey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h v3_akey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h v3_akey.o: ../../include/openssl/cast.h ../../include/openssl/conf.h @@ -126,7 +126,7 @@ v3_alt.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h v3_alt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h v3_alt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h v3_alt.o: ../../include/openssl/x509v3.h ../cryptlib.h -v3_bcons.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +v3_bcons.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h v3_bcons.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h v3_bcons.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h v3_bcons.o: ../../include/openssl/cast.h ../../include/openssl/conf.h @@ -191,7 +191,7 @@ v3_conf.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h v3_conf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h v3_conf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h v3_conf.o: ../../include/openssl/x509v3.h ../cryptlib.h -v3_cpols.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +v3_cpols.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h v3_cpols.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h v3_cpols.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h v3_cpols.o: ../../include/openssl/cast.h ../../include/openssl/conf.h @@ -213,7 +213,7 @@ v3_cpols.o: ../../include/openssl/sha.h ../../include/openssl/stack.h v3_cpols.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h v3_cpols.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h v3_cpols.o: ../cryptlib.h -v3_crld.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +v3_crld.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h v3_crld.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h v3_crld.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h v3_crld.o: ../../include/openssl/cast.h ../../include/openssl/conf.h @@ -256,19 +256,19 @@ v3_enum.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h v3_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h v3_enum.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h v3_enum.o: ../../include/openssl/x509v3.h ../cryptlib.h -v3_extku.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -v3_extku.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h -v3_extku.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h -v3_extku.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -v3_extku.o: ../../include/openssl/des.h ../../include/openssl/dh.h -v3_extku.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h -v3_extku.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h -v3_extku.o: ../../include/openssl/err.h ../../include/openssl/evp.h -v3_extku.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h -v3_extku.o: ../../include/openssl/md2.h ../../include/openssl/md4.h -v3_extku.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h -v3_extku.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -v3_extku.o: ../../include/openssl/opensslconf.h +v3_extku.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h +v3_extku.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h +v3_extku.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h +v3_extku.o: ../../include/openssl/cast.h ../../include/openssl/conf.h +v3_extku.o: ../../include/openssl/crypto.h ../../include/openssl/des.h +v3_extku.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h +v3_extku.o: ../../include/openssl/e_os.h ../../include/openssl/e_os.h +v3_extku.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h +v3_extku.o: ../../include/openssl/evp.h ../../include/openssl/idea.h +v3_extku.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h +v3_extku.o: ../../include/openssl/md4.h ../../include/openssl/md5.h +v3_extku.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h +v3_extku.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h v3_extku.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h v3_extku.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h v3_extku.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h @@ -278,7 +278,7 @@ v3_extku.o: ../../include/openssl/sha.h ../../include/openssl/stack.h v3_extku.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h v3_extku.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h v3_extku.o: ../cryptlib.h -v3_genn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +v3_genn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h v3_genn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h v3_genn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h v3_genn.o: ../../include/openssl/cast.h ../../include/openssl/conf.h @@ -321,7 +321,7 @@ v3_ia5.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h v3_ia5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h v3_ia5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h v3_ia5.o: ../../include/openssl/x509v3.h ../cryptlib.h -v3_info.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +v3_info.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h v3_info.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h v3_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h v3_info.o: ../../include/openssl/cast.h ../../include/openssl/conf.h @@ -385,7 +385,7 @@ v3_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h v3_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h v3_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h v3_lib.o: ../../include/openssl/x509v3.h ../cryptlib.h ext_dat.h -v3_pku.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +v3_pku.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h v3_pku.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h v3_pku.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h v3_pku.o: ../../include/openssl/cast.h ../../include/openssl/conf.h @@ -470,7 +470,7 @@ v3_skey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h v3_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h v3_skey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h v3_skey.o: ../../include/openssl/x509v3.h ../cryptlib.h -v3_sxnet.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h +v3_sxnet.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h v3_sxnet.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h v3_sxnet.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h v3_sxnet.o: ../../include/openssl/cast.h ../../include/openssl/conf.h diff --git a/crypto/x509v3/v3_akey.c b/crypto/x509v3/v3_akey.c index 0889a18993..9ca3c88cd4 100644 --- a/crypto/x509v3/v3_akey.c +++ b/crypto/x509v3/v3_akey.c @@ -60,7 +60,7 @@ #include "cryptlib.h" #include <openssl/conf.h> #include <openssl/asn1.h> -#include <openssl/asn1_mac.h> +#include <openssl/asn1t.h> #include <openssl/x509v3.h> static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, @@ -81,59 +81,13 @@ NULL,NULL, NULL }; +ASN1_SEQUENCE(AUTHORITY_KEYID) = { + ASN1_IMP_OPT(AUTHORITY_KEYID, keyid, ASN1_OCTET_STRING, 0), + ASN1_IMP_SEQUENCE_OF_OPT(AUTHORITY_KEYID, issuer, GENERAL_NAME, 1), + ASN1_IMP_OPT(AUTHORITY_KEYID, serial, ASN1_INTEGER, 2) +} ASN1_SEQUENCE_END(AUTHORITY_KEYID); -int i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len_IMP_opt (a->keyid, i2d_ASN1_OCTET_STRING); - M_ASN1_I2D_len_IMP_opt (a->issuer, i2d_GENERAL_NAMES); - M_ASN1_I2D_len_IMP_opt (a->serial, i2d_ASN1_INTEGER); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put_IMP_opt (a->keyid, i2d_ASN1_OCTET_STRING, 0); - M_ASN1_I2D_put_IMP_opt (a->issuer, i2d_GENERAL_NAMES, 1); - M_ASN1_I2D_put_IMP_opt (a->serial, i2d_ASN1_INTEGER, 2); - - M_ASN1_I2D_finish(); -} - -AUTHORITY_KEYID *AUTHORITY_KEYID_new(void) -{ - AUTHORITY_KEYID *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, AUTHORITY_KEYID); - ret->keyid = NULL; - ret->issuer = NULL; - ret->serial = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_AUTHORITY_KEYID_NEW); -} - -AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, unsigned char **pp, - long length) -{ - M_ASN1_D2I_vars(a,AUTHORITY_KEYID *,AUTHORITY_KEYID_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get_IMP_opt (ret->keyid, d2i_ASN1_OCTET_STRING, 0, - V_ASN1_OCTET_STRING); - M_ASN1_D2I_get_IMP_opt (ret->issuer, d2i_GENERAL_NAMES, 1, - V_ASN1_SEQUENCE); - M_ASN1_D2I_get_IMP_opt (ret->serial, d2i_ASN1_INTEGER, 2, - V_ASN1_INTEGER); - M_ASN1_D2I_Finish(a, AUTHORITY_KEYID_free, ASN1_F_D2I_AUTHORITY_KEYID); -} - -void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a) -{ - if (a == NULL) return; - M_ASN1_OCTET_STRING_free(a->keyid); - sk_GENERAL_NAME_pop_free(a->issuer, GENERAL_NAME_free); - M_ASN1_INTEGER_free (a->serial); - OPENSSL_free (a); -} +IMPLEMENT_ASN1_FUNCTIONS(AUTHORITY_KEYID) static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist) @@ -171,7 +125,7 @@ int i; CONF_VALUE *cnf; ASN1_OCTET_STRING *ikeyid = NULL; X509_NAME *isname = NULL; -STACK_OF(GENERAL_NAME) * gens = NULL; +GENERAL_NAMES * gens = NULL; GENERAL_NAME *gen = NULL; ASN1_INTEGER *serial = NULL; X509_EXTENSION *ext; @@ -192,8 +146,6 @@ for(i = 0; i < sk_CONF_VALUE_num(values); i++) { } } - - if(!ctx || !ctx->issuer_cert) { if(ctx && (ctx->flags==CTX_TEST)) return AUTHORITY_KEYID_new(); X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_NO_ISSUER_CERTIFICATE); diff --git a/crypto/x509v3/v3_alt.c b/crypto/x509v3/v3_alt.c index 733919f250..52c4f54679 100644 --- a/crypto/x509v3/v3_alt.c +++ b/crypto/x509v3/v3_alt.c @@ -61,10 +61,10 @@ #include <openssl/conf.h> #include <openssl/x509v3.h> -static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); -static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); -static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens); -static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens); +static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); +static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); +static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens); +static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens); X509V3_EXT_METHOD v3_alt[] = { { NID_subject_alt_name, 0, (X509V3_EXT_NEW)GENERAL_NAMES_new, @@ -87,7 +87,7 @@ NULL, NULL, NULL}, }; STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, - STACK_OF(GENERAL_NAME) *gens, STACK_OF(CONF_VALUE) *ret) + GENERAL_NAMES *gens, STACK_OF(CONF_VALUE) *ret) { int i; GENERAL_NAME *gen; @@ -154,10 +154,10 @@ STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, return ret; } -static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method, +static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) { - STACK_OF(GENERAL_NAME) *gens = NULL; + GENERAL_NAMES *gens = NULL; CONF_VALUE *cnf; int i; if(!(gens = sk_GENERAL_NAME_new_null())) { @@ -184,9 +184,9 @@ static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method, /* Append subject altname of issuer to issuer alt name of subject */ -static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens) +static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens) { - STACK_OF(GENERAL_NAME) *ialt; + GENERAL_NAMES *ialt; GENERAL_NAME *gen; X509_EXTENSION *ext; int i; @@ -219,10 +219,10 @@ static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens) } -static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method, +static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) { - STACK_OF(GENERAL_NAME) *gens = NULL; + GENERAL_NAMES *gens = NULL; CONF_VALUE *cnf; int i; if(!(gens = sk_GENERAL_NAME_new_null())) { @@ -251,7 +251,7 @@ static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method, * GENERAL_NAMES */ -static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens) +static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens) { X509_NAME *nm; ASN1_IA5STRING *email = NULL; @@ -297,11 +297,11 @@ static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens) } -STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method, +GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) { GENERAL_NAME *gen; - STACK_OF(GENERAL_NAME) *gens = NULL; + GENERAL_NAMES *gens = NULL; CONF_VALUE *cnf; int i; if(!(gens = sk_GENERAL_NAME_new_null())) { diff --git a/crypto/x509v3/v3_bcons.c b/crypto/x509v3/v3_bcons.c index c576b8e955..7dc866db7e 100644 --- a/crypto/x509v3/v3_bcons.c +++ b/crypto/x509v3/v3_bcons.c @@ -60,7 +60,7 @@ #include <stdio.h> #include "cryptlib.h" #include <openssl/asn1.h> -#include <openssl/asn1_mac.h> +#include <openssl/asn1t.h> #include <openssl/conf.h> #include <openssl/x509v3.h> @@ -80,51 +80,13 @@ NULL,NULL, NULL }; +ASN1_SEQUENCE(BASIC_CONSTRAINTS) = { + ASN1_OPT(BASIC_CONSTRAINTS, ca, ASN1_FBOOLEAN), + ASN1_OPT(BASIC_CONSTRAINTS, pathlen, ASN1_INTEGER) +} ASN1_SEQUENCE_END(BASIC_CONSTRAINTS); -int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - if(a->ca) M_ASN1_I2D_len (a->ca, i2d_ASN1_BOOLEAN); - M_ASN1_I2D_len (a->pathlen, i2d_ASN1_INTEGER); - - M_ASN1_I2D_seq_total(); - - if (a->ca) M_ASN1_I2D_put (a->ca, i2d_ASN1_BOOLEAN); - M_ASN1_I2D_put (a->pathlen, i2d_ASN1_INTEGER); - M_ASN1_I2D_finish(); -} - -BASIC_CONSTRAINTS *BASIC_CONSTRAINTS_new(void) -{ - BASIC_CONSTRAINTS *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, BASIC_CONSTRAINTS); - ret->ca = 0; - ret->pathlen = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_BASIC_CONSTRAINTS_NEW); -} +IMPLEMENT_ASN1_FUNCTIONS(BASIC_CONSTRAINTS) -BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a, - unsigned char **pp, long length) -{ - M_ASN1_D2I_vars(a,BASIC_CONSTRAINTS *,BASIC_CONSTRAINTS_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - if((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == - (V_ASN1_UNIVERSAL|V_ASN1_BOOLEAN) ) { - M_ASN1_D2I_get_int (ret->ca, d2i_ASN1_BOOLEAN); - } - M_ASN1_D2I_get_opt (ret->pathlen, d2i_ASN1_INTEGER, V_ASN1_INTEGER); - M_ASN1_D2I_Finish(a, BASIC_CONSTRAINTS_free, ASN1_F_D2I_BASIC_CONSTRAINTS); -} - -void BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a) -{ - if (a == NULL) return; - M_ASN1_INTEGER_free (a->pathlen); - OPENSSL_free (a); -} static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method, BASIC_CONSTRAINTS *bcons, STACK_OF(CONF_VALUE) *extlist) diff --git a/crypto/x509v3/v3_cpols.c b/crypto/x509v3/v3_cpols.c index 8203ed7571..47e08c8fb8 100644 --- a/crypto/x509v3/v3_cpols.c +++ b/crypto/x509v3/v3_cpols.c @@ -60,7 +60,7 @@ #include "cryptlib.h" #include <openssl/conf.h> #include <openssl/asn1.h> -#include <openssl/asn1_mac.h> +#include <openssl/asn1t.h> #include <openssl/x509v3.h> /* Certificate policies extension support: this one is a bit complex... */ @@ -88,6 +88,46 @@ NULL, NULL, NULL }; +ASN1_ITEM_TEMPLATE(CERTIFICATEPOLICIES) = + ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, CERTIFICATEPOLICIES, POLICYINFO) +ASN1_ITEM_TEMPLATE_END(CERTIFICATEPOLICIES); + +IMPLEMENT_ASN1_FUNCTIONS(CERTIFICATEPOLICIES) + +ASN1_SEQUENCE(POLICYINFO) = { + ASN1_SIMPLE(POLICYINFO, policyid, ASN1_OBJECT), + ASN1_SEQUENCE_OF_OPT(POLICYINFO, qualifiers, POLICYQUALINFO) +} ASN1_SEQUENCE_END(POLICYINFO); + +IMPLEMENT_ASN1_FUNCTIONS(POLICYINFO) + +ASN1_ADB_TEMPLATE(policydefault) = ASN1_SIMPLE(POLICYQUALINFO, d.other, ASN1_ANY); + +ASN1_ADB(POLICYQUALINFO) = { + ADB_ENTRY(NID_id_qt_cps, ASN1_SIMPLE(POLICYQUALINFO, d.cpsuri, ASN1_IA5STRING)), + ADB_ENTRY(NID_id_qt_unotice, ASN1_SIMPLE(POLICYQUALINFO, d.usernotice, USERNOTICE)) +} ASN1_ADB_END(POLICYQUALINFO, 0, pqualid, 0, &policydefault_tt, NULL); + +ASN1_SEQUENCE(POLICYQUALINFO) = { + ASN1_SIMPLE(POLICYQUALINFO, pqualid, ASN1_OBJECT), + ASN1_ADB_OBJECT(POLICYQUALINFO) +} ASN1_SEQUENCE_END(POLICYQUALINFO); + +IMPLEMENT_ASN1_FUNCTIONS(POLICYQUALINFO) + +ASN1_SEQUENCE(USERNOTICE) = { + ASN1_OPT(USERNOTICE, noticeref, NOTICEREF), + ASN1_OPT(USERNOTICE, exptext, DISPLAYTEXT) +} ASN1_SEQUENCE_END(USERNOTICE); + +IMPLEMENT_ASN1_FUNCTIONS(USERNOTICE) + +ASN1_SEQUENCE(NOTICEREF) = { + ASN1_SIMPLE(NOTICEREF, organization, DISPLAYTEXT), + ASN1_SEQUENCE_OF(NOTICEREF, noticenos, ASN1_INTEGER) +} ASN1_SEQUENCE_END(NOTICEREF); + +IMPLEMENT_ASN1_FUNCTIONS(NOTICEREF) static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *value) @@ -327,83 +367,6 @@ static int i2r_certpol(X509V3_EXT_METHOD *method, STACK_OF(POLICYINFO) *pol, return 1; } - -int i2d_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) *a, unsigned char **pp) -{ - -return i2d_ASN1_SET_OF_POLICYINFO(a, pp, i2d_POLICYINFO, V_ASN1_SEQUENCE, - V_ASN1_UNIVERSAL, IS_SEQUENCE);} - -STACK_OF(POLICYINFO) *CERTIFICATEPOLICIES_new(void) -{ - return sk_POLICYINFO_new_null(); -} - -void CERTIFICATEPOLICIES_free(STACK_OF(POLICYINFO) *a) -{ - sk_POLICYINFO_pop_free(a, POLICYINFO_free); -} - -STACK_OF(POLICYINFO) *d2i_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) **a, - unsigned char **pp,long length) -{ -return d2i_ASN1_SET_OF_POLICYINFO(a, pp, length, d2i_POLICYINFO, - POLICYINFO_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); - -} - -IMPLEMENT_STACK_OF(POLICYINFO) -IMPLEMENT_ASN1_SET_OF(POLICYINFO) - -int i2d_POLICYINFO(POLICYINFO *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len (a->policyid, i2d_ASN1_OBJECT); - M_ASN1_I2D_len_SEQUENCE_type(POLICYQUALINFO, a->qualifiers, - i2d_POLICYQUALINFO); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put (a->policyid, i2d_ASN1_OBJECT); - M_ASN1_I2D_put_SEQUENCE_type(POLICYQUALINFO, a->qualifiers, - i2d_POLICYQUALINFO); - - M_ASN1_I2D_finish(); -} - -POLICYINFO *POLICYINFO_new(void) -{ - POLICYINFO *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, POLICYINFO); - ret->policyid = NULL; - ret->qualifiers = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_POLICYINFO_NEW); -} - -POLICYINFO *d2i_POLICYINFO(POLICYINFO **a, unsigned char **pp,long length) -{ - M_ASN1_D2I_vars(a,POLICYINFO *,POLICYINFO_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->policyid, d2i_ASN1_OBJECT); - if(!M_ASN1_D2I_end_sequence()) { - M_ASN1_D2I_get_seq_type (POLICYQUALINFO, ret->qualifiers, - d2i_POLICYQUALINFO, POLICYQUALINFO_free); - } - M_ASN1_D2I_Finish(a, POLICYINFO_free, ASN1_F_D2I_POLICYINFO); -} - -void POLICYINFO_free(POLICYINFO *a) -{ - if (a == NULL) return; - ASN1_OBJECT_free(a->policyid); - sk_POLICYQUALINFO_pop_free(a->qualifiers, POLICYQUALINFO_free); - OPENSSL_free (a); -} - static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals, int indent) { @@ -459,202 +422,4 @@ static void print_notice(BIO *out, USERNOTICE *notice, int indent) BIO_printf(out, "%*sExplicit Text: %s\n", indent, "", notice->exptext->data); } - - - -int i2d_POLICYQUALINFO(POLICYQUALINFO *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len (a->pqualid, i2d_ASN1_OBJECT); - switch(OBJ_obj2nid(a->pqualid)) { - case NID_id_qt_cps: - M_ASN1_I2D_len(a->d.cpsuri, i2d_ASN1_IA5STRING); - break; - - case NID_id_qt_unotice: - M_ASN1_I2D_len(a->d.usernotice, i2d_USERNOTICE); - break; - - default: - M_ASN1_I2D_len(a->d.other, i2d_ASN1_TYPE); - break; - } - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put (a->pqualid, i2d_ASN1_OBJECT); - switch(OBJ_obj2nid(a->pqualid)) { - case NID_id_qt_cps: - M_ASN1_I2D_put(a->d.cpsuri, i2d_ASN1_IA5STRING); - break; - - case NID_id_qt_unotice: - M_ASN1_I2D_put(a->d.usernotice, i2d_USERNOTICE); - break; - - default: - M_ASN1_I2D_put(a->d.other, i2d_ASN1_TYPE); - break; - } - - M_ASN1_I2D_finish(); -} - -POLICYQUALINFO *POLICYQUALINFO_new(void) -{ - POLICYQUALINFO *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, POLICYQUALINFO); - ret->pqualid = NULL; - ret->d.other = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_POLICYQUALINFO_NEW); -} - -POLICYQUALINFO *d2i_POLICYQUALINFO(POLICYQUALINFO **a, unsigned char **pp, - long length) -{ - M_ASN1_D2I_vars(a,POLICYQUALINFO *,POLICYQUALINFO_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get (ret->pqualid, d2i_ASN1_OBJECT); - switch(OBJ_obj2nid(ret->pqualid)) { - case NID_id_qt_cps: - M_ASN1_D2I_get(ret->d.cpsuri, d2i_ASN1_IA5STRING); - break; - - case NID_id_qt_unotice: - M_ASN1_D2I_get(ret->d.usernotice, d2i_USERNOTICE); - break; - - default: - M_ASN1_D2I_get(ret->d.other, d2i_ASN1_TYPE); - break; - } - M_ASN1_D2I_Finish(a, POLICYQUALINFO_free, ASN1_F_D2I_POLICYQUALINFO); -} - -void POLICYQUALINFO_free(POLICYQUALINFO *a) -{ - if (a == NULL) return; - switch(OBJ_obj2nid(a->pqualid)) { - case NID_id_qt_cps: - M_ASN1_IA5STRING_free(a->d.cpsuri); - break; - - case NID_id_qt_unotice: - USERNOTICE_free(a->d.usernotice); - break; - - default: - ASN1_TYPE_free(a->d.other); - break; - } - - ASN1_OBJECT_free(a->pqualid); - OPENSSL_free (a); -} - -int i2d_USERNOTICE(USERNOTICE *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len (a->noticeref, i2d_NOTICEREF); - M_ASN1_I2D_len (a->exptext, i2d_DISPLAYTEXT); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put (a->noticeref, i2d_NOTICEREF); - M_ASN1_I2D_put (a->exptext, i2d_DISPLAYTEXT); - - M_ASN1_I2D_finish(); -} - -USERNOTICE *USERNOTICE_new(void) -{ - USERNOTICE *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, USERNOTICE); - ret->noticeref = NULL; - ret->exptext = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_USERNOTICE_NEW); -} - -USERNOTICE *d2i_USERNOTICE(USERNOTICE **a, unsigned char **pp,long length) -{ - M_ASN1_D2I_vars(a,USERNOTICE *,USERNOTICE_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get_opt(ret->noticeref, d2i_NOTICEREF, V_ASN1_SEQUENCE); - if (!M_ASN1_D2I_end_sequence()) { - M_ASN1_D2I_get(ret->exptext, d2i_DISPLAYTEXT); - } - M_ASN1_D2I_Finish(a, USERNOTICE_free, ASN1_F_D2I_USERNOTICE); -} - -void USERNOTICE_free(USERNOTICE *a) -{ - if (a == NULL) return; - NOTICEREF_free(a->noticeref); - M_DISPLAYTEXT_free(a->exptext); - OPENSSL_free (a); -} - -int i2d_NOTICEREF(NOTICEREF *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len (a->organization, i2d_DISPLAYTEXT); - M_ASN1_I2D_len_SEQUENCE_type(ASN1_INTEGER, a->noticenos, - i2d_ASN1_INTEGER); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put (a->organization, i2d_DISPLAYTEXT); - M_ASN1_I2D_put_SEQUENCE_type(ASN1_INTEGER, a->noticenos, - i2d_ASN1_INTEGER); - - M_ASN1_I2D_finish(); -} - -NOTICEREF *NOTICEREF_new(void) -{ - NOTICEREF *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, NOTICEREF); - ret->organization = NULL; - ret->noticenos = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_NOTICEREF_NEW); -} - -NOTICEREF *d2i_NOTICEREF(NOTICEREF **a, unsigned char **pp,long length) -{ - M_ASN1_D2I_vars(a,NOTICEREF *,NOTICEREF_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - /* This is to cope with some broken encodings that use IA5STRING for - * the organization field - */ - M_ASN1_D2I_get_opt(ret->organization, d2i_ASN1_IA5STRING, - V_ASN1_IA5STRING); - if(!ret->organization) { - M_ASN1_D2I_get(ret->organization, d2i_DISPLAYTEXT); - } - M_ASN1_D2I_get_seq_type(ASN1_INTEGER, ret->noticenos, d2i_ASN1_INTEGER, - ASN1_STRING_free); - M_ASN1_D2I_Finish(a, NOTICEREF_free, ASN1_F_D2I_NOTICEREF); -} - -void NOTICEREF_free(NOTICEREF *a) -{ - if (a == NULL) return; - M_DISPLAYTEXT_free(a->organization); - sk_ASN1_INTEGER_pop_free(a->noticenos, ASN1_STRING_free); - OPENSSL_free (a); -} -IMPLEMENT_STACK_OF(POLICYQUALINFO) -IMPLEMENT_ASN1_SET_OF(POLICYQUALINFO) diff --git a/crypto/x509v3/v3_crld.c b/crypto/x509v3/v3_crld.c index 67feea4017..b1963a26e4 100644 --- a/crypto/x509v3/v3_crld.c +++ b/crypto/x509v3/v3_crld.c @@ -60,7 +60,7 @@ #include "cryptlib.h" #include <openssl/conf.h> #include <openssl/asn1.h> -#include <openssl/asn1_mac.h> +#include <openssl/asn1t.h> #include <openssl/x509v3.h> static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method, @@ -87,16 +87,16 @@ static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method, int i; for(i = 0; i < sk_DIST_POINT_num(crld); i++) { point = sk_DIST_POINT_value(crld, i); - if(point->distpoint && point->distpoint->fullname) { - exts = i2v_GENERAL_NAMES(NULL, - point->distpoint->fullname, exts); + if(point->distpoint) { + if(point->distpoint->type == 0) + exts = i2v_GENERAL_NAMES(NULL, + point->distpoint->name.fullname, exts); + else X509V3_add_value("RelativeName","<UNSUPPORTED>", &exts); } if(point->reasons) X509V3_add_value("reasons","<UNSUPPORTED>", &exts); if(point->CRLissuer) X509V3_add_value("CRLissuer","<UNSUPPORTED>", &exts); - if(point->distpoint && point->distpoint->relativename) - X509V3_add_value("RelativeName","<UNSUPPORTED>", &exts); } return exts; } @@ -105,7 +105,7 @@ static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) { STACK_OF(DIST_POINT) *crld = NULL; - STACK_OF(GENERAL_NAME) *gens = NULL; + GENERAL_NAMES *gens = NULL; GENERAL_NAME *gen = NULL; CONF_VALUE *cnf; int i; @@ -123,7 +123,8 @@ static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method, goto merr; } if(!(point->distpoint = DIST_POINT_NAME_new())) goto merr; - point->distpoint->fullname = gens; + point->distpoint->name.fullname = gens; + point->distpoint->type = 0; gens = NULL; } return crld; @@ -137,149 +138,27 @@ static STACK_OF(DIST_POINT) *v2i_crld(X509V3_EXT_METHOD *method, return NULL; } -int i2d_CRL_DIST_POINTS(STACK_OF(DIST_POINT) *a, unsigned char **pp) -{ - -return i2d_ASN1_SET_OF_DIST_POINT(a, pp, i2d_DIST_POINT, V_ASN1_SEQUENCE, - V_ASN1_UNIVERSAL, IS_SEQUENCE);} - -STACK_OF(DIST_POINT) *CRL_DIST_POINTS_new(void) -{ - return sk_DIST_POINT_new_null(); -} - -void CRL_DIST_POINTS_free(STACK_OF(DIST_POINT) *a) -{ - sk_DIST_POINT_pop_free(a, DIST_POINT_free); -} - -STACK_OF(DIST_POINT) *d2i_CRL_DIST_POINTS(STACK_OF(DIST_POINT) **a, - unsigned char **pp,long length) -{ -return d2i_ASN1_SET_OF_DIST_POINT(a, pp, length, d2i_DIST_POINT, - DIST_POINT_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); - -} - IMPLEMENT_STACK_OF(DIST_POINT) IMPLEMENT_ASN1_SET_OF(DIST_POINT) -int i2d_DIST_POINT(DIST_POINT *a, unsigned char **pp) -{ - int v = 0; - M_ASN1_I2D_vars(a); - /* NB: underlying type is a CHOICE so need EXPLICIT tagging */ - M_ASN1_I2D_len_EXP_opt (a->distpoint, i2d_DIST_POINT_NAME, 0, v); - M_ASN1_I2D_len_IMP_opt (a->reasons, i2d_ASN1_BIT_STRING); - M_ASN1_I2D_len_IMP_opt (a->CRLissuer, i2d_GENERAL_NAMES); - M_ASN1_I2D_seq_total(); +ASN1_CHOICE(DIST_POINT_NAME) = { + ASN1_IMP_SEQUENCE_OF(DIST_POINT_NAME, name.fullname, GENERAL_NAME, 0), + ASN1_IMP_SET_OF(DIST_POINT_NAME, name.relativename, X509_NAME_ENTRY, 1) +} ASN1_CHOICE_END(DIST_POINT_NAME); - M_ASN1_I2D_put_EXP_opt (a->distpoint, i2d_DIST_POINT_NAME, 0, v); - M_ASN1_I2D_put_IMP_opt (a->reasons, i2d_ASN1_BIT_STRING, 1); - M_ASN1_I2D_put_IMP_opt (a->CRLissuer, i2d_GENERAL_NAMES, 2); +IMPLEMENT_ASN1_FUNCTIONS(DIST_POINT_NAME) - M_ASN1_I2D_finish(); -} +ASN1_SEQUENCE(DIST_POINT) = { + ASN1_EXP_OPT(DIST_POINT, distpoint, DIST_POINT_NAME, 0), + ASN1_IMP_OPT(DIST_POINT, reasons, ASN1_BIT_STRING, 1), + ASN1_IMP_SEQUENCE_OF_OPT(DIST_POINT, distpoint, GENERAL_NAME, 2) +} ASN1_SEQUENCE_END(DIST_POINT); -DIST_POINT *DIST_POINT_new(void) -{ - DIST_POINT *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, DIST_POINT); - ret->distpoint = NULL; - ret->reasons = NULL; - ret->CRLissuer = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_DIST_POINT_NEW); -} +IMPLEMENT_ASN1_FUNCTIONS(DIST_POINT) -DIST_POINT *d2i_DIST_POINT(DIST_POINT **a, unsigned char **pp, long length) -{ - M_ASN1_D2I_vars(a,DIST_POINT *,DIST_POINT_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get_EXP_opt (ret->distpoint, d2i_DIST_POINT_NAME, 