Merge from the ASN1 branch of new ASN1 code
to main trunk.
Lets see if the makes it to openssl-cvs :-)
diff --git a/CHANGES b/CHANGES
index 8c2380a..acc4a85 100644
--- a/CHANGES
+++ b/CHANGES
@@ -3,6 +3,10 @@
Changes between 0.9.6 and 0.9.7 [xx XXX 2000]
+ *) Merge in replacement ASN1 code from the ASN1 branch. This almost
+ completely replaces the old ASN1 functionality.
+ [Steve Henson]
+
*) Change BN_mod_exp_recp so that negative moduli are tolerated
(the sign is ignored). Similarly, ignore the sign in BN_MONT_CTX_set
so that BN_mod_exp_mont and BN_mod_exp_mont_word work
diff --git a/README.ASN1 b/README.ASN1
new file mode 100644
index 0000000..11bcfaf
--- /dev/null
+++ b/README.ASN1
@@ -0,0 +1,187 @@
+
+OpenSSL ASN1 Revision
+=====================
+
+This document describes some of the issues relating to the new ASN1 code.
+
+Previous OpenSSL ASN1 problems
+=============================
+
+OK why did the OpenSSL ASN1 code need revising in the first place? Well
+there are lots of reasons some of which are included below...
+
+1. The code is difficult to read and write. For every single ASN1 structure
+(e.g. SEQUENCE) four functions need to be written for new, free, encode and
+decode operations. This is a very painful and error prone operation. Very few
+people have ever written any OpenSSL ASN1 and those that have usually wish
+they hadn't.
+
+2. Partly because of 1. the code is bloated and takes up a disproportionate
+amount of space. The SEQUENCE encoder is particularly bad: it essentially
+contains two copies of the same operation, one to compute the SEQUENCE length
+and the other to encode it.
+
+3. The code is memory based: that is it expects to be able to read the whole
+structure from memory. This is fine for small structures but if you have a
+(say) 1Gb PKCS#7 signedData structure it isn't such a good idea...
+
+4. The code for the ASN1 IMPLICIT tag is evil. It is handled by temporarily
+changing the tag to the expected one, attempting to read it, then changing it
+back again. This means that decode buffers have to be writable even though they
+are ultimately unchanged. This gets in the way of constification.
+
+5. The handling of EXPLICIT isn't much better. It adds a chunk of code into
+the decoder and encoder for every EXPLICIT tag.
+
+6. APPLICATION and PRIVATE tags aren't even supported at all.
+
+7. Even IMPLICIT isn't complete: there is no support for implicitly tagged
+types that are not OPTIONAL.
+
+8. Much of the code assumes that a tag will fit in a single octet. This is
+only true if the tag is 30 or less (mercifully tags over 30 are rare).
+
+9. The ASN1 CHOICE type has to be largely handled manually, there aren't any
+macros that properly support it.
+
+10. Encoders have no concept of OPTIONAL and have no error checking. If the
+passed structure contains a NULL in a mandatory field it will not be encoded,
+resulting in an invalid structure.
+
+11. It is tricky to add ASN1 encoders and decoders to external applications.
+
+Template model
+==============
+
+One of the major problems with revision is the sheer volume of the ASN1 code.
+Attempts to change (for example) the IMPLICIT behaviour would result in a
+modification of *every* single decode function.
+
+I decided to adopt a template based approach. I'm using the term 'template'
+in a manner similar to SNACC templates: it has nothing to do with C++
+templates.
+
+A template is a description of an ASN1 module as several constant C structures.
+It describes in a machine readable way exactly how the ASN1 structure should
+behave. If this template contains enough detail then it is possible to write
+versions of new, free, encode, decode (and possibly others operations) that
+operate on templates.
+
+Instead of having to write code to handle each operation only a single
+template needs to be written. If new operations are needed (such as a 'print'
+operation) only a single new template based function needs to be written
+which will then automatically handle all existing templates.
+
+Plans for revision
+==================
+
+The revision will consist of the following steps. Other than the first two
+these can be handled in any order.
+
+o Design and write template new, free, encode and decode operations, initially
+memory based. *DONE*
+
+o Convert existing ASN1 code to template form. *IN PROGRESS*
+
+o Convert an existing ASN1 compiler (probably SNACC) to output templates
+in OpenSSL form.
+
+o Add support for BIO based ASN1 encoders and decoders to handle large
+structures, initially blocking I/O.
+
+o Add support for non blocking I/O: this is quite a bit harder than blocking
+I/O.
+
+o Add new ASN1 structures, such as OCSP, CRMF, S/MIME v3 (CMS), attribute
+certificates etc etc.
+
+Description of major changes
+============================
+
+The BOOLEAN type now takes three values. 0xff is TRUE, 0 is FALSE and -1 is
+absent. The meaning of absent depends on the context. If for example the
+boolean type is DEFAULT FALSE (as in the case of the critical flag for
+certificate extensions) then -1 is FALSE, if DEFAULT TRUE then -1 is TRUE.
+Usually the value will only ever be read via an API which will hide this from
+an application.
+
+There is an evil bug in the old ASN1 code that mishandles OPTIONAL with
+SEQUENCE OF or SET OF. These are both implemented as a STACK structure. The
+old code would omit the structure if the STACK was NULL (which is fine) or if
+it had zero elements (which is NOT OK). This causes problems because an empty
+SEQUENCE OF or SET OF will result in an empty STACK when it is decoded but when
+it is encoded it will be omitted resulting in different encodings. The new code
+only omits the encoding if the STACK is NULL, if it contains zero elements it
+is encoded and empty. There is an additional problem though: because an empty
+STACK was omitted, sometimes the corresponding *_new() function would
+initialize the STACK to empty so an application could immediately use it, if
+this is done with the new code (i.e. a NULL) it wont work. Therefore a new
+STACK should be allocated first. One instance of this is the X509_CRL list of
+revoked certificates: a helper function X509_CRL_add0_revoked() has been added
+for this purpose.
+
+The X509_ATTRIBUTE structure used to have an element called 'set' which took
+the value 1 if the attribute value was a SET OF or 0 if it was a single. Due
+to the behaviour of CHOICE in the new code this has been changed to a field
+called 'single' which is 0 for a SET OF and 1 for single. The old field has
+been deleted to deliberately break source compatibility. Since this structure
+is normally accessed via higher level functions this shouldn't break too much.
+
+The X509_REQ_INFO certificate request info structure no longer has a field
+called 'req_kludge'. This used to be set to 1 if the attributes field was
+(incorrectly) omitted. You can check to see if the field is omitted now by
+checking if the attributes field is NULL. Similarly if you need to omit
+the field then free attributes and set it to NULL.
+
+The top level 'detached' field in the PKCS7 structure is no longer set when
+a PKCS#7 structure is read in. PKCS7_is_detached() should be called instead.
+The behaviour of PKCS7_get_detached() is unaffected.
+
+The values of 'type' in the GENERAL_NAME structure have changed. This is
+because the old code use the ASN1 initial octet as the selector. The new
+code uses the index in the ASN1_CHOICE template.
+
+The DIST_POINT_NAME structure has changed to be a true CHOICE type.
+
+typedef struct DIST_POINT_NAME_st {
+int type;
+union {
+ STACK_OF(GENERAL_NAME) *fullname;
+ STACK_OF(X509_NAME_ENTRY) *relativename;
+} name;
+} DIST_POINT_NAME;
+
+This means that name.fullname or name.relativename should be set
+and type reflects the option. That is if name.fullname is set then
+type is 0 and if name.relativename is set type is 1.
+
+With the old code using the i2d functions would typically involve:
+
+unsigned char *buf, *p;
+int len;
+/* Find length of encoding */
+len = i2d_SOMETHING(x, NULL);
+/* Allocate buffer */
+buf = OPENSSL_malloc(len);
+if(buf == NULL) {
+ /* Malloc error */
+}
+/* Use temp variable because &p gets updated to point to end of
+ * encoding.
+ */
+p = buf;
+i2d_SOMETHING(x, &p);
+
+
+Using the new i2d you can also do:
+
+unsigned char *buf = NULL;
+int len;
+len = i2d_SOMETHING(x, &buf);
+if(len < 0) {
+ /* Malloc error */
+}
+
+and it will automatically allocate and populate a buffer with the
+encoding. After this call 'buf' will point to the start of the
+encoding which is len bytes long.
diff --git a/apps/ca.c b/apps/ca.c
index 3f855a1..c0677a5 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -1201,7 +1201,7 @@
if (!a2i_ASN1_INTEGER(hex,r->serialNumber,
buf[0],BSIZE)) goto err;
- sk_X509_REVOKED_push(ci->revoked,r);
+ X509_CRL_add0_revoked(crl,r);
}
}
/* sort the data so it will be written in serial
diff --git a/apps/req.c b/apps/req.c
index 4c4b9e3..7b8b4db 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -752,8 +752,11 @@
}
i=make_REQ(req,pkey,!x509);
- if (kludge >= 0)
- req->req_info->req_kludge=kludge;
+ if ((kludge > 0) && !sk_X509_ATTRIBUTE_num(req->req_info->attributes))
+ {
+ sk_X509_ATTRIBUTE_free(req->req_info->attributes);
+ req->req_info->attributes = NULL;
+ }
if (!i)
{
BIO_printf(bio_err,"problems making Certificate Request\n");
diff --git a/crypto/asn1/Makefile.ssl b/crypto/asn1/Makefile.ssl
index 3e88b3e..5dd6628 100644
--- a/crypto/asn1/Makefile.ssl
+++ b/crypto/asn1/Makefile.ssl
@@ -23,39 +23,33 @@
LIB=$(TOP)/libcrypto.a
LIBSRC= a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \
- a_null.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_bmp.c \
- a_enum.c a_vis.c a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \
- x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c \
- x_name.c x_cinf.c x_x509.c x_x509a.c x_crl.c x_info.c x_spki.c nsseq.c \
- d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c \
- d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c \
+ a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c \
+ a_enum.c a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \
+ x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_bignum.c \
+ x_long.c x_name.c x_x509.c x_x509a.c x_crl.c x_info.c x_spki.c nsseq.c \
d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\
t_req.c t_x509.c t_x509a.c t_crl.c t_pkey.c t_spki.c t_bitst.c \
- p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c \
- p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c \
- f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c \
+ tasn_new.c tasn_fre.c tasn_enc.c tasn_dec.c tasn_utl.c tasn_typ.c \
+ f_int.c f_string.c n_pkey.c \
f_enum.c a_hdr.c x_pkey.c a_bool.c x_exten.c \
asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c a_strnid.c \
evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c
LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \
- a_null.o a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_bmp.o \
- a_enum.o a_vis.o a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \
- x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o \
- x_name.o x_cinf.o x_x509.o x_x509a.o x_crl.o x_info.o x_spki.o nsseq.o \
- d2i_r_pr.o i2d_r_pr.o d2i_r_pu.o i2d_r_pu.o \
- d2i_s_pr.o i2d_s_pr.o d2i_s_pu.o i2d_s_pu.o \
+ a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \
+ a_enum.o a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \
+ x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_bignum.o \
+ x_long.o x_name.o x_x509.o x_x509a.o x_crl.o x_info.o x_spki.o nsseq.o \
d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \
t_req.o t_x509.o t_x509a.o t_crl.o t_pkey.o t_spki.o t_bitst.o \
- p7_i_s.o p7_signi.o p7_signd.o p7_recip.o p7_enc_c.o p7_evp.o \
- p7_dgst.o p7_s_e.o p7_enc.o p7_lib.o \
- f_int.o f_string.o i2d_dhp.o i2d_dsap.o d2i_dhp.o d2i_dsap.o n_pkey.o \
+ tasn_new.o tasn_fre.o tasn_enc.o tasn_dec.o tasn_utl.o tasn_typ.o \
+ f_int.o f_string.o n_pkey.o \
f_enum.o a_hdr.o x_pkey.o a_bool.o x_exten.o \
asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o a_strnid.o \
evp_asn1.o asn_pack.o p5_pbe.o p5_pbev2.o p8_pkey.o
SRC= $(LIBSRC)
-EXHEADER= asn1.h asn1_mac.h
+EXHEADER= asn1.h asn1_mac.h asn1t.h
HEADER= $(EXHEADER)
ALL= $(GENERAL) $(SRC) $(HEADER)
@@ -124,30 +118,22 @@
a_bitstr.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
a_bitstr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
a_bitstr.o: ../cryptlib.h
-a_bmp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_bmp.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_bmp.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_bmp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_bmp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_bmp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_bmp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_bmp.o: ../cryptlib.h
-a_bool.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_bool.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_bool.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_bool.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_bool.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_bool.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_bool.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_bool.o: ../cryptlib.h
-a_bytes.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-a_bytes.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_bytes.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_bytes.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-a_bytes.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_bytes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_bytes.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_bytes.o: ../../include/openssl/symhacks.h ../cryptlib.h
+a_bool.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+a_bool.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+a_bool.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_bool.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+a_bool.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_bool.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_bool.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_bool.o: ../../include/openssl/symhacks.h ../cryptlib.h
+a_bytes.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_bytes.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_bytes.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
+a_bytes.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_bytes.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_bytes.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+a_bytes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_bytes.o: ../cryptlib.h
a_d2i_fp.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
a_d2i_fp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
a_d2i_fp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -177,14 +163,14 @@
a_digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
a_digest.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
a_digest.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-a_dup.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-a_dup.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_dup.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_dup.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-a_dup.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_dup.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-a_dup.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-a_dup.o: ../../include/openssl/symhacks.h ../cryptlib.h
+a_dup.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_dup.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_dup.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
+a_dup.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_dup.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
+a_dup.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+a_dup.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+a_dup.o: ../cryptlib.h
a_enum.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
a_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
a_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
@@ -209,12 +195,11 @@
a_hdr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
a_hdr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
a_hdr.o: ../../include/openssl/symhacks.h ../cryptlib.h
-a_i2d_fp.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-a_i2d_fp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-a_i2d_fp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-a_i2d_fp.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-a_i2d_fp.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-a_i2d_fp.o: ../../include/openssl/opensslconf.h
+a_i2d_fp.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+a_i2d_fp.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+a_i2d_fp.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
+a_i2d_fp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+a_i2d_fp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
a_i2d_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
a_i2d_fp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
a_i2d_fp.o: ../cryptlib.h
@@ -242,14 +227,6 @@
a_meth.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
a_meth.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
a_meth.o: ../cryptlib.h
-a_null.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_null.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_null.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_null.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_null.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_null.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_null.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_null.o: ../cryptlib.h
a_object.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
a_object.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
a_object.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
@@ -331,15 +308,15 @@
a_strnid.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
a_strnid.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
a_strnid.o: ../cryptlib.h
-a_time.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_time.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_time.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_time.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_time.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_time.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_time.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_time.o: ../cryptlib.h
-a_type.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+a_time.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+a_time.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+a_time.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+a_time.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+a_time.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+a_time.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+a_time.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+a_time.o: ../../include/openssl/symhacks.h ../cryptlib.h
+a_type.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
a_type.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
a_type.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
a_type.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
@@ -383,26 +360,17 @@
a_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
a_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
a_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-a_vis.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-a_vis.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-a_vis.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
-a_vis.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-a_vis.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-a_vis.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-a_vis.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-a_vis.o: ../cryptlib.h
asn1_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
asn1_err.o: ../../include/openssl/bn.h ../../include/openssl/crypto.h
asn1_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
asn1_err.o: ../../include/openssl/opensslconf.h
asn1_err.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
asn1_err.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-asn1_lib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-asn1_lib.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-asn1_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-asn1_lib.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-asn1_lib.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-asn1_lib.o: ../../include/openssl/opensslconf.h
+asn1_lib.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+asn1_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+asn1_lib.o: ../../include/openssl/crypto.h ../../include/openssl/e_os.h
+asn1_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+asn1_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
asn1_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
asn1_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
asn1_lib.o: ../cryptlib.h
@@ -423,27 +391,6 @@
asn_pack.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
asn_pack.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
asn_pack.o: ../cryptlib.h
-d2i_dhp.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-d2i_dhp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-d2i_dhp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-d2i_dhp.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
-d2i_dhp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-d2i_dhp.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
-d2i_dhp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-d2i_dhp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-d2i_dhp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-d2i_dhp.o: ../cryptlib.h
-d2i_dsap.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-d2i_dsap.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-d2i_dsap.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-d2i_dsap.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-d2i_dsap.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-d2i_dsap.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-d2i_dsap.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-d2i_dsap.o: ../../include/openssl/opensslconf.h
-d2i_dsap.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-d2i_dsap.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-d2i_dsap.o: ../cryptlib.h
d2i_pr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
d2i_pr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
d2i_pr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
@@ -480,48 +427,6 @@
d2i_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
d2i_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
d2i_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h
-d2i_r_pr.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-d2i_r_pr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-d2i_r_pr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-d2i_r_pr.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-d2i_r_pr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-d2i_r_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-d2i_r_pr.o: ../../include/openssl/opensslconf.h
-d2i_r_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h
-d2i_r_pr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-d2i_r_pr.o: ../../include/openssl/symhacks.h ../cryptlib.h
-d2i_r_pu.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-d2i_r_pu.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-d2i_r_pu.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-d2i_r_pu.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-d2i_r_pu.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-d2i_r_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-d2i_r_pu.o: ../../include/openssl/opensslconf.h
-d2i_r_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h
-d2i_r_pu.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-d2i_r_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h
-d2i_s_pr.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-d2i_s_pr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-d2i_s_pr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-d2i_s_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-d2i_s_pr.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-d2i_s_pr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-d2i_s_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-d2i_s_pr.o: ../../include/openssl/opensslconf.h
-d2i_s_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-d2i_s_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-d2i_s_pr.o: ../cryptlib.h
-d2i_s_pu.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-d2i_s_pu.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-d2i_s_pu.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-d2i_s_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-d2i_s_pu.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-d2i_s_pu.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-d2i_s_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-d2i_s_pu.o: ../../include/openssl/opensslconf.h
-d2i_s_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-d2i_s_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-d2i_s_pu.o: ../cryptlib.h
evp_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
evp_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
evp_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
@@ -555,25 +460,6 @@
f_string.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
f_string.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
f_string.o: ../cryptlib.h
-i2d_dhp.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-i2d_dhp.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-i2d_dhp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-i2d_dhp.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
-i2d_dhp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-i2d_dhp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
-i2d_dhp.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-i2d_dhp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-i2d_dhp.o: ../cryptlib.h
-i2d_dsap.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-i2d_dsap.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-i2d_dsap.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-i2d_dsap.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-i2d_dsap.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-i2d_dsap.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-i2d_dsap.o: ../../include/openssl/opensslconf.h
-i2d_dsap.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-i2d_dsap.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-i2d_dsap.o: ../cryptlib.h
i2d_pr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
i2d_pr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
i2d_pr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
@@ -610,88 +496,47 @@
i2d_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
i2d_pu.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
i2d_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h
-i2d_r_pr.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-i2d_r_pr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-i2d_r_pr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-i2d_r_pr.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-i2d_r_pr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-i2d_r_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-i2d_r_pr.o: ../../include/openssl/opensslconf.h
-i2d_r_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h
-i2d_r_pr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-i2d_r_pr.o: ../../include/openssl/symhacks.h ../cryptlib.h
-i2d_r_pu.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-i2d_r_pu.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-i2d_r_pu.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-i2d_r_pu.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-i2d_r_pu.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-i2d_r_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-i2d_r_pu.o: ../../include/openssl/opensslconf.h
-i2d_r_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h
-i2d_r_pu.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
-i2d_r_pu.o: ../../include/openssl/symhacks.h ../cryptlib.h
-i2d_s_pr.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-i2d_s_pr.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-i2d_s_pr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-i2d_s_pr.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-i2d_s_pr.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-i2d_s_pr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-i2d_s_pr.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-i2d_s_pr.o: ../../include/openssl/opensslconf.h
-i2d_s_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-i2d_s_pr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-i2d_s_pr.o: ../cryptlib.h
-i2d_s_pu.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-i2d_s_pu.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
-i2d_s_pu.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
-i2d_s_pu.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
-i2d_s_pu.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-i2d_s_pu.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
-i2d_s_pu.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-i2d_s_pu.o: ../../include/openssl/opensslconf.h
-i2d_s_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
-i2d_s_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-i2d_s_pu.o: ../cryptlib.h
n_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-n_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-n_pkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-n_pkey.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-n_pkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-n_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-n_pkey.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-n_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-n_pkey.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-n_pkey.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-n_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-n_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-n_pkey.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-n_pkey.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-n_pkey.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-n_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-n_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-n_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-n_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-nsseq.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+n_pkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h
+n_pkey.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+n_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+n_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+n_pkey.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+n_pkey.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+n_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+n_pkey.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+n_pkey.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+n_pkey.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+n_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+n_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+n_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+n_pkey.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+n_pkey.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h
+n_pkey.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+n_pkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+n_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+n_pkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+n_pkey.o: ../cryptlib.h
+nsseq.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
nsseq.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
nsseq.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
nsseq.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
nsseq.o: ../../include/openssl/des.h ../../include/openssl/dh.h
nsseq.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
-nsseq.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-nsseq.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-nsseq.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-nsseq.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-nsseq.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-nsseq.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
-nsseq.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-nsseq.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-nsseq.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h
-nsseq.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-nsseq.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-nsseq.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-nsseq.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p5_pbe.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+nsseq.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+nsseq.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+nsseq.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+nsseq.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+nsseq.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+nsseq.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
+nsseq.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+nsseq.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
+nsseq.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+nsseq.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+nsseq.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+nsseq.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+nsseq.o: ../../include/openssl/x509_vfy.h
+p5_pbe.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
p5_pbe.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
p5_pbe.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
p5_pbe.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
@@ -712,7 +557,7 @@
p5_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
p5_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
p5_pbe.o: ../cryptlib.h
-p5_pbev2.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+p5_pbev2.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
p5_pbev2.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
p5_pbev2.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
p5_pbev2.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
@@ -733,207 +578,7 @@
p5_pbev2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
p5_pbev2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
p5_pbev2.o: ../cryptlib.h
-p7_dgst.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_dgst.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_dgst.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_dgst.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_dgst.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_dgst.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_dgst.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_dgst.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_dgst.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_dgst.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_dgst.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_dgst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_dgst.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_dgst.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_dgst.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-p7_dgst.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-p7_dgst.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_dgst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_dgst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_dgst.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_enc.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_enc.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_enc.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_enc.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_enc.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_enc.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_enc.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_enc.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_enc.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_enc.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_enc.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_enc.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-p7_enc.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-p7_enc.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_enc.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_enc.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_enc.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_enc_c.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_enc_c.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_enc_c.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_enc_c.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_enc_c.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_enc_c.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_enc_c.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_enc_c.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_enc_c.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_enc_c.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_enc_c.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_enc_c.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_enc_c.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_enc_c.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_enc_c.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-p7_enc_c.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-p7_enc_c.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_enc_c.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_enc_c.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_enc_c.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_evp.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_evp.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_evp.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_evp.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_evp.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_evp.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_evp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_evp.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_evp.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_evp.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_evp.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_evp.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_evp.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_evp.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_evp.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-p7_evp.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-p7_evp.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_evp.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_evp.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_evp.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_i_s.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_i_s.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_i_s.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_i_s.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_i_s.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_i_s.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_i_s.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_i_s.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_i_s.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_i_s.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_i_s.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_i_s.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_i_s.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_i_s.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_i_s.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-p7_i_s.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-p7_i_s.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_i_s.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_i_s.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_i_s.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_lib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_lib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_lib.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_lib.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_lib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_lib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_lib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_lib.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_lib.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-p7_lib.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-p7_lib.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_recip.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_recip.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_recip.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_recip.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_recip.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_recip.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_recip.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_recip.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_recip.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_recip.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_recip.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_recip.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_recip.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_recip.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_recip.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-p7_recip.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-p7_recip.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_recip.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_recip.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_recip.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_s_e.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_s_e.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_s_e.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_s_e.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_s_e.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_s_e.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_s_e.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_s_e.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_s_e.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_s_e.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_s_e.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_s_e.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_s_e.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_s_e.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_s_e.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-p7_s_e.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-p7_s_e.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_s_e.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_s_e.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_s_e.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_signd.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_signd.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_signd.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_signd.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_signd.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_signd.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_signd.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_signd.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_signd.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_signd.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_signd.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_signd.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_signd.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_signd.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_signd.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-p7_signd.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-p7_signd.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_signd.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_signd.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_signd.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p7_signi.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p7_signi.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p7_signi.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p7_signi.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p7_signi.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p7_signi.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p7_signi.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p7_signi.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p7_signi.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p7_signi.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p7_signi.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p7_signi.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p7_signi.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-p7_signi.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-p7_signi.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-p7_signi.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-p7_signi.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-p7_signi.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-p7_signi.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-p7_signi.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-p8_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+p8_pkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
p8_pkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
p8_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
p8_pkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
@@ -1025,26 +670,26 @@
t_req.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
t_req.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
t_req.o: ../../include/openssl/x509v3.h ../cryptlib.h
-t_spki.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-t_spki.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-t_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-t_spki.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-t_spki.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-t_spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-t_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-t_spki.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-t_spki.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-t_spki.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-t_spki.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-t_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-t_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-t_spki.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-t_spki.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-t_spki.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-t_spki.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-t_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-t_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-t_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
+t_spki.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_spki.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+t_spki.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+t_spki.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+t_spki.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+t_spki.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+t_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+t_spki.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+t_spki.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+t_spki.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+t_spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_spki.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+t_spki.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+t_spki.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h
+t_spki.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+t_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_spki.o: ../cryptlib.h
t_x509.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
t_x509.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
t_x509.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
@@ -1066,33 +711,71 @@
t_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
t_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
t_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h
-t_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-t_x509a.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-t_x509a.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-t_x509a.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-t_x509a.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-t_x509a.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-t_x509a.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-t_x509a.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-t_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-t_x509a.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-t_x509a.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-t_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-t_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-t_x509a.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-t_x509a.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-t_x509a.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-t_x509a.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-t_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-t_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-t_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_algor.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+t_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+t_x509a.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+t_x509a.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+t_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+t_x509a.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+t_x509a.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+t_x509a.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+t_x509a.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+t_x509a.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+t_x509a.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+t_x509a.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+t_x509a.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+t_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+t_x509a.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+t_x509a.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h
+t_x509a.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+t_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+t_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+t_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+t_x509a.o: ../cryptlib.h
+tasn_dec.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tasn_dec.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+tasn_dec.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+tasn_dec.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+tasn_dec.o: ../../include/openssl/opensslconf.h
+tasn_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+tasn_dec.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tasn_enc.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_enc.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tasn_enc.o: ../../include/openssl/crypto.h ../../include/openssl/obj_mac.h
+tasn_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+tasn_enc.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tasn_fre.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_fre.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tasn_fre.o: ../../include/openssl/crypto.h ../../include/openssl/obj_mac.h
+tasn_fre.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_fre.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+tasn_fre.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tasn_new.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_new.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tasn_new.o: ../../include/openssl/crypto.h ../../include/openssl/err.h
+tasn_new.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tasn_new.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_new.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+tasn_new.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tasn_typ.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_typ.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tasn_typ.o: ../../include/openssl/crypto.h ../../include/openssl/opensslconf.h
+tasn_typ.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+tasn_typ.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+tasn_utl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+tasn_utl.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+tasn_utl.o: ../../include/openssl/crypto.h ../../include/openssl/err.h
+tasn_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+tasn_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+tasn_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+tasn_utl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_algor.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
x_algor.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
x_algor.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
x_algor.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
x_algor.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x_algor.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x_algor.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_algor.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
x_algor.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
x_algor.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
x_algor.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
@@ -1105,8 +788,8 @@
x_algor.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
x_algor.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
x_algor.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_algor.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_attrib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+x_algor.o: ../../include/openssl/x509_vfy.h
+x_attrib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
x_attrib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
x_attrib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
x_attrib.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
@@ -1126,27 +809,16 @@
x_attrib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
x_attrib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
x_attrib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_cinf.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-x_cinf.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_cinf.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_cinf.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x_cinf.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x_cinf.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x_cinf.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_cinf.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_cinf.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_cinf.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_cinf.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_cinf.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_cinf.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x_cinf.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_cinf.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-x_cinf.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-x_cinf.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_cinf.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_cinf.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_cinf.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_crl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+x_bignum.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+x_bignum.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+x_bignum.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_bignum.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+x_bignum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+x_bignum.o: ../../include/openssl/opensslconf.h
+x_bignum.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+x_bignum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_bignum.o: ../cryptlib.h
+x_crl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
x_crl.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
x_crl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
x_crl.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
@@ -1166,13 +838,12 @@
x_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
x_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
x_crl.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_exten.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+x_exten.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
x_exten.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
x_exten.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
x_exten.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
x_exten.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x_exten.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x_exten.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+x_exten.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h
x_exten.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
x_exten.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
x_exten.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
@@ -1185,28 +856,36 @@
x_exten.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
x_exten.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
x_exten.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_exten.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_info.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-x_info.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x_info.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x_info.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x_info.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x_info.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x_info.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x_info.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x_info.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x_info.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-x_info.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
-x_info.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
-x_info.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
-x_info.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
-x_info.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
-x_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
-x_info.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
-x_info.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_name.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+x_exten.o: ../../include/openssl/x509_vfy.h
+x_info.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x_info.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x_info.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x_info.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x_info.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+x_info.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+x_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x_info.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+x_info.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+x_info.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+x_info.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x_info.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+x_info.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+x_info.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h
+x_info.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+x_info.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+x_info.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+x_info.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+x_info.o: ../cryptlib.h
+x_long.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+x_long.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+x_long.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+x_long.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+x_long.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+x_long.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+x_long.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+x_long.o: ../../include/openssl/symhacks.h ../cryptlib.h
+x_name.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
x_name.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
x_name.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
x_name.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
@@ -1246,7 +925,7 @@
x_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
x_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
x_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_pubkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+x_pubkey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
x_pubkey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
x_pubkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
x_pubkey.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
@@ -1266,7 +945,7 @@
x_pubkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
x_pubkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
x_pubkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_req.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+x_req.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
x_req.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
x_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
x_req.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
@@ -1286,7 +965,7 @@
x_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
x_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
x_req.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_sig.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+x_sig.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
x_sig.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
x_sig.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
x_sig.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
@@ -1306,7 +985,7 @@
x_sig.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
x_sig.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
x_sig.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_spki.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+x_spki.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
x_spki.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
x_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
x_spki.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
@@ -1326,7 +1005,7 @@
x_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
x_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
x_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_val.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+x_val.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
x_val.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
x_val.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
x_val.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
@@ -1346,7 +1025,7 @@
x_val.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
x_val.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
x_val.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x_x509.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+x_x509.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
x_x509.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
x_x509.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
x_x509.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
@@ -1368,7 +1047,7 @@
x_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
x_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
x_x509.o: ../cryptlib.h
-x_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+x_x509a.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
x_x509a.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
x_x509a.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
x_x509a.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c
index 7013a40..46e9703 100644
--- a/crypto/asn1/a_bitstr.c
+++ b/crypto/asn1/a_bitstr.c
@@ -60,27 +60,9 @@
#include "cryptlib.h"
#include <openssl/asn1.h>
-ASN1_BIT_STRING *ASN1_BIT_STRING_new(void)
-{ return M_ASN1_BIT_STRING_new(); }
-
-void ASN1_BIT_STRING_free(ASN1_BIT_STRING *x)
-{ M_ASN1_BIT_STRING_free(x); }
-
int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len)
{ return M_ASN1_BIT_STRING_set(x, d, len); }
-int i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
-{
- int len, ret;
- len = i2c_ASN1_BIT_STRING(a, NULL);
- ret=ASN1_object_size(0,len,V_ASN1_BIT_STRING);
- if(pp) {
- ASN1_put_object(pp,0,len,V_ASN1_BIT_STRING,V_ASN1_UNIVERSAL);
- i2c_ASN1_BIT_STRING(a, pp);
- }
- return ret;
-}
-
int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp)
{
int ret,j,bits,len;
@@ -129,40 +111,6 @@
return(ret);
}
-
-/* Convert DER encoded ASN1 BIT_STRING to ASN1_BIT_STRING structure */
-ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, unsigned char **pp,
- long length)
-{
- unsigned char *p;
- long len;
- int i;
- int inf,tag,xclass;
- ASN1_BIT_STRING *ret;
-
- p= *pp;
- inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
- if (inf & 0x80)
- {
- i=ASN1_R_BAD_OBJECT_HEADER;
- goto err;
- }
-
- if (tag != V_ASN1_BIT_STRING)
- {
- i=ASN1_R_EXPECTING_A_BIT_STRING;
- goto err;
- }
- if (len < 1) { i=ASN1_R_STRING_TOO_SHORT; goto err; }
- ret = c2i_ASN1_BIT_STRING(a, &p, len);
- if(ret) *pp = p;
- return ret;
-err:
- ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i);
- return(NULL);
-
-}
-
ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, unsigned char **pp,
long len)
{
diff --git a/crypto/asn1/a_bmp.c b/crypto/asn1/a_bmp.c
deleted file mode 100644
index d9ac5a0..0000000
--- a/crypto/asn1/a_bmp.c
+++ /dev/null
@@ -1,89 +0,0 @@
-/* crypto/asn1/a_bmp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-ASN1_BMPSTRING *ASN1_BMPSTRING_new(void)
-{ return M_ASN1_BMPSTRING_new(); }
-
-void ASN1_BMPSTRING_free(ASN1_BMPSTRING *x)
-{ M_ASN1_BMPSTRING_free(x); }
-
-int i2d_ASN1_BMPSTRING(ASN1_BMPSTRING *a, unsigned char **pp)
- {
- return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
- V_ASN1_BMPSTRING,V_ASN1_UNIVERSAL));
- }
-
-ASN1_BMPSTRING *d2i_ASN1_BMPSTRING(ASN1_BMPSTRING **a, unsigned char **pp,
- long length)
- {
- ASN1_BMPSTRING *ret=NULL;
-
- ret=(ASN1_BMPSTRING *)d2i_ASN1_bytes((ASN1_STRING **)a,
- pp,length,V_ASN1_BMPSTRING,V_ASN1_UNIVERSAL);
- if (ret == NULL)
- {
- ASN1err(ASN1_F_D2I_ASN1_BMPSTRING,ERR_R_NESTED_ASN1_ERROR);
- return(NULL);
- }
- return(ret);
- }
-
diff --git a/crypto/asn1/a_bool.c b/crypto/asn1/a_bool.c
index 18fa618..24333ea 100644
--- a/crypto/asn1/a_bool.c
+++ b/crypto/asn1/a_bool.c
@@ -58,7 +58,7 @@
#include <stdio.h>
#include "cryptlib.h"
-#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
int i2d_ASN1_BOOLEAN(int a, unsigned char **pp)
{
@@ -110,3 +110,5 @@
ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,i);
return(ret);
}
+
+
diff --git a/crypto/asn1/a_bytes.c b/crypto/asn1/a_bytes.c
index 3a0c0c7..aa4b570 100644
--- a/crypto/asn1/a_bytes.c
+++ b/crypto/asn1/a_bytes.c
@@ -58,19 +58,26 @@
#include <stdio.h>
#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1.h>
static unsigned long tag2bit[32]={
0, 0, 0, B_ASN1_BIT_STRING, /* tags 0 - 3 */
B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,/* tags 4- 7 */
B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 8-11 */
B_ASN1_UTF8STRING,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,/* tags 12-15 */
-0, 0, B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING,
-B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING,0,
-0,B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING,
-B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_BMPSTRING,B_ASN1_UNKNOWN,
+0, 0, B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING, /* tags 16-19 */
+B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING, /* tags 20-22 */
+B_ASN1_UTCTIME, B_ASN1_GENERALIZEDTIME, /* tags 23-24 */
+B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING, /* tags 25-27 */
+B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_BMPSTRING,B_ASN1_UNKNOWN, /* tags 28-31 */
};
+unsigned long ASN1_tag2bit(int tag)
+{
+ if((tag < 0) || (tag > 30)) return 0;
+ return tag2bit[tag];
+}
+
static int asn1_collate_primitive(ASN1_STRING *a, ASN1_CTX *c);
/* type is a 'bitmap' of acceptable string types.
*/
diff --git a/crypto/asn1/a_dup.c b/crypto/asn1/a_dup.c
index c3bda58..60e2e9a 100644
--- a/crypto/asn1/a_dup.c
+++ b/crypto/asn1/a_dup.c
@@ -58,7 +58,7 @@
#include <stdio.h>
#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1.h>
#define READ_CHUNK 2048
diff --git a/crypto/asn1/a_enum.c b/crypto/asn1/a_enum.c
index 1428d1d..b507c5e 100644
--- a/crypto/asn1/a_enum.c
+++ b/crypto/asn1/a_enum.c
@@ -65,60 +65,6 @@
* for comments on encoding see a_int.c
*/
-ASN1_ENUMERATED *ASN1_ENUMERATED_new(void)
-{ return M_ASN1_ENUMERATED_new(); }
-
-void ASN1_ENUMERATED_free(ASN1_ENUMERATED *x)
-{ M_ASN1_ENUMERATED_free(x); }
-
-
-int i2d_ASN1_ENUMERATED(ASN1_ENUMERATED *a, unsigned char **pp)
-{
- int len, ret;
- if(!a) return 0;
- len = i2c_ASN1_INTEGER(a, NULL);
- ret=ASN1_object_size(0,len,V_ASN1_ENUMERATED);
- if(pp) {
- ASN1_put_object(pp,0,len,V_ASN1_ENUMERATED,V_ASN1_UNIVERSAL);
- i2c_ASN1_INTEGER(a, pp);
- }
- return ret;
-}
-
-ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a, unsigned char **pp,
- long length)
-{
- unsigned char *p;
- long len;
- int i;
- int inf,tag,xclass;
- ASN1_ENUMERATED *ret;
-
- p= *pp;
- inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
- if (inf & 0x80)
- {
- i=ASN1_R_BAD_OBJECT_HEADER;
- goto err;
- }
-
- if (tag != V_ASN1_ENUMERATED)
- {
- i=ASN1_R_EXPECTING_AN_ENUMERATED;
- goto err;
- }
- ret = c2i_ASN1_INTEGER(a, &p, len);
- if(ret) {
- ret->type = (V_ASN1_NEG & ret->type) | V_ASN1_ENUMERATED;
- *pp = p;
- }
- return ret;
-err:
- ASN1err(ASN1_F_D2I_ASN1_ENUMERATED,i);
- return(NULL);
-
-}
-
int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v)
{
int i,j,k;
diff --git a/crypto/asn1/a_gentm.c b/crypto/asn1/a_gentm.c
index 314479a..d71c190 100644
--- a/crypto/asn1/a_gentm.c
+++ b/crypto/asn1/a_gentm.c
@@ -63,11 +63,7 @@
#include "cryptlib.h"
#include <openssl/asn1.h>
-ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_new(void)
-{ return M_ASN1_GENERALIZEDTIME_new(); }
-
-void ASN1_GENERALIZEDTIME_free(ASN1_GENERALIZEDTIME *x)
-{ M_ASN1_GENERALIZEDTIME_free(x); }
+#if 0
int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **pp)
{
@@ -116,6 +112,8 @@
return(NULL);
}
+#endif
+
int ASN1_GENERALIZEDTIME_check(ASN1_GENERALIZEDTIME *d)
{
static int min[9]={ 0, 0, 1, 1, 0, 0, 0, 0, 0};
diff --git a/crypto/asn1/a_i2d_fp.c b/crypto/asn1/a_i2d_fp.c
index aee29a7..7b64a57 100644
--- a/crypto/asn1/a_i2d_fp.c
+++ b/crypto/asn1/a_i2d_fp.c
@@ -59,7 +59,7 @@
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/buffer.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1.h>
#ifndef NO_FP_API
int ASN1_i2d_fp(int (*i2d)(), FILE *out, unsigned char *x)
diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c
index 6f0413f..c18376b 100644
--- a/crypto/asn1/a_int.c
+++ b/crypto/asn1/a_int.c
@@ -60,33 +60,12 @@
#include "cryptlib.h"
#include <openssl/asn1.h>
-ASN1_INTEGER *ASN1_INTEGER_new(void)
-{ return M_ASN1_INTEGER_new();}
-
-void ASN1_INTEGER_free(ASN1_INTEGER *x)
-{ M_ASN1_INTEGER_free(x);}
-
ASN1_INTEGER *ASN1_INTEGER_dup(ASN1_INTEGER *x)
{ return M_ASN1_INTEGER_dup(x);}
int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y)
{ return M_ASN1_INTEGER_cmp(x,y);}
-/* Output ASN1 INTEGER including tag+length */
-
-int i2d_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp)
-{
- int len, ret;
- if(!a) return 0;
- len = i2c_ASN1_INTEGER(a, NULL);
- ret=ASN1_object_size(0,len,V_ASN1_INTEGER);
- if(pp) {
- ASN1_put_object(pp,0,len,V_ASN1_INTEGER,V_ASN1_UNIVERSAL);
- i2c_ASN1_INTEGER(a, pp);
- }
- return ret;
-}
-
/*
* This converts an ASN1 INTEGER into its content encoding.
* The internal representation is an ASN1_STRING whose data is a big endian
@@ -174,39 +153,6 @@
return(ret);
}
-/* Convert DER encoded ASN1 INTEGER to ASN1_INTEGER structure */
-ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp,
- long length)
-{
- unsigned char *p;
- long len;
- int i;
- int inf,tag,xclass;
- ASN1_INTEGER *ret;
-
- p= *pp;
- inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
- if (inf & 0x80)
- {
- i=ASN1_R_BAD_OBJECT_HEADER;
- goto err;
- }
-
- if (tag != V_ASN1_INTEGER)
- {
- i=ASN1_R_EXPECTING_AN_INTEGER;
- goto err;
- }
- ret = c2i_ASN1_INTEGER(a, &p, len);
- if(ret) *pp = p;
- return ret;
-err:
- ASN1err(ASN1_F_D2I_ASN1_INTEGER,i);
- return(NULL);
-
-}
-
-
/* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */
ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, unsigned char **pp,
diff --git a/crypto/asn1/a_octet.c b/crypto/asn1/a_octet.c
index 2586f43..9690bae 100644
--- a/crypto/asn1/a_octet.c
+++ b/crypto/asn1/a_octet.c
@@ -60,12 +60,6 @@
#include "cryptlib.h"
#include <openssl/asn1.h>
-ASN1_OCTET_STRING *ASN1_OCTET_STRING_new(void)
-{ return M_ASN1_OCTET_STRING_new(); }
-
-void ASN1_OCTET_STRING_free(ASN1_OCTET_STRING *x)
-{ M_ASN1_OCTET_STRING_free(x); }
-
ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *x)
{ return M_ASN1_OCTET_STRING_dup(x); }
@@ -75,21 +69,3 @@
int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, unsigned char *d, int len)
{ return M_ASN1_OCTET_STRING_set(x, d, len); }
-int i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a, unsigned char **pp)
-{ return M_i2d_ASN1_OCTET_STRING(a, pp); }
-
-ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a,
- unsigned char **pp, long length)
- {
- ASN1_OCTET_STRING *ret=NULL;
-
- ret=(ASN1_OCTET_STRING *)d2i_ASN1_bytes((ASN1_STRING **)a,
- pp,length,V_ASN1_OCTET_STRING,V_ASN1_UNIVERSAL);
- if (ret == NULL)
- {
- ASN1err(ASN1_F_D2I_ASN1_OCTET_STRING,ERR_R_NESTED_ASN1_ERROR);
- return(NULL);
- }
- return(ret);
- }
-
diff --git a/crypto/asn1/a_print.c b/crypto/asn1/a_print.c
index b7bd2bd..8035513 100644
--- a/crypto/asn1/a_print.c
+++ b/crypto/asn1/a_print.c
@@ -60,50 +60,6 @@
#include "cryptlib.h"
#include <openssl/asn1.h>
-ASN1_IA5STRING *ASN1_IA5STRING_new(void)
-{ return M_ASN1_IA5STRING_new();}
-
-void ASN1_IA5STRING_free(ASN1_IA5STRING *x)
-{ M_ASN1_IA5STRING_free(x);}
-
-int i2d_ASN1_IA5STRING(ASN1_IA5STRING *a, unsigned char **pp)
- { return(M_i2d_ASN1_IA5STRING(a,pp)); }
-
-ASN1_IA5STRING *d2i_ASN1_IA5STRING(ASN1_IA5STRING **a, unsigned char **pp,
- long l)
- { return(M_d2i_ASN1_IA5STRING(a,pp,l)); }
-
-ASN1_T61STRING *ASN1_T61STRING_new(void)
-{ return M_ASN1_T61STRING_new();}
-
-void ASN1_T61STRING_free(ASN1_T61STRING *x)
-{ M_ASN1_T61STRING_free(x);}
-
-ASN1_T61STRING *d2i_ASN1_T61STRING(ASN1_T61STRING **a, unsigned char **pp,
- long l)
- { return(M_d2i_ASN1_T61STRING(a,pp,l)); }
-
-ASN1_PRINTABLESTRING *ASN1_PRINTABLESTRING_new(void)
-{ return M_ASN1_PRINTABLESTRING_new();}
-
-void ASN1_PRINTABLESTRING_free(ASN1_PRINTABLESTRING *x)
-{ M_ASN1_PRINTABLESTRING_free(x);}
-
-ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a,
- unsigned char **pp, long l)
- { return(M_d2i_ASN1_PRINTABLESTRING(a,pp,
- l)); }
-
-int i2d_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING *a, unsigned char **pp)
- { return(M_i2d_ASN1_PRINTABLESTRING(a,pp)); }
-
-int i2d_ASN1_PRINTABLE(ASN1_STRING *a, unsigned char **pp)
- { return(M_i2d_ASN1_PRINTABLE(a,pp)); }
-
-ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a, unsigned char **pp,
- long l)
- { return(M_d2i_ASN1_PRINTABLE(a,pp,l)); }
-
int ASN1_PRINTABLE_type(unsigned char *s, int len)
{
int c;
@@ -169,29 +125,3 @@
s->type=ASN1_PRINTABLE_type(s->data,s->length);
return(1);
}
-
-ASN1_STRING *DIRECTORYSTRING_new(void)
-{ return M_DIRECTORYSTRING_new();}
-
-void DIRECTORYSTRING_free(ASN1_STRING *x)
-{ M_DIRECTORYSTRING_free(x);}
-
-int i2d_DIRECTORYSTRING(ASN1_STRING *a, unsigned char **pp)
- { return(M_i2d_DIRECTORYSTRING(a,pp)); }
-
-ASN1_STRING *d2i_DIRECTORYSTRING(ASN1_STRING **a, unsigned char **pp,
- long l)
- { return(M_d2i_DIRECTORYSTRING(a,pp,l)); }
-
-ASN1_STRING *DISPLAYTEXT_new(void)
-{ return M_DISPLAYTEXT_new();}
-
-void DISPLAYTEXT_free(ASN1_STRING *x)
-{ M_DISPLAYTEXT_free(x);}
-
-int i2d_DISPLAYTEXT(ASN1_STRING *a, unsigned char **pp)
- { return(M_i2d_DISPLAYTEXT(a,pp)); }
-
-ASN1_STRING *d2i_DISPLAYTEXT(ASN1_STRING **a, unsigned char **pp,
- long l)
- { return(M_d2i_DISPLAYTEXT(a,pp,l)); }
diff --git a/crypto/asn1/a_time.c b/crypto/asn1/a_time.c
index 8c0ddee..edc4929 100644
--- a/crypto/asn1/a_time.c
+++ b/crypto/asn1/a_time.c
@@ -64,14 +64,13 @@
#include <stdio.h>
#include <time.h>
#include "cryptlib.h"
-#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
-ASN1_TIME *ASN1_TIME_new(void)
-{ return M_ASN1_TIME_new(); }
+IMPLEMENT_ASN1_MSTRING(ASN1_TIME, B_ASN1_TIME)
-void ASN1_TIME_free(ASN1_TIME *x)
-{ M_ASN1_TIME_free(x); }
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_TIME)
+#if 0
int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp)
{
#ifdef CHARSET_EBCDIC
@@ -95,19 +94,7 @@
ASN1err(ASN1_F_I2D_ASN1_TIME,ASN1_R_EXPECTING_A_TIME);
return -1;
}
-
-
-ASN1_TIME *d2i_ASN1_TIME(ASN1_TIME **a, unsigned char **pp, long length)
- {
- unsigned char tag;
- tag = **pp & ~V_ASN1_CONSTRUCTED;
- if(tag == (V_ASN1_UTCTIME|V_ASN1_UNIVERSAL))
- return d2i_ASN1_UTCTIME(a, pp, length);
- if(tag == (V_ASN1_GENERALIZEDTIME|V_ASN1_UNIVERSAL))
- return d2i_ASN1_GENERALIZEDTIME(a, pp, length);
- ASN1err(ASN1_F_D2I_ASN1_TIME,ASN1_R_EXPECTING_A_TIME);
- return(NULL);
- }
+#endif
ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t)
diff --git a/crypto/asn1/a_type.c b/crypto/asn1/a_type.c
index e72a6b2..96e111c 100644
--- a/crypto/asn1/a_type.c
+++ b/crypto/asn1/a_type.c
@@ -57,236 +57,8 @@
*/
#include <stdio.h>
+#include <openssl/asn1t.h>
#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-
-static void ASN1_TYPE_component_free(ASN1_TYPE *a);
-int i2d_ASN1_TYPE(ASN1_TYPE *a, unsigned char **pp)
- {
- int r=0;
-
- if (a == NULL) return(0);
-
- switch (a->type)
- {
- case V_ASN1_NULL:
- if (pp != NULL)
- ASN1_put_object(pp,0,0,V_ASN1_NULL,V_ASN1_UNIVERSAL);
- r=2;
- break;
- case V_ASN1_INTEGER:
- case V_ASN1_NEG_INTEGER:
- r=i2d_ASN1_INTEGER(a->value.integer,pp);
- break;
- case V_ASN1_ENUMERATED:
- case V_ASN1_NEG_ENUMERATED:
- r=i2d_ASN1_ENUMERATED(a->value.enumerated,pp);
- break;
- case V_ASN1_BIT_STRING:
- r=i2d_ASN1_BIT_STRING(a->value.bit_string,pp);
- break;
- case V_ASN1_OCTET_STRING:
- r=i2d_ASN1_OCTET_STRING(a->value.octet_string,pp);
- break;
- case V_ASN1_OBJECT:
- r=i2d_ASN1_OBJECT(a->value.object,pp);
- break;
- case V_ASN1_PRINTABLESTRING:
- r=M_i2d_ASN1_PRINTABLESTRING(a->value.printablestring,pp);
- break;
- case V_ASN1_T61STRING:
- r=M_i2d_ASN1_T61STRING(a->value.t61string,pp);
- break;
- case V_ASN1_IA5STRING:
- r=M_i2d_ASN1_IA5STRING(a->value.ia5string,pp);
- break;
- case V_ASN1_GENERALSTRING:
- r=M_i2d_ASN1_GENERALSTRING(a->value.generalstring,pp);
- break;
- case V_ASN1_UNIVERSALSTRING:
- r=M_i2d_ASN1_UNIVERSALSTRING(a->value.universalstring,pp);
- break;
- case V_ASN1_UTF8STRING:
- r=M_i2d_ASN1_UTF8STRING(a->value.utf8string,pp);
- break;
- case V_ASN1_VISIBLESTRING:
- r=M_i2d_ASN1_VISIBLESTRING(a->value.visiblestring,pp);
- break;
- case V_ASN1_BMPSTRING:
- r=M_i2d_ASN1_BMPSTRING(a->value.bmpstring,pp);
- break;
- case V_ASN1_UTCTIME:
- r=i2d_ASN1_UTCTIME(a->value.utctime,pp);
- break;
- case V_ASN1_GENERALIZEDTIME:
- r=i2d_ASN1_GENERALIZEDTIME(a->value.generalizedtime,pp);
- break;
- case V_ASN1_SET:
- case V_ASN1_SEQUENCE:
- case V_ASN1_OTHER:
- default:
- if (a->value.set == NULL)
- r=0;
- else
- {
- r=a->value.set->length;
- if (pp != NULL)
- {
- memcpy(*pp,a->value.set->data,r);
- *pp+=r;
- }
- }
- break;
- }
- return(r);
- }
-
-ASN1_TYPE *d2i_ASN1_TYPE(ASN1_TYPE **a, unsigned char **pp, long length)
- {
- ASN1_TYPE *ret=NULL;
- unsigned char *q,*p,*max;
- int inf,tag,xclass;
- long len;
-
- if ((a == NULL) || ((*a) == NULL))
- {
- if ((ret=ASN1_TYPE_new()) == NULL) goto err;
- }
- else
- ret=(*a);
-
- p= *pp;
- q=p;
- max=(p+length);
-
- inf=ASN1_get_object(&q,&len,&tag,&xclass,length);
- if (inf & 0x80) goto err;
- /* If not universal tag we've no idea what it is */
- if(xclass != V_ASN1_UNIVERSAL) tag = V_ASN1_OTHER;
-
- ASN1_TYPE_component_free(ret);
-
- switch (tag)
- {
- case V_ASN1_NULL:
- p=q;
- ret->value.ptr=NULL;
- break;
- case V_ASN1_INTEGER:
- if ((ret->value.integer=
- d2i_ASN1_INTEGER(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_ENUMERATED:
- if ((ret->value.enumerated=
- d2i_ASN1_ENUMERATED(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_BIT_STRING:
- if ((ret->value.bit_string=
- d2i_ASN1_BIT_STRING(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_OCTET_STRING:
- if ((ret->value.octet_string=
- d2i_ASN1_OCTET_STRING(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_VISIBLESTRING:
- if ((ret->value.visiblestring=
- d2i_ASN1_VISIBLESTRING(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_UTF8STRING:
- if ((ret->value.utf8string=
- d2i_ASN1_UTF8STRING(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_OBJECT:
- if ((ret->value.object=
- d2i_ASN1_OBJECT(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_PRINTABLESTRING:
- if ((ret->value.printablestring=
- d2i_ASN1_PRINTABLESTRING(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_T61STRING:
- if ((ret->value.t61string=
- M_d2i_ASN1_T61STRING(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_IA5STRING:
- if ((ret->value.ia5string=
- M_d2i_ASN1_IA5STRING(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_GENERALSTRING:
- if ((ret->value.generalstring=
- M_d2i_ASN1_GENERALSTRING(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_UNIVERSALSTRING:
- if ((ret->value.universalstring=
- M_d2i_ASN1_UNIVERSALSTRING(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_BMPSTRING:
- if ((ret->value.bmpstring=
- M_d2i_ASN1_BMPSTRING(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_UTCTIME:
- if ((ret->value.utctime=
- d2i_ASN1_UTCTIME(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_GENERALIZEDTIME:
- if ((ret->value.generalizedtime=
- d2i_ASN1_GENERALIZEDTIME(NULL,&p,max-p)) == NULL)
- goto err;
- break;
- case V_ASN1_SET:
- case V_ASN1_SEQUENCE:
- case V_ASN1_OTHER:
- default:
- /* Sets and sequences are left complete */
- if ((ret->value.set=ASN1_STRING_new()) == NULL) goto err;
- ret->value.set->type=tag;
- len+=(q-p);
- if (!ASN1_STRING_set(ret->value.set,p,(int)len)) goto err;
- p+=len;
- break;
- }
-
- ret->type=tag;
- if (a != NULL) (*a)=ret;
- *pp=p;
- return(ret);
-err:
- if ((ret != NULL) && ((a == NULL) || (*a != ret))) ASN1_TYPE_free(ret);
- return(NULL);
- }
-
-ASN1_TYPE *ASN1_TYPE_new(void)
- {
- ASN1_TYPE *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,ASN1_TYPE);
- ret->type= -1;
- ret->value.ptr=NULL;
- return(ret);
- M_ASN1_New_Error(ASN1_F_ASN1_TYPE_NEW);
- }
-
-void ASN1_TYPE_free(ASN1_TYPE *a)
- {
- if (a == NULL) return;
- ASN1_TYPE_component_free(a);
- OPENSSL_free(a);
- }
int ASN1_TYPE_get(ASN1_TYPE *a)
{
@@ -299,54 +71,11 @@
void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value)
{
if (a->value.ptr != NULL)
- ASN1_TYPE_component_free(a);
+ ASN1_primitive_free((ASN1_VALUE **)&a, NULL);
a->type=type;
a->value.ptr=value;
}
-static void ASN1_TYPE_component_free(ASN1_TYPE *a)
- {
- if (a == NULL) return;
-
- if (a->value.ptr != NULL)
- {
- switch (a->type)
- {
- case V_ASN1_OBJECT:
- ASN1_OBJECT_free(a->value.object);
- break;
- case V_ASN1_NULL:
- break;
- case V_ASN1_INTEGER:
- case V_ASN1_NEG_INTEGER:
- case V_ASN1_ENUMERATED:
- case V_ASN1_NEG_ENUMERATED:
- case V_ASN1_BIT_STRING:
- case V_ASN1_OCTET_STRING:
- case V_ASN1_SEQUENCE:
- case V_ASN1_SET:
- case V_ASN1_NUMERICSTRING:
- case V_ASN1_PRINTABLESTRING:
- case V_ASN1_T61STRING:
- case V_ASN1_VIDEOTEXSTRING:
- case V_ASN1_IA5STRING:
- case V_ASN1_UTCTIME:
- case V_ASN1_GENERALIZEDTIME:
- case V_ASN1_GRAPHICSTRING:
- case V_ASN1_VISIBLESTRING:
- case V_ASN1_GENERALSTRING:
- case V_ASN1_UNIVERSALSTRING:
- case V_ASN1_BMPSTRING:
- case V_ASN1_UTF8STRING:
- case V_ASN1_OTHER:
- default:
- ASN1_STRING_free((ASN1_STRING *)a->value.ptr);
- break;
- }
- a->type=0;
- a->value.ptr=NULL;
- }
- }
IMPLEMENT_STACK_OF(ASN1_TYPE)
IMPLEMENT_ASN1_SET_OF(ASN1_TYPE)
diff --git a/crypto/asn1/a_utctm.c b/crypto/asn1/a_utctm.c
index d381c9e..6ddeaff 100644
--- a/crypto/asn1/a_utctm.c
+++ b/crypto/asn1/a_utctm.c
@@ -66,12 +66,7 @@
#include "cryptlib.h"
#include <openssl/asn1.h>
-ASN1_UTCTIME *ASN1_UTCTIME_new(void)
-{ return M_ASN1_UTCTIME_new(); }
-
-void ASN1_UTCTIME_free(ASN1_UTCTIME *x)
-{ M_ASN1_UTCTIME_free(x); }
-
+#if 0
int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **pp)
{
#ifndef CHARSET_EBCDIC
@@ -119,6 +114,8 @@
return(NULL);
}
+#endif
+
int ASN1_UTCTIME_check(ASN1_UTCTIME *d)
{
static int min[8]={ 0, 1, 1, 0, 0, 0, 0, 0};
diff --git a/crypto/asn1/a_utf8.c b/crypto/asn1/a_utf8.c
index 854278f..508e11e 100644
--- a/crypto/asn1/a_utf8.c
+++ b/crypto/asn1/a_utf8.c
@@ -60,33 +60,6 @@
#include "cryptlib.h"
#include <openssl/asn1.h>
-ASN1_UTF8STRING *ASN1_UTF8STRING_new(void)
-{ return M_ASN1_UTF8STRING_new();}
-
-void ASN1_UTF8STRING_free(ASN1_UTF8STRING *x)
-{ M_ASN1_UTF8STRING_free(x);}
-
-int i2d_ASN1_UTF8STRING(ASN1_UTF8STRING *a, unsigned char **pp)
- {
- return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
- V_ASN1_UTF8STRING,V_ASN1_UNIVERSAL));
- }
-
-ASN1_UTF8STRING *d2i_ASN1_UTF8STRING(ASN1_UTF8STRING **a, unsigned char **pp,
- long length)
- {
- ASN1_UTF8STRING *ret=NULL;
-
- ret=(ASN1_UTF8STRING *)d2i_ASN1_bytes((ASN1_STRING **)a,
- pp,length,V_ASN1_UTF8STRING,V_ASN1_UNIVERSAL);
- if (ret == NULL)
- {
- ASN1err(ASN1_F_D2I_ASN1_UTF8STRING,ERR_R_NESTED_ASN1_ERROR);
- return(NULL);
- }
- return(ret);
- }
-
/* UTF8 utilities */
diff --git a/crypto/asn1/a_vis.c b/crypto/asn1/a_vis.c
deleted file mode 100644
index 5cfc080..0000000
--- a/crypto/asn1/a_vis.c
+++ /dev/null
@@ -1,89 +0,0 @@
-/* crypto/asn1/a_vis.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1.h>
-
-ASN1_VISIBLESTRING *ASN1_VISIBLESTRING_new(void)
-{ return M_ASN1_VISIBLESTRING_new(); }
-
-void ASN1_VISIBLESTRING_free(ASN1_VISIBLESTRING *x)
-{ M_ASN1_VISIBLESTRING_free(x); }
-
-int i2d_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING *a, unsigned char **pp)
- {
- return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
- V_ASN1_VISIBLESTRING,V_ASN1_UNIVERSAL));
- }
-
-ASN1_VISIBLESTRING *d2i_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING **a,
- unsigned char **pp, long length)
- {
- ASN1_VISIBLESTRING *ret=NULL;
-
- ret=(ASN1_VISIBLESTRING *)d2i_ASN1_bytes((ASN1_STRING **)a,
- pp,length,V_ASN1_VISIBLESTRING,V_ASN1_UNIVERSAL);
- if (ret == NULL)
- {
- ASN1err(ASN1_F_D2I_ASN1_VISIBLESTRING,ERR_R_NESTED_ASN1_ERROR);
- return(NULL);
- }
- return(ret);
- }
-
diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
index 3daf4e4..a068035 100644
--- a/crypto/asn1/asn1.h
+++ b/crypto/asn1/asn1.h
@@ -84,6 +84,7 @@
#define V_ASN1_APP_CHOOSE -2 /* let the recipient choose */
#define V_ASN1_OTHER -3 /* used in ASN1_TYPE */
+#define V_ASN1_ANY -4 /* used in ASN1 template code */
#define V_ASN1_NEG 0x100 /* negative flag */
@@ -136,6 +137,8 @@
#define B_ASN1_BMPSTRING 0x0800
#define B_ASN1_UNKNOWN 0x1000
#define B_ASN1_UTF8STRING 0x2000
+#define B_ASN1_UTCTIME 0x4000
+#define B_ASN1_GENERALIZEDTIME 0x8000
/* For use with ASN1_mbstring_copy() */
#define MBSTRING_FLAG 0x1000
@@ -193,6 +196,21 @@
long flags;
} ASN1_STRING;
+/* ASN1_ENCODING structure: this is used to save the received
+ * encoding of an ASN1 type. This is useful to get round
+ * problems with invalid encodings which can break signatures.
+ */
+
+typedef struct ASN1_ENCODING_st
+ {
+ unsigned char *enc; /* DER encoding */
+ long len; /* Length of encoding */
+ int modified; /* set to 1 if 'enc' is invalid */
+ } ASN1_ENCODING;
+
+/* Used with ASN1 LONG type: if a long is set to this it is omitted */
+#define ASN1_LONG_UNDEF 0x7fffffffL
+
#define STABLE_FLAGS_MALLOC 0x01
#define STABLE_NO_MASK 0x02
#define DIRSTRING_TYPE \
@@ -237,6 +255,7 @@
#define ASN1_VISIBLESTRING ASN1_STRING
#define ASN1_UTF8STRING ASN1_STRING
#define ASN1_BOOLEAN int
+#define ASN1_NULL int
#else
typedef struct asn1_string_st ASN1_INTEGER;
typedef struct asn1_string_st ASN1_ENUMERATED;
@@ -254,9 +273,40 @@
typedef struct asn1_string_st ASN1_VISIBLESTRING;
typedef struct asn1_string_st ASN1_UTF8STRING;
typedef int ASN1_BOOLEAN;
+typedef int ASN1_NULL;
#endif
-typedef int ASN1_NULL;
+/* Declarations for template structures: for full definitions
+ * see asn1t.h
+ */
+typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE;
+typedef struct ASN1_ITEM_st ASN1_ITEM;
+typedef struct ASN1_TLC_st ASN1_TLC;
+/* This is just an opaque pointer */
+typedef struct ASN1_VALUE_st ASN1_VALUE;
+
+/* Declare ASN1 functions: the implement macro in in asn1t.h */
+
+#define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type)
+
+#define DECLARE_ASN1_FUNCTIONS_name(type, name) \
+ type *name##_new(void); \
+ void name##_free(type *a); \
+ DECLARE_ASN1_ENCODE_FUNCTIONS(type, name)
+
+#define DECLARE_ASN1_ENCODE_FUNCTIONS(type, name) \
+ type *d2i_##name(type **a, unsigned char **in, long len); \
+ int i2d_##name(type *a, unsigned char **out); \
+ extern const ASN1_ITEM name##_it;
+
+#define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \
+ type *d2i_##name(type **a, const unsigned char **in, long len); \
+ int i2d_##name(const type *a, unsigned char **out); \
+ extern const ASN1_ITEM name##_it;
+
+#define DECLARE_ASN1_FUNCTIONS_const(name) \
+ name *name##_new(void); \
+ void name##_free(name *a);
/* Parameters used by ASN1_STRING_print_ex() */
@@ -438,12 +488,11 @@
i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_OCTET_STRING,\
V_ASN1_UNIVERSAL)
-#define M_ASN1_PRINTABLE_new() ASN1_STRING_type_new(V_ASN1_T61STRING)
-#define M_ASN1_PRINTABLE_free(a) ASN1_STRING_free((ASN1_STRING *)a)
-#define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
- pp,a->type,V_ASN1_UNIVERSAL)
-#define M_d2i_ASN1_PRINTABLE(a,pp,l) \
- d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
+#define B_ASN1_TIME \
+ B_ASN1_UTCTIME | \
+ B_ASN1_GENERALIZEDTIME
+
+#define B_ASN1_PRINTABLE \
B_ASN1_PRINTABLESTRING| \
B_ASN1_T61STRING| \
B_ASN1_IA5STRING| \
@@ -451,7 +500,28 @@
B_ASN1_UNIVERSALSTRING|\
B_ASN1_BMPSTRING|\
B_ASN1_UTF8STRING|\
- B_ASN1_UNKNOWN)
+ B_ASN1_UNKNOWN
+
+#define B_ASN1_DIRECTORYSTRING \
+ B_ASN1_PRINTABLESTRING| \
+ B_ASN1_TELETEXSTRING|\
+ B_ASN1_BMPSTRING|\
+ B_ASN1_UNIVERSALSTRING|\
+ B_ASN1_UTF8STRING
+
+#define B_ASN1_DISPLAYTEXT \
+ B_ASN1_IA5STRING| \
+ B_ASN1_VISIBLESTRING| \
+ B_ASN1_BMPSTRING|\
+ B_ASN1_UTF8STRING
+
+#define M_ASN1_PRINTABLE_new() ASN1_STRING_type_new(V_ASN1_T61STRING)
+#define M_ASN1_PRINTABLE_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
+ pp,a->type,V_ASN1_UNIVERSAL)
+#define M_d2i_ASN1_PRINTABLE(a,pp,l) \
+ d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
+ B_ASN1_PRINTABLE)
#define M_DIRECTORYSTRING_new() ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
#define M_DIRECTORYSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
@@ -459,11 +529,7 @@
pp,a->type,V_ASN1_UNIVERSAL)
#define M_d2i_DIRECTORYSTRING(a,pp,l) \
d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
- B_ASN1_PRINTABLESTRING| \
- B_ASN1_TELETEXSTRING|\
- B_ASN1_BMPSTRING|\
- B_ASN1_UNIVERSALSTRING|\
- B_ASN1_UTF8STRING)
+ B_ASN1_DIRECTORYSTRING)
#define M_DISPLAYTEXT_new() ASN1_STRING_type_new(V_ASN1_VISIBLESTRING)
#define M_DISPLAYTEXT_free(a) ASN1_STRING_free((ASN1_STRING *)a)
@@ -471,9 +537,7 @@
pp,a->type,V_ASN1_UNIVERSAL)
#define M_d2i_DISPLAYTEXT(a,pp,l) \
d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
- B_ASN1_VISIBLESTRING| \
- B_ASN1_BMPSTRING|\
- B_ASN1_UTF8STRING)
+ B_ASN1_DISPLAYTEXT)
#define M_ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING *)\
ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
@@ -577,10 +641,8 @@
#define IS_SEQUENCE 0
#define IS_SET 1
-ASN1_TYPE * ASN1_TYPE_new(void );
-void ASN1_TYPE_free(ASN1_TYPE *a);
-int i2d_ASN1_TYPE(ASN1_TYPE *a,unsigned char **pp);
-ASN1_TYPE * d2i_ASN1_TYPE(ASN1_TYPE **a,unsigned char **pp,long length);
+DECLARE_ASN1_FUNCTIONS(ASN1_TYPE)
+
int ASN1_TYPE_get(ASN1_TYPE *a);
void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value);
@@ -608,12 +670,8 @@
int ASN1_STRING_type(ASN1_STRING *x);
unsigned char * ASN1_STRING_data(ASN1_STRING *x);
-ASN1_BIT_STRING * ASN1_BIT_STRING_new(void);
-void ASN1_BIT_STRING_free(ASN1_BIT_STRING *a);
-int i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp);
+DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING)
int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp);
-ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp,
- long length);
ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp,
long length);
int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d,
@@ -632,12 +690,8 @@
int i2d_ASN1_BOOLEAN(int a,unsigned char **pp);
int d2i_ASN1_BOOLEAN(int *a,unsigned char **pp,long length);
-ASN1_INTEGER * ASN1_INTEGER_new(void);
-void ASN1_INTEGER_free(ASN1_INTEGER *a);
-int i2d_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp);
+DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER)
int i2c_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp);
-ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp,
- long length);
ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp,
long length);
ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a,unsigned char **pp,
@@ -645,11 +699,7 @@
ASN1_INTEGER * ASN1_INTEGER_dup(ASN1_INTEGER *x);
int ASN1_INTEGER_cmp(ASN1_INTEGER *x, ASN1_INTEGER *y);
-ASN1_ENUMERATED * ASN1_ENUMERATED_new(void);
-void ASN1_ENUMERATED_free(ASN1_ENUMERATED *a);
-int i2d_ASN1_ENUMERATED(ASN1_ENUMERATED *a,unsigned char **pp);
-ASN1_ENUMERATED *d2i_ASN1_ENUMERATED(ASN1_ENUMERATED **a,unsigned char **pp,
- long length);
+DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED)
int ASN1_UTCTIME_check(ASN1_UTCTIME *a);
ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t);
@@ -663,90 +713,30 @@
ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s,time_t t);
int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, char *str);
-ASN1_OCTET_STRING * ASN1_OCTET_STRING_new(void);
-void ASN1_OCTET_STRING_free(ASN1_OCTET_STRING *a);
-int i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a,unsigned char **pp);
-ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a,
- unsigned char **pp,long length);
+DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
ASN1_OCTET_STRING * ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *a);
int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b);
int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, unsigned char *data, int len);
-ASN1_VISIBLESTRING * ASN1_VISIBLESTRING_new(void);
-void ASN1_VISIBLESTRING_free(ASN1_VISIBLESTRING *a);
-int i2d_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING *a,unsigned char **pp);
-ASN1_VISIBLESTRING *d2i_ASN1_VISIBLESTRING(ASN1_VISIBLESTRING **a,
- unsigned char **pp,long length);
-
-ASN1_UTF8STRING * ASN1_UTF8STRING_new(void);
-void ASN1_UTF8STRING_free(ASN1_UTF8STRING *a);
-int i2d_ASN1_UTF8STRING(ASN1_UTF8STRING *a,unsigned char **pp);
-ASN1_UTF8STRING *d2i_ASN1_UTF8STRING(ASN1_UTF8STRING **a,
- unsigned char **pp,long length);
-
-ASN1_NULL * ASN1_NULL_new(void);
-void ASN1_NULL_free(ASN1_NULL *a);
-int i2d_ASN1_NULL(ASN1_NULL *a,unsigned char **pp);
-ASN1_NULL *d2i_ASN1_NULL(ASN1_NULL **a, unsigned char **pp,long length);
-
-ASN1_BMPSTRING * ASN1_BMPSTRING_new(void);
-void ASN1_BMPSTRING_free(ASN1_BMPSTRING *a);
-int i2d_ASN1_BMPSTRING(ASN1_BMPSTRING *a, unsigned char **pp);
-ASN1_BMPSTRING *d2i_ASN1_BMPSTRING(ASN1_BMPSTRING **a, unsigned char **pp,
- long length);
-
+DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_UTF8STRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_NULL)
+DECLARE_ASN1_FUNCTIONS(ASN1_BMPSTRING)
int UTF8_getc(const unsigned char *str, int len, unsigned long *val);
int UTF8_putc(unsigned char *str, int len, unsigned long value);
-int i2d_ASN1_PRINTABLE(ASN1_STRING *a,unsigned char **pp);
-ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a,
- unsigned char **pp, long l);
+DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE)
-ASN1_PRINTABLESTRING * ASN1_PRINTABLESTRING_new(void);
-void ASN1_PRINTABLESTRING_free(ASN1_PRINTABLESTRING *a);
-ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a,
- unsigned char **pp, long l);
-int i2d_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING *a, unsigned char **pp);
+DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING)
+DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT)
+DECLARE_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_T61STRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_IA5STRING)
+DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME)
+DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
+DECLARE_ASN1_FUNCTIONS(ASN1_TIME)
-ASN1_STRING * DIRECTORYSTRING_new(void);
-void DIRECTORYSTRING_free(ASN1_STRING *a);
-int i2d_DIRECTORYSTRING(ASN1_STRING *a,unsigned char **pp);
-ASN1_STRING *d2i_DIRECTORYSTRING(ASN1_STRING **a, unsigned char **pp,
- long length);
-
-ASN1_STRING * DISPLAYTEXT_new(void);
-void DISPLAYTEXT_free(ASN1_STRING *a);
-int i2d_DISPLAYTEXT(ASN1_STRING *a,unsigned char **pp);
-ASN1_STRING *d2i_DISPLAYTEXT(ASN1_STRING **a, unsigned char **pp, long length);
-
-ASN1_T61STRING * ASN1_T61STRING_new(void);
-void ASN1_T61STRING_free(ASN1_IA5STRING *a);
-ASN1_T61STRING *d2i_ASN1_T61STRING(ASN1_T61STRING **a,
- unsigned char **pp, long l);
-
-ASN1_IA5STRING * ASN1_IA5STRING_new(void);
-void ASN1_IA5STRING_free(ASN1_IA5STRING *a);
-int i2d_ASN1_IA5STRING(ASN1_IA5STRING *a,unsigned char **pp);
-ASN1_IA5STRING *d2i_ASN1_IA5STRING(ASN1_IA5STRING **a,
- unsigned char **pp, long l);
-
-ASN1_UTCTIME * ASN1_UTCTIME_new(void);
-void ASN1_UTCTIME_free(ASN1_UTCTIME *a);
-int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a,unsigned char **pp);
-ASN1_UTCTIME * d2i_ASN1_UTCTIME(ASN1_UTCTIME **a,unsigned char **pp,
- long length);
-
-ASN1_GENERALIZEDTIME * ASN1_GENERALIZEDTIME_new(void);
-void ASN1_GENERALIZEDTIME_free(ASN1_GENERALIZEDTIME *a);
-int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a,unsigned char **pp);
-ASN1_GENERALIZEDTIME * d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a,unsigned char **pp,
- long length);
-
-ASN1_TIME * ASN1_TIME_new(void);
-void ASN1_TIME_free(ASN1_TIME *a);
-int i2d_ASN1_TIME(ASN1_TIME *a,unsigned char **pp);
-ASN1_TIME * d2i_ASN1_TIME(ASN1_TIME **a,unsigned char **pp, long length);
ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s,time_t t);
int i2d_ASN1_SET(STACK *a, unsigned char **pp,
@@ -787,6 +777,7 @@
int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass);
ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp,
long length, int Ptag, int Pclass);
+unsigned long ASN1_tag2bit(int tag);
/* type is one or more of the B_ASN1_ values. */
ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a,unsigned char **pp,
long length,int type);
@@ -873,6 +864,15 @@
int ASN1_STRING_TABLE_add(int, long, long, unsigned long, unsigned long);
void ASN1_STRING_TABLE_cleanup(void);
+/* ASN1 template functions */
+
+/* Old API compatible functions */
+ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it);
+void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it);
+ASN1_VALUE * ASN1_item_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it);
+int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it);
+
+
/* BEGIN ERROR CODES */
/* The following lines are auto generated by the script mkerr.pl. Any changes
* made after this point may be overwritten when the script is next run.
@@ -882,297 +882,224 @@
/* Function codes. */
#define ASN1_F_A2D_ASN1_OBJECT 100
-#define ASN1_F_A2I_ASN1_ENUMERATED 236
-#define ASN1_F_A2I_ASN1_INTEGER 101
-#define ASN1_F_A2I_ASN1_STRING 102
-#define ASN1_F_ACCESS_DESCRIPTION_NEW 291
-#define ASN1_F_ASN1_COLLATE_PRIMITIVE 103
-#define ASN1_F_ASN1_D2I_BIO 104
-#define ASN1_F_ASN1_D2I_FP 105
-#define ASN1_F_ASN1_DUP 106
-#define ASN1_F_ASN1_ENUMERATED_SET 232
-#define ASN1_F_ASN1_ENUMERATED_TO_BN 233
-#define ASN1_F_ASN1_GENERALIZEDTIME_NEW 222
-#define ASN1_F_ASN1_GET_OBJECT 107
-#define ASN1_F_ASN1_HEADER_NEW 108
-#define ASN1_F_ASN1_I2D_BIO 109
-#define ASN1_F_ASN1_I2D_FP 110
-#define ASN1_F_ASN1_INTEGER_SET 111
-#define ASN1_F_ASN1_INTEGER_TO_BN 112
-#define ASN1_F_ASN1_MBSTRING_COPY 282
-#define ASN1_F_ASN1_OBJECT_NEW 113
-#define ASN1_F_ASN1_PACK_STRING 245
-#define ASN1_F_ASN1_PBE_SET 253
-#define ASN1_F_ASN1_SEQ_PACK 246
-#define ASN1_F_ASN1_SEQ_UNPACK 247
-#define ASN1_F_ASN1_SIGN 114
-#define ASN1_F_ASN1_STRING_NEW 115
-#define ASN1_F_ASN1_STRING_TABLE_ADD 283
-#define ASN1_F_ASN1_STRING_TYPE_NEW 116
-#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 117
-#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 118
-#define ASN1_F_ASN1_TYPE_NEW 119
-#define ASN1_F_ASN1_UNPACK_STRING 248
-#define ASN1_F_ASN1_UTCTIME_NEW 120
-#define ASN1_F_ASN1_VERIFY 121
-#define ASN1_F_AUTHORITY_KEYID_NEW 237
-#define ASN1_F_BASIC_CONSTRAINTS_NEW 226
-#define ASN1_F_BN_TO_ASN1_ENUMERATED 234
-#define ASN1_F_BN_TO_ASN1_INTEGER 122
-#define ASN1_F_D2I_ACCESS_DESCRIPTION 284
-#define ASN1_F_D2I_ASN1_BIT_STRING 123
-#define ASN1_F_D2I_ASN1_BMPSTRING 124
-#define ASN1_F_D2I_ASN1_BOOLEAN 125
-#define ASN1_F_D2I_ASN1_BYTES 126
-#define ASN1_F_D2I_ASN1_ENUMERATED 235
-#define ASN1_F_D2I_ASN1_GENERALIZEDTIME 223
-#define ASN1_F_D2I_ASN1_HEADER 127
-#define ASN1_F_D2I_ASN1_INTEGER 128
-#define ASN1_F_D2I_ASN1_NULL 292
-#define ASN1_F_D2I_ASN1_OBJECT 129
-#define ASN1_F_D2I_ASN1_OCTET_STRING 130
-#define ASN1_F_D2I_ASN1_PRINT_TYPE 131
-#define ASN1_F_D2I_ASN1_SET 132
-#define ASN1_F_D2I_ASN1_TIME 224
-#define ASN1_F_D2I_ASN1_TYPE 133
-#define ASN1_F_D2I_ASN1_TYPE_BYTES 134
-#define ASN1_F_D2I_ASN1_UINTEGER 280
-#define ASN1_F_D2I_ASN1_UTCTIME 135
-#define ASN1_F_D2I_ASN1_UTF8STRING 266
-#define ASN1_F_D2I_ASN1_VISIBLESTRING 267
-#define ASN1_F_D2I_AUTHORITY_KEYID 238
-#define ASN1_F_D2I_BASIC_CONSTRAINTS 227
-#define ASN1_F_D2I_DHPARAMS 136
-#define ASN1_F_D2I_DIST_POINT 276
-#define ASN1_F_D2I_DIST_POINT_NAME 277
-#define ASN1_F_D2I_DSAPARAMS 137
-#define ASN1_F_D2I_DSAPRIVATEKEY 138
-#define ASN1_F_D2I_DSAPUBLICKEY 139
-#define ASN1_F_D2I_GENERAL_NAME 230
-#define ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE 228
-#define ASN1_F_D2I_NETSCAPE_PKEY 140
-#define ASN1_F_D2I_NETSCAPE_RSA 141
-#define ASN1_F_D2I_NETSCAPE_RSA_2 142
-#define ASN1_F_D2I_NETSCAPE_SPKAC 143
-#define ASN1_F_D2I_NETSCAPE_SPKI 144
-#define ASN1_F_D2I_NOTICEREF 268
-#define ASN1_F_D2I_OCSP_BASICRESP 293
-#define ASN1_F_D2I_OCSP_CERTID 294
-#define ASN1_F_D2I_OCSP_CERTSTATUS 295
-#define ASN1_F_D2I_OCSP_CRLID 296
-#define ASN1_F_D2I_OCSP_ONEREQ 297
-#define ASN1_F_D2I_OCSP_REQINFO 298
-#define ASN1_F_D2I_OCSP_REQUEST 299
-#define ASN1_F_D2I_OCSP_RESPBYTES 300
-#define ASN1_F_D2I_OCSP_RESPDATA 301
-#define ASN1_F_D2I_OCSP_RESPID 302
-#define ASN1_F_D2I_OCSP_RESPONSE 303
-#define ASN1_F_D2I_OCSP_REVOKEDINFO 304
-#define ASN1_F_D2I_OCSP_SERVICELOC 305
-#define ASN1_F_D2I_OCSP_SIGNATURE 306
-#define ASN1_F_D2I_OCSP_SINGLERESP 307
-#define ASN1_F_D2I_OTHERNAME 287
-#define ASN1_F_D2I_PBE2PARAM 262
-#define ASN1_F_D2I_PBEPARAM 249
-#define ASN1_F_D2I_PBKDF2PARAM 263
-#define ASN1_F_D2I_PKCS12 254
-#define ASN1_F_D2I_PKCS12_BAGS 255
-#define ASN1_F_D2I_PKCS12_MAC_DATA 256
-#define ASN1_F_D2I_PKCS12_SAFEBAG 257
-#define ASN1_F_D2I_PKCS7 145
-#define ASN1_F_D2I_PKCS7_DIGEST 146
-#define ASN1_F_D2I_PKCS7_ENCRYPT 147
-#define ASN1_F_D2I_PKCS7_ENC_CONTENT 148
-#define ASN1_F_D2I_PKCS7_ENVELOPE 149
-#define ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL 150
-#define ASN1_F_D2I_PKCS7_RECIP_INFO 151
-#define ASN1_F_D2I_PKCS7_SIGNED 152
-#define ASN1_F_D2I_PKCS7_SIGNER_INFO 153
-#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE 154
-#define ASN1_F_D2I_PKCS8_PRIV_KEY_INFO 250
-#define ASN1_F_D2I_PKEY_USAGE_PERIOD 239
-#define ASN1_F_D2I_POLICYINFO 269
-#define ASN1_F_D2I_POLICYQUALINFO 270
-#define ASN1_F_D2I_PRIVATEKEY 155
-#define ASN1_F_D2I_PUBLICKEY 156
-#define ASN1_F_D2I_RSAPRIVATEKEY 157
-#define ASN1_F_D2I_RSAPUBLICKEY 158
-#define ASN1_F_D2I_SXNET 241
-#define ASN1_F_D2I_SXNETID 243
-#define ASN1_F_D2I_USERNOTICE 271
-#define ASN1_F_D2I_X509 159
-#define ASN1_F_D2I_X509_ALGOR 160
-#define ASN1_F_D2I_X509_ATTRIBUTE 161
-#define ASN1_F_D2I_X509_CERT_AUX 285
-#define ASN1_F_D2I_X509_CINF 162
-#define ASN1_F_D2I_X509_CRL 163
-#define ASN1_F_D2I_X509_CRL_INFO 164
-#define ASN1_F_D2I_X509_EXTENSION 165
-#define ASN1_F_D2I_X509_KEY 166
-#define ASN1_F_D2I_X509_NAME 167
-#define ASN1_F_D2I_X509_NAME_ENTRY 168
-#define ASN1_F_D2I_X509_PKEY 169
-#define ASN1_F_D2I_X509_PUBKEY 170
-#define ASN1_F_D2I_X509_REQ 171
-#define ASN1_F_D2I_X509_REQ_INFO 172
-#define ASN1_F_D2I_X509_REVOKED 173
-#define ASN1_F_D2I_X509_SIG 174
-#define ASN1_F_D2I_X509_VAL 175
-#define ASN1_F_DIST_POINT_NAME_NEW 278
-#define ASN1_F_DIST_POINT_NEW 279
-#define ASN1_F_GENERAL_NAME_NEW 231
-#define ASN1_F_I2D_ASN1_HEADER 176
-#define ASN1_F_I2D_ASN1_TIME 225
-#define ASN1_F_I2D_DHPARAMS 177
-#define ASN1_F_I2D_DSAPARAMS 178
-#define ASN1_F_I2D_DSAPRIVATEKEY 179
-#define ASN1_F_I2D_DSAPUBLICKEY 180
-#define ASN1_F_I2D_DSA_PUBKEY 290
-#define ASN1_F_I2D_NETSCAPE_RSA 181
-#define ASN1_F_I2D_PKCS7 182
-#define ASN1_F_I2D_PRIVATEKEY 183
-#define ASN1_F_I2D_PUBLICKEY 184
-#define ASN1_F_I2D_RSAPRIVATEKEY 185
-#define ASN1_F_I2D_RSAPUBLICKEY 186
-#define ASN1_F_I2D_RSA_PUBKEY 289
-#define ASN1_F_I2D_X509_ATTRIBUTE 187
-#define ASN1_F_I2T_ASN1_OBJECT 188
-#define ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW 229
-#define ASN1_F_NETSCAPE_PKEY_NEW 189
-#define ASN1_F_NETSCAPE_SPKAC_NEW 190
-#define ASN1_F_NETSCAPE_SPKI_NEW 191
-#define ASN1_F_NOTICEREF_NEW 272
-#define ASN1_F_OCSP_BASICRESP_NEW 308
-#define ASN1_F_OCSP_CERTID_NEW 309
-#define ASN1_F_OCSP_CERTSTATUS_NEW 310
-#define ASN1_F_OCSP_CRLID_NEW 311
-#define ASN1_F_OCSP_ONEREQ_NEW 312
-#define ASN1_F_OCSP_REQINFO_NEW 313
-#define ASN1_F_OCSP_REQUEST_NEW 314
-#define ASN1_F_OCSP_RESPBYTES_NEW 315
-#define ASN1_F_OCSP_RESPDATA_NEW 316
-#define ASN1_F_OCSP_RESPID_NEW 317
-#define ASN1_F_OCSP_RESPONSE_NEW 318
-#define ASN1_F_OCSP_REVOKEDINFO_NEW 319
-#define ASN1_F_OCSP_SERVICELOC_NEW 320
-#define ASN1_F_OCSP_SIGNATURE_NEW 321
-#define ASN1_F_OCSP_SINGLERESP_NEW 322
-#define ASN1_F_OTHERNAME_NEW 288
-#define ASN1_F_PBE2PARAM_NEW 264
-#define ASN1_F_PBEPARAM_NEW 251
-#define ASN1_F_PBKDF2PARAM_NEW 265
-#define ASN1_F_PKCS12_BAGS_NEW 258
-#define ASN1_F_PKCS12_MAC_DATA_NEW 259
-#define ASN1_F_PKCS12_NEW 260
-#define ASN1_F_PKCS12_SAFEBAG_NEW 261
-#define ASN1_F_PKCS5_PBE2_SET 281
-#define ASN1_F_PKCS7_DIGEST_NEW 192
-#define ASN1_F_PKCS7_ENCRYPT_NEW 193
-#define ASN1_F_PKCS7_ENC_CONTENT_NEW 194
-#define ASN1_F_PKCS7_ENVELOPE_NEW 195
-#define ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW 196
-#define ASN1_F_PKCS7_NEW 197
-#define ASN1_F_PKCS7_RECIP_INFO_NEW 198
-#define ASN1_F_PKCS7_SIGNED_NEW 199
-#define ASN1_F_PKCS7_SIGNER_INFO_NEW 200
-#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW 201
-#define ASN1_F_PKCS8_PRIV_KEY_INFO_NEW 252
-#define ASN1_F_PKEY_USAGE_PERIOD_NEW 240
-#define ASN1_F_POLICYINFO_NEW 273
-#define ASN1_F_POLICYQUALINFO_NEW 274
-#define ASN1_F_SXNETID_NEW 244
-#define ASN1_F_SXNET_NEW 242