0); - M_ASN1_D2I_get_IMP_opt (ret->reasons, d2i_ASN1_BIT_STRING, 1, - V_ASN1_BIT_STRING); - M_ASN1_D2I_get_IMP_opt (ret->CRLissuer, d2i_GENERAL_NAMES, 2, - V_ASN1_SEQUENCE); - M_ASN1_D2I_Finish(a, DIST_POINT_free, ASN1_F_D2I_DIST_POINT); -} +ASN1_ITEM_TEMPLATE(CRL_DIST_POINTS) = + ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, DIST_POINT, DIST_POINT) +ASN1_ITEM_TEMPLATE_END(CRL_DIST_POINTS); -void DIST_POINT_free(DIST_POINT *a) -{ - if (a == NULL) return; - DIST_POINT_NAME_free(a->distpoint); - M_ASN1_BIT_STRING_free(a->reasons); - sk_GENERAL_NAME_pop_free(a->CRLissuer, GENERAL_NAME_free); - OPENSSL_free (a); -} - -int i2d_DIST_POINT_NAME(DIST_POINT_NAME *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - - if(a->fullname) { - M_ASN1_I2D_len_IMP_opt (a->fullname, i2d_GENERAL_NAMES); - } else { - M_ASN1_I2D_len_IMP_SET_opt_type(X509_NAME_ENTRY, - a->relativename, i2d_X509_NAME_ENTRY, 1); - } - - /* Don't want a SEQUENCE so... */ - if(pp == NULL) return ret; - p = *pp; - - if(a->fullname) { - M_ASN1_I2D_put_IMP_opt (a->fullname, i2d_GENERAL_NAMES, 0); - } else { - M_ASN1_I2D_put_IMP_SET_opt_type(X509_NAME_ENTRY, - a->relativename, i2d_X509_NAME_ENTRY, 1); - } - M_ASN1_I2D_finish(); -} - -DIST_POINT_NAME *DIST_POINT_NAME_new(void) -{ - DIST_POINT_NAME *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, DIST_POINT_NAME); - ret->fullname = NULL; - ret->relativename = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_DIST_POINT_NAME_NEW); -} - -void DIST_POINT_NAME_free(DIST_POINT_NAME *a) -{ - if (a == NULL) return; - sk_X509_NAME_ENTRY_pop_free(a->relativename, X509_NAME_ENTRY_free); - sk_GENERAL_NAME_pop_free(a->fullname, GENERAL_NAME_free); - OPENSSL_free (a); -} - -DIST_POINT_NAME *d2i_DIST_POINT_NAME(DIST_POINT_NAME **a, unsigned char **pp, - long length) -{ - unsigned char _tmp, tag; - M_ASN1_D2I_vars(a,DIST_POINT_NAME *,DIST_POINT_NAME_new); - M_ASN1_D2I_Init(); - c.slen = length; - - _tmp = M_ASN1_next; - tag = _tmp & ~V_ASN1_CONSTRUCTED; - - if(tag == (0|V_ASN1_CONTEXT_SPECIFIC)) { - M_ASN1_D2I_get_imp(ret->fullname, d2i_GENERAL_NAMES, - V_ASN1_SEQUENCE); - } else if (tag == (1|V_ASN1_CONTEXT_SPECIFIC)) { - M_ASN1_D2I_get_IMP_set_opt_type (X509_NAME_ENTRY, - ret->relativename, d2i_X509_NAME_ENTRY, X509_NAME_ENTRY_free, 1); - } else { - c.error = ASN1_R_BAD_TAG; - goto err; - } - - M_ASN1_D2I_Finish(a, DIST_POINT_NAME_free, ASN1_F_D2I_DIST_POINT_NAME); -} +IMPLEMENT_ASN1_FUNCTIONS(CRL_DIST_POINTS) diff --git a/crypto/x509v3/v3_extku.c b/crypto/x509v3/v3_extku.c index 53ec40a027..0b7bb77a46 100644 --- a/crypto/x509v3/v3_extku.c +++ b/crypto/x509v3/v3_extku.c @@ -59,55 +59,36 @@ #include <stdio.h> #include "cryptlib.h" -#include <openssl/asn1.h> +#include <openssl/asn1t.h> #include <openssl/conf.h> #include <openssl/x509v3.h> -static STACK_OF(ASN1_OBJECT) *v2i_ext_ku(X509V3_EXT_METHOD *method, +static EXTENDED_KEY_USAGE *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); -static STACK_OF(CONF_VALUE) *i2v_ext_ku(X509V3_EXT_METHOD *method, - STACK_OF(ASN1_OBJECT) *eku, STACK_OF(CONF_VALUE) *extlist); +static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method, + EXTENDED_KEY_USAGE *eku, STACK_OF(CONF_VALUE) *extlist); + X509V3_EXT_METHOD v3_ext_ku = { NID_ext_key_usage, 0, -(X509V3_EXT_NEW)ext_ku_new, -(X509V3_EXT_FREE)ext_ku_free, -(X509V3_EXT_D2I)d2i_ext_ku, -(X509V3_EXT_I2D)i2d_ext_ku, +(X509V3_EXT_NEW)EXTENDED_KEY_USAGE_new, +(X509V3_EXT_FREE)EXTENDED_KEY_USAGE_free, +(X509V3_EXT_D2I)d2i_EXTENDED_KEY_USAGE, +(X509V3_EXT_I2D)i2d_EXTENDED_KEY_USAGE, NULL, NULL, -(X509V3_EXT_I2V)i2v_ext_ku, -(X509V3_EXT_V2I)v2i_ext_ku, +(X509V3_EXT_I2V)i2v_EXTENDED_KEY_USAGE, +(X509V3_EXT_V2I)v2i_EXTENDED_KEY_USAGE, NULL,NULL, NULL }; -STACK_OF(ASN1_OBJECT) *ext_ku_new(void) -{ - return sk_ASN1_OBJECT_new_null(); -} - -void ext_ku_free(STACK_OF(ASN1_OBJECT) *eku) -{ - sk_ASN1_OBJECT_pop_free(eku, ASN1_OBJECT_free); - return; -} - -int i2d_ext_ku(STACK_OF(ASN1_OBJECT) *a, unsigned char **pp) -{ - return i2d_ASN1_SET_OF_ASN1_OBJECT(a, pp, i2d_ASN1_OBJECT, - V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE); -} - -STACK_OF(ASN1_OBJECT) *d2i_ext_ku(STACK_OF(ASN1_OBJECT) **a, - unsigned char **pp, long length) -{ - return d2i_ASN1_SET_OF_ASN1_OBJECT(a, pp, length, d2i_ASN1_OBJECT, - ASN1_OBJECT_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); -} - +ASN1_ITEM_TEMPLATE(EXTENDED_KEY_USAGE) = + ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, EXTENDED_KEY_USAGE, ASN1_OBJECT) +ASN1_ITEM_TEMPLATE_END(EXTENDED_KEY_USAGE); +IMPLEMENT_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE) -static STACK_OF(CONF_VALUE) *i2v_ext_ku(X509V3_EXT_METHOD *method, - STACK_OF(ASN1_OBJECT) *eku, STACK_OF(CONF_VALUE) *ext_list) +static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method, + EXTENDED_KEY_USAGE *eku, STACK_OF(CONF_VALUE) *ext_list) { int i; ASN1_OBJECT *obj; @@ -120,10 +101,10 @@ for(i = 0; i < sk_ASN1_OBJECT_num(eku); i++) { return ext_list; } -static STACK_OF(ASN1_OBJECT) *v2i_ext_ku(X509V3_EXT_METHOD *method, +static EXTENDED_KEY_USAGE *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) { -STACK_OF(ASN1_OBJECT) *extku; +EXTENDED_KEY_USAGE *extku; char *extval; ASN1_OBJECT *objtmp; CONF_VALUE *val; diff --git a/crypto/x509v3/v3_genn.c b/crypto/x509v3/v3_genn.c index d44751458e..dc5ceb09e1 100644 --- a/crypto/x509v3/v3_genn.c +++ b/crypto/x509v3/v3_genn.c @@ -59,233 +59,43 @@ #include <stdio.h> #include "cryptlib.h" -#include <openssl/asn1.h> -#include <openssl/asn1_mac.h> +#include <openssl/asn1t.h> #include <openssl/conf.h> #include <openssl/x509v3.h> -int i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **pp) -{ - unsigned char *p; - int ret; - - ret = 0; - - /* Save the location of initial TAG */ - if(pp) p = *pp; - else p = NULL; - - /* GEN_DNAME needs special treatment because of EXPLICIT tag */ - - if(a->type == GEN_DIRNAME) { - int v = 0; - M_ASN1_I2D_len_EXP_opt(a->d.dirn, i2d_X509_NAME, 4, v); - if(!p) return ret; - M_ASN1_I2D_put_EXP_opt(a->d.dirn, i2d_X509_NAME, 4, v); - *pp = p; - return ret; - } - - switch(a->type) { - - case GEN_X400: - case GEN_EDIPARTY: - ret = i2d_ASN1_TYPE(a->d.other, pp); - break; - - case GEN_OTHERNAME: - ret = i2d_OTHERNAME(a->d.otherName, pp); - break; - - case GEN_EMAIL: - case GEN_DNS: - case GEN_URI: - ret = i2d_ASN1_IA5STRING(a->d.ia5, pp); - break; - - case GEN_IPADD: - ret = i2d_ASN1_OCTET_STRING(a->d.ip, pp); - break; - - case GEN_RID: - ret = i2d_ASN1_OBJECT(a->d.rid, pp); - break; - } - /* Replace TAG with IMPLICIT value */ - if(p) *p = (*p & V_ASN1_CONSTRUCTED) | a->type; - return ret; -} - -GENERAL_NAME *GENERAL_NAME_new() -{ - GENERAL_NAME *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, GENERAL_NAME); - ret->type = -1; - ret->d.ptr = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_GENERAL_NAME_NEW); -} - -GENERAL_NAME *d2i_GENERAL_NAME(GENERAL_NAME **a, unsigned char **pp, - long length) -{ - unsigned char _tmp; - M_ASN1_D2I_vars(a,GENERAL_NAME *,GENERAL_NAME_new); - M_ASN1_D2I_Init(); - c.slen = length; - - _tmp = M_ASN1_next; - ret->type = _tmp & ~V_ASN1_CONSTRUCTED; - - switch(ret->type) { - /* Just put these in a "blob" for now */ - case GEN_X400: - case GEN_EDIPARTY: - M_ASN1_D2I_get_imp(ret->d.other, d2i_ASN1_TYPE,V_ASN1_SEQUENCE); - break; - - case GEN_OTHERNAME: - M_ASN1_D2I_get_imp(ret->d.otherName, d2i_OTHERNAME,V_ASN1_SEQUENCE); - break; - - case GEN_EMAIL: - case GEN_DNS: - case GEN_URI: - M_ASN1_D2I_get_imp(ret->d.ia5, d2i_ASN1_IA5STRING, - V_ASN1_IA5STRING); - break; - - case GEN_DIRNAME: - M_ASN1_D2I_get_EXP_opt(ret->d.dirn, d2i_X509_NAME, 4); - break; - - case GEN_IPADD: - M_ASN1_D2I_get_imp(ret->d.ip, d2i_ASN1_OCTET_STRING, - V_ASN1_OCTET_STRING); - break; - - case GEN_RID: - M_ASN1_D2I_get_imp(ret->d.rid, d2i_ASN1_OBJECT,V_ASN1_OBJECT); - break; - - default: - c.error = ASN1_R_BAD_TAG; - goto err; - } - - c.slen = 0; - M_ASN1_D2I_Finish(a, GENERAL_NAME_free, ASN1_F_D2I_GENERAL_NAME); -} - -void GENERAL_NAME_free(GENERAL_NAME *a) -{ - if (a == NULL) return; - switch(a->type) { - case GEN_X400: - case GEN_EDIPARTY: - ASN1_TYPE_free(a->d.other); - break; - - case GEN_OTHERNAME: - OTHERNAME_free(a->d.otherName); - break; - - case GEN_EMAIL: - case GEN_DNS: - case GEN_URI: - - M_ASN1_IA5STRING_free(a->d.ia5); - break; - - case GEN_DIRNAME: - X509_NAME_free(a->d.dirn); - break; - - case GEN_IPADD: - M_ASN1_OCTET_STRING_free(a->d.ip); - break; - - case GEN_RID: - ASN1_OBJECT_free(a->d.rid); - break; - - } - OPENSSL_free (a); -} - -/* Now the GeneralNames versions: a SEQUENCE OF GeneralName. These are needed as - * explicit functions. - */ - -STACK_OF(GENERAL_NAME) *GENERAL_NAMES_new() -{ - return sk_GENERAL_NAME_new_null(); -} - -void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *a) -{ - sk_GENERAL_NAME_pop_free(a, GENERAL_NAME_free); -} - -STACK_OF(GENERAL_NAME) *d2i_GENERAL_NAMES(STACK_OF(GENERAL_NAME) **a, - unsigned char **pp, long length) -{ -return d2i_ASN1_SET_OF_GENERAL_NAME(a, pp, length, d2i_GENERAL_NAME, - GENERAL_NAME_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); -} - -int i2d_GENERAL_NAMES(STACK_OF(GENERAL_NAME) *a, unsigned char **pp) -{ -return i2d_ASN1_SET_OF_GENERAL_NAME(a, pp, i2d_GENERAL_NAME, V_ASN1_SEQUENCE, - V_ASN1_UNIVERSAL, IS_SEQUENCE); -} - -IMPLEMENT_STACK_OF(GENERAL_NAME) -IMPLEMENT_ASN1_SET_OF(GENERAL_NAME) - -int i2d_OTHERNAME(OTHERNAME *a, unsigned char **pp) -{ - int v = 0; - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->type_id, i2d_ASN1_OBJECT); - M_ASN1_I2D_len_EXP_opt(a->value, i2d_ASN1_TYPE, 0, v); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->type_id, i2d_ASN1_OBJECT); - M_ASN1_I2D_put_EXP_opt(a->value, i2d_ASN1_TYPE, 0, v); - - M_ASN1_I2D_finish(); -} - -OTHERNAME *OTHERNAME_new(void) -{ - OTHERNAME *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, OTHERNAME); - ret->type_id = OBJ_nid2obj(NID_undef); - M_ASN1_New(ret->value, ASN1_TYPE_new); - return (ret); - M_ASN1_New_Error(ASN1_F_OTHERNAME_NEW); -} - -OTHERNAME *d2i_OTHERNAME(OTHERNAME **a, unsigned char **pp, long length) -{ - M_ASN1_D2I_vars(a,OTHERNAME *,OTHERNAME_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->type_id, d2i_ASN1_OBJECT); - M_ASN1_D2I_get_EXP_opt(ret->value, d2i_ASN1_TYPE, 0); - M_ASN1_D2I_Finish(a, OTHERNAME_free, ASN1_F_D2I_OTHERNAME); -} - -void OTHERNAME_free(OTHERNAME *a) -{ - if (a == NULL) return; - ASN1_OBJECT_free(a->type_id); - ASN1_TYPE_free(a->value); - OPENSSL_free (a); -} - +ASN1_SEQUENCE(OTHERNAME) = { + ASN1_SIMPLE(OTHERNAME, type_id, ASN1_OBJECT), + /* Maybe have a true ANY DEFINED BY later */ + ASN1_EXP(OTHERNAME, value, ASN1_ANY, 0) +} ASN1_SEQUENCE_END(OTHERNAME); + +IMPLEMENT_ASN1_FUNCTIONS(OTHERNAME) + +ASN1_SEQUENCE(EDIPARTYNAME) = { + ASN1_IMP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0), + ASN1_IMP_OPT(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1) +} ASN1_SEQUENCE_END(EDIPARTYNAME); + +IMPLEMENT_ASN1_FUNCTIONS(EDIPARTYNAME) + +ASN1_CHOICE(GENERAL_NAME) = { + ASN1_IMP(GENERAL_NAME, d.otherName, OTHERNAME, GEN_OTHERNAME), + ASN1_IMP(GENERAL_NAME, d.rfc822Name, ASN1_IA5STRING, GEN_EMAIL), + ASN1_IMP(GENERAL_NAME, d.dNSName, ASN1_IA5STRING, GEN_DNS), + /* Don't decode this */ + ASN1_IMP(GENERAL_NAME, d.x400Address, ASN1_SEQUENCE, GEN_X400), + /* X509_NAME is a CHOICE type so use EXPLICIT */ + ASN1_EXP(GENERAL_NAME, d.directoryName, X509_NAME, GEN_DIRNAME), + ASN1_IMP(GENERAL_NAME, d.ediPartyName, EDIPARTYNAME, GEN_EDIPARTY), + ASN1_IMP(GENERAL_NAME, d.uniformResourceIdentifier, ASN1_IA5STRING, GEN_URI), + ASN1_IMP(GENERAL_NAME, d.iPAddress, ASN1_OCTET_STRING, GEN_IPADD), + ASN1_IMP(GENERAL_NAME, d.registeredID, ASN1_OBJECT, GEN_RID) +} ASN1_CHOICE_END(GENERAL_NAME); + +IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAME) + +ASN1_ITEM_TEMPLATE(GENERAL_NAMES) = + ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, GENERAL_NAME) +ASN1_ITEM_TEMPLATE_END(GENERAL_NAMES); + +IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAMES) diff --git a/crypto/x509v3/v3_info.c b/crypto/x509v3/v3_info.c index 44d95a6205..35d95ad51c 100644 --- a/crypto/x509v3/v3_info.c +++ b/crypto/x509v3/v3_info.c @@ -60,13 +60,13 @@ #include "cryptlib.h" #include <openssl/conf.h> #include <openssl/asn1.h> -#include <openssl/asn1_mac.h> +#include <openssl/asn1t.h> #include <openssl/x509v3.h> static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, - STACK_OF(ACCESS_DESCRIPTION) *ainfo, + AUTHORITY_INFO_ACCESS *ainfo, STACK_OF(CONF_VALUE) *ret); -static STACK_OF(ACCESS_DESCRIPTION) *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, +static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); X509V3_EXT_METHOD v3_info = @@ -80,8 +80,21 @@ NULL, NULL, (X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS, NULL, NULL, NULL}; +ASN1_SEQUENCE(ACCESS_DESCRIPTION) = { + ASN1_SIMPLE(ACCESS_DESCRIPTION, method, ASN1_OBJECT), + ASN1_SIMPLE(ACCESS_DESCRIPTION, location, GENERAL_NAME) +} ASN1_SEQUENCE_END(ACCESS_DESCRIPTION); + +IMPLEMENT_ASN1_FUNCTIONS(ACCESS_DESCRIPTION) + +ASN1_ITEM_TEMPLATE(AUTHORITY_INFO_ACCESS) = + ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, ACCESS_DESCRIPTION) +ASN1_ITEM_TEMPLATE_END(AUTHORITY_INFO_ACCESS); + +IMPLEMENT_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS) + static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, - STACK_OF(ACCESS_DESCRIPTION) *ainfo, + AUTHORITY_INFO_ACCESS *ainfo, STACK_OF(CONF_VALUE) *ret) { ACCESS_DESCRIPTION *desc; @@ -111,10 +124,10 @@ static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method return ret; } -static STACK_OF(ACCESS_DESCRIPTION) *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, +static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval) { - STACK_OF(ACCESS_DESCRIPTION) *ainfo = NULL; + AUTHORITY_INFO_ACCESS *ainfo = NULL; CONF_VALUE *cnf, ctmp; ACCESS_DESCRIPTION *acc; int i, objlen; @@ -162,51 +175,6 @@ static STACK_OF(ACCESS_DESCRIPTION) *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD return NULL; } -int i2d_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len(a->method, i2d_ASN1_OBJECT); - M_ASN1_I2D_len(a->location, i2d_GENERAL_NAME); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put(a->method, i2d_ASN1_OBJECT); - M_ASN1_I2D_put(a->location, i2d_GENERAL_NAME); - - M_ASN1_I2D_finish(); -} - -ACCESS_DESCRIPTION *ACCESS_DESCRIPTION_new(void) -{ - ACCESS_DESCRIPTION *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, ACCESS_DESCRIPTION); - ret->method = OBJ_nid2obj(NID_undef); - ret->location = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_ACCESS_DESCRIPTION_NEW); -} - -ACCESS_DESCRIPTION *d2i_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION **a, unsigned char **pp, - long length) -{ - M_ASN1_D2I_vars(a,ACCESS_DESCRIPTION *,ACCESS_DESCRIPTION_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->method, d2i_ASN1_OBJECT); - M_ASN1_D2I_get(ret->location, d2i_GENERAL_NAME); - M_ASN1_D2I_Finish(a, ACCESS_DESCRIPTION_free, ASN1_F_D2I_ACCESS_DESCRIPTION); -} - -void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *a) -{ - if (a == NULL) return; - ASN1_OBJECT_free(a->method); - GENERAL_NAME_free(a->location); - OPENSSL_free (a); -} - int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a) { i2a_ASN1_OBJECT(bp, a->method); @@ -215,31 +183,3 @@ int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a) #endif return 2; } - -STACK_OF(ACCESS_DESCRIPTION) *AUTHORITY_INFO_ACCESS_new(void) -{ - return sk_ACCESS_DESCRIPTION_new_null(); -} - -void AUTHORITY_INFO_ACCESS_free(STACK_OF(ACCESS_DESCRIPTION) *a) -{ - sk_ACCESS_DESCRIPTION_pop_free(a, ACCESS_DESCRIPTION_free); -} - -STACK_OF(ACCESS_DESCRIPTION) *d2i_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) **a, - unsigned char **pp, long length) -{ -return d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(a, pp, length, d2i_ACCESS_DESCRIPTION, - ACCESS_DESCRIPTION_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); -} - -int i2d_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) *a, unsigned char **pp) -{ -return i2d_ASN1_SET_OF_ACCESS_DESCRIPTION(a, pp, i2d_ACCESS_DESCRIPTION, V_ASN1_SEQUENCE, - V_ASN1_UNIVERSAL, IS_SEQUENCE); -} - -IMPLEMENT_STACK_OF(ACCESS_DESCRIPTION) -IMPLEMENT_ASN1_SET_OF(ACCESS_DESCRIPTION) - - diff --git a/crypto/x509v3/v3_pku.c b/crypto/x509v3/v3_pku.c index 47f9e8f123..600db6dab8 100644 --- a/crypto/x509v3/v3_pku.c +++ b/crypto/x509v3/v3_pku.c @@ -59,7 +59,7 @@ #include <stdio.h> #include "cryptlib.h" #include <openssl/asn1.h> -#include <openssl/asn1_mac.h> +#include <openssl/asn1t.h> #include <openssl/x509v3.h> static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *usage, BIO *out, int indent); @@ -77,52 +77,12 @@ NULL, NULL, NULL, NULL, NULL }; -int i2d_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len_IMP_opt (a->notBefore, i2d_ASN1_GENERALIZEDTIME); - M_ASN1_I2D_len_IMP_opt (a->notAfter, i2d_ASN1_GENERALIZEDTIME); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put_IMP_opt (a->notBefore, i2d_ASN1_GENERALIZEDTIME, 0); - M_ASN1_I2D_put_IMP_opt (a->notAfter, i2d_ASN1_GENERALIZEDTIME, 1); - - M_ASN1_I2D_finish(); -} - -PKEY_USAGE_PERIOD *PKEY_USAGE_PERIOD_new(void) -{ - PKEY_USAGE_PERIOD *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, PKEY_USAGE_PERIOD); - ret->notBefore = NULL; - ret->notAfter = NULL; - return (ret); - M_ASN1_New_Error(ASN1_F_PKEY_USAGE_PERIOD_NEW); -} +ASN1_SEQUENCE(PKEY_USAGE_PERIOD) = { + ASN1_IMP_OPT(PKEY_USAGE_PERIOD, notBefore, ASN1_GENERALIZEDTIME, 0), + ASN1_IMP_OPT(PKEY_USAGE_PERIOD, notAfter, ASN1_GENERALIZEDTIME, 1) +} ASN1_SEQUENCE_END(PKEY_USAGE_PERIOD); -PKEY_USAGE_PERIOD *d2i_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD **a, - unsigned char **pp, long length) -{ - M_ASN1_D2I_vars(a,PKEY_USAGE_PERIOD *,PKEY_USAGE_PERIOD_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get_IMP_opt (ret->notBefore, d2i_ASN1_GENERALIZEDTIME, 0, - V_ASN1_GENERALIZEDTIME); - M_ASN1_D2I_get_IMP_opt (ret->notAfter, d2i_ASN1_GENERALIZEDTIME, 1, - V_ASN1_GENERALIZEDTIME); - M_ASN1_D2I_Finish(a, PKEY_USAGE_PERIOD_free, ASN1_F_D2I_PKEY_USAGE_PERIOD); -} - -void