-#define ASN1_F_USERNOTICE_NEW 275
-#define ASN1_F_X509_ALGOR_NEW 202
-#define ASN1_F_X509_ATTRIBUTE_NEW 203
-#define ASN1_F_X509_CERT_AUX_NEW 286
-#define ASN1_F_X509_CINF_NEW 204
-#define ASN1_F_X509_CRL_INFO_NEW 205
-#define ASN1_F_X509_CRL_NEW 206
-#define ASN1_F_X509_DHPARAMS_NEW 207
-#define ASN1_F_X509_EXTENSION_NEW 208
-#define ASN1_F_X509_INFO_NEW 209
-#define ASN1_F_X509_KEY_NEW 210
-#define ASN1_F_X509_NAME_ENTRY_NEW 211
-#define ASN1_F_X509_NAME_NEW 212
-#define ASN1_F_X509_NEW 213
-#define ASN1_F_X509_PKEY_NEW 214
-#define ASN1_F_X509_PUBKEY_NEW 215
-#define ASN1_F_X509_REQ_INFO_NEW 216
-#define ASN1_F_X509_REQ_NEW 217
-#define ASN1_F_X509_REVOKED_NEW 218
-#define ASN1_F_X509_SIG_NEW 219
-#define ASN1_F_X509_VAL_FREE 220
-#define ASN1_F_X509_VAL_NEW 221
+#define ASN1_F_A2I_ASN1_ENUMERATED 101
+#define ASN1_F_A2I_ASN1_INTEGER 102
+#define ASN1_F_A2I_ASN1_STRING 103
+#define ASN1_F_ASN1_CHECK_TLEN 104
+#define ASN1_F_ASN1_COLLATE_PRIMITIVE 105
+#define ASN1_F_ASN1_COLLECT 106
+#define ASN1_F_ASN1_D2I_BIO 107
+#define ASN1_F_ASN1_D2I_EX_PRIMITIVE 108
+#define ASN1_F_ASN1_D2I_FP 109
+#define ASN1_F_ASN1_DO_ADB 110
+#define ASN1_F_ASN1_DUP 111
+#define ASN1_F_ASN1_ENUMERATED_SET 112
+#define ASN1_F_ASN1_ENUMERATED_TO_BN 113
+#define ASN1_F_ASN1_GET_OBJECT 114
+#define ASN1_F_ASN1_HEADER_NEW 115
+#define ASN1_F_ASN1_I2D_BIO 116
+#define ASN1_F_ASN1_I2D_FP 117
+#define ASN1_F_ASN1_INTEGER_SET 118
+#define ASN1_F_ASN1_INTEGER_TO_BN 119
+#define ASN1_F_ASN1_ITEM_EX_D2I 120
+#define ASN1_F_ASN1_ITEM_NEW 121
+#define ASN1_F_ASN1_MBSTRING_COPY 122
+#define ASN1_F_ASN1_OBJECT_NEW 123
+#define ASN1_F_ASN1_PACK_STRING 124
+#define ASN1_F_ASN1_PBE_SET 125
+#define ASN1_F_ASN1_SEQ_PACK 126
+#define ASN1_F_ASN1_SEQ_UNPACK 127
+#define ASN1_F_ASN1_SIGN 128
+#define ASN1_F_ASN1_STRING_TABLE_ADD 129
+#define ASN1_F_ASN1_STRING_TYPE_NEW 130
+#define ASN1_F_ASN1_TEMPLATE_D2I 131
+#define ASN1_F_ASN1_TEMPLATE_EX_D2I 132
+#define ASN1_F_ASN1_TEMPLATE_NEW 133
+#define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134
+#define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135
+#define ASN1_F_ASN1_UNPACK_STRING 136
+#define ASN1_F_ASN1_VERIFY 137
+#define ASN1_F_BN_TO_ASN1_ENUMERATED 138
+#define ASN1_F_BN_TO_ASN1_INTEGER 139
+#define ASN1_F_COLLECT_DATA 140
+#define ASN1_F_D2I_ASN1_BIT_STRING 141
+#define ASN1_F_D2I_ASN1_BMPSTRING 178
+#define ASN1_F_D2I_ASN1_BOOLEAN 142
+#define ASN1_F_D2I_ASN1_BYTES 143
+#define ASN1_F_D2I_ASN1_GENERALIZEDTIME 144
+#define ASN1_F_D2I_ASN1_HEADER 145
+#define ASN1_F_D2I_ASN1_INTEGER 146
+#define ASN1_F_D2I_ASN1_NULL 179
+#define ASN1_F_D2I_ASN1_OBJECT 147
+#define ASN1_F_D2I_ASN1_SET 148
+#define ASN1_F_D2I_ASN1_TYPE_BYTES 149
+#define ASN1_F_D2I_ASN1_UINTEGER 150
+#define ASN1_F_D2I_ASN1_UTCTIME 151
+#define ASN1_F_D2I_ASN1_VISIBLESTRING 180
+#define ASN1_F_D2I_DHPARAMS 152
+#define ASN1_F_D2I_DSAPARAMS 153
+#define ASN1_F_D2I_DSAPRIVATEKEY 154
+#define ASN1_F_D2I_DSAPUBLICKEY 155
+#define ASN1_F_D2I_NETSCAPE_RSA 156
+#define ASN1_F_D2I_NETSCAPE_RSA_2 157
+#define ASN1_F_D2I_OCSP_BASICRESP 181
+#define ASN1_F_D2I_OCSP_CERTID 182
+#define ASN1_F_D2I_OCSP_CERTSTATUS 183
+#define ASN1_F_D2I_OCSP_CRLID 184
+#define ASN1_F_D2I_OCSP_ONEREQ 185
+#define ASN1_F_D2I_OCSP_REQINFO 186
+#define ASN1_F_D2I_OCSP_REQUEST 187
+#define ASN1_F_D2I_OCSP_RESPBYTES 188
+#define ASN1_F_D2I_OCSP_RESPDATA 189
+#define ASN1_F_D2I_OCSP_RESPID 190
+#define ASN1_F_D2I_OCSP_RESPONSE 191
+#define ASN1_F_D2I_OCSP_REVOKEDINFO 192
+#define ASN1_F_D2I_OCSP_SERVICELOC 193
+#define ASN1_F_D2I_OCSP_SIGNATURE 194
+#define ASN1_F_D2I_OCSP_SINGLERESP 195
+#define ASN1_F_D2I_PKCS12 196
+#define ASN1_F_D2I_PKCS12_BAGS 197
+#define ASN1_F_D2I_PKCS12_MAC_DATA 198
+#define ASN1_F_D2I_PKCS12_SAFEBAG 199
+#define ASN1_F_D2I_PKCS7 200
+#define ASN1_F_D2I_PKCS7_DIGEST 201
+#define ASN1_F_D2I_PKCS7_ENCRYPT 202
+#define ASN1_F_D2I_PKCS7_ENC_CONTENT 203
+#define ASN1_F_D2I_PKCS7_ENVELOPE 204
+#define ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL 205
+#define ASN1_F_D2I_PKCS7_RECIP_INFO 206
+#define ASN1_F_D2I_PKCS7_SIGNED 207
+#define ASN1_F_D2I_PKCS7_SIGNER_INFO 208
+#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE 209
+#define ASN1_F_D2I_PRIVATEKEY 158
+#define ASN1_F_D2I_PUBLICKEY 159
+#define ASN1_F_D2I_X509 210
+#define ASN1_F_D2I_X509_CINF 211
+#define ASN1_F_D2I_X509_NAME 160
+#define ASN1_F_D2I_X509_PKEY 161
+#define ASN1_F_I2D_ASN1_TIME 162
+#define ASN1_F_I2D_DHPARAMS 163
+#define ASN1_F_I2D_DSAPARAMS 164
+#define ASN1_F_I2D_DSAPRIVATEKEY 165
+#define ASN1_F_I2D_DSAPUBLICKEY 166
+#define ASN1_F_I2D_DSA_PUBKEY 167
+#define ASN1_F_I2D_NETSCAPE_RSA 168
+#define ASN1_F_I2D_PRIVATEKEY 169
+#define ASN1_F_I2D_PUBLICKEY 170
+#define ASN1_F_I2D_RSA_PUBKEY 171
+#define ASN1_F_LONG_C2I 172
+#define ASN1_F_OCSP_BASICRESP_NEW 212
+#define ASN1_F_OCSP_CERTID_NEW 213
+#define ASN1_F_OCSP_CERTSTATUS_NEW 214
+#define ASN1_F_OCSP_CRLID_NEW 215
+#define ASN1_F_OCSP_ONEREQ_NEW 216
+#define ASN1_F_OCSP_REQINFO_NEW 217
+#define ASN1_F_OCSP_REQUEST_NEW 218
+#define ASN1_F_OCSP_RESPBYTES_NEW 219
+#define ASN1_F_OCSP_RESPDATA_NEW 220
+#define ASN1_F_OCSP_RESPID_NEW 221
+#define ASN1_F_OCSP_RESPONSE_NEW 222
+#define ASN1_F_OCSP_REVOKEDINFO_NEW 223
+#define ASN1_F_OCSP_SERVICELOC_NEW 224
+#define ASN1_F_OCSP_SIGNATURE_NEW 225
+#define ASN1_F_OCSP_SINGLERESP_NEW 226
+#define ASN1_F_PKCS12_BAGS_NEW 227
+#define ASN1_F_PKCS12_MAC_DATA_NEW 228
+#define ASN1_F_PKCS12_NEW 229
+#define ASN1_F_PKCS12_SAFEBAG_NEW 230
+#define ASN1_F_PKCS5_PBE2_SET 173
+#define ASN1_F_PKCS7_DIGEST_NEW 231
+#define ASN1_F_PKCS7_ENCRYPT_NEW 232
+#define ASN1_F_PKCS7_ENC_CONTENT_NEW 233
+#define ASN1_F_PKCS7_ENVELOPE_NEW 234
+#define ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW 235
+#define ASN1_F_PKCS7_NEW 236
+#define ASN1_F_PKCS7_RECIP_INFO_NEW 237
+#define ASN1_F_PKCS7_SIGNED_NEW 238
+#define ASN1_F_PKCS7_SIGNER_INFO_NEW 239
+#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW 240
+#define ASN1_F_X509_CINF_NEW 241
+#define ASN1_F_X509_CRL_ADD0_REVOKED 174
+#define ASN1_F_X509_INFO_NEW 175
+#define ASN1_F_X509_NAME_NEW 176
+#define ASN1_F_X509_NEW 242
+#define ASN1_F_X509_PKEY_NEW 177
/* Reason codes. */
-#define ASN1_R_BAD_CLASS 100
-#define ASN1_R_BAD_OBJECT_HEADER 101
-#define ASN1_R_BAD_PASSWORD_READ 102
-#define ASN1_R_BAD_PKCS7_CONTENT 103
-#define ASN1_R_BAD_PKCS7_TYPE 104
-#define ASN1_R_BAD_TAG 105
-#define ASN1_R_BAD_TYPE 106
-#define ASN1_R_BN_LIB 107
-#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 108
-#define ASN1_R_BUFFER_TOO_SMALL 109
-#define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 166
-#define ASN1_R_DATA_IS_WRONG 110
-#define ASN1_R_DECODE_ERROR 155
+#define ASN1_R_AUX_ERROR 100
+#define ASN1_R_BAD_CLASS 101
+#define ASN1_R_BAD_OBJECT_HEADER 102
+#define ASN1_R_BAD_PASSWORD_READ 103
+#define ASN1_R_BAD_PKCS7_CONTENT 171
+#define ASN1_R_BAD_TAG 104
+#define ASN1_R_BAD_TYPE 172
+#define ASN1_R_BN_LIB 105
+#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106
+#define ASN1_R_BUFFER_TOO_SMALL 107
+#define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 108
+#define ASN1_R_DATA_IS_WRONG 109
+#define ASN1_R_DECODE_ERROR 110
#define ASN1_R_DECODING_ERROR 111
-#define ASN1_R_ENCODE_ERROR 156
-#define ASN1_R_ERROR_PARSING_SET_ELEMENT 112
-#define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 157
-#define ASN1_R_EXPECTING_AN_ENUMERATED 154
-#define ASN1_R_EXPECTING_AN_INTEGER 113
-#define ASN1_R_EXPECTING_AN_OBJECT 114
-#define ASN1_R_EXPECTING_AN_OCTET_STRING 115
-#define ASN1_R_EXPECTING_A_BIT_STRING 116
+#define ASN1_R_ENCODE_ERROR 112
+#define ASN1_R_ERROR_PARSING_SET_ELEMENT 113
+#define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 114
+#define ASN1_R_EXPECTING_AN_INTEGER 115
+#define ASN1_R_EXPECTING_AN_OBJECT 116
#define ASN1_R_EXPECTING_A_BOOLEAN 117
-#define ASN1_R_EXPECTING_A_GENERALIZEDTIME 151
-#define ASN1_R_EXPECTING_A_NULL 164
-#define ASN1_R_EXPECTING_A_TIME 152
-#define ASN1_R_EXPECTING_A_UTCTIME 118
-#define ASN1_R_FIRST_NUM_TOO_LARGE 119
-#define ASN1_R_GENERALIZEDTIME_TOO_LONG 153
-#define ASN1_R_HEADER_TOO_LONG 120
-#define ASN1_R_ILLEGAL_CHARACTERS 158
-#define ASN1_R_INVALID_BMPSTRING_LENGTH 159
-#define ASN1_R_INVALID_DIGIT 121
-#define ASN1_R_INVALID_SEPARATOR 122
-#define ASN1_R_INVALID_TIME_FORMAT 123
-#define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 160
-#define ASN1_R_INVALID_UTF8STRING 161
-#define ASN1_R_IV_TOO_LARGE 124
-#define ASN1_R_LENGTH_ERROR 125
-#define ASN1_R_MISSING_SECOND_NUMBER 126
-#define ASN1_R_NON_HEX_CHARACTERS 127
-#define ASN1_R_NOT_ENOUGH_DATA 128
-#define ASN1_R_NULL_IS_WRONG_LENGTH 165
-#define ASN1_R_ODD_NUMBER_OF_CHARS 129
-#define ASN1_R_PARSING 130
-#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 131
-#define ASN1_R_SECOND_NUMBER_TOO_LARGE 132
-#define ASN1_R_SHORT_LINE 133
-#define ASN1_R_STRING_TOO_LONG 163
-#define ASN1_R_STRING_TOO_SHORT 134
-#define ASN1_R_TAG_VALUE_TOO_HIGH 135
-#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 136
-#define ASN1_R_TOO_LONG 137
-#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 138
-#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 139
-#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE 140
-#define ASN1_R_UNKNOWN_FORMAT 162
-#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 141
-#define ASN1_R_UNKNOWN_OBJECT_TYPE 142
-#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 143
-#define ASN1_R_UNSUPPORTED_CIPHER 144
-#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 145
-#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 146
-#define ASN1_R_UTCTIME_TOO_LONG 147
-#define ASN1_R_WRONG_PRINTABLE_TYPE 148
-#define ASN1_R_WRONG_TAG 149
-#define ASN1_R_WRONG_TYPE 150
+#define ASN1_R_EXPECTING_A_NULL 173
+#define ASN1_R_EXPECTING_A_TIME 118
+#define ASN1_R_EXPLICIT_LENGTH_MISMATCH 119
+#define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED 120
+#define ASN1_R_FIELD_MISSING 121
+#define ASN1_R_FIRST_NUM_TOO_LARGE 122
+#define ASN1_R_HEADER_TOO_LONG 123
+#define ASN1_R_ILLEGAL_CHARACTERS 124
+#define ASN1_R_ILLEGAL_NULL 125
+#define ASN1_R_ILLEGAL_OPTIONAL_ANY 126
+#define ASN1_R_ILLEGAL_TAGGED_ANY 127
+#define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128
+#define ASN1_R_INVALID_BMPSTRING_LENGTH 129
+#define ASN1_R_INVALID_DIGIT 130
+#define ASN1_R_INVALID_SEPARATOR 131
+#define ASN1_R_INVALID_TIME_FORMAT 132
+#define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133
+#define ASN1_R_INVALID_UTF8STRING 134
+#define ASN1_R_IV_TOO_LARGE 135
+#define ASN1_R_LENGTH_ERROR 136
+#define ASN1_R_MISSING_EOC 137
+#define ASN1_R_MISSING_SECOND_NUMBER 138
+#define ASN1_R_MSTRING_NOT_UNIVERSAL 139
+#define ASN1_R_MSTRING_WRONG_TAG 140
+#define ASN1_R_NON_HEX_CHARACTERS 141
+#define ASN1_R_NOT_ENOUGH_DATA 142
+#define ASN1_R_NO_MATCHING_CHOICE_TYPE 143
+#define ASN1_R_NULL_IS_WRONG_LENGTH 144
+#define ASN1_R_ODD_NUMBER_OF_CHARS 145
+#define ASN1_R_PARSING 146
+#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 147
+#define ASN1_R_SECOND_NUMBER_TOO_LARGE 148
+#define ASN1_R_SEQUENCE_LENGTH_MISMATCH 149
+#define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 150
+#define ASN1_R_SHORT_LINE 151
+#define ASN1_R_STRING_TOO_LONG 152
+#define ASN1_R_STRING_TOO_SHORT 153
+#define ASN1_R_TAG_VALUE_TOO_HIGH 154
+#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 155
+#define ASN1_R_TOO_LONG 156
+#define ASN1_R_TYPE_NOT_CONSTRUCTED 157
+#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 158
+#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 159
+#define ASN1_R_UNEXPECTED_EOC 160
+#define ASN1_R_UNKNOWN_FORMAT 161
+#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 162
+#define ASN1_R_UNKNOWN_OBJECT_TYPE 163
+#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 164
+#define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 165
+#define ASN1_R_UNSUPPORTED_CIPHER 166
+#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 167
+#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 168
+#define ASN1_R_WRONG_TAG 169
+#define ASN1_R_WRONG_TYPE 170
#ifdef __cplusplus
}
diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c
index 3a53cb3..e75dfc7 100644
--- a/crypto/asn1/asn1_err.c
+++ b/crypto/asn1/asn1_err.c
@@ -70,20 +70,24 @@
{ERR_PACK(0,ASN1_F_A2I_ASN1_ENUMERATED,0), "a2i_ASN1_ENUMERATED"},
{ERR_PACK(0,ASN1_F_A2I_ASN1_INTEGER,0), "a2i_ASN1_INTEGER"},
{ERR_PACK(0,ASN1_F_A2I_ASN1_STRING,0), "a2i_ASN1_STRING"},
-{ERR_PACK(0,ASN1_F_ACCESS_DESCRIPTION_NEW,0), "ACCESS_DESCRIPTION_new"},
+{ERR_PACK(0,ASN1_F_ASN1_CHECK_TLEN,0), "ASN1_CHECK_TLEN"},
{ERR_PACK(0,ASN1_F_ASN1_COLLATE_PRIMITIVE,0), "ASN1_COLLATE_PRIMITIVE"},
+{ERR_PACK(0,ASN1_F_ASN1_COLLECT,0), "ASN1_COLLECT"},
{ERR_PACK(0,ASN1_F_ASN1_D2I_BIO,0), "ASN1_d2i_bio"},
+{ERR_PACK(0,ASN1_F_ASN1_D2I_EX_PRIMITIVE,0), "ASN1_D2I_EX_PRIMITIVE"},
{ERR_PACK(0,ASN1_F_ASN1_D2I_FP,0), "ASN1_d2i_fp"},
+{ERR_PACK(0,ASN1_F_ASN1_DO_ADB,0), "ASN1_DO_ADB"},
{ERR_PACK(0,ASN1_F_ASN1_DUP,0), "ASN1_dup"},
{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_SET,0), "ASN1_ENUMERATED_set"},
{ERR_PACK(0,ASN1_F_ASN1_ENUMERATED_TO_BN,0), "ASN1_ENUMERATED_to_BN"},
-{ERR_PACK(0,ASN1_F_ASN1_GENERALIZEDTIME_NEW,0), "ASN1_GENERALIZEDTIME_new"},
{ERR_PACK(0,ASN1_F_ASN1_GET_OBJECT,0), "ASN1_get_object"},
{ERR_PACK(0,ASN1_F_ASN1_HEADER_NEW,0), "ASN1_HEADER_new"},
{ERR_PACK(0,ASN1_F_ASN1_I2D_BIO,0), "ASN1_i2d_bio"},
{ERR_PACK(0,ASN1_F_ASN1_I2D_FP,0), "ASN1_i2d_fp"},
{ERR_PACK(0,ASN1_F_ASN1_INTEGER_SET,0), "ASN1_INTEGER_set"},
{ERR_PACK(0,ASN1_F_ASN1_INTEGER_TO_BN,0), "ASN1_INTEGER_to_BN"},
+{ERR_PACK(0,ASN1_F_ASN1_ITEM_EX_D2I,0), "ASN1_ITEM_EX_D2I"},
+{ERR_PACK(0,ASN1_F_ASN1_ITEM_NEW,0), "ASN1_item_new"},
{ERR_PACK(0,ASN1_F_ASN1_MBSTRING_COPY,0), "ASN1_mbstring_copy"},
{ERR_PACK(0,ASN1_F_ASN1_OBJECT_NEW,0), "ASN1_OBJECT_new"},
{ERR_PACK(0,ASN1_F_ASN1_PACK_STRING,0), "ASN1_pack_string"},
@@ -91,56 +95,38 @@
{ERR_PACK(0,ASN1_F_ASN1_SEQ_PACK,0), "ASN1_seq_pack"},
{ERR_PACK(0,ASN1_F_ASN1_SEQ_UNPACK,0), "ASN1_seq_unpack"},
{ERR_PACK(0,ASN1_F_ASN1_SIGN,0), "ASN1_sign"},
-{ERR_PACK(0,ASN1_F_ASN1_STRING_NEW,0), "ASN1_STRING_new"},
{ERR_PACK(0,ASN1_F_ASN1_STRING_TABLE_ADD,0), "ASN1_STRING_TABLE_add"},
{ERR_PACK(0,ASN1_F_ASN1_STRING_TYPE_NEW,0), "ASN1_STRING_type_new"},
+{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_D2I,0), "ASN1_TEMPLATE_D2I"},
+{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_EX_D2I,0), "ASN1_TEMPLATE_EX_D2I"},
+{ERR_PACK(0,ASN1_F_ASN1_TEMPLATE_NEW,0), "ASN1_TEMPLATE_NEW"},
{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING,0), "ASN1_TYPE_get_int_octetstring"},
{ERR_PACK(0,ASN1_F_ASN1_TYPE_GET_OCTETSTRING,0), "ASN1_TYPE_get_octetstring"},
-{ERR_PACK(0,ASN1_F_ASN1_TYPE_NEW,0), "ASN1_TYPE_new"},
{ERR_PACK(0,ASN1_F_ASN1_UNPACK_STRING,0), "ASN1_unpack_string"},
-{ERR_PACK(0,ASN1_F_ASN1_UTCTIME_NEW,0), "ASN1_UTCTIME_new"},
{ERR_PACK(0,ASN1_F_ASN1_VERIFY,0), "ASN1_verify"},
-{ERR_PACK(0,ASN1_F_AUTHORITY_KEYID_NEW,0), "AUTHORITY_KEYID_new"},
-{ERR_PACK(0,ASN1_F_BASIC_CONSTRAINTS_NEW,0), "BASIC_CONSTRAINTS_new"},
{ERR_PACK(0,ASN1_F_BN_TO_ASN1_ENUMERATED,0), "BN_to_ASN1_ENUMERATED"},
{ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0), "BN_to_ASN1_INTEGER"},
-{ERR_PACK(0,ASN1_F_D2I_ACCESS_DESCRIPTION,0), "d2i_ACCESS_DESCRIPTION"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0), "d2i_ASN1_BIT_STRING"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_BMPSTRING,0), "d2i_ASN1_BMPSTRING"},
+{ERR_PACK(0,ASN1_F_COLLECT_DATA,0), "COLLECT_DATA"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0), "D2I_ASN1_BIT_STRING"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_BMPSTRING,0), "D2I_ASN1_BMPSTRING"},
{ERR_PACK(0,ASN1_F_D2I_ASN1_BOOLEAN,0), "d2i_ASN1_BOOLEAN"},
{ERR_PACK(0,ASN1_F_D2I_ASN1_BYTES,0), "d2i_ASN1_bytes"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_ENUMERATED,0), "d2i_ASN1_ENUMERATED"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_GENERALIZEDTIME,0), "d2i_ASN1_GENERALIZEDTIME"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_GENERALIZEDTIME,0), "D2I_ASN1_GENERALIZEDTIME"},
{ERR_PACK(0,ASN1_F_D2I_ASN1_HEADER,0), "d2i_ASN1_HEADER"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_INTEGER,0), "d2i_ASN1_INTEGER"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_NULL,0), "d2i_ASN1_NULL"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_INTEGER,0), "D2I_ASN1_INTEGER"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_NULL,0), "D2I_ASN1_NULL"},
{ERR_PACK(0,ASN1_F_D2I_ASN1_OBJECT,0), "d2i_ASN1_OBJECT"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_OCTET_STRING,0), "d2i_ASN1_OCTET_STRING"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_PRINT_TYPE,0), "D2I_ASN1_PRINT_TYPE"},
{ERR_PACK(0,ASN1_F_D2I_ASN1_SET,0), "d2i_ASN1_SET"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_TIME,0), "d2i_ASN1_TIME"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE,0), "d2i_ASN1_TYPE"},
{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE_BYTES,0), "d2i_ASN1_type_bytes"},
{ERR_PACK(0,ASN1_F_D2I_ASN1_UINTEGER,0), "d2i_ASN1_UINTEGER"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_UTCTIME,0), "d2i_ASN1_UTCTIME"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_UTF8STRING,0), "d2i_ASN1_UTF8STRING"},
-{ERR_PACK(0,ASN1_F_D2I_ASN1_VISIBLESTRING,0), "d2i_ASN1_VISIBLESTRING"},
-{ERR_PACK(0,ASN1_F_D2I_AUTHORITY_KEYID,0), "d2i_AUTHORITY_KEYID"},
-{ERR_PACK(0,ASN1_F_D2I_BASIC_CONSTRAINTS,0), "d2i_BASIC_CONSTRAINTS"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_UTCTIME,0), "D2I_ASN1_UTCTIME"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_VISIBLESTRING,0), "D2I_ASN1_VISIBLESTRING"},
{ERR_PACK(0,ASN1_F_D2I_DHPARAMS,0), "d2i_DHparams"},
-{ERR_PACK(0,ASN1_F_D2I_DIST_POINT,0), "d2i_DIST_POINT"},
-{ERR_PACK(0,ASN1_F_D2I_DIST_POINT_NAME,0), "d2i_DIST_POINT_NAME"},
{ERR_PACK(0,ASN1_F_D2I_DSAPARAMS,0), "d2i_DSAparams"},
{ERR_PACK(0,ASN1_F_D2I_DSAPRIVATEKEY,0), "d2i_DSAPrivateKey"},
{ERR_PACK(0,ASN1_F_D2I_DSAPUBLICKEY,0), "d2i_DSAPublicKey"},
-{ERR_PACK(0,ASN1_F_D2I_GENERAL_NAME,0), "d2i_GENERAL_NAME"},
-{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE,0), "d2i_NETSCAPE_CERT_SEQUENCE"},
-{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_PKEY,0), "D2I_NETSCAPE_PKEY"},
{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA,0), "d2i_Netscape_RSA"},
{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA_2,0), "d2i_Netscape_RSA_2"},
-{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKAC,0), "d2i_NETSCAPE_SPKAC"},
-{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKI,0), "d2i_NETSCAPE_SPKI"},
-{ERR_PACK(0,ASN1_F_D2I_NOTICEREF,0), "d2i_NOTICEREF"},
{ERR_PACK(0,ASN1_F_D2I_OCSP_BASICRESP,0), "d2i_OCSP_BASICRESP"},
{ERR_PACK(0,ASN1_F_D2I_OCSP_CERTID,0), "d2i_OCSP_CERTID"},
{ERR_PACK(0,ASN1_F_D2I_OCSP_CERTSTATUS,0), "d2i_OCSP_CERTSTATUS"},
@@ -156,77 +142,37 @@
{ERR_PACK(0,ASN1_F_D2I_OCSP_SERVICELOC,0), "d2i_OCSP_SERVICELOC"},
{ERR_PACK(0,ASN1_F_D2I_OCSP_SIGNATURE,0), "d2i_OCSP_SIGNATURE"},
{ERR_PACK(0,ASN1_F_D2I_OCSP_SINGLERESP,0), "d2i_OCSP_SINGLERESP"},
-{ERR_PACK(0,ASN1_F_D2I_OTHERNAME,0), "d2i_OTHERNAME"},
-{ERR_PACK(0,ASN1_F_D2I_PBE2PARAM,0), "d2i_PBE2PARAM"},
-{ERR_PACK(0,ASN1_F_D2I_PBEPARAM,0), "d2i_PBEPARAM"},
-{ERR_PACK(0,ASN1_F_D2I_PBKDF2PARAM,0), "d2i_PBKDF2PARAM"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS12,0), "d2i_PKCS12"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS12_BAGS,0), "d2i_PKCS12_BAGS"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS12_MAC_DATA,0), "d2i_PKCS12_MAC_DATA"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS12_SAFEBAG,0), "d2i_PKCS12_SAFEBAG"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7,0), "d2i_PKCS7"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_DIGEST,0), "d2i_PKCS7_DIGEST"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENCRYPT,0), "d2i_PKCS7_ENCRYPT"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENC_CONTENT,0), "d2i_PKCS7_ENC_CONTENT"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENVELOPE,0), "d2i_PKCS7_ENVELOPE"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL,0), "d2i_PKCS7_ISSUER_AND_SERIAL"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_RECIP_INFO,0), "d2i_PKCS7_RECIP_INFO"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNED,0), "d2i_PKCS7_SIGNED"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNER_INFO,0), "d2i_PKCS7_SIGNER_INFO"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGN_ENVELOPE,0), "d2i_PKCS7_SIGN_ENVELOPE"},
-{ERR_PACK(0,ASN1_F_D2I_PKCS8_PRIV_KEY_INFO,0), "d2i_PKCS8_PRIV_KEY_INFO"},
-{ERR_PACK(0,ASN1_F_D2I_PKEY_USAGE_PERIOD,0), "d2i_PKEY_USAGE_PERIOD"},
-{ERR_PACK(0,ASN1_F_D2I_POLICYINFO,0), "d2i_POLICYINFO"},
-{ERR_PACK(0,ASN1_F_D2I_POLICYQUALINFO,0), "d2i_POLICYQUALINFO"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS12,0), "D2I_PKCS12"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS12_BAGS,0), "D2I_PKCS12_BAGS"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS12_MAC_DATA,0), "D2I_PKCS12_MAC_DATA"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS12_SAFEBAG,0), "D2I_PKCS12_SAFEBAG"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7,0), "D2I_PKCS7"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_DIGEST,0), "D2I_PKCS7_DIGEST"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENCRYPT,0), "D2I_PKCS7_ENCRYPT"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENC_CONTENT,0), "D2I_PKCS7_ENC_CONTENT"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENVELOPE,0), "D2I_PKCS7_ENVELOPE"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL,0), "D2I_PKCS7_ISSUER_AND_SERIAL"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_RECIP_INFO,0), "D2I_PKCS7_RECIP_INFO"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNED,0), "D2I_PKCS7_SIGNED"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNER_INFO,0), "D2I_PKCS7_SIGNER_INFO"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGN_ENVELOPE,0), "D2I_PKCS7_SIGN_ENVELOPE"},
{ERR_PACK(0,ASN1_F_D2I_PRIVATEKEY,0), "d2i_PrivateKey"},
{ERR_PACK(0,ASN1_F_D2I_PUBLICKEY,0), "d2i_PublicKey"},
-{ERR_PACK(0,ASN1_F_D2I_RSAPRIVATEKEY,0), "d2i_RSAPrivateKey"},
-{ERR_PACK(0,ASN1_F_D2I_RSAPUBLICKEY,0), "d2i_RSAPublicKey"},
-{ERR_PACK(0,ASN1_F_D2I_SXNET,0), "d2i_SXNET"},
-{ERR_PACK(0,ASN1_F_D2I_SXNETID,0), "d2i_SXNETID"},
-{ERR_PACK(0,ASN1_F_D2I_USERNOTICE,0), "d2i_USERNOTICE"},
-{ERR_PACK(0,ASN1_F_D2I_X509,0), "d2i_X509"},
-{ERR_PACK(0,ASN1_F_D2I_X509_ALGOR,0), "d2i_X509_ALGOR"},
-{ERR_PACK(0,ASN1_F_D2I_X509_ATTRIBUTE,0), "d2i_X509_ATTRIBUTE"},
-{ERR_PACK(0,ASN1_F_D2I_X509_CERT_AUX,0), "d2i_X509_CERT_AUX"},
-{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0), "d2i_X509_CINF"},
-{ERR_PACK(0,ASN1_F_D2I_X509_CRL,0), "d2i_X509_CRL"},
-{ERR_PACK(0,ASN1_F_D2I_X509_CRL_INFO,0), "d2i_X509_CRL_INFO"},
-{ERR_PACK(0,ASN1_F_D2I_X509_EXTENSION,0), "d2i_X509_EXTENSION"},
-{ERR_PACK(0,ASN1_F_D2I_X509_KEY,0), "D2I_X509_KEY"},
-{ERR_PACK(0,ASN1_F_D2I_X509_NAME,0), "d2i_X509_NAME"},
-{ERR_PACK(0,ASN1_F_D2I_X509_NAME_ENTRY,0), "d2i_X509_NAME_ENTRY"},
+{ERR_PACK(0,ASN1_F_D2I_X509,0), "D2I_X509"},
+{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0), "D2I_X509_CINF"},
+{ERR_PACK(0,ASN1_F_D2I_X509_NAME,0), "D2I_X509_NAME"},
{ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0), "d2i_X509_PKEY"},
-{ERR_PACK(0,ASN1_F_D2I_X509_PUBKEY,0), "d2i_X509_PUBKEY"},
-{ERR_PACK(0,ASN1_F_D2I_X509_REQ,0), "d2i_X509_REQ"},
-{ERR_PACK(0,ASN1_F_D2I_X509_REQ_INFO,0), "d2i_X509_REQ_INFO"},
-{ERR_PACK(0,ASN1_F_D2I_X509_REVOKED,0), "d2i_X509_REVOKED"},
-{ERR_PACK(0,ASN1_F_D2I_X509_SIG,0), "d2i_X509_SIG"},
-{ERR_PACK(0,ASN1_F_D2I_X509_VAL,0), "d2i_X509_VAL"},
-{ERR_PACK(0,ASN1_F_DIST_POINT_NAME_NEW,0), "DIST_POINT_NAME_new"},
-{ERR_PACK(0,ASN1_F_DIST_POINT_NEW,0), "DIST_POINT_new"},
-{ERR_PACK(0,ASN1_F_GENERAL_NAME_NEW,0), "GENERAL_NAME_new"},
-{ERR_PACK(0,ASN1_F_I2D_ASN1_HEADER,0), "i2d_ASN1_HEADER"},
-{ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0), "i2d_ASN1_TIME"},
+{ERR_PACK(0,ASN1_F_I2D_ASN1_TIME,0), "I2D_ASN1_TIME"},
{ERR_PACK(0,ASN1_F_I2D_DHPARAMS,0), "i2d_DHparams"},
{ERR_PACK(0,ASN1_F_I2D_DSAPARAMS,0), "i2d_DSAparams"},
{ERR_PACK(0,ASN1_F_I2D_DSAPRIVATEKEY,0), "i2d_DSAPrivateKey"},
{ERR_PACK(0,ASN1_F_I2D_DSAPUBLICKEY,0), "i2d_DSAPublicKey"},
{ERR_PACK(0,ASN1_F_I2D_DSA_PUBKEY,0), "i2d_DSA_PUBKEY"},
{ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0), "i2d_Netscape_RSA"},
-{ERR_PACK(0,ASN1_F_I2D_PKCS7,0), "i2d_PKCS7"},
{ERR_PACK(0,ASN1_F_I2D_PRIVATEKEY,0), "i2d_PrivateKey"},
{ERR_PACK(0,ASN1_F_I2D_PUBLICKEY,0), "i2d_PublicKey"},
-{ERR_PACK(0,ASN1_F_I2D_RSAPRIVATEKEY,0), "i2d_RSAPrivateKey"},
-{ERR_PACK(0,ASN1_F_I2D_RSAPUBLICKEY,0), "i2d_RSAPublicKey"},
{ERR_PACK(0,ASN1_F_I2D_RSA_PUBKEY,0), "i2d_RSA_PUBKEY"},
-{ERR_PACK(0,ASN1_F_I2D_X509_ATTRIBUTE,0), "i2d_X509_ATTRIBUTE"},
-{ERR_PACK(0,ASN1_F_I2T_ASN1_OBJECT,0), "i2t_ASN1_OBJECT"},
-{ERR_PACK(0,ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW,0), "NETSCAPE_CERT_SEQUENCE_new"},
-{ERR_PACK(0,ASN1_F_NETSCAPE_PKEY_NEW,0), "NETSCAPE_PKEY_NEW"},
-{ERR_PACK(0,ASN1_F_NETSCAPE_SPKAC_NEW,0), "NETSCAPE_SPKAC_new"},
-{ERR_PACK(0,ASN1_F_NETSCAPE_SPKI_NEW,0), "NETSCAPE_SPKI_new"},
-{ERR_PACK(0,ASN1_F_NOTICEREF_NEW,0), "NOTICEREF_new"},
+{ERR_PACK(0,ASN1_F_LONG_C2I,0), "LONG_C2I"},
{ERR_PACK(0,ASN1_F_OCSP_BASICRESP_NEW,0), "OCSP_BASICRESP_new"},
{ERR_PACK(0,ASN1_F_OCSP_CERTID_NEW,0), "OCSP_CERTID_new"},
{ERR_PACK(0,ASN1_F_OCSP_CERTSTATUS_NEW,0), "OCSP_CERTSTATUS_new"},
@@ -242,63 +188,37 @@
{ERR_PACK(0,ASN1_F_OCSP_SERVICELOC_NEW,0), "OCSP_SERVICELOC_new"},
{ERR_PACK(0,ASN1_F_OCSP_SIGNATURE_NEW,0), "OCSP_SIGNATURE_new"},
{ERR_PACK(0,ASN1_F_OCSP_SINGLERESP_NEW,0), "OCSP_SINGLERESP_new"},
-{ERR_PACK(0,ASN1_F_OTHERNAME_NEW,0), "OTHERNAME_new"},
-{ERR_PACK(0,ASN1_F_PBE2PARAM_NEW,0), "PBE2PARAM_new"},
-{ERR_PACK(0,ASN1_F_PBEPARAM_NEW,0), "PBEPARAM_new"},
-{ERR_PACK(0,ASN1_F_PBKDF2PARAM_NEW,0), "PBKDF2PARAM_new"},
-{ERR_PACK(0,ASN1_F_PKCS12_BAGS_NEW,0), "PKCS12_BAGS_new"},
-{ERR_PACK(0,ASN1_F_PKCS12_MAC_DATA_NEW,0), "PKCS12_MAC_DATA_new"},
-{ERR_PACK(0,ASN1_F_PKCS12_NEW,0), "PKCS12_new"},
-{ERR_PACK(0,ASN1_F_PKCS12_SAFEBAG_NEW,0), "PKCS12_SAFEBAG_new"},
+{ERR_PACK(0,ASN1_F_PKCS12_BAGS_NEW,0), "PKCS12_BAGS_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS12_MAC_DATA_NEW,0), "PKCS12_MAC_DATA_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS12_NEW,0), "PKCS12_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS12_SAFEBAG_NEW,0), "PKCS12_SAFEBAG_NEW"},
{ERR_PACK(0,ASN1_F_PKCS5_PBE2_SET,0), "PKCS5_pbe2_set"},
-{ERR_PACK(0,ASN1_F_PKCS7_DIGEST_NEW,0), "PKCS7_DIGEST_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_ENCRYPT_NEW,0), "PKCS7_ENCRYPT_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_ENC_CONTENT_NEW,0), "PKCS7_ENC_CONTENT_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_ENVELOPE_NEW,0), "PKCS7_ENVELOPE_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW,0), "PKCS7_ISSUER_AND_SERIAL_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_NEW,0), "PKCS7_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_RECIP_INFO_NEW,0), "PKCS7_RECIP_INFO_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_SIGNED_NEW,0), "PKCS7_SIGNED_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_SIGNER_INFO_NEW,0), "PKCS7_SIGNER_INFO_new"},
-{ERR_PACK(0,ASN1_F_PKCS7_SIGN_ENVELOPE_NEW,0), "PKCS7_SIGN_ENVELOPE_new"},
-{ERR_PACK(0,ASN1_F_PKCS8_PRIV_KEY_INFO_NEW,0), "PKCS8_PRIV_KEY_INFO_new"},
-{ERR_PACK(0,ASN1_F_PKEY_USAGE_PERIOD_NEW,0), "PKEY_USAGE_PERIOD_new"},
-{ERR_PACK(0,ASN1_F_POLICYINFO_NEW,0), "POLICYINFO_new"},
-{ERR_PACK(0,ASN1_F_POLICYQUALINFO_NEW,0), "POLICYQUALINFO_new"},
-{ERR_PACK(0,ASN1_F_SXNETID_NEW,0), "SXNETID_new"},
-{ERR_PACK(0,ASN1_F_SXNET_NEW,0), "SXNET_new"},
-{ERR_PACK(0,ASN1_F_USERNOTICE_NEW,0), "USERNOTICE_new"},
-{ERR_PACK(0,ASN1_F_X509_ALGOR_NEW,0), "X509_ALGOR_new"},
-{ERR_PACK(0,ASN1_F_X509_ATTRIBUTE_NEW,0), "X509_ATTRIBUTE_new"},
-{ERR_PACK(0,ASN1_F_X509_CERT_AUX_NEW,0), "X509_CERT_AUX_new"},
-{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0), "X509_CINF_new"},
-{ERR_PACK(0,ASN1_F_X509_CRL_INFO_NEW,0), "X509_CRL_INFO_new"},
-{ERR_PACK(0,ASN1_F_X509_CRL_NEW,0), "X509_CRL_new"},
-{ERR_PACK(0,ASN1_F_X509_DHPARAMS_NEW,0), "X509_DHPARAMS_NEW"},
-{ERR_PACK(0,ASN1_F_X509_EXTENSION_NEW,0), "X509_EXTENSION_new"},
+{ERR_PACK(0,ASN1_F_PKCS7_DIGEST_NEW,0), "PKCS7_DIGEST_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_ENCRYPT_NEW,0), "PKCS7_ENCRYPT_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_ENC_CONTENT_NEW,0), "PKCS7_ENC_CONTENT_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_ENVELOPE_NEW,0), "PKCS7_ENVELOPE_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW,0), "PKCS7_ISSUER_AND_SERIAL_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_NEW,0), "PKCS7_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_RECIP_INFO_NEW,0), "PKCS7_RECIP_INFO_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_SIGNED_NEW,0), "PKCS7_SIGNED_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_SIGNER_INFO_NEW,0), "PKCS7_SIGNER_INFO_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_SIGN_ENVELOPE_NEW,0), "PKCS7_SIGN_ENVELOPE_NEW"},
+{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0), "X509_CINF_NEW"},
+{ERR_PACK(0,ASN1_F_X509_CRL_ADD0_REVOKED,0), "X509_CRL_add0_revoked"},
{ERR_PACK(0,ASN1_F_X509_INFO_NEW,0), "X509_INFO_new"},
-{ERR_PACK(0,ASN1_F_X509_KEY_NEW,0), "X509_KEY_NEW"},
-{ERR_PACK(0,ASN1_F_X509_NAME_ENTRY_NEW,0), "X509_NAME_ENTRY_new"},
-{ERR_PACK(0,ASN1_F_X509_NAME_NEW,0), "X509_NAME_new"},
-{ERR_PACK(0,ASN1_F_X509_NEW,0), "X509_new"},
+{ERR_PACK(0,ASN1_F_X509_NAME_NEW,0), "X509_NAME_NEW"},
+{ERR_PACK(0,ASN1_F_X509_NEW,0), "X509_NEW"},
{ERR_PACK(0,ASN1_F_X509_PKEY_NEW,0), "X509_PKEY_new"},
-{ERR_PACK(0,ASN1_F_X509_PUBKEY_NEW,0), "X509_PUBKEY_new"},
-{ERR_PACK(0,ASN1_F_X509_REQ_INFO_NEW,0), "X509_REQ_INFO_new"},
-{ERR_PACK(0,ASN1_F_X509_REQ_NEW,0), "X509_REQ_new"},
-{ERR_PACK(0,ASN1_F_X509_REVOKED_NEW,0), "X509_REVOKED_new"},
-{ERR_PACK(0,ASN1_F_X509_SIG_NEW,0), "X509_SIG_new"},
-{ERR_PACK(0,ASN1_F_X509_VAL_FREE,0), "X509_VAL_free"},
-{ERR_PACK(0,ASN1_F_X509_VAL_NEW,0), "X509_VAL_new"},
{0,NULL}
};
static ERR_STRING_DATA ASN1_str_reasons[]=
{
+{ASN1_R_AUX_ERROR ,"aux error"},
{ASN1_R_BAD_CLASS ,"bad class"},
{ASN1_R_BAD_OBJECT_HEADER ,"bad object header"},
{ASN1_R_BAD_PASSWORD_READ ,"bad password read"},
{ASN1_R_BAD_PKCS7_CONTENT ,"bad pkcs7 content"},
-{ASN1_R_BAD_PKCS7_TYPE ,"bad pkcs7 type"},
{ASN1_R_BAD_TAG ,"bad tag"},
{ASN1_R_BAD_TYPE ,"bad type"},
{ASN1_R_BN_LIB ,"bn lib"},
@@ -311,20 +231,21 @@
{ASN1_R_ENCODE_ERROR ,"encode error"},
{ASN1_R_ERROR_PARSING_SET_ELEMENT ,"error parsing set element"},
{ASN1_R_ERROR_SETTING_CIPHER_PARAMS ,"error setting cipher params"},
-{ASN1_R_EXPECTING_AN_ENUMERATED ,"expecting an enumerated"},
{ASN1_R_EXPECTING_AN_INTEGER ,"expecting an integer"},
{ASN1_R_EXPECTING_AN_OBJECT ,"expecting an object"},
-{ASN1_R_EXPECTING_AN_OCTET_STRING ,"expecting an octet string"},
-{ASN1_R_EXPECTING_A_BIT_STRING ,"expecting a bit string"},
{ASN1_R_EXPECTING_A_BOOLEAN ,"expecting a boolean"},
-{ASN1_R_EXPECTING_A_GENERALIZEDTIME ,"expecting a generalizedtime"},
{ASN1_R_EXPECTING_A_NULL ,"expecting a null"},
{ASN1_R_EXPECTING_A_TIME ,"expecting a time"},
-{ASN1_R_EXPECTING_A_UTCTIME ,"expecting a utctime"},
+{ASN1_R_EXPLICIT_LENGTH_MISMATCH ,"explicit length mismatch"},
+{ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED ,"explicit tag not constructed"},
+{ASN1_R_FIELD_MISSING ,"field missing"},
{ASN1_R_FIRST_NUM_TOO_LARGE ,"first num too large"},
-{ASN1_R_GENERALIZEDTIME_TOO_LONG ,"generalizedtime too long"},
{ASN1_R_HEADER_TOO_LONG ,"header too long"},
{ASN1_R_ILLEGAL_CHARACTERS ,"illegal characters"},
+{ASN1_R_ILLEGAL_NULL ,"illegal null"},
+{ASN1_R_ILLEGAL_OPTIONAL_ANY ,"illegal optional any"},
+{ASN1_R_ILLEGAL_TAGGED_ANY ,"illegal tagged any"},
+{ASN1_R_INTEGER_TOO_LARGE_FOR_LONG ,"integer too large for long"},
{ASN1_R_INVALID_BMPSTRING_LENGTH ,"invalid bmpstring length"},
{ASN1_R_INVALID_DIGIT ,"invalid digit"},
{ASN1_R_INVALID_SEPARATOR ,"invalid separator"},
@@ -333,32 +254,38 @@
{ASN1_R_INVALID_UTF8STRING ,"invalid utf8string"},
{ASN1_R_IV_TOO_LARGE ,"iv too large"},
{ASN1_R_LENGTH_ERROR ,"length error"},
+{ASN1_R_MISSING_EOC ,"missing eoc"},
{ASN1_R_MISSING_SECOND_NUMBER ,"missing second number"},
+{ASN1_R_MSTRING_NOT_UNIVERSAL ,"mstring not universal"},
+{ASN1_R_MSTRING_WRONG_TAG ,"mstring wrong tag"},
{ASN1_R_NON_HEX_CHARACTERS ,"non hex characters"},
{ASN1_R_NOT_ENOUGH_DATA ,"not enough data"},
+{ASN1_R_NO_MATCHING_CHOICE_TYPE ,"no matching choice type"},
{ASN1_R_NULL_IS_WRONG_LENGTH ,"null is wrong length"},
{ASN1_R_ODD_NUMBER_OF_CHARS ,"odd number of chars"},
{ASN1_R_PARSING ,"parsing"},
{ASN1_R_PRIVATE_KEY_HEADER_MISSING ,"private key header missing"},
{ASN1_R_SECOND_NUMBER_TOO_LARGE ,"second number too large"},
+{ASN1_R_SEQUENCE_LENGTH_MISMATCH ,"sequence length mismatch"},
+{ASN1_R_SEQUENCE_NOT_CONSTRUCTED ,"sequence not constructed"},
{ASN1_R_SHORT_LINE ,"short line"},
{ASN1_R_STRING_TOO_LONG ,"string too long"},
{ASN1_R_STRING_TOO_SHORT ,"string too short"},
{ASN1_R_TAG_VALUE_TOO_HIGH ,"tag value too high"},
{ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
{ASN1_R_TOO_LONG ,"too long"},
+{ASN1_R_TYPE_NOT_CONSTRUCTED ,"type not constructed"},
{ASN1_R_UNABLE_TO_DECODE_RSA_KEY ,"unable to decode rsa key"},
{ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY ,"unable to decode rsa private key"},
-{ASN1_R_UNKNOWN_ATTRIBUTE_TYPE ,"unknown attribute type"},
+{ASN1_R_UNEXPECTED_EOC ,"unexpected eoc"},
{ASN1_R_UNKNOWN_FORMAT ,"unknown format"},
{ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM ,"unknown message digest algorithm"},
{ASN1_R_UNKNOWN_OBJECT_TYPE ,"unknown object type"},
{ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE ,"unknown public key type"},
+{ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE ,"unsupported any defined by type"},
{ASN1_R_UNSUPPORTED_CIPHER ,"unsupported cipher"},
{ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM ,"unsupported encryption algorithm"},
{ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE ,"unsupported public key type"},
-{ASN1_R_UTCTIME_TOO_LONG ,"utctime too long"},
-{ASN1_R_WRONG_PRINTABLE_TYPE ,"wrong printable type"},
{ASN1_R_WRONG_TAG ,"wrong tag"},
{ASN1_R_WRONG_TYPE ,"wrong type"},
{0,NULL}
diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c
index 77447a5..830ff2a 100644
--- a/crypto/asn1/asn1_lib.c
+++ b/crypto/asn1/asn1_lib.c
@@ -59,7 +59,6 @@
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
static int asn1_get_length(unsigned char **pp,int *inf,long *rl,int max);
static void asn1_put_length(unsigned char **pp, int length);
diff --git a/crypto/asn1/asn1t.h b/crypto/asn1/asn1t.h
new file mode 100644
index 0000000..430c371
--- /dev/null
+++ b/crypto/asn1/asn1t.h
@@ -0,0 +1,755 @@
+/* asn1t.h */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#ifndef HEADER_ASN1T_H
+#define HEADER_ASN1T_H
+
+#include <stddef.h>
+#include <openssl/asn1.h>
+
+/* ASN1 template defines, structures and functions */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Macros to aid ASN1 template writing */
+
+#define ASN1_ITEM_TEMPLATE(tname) \
+ const static ASN1_TEMPLATE tname##_item_tt
+
+#define ASN1_ITEM_TEMPLATE_END(tname) \
+ ;\
+ const ASN1_ITEM tname##_it = { \
+ ASN1_ITYPE_PRIMITIVE,\
+ -1,\
+ &tname##_item_tt,\
+ 0,\
+ NULL,\
+ 0,\
+ #tname \
+ }
+
+
+/* This is a ASN1 type which just embeds a template */
+
+/* This pair helps declare a SEQUENCE. We can do:
+ *
+ * ASN1_SEQUENCE(stname) = {
+ * ... SEQUENCE components ...