PKEY_USAGE_PERIOD_free(PKEY_USAGE_PERIOD *a) -{ - if (a == NULL) return; - M_ASN1_GENERALIZEDTIME_free(a->notBefore); - M_ASN1_GENERALIZEDTIME_free(a->notAfter); - OPENSSL_free (a); -} +IMPLEMENT_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD) static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *usage, BIO *out, int indent) diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c index 867699b26f..717e23d5c6 100644 --- a/crypto/x509v3/v3_purp.c +++ b/crypto/x509v3/v3_purp.c @@ -261,7 +261,7 @@ static void x509v3_cache_extensions(X509 *x) BASIC_CONSTRAINTS *bs; ASN1_BIT_STRING *usage; ASN1_BIT_STRING *ns; - STACK_OF(ASN1_OBJECT) *extusage; + EXTENDED_KEY_USAGE *extusage; int i; if(x->ex_flags & EXFLAG_SET) return; @@ -511,7 +511,7 @@ int X509_check_issued(X509 *issuer, X509 *subject) * There may be more than one but we only take any * notice of the first. */ - STACK_OF(GENERAL_NAME) *gens; + GENERAL_NAMES *gens; GENERAL_NAME *gen; X509_NAME *nm = NULL; int i; diff --git a/crypto/x509v3/v3_sxnet.c b/crypto/x509v3/v3_sxnet.c index bfecacd336..bd38ad52d5 100644 --- a/crypto/x509v3/v3_sxnet.c +++ b/crypto/x509v3/v3_sxnet.c @@ -60,7 +60,7 @@ #include "cryptlib.h" #include <openssl/conf.h> #include <openssl/asn1.h> -#include <openssl/asn1_mac.h> +#include <openssl/asn1t.h> #include <openssl/x509v3.h> /* Support for Thawte strong extranet extension */ @@ -90,94 +90,19 @@ NULL, NULL }; +ASN1_SEQUENCE(SXNETID) = { + ASN1_SIMPLE(SXNETID, zone, ASN1_INTEGER), + ASN1_SIMPLE(SXNETID, user, ASN1_OCTET_STRING) +} ASN1_SEQUENCE_END(SXNETID); -int i2d_SXNET(SXNET *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len (a->version, i2d_ASN1_INTEGER); - M_ASN1_I2D_len_SEQUENCE_type (SXNETID, a->ids, i2d_SXNETID); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put (a->version, i2d_ASN1_INTEGER); - M_ASN1_I2D_put_SEQUENCE_type (SXNETID, a->ids, i2d_SXNETID); +IMPLEMENT_ASN1_FUNCTIONS(SXNETID) - M_ASN1_I2D_finish(); -} - -SXNET *SXNET_new(void) -{ - SXNET *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, SXNET); - M_ASN1_New(ret->version,M_ASN1_INTEGER_new); - M_ASN1_New(ret->ids,sk_SXNETID_new_null); - return (ret); - M_ASN1_New_Error(ASN1_F_SXNET_NEW); -} +ASN1_SEQUENCE(SXNET) = { + ASN1_SIMPLE(SXNET, version, ASN1_INTEGER), + ASN1_SEQUENCE_OF(SXNET, ids, SXNETID) +} ASN1_SEQUENCE_END(SXNET); -SXNET *d2i_SXNET(SXNET **a, unsigned char **pp, long length) -{ - M_ASN1_D2I_vars(a,SXNET *,SXNET_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get (ret->version, d2i_ASN1_INTEGER); - M_ASN1_D2I_get_seq_type (SXNETID, ret->ids, d2i_SXNETID, SXNETID_free); - M_ASN1_D2I_Finish(a, SXNET_free, ASN1_F_D2I_SXNET); -} - -void SXNET_free(SXNET *a) -{ - if (a == NULL) return; - M_ASN1_INTEGER_free(a->version); - sk_SXNETID_pop_free(a->ids, SXNETID_free); - OPENSSL_free (a); -} - -int i2d_SXNETID(SXNETID *a, unsigned char **pp) -{ - M_ASN1_I2D_vars(a); - - M_ASN1_I2D_len (a->zone, i2d_ASN1_INTEGER); - M_ASN1_I2D_len (a->user, i2d_ASN1_OCTET_STRING); - - M_ASN1_I2D_seq_total(); - - M_ASN1_I2D_put (a->zone, i2d_ASN1_INTEGER); - M_ASN1_I2D_put (a->user, i2d_ASN1_OCTET_STRING); - - M_ASN1_I2D_finish(); -} - -SXNETID *SXNETID_new(void) -{ - SXNETID *ret=NULL; - ASN1_CTX c; - M_ASN1_New_Malloc(ret, SXNETID); - ret->zone = NULL; - M_ASN1_New(ret->user,M_ASN1_OCTET_STRING_new); - return (ret); - M_ASN1_New_Error(ASN1_F_SXNETID_NEW); -} - -SXNETID *d2i_SXNETID(SXNETID **a, unsigned char **pp, long length) -{ - M_ASN1_D2I_vars(a,SXNETID *,SXNETID_new); - M_ASN1_D2I_Init(); - M_ASN1_D2I_start_sequence(); - M_ASN1_D2I_get(ret->zone, d2i_ASN1_INTEGER); - M_ASN1_D2I_get(ret->user, d2i_ASN1_OCTET_STRING); - M_ASN1_D2I_Finish(a, SXNETID_free, ASN1_F_D2I_SXNETID); -} - -void SXNETID_free(SXNETID *a) -{ - if (a == NULL) return; - M_ASN1_INTEGER_free(a->zone); - M_ASN1_OCTET_STRING_free(a->user); - OPENSSL_free (a); -} +IMPLEMENT_ASN1_FUNCTIONS(SXNET) static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out, int indent) diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c index 619f161b58..727a93ff51 100644 --- a/crypto/x509v3/v3_utl.c +++ b/crypto/x509v3/v3_utl.c @@ -66,7 +66,7 @@ static char *strip_spaces(char *name); static int sk_strcmp(const char * const *a, const char * const *b); -static STACK *get_email(X509_NAME *name, STACK_OF(GENERAL_NAME) *gens); +static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens); static void str_free(void *str); static int append_ia5(STACK **sk, ASN1_IA5STRING *email); @@ -439,7 +439,7 @@ static int sk_strcmp(const char * const *a, const char * const *b) STACK *X509_get1_email(X509 *x) { - STACK_OF(GENERAL_NAME) *gens; + GENERAL_NAMES *gens; STACK *ret; gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL); ret = get_email(X509_get_subject_name(x), gens); @@ -449,7 +449,7 @@ STACK *X509_get1_email(X509 *x) STACK *X509_REQ_get1_email(X509_REQ *x) { - STACK_OF(GENERAL_NAME) *gens; + GENERAL_NAMES *gens; STACK_OF(X509_EXTENSION) *exts; STACK *ret; exts = X509_REQ_get_extensions(x); @@ -461,7 +461,7 @@ STACK *X509_REQ_get1_email(X509_REQ *x) } -static STACK *get_email(X509_NAME *name, STACK_OF(GENERAL_NAME) *gens) +static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens) { STACK *ret = NULL; X509_NAME_ENTRY *ne; diff --git a/crypto/x509v3/v3conf.c b/crypto/x509v3/v3conf.c index 21cf746f45..67ee14f334 100644 --- a/crypto/x509v3/v3conf.c +++ b/crypto/x509v3/v3conf.c @@ -60,7 +60,6 @@ #include <stdio.h> #include "cryptlib.h" #include <openssl/asn1.h> -#include <openssl/asn1_mac.h> #include <openssl/conf.h> #include <openssl/x509.h> #include <openssl/x509v3.h> diff --git a/crypto/x509v3/v3prin.c b/crypto/x509v3/v3prin.c index ee798859f0..b529814319 100644 --- a/crypto/x509v3/v3prin.c +++ b/crypto/x509v3/v3prin.c @@ -59,9 +59,7 @@ #include <stdio.h> -#include "cryptlib.h" #include <openssl/asn1.h> -#include <openssl/asn1_mac.h> #include <openssl/conf.h> #include <openssl/x509.h> #include <openssl/x509v3.h> diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h index 908c3ae185..fb70fde1b5 100644 --- a/crypto/x509v3/x509v3.h +++ b/crypto/x509v3/x509v3.h @@ -156,35 +156,56 @@ ASN1_OBJECT *type_id; ASN1_TYPE *value; } OTHERNAME; +typedef struct EDIPartyName_st { + ASN1_STRING *nameAssigner; + ASN1_STRING *partyName; +} EDIPARTYNAME; + typedef struct GENERAL_NAME_st { -#define GEN_OTHERNAME (0|V_ASN1_CONTEXT_SPECIFIC) -#define GEN_EMAIL (1|V_ASN1_CONTEXT_SPECIFIC) -#define GEN_DNS (2|V_ASN1_CONTEXT_SPECIFIC) -#define GEN_X400 (3|V_ASN1_CONTEXT_SPECIFIC) -#define GEN_DIRNAME (4|V_ASN1_CONTEXT_SPECIFIC) -#define GEN_EDIPARTY (5|V_ASN1_CONTEXT_SPECIFIC) -#define GEN_URI (6|V_ASN1_CONTEXT_SPECIFIC) -#define GEN_IPADD (7|V_ASN1_CONTEXT_SPECIFIC) -#define GEN_RID (8|V_ASN1_CONTEXT_SPECIFIC) +#define GEN_OTHERNAME 0 +#define GEN_EMAIL 1 +#define GEN_DNS 2 +#define GEN_X400 3 +#define GEN_DIRNAME 4 +#define GEN_EDIPARTY 5 +#define GEN_URI 6 +#define GEN_IPADD 7 +#define GEN_RID 8 int type; union { char *ptr; - ASN1_IA5STRING *ia5;/* rfc822Name, dNSName, uniformResourceIdentifier */ + OTHERNAME *otherName; /* otherName */ + ASN1_IA5STRING *rfc822Name; + ASN1_IA5STRING *dNSName; + ASN1_TYPE *x400Address; + X509_NAME *directoryName; + EDIPARTYNAME *ediPartyName; + ASN1_IA5STRING *uniformResourceIdentifier; + ASN1_OCTET_STRING *iPAddress; + ASN1_OBJECT *registeredID; + + /* Old names */ ASN1_OCTET_STRING *ip; /* iPAddress */ X509_NAME *dirn; /* dirn */ + ASN1_IA5STRING *ia5;/* rfc822Name, dNSName, uniformResourceIdentifier */ ASN1_OBJECT *rid; /* registeredID */ - OTHERNAME *otherName; /* otherName */ - ASN1_TYPE *other; /* ediPartyName, x400Address */ + ASN1_TYPE *other; /* x400Address */ } d; } GENERAL_NAME; +typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES; + typedef struct ACCESS_DESCRIPTION_st { ASN1_OBJECT *method; GENERAL_NAME *location; } ACCESS_DESCRIPTION; +typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS; + +typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE; + DECLARE_STACK_OF(GENERAL_NAME) DECLARE_ASN1_SET_OF(GENERAL_NAME) @@ -192,23 +213,27 @@ DECLARE_STACK_OF(ACCESS_DESCRIPTION) DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION) typedef struct DIST_POINT_NAME_st { -/* NB: this is a CHOICE type and only one of these should be set */ -STACK_OF(GENERAL_NAME) *fullname; -STACK_OF(X509_NAME_ENTRY) *relativename; +int type; +union { + GENERAL_NAMES *fullname; + STACK_OF(X509_NAME_ENTRY) *relativename; +} name; } DIST_POINT_NAME; typedef struct DIST_POINT_st { DIST_POINT_NAME *distpoint; ASN1_BIT_STRING *reasons; -STACK_OF(GENERAL_NAME) *CRLissuer; +GENERAL_NAMES *CRLissuer; } DIST_POINT; +typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS; + DECLARE_STACK_OF(DIST_POINT) DECLARE_ASN1_SET_OF(DIST_POINT) typedef struct AUTHORITY_KEYID_st { ASN1_OCTET_STRING *keyid; -STACK_OF(GENERAL_NAME) *issuer; +GENERAL_NAMES *issuer; ASN1_INTEGER *serial; } AUTHORITY_KEYID; @@ -254,6 +279,8 @@ typedef struct POLICYINFO_st { STACK_OF(POLICYQUALINFO) *qualifiers; } POLICYINFO; +typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES; + DECLARE_STACK_OF(POLICYINFO) DECLARE_ASN1_SET_OF(POLICYINFO) @@ -372,21 +399,8 @@ BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a, unsigned char ** BASIC_CONSTRAINTS *BASIC_CONSTRAINTS_new(void); void BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a); -int i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **pp); -GENERAL_NAME *d2i_GENERAL_NAME(GENERAL_NAME **a, unsigned char **pp, long length); -GENERAL_NAME *GENERAL_NAME_new(void); -void GENERAL_NAME_free(GENERAL_NAME *a); -STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret); - -int i2d_SXNET(SXNET *a, unsigned char **pp); -SXNET *d2i_SXNET(SXNET **a, unsigned char **pp, long length); -SXNET *SXNET_new(void); -void SXNET_free(SXNET *a); - -int i2d_SXNETID(SXNETID *a, unsigned char **pp); -SXNETID *d2i_SXNETID(SXNETID **a, unsigned char **pp, long length); -SXNETID *SXNETID_new(void); -void SXNETID_free(SXNETID *a); +DECLARE_ASN1_FUNCTIONS(SXNET) +DECLARE_ASN1_FUNCTIONS(SXNETID) int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen); int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user, int userlen); @@ -396,96 +410,42 @@ ASN1_OCTET_STRING *SXNET_get_id_asc(SXNET *sx, char *zone); ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone); ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone); -int i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **pp); -AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, unsigned char **pp, long length); -AUTHORITY_KEYID *AUTHORITY_KEYID_new(void); -void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a); +DECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID) + +DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD) + +DECLARE_ASN1_FUNCTIONS(GENERAL_NAME) + +STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret); -int i2d_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD *a, unsigned char **pp); -PKEY_USAGE_PERIOD *d2i_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD **a, unsigned char **pp, long length); -PKEY_USAGE_PERIOD *PKEY_USAGE_PERIOD_new(void); -void PKEY_USAGE_PERIOD_free(PKEY_USAGE_PERIOD *a); +DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES) -STACK_OF(GENERAL_NAME) *GENERAL_NAMES_new(void); -void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *a); -STACK_OF(GENERAL_NAME) *d2i_GENERAL_NAMES(STACK_OF(GENERAL_NAME) **a, unsigned char **pp, long length); -int i2d_GENERAL_NAMES(STACK_OF(GENERAL_NAME) *a, unsigned char **pp); STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method, - STACK_OF(GENERAL_NAME) *gen, STACK_OF(CONF_VALUE) *extlist); -STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method, + GENERAL_NAMES *gen, STACK_OF(CONF_VALUE) *extlist); +GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval); -int i2d_OTHERNAME(OTHERNAME *a, unsigned char **pp); -OTHERNAME *OTHERNAME_new(void); -OTHERNAME *d2i_OTHERNAME(OTHERNAME **a, unsigned char **pp, long length); -void OTHERNAME_free(OTHERNAME *a); +DECLARE_ASN1_FUNCTIONS(OTHERNAME) +DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME) char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5); ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str); -int i2d_ext_ku(STACK_OF(ASN1_OBJECT) *a, unsigned char **pp); -STACK_OF(ASN1_OBJECT) *d2i_ext_ku(STACK_OF(ASN1_OBJECT) **a, - unsigned char **pp, long length); -void ext_ku_free(STACK_OF(ASN1_OBJECT) *a); -STACK_OF(ASN1_OBJECT) *ext_ku_new(void); - -int i2d_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) *a, unsigned char **pp); -STACK_OF(POLICYINFO) *CERTIFICATEPOLICIES_new(void); -void CERTIFICATEPOLICIES_free(STACK_OF(POLICYINFO) *a); -STACK_OF(POLICYINFO) *d2i_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) **a, unsigned char **pp, long length); - -int i2d_POLICYINFO(POLICYINFO *a, unsigned char **pp); -POLICYINFO *POLICYINFO_new(void); -POLICYINFO *d2i_POLICYINFO(POLICYINFO **a, unsigned char **pp, long length); -void POLICYINFO_free(POLICYINFO *a); - -int i2d_POLICYQUALINFO(POLICYQUALINFO *a, unsigned char **pp); -POLICYQUALINFO *POLICYQUALINFO_new(void); -POLICYQUALINFO *d2i_POLICYQUALINFO(POLICYQUALINFO **a, unsigned char **pp, - long length); -void POLICYQUALINFO_free(POLICYQUALINFO *a); - -int i2d_USERNOTICE(USERNOTICE *a, unsigned char **pp); -USERNOTICE *USERNOTICE_new(void); -USERNOTICE *d2i_USERNOTICE(USERNOTICE **a, unsigned char **pp, long length); -void USERNOTICE_free(USERNOTICE *a); - -int i2d_NOTICEREF(NOTICEREF *a, unsigned char **pp); -NOTICEREF *NOTICEREF_new(void); -NOTICEREF *d2i_NOTICEREF(NOTICEREF **a, unsigned char **pp, long length); -void NOTICEREF_free(NOTICEREF *a); - -int i2d_CRL_DIST_POINTS(STACK_OF(DIST_POINT) *a, unsigned char **pp); -STACK_OF(DIST_POINT) *CRL_DIST_POINTS_new(void); -void CRL_DIST_POINTS_free(STACK_OF(DIST_POINT) *a); -STACK_OF(DIST_POINT) *d2i_CRL_DIST_POINTS(STACK_OF(DIST_POINT) **a, - unsigned char **pp,long length); - -int i2d_DIST_POINT(DIST_POINT *a, unsigned char **pp); -DIST_POINT *DIST_POINT_new(void); -DIST_POINT *d2i_DIST_POINT(DIST_POINT **a, unsigned char **pp, long length); -void DIST_POINT_free(DIST_POINT *a); - -int i2d_DIST_POINT_NAME(DIST_POINT_NAME *a, unsigned char **pp); -DIST_POINT_NAME *DIST_POINT_NAME_new(void); -void DIST_POINT_NAME_free(DIST_POINT_NAME *a); -DIST_POINT_NAME *d2i_DIST_POINT_NAME(DIST_POINT_NAME **a, unsigned char **pp, - long length); - -int i2d_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION *a, unsigned char **pp); -ACCESS_DESCRIPTION *ACCESS_DESCRIPTION_new(void); -void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *a); -ACCESS_DESCRIPTION *d2i_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION **a, unsigned char **pp, - long length); +DECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE) int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a); -STACK_OF(ACCESS_DESCRIPTION) *AUTHORITY_INFO_ACCESS_new(void); -void AUTHORITY_INFO_ACCESS_free(STACK_OF(ACCESS_DESCRIPTION) *a); -STACK_OF(ACCESS_DESCRIPTION) *d2i_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) **a, - unsigned char **pp, long length); -int i2d_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) *a, unsigned char **pp); +DECLARE_ASN1_FUNCTIONS(CERTIFICATEPOLICIES) +DECLARE_ASN1_FUNCTIONS(POLICYINFO) +DECLARE_ASN1_FUNCTIONS(POLICYQUALINFO) +DECLARE_ASN1_FUNCTIONS(USERNOTICE) +DECLARE_ASN1_FUNCTIONS(NOTICEREF) +DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS) +DECLARE_ASN1_FUNCTIONS(DIST_POINT) +DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME) +DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION) +DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS) #ifdef HEADER_CONF_H GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, CONF_VALUE *cnf); diff --git a/demos/asn1/README.ASN1 b/demos/asn1/README.ASN1 new file mode 100644 index 0000000000..ac497be184 --- /dev/null +++ b/demos/asn1/README.ASN1 @@ -0,0 +1,7 @@ +This is a demo of the new ASN1 code. Its an OCSP ASN1 module. Doesn't +do much yet other than demonstrate what the new ASN1 modules might look +like. + +It wont even compile yet: the new code isn't in place. + + diff --git a/demos/asn1/ocsp.c b/demos/asn1/ocsp.c new file mode 100644 index 0000000000..0199fe1004 --- /dev/null +++ b/demos/asn1/ocsp.c @@ -0,0 +1,366 @@ +/* ocsp.c */ +/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL + * project 2000. + */ +/* ==================================================================== + * Copyright (c) 2000 The OpenSSL Project. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in + * the documentation and/or other materials provided with the + * distribution. + * + * 3. All advertising materials mentioning features or use of this + * software must display the following acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" + * + * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to + * endorse or promote products derived from this software without + * prior written permission. For written permission, please contact + * licensing@OpenSSL.org. + * + * 5. Products derived from this software may not be called "OpenSSL" + * nor may "OpenSSL" appear in their names without prior written + * permission of the OpenSSL Project. + * + * 6. Redistributions of any form whatsoever must retain the following + * acknowledgment: + * "This product includes software developed by the OpenSSL Project + * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" + * + * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY + * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR + * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * ==================================================================== + * + * This product includes cryptographic software written by Eric Young + * (eay@cryptsoft.com). This product includes software written by Tim + * Hudson (tjh@cryptsoft.com). + * + */ +#include <openssl/asn1.h> +#include <openssl/asn1t.h> +#include <openssl/x509v3.h> + + + + +/* Example of new ASN1 code, OCSP request + + OCSPRequest ::= SEQUENCE { + tbsRequest TBSRequest, + optionalSignature [0] EXPLICIT Signature OPTIONAL } + + TBSRequest ::= SEQUENCE { + version [0] EXPLICIT Version DEFAULT v1, + requestorName [1] EXPLICIT GeneralName OPTIONAL, + requestList SEQUENCE OF Request, + requestExtensions [2] EXPLICIT Extensions OPTIONAL } + + Signature ::= SEQUENCE { + signatureAlgorithm AlgorithmIdentifier, + signature BIT STRING, + certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } + + Version ::= INTEGER { v1(0) } + + Request ::= SEQUENCE { + reqCert CertID, + singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL } + + CertID ::= SEQUENCE { + hashAlgorithm AlgorithmIdentifier, + issuerNameHash OCTET STRING, -- Hash of Issuer's DN + issuerKeyHash OCTET STRING, -- Hash of Issuers public key + serialNumber CertificateSerialNumber } + + OCSPResponse ::= SEQUENCE { + responseStatus OCSPResponseStatus, + responseBytes [0] EXPLICIT ResponseBytes OPTIONAL } + + OCSPResponseStatus ::= ENUMERATED { + successful (0), --Response has valid confirmations + malformedRequest (1), --Illegal confirmation request + internalError (2), --Internal error in issuer + tryLater (3), --Try again later + --(4) is not used + sigRequired (5), --Must sign the request + unauthorized (6) --Request unauthorized + } + + ResponseBytes ::= SEQUENCE { + responseType OBJECT IDENTIFIER, + response OCTET STRING } + + BasicOCSPResponse ::= SEQUENCE { + tbsResponseData ResponseData, + signatureAlgorithm AlgorithmIdentifier, + signature BIT STRING, + certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL } + + ResponseData ::= SEQUENCE { + version [0] EXPLICIT Version DEFAULT v1, + responderID ResponderID, + producedAt GeneralizedTime, + responses SEQUENCE OF SingleResponse, + responseExtensions [1] EXPLICIT Extensions OPTIONAL } + + ResponderID ::= CHOICE { + byName [1] Name, --EXPLICIT + byKey [2] KeyHash } + + KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key + --(excluding the tag and length fields) + + SingleResponse ::= SEQUENCE { + certID CertID, + certStatus CertStatus, + thisUpdate GeneralizedTime, + nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL, + singleExtensions [1] EXPLICIT Extensions OPTIONAL } + + CertStatus ::= CHOICE { + good [0] IMPLICIT NULL, + revoked [1] IMPLICIT RevokedInfo, + unknown [2] IMPLICIT UnknownInfo } + + RevokedInfo ::= SEQUENCE { + revocationTime GeneralizedTime, + revocationReason [0] EXPLICIT CRLReason OPTIONAL } + + UnknownInfo ::= NULL -- this can be replaced with an enumeration + + ArchiveCutoff ::= GeneralizedTime + + AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER + + ServiceLocator ::= SEQUENCE { + issuer Name, + locator AuthorityInfoAccessSyntax } + + -- Object Identifiers + + id-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-kp 9 } + id-pkix-ocsp OBJECT IDENTIFIER ::= { id-ad-ocsp } + id-pkix-ocsp-basic OBJECT IDENTIFIER ::= { id-pkix-ocsp 1 } + id-pkix-ocsp-nonce OBJECT IDENTIFIER ::= { id-pkix-ocsp 2 } + id-pkix-ocsp-crl OBJECT IDENTIFIER ::= { id-pkix-ocsp 3 } + id-pkix-ocsp-response OBJECT IDENTIFIER ::= { id-pkix-ocsp 4 } + id-pkix-ocsp-nocheck OBJECT IDENTIFIER ::= { id-pkix-ocsp 5 } + id-pkix-ocsp-archive-cutoff OBJECT IDENTIFIER ::= { id-pkix-ocsp 6 } + id-pkix-ocsp-service-locator OBJECT IDENTIFIER ::= { id-pkix-ocsp 7 } + +*/ + +/* Request Structures */ + +DECLARE_STACK_OF(Request) + +typedef struct { + ASN1_INTEGER *version; + GENERAL_NAME *requestorName; + STACK_OF(Request) *requestList; + STACK_OF(X509_EXTENSION) *requestExtensions; +} TBSRequest; + +typedef struct { + X509_ALGOR *signatureAlgorithm; + ASN1_BIT_STRING *signature; + STACK_OF(X509) *certs; +} Signature; + +typedef struct { + TBSRequest *tbsRequest; + Signature *optionalSignature; +} OCSPRequest; + +typedef struct { + X509_ALGOR *hashAlgorithm; + ASN1_OCTET_STRING *issuerNameHash; + ASN1_OCTET_STRING *issuerKeyHash; + ASN1_INTEGER *certificateSerialNumber; +} CertID; + +typedef struct { + CertID *reqCert; + STACK_OF(X509_EXTENSION) *singleRequestExtensions; +} Request; + +/* Response structures */ + +typedef struct { + ASN1_OBJECT *responseType; + ASN1_OCTET_STRING *response; +} ResponseBytes; + +typedef struct { + ASN1_ENUMERATED *responseStatus; + ResponseBytes *responseBytes; +} OCSPResponse; + +typedef struct { + int type; + union { + X509_NAME *byName; + ASN1_OCTET_STRING *byKey; + }d; +} ResponderID; + +typedef struct { + ASN1_INTEGER *version; + ResponderID *responderID; + ASN1_GENERALIZEDTIME *producedAt; + STACK_OF(SingleResponse) *responses; + STACK_OF(X509_EXTENSION) *responseExtensions; +} ResponseData; + +typedef struct { + ResponseData *tbsResponseData; + X509_ALGOR *signatureAlgorithm; + ASN1_BIT_STRING *signature; + STACK_OF(X509) *certs; +} BasicOCSPResponse; + +typedef struct { + ASN1_GENERALIZEDTIME *revocationTime; + ASN1_ENUMERATED * revocationReason; +} RevokedInfo; + +typedef struct { + int type; + union { + ASN1_NULL *good; + RevokedInfo *revoked; + ASN1_NULL *unknown; + } d; +} CertStatus; + +typedef struct { + CertID *certID; + CertStatus *certStatus; + ASN1_GENERALIZEDTIME *thisUpdate; + ASN1_GENERALIZEDTIME *nextUpdate; + STACK_OF(X509_EXTENSION) *singleExtensions; +} SingleResponse; + + +typedef struct { + X509_NAME *issuer; + STACK_OF(ACCESS_DESCRIPTION) *locator; +} ServiceLocator; + + +/* Now the ASN1 templates */ + +IMPLEMENT_COMPAT_ASN1(X509); +IMPLEMENT_COMPAT_ASN1(X509_ALGOR); +//IMPLEMENT_COMPAT_ASN1(X509_EXTENSION); +IMPLEMENT_COMPAT_ASN1(GENERAL_NAME); +IMPLEMENT_COMPAT_ASN1(X509_NAME); + +ASN1_SEQUENCE(X509_EXTENSION) = { + ASN1_SIMPLE(X509_EXTENSION, object, ASN1_OBJECT), + ASN1_OPT(X509_EXTENSION, critical, ASN1_BOOLEAN), + ASN1_SIMPLE(X509_EXTENSION, value, ASN1_OCTET_STRING) +} ASN1_SEQUENCE_END(X509_EXTENSION); + + +ASN1_SEQUENCE(Signature) = { + ASN1_SIMPLE(Signature, signatureAlgorithm, X509_ALGOR), + ASN1_SIMPLE(Signature, signature, ASN1_BIT_STRING), + ASN1_SEQUENCE_OF(Signature, certs, X509) +} ASN1_SEQUENCE_END(Signature); + +ASN1_SEQUENCE(CertID) = { + ASN1_SIMPLE(CertID, hashAlgorithm, X509_ALGOR), + ASN1_SIMPLE(CertID, issuerNameHash, ASN1_OCTET_STRING), + ASN1_SIMPLE(CertID, issuerKeyHash, ASN1_OCTET_STRING), + ASN1_SIMPLE(CertID, certificateSerialNumber, ASN1_INTEGER) +} ASN1_SEQUENCE_END(CertID); + +ASN1_SEQUENCE(Request) = { + ASN1_SIMPLE(Request, reqCert, CertID), + ASN1_EXP_SEQUENCE_OF_OPT(Request, singleRequestExtensions, X509_EXTENSION, 0) +} ASN1_SEQUENCE_END(Request); + +ASN1_SEQUENCE(TBSRequest) = { + ASN1_EXP_OPT(TBSRequest, version, ASN1_INTEGER, 0), + ASN1_EXP_OPT(TBSRequest, requestorName, GENERAL_NAME, 1), + ASN1_SEQUENCE_OF(TBSRequest, requestList, Request), + ASN1_EXP_SEQUENCE_OF_OPT(TBSRequest, requestExtensions, X509_EXTENSION, 2) +} ASN1_SEQUENCE_END(TBSRequest); + +ASN1_SEQUENCE(OCSPRequest) = { + ASN1_SIMPLE(OCSPRequest, tbsRequest, TBSRequest), + ASN1_EXP_OPT(OCSPRequest, optionalSignature, Signature, 0) +} ASN1_SEQUENCE_END(OCSPRequest); + + +/* Response templates */ + +ASN1_SEQUENCE(ResponseBytes) = { + ASN1_SIMPLE(ResponseBytes, responseType, ASN1_OBJECT), + ASN1_SIMPLE(ResponseBytes, response, ASN1_OCTET_STRING) +} ASN1_SEQUENCE_END(ResponseBytes); + +ASN1_SEQUENCE(OCSPResponse) = { + ASN1_SIMPLE(OCSPResponse, responseStatus, ASN1_ENUMERATED), + ASN1_EXP_OPT(OCSPResponse, responseBytes, ResponseBytes, 0) +} ASN1_SEQUENCE_END(OCSPResponse); + +ASN1_CHOICE(ResponderID) = { + ASN1_EXP(ResponderID, d.byName, X509_NAME, 1), + ASN1_IMP(ResponderID, d.byKey, ASN1_OCTET_STRING, 2) +} ASN1_CHOICE_END(ResponderID); + +ASN1_SEQUENCE(RevokedInfo) = { + ASN1_SIMPLE(RevokedInfo, revocationTime, ASN1_GENERALIZEDTIME), + ASN1_EXP_OPT(RevokedInfo, revocationReason, ASN1_ENUMERATED, 0) +} ASN1_SEQUENCE_END(RevokedInfo); + +ASN1_CHOICE(CertStatus) = { + ASN1_IMP(CertStatus, d.good, ASN1_NULL, 0), + ASN1_IMP(CertStatus, d.revoked, RevokedInfo, 1), + ASN1_IMP(CertStatus, d.unknown, ASN1_NULL, 2) +} ASN1_CHOICE_END(CertStatus); + +ASN1_SEQUENCE(SingleResponse) = { + ASN1_SIMPLE(SingleResponse, certID, CertID), + ASN1_SIMPLE(SingleResponse, certStatus, CertStatus), + ASN1_SIMPLE(SingleResponse, thisUpdate, ASN1_GENERALIZEDTIME), + ASN1_EXP_OPT(SingleResponse, nextUpdate, ASN1_GENERALIZEDTIME, 0), + ASN1_EXP_SEQUENCE_OF_OPT(SingleResponse, singleExtensions, X509_EXTENSION, 1) +} ASN1_SEQUENCE_END(SingleResponse); + +ASN1_SEQUENCE(ResponseData) = { + ASN1_EXP_OPT(ResponseData, version, ASN1_INTEGER, 0), + ASN1_SIMPLE(ResponseData, responderID, ResponderID), + ASN1_SIMPLE(ResponseData, producedAt, ASN1_GENERALIZEDTIME), + ASN1_SEQUENCE_OF(ResponseData, responses, SingleResponse), + ASN1_EXP_SEQUENCE_OF_OPT(ResponseData, responseExtensions, X509_EXTENSION, 1) +} ASN1_SEQUENCE_END(ResponseData); + +ASN1_SEQUENCE(BasicOCSPResponse) = { + ASN1_SIMPLE(BasicOCSPResponse, tbsResponseData, ResponseData), + ASN1_SIMPLE(BasicOCSPResponse, signatureAlgorithm, X509_ALGOR), + ASN1_SIMPLE(BasicOCSPResponse, signature, ASN1_BIT_STRING), + ASN1_EXP_SEQUENCE_OF_OPT(BasicOCSPResponse, certs, X509, 0) +} ASN1_SEQUENCE_END(BasicOCSPResponse); + |