+ * } ASN1_SEQUENCE_END(stname);
+ *
+ * This will produce an ASN1_ITEM called stname_it
+ * for a structure called stname.
+ *
+ * If you want the same structure but a different
+ * name then use:
+ *
+ * ASN1_SEQUENCE(itname) = {
+ * ... SEQUENCE components ...
+ * } ASN1_SEQUENCE_END_name(stname, itname);
+ *
+ * This will create an item called itname_it using
+ * a structure called stname.
+ */
+
+#define ASN1_SEQUENCE(tname) \
+ const static ASN1_TEMPLATE tname##_seq_tt[]
+
+#define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname)
+
+#define ASN1_SEQUENCE_END_name(stname, tname) \
+ ;\
+ const ASN1_ITEM tname##_it = { \
+ ASN1_ITYPE_SEQUENCE,\
+ V_ASN1_SEQUENCE,\
+ tname##_seq_tt,\
+ sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+ NULL,\
+ sizeof(stname),\
+ #stname \
+ }
+
+#define ASN1_SEQUENCE_cb(tname, cb) \
+ const static ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
+ ASN1_SEQUENCE(tname)
+
+#define ASN1_BROKEN_SEQUENCE(tname) \
+ const static ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \
+ ASN1_SEQUENCE(tname)
+
+#define ASN1_SEQUENCE_ref(tname, cb, lck) \
+ const static ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \
+ ASN1_SEQUENCE(tname)
+
+#define ASN1_SEQUENCE_enc(tname, enc, cb) \
+ const static ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \
+ ASN1_SEQUENCE(tname)
+
+#define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname)
+
+#define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
+
+#define ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname)
+
+#define ASN1_SEQUENCE_END_ref(stname, tname) \
+ ;\
+ const ASN1_ITEM tname##_it = { \
+ ASN1_ITYPE_SEQUENCE,\
+ V_ASN1_SEQUENCE,\
+ tname##_seq_tt,\
+ sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\
+ &tname##_aux,\
+ sizeof(stname),\
+ #stname \
+ }
+
+
+/* This pair helps declare a CHOICE type. We can do:
+ *
+ * ASN1_CHOICE(chname) = {
+ * ... CHOICE options ...
+ * ASN1_CHOICE_END(chname);
+ *
+ * This will produce an ASN1_ITEM called chname_it
+ * for a structure called chname. The structure
+ * definition must look like this:
+ * typedef struct {
+ * int type;
+ * union {
+ * ASN1_SOMETHING *opt1;
+ * ASN1_SOMEOTHER *opt2;
+ * } value;
+ * } chname;
+ *
+ * the name of the selector must be 'type'.
+ * to use an alternative selector name use the
+ * ASN1_CHOICE_END_selector() version.
+ */
+
+#define ASN1_CHOICE(tname) \
+ const static ASN1_TEMPLATE tname##_ch_tt[]
+
+#define ASN1_CHOICE_cb(tname, cb) \
+ const static ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \
+ ASN1_CHOICE(tname)
+
+#define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname)
+
+#define ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type)
+
+#define ASN1_CHOICE_END_selector(stname, tname, selname) \
+ ;\
+ const ASN1_ITEM tname##_it = { \
+ ASN1_ITYPE_CHOICE,\
+ offsetof(stname,selname) ,\
+ tname##_ch_tt,\
+ sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
+ NULL,\
+ sizeof(stname),\
+ #stname \
+ }
+
+#define ASN1_CHOICE_END_cb(stname, tname, selname) \
+ ;\
+ const ASN1_ITEM tname##_it = { \
+ ASN1_ITYPE_CHOICE,\
+ offsetof(stname,selname) ,\
+ tname##_ch_tt,\
+ sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\
+ &tname##_aux,\
+ sizeof(stname),\
+ #stname \
+ }
+
+/* This helps with the template wrapper form of ASN1_ITEM */
+
+#define ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \
+ (flags), (tag), 0,\
+ #name, &(type##_it) }
+
+/* These help with SEQUENCE or CHOICE components */
+
+/* used to declare other types */
+
+#define ASN1_EX_TYPE(flags, tag, stname, field, type) { \
+ (flags), (tag), offsetof(stname, field),\
+ #field, &(type##_it) }
+
+/* used when the structure is combined with the parent */
+
+#define ASN1_EX_COMBINE(flags, tag, type) { \
+ (flags)|ASN1_TFLG_COMBINE, (tag), 0, NULL, &(type##_it) }
+
+/* implicit and explicit helper macros */
+
+#define ASN1_IMP_EX(stname, field, type, tag, ex) \
+ ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | ex, tag, stname, field, type)
+
+#define ASN1_EXP_EX(stname, field, type, tag, ex) \
+ ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | ex, tag, stname, field, type)
+
+/* Any defined by macros: the field used is in the table itself */
+
+#define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, &(tblname##_adb) }
+#define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, &(tblname##_adb) }
+
+/* Plain simple type */
+#define ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type)
+
+/* OPTIONAL simple type */
+#define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+
+/* IMPLICIT tagged simple type */
+#define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0)
+
+/* IMPLICIT tagged OPTIONAL simple type */
+#define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
+
+/* Same as above but EXPLICIT */
+
+#define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0)
+#define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL)
+
+/* SEQUENCE OF type */
+#define ASN1_SEQUENCE_OF(stname, field, type) \
+ ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type)
+
+/* OPTIONAL SEQUENCE OF */
+#define ASN1_SEQUENCE_OF_OPT(stname, field, type) \
+ ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+
+/* Same as above but for SET OF */
+
+#define ASN1_SET_OF(stname, field, type) \
+ ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type)
+
+#define ASN1_SET_OF_OPT(stname, field, type) \
+ ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type)
+
+/* Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL */
+
+#define ASN1_IMP_SET_OF(stname, field, type, tag) \
+ ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
+
+#define ASN1_EXP_SET_OF(stname, field, type, tag) \
+ ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF)
+
+#define ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \
+ ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
+
+#define ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \
+ ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL)
+
+#define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \
+ ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
+
+#define ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \
+ ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
+
+#define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \
+ ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF)
+
+#define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \
+ ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL)
+
+/* Macros for the ASN1_ADB structure */
+
+#define ASN1_ADB(name) \
+ const static ASN1_ADB_TABLE name##_adbtbl[]
+
+#define ASN1_ADB_END(name, flags, field, app_table, def, none) \
+ ;\
+ const static ASN1_ADB name##_adb = {\
+ flags,\
+ offsetof(name, field),\
+ app_table,\
+ name##_adbtbl,\
+ sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\
+ def,\
+ none\
+ }
+
+#define ADB_ENTRY(val, template) {val, template}
+
+#define ASN1_ADB_TEMPLATE(name) \
+ const static ASN1_TEMPLATE name##_tt
+
+/* This is the ASN1 template structure that defines
+ * a wrapper round the actual type. It determines the
+ * actual position of the field in the value structure,
+ * various flags such as OPTIONAL and the field name.
+ */
+
+struct ASN1_TEMPLATE_st {
+unsigned long flags; /* Various flags */
+long tag; /* tag, not used if no tagging */
+unsigned long offset; /* Offset of this field in structure */
+#ifndef NO_ASN1_FIELD_NAMES
+char *field_name; /* Field name */
+#endif
+const void *item; /* Relevant ASN1_ITEM or ASN1_ADB */
+};
+
+
+typedef struct ASN1_ADB_TABLE_st ASN1_ADB_TABLE;
+typedef struct ASN1_ADB_st ASN1_ADB;
+
+struct ASN1_ADB_st {
+ unsigned long flags; /* Various flags */
+ unsigned long offset; /* Offset of selector field */
+ STACK_OF(ASN1_ADB_TABLE) **app_items; /* Application defined items */
+ const ASN1_ADB_TABLE *tbl; /* Table of possible types */
+ long tblcount; /* Number of entries in tbl */
+ const ASN1_TEMPLATE *default_tt; /* Type to use if no match */
+ const ASN1_TEMPLATE *null_tt; /* Type to use if selector is NULL */
+};
+
+struct ASN1_ADB_TABLE_st {
+ long value; /* NID for an object or value for an int */
+ const ASN1_TEMPLATE tt; /* item for this value */
+};
+
+/* template flags */
+
+/* Field is optional */
+#define ASN1_TFLG_OPTIONAL (0x1)
+
+/* Field is a SET OF */
+#define ASN1_TFLG_SET_OF (0x1 << 1)
+
+/* Field is a SEQUENCE OF */
+#define ASN1_TFLG_SEQUENCE_OF (0x2 << 1)
+
+#define ASN1_TFLG_SK_MASK (0x3 << 1)
+
+/* These flags mean the tag should be taken from the
+ * tag field. If EXPLICIT then the underlying type
+ * is used for the inner tag.
+ */
+
+/* IMPLICIT tagging */
+#define ASN1_TFLG_IMPTAG (0x1 << 3)
+
+
+/* EXPLICIT tagging, inner tag from underlying type */
+#define ASN1_TFLG_EXPTAG (0x2 << 3)
+
+#define ASN1_TFLG_TAG_MASK (0x3 << 3)
+
+/* context specific IMPLICIT */
+#define ASN1_TFLG_IMPLICIT ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT
+
+/* context specific EXPLICIT */
+#define ASN1_TFLG_EXPLICIT ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT
+
+/* If tagging is in force these determine the
+ * type of tag to use. Otherwise the tag is
+ * determined by the underlying type. These
+ * values reflect the actual octet format.
+ */
+
+/* Universal tag */
+#define ASN1_TFLG_UNIVERSAL (0x0<<6)
+/* Application tag */
+#define ASN1_TFLG_APPLICATION (0x1<<6)
+/* Context specific tag */
+#define ASN1_TFLG_CONTEXT (0x2<<6)
+/* Private tag */
+#define ASN1_TFLG_PRIVATE (0x3<<6)
+
+#define ASN1_TFLG_TAG_CLASS (0x3<<6)
+
+/* These are for ANY DEFINED BY type. In this case
+ * the 'item' field points to an ASN1_ADB structure
+ * which contains a table of values to decode the
+ * relevant type
+ */
+
+#define ASN1_TFLG_ADB_MASK (0x3<<8)
+
+#define ASN1_TFLG_ADB_OID (0x1<<8)
+
+#define ASN1_TFLG_ADB_INT (0x1<<9)
+
+/* This flag means a parent structure is passed
+ * instead of the field: this is useful is a
+ * SEQUENCE is being combined with a CHOICE for
+ * example. Since this means the structure and
+ * item name will differ we need to use the
+ * ASN1_CHOICE_END_name() macro for example.
+ */
+
+#define ASN1_TFLG_COMBINE (0x1<<10)
+
+/* This is the actual ASN1 item itself */
+
+struct ASN1_ITEM_st {
+char itype; /* The item type, primitive, SEQUENCE, CHOICE or extern */
+long utype; /* underlying type */
+const ASN1_TEMPLATE *templates; /* If SEQUENCE or CHOICE this contains the contents */
+long tcount; /* Number of templates if SEQUENCE or CHOICE */
+const void *funcs; /* functions that handle this type */
+long size; /* Structure size (usually)*/
+#ifndef NO_ASN1_FIELD_NAMES
+const char *sname; /* Structure name */
+#endif
+};
+
+/* These are values for the itype field and
+ * determine how the type is interpreted.
+ *
+ * For PRIMITIVE types the underlying type
+ * determines the behaviour if items is NULL.
+ *
+ * Otherwise templates must contain a single
+ * template and the type is treated in the
+ * same way as the type specified in the template.
+ *
+ * For SEQUENCE types the templates field points
+ * to the members, the size field is the
+ * structure size.
+ *
+ * For CHOICE types the templates field points
+ * to each possible member (typically a union)
+ * and the 'size' field is the offset of the
+ * selector.
+ *
+ * The 'funcs' field is used for application
+ * specific functions.
+ *
+ * For COMPAT types the funcs field gives a
+ * set of functions that handle this type, this
+ * supports the old d2i, i2d convention.
+ *
+ * The EXTERN type uses a new style d2i/i2d.
+ * The new style should be used where possible
+ * because it avoids things like the d2i IMPLICIT
+ * hack.
+ *
+ * MSTRING is a multiple string type, it is used
+ * for a CHOICE of character strings where the
+ * actual strings all occupy an ASN1_STRING
+ * structure. In this case the 'utype' field
+ * has a special meaning, it is used as a mask
+ * of acceptable types using the B_ASN1 constants.
+ *
+ */
+
+#define ASN1_ITYPE_PRIMITIVE 0x0
+
+#define ASN1_ITYPE_SEQUENCE 0x1
+
+#define ASN1_ITYPE_CHOICE 0x2
+
+#define ASN1_ITYPE_COMPAT 0x3
+
+#define ASN1_ITYPE_EXTERN 0x4
+
+#define ASN1_ITYPE_MSTRING 0x5
+
+/* Cache for ASN1 tag and length, so we
+ * don't keep re-reading it for things
+ * like CHOICE
+ */
+
+struct ASN1_TLC_st{
+ char valid; /* Values below are valid */
+ int ret; /* return value */
+ long plen; /* length */
+ int ptag; /* class value */
+ int pclass; /* class value */
+ int hdrlen; /* header length */
+};
+
+/* Typedefs for ASN1 function pointers */
+
+typedef ASN1_VALUE * ASN1_new_func(void);
+typedef void ASN1_free_func(ASN1_VALUE *a);
+typedef ASN1_VALUE * ASN1_d2i_func(ASN1_VALUE **a, unsigned char ** in, long length);
+typedef int ASN1_i2d_func(ASN1_VALUE * a, unsigned char **in);
+
+typedef int ASN1_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it,
+ int tag, int aclass, char opt, ASN1_TLC *ctx);
+
+typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
+typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
+typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it);
+
+typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
+typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
+
+typedef struct ASN1_COMPAT_FUNCS_st {
+ ASN1_new_func *asn1_new;
+ ASN1_free_func *asn1_free;
+ ASN1_d2i_func *asn1_d2i;
+ ASN1_i2d_func *asn1_i2d;
+} ASN1_COMPAT_FUNCS;
+
+typedef struct ASN1_EXTERN_FUNCS_st {
+ void *app_data;
+ ASN1_ex_new_func *asn1_ex_new;
+ ASN1_ex_free_func *asn1_ex_free;
+ ASN1_ex_free_func *asn1_ex_clear;
+ ASN1_ex_d2i *asn1_ex_d2i;
+ ASN1_ex_i2d *asn1_ex_i2d;
+} ASN1_EXTERN_FUNCS;
+
+typedef struct ASN1_PRIMITIVE_FUNCS_st {
+ void *app_data;
+ unsigned long flags;
+ ASN1_ex_new_func *prim_new;
+ ASN1_ex_free_func *prim_free;
+ ASN1_ex_free_func *prim_clear;
+ ASN1_primitive_c2i *prim_c2i;
+ ASN1_primitive_i2c *prim_i2c;
+} ASN1_PRIMITIVE_FUNCS;
+
+/* This is the ASN1_AUX structure: it handles various
+ * miscellaneous requirements. For example the use of
+ * reference counts and an informational callback.
+ *
+ * The "informational callback" is called at various
+ * points during the ASN1 encoding and decoding. It can
+ * be used to provide minor customisation of the structures
+ * used. This is most useful where the supplied routines
+ * *almost* do the right thing but need some extra help
+ * at a few points. If the callback returns zero then
+ * it is assumed a fatal error has occurred and the
+ * main operation should be abandoned.
+ *
+ * If major changes in the default behaviour are required
+ * then an external type is more appropriate.
+ */
+
+typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it);
+
+typedef struct ASN1_AUX_st {
+ void *app_data;
+ int flags;
+ int ref_offset; /* Offset of reference value */
+ int ref_lock; /* Lock type to use */
+ ASN1_aux_cb *asn1_cb;
+ int enc_offset; /* Offset of ASN1_ENCODING structure */
+} ASN1_AUX;
+
+/* Flags in ASN1_AUX */
+
+/* Use a reference count */
+#define ASN1_AFLG_REFCOUNT 1
+/* Save the encoding of structure (useful for signatures) */
+#define ASN1_AFLG_ENCODING 2
+/* The Sequence length is invalid */
+#define ASN1_AFLG_BROKEN 4
+
+/* operation values for asn1_cb */
+
+#define ASN1_OP_NEW_PRE 0
+#define ASN1_OP_NEW_POST 1
+#define ASN1_OP_FREE_PRE 2
+#define ASN1_OP_FREE_POST 3
+#define ASN1_OP_D2I_PRE 4
+#define ASN1_OP_D2I_POST 5
+#define ASN1_OP_I2D_PRE 6
+#define ASN1_OP_I2D_POST 7
+
+/* Macro to implement a primitive type */
+#define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0)
+#define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) const ASN1_ITEM itname##_it = \
+ { ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname};
+
+/* Macro to implement a multi string type */
+#define IMPLEMENT_ASN1_MSTRING(itname, mask) const ASN1_ITEM itname##_it = \
+ { ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname};
+
+/* Macro to implement an ASN1_ITEM in terms of old style funcs */
+
+#define IMPLEMENT_COMPAT_ASN1(sname) IMPLEMENT_COMPAT_ASN1_type(sname, V_ASN1_SEQUENCE)
+
+#define IMPLEMENT_COMPAT_ASN1_type(sname, tag) \
+ static const ASN1_COMPAT_FUNCS sname##_ff = { \
+ (ASN1_new_func *)sname##_new, \
+ (ASN1_free_func *)sname##_free, \
+ (ASN1_d2i_func *)d2i_##sname, \
+ (ASN1_i2d_func *)i2d_##sname, \
+ }; \
+ ASN1_ITEM const sname##_it = { \
+ ASN1_ITYPE_COMPAT, \
+ tag, \
+ NULL, \
+ 0, \
+ &sname##_ff, \
+ 0, \
+ #sname \
+ }
+
+#define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \
+ const ASN1_ITEM sname##_it = { \
+ ASN1_ITYPE_EXTERN, \
+ tag, \
+ NULL, \
+ 0, \
+ &fptrs, \
+ 0, \
+ #sname \
+ };
+
+/* Macro to implement standard functions in terms of ASN1_ITEM structures */
+
+#define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname)
+
+#define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname)
+
+#define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \
+ IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname)
+
+#define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \
+ stname *fname##_new(void) \
+ { \
+ return (stname *)ASN1_item_new(&itname##_it); \
+ } \
+ void fname##_free(stname *a) \
+ { \
+ ASN1_item_free((ASN1_VALUE *)a, &itname##_it); \
+ }
+
+#define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \
+ IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
+ IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
+
+#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \
+ stname *d2i_##fname(stname **a, unsigned char **in, long len) \
+ { \
+ return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, &itname##_it);\
+ } \
+ int i2d_##fname(stname *a, unsigned char **out) \
+ { \
+ return ASN1_item_i2d((ASN1_VALUE *)a, out, &itname##_it);\
+ }
+
+/* This includes evil casts to remove const: they will go away when full
+ * ASN1 constification is done.
+ */
+#define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
+ stname *d2i_##fname(stname **a, const unsigned char **in, long len) \
+ { \
+ return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, (unsigned char **)in, len, &itname##_it);\
+ } \
+ int i2d_##fname(const stname *a, unsigned char **out) \
+ { \
+ return ASN1_item_i2d((ASN1_VALUE *)a, out, &itname##_it);\
+ }
+
+#define IMPLEMENT_ASN1_FUNCTIONS_const(name) \
+ IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name)
+
+#define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \
+ IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \
+ IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname)
+
+/* external definitions for primitive types */
+
+extern const ASN1_ITEM ASN1_BOOLEAN_it;
+extern const ASN1_ITEM ASN1_TBOOLEAN_it;
+extern const ASN1_ITEM ASN1_FBOOLEAN_it;
+extern const ASN1_ITEM ASN1_OBJECT_it;
+extern const ASN1_ITEM ASN1_ANY_it;
+extern const ASN1_ITEM ASN1_SEQUENCE_it;
+extern const ASN1_ITEM CBIGNUM_it;
+extern const ASN1_ITEM BIGNUM_it;
+extern const ASN1_ITEM LONG_it;
+extern const ASN1_ITEM ZLONG_it;
+
+DECLARE_STACK_OF(ASN1_VALUE)
+
+/* Functions used internally by the ASN1 code */
+
+int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
+void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
+int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
+int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
+
+void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
+int ASN1_template_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt);
+int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it,
+ int tag, int aclass, char opt, ASN1_TLC *ctx);
+
+int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
+int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt);
+void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
+
+int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
+int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
+
+int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it);
+int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it);
+
+ASN1_VALUE ** asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
+
+const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr);
+
+int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it);
+
+void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it);
+void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
+int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it);
+int asn1_enc_save(ASN1_VALUE **pval, unsigned char *in, int inlen, const ASN1_ITEM *it);
+
+#ifdef __cplusplus
+}
+#endif
+#endif
diff --git a/crypto/asn1/d2i_dhp.c b/crypto/asn1/d2i_dhp.c
deleted file mode 100644
index d64ec74..0000000
--- a/crypto/asn1/d2i_dhp.c
+++ /dev/null
@@ -1,101 +0,0 @@
-/* crypto/asn1/d2i_dhp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DH
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dh.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-DH *d2i_DHparams(DH **a, const unsigned char **pp, long length)
- {
- int i=ERR_R_NESTED_ASN1_ERROR;
- ASN1_INTEGER *bs=NULL;
- long v=0;
- M_ASN1_D2I_vars(a,DH *,DH_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn;
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL) goto err_bn;
-
- if (!M_ASN1_D2I_end_sequence())
- {
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- for (i=0; i<bs->length; i++)
- v=(v<<8)|(bs->data[i]);
- ret->length=(int)v;
- }
-
- M_ASN1_BIT_STRING_free(bs);
-
- M_ASN1_D2I_Finish_2(a);
-
-err_bn:
- i=ERR_R_BN_LIB;
-err:
- ASN1err(ASN1_F_D2I_DHPARAMS,i);
- if ((ret != NULL) && ((a == NULL) || (*a != ret))) DH_free(ret);
- if (bs != NULL) M_ASN1_BIT_STRING_free(bs);
- return(NULL);
- }
-#endif
diff --git a/crypto/asn1/d2i_dsap.c b/crypto/asn1/d2i_dsap.c
deleted file mode 100644
index 1b6b7cd..0000000
--- a/crypto/asn1/d2i_dsap.c
+++ /dev/null
@@ -1,99 +0,0 @@
-/* crypto/asn1/d2i_dsap.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-#ifndef NO_NEG_PUBKEY_BUG
-#define d2i_ASN1_INTEGER d2i_ASN1_UINTEGER
-#endif
-
-DSA *d2i_DSAparams(DSA **a, const unsigned char **pp, long length)
- {
- int i=ERR_R_NESTED_ASN1_ERROR;
- ASN1_INTEGER *bs=NULL;
- M_ASN1_D2I_vars(a,DSA *,DSA_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn;
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL) goto err_bn;
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL) goto err_bn;
-
- M_ASN1_BIT_STRING_free(bs);
- bs = NULL;
-
- M_ASN1_D2I_Finish_2(a);
-
-err_bn:
- i=ERR_R_BN_LIB;
-err:
- ASN1err(ASN1_F_D2I_DSAPARAMS,i);
- if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_free(ret);
- if (bs != NULL) M_ASN1_BIT_STRING_free(bs);
- return(NULL);
- }
-#endif
diff --git a/crypto/asn1/d2i_r_pr.c b/crypto/asn1/d2i_r_pr.c
deleted file mode 100644
index 46037a0..0000000
--- a/crypto/asn1/d2i_r_pr.c
+++ /dev/null
@@ -1,129 +0,0 @@
-/* crypto/asn1/d2i_r_pr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-static ASN1_METHOD method={
- (int (*)()) i2d_RSAPrivateKey,
- (char *(*)())d2i_RSAPrivateKey,
- (char *(*)())RSA_new,
- (void (*)()) RSA_free};
-
-ASN1_METHOD *RSAPrivateKey_asn1_meth(void)
- {
- return(&method);
- }
-
-RSA *d2i_RSAPrivateKey(RSA **a, const unsigned char **pp, long length)
- {
- int i=ASN1_R_PARSING;
- ASN1_INTEGER *bs=NULL;
- M_ASN1_D2I_vars(a,RSA *,RSA_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if (bs->length == 0)
- ret->version=0;
- else ret->version=bs->data[0];
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->n=BN_bin2bn(bs->data,bs->length,ret->n)) == NULL) goto err_bn;
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->e=BN_bin2bn(bs->data,bs->length,ret->e)) == NULL) goto err_bn;
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->d=BN_bin2bn(bs->data,bs->length,ret->d)) == NULL) goto err_bn;
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn;
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL) goto err_bn;
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->dmp1=BN_bin2bn(bs->data,bs->length,ret->dmp1)) == NULL)
- goto err_bn;
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->dmq1=BN_bin2bn(bs->data,bs->length,ret->dmq1)) == NULL)
- goto err_bn;
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->iqmp=BN_bin2bn(bs->data,bs->length,ret->iqmp)) == NULL)
- goto err_bn;
-
- M_ASN1_INTEGER_free(bs);
- bs = NULL;
-
- M_ASN1_D2I_Finish_2(a);
-err_bn:
- i=ERR_R_BN_LIB;
-err:
- ASN1err(ASN1_F_D2I_RSAPRIVATEKEY,i);
- if ((ret != NULL) && ((a == NULL) || (*a != ret))) RSA_free(ret);
- if (bs != NULL) M_ASN1_INTEGER_free(bs);
-
- return(NULL);
- }
-#else /* !NO_RSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/crypto/asn1/d2i_r_pu.c b/crypto/asn1/d2i_r_pu.c
deleted file mode 100644
index 0d11d85..0000000
--- a/crypto/asn1/d2i_r_pu.c
+++ /dev/null
@@ -1,103 +0,0 @@
-/* crypto/asn1/d2i_r_pu.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-#ifndef NO_NEG_PUBKEY_BUG
-#define d2i_ASN1_INTEGER d2i_ASN1_UINTEGER
-#endif
-
-RSA *d2i_RSAPublicKey(RSA **a, const unsigned char **pp, long length)
- {
- int i=ASN1_R_PARSING;
- ASN1_INTEGER *bs=NULL;
- M_ASN1_D2I_vars(a,RSA *,RSA_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->n=BN_bin2bn(bs->data,bs->length,ret->n)) == NULL) goto err_bn;
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->e=BN_bin2bn(bs->data,bs->length,ret->e)) == NULL) goto err_bn;
-
- M_ASN1_INTEGER_free(bs);
- bs=NULL;
-
- M_ASN1_D2I_Finish_2(a);
-
-err_bn:
- i=ERR_R_BN_LIB;
-err:
- ASN1err(ASN1_F_D2I_RSAPUBLICKEY,i);
- if ((ret != NULL) && ((a == NULL) || (*a != ret))) RSA_free(ret);
- if (bs != NULL) M_ASN1_INTEGER_free(bs);
- return(NULL);
- }
-#else /* !NO_RSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/crypto/asn1/d2i_s_pr.c b/crypto/asn1/d2i_s_pr.c
deleted file mode 100644
index 4722b26..0000000
--- a/crypto/asn1/d2i_s_pr.c
+++ /dev/null
@@ -1,106 +0,0 @@
-/* crypto/asn1/d2i_s_pr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
-
-#ifndef NO_DSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-DSA *d2i_DSAPrivateKey(DSA **a, const unsigned char **pp, long length)
- {
- int i=ASN1_R_PARSING;
- ASN1_INTEGER *bs=NULL;
- M_ASN1_D2I_vars(a,DSA *,DSA_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if (bs->length == 0)
- ret->version=0;
- else ret->version=bs->data[0];
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn;
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL) goto err_bn;
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL) goto err_bn;
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->pub_key=BN_bin2bn(bs->data,bs->length,ret->pub_key))
- == NULL) goto err_bn;
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->priv_key=BN_bin2bn(bs->data,bs->length,ret->priv_key))
- == NULL) goto err_bn;
-
- M_ASN1_INTEGER_free(bs);
- bs = NULL;
-
- M_ASN1_D2I_Finish_2(a);
-err_bn:
- i=ERR_R_BN_LIB;
-err:
- ASN1err(ASN1_F_D2I_DSAPRIVATEKEY,i);
- if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_free(ret);
- if (bs != NULL) M_ASN1_INTEGER_free(bs);
- return(NULL);
- }
-#endif
diff --git a/crypto/asn1/d2i_s_pu.c b/crypto/asn1/d2i_s_pu.c
deleted file mode 100644
index 4d1a772..0000000
--- a/crypto/asn1/d2i_s_pu.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* crypto/asn1/d2i_s_pu.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-/* Original version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
-
-#ifndef NO_DSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-#ifndef NO_NEG_PUBKEY_BUG
-#define d2i_ASN1_INTEGER d2i_ASN1_UINTEGER
-#endif
-
-DSA *d2i_DSAPublicKey(DSA **a, const unsigned char **pp, long length)
- {
- int i=ASN1_R_PARSING;
- ASN1_INTEGER *bs=NULL;
- M_ASN1_D2I_vars(a,DSA *,DSA_new);
-
- M_ASN1_D2I_Init();
- if ((length != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED))
- == (V_ASN1_UNIVERSAL|(V_ASN1_INTEGER))))
- {
- c.slen=length;
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->pub_key=BN_bin2bn(bs->data,bs->length,ret->pub_key))
- == NULL)
- goto err_bn;
- ret->write_params=0;
- }
- else
- {
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->pub_key=BN_bin2bn(bs->data,bs->length,ret->pub_key))
- == NULL)
- goto err_bn;
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL)
- goto err_bn;
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL)
- goto err_bn;
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL)
- goto err_bn;
-
- ret->write_params=1;
- }
-
- M_ASN1_INTEGER_free(bs);
- bs=NULL;
- M_ASN1_D2I_Finish_2(a);
-err_bn:
- i=ERR_R_BN_LIB;
-err:
- ASN1err(ASN1_F_D2I_DSAPUBLICKEY,i);
- if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_free(ret);
- if (bs != NULL) M_ASN1_INTEGER_free(bs);
- return(NULL);
- }
-#endif
diff --git a/crypto/asn1/i2d_dhp.c b/crypto/asn1/i2d_dhp.c
deleted file mode 100644
index 68d0c74..0000000
--- a/crypto/asn1/i2d_dhp.c
+++ /dev/null
@@ -1,128 +0,0 @@
-/* crypto/asn1/i2d_dhp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DH
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/dh.h>
-
-int i2d_DHparams(const DH *a, unsigned char **pp)
- {
- BIGNUM *num[3];
- ASN1_INTEGER bs;
- unsigned int j,i,tot=0,len,max=0;
- int t,ret= -1;
- unsigned char *p;
-
- if (a == NULL) return(0);
- num[0]=a->p;
- num[1]=a->g;
- if (a->length != 0)
- {
- if ((num[2]=BN_new()) == NULL) goto err;
- if (!BN_set_word(num[2],a->length)) goto err;
- }
- else
- num[2]=NULL;
-
- for (i=0; i<3; i++)
- {
- if (num[i] == NULL) continue;
- j=BN_num_bits(num[i]);
- len=((j == 0)?0:((j/8)+1));
- if (len > max) max=len;
- len=ASN1_object_size(0,len,
- (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
- tot+=len;
- }
-
- t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
- if (pp == NULL)
- {
- if (num[2] != NULL)
- BN_free(num[2]);
- return(t);
- }
-
- p= *pp;
- ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
- bs.type=V_ASN1_INTEGER;
- bs.data=(unsigned char *)OPENSSL_malloc(max+4);
- if (bs.data == NULL)
- {
- ASN1err(ASN1_F_I2D_DHPARAMS,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- for (i=0; i<3; i++)
- {
- if (num[i] == NULL) continue;
- bs.length=BN_bn2bin(num[i],bs.data);
- i2d_ASN1_INTEGER(&bs,&p);
- }
- OPENSSL_free(bs.data);
- ret=t;
-err:
- if (num[2] != NULL) BN_free(num[2]);
- *pp=p;
- return(ret);
- }
-#endif
diff --git a/crypto/asn1/i2d_dsap.c b/crypto/asn1/i2d_dsap.c
deleted file mode 100644
index 0289579..0000000
--- a/crypto/asn1/i2d_dsap.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/* crypto/asn1/i2d_dsap.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/dsa.h>
-
-int i2d_DSAparams(const DSA *a, unsigned char **pp)
- {
- BIGNUM *num[3];
- ASN1_INTEGER bs;
- unsigned int j,i,tot=0,len,max=0;
- int t,ret= -1;
- unsigned char *p;
-
- if (a == NULL) return(0);
- num[0]=a->p;
- num[1]=a->q;
- num[2]=a->g;
-
- for (i=0; i<3; i++)
- {
- if (num[i] == NULL) continue;
- j=BN_num_bits(num[i]);
- len=((j == 0)?0:((j/8)+1));
- if (len > max) max=len;
- len=ASN1_object_size(0,len,
- (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
- tot+=len;
- }
-
- t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
- if (pp == NULL) return(t);
-
- p= *pp;
- ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
- bs.type=V_ASN1_INTEGER;
- bs.data=(unsigned char *)OPENSSL_malloc(max+4);
- if (bs.data == NULL)
- {
- ASN1err(ASN1_F_I2D_DSAPARAMS,ERR_R_MALLOC_FAILURE);
- goto err;
- }
-
- for (i=0; i<3; i++)
- {
- if (num[i] == NULL) continue;
- bs.length=BN_bn2bin(num[i],bs.data);
- i2d_ASN1_INTEGER(&bs,&p);
- }
- OPENSSL_free(bs.data);
- ret=t;
-err:
- *pp=p;
- return(ret);
- }
-#endif
-
diff --git a/crypto/asn1/i2d_r_pr.c b/crypto/asn1/i2d_r_pr.c
deleted file mode 100644
index 518f4af..0000000
--- a/crypto/asn1/i2d_r_pr.c
+++ /dev/null
@@ -1,133 +0,0 @@
-/* crypto/asn1/i2d_r_pr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-int i2d_RSAPrivateKey(const RSA *a, unsigned char **pp)
- {
- BIGNUM *num[9];
- unsigned char data[1];
- ASN1_INTEGER bs;
- unsigned int j,i,tot,t,len,max=0;
- unsigned char *p;
-
- if (a == NULL) return(0);
-
- num[1]=a->n;
- num[2]=a->e;
- num[3]=a->d;
- num[4]=a->p;
- num[5]=a->q;
- num[6]=a->dmp1;
- num[7]=a->dmq1;
- num[8]=a->iqmp;
-
- bs.length=1;
- bs.data=data;
- bs.type=V_ASN1_INTEGER;
- data[0]=a->version&0x7f;
-
- tot=i2d_ASN1_INTEGER(&(bs),NULL);
- for (i=1; i<9; i++)
- {
- j=BN_num_bits(num[i]);
- len=((j == 0)?0:((j/8)+1));
- if (len > max) max=len;
- len=ASN1_object_size(0,len,
- (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
- tot+=len;
- }
-
- t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
- if (pp == NULL) return(t);
-
- p= *pp;
- ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
- i2d_ASN1_INTEGER(&bs,&p);
-
- bs.data=(unsigned char *)OPENSSL_malloc(max+4);
- if (bs.data == NULL)
- {
- ASN1err(ASN1_F_I2D_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
- return(-1);
- }
-
- for (i=1; i<9; i++)
- {
- bs.length=BN_bn2bin(num[i],bs.data);
- i2d_ASN1_INTEGER(&bs,&p);
- }
- OPENSSL_free(bs.data);
- *pp=p;
- return(t);
- }
-#else /* !NO_RSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
-
diff --git a/crypto/asn1/i2d_r_pu.c b/crypto/asn1/i2d_r_pu.c
deleted file mode 100644
index 4a07ff9..0000000
--- a/crypto/asn1/i2d_r_pu.c
+++ /dev/null
@@ -1,118 +0,0 @@
-/* crypto/asn1/i2d_r_pu.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_RSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/rsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-int i2d_RSAPublicKey(const RSA *a, unsigned char **pp)
- {
- BIGNUM *num[2];
- ASN1_INTEGER bs;
- unsigned int j,i,tot=0,len,max=0,t;
- unsigned char *p;
-
- if (a == NULL) return(0);
-
- num[0]=a->n;
- num[1]=a->e;
-
- for (i=0; i<2; i++)
- {
- j=BN_num_bits(num[i]);
- len=((j == 0)?0:((j/8)+1));
- if (len > max) max=len;
- len=ASN1_object_size(0,len,
- (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
- tot+=len;
- }
-
- t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
- if (pp == NULL) return(t);
-
- p= *pp;
- ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
- bs.type=V_ASN1_INTEGER;
- bs.data=(unsigned char *)OPENSSL_malloc(max+4);
- if (bs.data == NULL)
- {
- ASN1err(ASN1_F_I2D_RSAPUBLICKEY,ERR_R_MALLOC_FAILURE);
- return(-1);
- }
-
- for (i=0; i<2; i++)
- {
- bs.length=BN_bn2bin(num[i],bs.data);
- i2d_ASN1_INTEGER(&bs,&p);
- }
- OPENSSL_free(bs.data);
- *pp=p;
- return(t);
- }
-#else /* !NO_RSA */
-
-# if PEDANTIC
-static void *dummy=&dummy;
-# endif
-
-#endif
diff --git a/crypto/asn1/i2d_s_pr.c b/crypto/asn1/i2d_s_pr.c
deleted file mode 100644
index 124ad98..0000000
--- a/crypto/asn1/i2d_s_pr.c
+++ /dev/null
@@ -1,123 +0,0 @@
-/* crypto/asn1/i2d_s_pr.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-int i2d_DSAPrivateKey(const DSA *a, unsigned char **pp)
- {
- BIGNUM *num[6];
- unsigned char data[1];
- ASN1_INTEGER bs;
- unsigned int j,i,tot,t,len,max=0;
- unsigned char *p;
-
- if (a == NULL) return(0);
-
- num[1]=a->p;
- num[2]=a->q;
- num[3]=a->g;
- num[4]=a->pub_key;
- num[5]=a->priv_key;
-
- bs.length=1;
- bs.data=data;
- bs.type=V_ASN1_INTEGER;
- data[0]=a->version&0x7f;
-
- tot=i2d_ASN1_INTEGER(&(bs),NULL);
- for (i=1; i<6; i++)
- {
- j=BN_num_bits(num[i]);
- len=((j == 0)?0:((j/8)+1));
- if (len > max) max=len;
- len=ASN1_object_size(0,len,
- (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
- tot+=len;
- }
-
- t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
- if (pp == NULL) return(t);
-
- p= *pp;
- ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
- i2d_ASN1_INTEGER(&bs,&p);
-
- bs.data=(unsigned char *)OPENSSL_malloc(max+4);
- if (bs.data == NULL)
- {
- ASN1err(ASN1_F_I2D_DSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
- return(-1);
- }
-
- for (i=1; i<6; i++)
- {
- bs.length=BN_bn2bin(num[i],bs.data);
- i2d_ASN1_INTEGER(&bs,&p);
- }
- OPENSSL_free(bs.data);
- *pp=p;
- return(t);
- }
-#endif
diff --git a/crypto/asn1/i2d_s_pu.c b/crypto/asn1/i2d_s_pu.c
deleted file mode 100644
index 96e9ff5..0000000
--- a/crypto/asn1/i2d_s_pu.c
+++ /dev/null
@@ -1,129 +0,0 @@
-/* crypto/asn1/i2d_s_pu.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#ifndef NO_DSA
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/bn.h>
-#include <openssl/dsa.h>
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
-
-int i2d_DSAPublicKey(const DSA *a, unsigned char **pp)
- {
- BIGNUM *num[4];
- ASN1_INTEGER bs;
- unsigned int j,i,tot=0,len,max=0,t=0,all,n=1;
- unsigned char *p;
-
- if (a == NULL) return(0);
-
- all=a->write_params;
-
- num[0]=a->pub_key;
- if (all)
- {
- num[1]=a->p;
- num[2]=a->q;
- num[3]=a->g;
- n=4;
- }
-
- for (i=0; i<n; i++)
- {
- j=BN_num_bits(num[i]);
- len=((j == 0)?0:((j/8)+1));
- if (len > max) max=len;
- len=ASN1_object_size(0,len,
- (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
- tot+=len;
- }
-
- if (all)
- {
- t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
- if (pp == NULL) return(t);
- }
- else
- {
- if (pp == NULL) return(tot);
- }
-
- p= *pp;
- if (all)
- ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
- bs.type=V_ASN1_INTEGER;
- bs.data=(unsigned char *)OPENSSL_malloc(max+4);
- if (bs.data == NULL)
- {
- ASN1err(ASN1_F_I2D_DSAPUBLICKEY,ERR_R_MALLOC_FAILURE);
- return(-1);
- }
-
- for (i=0; i<n; i++)
- {
- bs.length=BN_bn2bin(num[i],bs.data);
- i2d_ASN1_INTEGER(&bs,&p);
- }
- OPENSSL_free(bs.data);
- *pp=p;
- if(all) return(t);
- else return(tot);
- }
-#endif
diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c
index b091eac..82a6212 100644
--- a/crypto/asn1/n_pkey.c
+++ b/crypto/asn1/n_pkey.c
@@ -61,6 +61,7 @@
#include "cryptlib.h"
#include <openssl/rsa.h>
#include <openssl/objects.h>
+#include <openssl/asn1t.h>
#include <openssl/asn1_mac.h>
#include <openssl/evp.h>
#include <openssl/x509.h>
@@ -70,15 +71,39 @@
typedef struct netscape_pkey_st
{
- ASN1_INTEGER *version;
+ long version;
X509_ALGOR *algor;
ASN1_OCTET_STRING *private_key;
} NETSCAPE_PKEY;
-static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp);
-static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a,unsigned char **pp, long length);
-static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void);
-static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *);
+typedef struct netscape_encrypted_pkey_st
+ {
+ ASN1_OCTET_STRING *os;
+ /* This is the same structure as DigestInfo so use it:
+ * although this isn't really anything to do with
+ * digests.
+ */
+ X509_SIG *enckey;
+ } NETSCAPE_ENCRYPTED_PKEY;
+
+
+ASN1_BROKEN_SEQUENCE(NETSCAPE_ENCRYPTED_PKEY) = {
+ ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY, os, ASN1_OCTET_STRING),
+ ASN1_SIMPLE(NETSCAPE_ENCRYPTED_PKEY, enckey, X509_SIG)
+} ASN1_BROKEN_SEQUENCE_END(NETSCAPE_ENCRYPTED_PKEY);
+
+IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_ENCRYPTED_PKEY)
+
+ASN1_SEQUENCE(NETSCAPE_PKEY) = {
+ ASN1_SIMPLE(NETSCAPE_PKEY, version, LONG),
+ ASN1_SIMPLE(NETSCAPE_PKEY, algor, X509_ALGOR),
+ ASN1_SIMPLE(NETSCAPE_PKEY, private_key, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(NETSCAPE_PKEY);
+
+IMPLEMENT_ASN1_FUNCTIONS_const(NETSCAPE_PKEY)
+
+static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
+ int (*cb)(), int sgckey);
int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)())
{
@@ -87,79 +112,78 @@
int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey)
{
- int i,j,l[6];
- NETSCAPE_PKEY *pkey;
+ int i, j, ret = 0;
+ int rsalen, pkeylen, olen;
+ NETSCAPE_PKEY *pkey = NULL;
+ NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
unsigned char buf[256],*zz;
unsigned char key[EVP_MAX_KEY_LENGTH];
EVP_CIPHER_CTX ctx;
- X509_ALGOR *alg=NULL;
- ASN1_OCTET_STRING os,os2;
- M_ASN1_I2D_vars(a);
if (a == NULL) return(0);
-#ifdef WIN32
- r=r; /* shut the damn compiler up :-) */
-#endif
-
- os.data=os2.data=NULL;
if ((pkey=NETSCAPE_PKEY_new()) == NULL) goto err;
- if (!ASN1_INTEGER_set(pkey->version,0)) goto err;
+ if ((enckey=NETSCAPE_ENCRYPTED_PKEY_new()) == NULL) goto err;
+ pkey->version = 0;
- if (pkey->algor->algorithm != NULL)
- ASN1_OBJECT_free(pkey->algor->algorithm);
pkey->algor->algorithm=OBJ_nid2obj(NID_rsaEncryption);
if ((pkey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err;
pkey->algor->parameter->type=V_ASN1_NULL;
- l[0]=i2d_RSAPrivateKey(a,NULL);
- pkey->private_key->length=l[0];
+ rsalen = i2d_RSAPrivateKey(a, NULL);
- os2.length=i2d_NETSCAPE_PKEY(pkey,NULL);
- l[1]=i2d_ASN1_OCTET_STRING(&os2,NULL);
+ /* Fake some octet strings just for the initial length
+ * calculation.
+ */
- if ((alg=X509_ALGOR_new()) == NULL) goto err;
- if (alg->algorithm != NULL)
- ASN1_OBJECT_free(alg->algorithm);
- alg->algorithm=OBJ_nid2obj(NID_rc4);
- if ((alg->parameter=ASN1_TYPE_new()) == NULL) goto err;
- alg->parameter->type=V_ASN1_NULL;
+ pkey->private_key->length=rsalen;
- l[2]=i2d_X509_ALGOR(alg,NULL);
- l[3]=ASN1_object_size(1,l[2]+l[1],V_ASN1_SEQUENCE);
+ pkeylen=i2d_NETSCAPE_PKEY(pkey,NULL);
-#ifndef CONST_STRICT
- os.data=(unsigned char *)"private-key";
-#endif
- os.length=11;
- l[4]=i2d_ASN1_OCTET_STRING(&os,NULL);
+ enckey->enckey->digest->length = pkeylen;
- l[5]=ASN1_object_size(1,l[4]+l[3],V_ASN1_SEQUENCE);
+ enckey->os->length = 11; /* "private-key" */
+
+ enckey->enckey->algor->algorithm=OBJ_nid2obj(NID_rc4);
+ if ((enckey->enckey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err;
+ enckey->enckey->algor->parameter->type=V_ASN1_NULL;
if (pp == NULL)
{
- if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
- if (alg != NULL) X509_ALGOR_free(alg);
- return(l[5]);
+ olen = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, NULL);
+ NETSCAPE_PKEY_free(pkey);
+ NETSCAPE_ENCRYPTED_PKEY_free(enckey);
+ return olen;
}
- if (pkey->private_key->data != NULL)
- OPENSSL_free(pkey->private_key->data);
- if ((pkey->private_key->data=(unsigned char *)OPENSSL_malloc(l[0])) == NULL)
+
+ /* Since its RC4 encrypted length is actual length */
+ if ((zz=(unsigned char *)OPENSSL_malloc(rsalen)) == NULL)
{
ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
goto err;
}
- zz=pkey->private_key->data;
+
+ pkey->private_key->data = zz;
+ /* Write out private key encoding */
i2d_RSAPrivateKey(a,&zz);
- if ((os2.data=(unsigned char *)OPENSSL_malloc(os2.length)) == NULL)
+ if ((zz=OPENSSL_malloc(pkeylen)) == NULL)
{
ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
goto err;
}
- zz=os2.data;
+
+ if (!ASN1_STRING_set(enckey->os, "private-key", -1))
+ {
+ ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ enckey->enckey->digest->data = zz;
i2d_NETSCAPE_PKEY(pkey,&zz);
+
+ /* Wipe the private key encoding */
+ memset(pkey->private_key->data, 0, rsalen);
if (cb == NULL)
cb=EVP_read_pw_string;
@@ -171,7 +195,7 @@
}
i = strlen((char *)buf);
/* If the key is used for SGC the algorithm is modified a little. */
- if(sgckey){
+ if(sgckey) {
EVP_MD_CTX mctx;
EVP_DigestInit(&mctx, EVP_md5());
EVP_DigestUpdate(&mctx, buf, i);
@@ -183,24 +207,18 @@
EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,i,1,key,NULL);
memset(buf,0,256);
+ /* Encrypt private key in place */
+ zz = enckey->enckey->digest->data;
EVP_CIPHER_CTX_init(&ctx);
EVP_EncryptInit(&ctx,EVP_rc4(),key,NULL);
- EVP_EncryptUpdate(&ctx,os2.data,&i,os2.data,os2.length);
- EVP_EncryptFinal(&ctx,&(os2.data[i]),&j);
+ EVP_EncryptUpdate(&ctx,zz,&i,zz,pkeylen);
+ EVP_EncryptFinal(&ctx,zz + i,&j);
EVP_CIPHER_CTX_cleanup(&ctx);
- p= *pp;
- ASN1_put_object(&p,1,l[4]+l[3],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
- i2d_ASN1_OCTET_STRING(&os,&p);
- ASN1_put_object(&p,1,l[2]+l[1],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
- i2d_X509_ALGOR(alg,&p);
- i2d_ASN1_OCTET_STRING(&os2,&p);
- ret=l[5];
+ ret = i2d_NETSCAPE_ENCRYPTED_PKEY(enckey, pp);
err:
- if (os2.data != NULL) OPENSSL_free(os2.data);
- if (alg != NULL) X509_ALGOR_free(alg);
- if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
- r=r;
+ NETSCAPE_ENCRYPTED_PKEY_free(enckey);
+ NETSCAPE_PKEY_free(pkey);
return(ret);
}
@@ -213,68 +231,53 @@
RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey)
{
RSA *ret=NULL;
- ASN1_OCTET_STRING *os=NULL;
- ASN1_CTX c;
+ const unsigned char *p, *kp;
+ NETSCAPE_ENCRYPTED_PKEY *enckey = NULL;
- c.pp=(unsigned char **)pp; /* TMP UGLY CAST */
- c.error=ASN1_R_DECODING_ERROR;
+ p = *pp;
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING);
- if ((os->length != 11) || (strncmp("private-key",
- (char *)os->data,os->length) != 0))
- {
- ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_PRIVATE_KEY_HEADER_MISSING);
- M_ASN1_BIT_STRING_free(os);
- goto err;
- }
- M_ASN1_BIT_STRING_free(os);
- c.q=c.p;
- if ((ret=d2i_RSA_NET_2(a,(const unsigned char **)&c.p, /* TMP UGLY CAST */
- c.slen,cb, sgckey)) == NULL) goto err;
- /* Note: some versions of IIS key files use length values that are
- * too small for the surrounding SEQUENCEs. This following line
- * effectively disable length checking.
- */
- c.slen = 0;
-
- M_ASN1_D2I_Finish(a,RSA_free,ASN1_F_D2I_NETSCAPE_RSA);
+ enckey = d2i_NETSCAPE_ENCRYPTED_PKEY(NULL, &p, length);
+ if(!enckey) {
+ ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_DECODING_ERROR);
+ return NULL;
}
-RSA *d2i_Netscape_RSA_2(RSA **a, const unsigned char **pp, long length,
- int (*cb)())
-{
- return d2i_RSA_NET_2(a, pp, length, cb, 0);
-}
+ if ((enckey->os->length != 11) || (strncmp("private-key",
+ (char *)enckey->os->data,11) != 0))
+ {
+ ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_PRIVATE_KEY_HEADER_MISSING);
+ NETSCAPE_ENCRYPTED_PKEY_free(enckey);
+ return NULL;
+ }
+ if (OBJ_obj2nid(enckey->enckey->algor->algorithm) != NID_rc4)
+ {
+ ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
+ goto err;
+ }
+ kp = enckey->enckey->digest->data;
+ if (cb == NULL)
+ cb=EVP_read_pw_string;
+ if ((ret=d2i_RSA_NET_2(a, enckey->enckey->digest,cb, sgckey)) == NULL) goto err;
-RSA *d2i_RSA_NET_2(RSA **a, const unsigned char **pp, long length,
+ *pp = p;
+
+ err:
+ NETSCAPE_ENCRYPTED_PKEY_free(enckey);
+ return ret;
+
+ }
+
+static RSA *d2i_RSA_NET_2(RSA **a, ASN1_OCTET_STRING *os,
int (*cb)(), int sgckey)
{
NETSCAPE_PKEY *pkey=NULL;
RSA *ret=NULL;
int i,j;
- unsigned char buf[256],*zz;
+ unsigned char buf[256];
+ const unsigned char *zz;
unsigned char key[EVP_MAX_KEY_LENGTH];
EVP_CIPHER_CTX ctx;
- X509_ALGOR *alg=NULL;
- ASN1_OCTET_STRING *os=NULL;
- ASN1_CTX c;
- c.error=ERR_R_NESTED_ASN1_ERROR;
- c.pp=(unsigned char **)pp;
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(alg,d2i_X509_ALGOR);
- if (OBJ_obj2nid(alg->algorithm) != NID_rc4)
- {
- ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
- goto err;
- }
- M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING);
- if (cb == NULL)
- cb=EVP_read_pw_string;
i=cb(buf,256,"Enter Private Key password:",0);
if (i != 0)
{
@@ -311,74 +314,16 @@
}
zz=pkey->private_key->data;
- if ((ret=d2i_RSAPrivateKey(a,(const unsigned char **)&zz, /* TMP UGLY CAST */
- pkey->private_key->length)) == NULL)
+ if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL)
{
ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY);
goto err;
}
- if (!asn1_Finish(&c)) goto err;
- *pp=c.p;
err:
- if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
- if (os != NULL) M_ASN1_BIT_STRING_free(os);
- if (alg != NULL) X509_ALGOR_free(alg);
+ NETSCAPE_PKEY_free(pkey);
return(ret);
}
-static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
-
- M_ASN1_I2D_len(a->version, i2d_ASN1_INTEGER);
- M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR);
- M_ASN1_I2D_len(a->private_key, i2d_ASN1_OCTET_STRING);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->version, i2d_ASN1_INTEGER);
- M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR);
- M_ASN1_I2D_put(a->private_key, i2d_ASN1_OCTET_STRING);
-
- M_ASN1_I2D_finish();
- }
-
-static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a, unsigned char **pp,
- long length)
- {
- M_ASN1_D2I_vars(a,NETSCAPE_PKEY *,NETSCAPE_PKEY_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
- M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
- M_ASN1_D2I_get(ret->private_key,d2i_ASN1_OCTET_STRING);
- M_ASN1_D2I_Finish(a,NETSCAPE_PKEY_free,ASN1_F_D2I_NETSCAPE_PKEY);
- }
-
-static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void)
- {
- NETSCAPE_PKEY *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,NETSCAPE_PKEY);
- M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
- M_ASN1_New(ret->algor,X509_ALGOR_new);
- M_ASN1_New(ret->private_key,M_ASN1_OCTET_STRING_new);
- return(ret);
- M_ASN1_New_Error(ASN1_F_NETSCAPE_PKEY_NEW);
- }
-
-static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *a)
- {
- if (a == NULL) return;
- M_ASN1_INTEGER_free(a->version);
- X509_ALGOR_free(a->algor);
- M_ASN1_OCTET_STRING_free(a->private_key);
- OPENSSL_free(a);
- }
-
#endif /* NO_RC4 */
#else /* !NO_RSA */
diff --git a/crypto/asn1/nsseq.c b/crypto/asn1/nsseq.c
index 6e7f09b..36e5dce 100644
--- a/crypto/asn1/nsseq.c
+++ b/crypto/asn1/nsseq.c
@@ -58,61 +58,25 @@
#include <stdio.h>
#include <stdlib.h>
-#include <openssl/asn1_mac.h>
-#include <openssl/err.h>
+#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/objects.h>
+static int nsseq_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ if(operation == ASN1_OP_NEW_POST) {
+ NETSCAPE_CERT_SEQUENCE *nsseq;
+ nsseq = (NETSCAPE_CERT_SEQUENCE *)*pval;
+ nsseq->type = OBJ_nid2obj(NID_netscape_cert_sequence);
+ }
+ return 1;
+}
+
/* Netscape certificate sequence structure */
-int i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **pp)
-{
- int v = 0;
- M_ASN1_I2D_vars(a);
- M_ASN1_I2D_len (a->type, i2d_ASN1_OBJECT);
- M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(X509,a->certs,i2d_X509,0,
- V_ASN1_SEQUENCE,v);
+ASN1_SEQUENCE_cb(NETSCAPE_CERT_SEQUENCE, nsseq_cb) = {
+ ASN1_SIMPLE(NETSCAPE_CERT_SEQUENCE, type, ASN1_OBJECT),
+ ASN1_EXP_SEQUENCE_OF_OPT(NETSCAPE_CERT_SEQUENCE, certs, X509, 0)
+} ASN1_SEQUENCE_END_cb(NETSCAPE_CERT_SEQUENCE, NETSCAPE_CERT_SEQUENCE);
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put (a->type, i2d_ASN1_OBJECT);
- M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(X509,a->certs,i2d_X509,0,
- V_ASN1_SEQUENCE,v);
-
- M_ASN1_I2D_finish();
-}
-
-NETSCAPE_CERT_SEQUENCE *NETSCAPE_CERT_SEQUENCE_new(void)
-{
- NETSCAPE_CERT_SEQUENCE *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, NETSCAPE_CERT_SEQUENCE);
- /* Note hardcoded object type */
- ret->type = OBJ_nid2obj(NID_netscape_cert_sequence);
- ret->certs = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_NETSCAPE_CERT_SEQUENCE_NEW);
-}
-
-NETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a,
- unsigned char **pp, long length)
-{
- M_ASN1_D2I_vars(a,NETSCAPE_CERT_SEQUENCE *,
- NETSCAPE_CERT_SEQUENCE_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get (ret->type, d2i_ASN1_OBJECT);
- M_ASN1_D2I_get_EXP_set_opt_type(X509,ret->certs,d2i_X509,X509_free,0,
- V_ASN1_SEQUENCE);
- M_ASN1_D2I_Finish(a, NETSCAPE_CERT_SEQUENCE_free,
- ASN1_F_D2I_NETSCAPE_CERT_SEQUENCE);
-}
-
-void NETSCAPE_CERT_SEQUENCE_free (NETSCAPE_CERT_SEQUENCE *a)
-{
- if (a == NULL) return;
- ASN1_OBJECT_free(a->type);
- if(a->certs)
- sk_X509_pop_free(a->certs, X509_free);
- OPENSSL_free (a);
-}
+IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE)
diff --git a/crypto/asn1/p5_pbe.c b/crypto/asn1/p5_pbe.c
index b7ed538..eedeb9e 100644
--- a/crypto/asn1/p5_pbe.c
+++ b/crypto/asn1/p5_pbe.c
@@ -58,53 +58,18 @@
#include <stdio.h>
#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/rand.h>
/* PKCS#5 password based encryption structure */
-int i2d_PBEPARAM(PBEPARAM *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
- M_ASN1_I2D_len (a->salt, i2d_ASN1_OCTET_STRING);
- M_ASN1_I2D_len (a->iter, i2d_ASN1_INTEGER);
+ASN1_SEQUENCE(PBEPARAM) = {
+ ASN1_SIMPLE(PBEPARAM, salt, ASN1_OCTET_STRING),
+ ASN1_SIMPLE(PBEPARAM, iter, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(PBEPARAM);
- M_ASN1_I2D_seq_total ();
-
- M_ASN1_I2D_put (a->salt, i2d_ASN1_OCTET_STRING);
- M_ASN1_I2D_put (a->iter, i2d_ASN1_INTEGER);
- M_ASN1_I2D_finish();
-}
-
-PBEPARAM *PBEPARAM_new(void)
-{
- PBEPARAM *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, PBEPARAM);
- M_ASN1_New(ret->iter,M_ASN1_INTEGER_new);
- M_ASN1_New(ret->salt,M_ASN1_OCTET_STRING_new);
- return (ret);
- M_ASN1_New_Error(ASN1_F_PBEPARAM_NEW);
-}
-
-PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, unsigned char **pp, long length)
-{
- M_ASN1_D2I_vars(a,PBEPARAM *,PBEPARAM_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get (ret->salt, d2i_ASN1_OCTET_STRING);
- M_ASN1_D2I_get (ret->iter, d2i_ASN1_INTEGER);
- M_ASN1_D2I_Finish(a, PBEPARAM_free, ASN1_F_D2I_PBEPARAM);
-}
-
-void PBEPARAM_free (PBEPARAM *a)
-{
- if(a==NULL) return;
- M_ASN1_OCTET_STRING_free(a->salt);
- M_ASN1_INTEGER_free (a->iter);
- OPENSSL_free (a);
-}
+IMPLEMENT_ASN1_FUNCTIONS(PBEPARAM)
/* Return an algorithm identifier for a PKCS#5 PBE algorithm */
diff --git a/crypto/asn1/p5_pbev2.c b/crypto/asn1/p5_pbev2.c
index 6a7b578..82526f3 100644
--- a/crypto/asn1/p5_pbev2.c
+++ b/crypto/asn1/p5_pbev2.c
@@ -58,108 +58,27 @@
#include <stdio.h>
#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/rand.h>
/* PKCS#5 v2.0 password based encryption structures */
-int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
- M_ASN1_I2D_len (a->keyfunc, i2d_X509_ALGOR);
- M_ASN1_I2D_len (a->encryption, i2d_X509_ALGOR);
+ASN1_SEQUENCE(PBE2PARAM) = {
+ ASN1_SIMPLE(PBE2PARAM, keyfunc, X509_ALGOR),
+ ASN1_SIMPLE(PBE2PARAM, encryption, X509_ALGOR)
+} ASN1_SEQUENCE_END(PBE2PARAM);
- M_ASN1_I2D_seq_total ();
+IMPLEMENT_ASN1_FUNCTIONS(PBE2PARAM)
- M_ASN1_I2D_put (a->keyfunc, i2d_X509_ALGOR);
- M_ASN1_I2D_put (a->encryption, i2d_X509_ALGOR);
+ASN1_SEQUENCE(PBKDF2PARAM) = {
+ ASN1_SIMPLE(PBKDF2PARAM, salt, ASN1_ANY),
+ ASN1_SIMPLE(PBKDF2PARAM, iter, ASN1_INTEGER),
+ ASN1_OPT(PBKDF2PARAM, keylength, ASN1_INTEGER),
+ ASN1_OPT(PBKDF2PARAM, prf, X509_ALGOR)
+} ASN1_SEQUENCE_END(PBKDF2PARAM);
- M_ASN1_I2D_finish();
-}
-
-PBE2PARAM *PBE2PARAM_new(void)
-{
- PBE2PARAM *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, PBE2PARAM);
- M_ASN1_New(ret->keyfunc,X509_ALGOR_new);
- M_ASN1_New(ret->encryption,X509_ALGOR_new);
- return (ret);
- M_ASN1_New_Error(ASN1_F_PBE2PARAM_NEW);
-}
-
-PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, unsigned char **pp, long length)
-{
- M_ASN1_D2I_vars(a,PBE2PARAM *,PBE2PARAM_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get (ret->keyfunc, d2i_X509_ALGOR);
- M_ASN1_D2I_get (ret->encryption, d2i_X509_ALGOR);
- M_ASN1_D2I_Finish(a, PBE2PARAM_free, ASN1_F_D2I_PBE2PARAM);
-}
-
-void PBE2PARAM_free (PBE2PARAM *a)
-{
- if(a==NULL) return;
- X509_ALGOR_free(a->keyfunc);
- X509_ALGOR_free(a->encryption);
- OPENSSL_free (a);
-}
-
-int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
- M_ASN1_I2D_len (a->salt, i2d_ASN1_TYPE);
- M_ASN1_I2D_len (a->iter, i2d_ASN1_INTEGER);
- M_ASN1_I2D_len (a->keylength, i2d_ASN1_INTEGER);
- M_ASN1_I2D_len (a->prf, i2d_X509_ALGOR);
-
- M_ASN1_I2D_seq_total ();
-
- M_ASN1_I2D_put (a->salt, i2d_ASN1_TYPE);
- M_ASN1_I2D_put (a->iter, i2d_ASN1_INTEGER);
- M_ASN1_I2D_put (a->keylength, i2d_ASN1_INTEGER);
- M_ASN1_I2D_put (a->prf, i2d_X509_ALGOR);
-
- M_ASN1_I2D_finish();
-}
-
-PBKDF2PARAM *PBKDF2PARAM_new(void)
-{
- PBKDF2PARAM *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, PBKDF2PARAM);
- M_ASN1_New(ret->salt, ASN1_TYPE_new);
- M_ASN1_New(ret->iter, M_ASN1_INTEGER_new);
- ret->keylength = NULL;
- ret->prf = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_PBKDF2PARAM_NEW);
-}
-
-PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, unsigned char **pp,
- long length)
-{
- M_ASN1_D2I_vars(a,PBKDF2PARAM *,PBKDF2PARAM_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get (ret->salt, d2i_ASN1_TYPE);
- M_ASN1_D2I_get (ret->iter, d2i_ASN1_INTEGER);
- M_ASN1_D2I_get_opt (ret->keylength, d2i_ASN1_INTEGER, V_ASN1_INTEGER);
- M_ASN1_D2I_get_opt (ret->prf, d2i_X509_ALGOR, V_ASN1_SEQUENCE);
- M_ASN1_D2I_Finish(a, PBKDF2PARAM_free, ASN1_F_D2I_PBKDF2PARAM);
-}
-
-void PBKDF2PARAM_free (PBKDF2PARAM *a)
-{
- if(a==NULL) return;
- ASN1_TYPE_free(a->salt);
- M_ASN1_INTEGER_free(a->iter);
- M_ASN1_INTEGER_free(a->keylength);
- X509_ALGOR_free(a->prf);
- OPENSSL_free (a);
-}
+IMPLEMENT_ASN1_FUNCTIONS(PBKDF2PARAM)
/* Return an algorithm identifier for a PKCS#5 v2.0 PBE algorithm:
* yes I know this is horrible!
diff --git a/crypto/asn1/p7_dgst.c b/crypto/asn1/p7_dgst.c
deleted file mode 100644
index c170244..0000000
--- a/crypto/asn1/p7_dgst.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/* crypto/asn1/p7_dgst.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_DIGEST(PKCS7_DIGEST *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
- M_ASN1_I2D_len(a->md,i2d_X509_ALGOR);
- M_ASN1_I2D_len(a->contents,i2d_PKCS7);
- M_ASN1_I2D_len(a->digest,i2d_ASN1_OCTET_STRING);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
- M_ASN1_I2D_put(a->md,i2d_X509_ALGOR);
- M_ASN1_I2D_put(a->contents,i2d_PKCS7);
- M_ASN1_I2D_put(a->digest,i2d_ASN1_OCTET_STRING);
-
- M_ASN1_I2D_finish();
- }
-
-PKCS7_DIGEST *d2i_PKCS7_DIGEST(PKCS7_DIGEST **a, unsigned char **pp,
- long length)
- {
- M_ASN1_D2I_vars(a,PKCS7_DIGEST *,PKCS7_DIGEST_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
- M_ASN1_D2I_get(ret->md,d2i_X509_ALGOR);
- M_ASN1_D2I_get(ret->contents,d2i_PKCS7);
- M_ASN1_D2I_get(ret->digest,d2i_ASN1_OCTET_STRING);
-
- M_ASN1_D2I_Finish(a,PKCS7_DIGEST_free,ASN1_F_D2I_PKCS7_DIGEST);
- }
-
-PKCS7_DIGEST *PKCS7_DIGEST_new(void)
- {
- PKCS7_DIGEST *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,PKCS7_DIGEST);
- M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
- M_ASN1_New(ret->md,X509_ALGOR_new);
- M_ASN1_New(ret->contents,PKCS7_new);
- M_ASN1_New(ret->digest,M_ASN1_OCTET_STRING_new);
- return(ret);
- M_ASN1_New_Error(ASN1_F_PKCS7_DIGEST_NEW);
- }
-
-void PKCS7_DIGEST_free(PKCS7_DIGEST *a)
- {
- if (a == NULL) return;
- M_ASN1_INTEGER_free(a->version);
- X509_ALGOR_free(a->md);
- PKCS7_free(a->contents);
- M_ASN1_OCTET_STRING_free(a->digest);
- OPENSSL_free(a);
- }
-
diff --git a/crypto/asn1/p7_enc.c b/crypto/asn1/p7_enc.c
deleted file mode 100644
index 38ccafb..0000000
--- a/crypto/asn1/p7_enc.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/asn1/p7_enc.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_ENCRYPT(PKCS7_ENCRYPT *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
- M_ASN1_I2D_len(a->enc_data,i2d_PKCS7_ENC_CONTENT);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
- M_ASN1_I2D_put(a->enc_data,i2d_PKCS7_ENC_CONTENT);
-
- M_ASN1_I2D_finish();
- }
-
-PKCS7_ENCRYPT *d2i_PKCS7_ENCRYPT(PKCS7_ENCRYPT **a, unsigned char **pp,
- long length)
- {
- M_ASN1_D2I_vars(a,PKCS7_ENCRYPT *,PKCS7_ENCRYPT_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
- M_ASN1_D2I_get(ret->enc_data,d2i_PKCS7_ENC_CONTENT);
-
- M_ASN1_D2I_Finish(a,PKCS7_ENCRYPT_free,ASN1_F_D2I_PKCS7_ENCRYPT);
- }
-
-PKCS7_ENCRYPT *PKCS7_ENCRYPT_new(void)
- {
- PKCS7_ENCRYPT *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,PKCS7_ENCRYPT);
- M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
- M_ASN1_New(ret->enc_data,PKCS7_ENC_CONTENT_new);
- return(ret);
- M_ASN1_New_Error(ASN1_F_PKCS7_ENCRYPT_NEW);
- }
-
-void PKCS7_ENCRYPT_free(PKCS7_ENCRYPT *a)
- {
- if (a == NULL) return;
- M_ASN1_INTEGER_free(a->version);
- PKCS7_ENC_CONTENT_free(a->enc_data);
- OPENSSL_free(a);
- }
-
diff --git a/crypto/asn1/p7_enc_c.c b/crypto/asn1/p7_enc_c.c
deleted file mode 100644
index 031178a..0000000
--- a/crypto/asn1/p7_enc_c.c
+++ /dev/null
@@ -1,120 +0,0 @@
-/* crypto/asn1/p7_enc_c.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->content_type,i2d_ASN1_OBJECT);
- M_ASN1_I2D_len(a->algorithm,i2d_X509_ALGOR);
- M_ASN1_I2D_len_IMP_opt(a->enc_data,i2d_ASN1_OCTET_STRING);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->content_type,i2d_ASN1_OBJECT);
- M_ASN1_I2D_put(a->algorithm,i2d_X509_ALGOR);
- M_ASN1_I2D_put_IMP_opt(a->enc_data,i2d_ASN1_OCTET_STRING,0);
-
- M_ASN1_I2D_finish();
- }
-
-PKCS7_ENC_CONTENT *d2i_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT **a,
- unsigned char **pp, long length)
- {
- M_ASN1_D2I_vars(a,PKCS7_ENC_CONTENT *,PKCS7_ENC_CONTENT_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->content_type,d2i_ASN1_OBJECT);
- M_ASN1_D2I_get(ret->algorithm,d2i_X509_ALGOR);
- M_ASN1_D2I_get_IMP_opt(ret->enc_data,d2i_ASN1_OCTET_STRING,0,
- V_ASN1_OCTET_STRING);
-
- M_ASN1_D2I_Finish(a,PKCS7_ENC_CONTENT_free,
- ASN1_F_D2I_PKCS7_ENC_CONTENT);
- }
-
-PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new(void)
- {
- PKCS7_ENC_CONTENT *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,PKCS7_ENC_CONTENT);
- /* M_ASN1_New(ret->content_type,ASN1_OBJECT_new); */
- /* We will almost always want this: so make it the default */
- ret->content_type=OBJ_nid2obj(NID_pkcs7_data);
- M_ASN1_New(ret->algorithm,X509_ALGOR_new);
- ret->enc_data=NULL;
- return(ret);
- M_ASN1_New_Error(ASN1_F_PKCS7_ENC_CONTENT_NEW);
- }
-
-void PKCS7_ENC_CONTENT_free(PKCS7_ENC_CONTENT *a)
- {
- if (a == NULL) return;
- ASN1_OBJECT_free(a->content_type);
- X509_ALGOR_free(a->algorithm);
- M_ASN1_OCTET_STRING_free(a->enc_data);
- OPENSSL_free(a);
- }
-
diff --git a/crypto/asn1/p7_evp.c b/crypto/asn1/p7_evp.c
deleted file mode 100644
index 60be3e5..0000000
--- a/crypto/asn1/p7_evp.c
+++ /dev/null
@@ -1,119 +0,0 @@
-/* crypto/asn1/p7_evp.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_ENVELOPE(PKCS7_ENVELOPE *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
- M_ASN1_I2D_len_SET_type(PKCS7_RECIP_INFO,a->recipientinfo,
- i2d_PKCS7_RECIP_INFO);
- M_ASN1_I2D_len(a->enc_data,i2d_PKCS7_ENC_CONTENT);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
- M_ASN1_I2D_put_SET_type(PKCS7_RECIP_INFO,a->recipientinfo,
- i2d_PKCS7_RECIP_INFO);
- M_ASN1_I2D_put(a->enc_data,i2d_PKCS7_ENC_CONTENT);
-
- M_ASN1_I2D_finish();
- }
-
-PKCS7_ENVELOPE *d2i_PKCS7_ENVELOPE(PKCS7_ENVELOPE **a, unsigned char **pp,
- long length)
- {
- M_ASN1_D2I_vars(a,PKCS7_ENVELOPE *,PKCS7_ENVELOPE_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
- M_ASN1_D2I_get_set_type(PKCS7_RECIP_INFO,ret->recipientinfo,
- d2i_PKCS7_RECIP_INFO,PKCS7_RECIP_INFO_free);
- M_ASN1_D2I_get(ret->enc_data,d2i_PKCS7_ENC_CONTENT);
-
- M_ASN1_D2I_Finish(a,PKCS7_ENVELOPE_free,ASN1_F_D2I_PKCS7_ENVELOPE);
- }
-
-PKCS7_ENVELOPE *PKCS7_ENVELOPE_new(void)
- {
- PKCS7_ENVELOPE *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,PKCS7_ENVELOPE);
- M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
- M_ASN1_New(ret->recipientinfo,sk_PKCS7_RECIP_INFO_new_null);
- M_ASN1_New(ret->enc_data,PKCS7_ENC_CONTENT_new);
- return(ret);
- M_ASN1_New_Error(ASN1_F_PKCS7_ENVELOPE_NEW);
- }
-
-void PKCS7_ENVELOPE_free(PKCS7_ENVELOPE *a)
- {
- if (a == NULL) return;
- M_ASN1_INTEGER_free(a->version);
- sk_PKCS7_RECIP_INFO_pop_free(a->recipientinfo,PKCS7_RECIP_INFO_free);
- PKCS7_ENC_CONTENT_free(a->enc_data);
- OPENSSL_free(a);
- }
-
diff --git a/crypto/asn1/p7_i_s.c b/crypto/asn1/p7_i_s.c
deleted file mode 100644
index 4a7260a..0000000
--- a/crypto/asn1/p7_i_s.c
+++ /dev/null
@@ -1,111 +0,0 @@
-/* crypto/asn1/p7_i_s.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_ISSUER_AND_SERIAL(PKCS7_ISSUER_AND_SERIAL *a,
- unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->issuer,i2d_X509_NAME);
- M_ASN1_I2D_len(a->serial,i2d_ASN1_INTEGER);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->issuer,i2d_X509_NAME);
- M_ASN1_I2D_put(a->serial,i2d_ASN1_INTEGER);
-
- M_ASN1_I2D_finish();
- }
-
-PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL(PKCS7_ISSUER_AND_SERIAL **a, unsigned char **pp, long length)
- {
- M_ASN1_D2I_vars(a,PKCS7_ISSUER_AND_SERIAL *,PKCS7_ISSUER_AND_SERIAL_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME);
- M_ASN1_D2I_get(ret->serial,d2i_ASN1_INTEGER);
- M_ASN1_D2I_Finish(a,PKCS7_ISSUER_AND_SERIAL_free,
- ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL);
- }
-
-PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new(void)
- {
- PKCS7_ISSUER_AND_SERIAL *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,PKCS7_ISSUER_AND_SERIAL);
- M_ASN1_New(ret->issuer,X509_NAME_new);
- M_ASN1_New(ret->serial,M_ASN1_INTEGER_new);
- return(ret);
- M_ASN1_New_Error(ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW);
- }
-
-void PKCS7_ISSUER_AND_SERIAL_free(PKCS7_ISSUER_AND_SERIAL *a)
- {
- if (a == NULL) return;
- X509_NAME_free(a->issuer);
- M_ASN1_INTEGER_free(a->serial);
- OPENSSL_free(a);
- }
-
diff --git a/crypto/asn1/p7_lib.c b/crypto/asn1/p7_lib.c
deleted file mode 100644
index b1196ef..0000000
--- a/crypto/asn1/p7_lib.c
+++ /dev/null
@@ -1,391 +0,0 @@
-/* crypto/asn1/p7_lib.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/pkcs7.h>
-#include <openssl/objects.h>
-
-#ifdef PKCS7_INDEFINITE_ENCODING
-
-int i2d_PKCS7(PKCS7 *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- if (a->asn1 != NULL)
- {
- if (pp == NULL)
- return((int)a->length);
- memcpy(*pp,a->asn1,(int)a->length);
- *pp+=a->length;
- return((int)a->length);
- }
-
- ret+=4; /* sequence, BER header plus '0 0' end padding */
- M_ASN1_I2D_len(a->type,i2d_ASN1_OBJECT);
- if (a->d.ptr != NULL)
- {
- ret+=4; /* explicit tag [ 0 ] BER plus '0 0' */
- switch (OBJ_obj2nid(a->type))
- {
- case NID_pkcs7_data:
- M_ASN1_I2D_len(a->d.data,i2d_ASN1_OCTET_STRING);
- break;
- case NID_pkcs7_signed:
- M_ASN1_I2D_len(a->d.sign,i2d_PKCS7_SIGNED);
- break;
- case NID_pkcs7_enveloped:
- M_ASN1_I2D_len(a->d.enveloped,i2d_PKCS7_ENVELOPE);
- break;
- case NID_pkcs7_signedAndEnveloped:
- M_ASN1_I2D_len(a->d.signed_and_enveloped,
- i2d_PKCS7_SIGN_ENVELOPE);
- break;
- case NID_pkcs7_digest:
- M_ASN1_I2D_len(a->d.digest,i2d_PKCS7_DIGEST);
- break;
- case NID_pkcs7_encrypted:
- M_ASN1_I2D_len(a->d.encrypted,i2d_PKCS7_ENCRYPT);
- break;
- default:
- M_ASN1_I2D_len(a->d.other,i2d_ASN1_TYPE);
- break;
- }
- }
- r=ret;
- if (pp == NULL) return(r);
- p= *pp;
- M_ASN1_I2D_INF_seq_start(V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
- M_ASN1_I2D_put(a->type,i2d_ASN1_OBJECT);
-
- if (a->d.ptr != NULL)
- {
- M_ASN1_I2D_INF_seq_start(0,V_ASN1_CONTEXT_SPECIFIC);
- switch (OBJ_obj2nid(a->type))
- {
- case NID_pkcs7_data:
- M_ASN1_I2D_put(a->d.data,i2d_ASN1_OCTET_STRING);
- break;
- case NID_pkcs7_signed:
- M_ASN1_I2D_put(a->d.sign,i2d_PKCS7_SIGNED);
- break;
- case NID_pkcs7_enveloped:
- M_ASN1_I2D_put(a->d.enveloped,i2d_PKCS7_ENVELOPE);
- break;
- case NID_pkcs7_signedAndEnveloped:
- M_ASN1_I2D_put(a->d.signed_and_enveloped,
- i2d_PKCS7_SIGN_ENVELOPE);
- break;
- case NID_pkcs7_digest:
- M_ASN1_I2D_put(a->d.digest,i2d_PKCS7_DIGEST);
- break;
- case NID_pkcs7_encrypted:
- M_ASN1_I2D_put(a->d.encrypted,i2d_PKCS7_ENCRYPT);
- break;
- default:
- M_ASN1_I2D_put(a->d.other,i2d_ASN1_TYPE);
- break;
- }
- M_ASN1_I2D_INF_seq_end();
- }
- M_ASN1_I2D_INF_seq_end();
- M_ASN1_I2D_finish();
- }
-
-#else
-
-int i2d_PKCS7(PKCS7 *a, unsigned char **pp)
- {
- int explen = 0;
- M_ASN1_I2D_vars(a);
-
- if (a->asn1 != NULL)
- {
- if (pp == NULL)
- return((int)a->length);
- memcpy(*pp,a->asn1,(int)a->length);
- *pp+=a->length;
- return((int)a->length);
- }
-
- M_ASN1_I2D_len(a->type,i2d_ASN1_OBJECT);
- if (a->d.ptr != NULL)
- {
- /* Save current length */
- r = ret;
- switch (OBJ_obj2nid(a->type))
- {
- case NID_pkcs7_data:
- M_ASN1_I2D_len(a->d.data,i2d_ASN1_OCTET_STRING);
- break;
- case NID_pkcs7_signed:
- M_ASN1_I2D_len(a->d.sign,i2d_PKCS7_SIGNED);
- break;
- case NID_pkcs7_enveloped:
- M_ASN1_I2D_len(a->d.enveloped,i2d_PKCS7_ENVELOPE);
- break;
- case NID_pkcs7_signedAndEnveloped:
- M_ASN1_I2D_len(a->d.signed_and_enveloped,
- i2d_PKCS7_SIGN_ENVELOPE);
- break;
- case NID_pkcs7_digest:
- M_ASN1_I2D_len(a->d.digest,i2d_PKCS7_DIGEST);
- break;
- case NID_pkcs7_encrypted:
- M_ASN1_I2D_len(a->d.encrypted,i2d_PKCS7_ENCRYPT);
- break;
- default:
- M_ASN1_I2D_len(a->d.other,i2d_ASN1_TYPE);
- break;
- }
- /* Work out explicit tag content size */
- explen = ret - r;
- /* Work out explicit tag size: Note: ASN1_object_size
- * includes the content length.
- */
- ret = r + ASN1_object_size(1, explen, 0);
- }
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->type,i2d_ASN1_OBJECT);
-
- if (a->d.ptr != NULL)
- {
- ASN1_put_object(&p, 1, explen, 0, V_ASN1_CONTEXT_SPECIFIC);
- switch (OBJ_obj2nid(a->type))
- {
- case NID_pkcs7_data:
- M_ASN1_I2D_put(a->d.data,i2d_ASN1_OCTET_STRING);
- break;
- case NID_pkcs7_signed:
- M_ASN1_I2D_put(a->d.sign,i2d_PKCS7_SIGNED);
- break;
- case NID_pkcs7_enveloped:
- M_ASN1_I2D_put(a->d.enveloped,i2d_PKCS7_ENVELOPE);
- break;
- case NID_pkcs7_signedAndEnveloped:
- M_ASN1_I2D_put(a->d.signed_and_enveloped,
- i2d_PKCS7_SIGN_ENVELOPE);
- break;
- case NID_pkcs7_digest:
- M_ASN1_I2D_put(a->d.digest,i2d_PKCS7_DIGEST);
- break;
- case NID_pkcs7_encrypted:
- M_ASN1_I2D_put(a->d.encrypted,i2d_PKCS7_ENCRYPT);
- break;
- default:
- M_ASN1_I2D_put(a->d.other,i2d_ASN1_TYPE);
- break;
- }
- }
- M_ASN1_I2D_finish();
- }
-
-#endif
-
-PKCS7 *d2i_PKCS7(PKCS7 **a, unsigned char **pp, long length)
- {
- M_ASN1_D2I_vars(a,PKCS7 *,PKCS7_new);
-
- if ((a != NULL) && ((*a) != NULL))
- {
- if ((*a)->asn1 != NULL)
- {
- OPENSSL_free((*a)->asn1);
- (*a)->asn1=NULL;
- }
- (*a)->length=0;
- }
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->type,d2i_ASN1_OBJECT);
- if (!M_ASN1_D2I_end_sequence())
- {
- int Tinf,Ttag,Tclass;
- long Tlen;
-
- if (M_ASN1_next != (V_ASN1_CONSTRUCTED|
- V_ASN1_CONTEXT_SPECIFIC|0))
- {
- c.error=ASN1_R_BAD_PKCS7_CONTENT;
- c.line=__LINE__;
- goto err;
- }
-
- ret->detached=0;
-
- c.q=c.p;
- Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,
- (c.inf & 1)?(length+ *pp-c.q):c.slen);
- if (Tinf & 0x80) { c.line=__LINE__; goto err; }
- c.slen-=(c.p-c.q);
-
- switch (OBJ_obj2nid(ret->type))
- {
- case NID_pkcs7_data:
- M_ASN1_D2I_get(ret->d.data,d2i_ASN1_OCTET_STRING);
- break;
- case NID_pkcs7_signed:
- M_ASN1_D2I_get(ret->d.sign,d2i_PKCS7_SIGNED);
- if (ret->d.sign->contents->d.ptr == NULL)
- ret->detached=1;
- break;
- case NID_pkcs7_enveloped:
- M_ASN1_D2I_get(ret->d.enveloped,d2i_PKCS7_ENVELOPE);
- break;
- case NID_pkcs7_signedAndEnveloped:
- M_ASN1_D2I_get(ret->d.signed_and_enveloped,
- d2i_PKCS7_SIGN_ENVELOPE);
- break;
- case NID_pkcs7_digest:
- M_ASN1_D2I_get(ret->d.digest,d2i_PKCS7_DIGEST);
- break;
- case NID_pkcs7_encrypted:
- M_ASN1_D2I_get(ret->d.encrypted,d2i_PKCS7_ENCRYPT);
- break;
- default:
- M_ASN1_D2I_get(ret->d.other,d2i_ASN1_TYPE);
- break;
- }
- if (Tinf == (1|V_ASN1_CONSTRUCTED))
- {
- if (!ASN1_check_infinite_end(&c.p,c.slen))
- {
- c.error=ERR_R_MISSING_ASN1_EOS;
- c.line=__LINE__;
- goto err;
- }
- }
- }
- else
- ret->detached=1;
-
- M_ASN1_D2I_Finish(a,PKCS7_free,ASN1_F_D2I_PKCS7);
- }
-
-PKCS7 *PKCS7_new(void)
- {
- PKCS7 *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,PKCS7);
- ret->type=OBJ_nid2obj(NID_undef);
- ret->asn1=NULL;
- ret->length=0;
- ret->detached=0;
- ret->d.ptr=NULL;
- return(ret);
- M_ASN1_New_Error(ASN1_F_PKCS7_NEW);
- }
-
-void PKCS7_free(PKCS7 *a)
- {
- if (a == NULL) return;
-
- PKCS7_content_free(a);
- if (a->type != NULL)
- {
- ASN1_OBJECT_free(a->type);
- }
- OPENSSL_free(a);
- }
-
-void PKCS7_content_free(PKCS7 *a)
- {
- if(a == NULL)
- return;
-
- if (a->asn1 != NULL) OPENSSL_free(a->asn1);
-
- if (a->d.ptr != NULL)
- {
- if (a->type == NULL) return;
-
- switch (OBJ_obj2nid(a->type))
- {
- case NID_pkcs7_data:
- M_ASN1_OCTET_STRING_free(a->d.data);
- break;
- case NID_pkcs7_signed:
- PKCS7_SIGNED_free(a->d.sign);
- break;
- case NID_pkcs7_enveloped:
- PKCS7_ENVELOPE_free(a->d.enveloped);
- break;
- case NID_pkcs7_signedAndEnveloped:
- PKCS7_SIGN_ENVELOPE_free(a->d.signed_and_enveloped);
- break;
- case NID_pkcs7_digest:
- PKCS7_DIGEST_free(a->d.digest);
- break;
- case NID_pkcs7_encrypted:
- PKCS7_ENCRYPT_free(a->d.encrypted);
- break;
- default:
- ASN1_TYPE_free(a->d.other);
- break;
- }
- }
- a->d.ptr=NULL;
- }
-
-IMPLEMENT_STACK_OF(PKCS7)
-IMPLEMENT_ASN1_SET_OF(PKCS7)
diff --git a/crypto/asn1/p7_recip.c b/crypto/asn1/p7_recip.c
deleted file mode 100644
index 5f6c88a..0000000
--- a/crypto/asn1/p7_recip.c
+++ /dev/null
@@ -1,125 +0,0 @@
-/* crypto/asn1/p7_recip.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
- M_ASN1_I2D_len(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL);
- M_ASN1_I2D_len(a->key_enc_algor,i2d_X509_ALGOR);
- M_ASN1_I2D_len(a->enc_key,i2d_ASN1_OCTET_STRING);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
- M_ASN1_I2D_put(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL);
- M_ASN1_I2D_put(a->key_enc_algor,i2d_X509_ALGOR);
- M_ASN1_I2D_put(a->enc_key,i2d_ASN1_OCTET_STRING);
-
- M_ASN1_I2D_finish();
- }
-
-PKCS7_RECIP_INFO *d2i_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO **a,
- unsigned char **pp, long length)
- {
- M_ASN1_D2I_vars(a,PKCS7_RECIP_INFO *,PKCS7_RECIP_INFO_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
- M_ASN1_D2I_get(ret->issuer_and_serial,d2i_PKCS7_ISSUER_AND_SERIAL);
- M_ASN1_D2I_get(ret->key_enc_algor,d2i_X509_ALGOR);
- M_ASN1_D2I_get(ret->enc_key,d2i_ASN1_OCTET_STRING);
-
- M_ASN1_D2I_Finish(a,PKCS7_RECIP_INFO_free,ASN1_F_D2I_PKCS7_RECIP_INFO);
- }
-
-PKCS7_RECIP_INFO *PKCS7_RECIP_INFO_new(void)
- {
- PKCS7_RECIP_INFO *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,PKCS7_RECIP_INFO);
- M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
- M_ASN1_New(ret->issuer_and_serial,PKCS7_ISSUER_AND_SERIAL_new);
- M_ASN1_New(ret->key_enc_algor,X509_ALGOR_new);
- M_ASN1_New(ret->enc_key,M_ASN1_OCTET_STRING_new);
- ret->cert=NULL;
- return(ret);
- M_ASN1_New_Error(ASN1_F_PKCS7_RECIP_INFO_NEW);
- }
-
-void PKCS7_RECIP_INFO_free(PKCS7_RECIP_INFO *a)
- {
- if (a == NULL) return;
- M_ASN1_INTEGER_free(a->version);
- PKCS7_ISSUER_AND_SERIAL_free(a->issuer_and_serial);
- X509_ALGOR_free(a->key_enc_algor);
- M_ASN1_OCTET_STRING_free(a->enc_key);
- if (a->cert != NULL) X509_free(a->cert);
- OPENSSL_free(a);
- }
-
-IMPLEMENT_STACK_OF(PKCS7_RECIP_INFO)
-IMPLEMENT_ASN1_SET_OF(PKCS7_RECIP_INFO)
diff --git a/crypto/asn1/p7_s_e.c b/crypto/asn1/p7_s_e.c
deleted file mode 100644
index 709eb24..0000000
--- a/crypto/asn1/p7_s_e.c
+++ /dev/null
@@ -1,145 +0,0 @@
-/* crypto/asn1/p7_s_e.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
- M_ASN1_I2D_len_SET_type(PKCS7_RECIP_INFO,a->recipientinfo,
- i2d_PKCS7_RECIP_INFO);
- M_ASN1_I2D_len_SET_type(X509_ALGOR,a->md_algs,i2d_X509_ALGOR);
- M_ASN1_I2D_len(a->enc_data,i2d_PKCS7_ENC_CONTENT);
- M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(X509,a->cert,i2d_X509,0);
- M_ASN1_I2D_len_IMP_SET_opt_type(X509_CRL,a->crl,i2d_X509_CRL,1);
- M_ASN1_I2D_len_SET_type(PKCS7_SIGNER_INFO,a->signer_info,
- i2d_PKCS7_SIGNER_INFO);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
- M_ASN1_I2D_put_SET_type(PKCS7_RECIP_INFO,a->recipientinfo,
- i2d_PKCS7_RECIP_INFO);
- M_ASN1_I2D_put_SET_type(X509_ALGOR,a->md_algs,i2d_X509_ALGOR);
- M_ASN1_I2D_put(a->enc_data,i2d_PKCS7_ENC_CONTENT);
- M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(X509,a->cert,i2d_X509,0);
- M_ASN1_I2D_put_IMP_SET_opt_type(X509_CRL,a->crl,i2d_X509_CRL,1);
- M_ASN1_I2D_put_SET_type(PKCS7_SIGNER_INFO,a->signer_info,
- i2d_PKCS7_SIGNER_INFO);
-
- M_ASN1_I2D_finish();
- }
-
-PKCS7_SIGN_ENVELOPE *d2i_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE **a,
- unsigned char **pp, long length)
- {
- M_ASN1_D2I_vars(a,PKCS7_SIGN_ENVELOPE *,PKCS7_SIGN_ENVELOPE_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
- M_ASN1_D2I_get_set_type(PKCS7_RECIP_INFO,ret->recipientinfo,
- d2i_PKCS7_RECIP_INFO,PKCS7_RECIP_INFO_free);
- M_ASN1_D2I_get_set_type(X509_ALGOR,ret->md_algs,d2i_X509_ALGOR,
- X509_ALGOR_free);
- M_ASN1_D2I_get(ret->enc_data,d2i_PKCS7_ENC_CONTENT);
- M_ASN1_D2I_get_IMP_set_opt_type(X509,ret->cert,d2i_X509,X509_free,0);
- M_ASN1_D2I_get_IMP_set_opt_type(X509_CRL,ret->crl,d2i_X509_CRL,
- X509_CRL_free,1);
- M_ASN1_D2I_get_set_type(PKCS7_SIGNER_INFO,ret->signer_info,
- d2i_PKCS7_SIGNER_INFO,PKCS7_SIGNER_INFO_free);
-
- M_ASN1_D2I_Finish(a,PKCS7_SIGN_ENVELOPE_free,
- ASN1_F_D2I_PKCS7_SIGN_ENVELOPE);
- }
-
-PKCS7_SIGN_ENVELOPE *PKCS7_SIGN_ENVELOPE_new(void)
- {
- PKCS7_SIGN_ENVELOPE *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,PKCS7_SIGN_ENVELOPE);
- M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
- M_ASN1_New(ret->recipientinfo,sk_PKCS7_RECIP_INFO_new_null);
- M_ASN1_New(ret->md_algs,sk_X509_ALGOR_new_null);
- M_ASN1_New(ret->enc_data,PKCS7_ENC_CONTENT_new);
- ret->cert=NULL;
- ret->crl=NULL;
- M_ASN1_New(ret->signer_info,sk_PKCS7_SIGNER_INFO_new_null);
- return(ret);
- M_ASN1_New_Error(ASN1_F_PKCS7_SIGN_ENVELOPE_NEW);
- }
-
-void PKCS7_SIGN_ENVELOPE_free(PKCS7_SIGN_ENVELOPE *a)
- {
- if (a == NULL) return;
- M_ASN1_INTEGER_free(a->version);
- sk_PKCS7_RECIP_INFO_pop_free(a->recipientinfo,PKCS7_RECIP_INFO_free);
- sk_X509_ALGOR_pop_free(a->md_algs,X509_ALGOR_free);
- PKCS7_ENC_CONTENT_free(a->enc_data);
- sk_X509_pop_free(a->cert,X509_free);
- sk_X509_CRL_pop_free(a->crl,X509_CRL_free);
- sk_PKCS7_SIGNER_INFO_pop_free(a->signer_info,PKCS7_SIGNER_INFO_free);
- OPENSSL_free(a);
- }
-
diff --git a/crypto/asn1/p7_signd.c b/crypto/asn1/p7_signd.c
deleted file mode 100644
index c835f54..0000000
--- a/crypto/asn1/p7_signd.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/* crypto/asn1/p7_signd.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_SIGNED(PKCS7_SIGNED *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
- M_ASN1_I2D_len_SET_type(X509_ALGOR,a->md_algs,i2d_X509_ALGOR);
- M_ASN1_I2D_len(a->contents,i2d_PKCS7);
- M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(X509,a->cert,i2d_X509,0);
- M_ASN1_I2D_len_IMP_SET_opt_type(X509_CRL,a->crl,i2d_X509_CRL,1);
- M_ASN1_I2D_len_SET_type(PKCS7_SIGNER_INFO,a->signer_info,
- i2d_PKCS7_SIGNER_INFO);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
- M_ASN1_I2D_put_SET_type(X509_ALGOR,a->md_algs,i2d_X509_ALGOR);
- M_ASN1_I2D_put(a->contents,i2d_PKCS7);
- M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(X509,a->cert,i2d_X509,0);
- M_ASN1_I2D_put_IMP_SET_opt_type(X509_CRL,a->crl,i2d_X509_CRL,1);
- M_ASN1_I2D_put_SET_type(PKCS7_SIGNER_INFO,a->signer_info,
- i2d_PKCS7_SIGNER_INFO);
-
- M_ASN1_I2D_finish();
- }
-
-PKCS7_SIGNED *d2i_PKCS7_SIGNED(PKCS7_SIGNED **a, unsigned char **pp,
- long length)
- {
- M_ASN1_D2I_vars(a,PKCS7_SIGNED *,PKCS7_SIGNED_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
- M_ASN1_D2I_get_set_type(X509_ALGOR,ret->md_algs,d2i_X509_ALGOR,
- X509_ALGOR_free);
- M_ASN1_D2I_get(ret->contents,d2i_PKCS7);
- M_ASN1_D2I_get_IMP_set_opt_type(X509,ret->cert,d2i_X509,X509_free,0);
- M_ASN1_D2I_get_IMP_set_opt_type(X509_CRL,ret->crl,d2i_X509_CRL,
- X509_CRL_free,1);
- M_ASN1_D2I_get_set_type(PKCS7_SIGNER_INFO,ret->signer_info,
- d2i_PKCS7_SIGNER_INFO,PKCS7_SIGNER_INFO_free);
-
- M_ASN1_D2I_Finish(a,PKCS7_SIGNED_free,ASN1_F_D2I_PKCS7_SIGNED);
- }
-
-PKCS7_SIGNED *PKCS7_SIGNED_new(void)
- {
- PKCS7_SIGNED *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,PKCS7_SIGNED);
- M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
- M_ASN1_New(ret->md_algs,sk_X509_ALGOR_new_null);
- M_ASN1_New(ret->contents,PKCS7_new);
- ret->cert=NULL;
- ret->crl=NULL;
- M_ASN1_New(ret->signer_info,sk_PKCS7_SIGNER_INFO_new_null);
- return(ret);
- M_ASN1_New_Error(ASN1_F_PKCS7_SIGNED_NEW);
- }
-
-void PKCS7_SIGNED_free(PKCS7_SIGNED *a)
- {
- if (a == NULL) return;
- M_ASN1_INTEGER_free(a->version);
- sk_X509_ALGOR_pop_free(a->md_algs,X509_ALGOR_free);
- PKCS7_free(a->contents);
- sk_X509_pop_free(a->cert,X509_free);
- sk_X509_CRL_pop_free(a->crl,X509_CRL_free);
- sk_PKCS7_SIGNER_INFO_pop_free(a->signer_info,PKCS7_SIGNER_INFO_free);
- OPENSSL_free(a);
- }
diff --git a/crypto/asn1/p7_signi.c b/crypto/asn1/p7_signi.c
deleted file mode 100644
index 248bf00..0000000
--- a/crypto/asn1/p7_signi.c
+++ /dev/null
@@ -1,150 +0,0 @@
-/* crypto/asn1/p7_signi.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
- *
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
- */
-
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
-#include <openssl/x509.h>
-
-int i2d_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
- M_ASN1_I2D_len(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL);
- M_ASN1_I2D_len(a->digest_alg,i2d_X509_ALGOR);
- M_ASN1_I2D_len_IMP_SET_opt_type(X509_ATTRIBUTE,a->auth_attr,
- i2d_X509_ATTRIBUTE,0);
- M_ASN1_I2D_len(a->digest_enc_alg,i2d_X509_ALGOR);
- M_ASN1_I2D_len(a->enc_digest,i2d_ASN1_OCTET_STRING);
- M_ASN1_I2D_len_IMP_SET_opt_type(X509_ATTRIBUTE,a->unauth_attr,
- i2d_X509_ATTRIBUTE,1);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
- M_ASN1_I2D_put(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL);
- M_ASN1_I2D_put(a->digest_alg,i2d_X509_ALGOR);
- M_ASN1_I2D_put_IMP_SET_opt_type(X509_ATTRIBUTE,a->auth_attr,
- i2d_X509_ATTRIBUTE,0);
- M_ASN1_I2D_put(a->digest_enc_alg,i2d_X509_ALGOR);
- M_ASN1_I2D_put(a->enc_digest,i2d_ASN1_OCTET_STRING);
- M_ASN1_I2D_put_IMP_SET_opt_type(X509_ATTRIBUTE,a->unauth_attr,
- i2d_X509_ATTRIBUTE,1);
-
- M_ASN1_I2D_finish();
- }
-
-PKCS7_SIGNER_INFO *d2i_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO **a,
- unsigned char **pp, long length)
- {
- M_ASN1_D2I_vars(a,PKCS7_SIGNER_INFO *,PKCS7_SIGNER_INFO_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
- M_ASN1_D2I_get(ret->issuer_and_serial,d2i_PKCS7_ISSUER_AND_SERIAL);
- M_ASN1_D2I_get(ret->digest_alg,d2i_X509_ALGOR);
- M_ASN1_D2I_get_IMP_set_opt_type(X509_ATTRIBUTE,ret->auth_attr,
- d2i_X509_ATTRIBUTE,X509_ATTRIBUTE_free,
- 0);
- M_ASN1_D2I_get(ret->digest_enc_alg,d2i_X509_ALGOR);
- M_ASN1_D2I_get(ret->enc_digest,d2i_ASN1_OCTET_STRING);
- M_ASN1_D2I_get_IMP_set_opt_type(X509_ATTRIBUTE,ret->unauth_attr,
- d2i_X509_ATTRIBUTE,
- X509_ATTRIBUTE_free,1);
-
- M_ASN1_D2I_Finish(a,PKCS7_SIGNER_INFO_free,
- ASN1_F_D2I_PKCS7_SIGNER_INFO);
- }
-
-PKCS7_SIGNER_INFO *PKCS7_SIGNER_INFO_new(void)
- {
- PKCS7_SIGNER_INFO *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,PKCS7_SIGNER_INFO);
- M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
- M_ASN1_New(ret->issuer_and_serial,PKCS7_ISSUER_AND_SERIAL_new);
- M_ASN1_New(ret->digest_alg,X509_ALGOR_new);
- ret->auth_attr=NULL;
- M_ASN1_New(ret->digest_enc_alg,X509_ALGOR_new);
- M_ASN1_New(ret->enc_digest,M_ASN1_OCTET_STRING_new);
- ret->unauth_attr=NULL;
- ret->pkey=NULL;
- return(ret);
- M_ASN1_New_Error(ASN1_F_PKCS7_SIGNER_INFO_NEW);
- }
-
-void PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a)
- {
- if (a == NULL) return;
- M_ASN1_INTEGER_free(a->version);
- PKCS7_ISSUER_AND_SERIAL_free(a->issuer_and_serial);
- X509_ALGOR_free(a->digest_alg);
- sk_X509_ATTRIBUTE_pop_free(a->auth_attr,X509_ATTRIBUTE_free);
- X509_ALGOR_free(a->digest_enc_alg);
- M_ASN1_OCTET_STRING_free(a->enc_digest);
- sk_X509_ATTRIBUTE_pop_free(a->unauth_attr,X509_ATTRIBUTE_free);
- if (a->pkey != NULL)
- EVP_PKEY_free(a->pkey);
- OPENSSL_free(a);
- }
-
-IMPLEMENT_STACK_OF(PKCS7_SIGNER_INFO)
-IMPLEMENT_ASN1_SET_OF(PKCS7_SIGNER_INFO)
diff --git a/crypto/asn1/p8_pkey.c b/crypto/asn1/p8_pkey.c
index fa6cbfb..e218899 100644
--- a/crypto/asn1/p8_pkey.c
+++ b/crypto/asn1/p8_pkey.c
@@ -58,70 +58,27 @@
#include <stdio.h>
#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
#include <openssl/x509.h>
-int i2d_PKCS8_PRIV_KEY_INFO (PKCS8_PRIV_KEY_INFO *a, unsigned char **pp)
+/* Minor tweak to operation: zero private key data */
+static int pkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
{
-
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len (a->version, i2d_ASN1_INTEGER);
- M_ASN1_I2D_len (a->pkeyalg, i2d_X509_ALGOR);
- M_ASN1_I2D_len (a->pkey, i2d_ASN1_TYPE);
- M_ASN1_I2D_len_IMP_SET_opt_type (X509_ATTRIBUTE, a->attributes,
- i2d_X509_ATTRIBUTE, 0);
-
- M_ASN1_I2D_seq_total ();
-
- M_ASN1_I2D_put (a->version, i2d_ASN1_INTEGER);
- M_ASN1_I2D_put (a->pkeyalg, i2d_X509_ALGOR);
- M_ASN1_I2D_put (a->pkey, i2d_ASN1_TYPE);
- M_ASN1_I2D_put_IMP_SET_opt_type (X509_ATTRIBUTE, a->attributes,
- i2d_X509_ATTRIBUTE, 0);
-
- M_ASN1_I2D_finish();
+ /* Since the structure must still be valid use ASN1_OP_FREE_PRE */
+ if(operation == ASN1_OP_FREE_PRE) {
+ PKCS8_PRIV_KEY_INFO *key = (PKCS8_PRIV_KEY_INFO *)*pval;
+ if (key->pkey->value.octet_string)
+ memset(key->pkey->value.octet_string->data,
+ 0, key->pkey->value.octet_string->length);
+ }
+ return 1;
}
-PKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new(void)
-{
- PKCS8_PRIV_KEY_INFO *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, PKCS8_PRIV_KEY_INFO);
- M_ASN1_New (ret->version, M_ASN1_INTEGER_new);
- M_ASN1_New (ret->pkeyalg, X509_ALGOR_new);
- M_ASN1_New (ret->pkey, ASN1_TYPE_new);
- ret->attributes = NULL;
- ret->broken = PKCS8_OK;
- return (ret);
- M_ASN1_New_Error(ASN1_F_PKCS8_PRIV_KEY_INFO_NEW);
-}
+ASN1_SEQUENCE_cb(PKCS8_PRIV_KEY_INFO, pkey_cb) = {
+ ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, version, ASN1_INTEGER),
+ ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkeyalg, X509_ALGOR),
+ ASN1_SIMPLE(PKCS8_PRIV_KEY_INFO, pkey, ASN1_ANY),
+ ASN1_IMP_SET_OF_OPT(PKCS8_PRIV_KEY_INFO, attributes, X509_ATTRIBUTE, 0)
+} ASN1_SEQUENCE_END_cb(PKCS8_PRIV_KEY_INFO, PKCS8_PRIV_KEY_INFO);
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a,
- unsigned char **pp, long length)
-{
- M_ASN1_D2I_vars(a,PKCS8_PRIV_KEY_INFO *,PKCS8_PRIV_KEY_INFO_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get (ret->version, d2i_ASN1_INTEGER);
- M_ASN1_D2I_get (ret->pkeyalg, d2i_X509_ALGOR);
- M_ASN1_D2I_get (ret->pkey, d2i_ASN1_TYPE);
- M_ASN1_D2I_get_IMP_set_opt_type(X509_ATTRIBUTE, ret->attributes,
- d2i_X509_ATTRIBUTE,
- X509_ATTRIBUTE_free, 0);
- M_ASN1_D2I_Finish(a, PKCS8_PRIV_KEY_INFO_free, ASN1_F_D2I_PKCS8_PRIV_KEY_INFO);
-}
-
-void PKCS8_PRIV_KEY_INFO_free (PKCS8_PRIV_KEY_INFO *a)
-{
- if (a == NULL) return;
- M_ASN1_INTEGER_free (a->version);
- X509_ALGOR_free(a->pkeyalg);
- /* Clear sensitive data */
- if (a->pkey->value.octet_string)
- memset (a->pkey->value.octet_string->data,
- 0, a->pkey->value.octet_string->length);
- ASN1_TYPE_free (a->pkey);
- sk_X509_ATTRIBUTE_pop_free (a->attributes, X509_ATTRIBUTE_free);
- OPENSSL_free (a);
-}
+IMPLEMENT_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
diff --git a/crypto/asn1/t_req.c b/crypto/asn1/t_req.c
index ea1af09..b80ea18 100644
--- a/crypto/asn1/t_req.c
+++ b/crypto/asn1/t_req.c
@@ -145,13 +145,10 @@
if (BIO_puts(bp,str) <= 0) goto err;
sk=x->req_info->attributes;
- if ((sk == NULL) || (sk_X509_ATTRIBUTE_num(sk) == 0))
+ if (sk_X509_ATTRIBUTE_num(sk) == 0)
{
- if (!x->req_info->req_kludge)
- {
- sprintf(str,"%12sa0:00\n","");
- if (BIO_puts(bp,str) <= 0) goto err;
- }
+ sprintf(str,"%12sa0:00\n","");
+ if (BIO_puts(bp,str) <= 0) goto err;
}
else
{
@@ -170,7 +167,13 @@
if (BIO_puts(bp,str) <= 0) goto err;
if ((j=i2a_ASN1_OBJECT(bp,a->object)) > 0)
{
- if (a->set)
+ if (a->single)
+ {
+ t=a->value.single;
+ type=t->type;
+ bs=t->value.bit_string;
+ }
+ else
{
ii=0;
count=sk_ASN1_TYPE_num(a->value.set);
@@ -179,12 +182,6 @@
type=at->type;
bs=at->value.asn1_string;
}
- else
- {
- t=a->value.single;
- type=t->type;
- bs=t->value.bit_string;
- }
}
for (j=25-j; j>0; j--)
if (BIO_write(bp," ",1) != 1) goto err;
diff --git a/crypto/asn1/t_spki.c b/crypto/asn1/t_spki.c
index d708434..f273421 100644
--- a/crypto/asn1/t_spki.c
+++ b/crypto/asn1/t_spki.c
@@ -59,7 +59,7 @@
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/x509.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1.h>
/* Print out an SPKI */
diff --git a/crypto/asn1/t_x509a.c b/crypto/asn1/t_x509a.c
index f06af5b..7d4a6e6 100644
--- a/crypto/asn1/t_x509a.c
+++ b/crypto/asn1/t_x509a.c
@@ -59,7 +59,7 @@
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/evp.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1.h>
#include <openssl/x509.h>
/* X509_CERT_AUX and string set routines
diff --git a/crypto/asn1/tasn_dec.c b/crypto/asn1/tasn_dec.c
new file mode 100644
index 0000000..0caa8f6
--- /dev/null
+++ b/crypto/asn1/tasn_dec.c
@@ -0,0 +1,910 @@
+/* tasn_dec.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+
+#include <stddef.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/objects.h>
+#include <openssl/buffer.h>
+#include <openssl/err.h>
+
+static int asn1_check_eoc(unsigned char **in, long len);
+static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass);
+static int collect_data(BUF_MEM *buf, unsigned char **p, long plen);
+static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf, char *cst,
+ unsigned char **in, long len, int exptag, int expclass, char opt, ASN1_TLC *ctx);
+static int asn1_template_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx);
+static int asn1_template_noexp_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx);
+static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long len,
+ const ASN1_ITEM *it, int tag, int aclass, char opt, ASN1_TLC *ctx);
+
+/* Macro to initialize and invalidate the cache */
+
+#define asn1_tlc_clear(c) if(c) (c)->valid = 0
+
+/* Decode an ASN1 item, this currently behaves just
+ * like a standard 'd2i' function. 'in' points to
+ * a buffer to read the data from, in future we will
+ * have more advanced versions that can input data
+ * a piece at a time and this will simply be a special
+ * case.
+ */
+
+ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it)
+{
+ ASN1_TLC c;
+ ASN1_VALUE *ptmpval = NULL;
+ if(!pval) pval = &ptmpval;
+ asn1_tlc_clear(&c);
+ if(ASN1_item_ex_d2i(pval, in, len, it, -1, 0, 0, &c) > 0)
+ return *pval;
+ return NULL;
+}
+
+int ASN1_template_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_TEMPLATE *tt)
+{
+ ASN1_TLC c;
+ asn1_tlc_clear(&c);
+ return asn1_template_ex_d2i(pval, in, len, tt, 0, &c);
+}
+
+
+/* Decode an item, taking care of IMPLICIT tagging, if any.
+ * If 'opt' set and tag mismatch return -1 to handle OPTIONAL
+ */
+
+int ASN1_item_ex_d2i(ASN1_VALUE **pval, unsigned char **in, long len, const ASN1_ITEM *it,
+ int tag, int aclass, char opt, ASN1_TLC *ctx)
+{
+ const ASN1_TEMPLATE *tt, *errtt = NULL;
+ const ASN1_COMPAT_FUNCS *cf;
+ const ASN1_EXTERN_FUNCS *ef;
+ const ASN1_AUX *aux = it->funcs;
+ ASN1_aux_cb *asn1_cb;
+ unsigned char *p, *q, imphack = 0, oclass;
+ char seq_eoc, seq_nolen, cst, isopt;
+ long tmplen;
+ int i;
+ int otag;
+ int ret = 0;
+ ASN1_VALUE *pchval, **pchptr, *ptmpval;
+ if(!pval) return 0;
+ if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb;
+ else asn1_cb = 0;
+
+ switch(it->itype) {
+
+ case ASN1_ITYPE_PRIMITIVE:
+ if(it->templates)
+ return asn1_template_ex_d2i(pval, in, len, it->templates, opt, ctx);
+ return asn1_d2i_ex_primitive(pval, in, len, it, tag, aclass, opt, ctx);
+ break;
+
+ case ASN1_ITYPE_MSTRING:
+ p = *in;
+ /* Just read in tag and class */
+ ret = asn1_check_tlen(NULL, &otag, &oclass, NULL, NULL, &p, len, -1, 0, 1, ctx);
+ if(!ret) {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ goto err;
+ }
+ /* Must be UNIVERSAL class */
+ if(oclass != V_ASN1_UNIVERSAL) {
+ /* If OPTIONAL, assume this is OK */
+ if(opt) return -1;
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_NOT_UNIVERSAL);
+ goto err;
+ }
+ /* Check tag matches bit map */
+ if(!(ASN1_tag2bit(otag) & it->utype)) {
+ /* If OPTIONAL, assume this is OK */
+ if(opt) return -1;
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MSTRING_WRONG_TAG);
+ goto err;
+ }
+ return asn1_d2i_ex_primitive(pval, in, len, it, otag, 0, 0, ctx);
+
+ case ASN1_ITYPE_EXTERN:
+ /* Use new style d2i */
+ ef = it->funcs;
+ return ef->asn1_ex_d2i(pval, in, len, it, tag, aclass, opt, ctx);
+
+ case ASN1_ITYPE_COMPAT:
+ /* we must resort to old style evil hackery */
+ cf = it->funcs;
+
+ /* If OPTIONAL see if it is there */
+ if(opt) {
+ int exptag;
+ p = *in;
+ if(tag == -1) exptag = it->utype;
+ else exptag = tag;
+ /* Don't care about anything other than presence of expected tag */
+ ret = asn1_check_tlen(NULL, NULL, NULL, NULL, NULL, &p, len, exptag, aclass, 1, ctx);
+ if(!ret) {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ goto err;
+ }
+ if(ret == -1) return -1;
+ }
+ /* This is the old style evil hack IMPLICIT handling:
+ * since the underlying code is expecting a tag and
+ * class other than the one present we change the
+ * buffer temporarily then change it back afterwards.
+ * This doesn't and never did work for tags > 30.
+ *
+ * Yes this is *horrible* but it is only needed for
+ * old style d2i which will hopefully not be around
+ * for much longer.
+ * FIXME: should copy the buffer then modify it so
+ * the input buffer can be const: we should *always*
+ * copy because the old style d2i might modify the
+ * buffer.
+ */
+
+ if(tag != -1) {
+ p = *in;
+ imphack = *p;
+ *p = (*p & V_ASN1_CONSTRUCTED) | it->utype;
+ }
+
+ ptmpval = cf->asn1_d2i(pval, in, len);
+
+ if(tag != -1) *p = imphack;
+
+ if(ptmpval) return 1;
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ goto err;
+
+
+ case ASN1_ITYPE_CHOICE:
+ if(asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it))
+ goto auxerr;
+ /* CHOICE type, try each possibility in turn */
+ pchval = NULL;
+ p = *in;
+ for(i = 0, tt=it->templates; i < it->tcount; i++, tt++) {
+ /* We mark field as OPTIONAL so its absence
+ * can be recognised.
+ */
+ ret = asn1_template_ex_d2i(&pchval, &p, len, tt, 1, ctx);
+ /* If field not present, try the next one */
+ if(ret == -1) continue;
+ /* If positive return, read OK, break loop */
+ if(ret > 0) break;
+ /* Otherwise must be an ASN1 parsing error */
+ errtt = tt;
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ return 0;
+ }
+ /* Did we fall off the end without reading anything? */
+ if(i == it->tcount) {
+ /* If OPTIONAL, this is OK */
+ if(opt) return -1;
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_NO_MATCHING_CHOICE_TYPE);
+ return 0;
+ }
+ /* Otherwise we got a match, allocate structure and populate it */
+ if(!*pval) {
+ if(!ASN1_item_ex_new(pval, it)) {
+ errtt = tt;
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ return 0;
+ }
+ }
+ pchptr = asn1_get_field_ptr(pval, tt);
+ *pchptr = pchval;
+ asn1_set_choice_selector(pval, i, it);
+ *in = p;
+ if(asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it))
+ goto auxerr;
+ return 1;
+
+ case ASN1_ITYPE_SEQUENCE:
+ p = *in;
+ tmplen = len;
+
+ /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
+ if(tag == -1) {
+ tag = V_ASN1_SEQUENCE;
+ aclass = V_ASN1_UNIVERSAL;
+ }
+ /* Get SEQUENCE length and update len, p */
+ ret = asn1_check_tlen(&len, NULL, NULL, &seq_eoc, &cst, &p, len, tag, aclass, opt, ctx);
+ if(!ret) {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ goto err;
+ } else if(ret == -1) return -1;
+ if(aux && (aux->flags & ASN1_AFLG_BROKEN)) {
+ len = tmplen - (p - *in);
+ seq_nolen = 1;
+ } else seq_nolen = seq_eoc; /* If indefinite we don't do a length check */
+ if(!cst) {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_NOT_CONSTRUCTED);
+ goto err;
+ }
+
+ if(!*pval) {
+ if(!ASN1_item_ex_new(pval, it)) {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ goto err;
+ }
+ }
+ if(asn1_cb && !asn1_cb(ASN1_OP_D2I_PRE, pval, it))
+ goto auxerr;
+
+ /* Get each field entry */
+ for(i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
+ const ASN1_TEMPLATE *seqtt;
+ ASN1_VALUE **pseqval;
+ seqtt = asn1_do_adb(pval, tt, 1);
+ if(!seqtt) goto err;
+ pseqval = asn1_get_field_ptr(pval, seqtt);
+ /* Have we ran out of data? */
+ if(!len) break;
+ q = p;
+ if(asn1_check_eoc(&p, len)) {
+ if(!seq_eoc) {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_UNEXPECTED_EOC);
+ goto err;
+ }
+ len -= p - q;
+ seq_eoc = 0;
+ q = p;
+ break;
+ }
+ /* This determines the OPTIONAL flag value. The field cannot
+ * be omitted if it is the last of a SEQUENCE and there is
+ * still data to be read. This isn't strictly necessary but
+ * it increases efficiency in some cases.
+ */
+ if(i == (it->tcount - 1)) isopt = 0;
+ else isopt = seqtt->flags & ASN1_TFLG_OPTIONAL;
+ /* attempt to read in field, allowing each to be OPTIONAL */
+ ret = asn1_template_ex_d2i(pseqval, &p, len, seqtt, isopt, ctx);
+ if(!ret) {
+ errtt = seqtt;
+ goto err;
+ } else if(ret == -1) {
+ /* OPTIONAL component absent. Free and zero the field
+ */
+ ASN1_template_free(pseqval, seqtt);
+ continue;
+ }
+ /* Update length */
+ len -= p - q;
+ }
+ /* Check for EOC if expecting one */
+ if(seq_eoc && !asn1_check_eoc(&p, len)) {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_MISSING_EOC);
+ goto err;
+ }
+ /* Check all data read */
+ if(!seq_nolen && len) {
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_SEQUENCE_LENGTH_MISMATCH);
+ goto err;
+ }
+
+ /* If we get here we've got no more data in the SEQUENCE,
+ * however we may not have read all fields so check all
+ * remaining are OPTIONAL and clear any that are.
+ */
+ for(; i < it->tcount; tt++, i++) {
+ const ASN1_TEMPLATE *seqtt;
+ seqtt = asn1_do_adb(pval, tt, 1);
+ if(!seqtt) goto err;
+ if(seqtt->flags & ASN1_TFLG_OPTIONAL) {
+ ASN1_VALUE **pseqval;
+ pseqval = asn1_get_field_ptr(pval, seqtt);
+ ASN1_template_free(pseqval, seqtt);
+ } else {
+ errtt = seqtt;
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_FIELD_MISSING);
+ goto err;
+ }
+ }
+ /* Save encoding */
+ if(!asn1_enc_save(pval, *in, p - *in, it)) goto auxerr;
+ *in = p;
+ if(asn1_cb && !asn1_cb(ASN1_OP_D2I_POST, pval, it))
+ goto auxerr;
+ return 1;
+
+ default:
+ return 0;
+ }
+ auxerr:
+ ASN1err(ASN1_F_ASN1_ITEM_EX_D2I, ASN1_R_AUX_ERROR);
+ err:
+ ASN1_item_ex_free(pval, it);
+ if(errtt) ERR_add_error_data(4, "Field=", errtt->field_name, ", Type=", it->sname);
+ else ERR_add_error_data(2, "Type=", it->sname);
+ return 0;
+}
+
+/* Templates are handled with two separate functions. One handles any EXPLICIT tag and the other handles the
+ * rest.
+ */
+
+int asn1_template_ex_d2i(ASN1_VALUE **val, unsigned char **in, long inlen, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx)
+{
+ int flags, aclass;
+ int ret;
+ long len;
+ unsigned char *p, *q;
+ char exp_eoc;
+ if(!val) return 0;
+ flags = tt->flags;
+ aclass = flags & ASN1_TFLG_TAG_CLASS;
+
+ p = *in;
+
+ /* Check if EXPLICIT tag expected */
+ if(flags & ASN1_TFLG_EXPTAG) {
+ char cst;
+ /* Need to work out amount of data available to the inner content and where it
+ * starts: so read in EXPLICIT header to get the info.
+ */
+ ret = asn1_check_tlen(&len, NULL, NULL, &exp_eoc, &cst, &p, inlen, tt->tag, aclass, opt, ctx);
+ q = p;
+ if(!ret) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ return 0;
+ } else if(ret == -1) return -1;
+ if(!cst) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED);
+ return 0;
+ }
+ /* We've found the field so it can't be OPTIONAL now */
+ ret = asn1_template_noexp_d2i(val, &p, len, tt, 0, ctx);
+ if(!ret) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ return 0;
+ }
+ /* We read the field in OK so update length */
+ len -= p - q;
+ if(exp_eoc) {
+ /* If NDEF we must have an EOC here */
+ if(!asn1_check_eoc(&p, len)) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_MISSING_EOC);
+ goto err;
+ }
+ } else {
+ /* Otherwise we must hit the EXPLICIT tag end or its an error */
+ if(len) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_EXPLICIT_LENGTH_MISMATCH);
+ goto err;
+ }
+ }
+ } else
+ return asn1_template_noexp_d2i(val, in, inlen, tt, opt, ctx);
+
+ *in = p;
+ return 1;
+
+ err:
+ ASN1_template_free(val, tt);
+ *val = NULL;
+ return 0;
+}
+
+static int asn1_template_noexp_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_TEMPLATE *tt, char opt, ASN1_TLC *ctx)
+{
+ int flags, aclass;
+ int ret;
+ unsigned char *p, *q;
+ if(!val) return 0;
+ flags = tt->flags;
+ aclass = flags & ASN1_TFLG_TAG_CLASS;
+
+ p = *in;
+ q = p;
+
+ if(flags & ASN1_TFLG_SK_MASK) {
+ /* SET OF, SEQUENCE OF */
+ int sktag, skaclass;
+ char sk_eoc;
+ /* First work out expected inner tag value */
+ if(flags & ASN1_TFLG_IMPTAG) {
+ sktag = tt->tag;
+ skaclass = aclass;
+ } else {
+ skaclass = V_ASN1_UNIVERSAL;
+ if(flags & ASN1_TFLG_SET_OF) sktag = V_ASN1_SET;
+ else sktag = V_ASN1_SEQUENCE;
+ }
+ /* Get the tag */
+ ret = asn1_check_tlen(&len, NULL, NULL, &sk_eoc, NULL, &p, len, sktag, skaclass, opt, ctx);
+ if(!ret) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_NESTED_ASN1_ERROR);
+ return 0;
+ } else if(ret == -1) return -1;
+ if(!*val) *val = (ASN1_VALUE *)sk_new_null();
+ else {
+ /* We've got a valid STACK: free up any items present */
+ STACK *sktmp = (STACK *)*val;
+ ASN1_VALUE *vtmp;
+ while(sk_num(sktmp) > 0) {
+ vtmp = (ASN1_VALUE *)sk_pop(sktmp);
+ ASN1_item_ex_free(&vtmp, tt->item);
+ }
+ }
+
+ if(!*val) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_EX_D2I, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ /* Read as many items as we can */
+ while(len > 0) {
+ ASN1_VALUE *skfield;
+ q = p;
+ /* See if EOC found */
+ if(asn1_check_eoc(&p, len)) {
+ if(!sk_eoc) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_UNEXPECTED_EOC);
+ goto err;
+ }
+ len -= p - q;
+ sk_eoc = 0;
+ break;
+ }
+ skfield = NULL;
+ if(!ASN1_item_ex_d2i(&skfield, &p, len, tt->item, -1, 0, 0, ctx)) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR);
+ goto err;
+ }
+ len -= p - q;
+ if(!sk_push((STACK *)*val, (char *)skfield)) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ }
+ if(sk_eoc) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ASN1_R_MISSING_EOC);
+ goto err;
+ }
+ } else if(flags & ASN1_TFLG_IMPTAG) {
+ /* IMPLICIT tagging */
+ ret = ASN1_item_ex_d2i(val, &p, len, tt->item, tt->tag, aclass, opt, ctx);
+ if(!ret) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR);
+ goto err;
+ } else if(ret == -1) return -1;
+ } else {
+ /* Nothing special */
+ ret = ASN1_item_ex_d2i(val, &p, len, tt->item, -1, 0, opt, ctx);
+ if(!ret) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_D2I, ERR_R_NESTED_ASN1_ERROR);
+ goto err;
+ } else if(ret == -1) return -1;
+ }
+
+ *in = p;
+ return 1;
+
+ err:
+ ASN1_template_free(val, tt);
+ *val = NULL;
+ return 0;
+}
+
+static int asn1_d2i_ex_primitive(ASN1_VALUE **pval, unsigned char **in, long inlen,
+ const ASN1_ITEM *it,
+ int tag, int aclass, char opt, ASN1_TLC *ctx)
+{
+ int ret = 0, utype;
+ long plen;
+ char cst, inf, free_cont = 0;
+ unsigned char *p;
+ BUF_MEM buf;
+ unsigned char *cont = NULL;
+ long len;
+ if(!pval) {
+ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_NULL);
+ return 0; /* Should never happen */
+ }
+
+ if(it->itype == ASN1_ITYPE_MSTRING) {
+ utype = tag;
+ tag = -1;
+ } else utype = it->utype;
+
+ if(utype == V_ASN1_ANY) {
+ /* If type is ANY need to figure out type from tag */
+ unsigned char oclass;
+ if(tag >= 0) {
+ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_TAGGED_ANY);
+ return 0;
+ }
+ if(opt) {
+ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_ILLEGAL_OPTIONAL_ANY);
+ return 0;
+ }
+ p = *in;
+ ret = asn1_check_tlen(NULL, &utype, &oclass, NULL, NULL, &p, inlen, -1, 0, 0, ctx);
+ if(!ret) {
+ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR);
+ return 0;
+ }
+ if(oclass != V_ASN1_UNIVERSAL) utype = V_ASN1_OTHER;
+ }
+ if(tag == -1) {
+ tag = utype;
+ aclass = V_ASN1_UNIVERSAL;
+ }
+ p = *in;
+ /* Check header */
+ ret = asn1_check_tlen(&plen, NULL, NULL, &inf, &cst, &p, inlen, tag, aclass, opt, ctx);
+ if(!ret) {
+ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_NESTED_ASN1_ERROR);
+ return 0;
+ } else if(ret == -1) return -1;
+ /* SEQUENCE, SET and "OTHER" are left in encoded form */
+ if((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) || (utype == V_ASN1_OTHER)) {
+ /* SEQUENCE and SET must be constructed */
+ if((utype != V_ASN1_OTHER) && !cst) {
+ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_TYPE_NOT_CONSTRUCTED);
+ return 0;
+ }
+
+ cont = *in;
+ /* If indefinite length constructed find the real end */
+ if(inf) {
+ asn1_collect(NULL, &p, plen, inf, -1, -1);
+ len = p - cont;
+ } else {
+ len = p - cont + plen;
+ p += plen;
+ buf.data = NULL;
+ }
+ } else if(cst) {
+ buf.length = 0;
+ buf.max = 0;
+ buf.data = NULL;
+ /* Should really check the internal tags are correct but
+ * some things may get this wrong. The relevant specs
+ * say that constructed string types should be OCTET STRINGs
+ * internally irrespective of the type. So instead just check
+ * for UNIVERSAL class and ignore the tag.
+ */
+ asn1_collect(&buf, &p, plen, inf, -1, V_ASN1_UNIVERSAL);
+ cont = (unsigned char *)buf.data;
+ len = buf.length;
+ free_cont = 1;
+ } else {
+ cont = p;
+ len = plen;
+ p += plen;
+ }
+
+ /* We now have content length and type: translate into a structure */
+ if(!asn1_ex_c2i(pval, cont, len, utype, &free_cont, it)) goto err;
+
+ *in = p;
+ ret = 1;
+ err:
+ if(free_cont && buf.data) OPENSSL_free(buf.data);
+ return ret;
+}
+
+/* Translate ASN1 content octets into a structure */
+
+int asn1_ex_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it)
+{
+ ASN1_STRING *stmp;
+ ASN1_TYPE *typ = NULL;
+ int ret = 0;
+ const ASN1_PRIMITIVE_FUNCS *pf;
+ pf = it->funcs;
+ if(pf && pf->prim_c2i) return pf->prim_c2i(pval, cont, len, utype, free_cont, it);
+ /* If ANY type clear type and set pointer to internal value */
+ if(it->utype == V_ASN1_ANY) {
+ if(!*pval) {
+ typ = ASN1_TYPE_new();
+ *pval = (ASN1_VALUE *)typ;
+ } else typ = (ASN1_TYPE *)pval;
+ if(utype != typ->type) ASN1_TYPE_set(typ, utype, NULL);
+ pval = (ASN1_VALUE **)&typ->value.ptr;
+ }
+ switch(utype) {
+ case V_ASN1_OBJECT:
+ if(!c2i_ASN1_OBJECT((ASN1_OBJECT **)pval, &cont, len)) goto err;
+ break;
+
+ case V_ASN1_NULL:
+ if(len) {
+ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_NULL_IS_WRONG_LENGTH);
+ goto err;
+ }
+ *pval = (ASN1_VALUE *)1;
+ break;
+
+ case V_ASN1_BOOLEAN:
+ if(len != 1) {
+ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ASN1_R_BOOLEAN_IS_WRONG_LENGTH);
+ goto err;
+ } else {
+ ASN1_BOOLEAN *tbool;
+ tbool = (ASN1_BOOLEAN *)pval;
+ *tbool = *cont;
+ }
+ break;
+
+ case V_ASN1_BIT_STRING:
+ if(!c2i_ASN1_BIT_STRING((ASN1_BIT_STRING **)pval, &cont, len)) goto err;
+ break;
+
+ case V_ASN1_INTEGER:
+ case V_ASN1_NEG_INTEGER:
+ case V_ASN1_ENUMERATED:
+ case V_ASN1_NEG_ENUMERATED:
+ if(!c2i_ASN1_INTEGER((ASN1_INTEGER **)pval, &cont, len)) goto err;
+ break;
+
+ case V_ASN1_OCTET_STRING:
+ case V_ASN1_NUMERICSTRING:
+ case V_ASN1_PRINTABLESTRING:
+ case V_ASN1_T61STRING:
+ case V_ASN1_VIDEOTEXSTRING:
+ case V_ASN1_IA5STRING:
+ case V_ASN1_UTCTIME:
+ case V_ASN1_GENERALIZEDTIME:
+ case V_ASN1_GRAPHICSTRING:
+ case V_ASN1_VISIBLESTRING:
+ case V_ASN1_GENERALSTRING:
+ case V_ASN1_UNIVERSALSTRING:
+ case V_ASN1_BMPSTRING:
+ case V_ASN1_UTF8STRING:
+ case V_ASN1_OTHER:
+ case V_ASN1_SET:
+ case V_ASN1_SEQUENCE:
+ default:
+ /* All based on ASN1_STRING and handled the same */
+ if(!*pval) {
+ stmp = ASN1_STRING_type_new(utype);
+ if(!stmp) {
+ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ *pval = (ASN1_VALUE *)stmp;
+ } else {
+ stmp = (ASN1_STRING *)*pval;
+ stmp->type = utype;
+ }
+ /* If we've already allocated a buffer use it */
+ if(*free_cont) {
+ if(stmp->data) OPENSSL_free(stmp->data);
+ stmp->data = cont;
+ stmp->length = len;
+ *free_cont = 0;
+ } else {
+ if(!ASN1_STRING_set(stmp, cont, len)) {
+ ASN1err(ASN1_F_ASN1_D2I_EX_PRIMITIVE, ERR_R_MALLOC_FAILURE);
+ ASN1_STRING_free(stmp);
+ *pval = NULL;
+ goto err;
+ }
+ }
+ break;
+ }
+ /* If ASN1_ANY and NULL type fix up value */
+ if(typ && utype==V_ASN1_NULL) typ->value.ptr = NULL;
+
+ ret = 1;
+ err:
+ if(!ret) ASN1_TYPE_free(typ);
+ return ret;
+}
+
+/* This function collects the asn1 data from a constructred string
+ * type into a buffer. The values of 'in' and 'len' should refer
+ * to the contents of the constructed type and 'inf' should be set
+ * if it is indefinite length. If 'buf' is NULL then we just want
+ * to find the end of the current structure: useful for indefinite
+ * length constructed stuff.
+ */
+
+static int asn1_collect(BUF_MEM *buf, unsigned char **in, long len, char inf, int tag, int aclass)
+{
+ unsigned char *p, *q;
+ long plen;
+ char cst, ininf;
+ p = *in;
+ inf &= 1;
+ /* If no buffer and not indefinite length constructed just pass over the encoded data */
+ if(!buf && !inf) {
+ *in += len;
+ return 1;
+ }
+ while(len > 0) {
+ q = p;
+ /* Check for EOC */
+ if(asn1_check_eoc(&p, len)) {
+ /* EOC is illegal outside indefinite length constructed form */
+ if(!inf) {
+ ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_UNEXPECTED_EOC);
+ return 0;
+ }
+ inf = 0;
+ break;
+ }
+ if(!asn1_check_tlen(&plen, NULL, NULL, &ininf, &cst, &p, len, tag, aclass, 0, NULL)) {
+ ASN1err(ASN1_F_ASN1_COLLECT, ERR_R_NESTED_ASN1_ERROR);
+ return 0;
+ }
+ /* If indefinite length constructed update max length */
+ if(cst) {
+ if(!asn1_collect(buf, &p, plen, ininf, tag, aclass)) return 0;
+ } else {
+ if(!collect_data(buf, &p, plen)) return 0;
+ }
+ len -= p - q;
+ }
+ if(inf) {
+ ASN1err(ASN1_F_ASN1_COLLECT, ASN1_R_MISSING_EOC);
+ return 0;
+ }
+ *in = p;
+ return 1;
+}
+
+static int collect_data(BUF_MEM *buf, unsigned char **p, long plen)
+{
+ int len;
+ if(buf) {
+ len = buf->length;
+ if(!BUF_MEM_grow(buf, len + plen)) {
+ ASN1err(ASN1_F_COLLECT_DATA, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ memcpy(buf->data + len, *p, plen);
+ }
+ *p += plen;
+ return 1;
+}
+
+/* Check for ASN1 EOC and swallow it if found */
+
+static int asn1_check_eoc(unsigned char **in, long len)
+{
+ unsigned char *p;
+ if(len < 2) return 0;
+ p = *in;
+ if(!p[0] && !p[1]) {
+ *in += 2;
+ return 1;
+ }
+ return 0;
+}
+
+/* Check an ASN1 tag and length: a bit like ASN1_get_object
+ * but it sets the length for indefinite length constructed
+ * form, we don't know the exact length but we can set an
+ * upper bound to the amount of data available minus the
+ * header length just read.
+ */
+
+static int asn1_check_tlen(long *olen, int *otag, unsigned char *oclass, char *inf, char *cst,
+ unsigned char **in, long len, int exptag, int expclass, char opt, ASN1_TLC *ctx)
+{
+ int i;
+ int ptag, pclass;
+ long plen;
+ unsigned char *p, *q;
+ p = *in;
+ q = p;
+
+ if(ctx && ctx->valid) {
+ i = ctx->ret;
+ plen = ctx->plen;
+ pclass = ctx->pclass;
+ ptag = ctx->ptag;
+ p += ctx->hdrlen;
+ } else {
+ i = ASN1_get_object(&p, &plen, &ptag, &pclass, len);
+ if(ctx) {
+ ctx->ret = i;
+ ctx->plen = plen;
+ ctx->pclass = pclass;
+ ctx->ptag = ptag;
+ ctx->hdrlen = p - q;
+ ctx->valid = 1;
+ }
+ /* If definite length, length + header can't exceed total
+ * amount of data available.
+ */
+ if(!(i & 1) && ((plen + ctx->hdrlen) > len)) {
+ ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_TOO_LONG);
+ asn1_tlc_clear(ctx);
+ return 0;
+ }
+ }
+
+ if(i & 0x80) {
+ ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_BAD_OBJECT_HEADER);
+ asn1_tlc_clear(ctx);
+ return 0;
+ }
+ if(exptag >= 0) {
+ if((exptag != ptag) || (expclass != pclass)) {
+ /* If type is OPTIONAL, not an error, but indicate missing
+ * type.
+ */
+ if(opt) return -1;
+ asn1_tlc_clear(ctx);
+ ASN1err(ASN1_F_ASN1_CHECK_TLEN, ASN1_R_WRONG_TAG);
+ return 0;
+ }
+ /* We have a tag and class match, so assume we are going to do something with it */
+ asn1_tlc_clear(ctx);
+ }
+
+ if(i & 1) plen = len - (p - q);
+
+ if(inf) *inf = i & 1;
+
+ if(cst) *cst = i & V_ASN1_CONSTRUCTED;
+
+ if(olen) *olen = plen;
+ if(oclass) *oclass = pclass;
+ if(otag) *otag = ptag;
+
+ *in = p;
+ return 1;
+}
diff --git a/crypto/asn1/tasn_enc.c b/crypto/asn1/tasn_enc.c
new file mode 100644
index 0000000..f6d33e1
--- /dev/null
+++ b/crypto/asn1/tasn_enc.c
@@ -0,0 +1,485 @@
+/* tasn_enc.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+
+#include <stddef.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/objects.h>
+
+static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
+static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *seq, unsigned char **out, int skcontlen, const ASN1_ITEM *item, int isset);
+
+/* Encode an ASN1 item, this is compatible with the
+ * standard 'i2d' function. 'out' points to
+ * a buffer to output the data to, in future we will
+ * have more advanced versions that can output data
+ * a piece at a time and this will simply be a special
+ * case.
+ *
+ * The new i2d has one additional feature. If the output
+ * buffer is NULL (i.e. *out == NULL) then a buffer is
+ * allocated and populated with the encoding.
+ */
+
+
+int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it)
+{
+ if(out && !*out) {
+ unsigned char *p, *buf;
+ int len;
+ len = ASN1_item_ex_i2d(&val, NULL, it, -1, 0);
+ if(len <= 0) return len;
+ buf = OPENSSL_malloc(len);
+ if(!buf) return -1;
+ p = buf;
+ ASN1_item_ex_i2d(&val, &p, it, -1, 0);
+ *out = buf;
+ return len;
+ }
+
+ return ASN1_item_ex_i2d(&val, out, it, -1, 0);
+}
+
+/* Encode an item, taking care of IMPLICIT tagging (if any).
+ * This function performs the normal item handling: it can be
+ * used in external types.
+ */
+
+int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass)
+{
+ const ASN1_TEMPLATE *tt = NULL;
+ unsigned char *p = NULL;
+ int i, seqcontlen, seqlen;
+ ASN1_STRING *strtmp;
+ const ASN1_COMPAT_FUNCS *cf;
+ const ASN1_EXTERN_FUNCS *ef;
+ const ASN1_AUX *aux = it->funcs;
+ ASN1_aux_cb *asn1_cb;
+ if((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval) return 0;
+ if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb;
+ else asn1_cb = 0;
+
+ switch(it->itype) {
+
+ case ASN1_ITYPE_PRIMITIVE:
+ if(it->templates)
+ return ASN1_template_i2d(pval, out, it->templates);
+ return asn1_i2d_ex_primitive(pval, out, it, tag, aclass);
+ break;
+
+ case ASN1_ITYPE_MSTRING:
+ strtmp = (ASN1_STRING *)*pval;
+ return asn1_i2d_ex_primitive(pval, out, it, -1, 0);
+
+ case ASN1_ITYPE_CHOICE:
+ if(asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it))
+ return 0;
+ i = asn1_get_choice_selector(pval, it);
+ if((i >= 0) && (i < it->tcount)) {
+ ASN1_VALUE **pchval;
+ const ASN1_TEMPLATE *chtt;
+ chtt = it->templates + i;
+ pchval = asn1_get_field_ptr(pval, chtt);
+ return ASN1_template_i2d(pchval, out, chtt);
+ }
+ /* Fixme: error condition if selector out of range */
+ if(asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it))
+ return 0;
+ break;
+
+ case ASN1_ITYPE_EXTERN:
+ /* If new style i2d it does all the work */
+ ef = it->funcs;
+ return ef->asn1_ex_i2d(pval, out, it, tag, aclass);
+
+ case ASN1_ITYPE_COMPAT:
+ /* old style hackery... */
+ cf = it->funcs;
+ if(out) p = *out;
+ i = cf->asn1_i2d(*pval, out);
+ /* Fixup for IMPLICIT tag: note this messes up for tags > 30,
+ * but so did the old code. Tags > 30 are very rare anyway.
+ */
+ if(out && (tag != -1))
+ *p = aclass | tag | (*p & V_ASN1_CONSTRUCTED);
+ return i;
+
+ case ASN1_ITYPE_SEQUENCE:
+ i = asn1_enc_restore(&seqcontlen, out, pval, it);
+ /* An error occurred */
+ if(i < 0) return 0;
+ /* We have a valid cached encoding... */
+ if(i > 0) return seqcontlen;
+ /* Otherwise carry on */
+ seqcontlen = 0;
+ /* If no IMPLICIT tagging set to SEQUENCE, UNIVERSAL */
+ if(tag == -1) {
+ tag = V_ASN1_SEQUENCE;
+ aclass = V_ASN1_UNIVERSAL;
+ }
+ if(asn1_cb && !asn1_cb(ASN1_OP_I2D_PRE, pval, it))
+ return 0;
+ /* First work out sequence content length */
+ for(i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
+ const ASN1_TEMPLATE *seqtt;
+ ASN1_VALUE **pseqval;
+ seqtt = asn1_do_adb(pval, tt, 1);
+ if(!seqtt) return 0;
+ pseqval = asn1_get_field_ptr(pval, seqtt);
+ /* FIXME: check for errors in enhanced version */
+ /* FIXME: special handling of indefinite length encoding */
+ seqcontlen += ASN1_template_i2d(pseqval, NULL, seqtt);
+ }
+ seqlen = ASN1_object_size(1, seqcontlen, tag);
+ if(!out) return seqlen;
+ /* Output SEQUENCE header */
+ ASN1_put_object(out, 1, seqcontlen, tag, aclass);
+ for(i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
+ const ASN1_TEMPLATE *seqtt;
+ ASN1_VALUE **pseqval;
+ seqtt = asn1_do_adb(pval, tt, 1);
+ if(!seqtt) return 0;
+ pseqval = asn1_get_field_ptr(pval, seqtt);
+ /* FIXME: check for errors in enhanced version */
+ ASN1_template_i2d(pseqval, out, seqtt);
+ }
+ if(asn1_cb && !asn1_cb(ASN1_OP_I2D_POST, pval, it))
+ return 0;
+ return seqlen;
+
+ default:
+ return 0;
+ }
+ return 0;
+}
+
+int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, const ASN1_TEMPLATE *tt)
+{
+ int i, ret, flags, aclass;
+ flags = tt->flags;
+ aclass = flags & ASN1_TFLG_TAG_CLASS;
+ if(flags & ASN1_TFLG_SK_MASK) {
+ /* SET OF, SEQUENCE OF */
+ STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
+ int isset, sktag, skaclass;
+ int skcontlen, sklen;
+ ASN1_VALUE *skitem;
+ if(!*pval) return 0;
+ isset = flags & ASN1_TFLG_SET_OF;
+ /* First work out inner tag value */
+ if(flags & ASN1_TFLG_IMPTAG) {
+ sktag = tt->tag;
+ skaclass = aclass;
+ } else {
+ skaclass = V_ASN1_UNIVERSAL;
+ if(isset) sktag = V_ASN1_SET;
+ else sktag = V_ASN1_SEQUENCE;
+ }
+ /* Now work out length of items */
+ skcontlen = 0;
+ for(i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
+ skitem = sk_ASN1_VALUE_value(sk, i);
+ skcontlen += ASN1_item_ex_i2d(&skitem, NULL, tt->item, -1, 0);
+ }
+ sklen = ASN1_object_size(1, skcontlen, sktag);
+ /* If EXPLICIT need length of surrounding tag */
+ if(flags & ASN1_TFLG_EXPTAG)
+ ret = ASN1_object_size(1, sklen, tt->tag);
+ else ret = sklen;
+
+ if(!out) return ret;
+
+ /* Now encode this lot... */
+ /* EXPLICIT tag */
+ if(flags & ASN1_TFLG_EXPTAG)
+ ASN1_put_object(out, 1, sklen, tt->tag, aclass);
+ /* SET or SEQUENCE and IMPLICIT tag */
+ ASN1_put_object(out, 1, skcontlen, sktag, skaclass);
+ /* And finally the stuff itself */
+ asn1_set_seq_out(sk, out, skcontlen, tt->item, isset);
+
+ return ret;
+ }
+
+ if(flags & ASN1_TFLG_EXPTAG) {
+ /* EXPLICIT tagging */
+ /* Find length of tagged item */
+ i = ASN1_item_ex_i2d(pval, NULL, tt->item, -1, 0);
+ if(!i) return 0;
+ /* Find length of EXPLICIT tag */
+ ret = ASN1_object_size(1, i, tt->tag);
+ if(out) {
+ /* Output tag and item */
+ ASN1_put_object(out, 1, i, tt->tag, aclass);
+ ASN1_item_ex_i2d(pval, out, tt->item, -1, 0);
+ }
+ return ret;
+ }
+ if(flags & ASN1_TFLG_IMPTAG) {
+ /* IMPLICIT tagging */
+ return ASN1_item_ex_i2d(pval, out, tt->item, tt->tag, aclass);
+ }
+ /* Nothing special: treat as normal */
+ return ASN1_item_ex_i2d(pval, out, tt->item, -1, 0);
+}
+
+/* Temporary structure used to hold DER encoding of items for SET OF */
+
+typedef struct {
+ unsigned char *data;
+ int length;
+} DER_ENC;
+
+static int der_cmp(const void *a, const void *b)
+{
+ const DER_ENC *d1 = a, *d2 = b;
+ int cmplen, i;
+ cmplen = (d1->length < d2->length) ? d1->length : d2->length;
+ i = memcmp(d1->data, d2->data, cmplen);
+ if(i) return i;
+ return d1->length - d2->length;
+}
+
+/* Output the content octets of SET OF or SEQUENCE OF */
+
+static int asn1_set_seq_out(STACK_OF(ASN1_VALUE) *sk, unsigned char **out, int skcontlen, const ASN1_ITEM *item, int do_sort)
+{
+ int i;
+ ASN1_VALUE *skitem;
+ unsigned char *tmpdat, *p;
+ DER_ENC *derlst, *tder;
+ if(do_sort) {
+ /* Don't need to sort less than 2 items */
+ if(sk_ASN1_VALUE_num(sk) < 2) do_sort = 0;
+ else {
+ derlst = OPENSSL_malloc(sk_ASN1_VALUE_num(sk) * sizeof(*derlst));
+ tmpdat = OPENSSL_malloc(skcontlen);
+ if(!derlst || !tmpdat) return 0;
+ }
+ }
+ /* If not sorting just output each item */
+ if(!do_sort) {
+ for(i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
+ skitem = sk_ASN1_VALUE_value(sk, i);
+ ASN1_item_i2d(skitem, out, item);
+ }
+ return 1;
+ }
+ p = tmpdat;
+ /* Doing sort: build up a list of each member's DER encoding */
+ for(i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
+ skitem = sk_ASN1_VALUE_value(sk, i);
+ tder->data = p;
+ tder->length = ASN1_item_i2d(skitem, &p, item);
+ }
+ /* Now sort them */
+ qsort(derlst, sk_ASN1_VALUE_num(sk), sizeof(*derlst), der_cmp);
+ /* Output sorted DER encoding */
+ p = *out;
+ for(i = 0, tder = derlst; i < sk_ASN1_VALUE_num(sk); i++, tder++) {
+ memcpy(p, tder->data, tder->length);
+ p += tder->length;
+ }
+ *out = p;
+ OPENSSL_free(derlst);
+ OPENSSL_free(tmpdat);
+ return 1;
+}
+
+static int asn1_i2d_ex_primitive(ASN1_VALUE **pval, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass)
+{
+ int len;
+ int utype;
+ int usetag;
+
+ utype = it->utype;
+
+ /* Get length of content octets and maybe find
+ * out the underlying type.
+ */
+
+ len = asn1_ex_i2c(pval, NULL, &utype, it);
+
+ /* If SEQUENCE, SET or OTHER then header is
+ * included in pseudo content octets so don't
+ * include tag+length. We need to check here
+ * because the call to asn1_ex_i2c() could change
+ * utype.
+ */
+ if((utype == V_ASN1_SEQUENCE) || (utype == V_ASN1_SET) ||
+ (utype == V_ASN1_OTHER))
+ usetag = 0;
+ else usetag = 1;
+
+ /* -1 means omit type */
+
+ if(len == -1) return 0;
+
+ /* If not implicitly tagged get tag from underlying type */
+ if(tag == -1) tag = utype;
+
+ /* Output tag+length followed by content octets */
+ if(out) {
+ if(usetag) ASN1_put_object(out, 0, len, tag, aclass);
+ asn1_ex_i2c(pval, *out, &utype, it);
+ *out += len;
+ }
+
+ if(usetag) return ASN1_object_size(0, len, tag);
+ return len;
+}
+
+/* Produce content octets from a structure */
+
+int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cout, int *putype, const ASN1_ITEM *it)
+{
+ ASN1_BOOLEAN *tbool = NULL;
+ ASN1_STRING *strtmp;
+ ASN1_OBJECT *otmp;
+ int utype;
+ unsigned char *cont, c;
+ int len;
+ const ASN1_PRIMITIVE_FUNCS *pf;
+ pf = it->funcs;
+ if(pf && pf->prim_i2c) return pf->prim_i2c(pval, cout, putype, it);
+
+ /* Should type be omitted? */
+ if((it->itype != ASN1_ITYPE_PRIMITIVE) || (it->utype != V_ASN1_BOOLEAN)) {
+ if(!*pval) return -1;
+ }
+
+ if(it->itype == ASN1_ITYPE_MSTRING) {
+ /* If MSTRING type set the underlying type */
+ strtmp = (ASN1_STRING *)*pval;
+ utype = strtmp->type;
+ *putype = utype;
+ } else if(it->utype == V_ASN1_ANY) {
+ /* If ANY set type and pointer to value */
+ ASN1_TYPE *typ;
+ typ = (ASN1_TYPE *)*pval;
+ utype = typ->type;
+ *putype = utype;
+ pval = (ASN1_VALUE **)&typ->value.ptr;
+ } else utype = *putype;
+
+ switch(utype) {
+ case V_ASN1_OBJECT:
+ otmp = (ASN1_OBJECT *)*pval;
+ cont = otmp->data;
+ len = otmp->length;
+ break;
+
+ case V_ASN1_NULL:
+ cont = NULL;
+ len = 0;
+ break;
+
+ case V_ASN1_BOOLEAN:
+ tbool = (ASN1_BOOLEAN *)pval;
+ if(*tbool == -1) return -1;
+ /* Default handling if value == size field then omit */
+ if(*tbool && (it->size > 0)) return -1;
+ if(!*tbool && !it->size) return -1;
+ c = (unsigned char)*tbool;
+ cont = &c;
+ len = 1;
+ break;
+
+ case V_ASN1_BIT_STRING:
+ return i2c_ASN1_BIT_STRING((ASN1_BIT_STRING *)*pval, cout ? &cout : NULL);
+ break;
+
+ case V_ASN1_INTEGER:
+ case V_ASN1_NEG_INTEGER:
+ case V_ASN1_ENUMERATED:
+ case V_ASN1_NEG_ENUMERATED:
+ /* These are all have the same content format
+ * as ASN1_INTEGER
+ */
+ return i2c_ASN1_INTEGER((ASN1_INTEGER *)*pval, cout ? &cout : NULL);
+ break;
+
+ case V_ASN1_OCTET_STRING:
+ case V_ASN1_NUMERICSTRING:
+ case V_ASN1_PRINTABLESTRING:
+ case V_ASN1_T61STRING:
+ case V_ASN1_VIDEOTEXSTRING:
+ case V_ASN1_IA5STRING:
+ case V_ASN1_UTCTIME:
+ case V_ASN1_GENERALIZEDTIME:
+ case V_ASN1_GRAPHICSTRING:
+ case V_ASN1_VISIBLESTRING:
+ case V_ASN1_GENERALSTRING:
+ case V_ASN1_UNIVERSALSTRING:
+ case V_ASN1_BMPSTRING:
+ case V_ASN1_UTF8STRING:
+ case V_ASN1_SEQUENCE:
+ case V_ASN1_SET:
+ default:
+ /* All based on ASN1_STRING and handled the same */
+ strtmp = (ASN1_STRING *)*pval;
+ cont = strtmp->data;
+ len = strtmp->length;
+
+ break;
+
+ }
+ if(cout && len) memcpy(cout, cont, len);
+ return len;
+}
diff --git a/crypto/asn1/tasn_fre.c b/crypto/asn1/tasn_fre.c
new file mode 100644
index 0000000..75a4a6f
--- /dev/null
+++ b/crypto/asn1/tasn_fre.c
@@ -0,0 +1,225 @@
+/* tasn_fre.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+
+#include <stddef.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/objects.h>
+
+static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine);
+
+/* Free up an ASN1 structure */
+
+void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it)
+{
+ asn1_item_combine_free(&val, it, 0);
+}
+
+void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ asn1_item_combine_free(pval, it, 0);
+}
+
+static void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine)
+{
+ const ASN1_TEMPLATE *tt = NULL, *seqtt;
+ const ASN1_EXTERN_FUNCS *ef;
+ const ASN1_COMPAT_FUNCS *cf;
+ const ASN1_AUX *aux = it->funcs;
+ ASN1_aux_cb *asn1_cb;
+ int i;
+ if(!pval) return;
+ if((it->itype != ASN1_ITYPE_PRIMITIVE) && !*pval) return;
+ if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb;
+ else asn1_cb = 0;
+
+ switch(it->itype) {
+
+ case ASN1_ITYPE_PRIMITIVE:
+ if(it->templates) ASN1_template_free(pval, it->templates);
+ else ASN1_primitive_free(pval, it);
+ break;
+
+ case ASN1_ITYPE_MSTRING:
+ ASN1_primitive_free(pval, it);
+ break;
+
+ case ASN1_ITYPE_CHOICE:
+ if(asn1_cb) {
+ i = asn1_cb(ASN1_OP_FREE_PRE, pval, it);
+ if(i == 2) return;
+ }
+ i = asn1_get_choice_selector(pval, it);
+ if(asn1_cb) asn1_cb(ASN1_OP_FREE_PRE, pval, it);
+ if((i >= 0) && (i < it->tcount)) {
+ ASN1_VALUE **pchval;
+ tt = it->templates + i;
+ pchval = asn1_get_field_ptr(pval, tt);
+ ASN1_template_free(pchval, tt);
+ }
+ if(asn1_cb) asn1_cb(ASN1_OP_FREE_POST, pval, it);
+ if(!combine) {
+ OPENSSL_free(*pval);
+ *pval = NULL;
+ }
+ break;
+
+ case ASN1_ITYPE_COMPAT:
+ cf = it->funcs;
+ if(cf && cf->asn1_free) cf->asn1_free(*pval);
+ break;
+
+ case ASN1_ITYPE_EXTERN:
+ ef = it->funcs;
+ if(ef && ef->asn1_ex_free) ef->asn1_ex_free(pval, it);
+ break;
+
+ case ASN1_ITYPE_SEQUENCE:
+ if(asn1_do_lock(pval, -1, it) > 0) return;
+ if(asn1_cb) {
+ i = asn1_cb(ASN1_OP_FREE_PRE, pval, it);
+ if(i == 2) return;
+ }
+ asn1_enc_free(pval, it);
+ /* If we free up as normal we will invalidate any
+ * ANY DEFINED BY field and we wont be able to
+ * determine the type of the field it defines. So
+ * free up in reverse order.
+ */
+ tt = it->templates + it->tcount - 1;
+ for(i = 0; i < it->tcount; tt--, i++) {
+ ASN1_VALUE **pseqval;
+ seqtt = asn1_do_adb(pval, tt, 0);
+ if(!seqtt) continue;
+ pseqval = asn1_get_field_ptr(pval, seqtt);
+ ASN1_template_free(pseqval, seqtt);
+ }
+ if(asn1_cb) asn1_cb(ASN1_OP_FREE_POST, pval, it);
+ if(!combine) {
+ OPENSSL_free(*pval);
+ *pval = NULL;
+ }
+ break;
+ }
+}
+
+void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
+{
+ int i;
+ if(tt->flags & ASN1_TFLG_SK_MASK) {
+ STACK_OF(ASN1_VALUE) *sk = (STACK_OF(ASN1_VALUE) *)*pval;
+ for(i = 0; i < sk_ASN1_VALUE_num(sk); i++) {
+ ASN1_VALUE *vtmp;
+ vtmp = sk_ASN1_VALUE_value(sk, i);
+ asn1_item_combine_free(&vtmp, tt->item, 0);
+ }
+ sk_ASN1_VALUE_free(sk);
+ *pval = NULL;
+ } else asn1_item_combine_free(pval, tt->item, tt->flags & ASN1_TFLG_COMBINE);
+}
+
+void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ int utype;
+ if(it) {
+ const ASN1_PRIMITIVE_FUNCS *pf;
+ pf = it->funcs;
+ if(pf && pf->prim_free) {
+ pf->prim_free(pval, it);
+ return;
+ }
+ }
+ /* Special case: if 'it' is NULL free contents of ASN1_TYPE */
+ if(!it) {
+ ASN1_TYPE *typ = (ASN1_TYPE *)*pval;
+ utype = typ->type;
+ pval = (ASN1_VALUE **)&typ->value.ptr;
+ if(!*pval) return;
+ } else if(it->itype == ASN1_ITYPE_MSTRING) {
+ utype = -1;
+ if(!*pval) return;
+ } else {
+ utype = it->utype;
+ if((utype != V_ASN1_BOOLEAN) && !*pval) return;
+ }
+
+ switch(utype) {
+ case V_ASN1_OBJECT:
+ ASN1_OBJECT_free((ASN1_OBJECT *)*pval);
+ break;
+
+ case V_ASN1_BOOLEAN:
+ *(ASN1_BOOLEAN *)pval = it->size;
+ return;
+
+ case V_ASN1_NULL:
+ break;
+
+ case V_ASN1_ANY:
+ ASN1_primitive_free(pval, NULL);
+ OPENSSL_free(*pval);
+ break;
+
+ default:
+ ASN1_STRING_free((ASN1_STRING *)*pval);
+ *pval = NULL;
+ break;
+ }
+ *pval = NULL;
+}
diff --git a/crypto/asn1/tasn_new.c b/crypto/asn1/tasn_new.c
new file mode 100644
index 0000000..d6f1155
--- /dev/null
+++ b/crypto/asn1/tasn_new.c
@@ -0,0 +1,313 @@
+/* tasn_new.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+
+#include <stddef.h>
+#include <openssl/asn1.h>
+#include <openssl/objects.h>
+#include <openssl/err.h>
+#include <openssl/asn1t.h>
+
+static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine);
+static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
+static void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt);
+void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it);
+
+ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it)
+{
+ ASN1_VALUE *ret = NULL;
+ if(ASN1_item_ex_new(&ret, it) > 0) return ret;
+ return NULL;
+}
+
+/* Allocate an ASN1 structure */
+
+int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ return asn1_item_ex_combine_new(pval, it, 0);
+}
+
+static int asn1_item_ex_combine_new(ASN1_VALUE **pval, const ASN1_ITEM *it, int combine)
+{
+ const ASN1_TEMPLATE *tt = NULL;
+ const ASN1_COMPAT_FUNCS *cf;
+ const ASN1_EXTERN_FUNCS *ef;
+ const ASN1_AUX *aux = it->funcs;
+ ASN1_aux_cb *asn1_cb;
+ ASN1_VALUE **pseqval;
+ int i;
+ if(aux && aux->asn1_cb) asn1_cb = aux->asn1_cb;
+ else asn1_cb = 0;
+
+ if(!combine) *pval = NULL;
+
+ switch(it->itype) {
+
+ case ASN1_ITYPE_EXTERN:
+ ef = it->funcs;
+ if(ef && ef->asn1_ex_new) {
+ if(!ef->asn1_ex_new(pval, it))
+ goto memerr;
+ }
+ break;
+
+ case ASN1_ITYPE_COMPAT:
+ cf = it->funcs;
+ if(cf && cf->asn1_new) {
+ *pval = cf->asn1_new();
+ if(!*pval) goto memerr;
+ }
+ break;
+
+ case ASN1_ITYPE_PRIMITIVE:
+ if(it->templates) {
+ if(!ASN1_template_new(pval, it->templates))
+ goto memerr;
+ } else {
+ if(!ASN1_primitive_new(pval, it))
+ goto memerr;
+ }
+ break;
+
+ case ASN1_ITYPE_MSTRING:
+ if(!ASN1_primitive_new(pval, it))
+ goto memerr;
+ break;
+
+ case ASN1_ITYPE_CHOICE:
+ if(asn1_cb) {
+ i = asn1_cb(ASN1_OP_NEW_PRE, pval, it);
+ if(!i) goto auxerr;
+ if(i==2) return 1;
+ }
+ if(!combine) {
+ *pval = OPENSSL_malloc(it->size);
+ if(!*pval) goto memerr;
+ memset(*pval, 0, it->size);
+ }
+ asn1_set_choice_selector(pval, -1, it);
+ if(asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it))
+ goto auxerr;
+ break;
+
+ case ASN1_ITYPE_SEQUENCE:
+ if(asn1_cb) {
+ i = asn1_cb(ASN1_OP_NEW_PRE, pval, it);
+ if(!i) goto auxerr;
+ if(i==2) return 1;
+ }
+ if(!combine) {
+ *pval = OPENSSL_malloc(it->size);
+ if(!*pval) goto memerr;
+ memset(*pval, 0, it->size);
+ asn1_do_lock(pval, 0, it);
+ asn1_enc_init(pval, it);
+ }
+ for(i = 0, tt = it->templates; i < it->tcount; tt++, i++) {
+ pseqval = asn1_get_field_ptr(pval, tt);
+ if(!ASN1_template_new(pseqval, tt)) goto memerr;
+ }
+ if(asn1_cb && !asn1_cb(ASN1_OP_NEW_POST, pval, it))
+ goto auxerr;
+ break;
+ }
+ return 1;
+
+ memerr:
+ ASN1err(ASN1_F_ASN1_ITEM_NEW, ERR_R_MALLOC_FAILURE);
+ return 0;
+
+ auxerr:
+ ASN1err(ASN1_F_ASN1_ITEM_NEW, ASN1_R_AUX_ERROR);
+ ASN1_item_ex_free(pval, it);
+ return 0;
+
+}
+
+static void asn1_item_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ const ASN1_EXTERN_FUNCS *ef;
+
+ switch(it->itype) {
+
+ case ASN1_ITYPE_EXTERN:
+ ef = it->funcs;
+ if(ef && ef->asn1_ex_clear)
+ ef->asn1_ex_clear(pval, it);
+ else *pval = NULL;
+ break;
+
+
+ case ASN1_ITYPE_PRIMITIVE:
+ if(it->templates)
+ asn1_template_clear(pval, it->templates);
+ else
+ asn1_primitive_clear(pval, it);
+ break;
+
+ case ASN1_ITYPE_MSTRING:
+ asn1_primitive_clear(pval, it);
+ break;
+
+ case ASN1_ITYPE_COMPAT:
+ case ASN1_ITYPE_CHOICE:
+ case ASN1_ITYPE_SEQUENCE:
+ *pval = NULL;
+ break;
+ }
+}
+
+
+int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
+{
+ const ASN1_ITEM *it = tt->item;
+ if(tt->flags & ASN1_TFLG_OPTIONAL) {
+ asn1_template_clear(pval, tt);
+ return 1;
+ }
+ /* If ANY DEFINED BY nothing to do */
+
+ if(tt->flags & ASN1_TFLG_ADB_MASK) {
+ *pval = NULL;
+ return 1;
+ }
+ /* If SET OF or SEQUENCE OF, its a STACK */
+ if(tt->flags & ASN1_TFLG_SK_MASK) {
+ STACK_OF(ASN1_VALUE) *skval;
+ skval = sk_ASN1_VALUE_new_null();
+ if(!skval) {
+ ASN1err(ASN1_F_ASN1_TEMPLATE_NEW, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ *pval = (ASN1_VALUE *)skval;
+ return 1;
+ }
+ /* Otherwise pass it back to the item routine */
+ return asn1_item_ex_combine_new(pval, it, tt->flags & ASN1_TFLG_COMBINE);
+}
+
+void asn1_template_clear(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
+{
+ /* If ADB or STACK just NULL the field */
+ if(tt->flags & (ASN1_TFLG_ADB_MASK|ASN1_TFLG_SK_MASK))
+ *pval = NULL;
+ else
+ asn1_item_clear(pval, tt->item);
+}
+
+
+/* NB: could probably combine most of the real XXX_new() behaviour and junk all the old
+ * functions.
+ */
+
+int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ ASN1_TYPE *typ;
+ int utype;
+ const ASN1_PRIMITIVE_FUNCS *pf;
+ pf = it->funcs;
+ if(pf && pf->prim_new) return pf->prim_new(pval, it);
+ if(!it || (it->itype == ASN1_ITYPE_MSTRING)) utype = -1;
+ else utype = it->utype;
+ switch(utype) {
+ case V_ASN1_OBJECT:
+ *pval = (ASN1_VALUE *)OBJ_nid2obj(NID_undef);
+ return 1;
+
+ case V_ASN1_BOOLEAN:
+ *(ASN1_BOOLEAN *)pval = it->size;
+ return 1;
+
+ case V_ASN1_NULL:
+ *pval = (ASN1_VALUE *)1;
+ return 1;
+
+ case V_ASN1_ANY:
+ typ = OPENSSL_malloc(sizeof(ASN1_TYPE));
+ if(!typ) return 0;
+ typ->value.ptr = NULL;
+ typ->type = -1;
+ *pval = (ASN1_VALUE *)typ;
+ break;
+
+ default:
+ *pval = (ASN1_VALUE *)ASN1_STRING_type_new(utype);
+ break;
+ }
+ if(*pval) return 1;
+ return 0;
+}
+
+void asn1_primitive_clear(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ int utype;
+ const ASN1_PRIMITIVE_FUNCS *pf;
+ pf = it->funcs;
+ if(pf) {
+ if(pf->prim_clear)
+ pf->prim_clear(pval, it);
+ else
+ *pval = NULL;
+ return;
+ }
+ if(!it || (it->itype == ASN1_ITYPE_MSTRING)) utype = -1;
+ else utype = it->utype;
+ if(utype == V_ASN1_BOOLEAN)
+ *(ASN1_BOOLEAN *)pval = it->size;
+ else *pval = NULL;
+}
diff --git a/crypto/asn1/tasn_prn.c b/crypto/asn1/tasn_prn.c
new file mode 100644
index 0000000..a0c71ea
--- /dev/null
+++ b/crypto/asn1/tasn_prn.c
@@ -0,0 +1,196 @@
+/* tasn_prn.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+
+#include <stddef.h>
+#include <openssl/asn1.h>
+#include <openssl/objects.h>
+#include <openssl/buffer.h>
+#include <openssl/err.h>
+#include <openssl/nasn.h>
+
+/* Print routines. Print out a whole structure from a template.
+ */
+
+static int asn1_item_print_nm(BIO *out, void *fld, int indent, const ASN1_ITEM *it, const char *name);
+
+int ASN1_item_print(BIO *out, void *fld, int indent, const ASN1_ITEM *it)
+{
+ return asn1_item_print_nm(out, fld, indent, it, it->sname);
+}
+
+static int asn1_item_print_nm(BIO *out, void *fld, int indent, const ASN1_ITEM *it, const char *name)
+{
+ ASN1_STRING *str;
+ const ASN1_TEMPLATE *tt;
+ void *tmpfld;
+ int i;
+ if(!fld) {
+ BIO_printf(out, "%*s%s ABSENT\n", indent, "", name);
+ return 1;
+ }
+ switch(it->itype) {
+
+ case ASN1_ITYPE_PRIMITIVE:
+ if(it->templates)
+ return ASN1_template_print(out, fld, indent, it->templates);
+ return asn1_primitive_print(out, fld, it->utype, indent, name);
+ break;
+
+ case ASN1_ITYPE_MSTRING:
+ str = fld;
+ return asn1_primitive_print(out, fld, str->type, indent, name);
+
+ case ASN1_ITYPE_EXTERN:
+ BIO_printf(out, "%*s%s:EXTERNAL TYPE %s %s\n", indent, "", name, it->sname, fld ? "" : "ABSENT");
+ return 1;
+ case ASN1_ITYPE_COMPAT:
+ BIO_printf(out, "%*s%s:COMPATIBLE TYPE %s %s\n", indent, "", name, it->sname, fld ? "" : "ABSENT");
+ return 1;
+
+
+ case ASN1_ITYPE_CHOICE:
+ /* CHOICE type, get selector */
+ i = asn1_get_choice_selector(fld, it);
+ /* This should never happen... */
+ if((i < 0) || (i >= it->tcount)) {
+ BIO_printf(out, "%s selector [%d] out of range\n", it->sname, i);
+ return 1;
+ }
+ tt = it->templates + i;
+ tmpfld = asn1_get_field(fld, tt);
+ return ASN1_template_print(out, tmpfld, indent, tt);
+
+ case ASN1_ITYPE_SEQUENCE:
+ BIO_printf(out, "%*s%s {\n", indent, "", name);
+ /* Get each field entry */
+ for(i = 0, tt = it->templates; i < it->tcount; i++, tt++) {
+ tmpfld = asn1_get_field(fld, tt);
+ ASN1_template_print(out, tmpfld, indent + 2, tt);
+ }
+ BIO_printf(out, "%*s}\n", indent, "");
+ return 1;
+
+ default:
+ return 0;
+ }
+}
+
+int ASN1_template_print(BIO *out, void *fld, int indent, const ASN1_TEMPLATE *tt)
+{
+ int i, flags;
+ //if(!fld) return 0;
+ flags = tt->flags;
+ if(flags & ASN1_TFLG_SK_MASK) {
+ char *tname;
+ void *skitem;
+ /* SET OF, SEQUENCE OF */
+ if(flags & ASN1_TFLG_SET_OF) tname = "SET";
+ else tname = "SEQUENCE";
+ if(fld) {
+ BIO_printf(out, "%*s%s OF %s {\n", indent, "", tname, tt->field_name);
+ for(i = 0; i < sk_num(fld); i++) {
+ skitem = sk_value(fld, i);
+ asn1_item_print_nm(out, skitem, indent + 2, tt->item, "");
+ }
+ BIO_printf(out, "%*s}\n", indent, "");
+ } else
+ BIO_printf(out, "%*s%s OF %s ABSENT\n", indent, "", tname, tt->field_name);
+ return 1;
+ }
+ return asn1_item_print_nm(out, fld, indent, tt->item, tt->field_name);
+}
+
+static int asn1_primitive_print(BIO *out, void *fld, long utype, int indent, const char *name)
+{
+ ASN1_STRING *str = fld;
+ if(fld) {
+ if(utype == V_ASN1_BOOLEAN) {
+ int *bool = fld;
+if(*bool == -1) printf("BOOL MISSING\n");
+ BIO_printf(out, "%*s%s:%s", indent, "", "BOOLEAN", *bool ? "TRUE" : "FALSE");
+ } else if((utype == V_ASN1_INTEGER)
+ || (utype == V_ASN1_ENUMERATED)) {
+ char *s, *nm;
+ s = i2s_ASN1_INTEGER(NULL, fld);
+ if(utype == V_ASN1_INTEGER) nm = "INTEGER";
+ else nm = "ENUMERATED";
+ BIO_printf(out, "%*s%s:%s", indent, "", nm, s);
+ OPENSSL_free(s);
+ } else if(utype == V_ASN1_NULL) {
+ BIO_printf(out, "%*s%s", indent, "", "NULL");
+ } else if(utype == V_ASN1_UTCTIME) {
+ BIO_printf(out, "%*s%s:%s:", indent, "", name, "UTCTIME");
+ ASN1_UTCTIME_print(out, str);
+ } else if(utype == V_ASN1_GENERALIZEDTIME) {
+ BIO_printf(out, "%*s%s:%s:", indent, "", name, "GENERALIZEDTIME");
+ ASN1_GENERALIZEDTIME_print(out, str);
+ } else if(utype == V_ASN1_OBJECT) {
+ char objbuf[80], *ln;
+ ln = OBJ_nid2ln(OBJ_obj2nid(fld));
+ if(!ln) ln = "";
+ OBJ_obj2txt(objbuf, 80, fld, 1);
+ BIO_printf(out, "%*s%s:%s (%s)", indent, "", "OBJECT", ln, objbuf);
+ } else {
+ BIO_printf(out, "%*s%s:", indent, "", name);
+ ASN1_STRING_print_ex(out, str, ASN1_STRFLGS_DUMP_UNKNOWN|ASN1_STRFLGS_SHOW_TYPE);
+ }
+ BIO_printf(out, "\n");
+ } else BIO_printf(out, "%*s%s [ABSENT]\n", indent, "", name);
+ return 1;
+}
diff --git a/crypto/asn1/tasn_typ.c b/crypto/asn1/tasn_typ.c
new file mode 100644
index 0000000..188311c
--- /dev/null
+++ b/crypto/asn1/tasn_typ.c
@@ -0,0 +1,130 @@
+/* tasn_typ.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <stdio.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+
+/* Declarations for string types */
+
+
+IMPLEMENT_ASN1_TYPE(ASN1_INTEGER)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_INTEGER)
+
+IMPLEMENT_ASN1_TYPE(ASN1_ENUMERATED)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_ENUMERATED)
+
+IMPLEMENT_ASN1_TYPE(ASN1_BIT_STRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_BIT_STRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_OCTET_STRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_OCTET_STRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_NULL)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_NULL)
+
+IMPLEMENT_ASN1_TYPE(ASN1_OBJECT)
+
+IMPLEMENT_ASN1_TYPE(ASN1_UTF8STRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_UTF8STRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_PRINTABLESTRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_T61STRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_T61STRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_IA5STRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_IA5STRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_UTCTIME)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_UTCTIME)
+
+IMPLEMENT_ASN1_TYPE(ASN1_GENERALIZEDTIME)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME)
+
+IMPLEMENT_ASN1_TYPE(ASN1_VISIBLESTRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_VISIBLESTRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_UNIVERSALSTRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_BMPSTRING)
+IMPLEMENT_ASN1_FUNCTIONS(ASN1_BMPSTRING)
+
+IMPLEMENT_ASN1_TYPE(ASN1_ANY)
+
+/* Just swallow an ASN1_SEQUENCE in an ASN1_STRING */
+IMPLEMENT_ASN1_TYPE(ASN1_SEQUENCE)
+
+IMPLEMENT_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE)
+
+/* Multistring types */
+
+IMPLEMENT_ASN1_MSTRING(ASN1_PRINTABLE, B_ASN1_PRINTABLE)
+IMPLEMENT_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE)
+
+IMPLEMENT_ASN1_MSTRING(DISPLAYTEXT, B_ASN1_DISPLAYTEXT)
+IMPLEMENT_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT)
+
+IMPLEMENT_ASN1_MSTRING(DIRECTORYSTRING, B_ASN1_DIRECTORYSTRING)
+IMPLEMENT_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING)
+
+/* Three separate BOOLEAN type: normal, DEFAULT TRUE and DEFAULT FALSE */
+IMPLEMENT_ASN1_TYPE_ex(ASN1_BOOLEAN, ASN1_BOOLEAN, -1)
+IMPLEMENT_ASN1_TYPE_ex(ASN1_TBOOLEAN, ASN1_BOOLEAN, 1)
+IMPLEMENT_ASN1_TYPE_ex(ASN1_FBOOLEAN, ASN1_BOOLEAN, 0)
diff --git a/crypto/asn1/tasn_utl.c b/crypto/asn1/tasn_utl.c
new file mode 100644
index 0000000..16b2c14
--- /dev/null
+++ b/crypto/asn1/tasn_utl.c
@@ -0,0 +1,252 @@
+/* tasn_utl.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+
+#include <stddef.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/objects.h>
+#include <openssl/err.h>
+
+/* Utility functions for manipulating fields and offsets */
+
+/* Add 'offset' to 'addr' */
+#define offset2ptr(addr, offset) (void *)(((char *) addr) + offset)
+
+/* Given an ASN1_ITEM CHOICE type return
+ * the selector value
+ */
+
+int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ int *sel = offset2ptr(*pval, it->utype);
+ return *sel;
+}
+
+/* Given an ASN1_ITEM CHOICE type set
+ * the selector value, return old value.
+ */
+
+int asn1_set_choice_selector(ASN1_VALUE **pval, int value, const ASN1_ITEM *it)
+{
+ int *sel, ret;
+ sel = offset2ptr(*pval, it->utype);
+ ret = *sel;
+ *sel = value;
+ return ret;
+}
+
+/* Do reference counting. The value 'op' decides what to do.
+ * if it is +1 then the count is incremented. If op is 0 count is
+ * set to 1. If op is -1 count is decremented and the return value
+ * is the current refrence count or 0 if no reference count exists.
+ */
+
+int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it)
+{
+ const ASN1_AUX *aux;
+ int *lck, ret;
+ if(it->itype != ASN1_ITYPE_SEQUENCE) return 0;
+ aux = it->funcs;
+ if(!aux || !(aux->flags & ASN1_AFLG_REFCOUNT)) return 0;
+ lck = offset2ptr(*pval, aux->ref_offset);
+ if(op == 0) {
+ *lck = 1;
+ return 1;
+ }
+ ret = CRYPTO_add(lck, op, aux->ref_lock);
+#ifdef REF_PRINT
+ fprintf(stderr, "%s: Reference Count: %d\n", it->sname, *lck);
+#endif
+#ifdef REF_CHECK
+ if(ret < 0)
+ fprintf(stderr, "%s, bad reference count\n", it->sname);
+#endif
+ return ret;
+}
+
+static ASN1_ENCODING *asn1_get_enc_ptr(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ const ASN1_AUX *aux;
+ if(!pval || !*pval) return NULL;
+ aux = it->funcs;
+ if(!aux || !(aux->flags & ASN1_AFLG_ENCODING)) return NULL;
+ return offset2ptr(*pval, aux->enc_offset);
+}
+
+void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ ASN1_ENCODING *enc;
+ enc = asn1_get_enc_ptr(pval, it);
+ if(enc) {
+ enc->enc = NULL;
+ enc->len = 0;
+ enc->modified = 1;
+ }
+}
+
+void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ ASN1_ENCODING *enc;
+ enc = asn1_get_enc_ptr(pval, it);
+ if(enc) {
+ if(enc->enc) OPENSSL_free(enc->enc);
+ enc->enc = NULL;
+ enc->len = 0;
+ enc->modified = 1;
+ }
+}
+
+int asn1_enc_save(ASN1_VALUE **pval, unsigned char *in, int inlen, const ASN1_ITEM *it)
+{
+ ASN1_ENCODING *enc;
+ enc = asn1_get_enc_ptr(pval, it);
+ if(!enc) return 1;
+
+ if(enc->enc) OPENSSL_free(enc->enc);
+ enc->enc = OPENSSL_malloc(inlen);
+ if(!enc->enc) return 0;
+ memcpy(enc->enc, in, inlen);
+ enc->len = inlen;
+ enc->modified = 0;
+
+ return 1;
+}
+
+int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ ASN1_ENCODING *enc;
+ enc = asn1_get_enc_ptr(pval, it);
+ if(!enc || enc->modified) return 0;
+ if(out) {
+ memcpy(*out, enc->enc, enc->len);
+ *out += enc->len;
+ }
+ if(len) *len = enc->len;
+ return 1;
+}
+
+/* Given an ASN1_TEMPLATE get a pointer to a field */
+ASN1_VALUE ** asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt)
+{
+ ASN1_VALUE **pvaltmp;
+ if(tt->flags & ASN1_TFLG_COMBINE) return pval;
+ pvaltmp = offset2ptr(*pval, tt->offset);
+ /* NOTE for BOOLEAN types the field is just a plain
+ * int so we can't return int **, so settle for
+ * (int *).
+ */
+ return pvaltmp;
+}
+
+/* Handle ANY DEFINED BY template, find the selector, look up
+ * the relevant ASN1_TEMPLATE in the table and return it.
+ */
+
+const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, int nullerr)
+{
+ const ASN1_ADB *adb;
+ const ASN1_ADB_TABLE *atbl;
+ long selector;
+ ASN1_VALUE **sfld;
+ int i;
+ if(!(tt->flags & ASN1_TFLG_ADB_MASK)) return tt;
+
+ /* Else ANY DEFINED BY ... get the table */
+ adb = tt->item;
+
+ /* Get the selector field */
+ sfld = offset2ptr(*pval, adb->offset);
+
+ /* Check if NULL */
+ if(!sfld) {
+ if(!adb->null_tt) goto err;
+ return adb->null_tt;
+ }
+
+ /* Convert type to a long:
+ * NB: don't check for NID_undef here because it
+ * might be a legitimate value in the table
+ */
+ if(tt->flags & ASN1_TFLG_ADB_OID)
+ selector = OBJ_obj2nid((ASN1_OBJECT *)*sfld);
+ else
+ selector = ASN1_INTEGER_get((ASN1_INTEGER *)*sfld);
+
+ /* Try to find matching entry in table
+ * Maybe should check application types first to
+ * allow application override? Might also be useful
+ * to have a flag which indicates table is sorted and
+ * we can do a binary search. For now stick to a
+ * linear search.
+ */
+
+ for(atbl = adb->tbl, i = 0; i < adb->tblcount; i++, atbl++)
+ if(atbl->value == selector) return &atbl->tt;
+
+ /* FIXME: need to search application table too */
+
+ /* No match, return default type */
+ if(!adb->default_tt) goto err;
+ return adb->default_tt;
+
+ err:
+ /* FIXME: should log the value or OID of unsupported type */
+ if(nullerr) ASN1err(ASN1_F_ASN1_DO_ADB, ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE);
+ return NULL;
+}
diff --git a/crypto/asn1/x_algor.c b/crypto/asn1/x_algor.c
index 853a8df..c1cf2a5 100644
--- a/crypto/asn1/x_algor.c
+++ b/crypto/asn1/x_algor.c
@@ -1,118 +1,72 @@
-/* crypto/asn1/x_algor.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
+/* x_algor.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
*
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
* 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
*/
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include <stddef.h>
#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
-int i2d_X509_ALGOR(X509_ALGOR *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
+ASN1_SEQUENCE(X509_ALGOR) = {
+ ASN1_SIMPLE(X509_ALGOR, algorithm, ASN1_OBJECT),
+ ASN1_OPT(X509_ALGOR, parameter, ASN1_ANY)
+} ASN1_SEQUENCE_END(X509_ALGOR);
- M_ASN1_I2D_len(a->algorithm,i2d_ASN1_OBJECT);
- if (a->parameter != NULL)
- { M_ASN1_I2D_len(a->parameter,i2d_ASN1_TYPE); }
-
- M_ASN1_I2D_seq_total();
- M_ASN1_I2D_put(a->algorithm,i2d_ASN1_OBJECT);
- if (a->parameter != NULL)
- { M_ASN1_I2D_put(a->parameter,i2d_ASN1_TYPE); }
-
- M_ASN1_I2D_finish();
- }
-
-X509_ALGOR *d2i_X509_ALGOR(X509_ALGOR **a, unsigned char **pp, long length)
- {
- M_ASN1_D2I_vars(a,X509_ALGOR *,X509_ALGOR_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->algorithm,d2i_ASN1_OBJECT);
- if (!M_ASN1_D2I_end_sequence())
- { M_ASN1_D2I_get(ret->parameter,d2i_ASN1_TYPE); }
- else
- {
- ASN1_TYPE_free(ret->parameter);
- ret->parameter=NULL;
- }
- M_ASN1_D2I_Finish(a,X509_ALGOR_free,ASN1_F_D2I_X509_ALGOR);
- }
-
-X509_ALGOR *X509_ALGOR_new(void)
- {
- X509_ALGOR *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_ALGOR);
- ret->algorithm=OBJ_nid2obj(NID_undef);
- ret->parameter=NULL;
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_ALGOR_NEW);
- }
-
-void X509_ALGOR_free(X509_ALGOR *a)
- {
- if (a == NULL) return;
- ASN1_OBJECT_free(a->algorithm);
- ASN1_TYPE_free(a->parameter);
- OPENSSL_free(a);
- }
+IMPLEMENT_ASN1_FUNCTIONS(X509_ALGOR)
IMPLEMENT_STACK_OF(X509_ALGOR)
IMPLEMENT_ASN1_SET_OF(X509_ALGOR)
diff --git a/crypto/asn1/x_attrib.c b/crypto/asn1/x_attrib.c
index 14e5ea2..3c0d3ab 100644
--- a/crypto/asn1/x_attrib.c
+++ b/crypto/asn1/x_attrib.c
@@ -59,64 +59,41 @@
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
#include <openssl/x509.h>
-/* sequence */
-int i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a, unsigned char **pp)
- {
- int k=0;
- int r=0,ret=0;
- unsigned char **p=NULL;
+/* X509_ATTRIBUTE: this has the following form:
+ *
+ * typedef struct x509_attributes_st
+ * {
+ * ASN1_OBJECT *object;
+ * int single;
+ * union {
+ * char *ptr;
+ * STACK_OF(ASN1_TYPE) *set;
+ * ASN1_TYPE *single;
+ * } value;
+ * } X509_ATTRIBUTE;
+ *
+ * this needs some extra thought because the CHOICE type is
+ * merged with the main structure and because the value can
+ * be anything at all we *must* try the SET OF first because
+ * the ASN1_ANY type will swallow anything including the whole
+ * SET OF structure.
+ */
- if (a == NULL) return(0);
+ASN1_CHOICE(X509_ATTRIBUTE_SET) = {
+ ASN1_SET_OF(X509_ATTRIBUTE, value.set, ASN1_ANY),
+ ASN1_SIMPLE(X509_ATTRIBUTE, value.single, ASN1_ANY)
+} ASN1_CHOICE_END_selector(X509_ATTRIBUTE, X509_ATTRIBUTE_SET, single);
- p=NULL;
- for (;;)
- {
- if (k)
- {
- r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
- if (pp == NULL) return(r);
- p=pp;
- ASN1_put_object(p,1,ret,V_ASN1_SEQUENCE,
- V_ASN1_UNIVERSAL);
- }
+ASN1_SEQUENCE(X509_ATTRIBUTE) = {
+ ASN1_SIMPLE(X509_ATTRIBUTE, object, ASN1_OBJECT),
+ /* CHOICE type merged with parent */
+ ASN1_EX_COMBINE(0, 0, X509_ATTRIBUTE_SET)
+} ASN1_SEQUENCE_END(X509_ATTRIBUTE);
- ret+=i2d_ASN1_OBJECT(a->object,p);
- if (a->set)
- ret+=i2d_ASN1_SET_OF_ASN1_TYPE(a->value.set,p,i2d_ASN1_TYPE,
- V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET);
- else
- ret+=i2d_ASN1_TYPE(a->value.single,p);
- if (k++) return(r);
- }
- }
-
-X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a, unsigned char **pp,
- long length)
- {
- M_ASN1_D2I_vars(a,X509_ATTRIBUTE *,X509_ATTRIBUTE_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
-
- if ((c.slen != 0) &&
- (M_ASN1_next == (V_ASN1_CONSTRUCTED|V_ASN1_UNIVERSAL|V_ASN1_SET)))
- {
- ret->set=1;
- M_ASN1_D2I_get_set_type(ASN1_TYPE,ret->value.set,d2i_ASN1_TYPE,
- ASN1_TYPE_free);
- }
- else
- {
- ret->set=0;
- M_ASN1_D2I_get(ret->value.single,d2i_ASN1_TYPE);
- }
-
- M_ASN1_D2I_Finish(a,X509_ATTRIBUTE_free,ASN1_F_D2I_X509_ATTRIBUTE);
- }
+IMPLEMENT_ASN1_FUNCTIONS(X509_ATTRIBUTE)
X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value)
{
@@ -126,7 +103,7 @@
if ((ret=X509_ATTRIBUTE_new()) == NULL)
return(NULL);
ret->object=OBJ_nid2obj(nid);
- ret->set=1;
+ ret->single=0;
if ((ret->value.set=sk_ASN1_TYPE_new_null()) == NULL) goto err;
if ((val=ASN1_TYPE_new()) == NULL) goto err;
if (!sk_ASN1_TYPE_push(ret->value.set,val)) goto err;
@@ -138,28 +115,3 @@
if (val != NULL) ASN1_TYPE_free(val);
return(NULL);
}
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_new(void)
- {
- X509_ATTRIBUTE *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_ATTRIBUTE);
- ret->object=OBJ_nid2obj(NID_undef);
- ret->set=0;
- ret->value.ptr=NULL;
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_ATTRIBUTE_NEW);
- }
-
-void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a)
- {
- if (a == NULL) return;
- ASN1_OBJECT_free(a->object);
- if (a->set)
- sk_ASN1_TYPE_pop_free(a->value.set,ASN1_TYPE_free);
- else
- ASN1_TYPE_free(a->value.single);
- OPENSSL_free(a);
- }
-
diff --git a/crypto/asn1/x_bignum.c b/crypto/asn1/x_bignum.c
new file mode 100644
index 0000000..6d59f5c
--- /dev/null
+++ b/crypto/asn1/x_bignum.c
@@ -0,0 +1,132 @@
+/* x_bignum.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+
+/* Custom primitive type for BIGNUM handling. This reads in an ASN1_INTEGER as a
+ * BIGNUM directly. Currently it ignores the sign which isn't a problem since all
+ * BIGNUMs used are non negative and anything that looks negative is normally due
+ * to an encoding error.
+ */
+
+#define BN_SENSITIVE 1
+
+static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
+static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
+
+static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
+static int bn_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
+
+static ASN1_PRIMITIVE_FUNCS bignum_pf = {
+ NULL, 0,
+ bn_new,
+ bn_free,
+ 0,
+ bn_c2i,
+ bn_i2c
+};
+
+const ASN1_ITEM BIGNUM_it = { ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &bignum_pf, 0, "BIGNUM"};
+const ASN1_ITEM CBIGNUM_it = { ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &bignum_pf, BN_SENSITIVE, "BIGNUM"};
+
+static int bn_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ *pval = (ASN1_VALUE *)BN_new();
+ if(*pval) return 1;
+ else return 0;
+}
+
+static void bn_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ if(!*pval) return;
+ if(it->size & BN_SENSITIVE) BN_clear_free((BIGNUM *)*pval);
+ else BN_free((BIGNUM *)*pval);
+ *pval = NULL;
+}
+
+static int bn_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it)
+{
+ BIGNUM *bn;
+ int pad;
+ if(!*pval) return -1;
+ bn = (BIGNUM *)*pval;
+ /* If MSB set in an octet we need a padding byte */
+ if(BN_num_bits(bn) & 0x7) pad = 0;
+ else pad = 1;
+ if(cont) {
+ if(pad) *cont++ = 0;
+ BN_bn2bin(bn, cont);
+ }
+ return pad + BN_num_bytes(bn);
+}
+
+static int bn_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it)
+{
+ BIGNUM *bn;
+ if(!*pval) bn_new(pval, it);
+ bn = (BIGNUM *)*pval;
+ if(!BN_bin2bn(cont, len, bn)) {
+ bn_free(pval, it);
+ return 0;
+ }
+ return 1;
+}
+
+
diff --git a/crypto/asn1/x_crl.c b/crypto/asn1/x_crl.c
index 1f302d0..bf13df8 100644
--- a/crypto/asn1/x_crl.c
+++ b/crypto/asn1/x_crl.c
@@ -58,275 +58,75 @@
#include <stdio.h>
#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
#include <openssl/x509.h>
static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
const X509_REVOKED * const *b);
static int X509_REVOKED_seq_cmp(const X509_REVOKED * const *a,
const X509_REVOKED * const *b);
-int i2d_X509_REVOKED(X509_REVOKED *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
- M_ASN1_I2D_len(a->serialNumber,i2d_ASN1_INTEGER);
- M_ASN1_I2D_len(a->revocationDate,i2d_ASN1_TIME);
- M_ASN1_I2D_len_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
- i2d_X509_EXTENSION);
+ASN1_SEQUENCE(X509_REVOKED) = {
+ ASN1_SIMPLE(X509_REVOKED,serialNumber, ASN1_INTEGER),
+ ASN1_SIMPLE(X509_REVOKED,revocationDate, ASN1_TIME),
+ ASN1_SEQUENCE_OF_OPT(X509_REVOKED,extensions, X509_EXTENSION)
+} ASN1_SEQUENCE_END(X509_REVOKED);
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->serialNumber,i2d_ASN1_INTEGER);
- M_ASN1_I2D_put(a->revocationDate,i2d_ASN1_TIME);
- M_ASN1_I2D_put_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
- i2d_X509_EXTENSION);
-
- M_ASN1_I2D_finish();
- }
-
-X509_REVOKED *d2i_X509_REVOKED(X509_REVOKED **a, unsigned char **pp,
- long length)
- {
- M_ASN1_D2I_vars(a,X509_REVOKED *,X509_REVOKED_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->serialNumber,d2i_ASN1_INTEGER);
- M_ASN1_D2I_get(ret->revocationDate,d2i_ASN1_TIME);
- M_ASN1_D2I_get_seq_opt_type(X509_EXTENSION,ret->extensions,
- d2i_X509_EXTENSION,X509_EXTENSION_free);
- M_ASN1_D2I_Finish(a,X509_REVOKED_free,ASN1_F_D2I_X509_REVOKED);
- }
-
-int i2d_X509_CRL_INFO(X509_CRL_INFO *a, unsigned char **pp)
- {
- int v1=0;
- long l=0;
+/* The X509_CRL_INFO structure needs a bit of customisation. This is actually
+ * mirroring the old behaviour: its purpose is to allow the use of
+ * sk_X509_REVOKED_find to lookup revoked certificates. Unfortunately
+ * this will zap the original order and the signature so we keep a copy
+ * of the original positions and reorder appropriately before encoding.
+ *
+ * Might want to see if there's a better way of doing this later...
+ */
+static int crl_inf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ X509_CRL_INFO *a = (X509_CRL_INFO *)*pval;
+ int i;
int (*old_cmp)(const X509_REVOKED * const *,
const X509_REVOKED * const *);
- M_ASN1_I2D_vars(a);
-
- old_cmp=sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_seq_cmp);
- sk_X509_REVOKED_sort(a->revoked);
- sk_X509_REVOKED_set_cmp_func(a->revoked,old_cmp);
- if ((a->version != NULL) && ((l=ASN1_INTEGER_get(a->version)) != 0))
- {
- M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
- }
- M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR);
- M_ASN1_I2D_len(a->issuer,i2d_X509_NAME);
- M_ASN1_I2D_len(a->lastUpdate,i2d_ASN1_TIME);
- if (a->nextUpdate != NULL)
- { M_ASN1_I2D_len(a->nextUpdate,i2d_ASN1_TIME); }
- M_ASN1_I2D_len_SEQUENCE_opt_type(X509_REVOKED,a->revoked,
- i2d_X509_REVOKED);
- M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
- i2d_X509_EXTENSION,0,
- V_ASN1_SEQUENCE,v1);
+ if(!a || !a->revoked) return 1;
+ switch(operation) {
- M_ASN1_I2D_seq_total();
+ /* Save original order */
+ case ASN1_OP_D2I_POST:
+ for (i=0; i<sk_X509_REVOKED_num(a->revoked); i++)
+ sk_X509_REVOKED_value(a->revoked,i)->sequence=i;
+ sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_cmp);
+ break;
- if ((a->version != NULL) && (l != 0))
- {
- M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
- }
- M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR);
- M_ASN1_I2D_put(a->issuer,i2d_X509_NAME);
- M_ASN1_I2D_put(a->lastUpdate,i2d_ASN1_TIME);
- if (a->nextUpdate != NULL)
- { M_ASN1_I2D_put(a->nextUpdate,i2d_ASN1_TIME); }
- M_ASN1_I2D_put_SEQUENCE_opt_type(X509_REVOKED,a->revoked,
- i2d_X509_REVOKED);
- M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(X509_EXTENSION,a->extensions,
- i2d_X509_EXTENSION,0,
- V_ASN1_SEQUENCE,v1);
-
- M_ASN1_I2D_finish();
+ /* Restore original order */
+ case ASN1_OP_I2D_PRE:
+ old_cmp=sk_X509_REVOKED_set_cmp_func(a->revoked,X509_REVOKED_seq_cmp);
+ sk_X509_REVOKED_sort(a->revoked);
+ sk_X509_REVOKED_set_cmp_func(a->revoked,old_cmp);
+ break;
}
-
-X509_CRL_INFO *d2i_X509_CRL_INFO(X509_CRL_INFO **a, unsigned char **pp,
- long length)
- {
- int i,ver=0;
- M_ASN1_D2I_vars(a,X509_CRL_INFO *,X509_CRL_INFO_new);
+ return 1;
+}
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get_opt(ret->version,d2i_ASN1_INTEGER,V_ASN1_INTEGER);
- if (ret->version != NULL)
- ver=ret->version->data[0];
-
- if ((ver == 0) && (ret->version != NULL))
- {
- M_ASN1_INTEGER_free(ret->version);
- ret->version=NULL;
- }
- M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
- M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME);
- M_ASN1_D2I_get(ret->lastUpdate,d2i_ASN1_TIME);
- /* Manually handle the OPTIONAL ASN1_TIME stuff */
- /* First try UTCTime */
- M_ASN1_D2I_get_opt(ret->nextUpdate,d2i_ASN1_UTCTIME, V_ASN1_UTCTIME);
- /* If that doesn't work try GeneralizedTime */
- if(!ret->nextUpdate)
- M_ASN1_D2I_get_opt(ret->nextUpdate,d2i_ASN1_GENERALIZEDTIME,
- V_ASN1_GENERALIZEDTIME);
- if (ret->revoked != NULL)
- {
- while (sk_X509_REVOKED_num(ret->revoked))
- X509_REVOKED_free(sk_X509_REVOKED_pop(ret->revoked));
- }
- M_ASN1_D2I_get_seq_opt_type(X509_REVOKED,ret->revoked,d2i_X509_REVOKED,
- X509_REVOKED_free);
+ASN1_SEQUENCE_cb(X509_CRL_INFO, crl_inf_cb) = {
+ ASN1_OPT(X509_CRL_INFO, version, ASN1_INTEGER),
+ ASN1_SIMPLE(X509_CRL_INFO, sig_alg, X509_ALGOR),
+ ASN1_SIMPLE(X509_CRL_INFO, issuer, X509_NAME),
+ ASN1_SIMPLE(X509_CRL_INFO, lastUpdate, ASN1_TIME),
+ ASN1_OPT(X509_CRL_INFO, nextUpdate, ASN1_TIME),
+ ASN1_SEQUENCE_OF_OPT(X509_CRL_INFO, revoked, X509_REVOKED),
+ ASN1_EXP_SEQUENCE_OF_OPT(X509_CRL_INFO, extensions, X509_EXTENSION, 0)
+} ASN1_SEQUENCE_END_cb(X509_CRL_INFO, X509_CRL_INFO);
- if (ret->revoked != NULL)
- {
- for (i=0; i<sk_X509_REVOKED_num(ret->revoked); i++)
- {
- sk_X509_REVOKED_value(ret->revoked,i)->sequence=i;
- }
- }
+ASN1_SEQUENCE_ref(X509_CRL, 0, CRYPTO_LOCK_X509_CRL) = {
+ ASN1_SIMPLE(X509_CRL, crl, X509_CRL_INFO),
+ ASN1_SIMPLE(X509_CRL, sig_alg, X509_ALGOR),
+ ASN1_SIMPLE(X509_CRL, signature, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END_ref(X509_CRL, X509_CRL);
- if (ret->extensions != NULL)
- {
- while (sk_X509_EXTENSION_num(ret->extensions))
- X509_EXTENSION_free(
- sk_X509_EXTENSION_pop(ret->extensions));
- }
-
- M_ASN1_D2I_get_EXP_set_opt_type(X509_EXTENSION,ret->extensions,
- d2i_X509_EXTENSION,
- X509_EXTENSION_free,0,
- V_ASN1_SEQUENCE);
-
- M_ASN1_D2I_Finish(a,X509_CRL_INFO_free,ASN1_F_D2I_X509_CRL_INFO);
- }
-
-int i2d_X509_CRL(X509_CRL *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->crl,i2d_X509_CRL_INFO);
- M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR);
- M_ASN1_I2D_len(a->signature,i2d_ASN1_BIT_STRING);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->crl,i2d_X509_CRL_INFO);
- M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR);
- M_ASN1_I2D_put(a->signature,i2d_ASN1_BIT_STRING);
-
- M_ASN1_I2D_finish();
- }
-
-X509_CRL *d2i_X509_CRL(X509_CRL **a, unsigned char **pp, long length)
- {
- M_ASN1_D2I_vars(a,X509_CRL *,X509_CRL_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->crl,d2i_X509_CRL_INFO);
- M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
- M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
-
- M_ASN1_D2I_Finish(a,X509_CRL_free,ASN1_F_D2I_X509_CRL);
- }
-
-
-X509_REVOKED *X509_REVOKED_new(void)
- {
- X509_REVOKED *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_REVOKED);
- M_ASN1_New(ret->serialNumber,M_ASN1_INTEGER_new);
- M_ASN1_New(ret->revocationDate,M_ASN1_UTCTIME_new);
- ret->extensions=NULL;
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_REVOKED_NEW);
- }
-
-X509_CRL_INFO *X509_CRL_INFO_new(void)
- {
- X509_CRL_INFO *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_CRL_INFO);
- ret->version=NULL;
- M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
- M_ASN1_New(ret->issuer,X509_NAME_new);
- M_ASN1_New(ret->lastUpdate,M_ASN1_UTCTIME_new);
- ret->nextUpdate=NULL;
- M_ASN1_New(ret->revoked,sk_X509_REVOKED_new_null);
- M_ASN1_New(ret->extensions,sk_X509_EXTENSION_new_null);
- sk_X509_REVOKED_set_cmp_func(ret->revoked,X509_REVOKED_cmp);
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_CRL_INFO_NEW);
- }
-
-X509_CRL *X509_CRL_new(void)
- {
- X509_CRL *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_CRL);
- ret->references=1;
- M_ASN1_New(ret->crl,X509_CRL_INFO_new);
- M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
- M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new);
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_CRL_NEW);
- }
-
-void X509_REVOKED_free(X509_REVOKED *a)
- {
- if (a == NULL) return;
- M_ASN1_INTEGER_free(a->serialNumber);
- M_ASN1_UTCTIME_free(a->revocationDate);
- sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free);
- OPENSSL_free(a);
- }
-
-void X509_CRL_INFO_free(X509_CRL_INFO *a)
- {
- if (a == NULL) return;
- M_ASN1_INTEGER_free(a->version);
- X509_ALGOR_free(a->sig_alg);
- X509_NAME_free(a->issuer);
- M_ASN1_UTCTIME_free(a->lastUpdate);
- if (a->nextUpdate)
- M_ASN1_UTCTIME_free(a->nextUpdate);
- sk_X509_REVOKED_pop_free(a->revoked,X509_REVOKED_free);
- sk_X509_EXTENSION_pop_free(a->extensions,X509_EXTENSION_free);
- OPENSSL_free(a);
- }
-
-void X509_CRL_free(X509_CRL *a)
- {
- int i;
-
- if (a == NULL) return;
-
- i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_CRL);
-#ifdef REF_PRINT
- REF_PRINT("X509_CRL",a);
-#endif
- if (i > 0) return;
-#ifdef REF_CHECK
- if (i < 0)
- {
- fprintf(stderr,"X509_CRL_free, bad reference count\n");
- abort();
- }
-#endif
-
- X509_CRL_INFO_free(a->crl);
- X509_ALGOR_free(a->sig_alg);
- M_ASN1_BIT_STRING_free(a->signature);
- OPENSSL_free(a);
- }
+IMPLEMENT_ASN1_FUNCTIONS(X509_REVOKED)
+IMPLEMENT_ASN1_FUNCTIONS(X509_CRL_INFO)
+IMPLEMENT_ASN1_FUNCTIONS(X509_CRL)
static int X509_REVOKED_cmp(const X509_REVOKED * const *a,
const X509_REVOKED * const *b)
@@ -342,6 +142,19 @@
return((*a)->sequence-(*b)->sequence);
}
+int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev)
+{
+ X509_CRL_INFO *inf;
+ inf = crl->crl;
+ if(!inf->revoked)
+ inf->revoked = sk_X509_REVOKED_new(X509_REVOKED_cmp);
+ if(!inf->revoked || !sk_X509_REVOKED_push(inf->revoked, rev)) {
+ ASN1err(ASN1_F_X509_CRL_ADD0_REVOKED, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ return 1;
+}
+
IMPLEMENT_STACK_OF(X509_REVOKED)
IMPLEMENT_ASN1_SET_OF(X509_REVOKED)
IMPLEMENT_STACK_OF(X509_CRL)
diff --git a/crypto/asn1/x_exten.c b/crypto/asn1/x_exten.c
index fbfd963..97e13f8 100644
--- a/crypto/asn1/x_exten.c
+++ b/crypto/asn1/x_exten.c
@@ -1,139 +1,70 @@
-/* crypto/asn1/x_exten.c */
-/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
- * All rights reserved.
+/* x_exten.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
*
- * This package is an SSL implementation written
- * by Eric Young (eay@cryptsoft.com).
- * The implementation was written so as to conform with Netscapes SSL.
- *
- * This library is free for commercial and non-commercial use as long as
- * the following conditions are aheared to. The following conditions
- * apply to all code found in this distribution, be it the RC4, RSA,
- * lhash, DES, etc., code; not just the SSL code. The SSL documentation
- * included with this distribution is covered by the same copyright terms
- * except that the holder is Tim Hudson (tjh@cryptsoft.com).
- *
- * Copyright remains Eric Young's, and as such any Copyright notices in
- * the code are not to be removed.
- * If this package is used in a product, Eric Young should be given attribution
- * as the author of the parts of the library used.
- * This can be in the form of a textual message at program startup or
- * in documentation (online or textual) provided with the package.
- *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
- * 1. Redistributions of source code must retain the copyright
- * notice, this list of conditions and the following disclaimer.
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
* 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. All advertising materials mentioning features or use of this software
- * must display the following acknowledgement:
- * "This product includes cryptographic software written by
- * Eric Young (eay@cryptsoft.com)"
- * The word 'cryptographic' can be left out if the rouines from the library
- * being used are not cryptographic related :-).
- * 4. If you include any Windows specific code (or a derivative thereof) from
- * the apps directory (application code) you must include an acknowledgement:
- * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
- *
- * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- *
- * The licence and distribution terms for any publically available version or
- * derivative of this code cannot be changed. i.e. this code cannot simply be
- * copied and put under another distribution licence
- * [including the GNU Public Licence.]
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
*/
-#include <stdio.h>
-#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
+#include <stddef.h>
#include <openssl/x509.h>
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
-int i2d_X509_EXTENSION(X509_EXTENSION *a, unsigned char **pp)
- {
- int k=0;
- int r=0,ret=0;
- unsigned char **p=NULL;
+ASN1_SEQUENCE(X509_EXTENSION) = {
+ ASN1_SIMPLE(X509_EXTENSION, object, ASN1_OBJECT),
+ ASN1_OPT(X509_EXTENSION, critical, ASN1_BOOLEAN),
+ ASN1_SIMPLE(X509_EXTENSION, value, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(X509_EXTENSION);
- if (a == NULL) return(0);
-
- p=NULL;
- for (;;)
- {
- if (k)
- {
- r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
- if (pp == NULL) return(r);
- p=pp;
- ASN1_put_object(p,1,ret,V_ASN1_SEQUENCE,
- V_ASN1_UNIVERSAL);
- }
-
- ret+=i2d_ASN1_OBJECT(a->object,p);
- if ((a->critical) || a->netscape_hack)
- ret+=i2d_ASN1_BOOLEAN(a->critical,p);
- ret+=i2d_ASN1_OCTET_STRING(a->value,p);
- if (k++) return(r);
- }
- }
-
-X509_EXTENSION *d2i_X509_EXTENSION(X509_EXTENSION **a, unsigned char **pp,
- long length)
- {
- int i;
- M_ASN1_D2I_vars(a,X509_EXTENSION *,X509_EXTENSION_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
-
- ret->netscape_hack=0;
- if ((c.slen != 0) &&
- (M_ASN1_next == (V_ASN1_UNIVERSAL|V_ASN1_BOOLEAN)))
- {
- c.q=c.p;
- if (d2i_ASN1_BOOLEAN(&i,&c.p,c.slen) < 0) goto err;
- ret->critical=i;
- c.slen-=(c.p-c.q);
- if (ret->critical == 0) ret->netscape_hack=1;
- }
- M_ASN1_D2I_get(ret->value,d2i_ASN1_OCTET_STRING);
-
- M_ASN1_D2I_Finish(a,X509_EXTENSION_free,ASN1_F_D2I_X509_EXTENSION);
- }
-
-X509_EXTENSION *X509_EXTENSION_new(void)
- {
- X509_EXTENSION *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_EXTENSION);
- ret->object=OBJ_nid2obj(NID_undef);
- M_ASN1_New(ret->value,M_ASN1_OCTET_STRING_new);
- ret->critical=0;
- ret->netscape_hack=0;
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_EXTENSION_NEW);
- }
-
-void X509_EXTENSION_free(X509_EXTENSION *a)
- {
- if (a == NULL) return;
- ASN1_OBJECT_free(a->object);
- M_ASN1_OCTET_STRING_free(a->value);
- OPENSSL_free(a);
- }
-
+IMPLEMENT_ASN1_FUNCTIONS(X509_EXTENSION)
diff --git a/crypto/asn1/x_info.c b/crypto/asn1/x_info.c
index 5e62fc2..d44f6cd 100644
--- a/crypto/asn1/x_info.c
+++ b/crypto/asn1/x_info.c
@@ -59,7 +59,7 @@
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/evp.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1.h>
#include <openssl/x509.h>
X509_INFO *X509_INFO_new(void)
diff --git a/crypto/asn1/x_long.c b/crypto/asn1/x_long.c
new file mode 100644
index 0000000..845bc2d
--- /dev/null
+++ b/crypto/asn1/x_long.c
@@ -0,0 +1,158 @@
+/* x_long.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+
+/* Custom primitive type for long handling. This converts between an ASN1_INTEGER
+ * and a long directly.
+ */
+
+
+static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it);
+static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it);
+
+static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it);
+static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it);
+
+static ASN1_PRIMITIVE_FUNCS long_pf = {
+ NULL, 0,
+ long_new,
+ long_free,
+ long_free, /* Clear should set to initial value */
+ long_c2i,
+ long_i2c
+};
+
+const ASN1_ITEM LONG_it = { ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, ASN1_LONG_UNDEF, "LONG"};
+const ASN1_ITEM ZLONG_it = { ASN1_ITYPE_PRIMITIVE, V_ASN1_INTEGER, NULL, 0, &long_pf, 0, "ZLONG"};
+
+static int long_new(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ *(long *)pval = it->size;
+ return 1;
+}
+
+static void long_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ *(long *)pval = it->size;
+}
+
+static int long_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, const ASN1_ITEM *it)
+{
+ long ltmp;
+ unsigned long utmp;
+ int clen, pad, i;
+ ltmp = *(long *)pval;
+ if(ltmp == it->size) return -1;
+ /* Convert the long to positive: we subtract one if negative so
+ * we can cleanly handle the padding if only the MSB of the leading
+ * octet is set.
+ */
+ if(ltmp < 0) utmp = -ltmp - 1;
+ else utmp = ltmp;
+ clen = BN_num_bits_word(utmp);
+ /* If MSB of leading octet set we need to pad */
+ if(!(clen & 0x7)) pad = 1;
+ else pad = 0;
+
+ /* Convert number of bits to number of octets */
+ clen = (clen + 7) >> 3;
+
+ if(cont) {
+ if(pad) *cont++ = (ltmp < 0) ? 0xff : 0;
+ for(i = clen - 1; i >= 0; i--) {
+ cont[i] = (unsigned char)(utmp & 0xff);
+ if(ltmp < 0) cont[i] ^= 0xff;
+ utmp >>= 8;
+ }
+ }
+ return clen + pad;
+}
+
+static int long_c2i(ASN1_VALUE **pval, unsigned char *cont, int len, int utype, char *free_cont, const ASN1_ITEM *it)
+{
+ int neg, i;
+ long ltmp;
+ unsigned long utmp = 0;
+ if(len > sizeof(long)) {
+ ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
+ return 0;
+ }
+ /* Is it negative? */
+ if(len && (cont[0] & 0x80)) neg = 1;
+ else neg = 0;
+ utmp = 0;
+ for(i = 0; i < len; i++) {
+ utmp <<= 8;
+ if(neg) utmp |= cont[i] ^ 0xff;
+ else utmp |= cont[i];
+ }
+ ltmp = (long)utmp;
+ if(neg) {
+ ltmp++;
+ ltmp = -ltmp;
+ }
+ if(ltmp == it->size) {
+ ASN1err(ASN1_F_LONG_C2I, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG);
+ return 0;
+ }
+ *(long *)pval = ltmp;
+ return 1;
+}
diff --git a/crypto/asn1/x_name.c b/crypto/asn1/x_name.c
index b832deb..5da0669 100644
--- a/crypto/asn1/x_name.c
+++ b/crypto/asn1/x_name.c
@@ -58,204 +58,188 @@
#include <stdio.h>
#include "cryptlib.h"
-#include <openssl/objects.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
#include <openssl/x509.h>
-static int i2d_X509_NAME_entries(X509_NAME *a);
-int i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
+static int x509_name_ex_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it,
+ int tag, int aclass, char opt, ASN1_TLC *ctx);
- M_ASN1_I2D_len(a->object,i2d_ASN1_OBJECT);
- M_ASN1_I2D_len(a->value,i2d_ASN1_PRINTABLE);
+static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass);
+static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it);
+static void x509_name_ex_free(ASN1_VALUE **val, const ASN1_ITEM *it);
- M_ASN1_I2D_seq_total();
+static int x509_name_encode(X509_NAME *a);
- M_ASN1_I2D_put(a->object,i2d_ASN1_OBJECT);
- M_ASN1_I2D_put(a->value,i2d_ASN1_PRINTABLE);
+ASN1_SEQUENCE(X509_NAME_ENTRY) = {
+ ASN1_SIMPLE(X509_NAME_ENTRY, object, ASN1_OBJECT),
+ ASN1_SIMPLE(X509_NAME_ENTRY, value, ASN1_PRINTABLE)
+} ASN1_SEQUENCE_END(X509_NAME_ENTRY);
- M_ASN1_I2D_finish();
- }
+IMPLEMENT_ASN1_FUNCTIONS(X509_NAME_ENTRY)
-X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **a, unsigned char **pp,
- long length)
- {
- M_ASN1_D2I_vars(a,X509_NAME_ENTRY *,X509_NAME_ENTRY_new);
+/* For the "Name" type we need a SEQUENCE OF { SET OF X509_NAME_ENTRY }
+ * so declare two template wrappers for this
+ */
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
- M_ASN1_D2I_get(ret->value,d2i_ASN1_PRINTABLE);
- ret->set=0;
- M_ASN1_D2I_Finish(a,X509_NAME_ENTRY_free,ASN1_F_D2I_X509_NAME_ENTRY);
- }
+ASN1_ITEM_TEMPLATE(X509_NAME_ENTRIES) =
+ ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_OF, 0, RDNS, X509_NAME_ENTRY)
+ASN1_ITEM_TEMPLATE_END(X509_NAME_ENTRIES);
-int i2d_X509_NAME(X509_NAME *a, unsigned char **pp)
- {
- int ret;
+ASN1_ITEM_TEMPLATE(X509_NAME_INTERNAL) =
+ ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, Name, X509_NAME_ENTRIES)
+ASN1_ITEM_TEMPLATE_END(X509_NAME_INTERNAL);
- if (a == NULL) return(0);
- if (a->modified)
- {
- ret=i2d_X509_NAME_entries(a);
- if (ret < 0) return(ret);
- }
+/* Normally that's where it would end: we'd have two nested STACK structures
+ * representing the ASN1. Unfortunately X509_NAME uses a completely different
+ * form and caches encodings so we have to process the internal form and convert
+ * to the external form.
+ */
- ret=a->bytes->length;
- if (pp != NULL)
- {
- memcpy(*pp,a->bytes->data,ret);
- *pp+=ret;
- }
- return(ret);
- }
+const ASN1_EXTERN_FUNCS x509_name_ff = {
+ NULL,
+ x509_name_ex_new,
+ x509_name_ex_free,
+ 0, /* Default clear behaviour is OK */
+ x509_name_ex_d2i,
+ x509_name_ex_i2d
+};
-static int i2d_X509_NAME_entries(X509_NAME *a)
- {
- X509_NAME_ENTRY *ne,*fe=NULL;
- STACK_OF(X509_NAME_ENTRY) *sk;
- BUF_MEM *buf=NULL;
- int set=0,r,ret=0;
- int i;
- unsigned char *p;
- int size=0;
+IMPLEMENT_EXTERN_ASN1(X509_NAME, V_ASN1_SEQUENCE, x509_name_ff)
- sk=a->entries;
- for (i=0; i<sk_X509_NAME_ENTRY_num(sk); i++)
- {
- ne=sk_X509_NAME_ENTRY_value(sk,i);
- if (fe == NULL)
- {
- fe=ne;
- size=0;
- }
+IMPLEMENT_ASN1_FUNCTIONS(X509_NAME)
- if (ne->set != set)
- {
- ret+=ASN1_object_size(1,size,V_ASN1_SET);
- fe->size=size;
- fe=ne;
- size=0;
- set=ne->set;
- }
- size+=i2d_X509_NAME_ENTRY(ne,NULL);
- }
-
- ret+=ASN1_object_size(1,size,V_ASN1_SET);
- if (fe != NULL)
- fe->size=size;
-
- r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
-
- buf=a->bytes;
- if (!BUF_MEM_grow(buf,r)) goto err;
- p=(unsigned char *)buf->data;
-
- ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
-
- set= -1;
- for (i=0; i<sk_X509_NAME_ENTRY_num(sk); i++)
- {
- ne=sk_X509_NAME_ENTRY_value(sk,i);
- if (set != ne->set)
- {
- set=ne->set;
- ASN1_put_object(&p,1,ne->size,
- V_ASN1_SET,V_ASN1_UNIVERSAL);
- }
- i2d_X509_NAME_ENTRY(ne,&p);
- }
- a->modified=0;
- return(r);
-err:
- return(-1);
- }
-
-X509_NAME *d2i_X509_NAME(X509_NAME **a, unsigned char **pp, long length)
- {
- int set=0,i;
- int idx=0;
- unsigned char *orig;
- M_ASN1_D2I_vars(a,X509_NAME *,X509_NAME_new);
-
- orig= *pp;
- if (sk_X509_NAME_ENTRY_num(ret->entries) > 0)
- {
- while (sk_X509_NAME_ENTRY_num(ret->entries) > 0)
- X509_NAME_ENTRY_free(
- sk_X509_NAME_ENTRY_pop(ret->entries));
- }
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- for (;;)
- {
- if (M_ASN1_D2I_end_sequence()) break;
- M_ASN1_D2I_get_set_type(X509_NAME_ENTRY,ret->entries,
- d2i_X509_NAME_ENTRY,
- X509_NAME_ENTRY_free);
- for (; idx < sk_X509_NAME_ENTRY_num(ret->entries); idx++)
- {
- sk_X509_NAME_ENTRY_value(ret->entries,idx)->set=set;
- }
- set++;
- }
-
- i=(int)(c.p-orig);
- if (!BUF_MEM_grow(ret->bytes,i)) goto err;
- memcpy(ret->bytes->data,orig,i);
- ret->bytes->length=i;
- ret->modified=0;
-
- M_ASN1_D2I_Finish(a,X509_NAME_free,ASN1_F_D2I_X509_NAME);
- }
-
-X509_NAME *X509_NAME_new(void)
- {
- X509_NAME *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_NAME);
+static int x509_name_ex_new(ASN1_VALUE **val, const ASN1_ITEM *it)
+{
+ X509_NAME *ret = NULL;
+ ret = OPENSSL_malloc(sizeof(X509_NAME));
+ if(!ret) goto memerr;
if ((ret->entries=sk_X509_NAME_ENTRY_new_null()) == NULL)
- { c.line=__LINE__; goto err2; }
- M_ASN1_New(ret->bytes,BUF_MEM_new);
+ goto memerr;
+ if((ret->bytes = BUF_MEM_new()) == NULL) goto memerr;
ret->modified=1;
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_NAME_NEW);
- }
+ *val = (ASN1_VALUE *)ret;
+ return 1;
+ memerr:
+ ASN1err(ASN1_F_X509_NAME_NEW, ERR_R_MALLOC_FAILURE);
+ return 0;
+}
-X509_NAME_ENTRY *X509_NAME_ENTRY_new(void)
- {
- X509_NAME_ENTRY *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_NAME_ENTRY);
-/* M_ASN1_New(ret->object,ASN1_OBJECT_new);*/
- ret->object=NULL;
- ret->set=0;
- M_ASN1_New(ret->value,ASN1_STRING_new);
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_NAME_ENTRY_NEW);
- }
-
-void X509_NAME_free(X509_NAME *a)
- {
- if(a == NULL)
+static void x509_name_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ X509_NAME *a;
+ if(!pval || !*pval)
return;
+ a = (X509_NAME *)*pval;
BUF_MEM_free(a->bytes);
sk_X509_NAME_ENTRY_pop_free(a->entries,X509_NAME_ENTRY_free);
OPENSSL_free(a);
- }
+ *pval = NULL;
+}
-void X509_NAME_ENTRY_free(X509_NAME_ENTRY *a)
- {
- if (a == NULL) return;
- ASN1_OBJECT_free(a->object);
- M_ASN1_BIT_STRING_free(a->value);
- OPENSSL_free(a);
+/* Used with sk_pop_free() to free up the internal representation.
+ * NB: we only free the STACK and not its contents because it is
+ * already present in the X509_NAME structure.
+ */
+
+static void sk_internal_free(void *a)
+{
+ sk_free(a);
+}
+
+static int x509_name_ex_d2i(ASN1_VALUE **val, unsigned char **in, long len, const ASN1_ITEM *it,
+ int tag, int aclass, char opt, ASN1_TLC *ctx)
+{
+ unsigned char *p = *in, *q;
+ STACK *intname = NULL;
+ int i, j, ret;
+ X509_NAME *nm = NULL;
+ STACK_OF(X509_NAME_ENTRY) *entries;
+ X509_NAME_ENTRY *entry;
+ q = p;
+
+ /* Get internal representation of Name */
+ ret = ASN1_item_ex_d2i((ASN1_VALUE **)&intname, &p, len, &X509_NAME_INTERNAL_it,
+ tag, aclass, opt, ctx);
+
+ if(ret <= 0) return ret;
+
+ if(*val) x509_name_ex_free(val, NULL);
+ if(!x509_name_ex_new((ASN1_VALUE **)&nm, NULL)) goto err;
+ /* We've decoded it: now cache encoding */
+ if(!BUF_MEM_grow(nm->bytes, p - q)) goto err;
+ memcpy(nm->bytes->data, q, p - q);
+
+ /* Convert internal representation to X509_NAME structure */
+ for(i = 0; i < sk_num(intname); i++) {
+ entries = (STACK_OF(X509_NAME_ENTRY) *)sk_value(intname, i);
+ for(j = 0; j < sk_X509_NAME_ENTRY_num(entries); j++) {
+ entry = sk_X509_NAME_ENTRY_value(entries, j);
+ entry->set = i;
+ if(!sk_X509_NAME_ENTRY_push(nm->entries, entry))
+ goto err;
+ }
+ sk_X509_NAME_ENTRY_free(entries);
}
+ sk_free(intname);
+ nm->modified = 0;
+ *val = (ASN1_VALUE *)nm;
+ *in = p;
+ return ret;
+ err:
+ ASN1err(ASN1_F_D2I_X509_NAME, ERR_R_NESTED_ASN1_ERROR);
+ return 0;
+}
+
+static int x509_name_ex_i2d(ASN1_VALUE **val, unsigned char **out, const ASN1_ITEM *it, int tag, int aclass)
+{
+ int ret;
+ X509_NAME *a = (X509_NAME *)*val;
+ if(a->modified) {
+ ret = x509_name_encode((X509_NAME *)a);
+ if(ret < 0) return ret;
+ }
+ ret = a->bytes->length;
+ if(out != NULL) {
+ memcpy(*out,a->bytes->data,ret);
+ *out+=ret;
+ }
+ return ret;
+}
+
+static int x509_name_encode(X509_NAME *a)
+{
+ STACK *intname = NULL;
+ int len;
+ unsigned char *p;
+ STACK_OF(X509_NAME_ENTRY) *entries = NULL;
+ X509_NAME_ENTRY *entry;
+ int i, set = -1;
+ intname = sk_new_null();
+ if(!intname) goto memerr;
+ for(i = 0; i < sk_X509_NAME_ENTRY_num(a->entries); i++) {
+ entry = sk_X509_NAME_ENTRY_value(a->entries, i);
+ if(entry->set != set) {
+ entries = sk_X509_NAME_ENTRY_new_null();
+ if(!entries) goto memerr;
+ if(!sk_push(intname, (char *)entries)) goto memerr;
+ set = entry->set;
+ }
+ if(!sk_X509_NAME_ENTRY_push(entries, entry)) goto memerr;
+ }
+ len = ASN1_item_ex_i2d((ASN1_VALUE **)&intname, NULL, &X509_NAME_INTERNAL_it, -1, -1);
+ if (!BUF_MEM_grow(a->bytes,len)) goto memerr;
+ p=(unsigned char *)a->bytes->data;
+ ASN1_item_ex_i2d((ASN1_VALUE **)&intname, &p, &X509_NAME_INTERNAL_it, -1, -1);
+ sk_pop_free(intname, sk_internal_free);
+ a->modified = 0;
+ return len;
+ memerr:
+ sk_pop_free(intname, sk_internal_free);
+ ASN1err(ASN1_F_D2I_X509_NAME, ERR_R_MALLOC_FAILURE);
+ return -1;
+}
+
int X509_NAME_set(X509_NAME **xn, X509_NAME *name)
{
diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c
index 8d1dbce..8cef2cf 100644
--- a/crypto/asn1/x_pubkey.c
+++ b/crypto/asn1/x_pubkey.c
@@ -58,62 +58,25 @@
#include <stdio.h>
#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
#include <openssl/x509.h>
-int i2d_X509_PUBKEY(X509_PUBKEY *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR);
- M_ASN1_I2D_len(a->public_key, i2d_ASN1_BIT_STRING);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR);
- M_ASN1_I2D_put(a->public_key, i2d_ASN1_BIT_STRING);
-
- M_ASN1_I2D_finish();
+/* Minor tweak to operation: free up EVP_PKEY */
+static int pubkey_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ if(operation == ASN1_OP_FREE_POST) {
+ X509_PUBKEY *pubkey = (X509_PUBKEY *)*pval;
+ EVP_PKEY_free(pubkey->pkey);
}
+ return 1;
+}
-X509_PUBKEY *d2i_X509_PUBKEY(X509_PUBKEY **a, unsigned char **pp,
- long length)
- {
- M_ASN1_D2I_vars(a,X509_PUBKEY *,X509_PUBKEY_new);
+ASN1_SEQUENCE_cb(X509_PUBKEY, pubkey_cb) = {
+ ASN1_SIMPLE(X509_PUBKEY, algor, X509_ALGOR),
+ ASN1_SIMPLE(X509_PUBKEY, public_key, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END_cb(X509_PUBKEY, X509_PUBKEY);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
- M_ASN1_D2I_get(ret->public_key,d2i_ASN1_BIT_STRING);
- if (ret->pkey != NULL)
- {
- EVP_PKEY_free(ret->pkey);
- ret->pkey=NULL;
- }
- M_ASN1_D2I_Finish(a,X509_PUBKEY_free,ASN1_F_D2I_X509_PUBKEY);
- }
-
-X509_PUBKEY *X509_PUBKEY_new(void)
- {
- X509_PUBKEY *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_PUBKEY);
- M_ASN1_New(ret->algor,X509_ALGOR_new);
- M_ASN1_New(ret->public_key,M_ASN1_BIT_STRING_new);
- ret->pkey=NULL;
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_PUBKEY_NEW);
- }
-
-void X509_PUBKEY_free(X509_PUBKEY *a)
- {
- if (a == NULL) return;
- X509_ALGOR_free(a->algor);
- M_ASN1_BIT_STRING_free(a->public_key);
- if (a->pkey != NULL) EVP_PKEY_free(a->pkey);
- OPENSSL_free(a);
- }
+IMPLEMENT_ASN1_FUNCTIONS(X509_PUBKEY)
int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey)
{
diff --git a/crypto/asn1/x_req.c b/crypto/asn1/x_req.c
index 6dddd4f..84a5ca6 100644
--- a/crypto/asn1/x_req.c
+++ b/crypto/asn1/x_req.c
@@ -58,200 +58,54 @@
#include <stdio.h>
#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
#include <openssl/x509.h>
-int i2d_X509_REQ_INFO(X509_REQ_INFO *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
+/* X509_REQ_INFO is handled in an unusual way to get round
+ * invalid encodings. Some broken certificate requests don't
+ * encode the attributes field if it is empty. This is in
+ * violation of PKCS#10 but we need to tolerate it. We do
+ * this by making the attributes field OPTIONAL then using
+ * the callback to initialise it to an empty STACK.
+ *
+ * This means that the field will be correctly encoded unless
+ * we NULL out the field.
+ *
+ * As a result we no longer need the req_kludge field because
+ * the information is now contained in the attributes field:
+ * 1. If it is NULL then it's the invalid omission.
+ * 2. If it is empty it is the correct encoding.
+ * 3. If it is not empty then some attributes are present.
+ *
+ */
- if(a->asn1) {
- if(pp) {
- memcpy(*pp, a->asn1, a->length);
- *pp += a->length;
- }
- return a->length;
+static int rinf_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ X509_REQ_INFO *rinf = (X509_REQ_INFO *)*pval;
+
+ if(operation == ASN1_OP_NEW_POST) {
+ rinf->attributes = sk_X509_ATTRIBUTE_new_null();
+ if(!rinf->attributes) return 0;
}
+ return 1;
+}
- M_ASN1_I2D_len(a->version, i2d_ASN1_INTEGER);
- M_ASN1_I2D_len(a->subject, i2d_X509_NAME);
- M_ASN1_I2D_len(a->pubkey, i2d_X509_PUBKEY);
-
- /* this is a *nasty* hack reported to be required to
- * allow some CA Software to accept the cert request.
- * It is not following the PKCS standards ...
- * PKCS#10 pg 5
- * attributes [0] IMPLICIT Attributes
- * NOTE: no OPTIONAL ... so it *must* be there
+ASN1_SEQUENCE_enc(X509_REQ_INFO, enc, rinf_cb) = {
+ ASN1_SIMPLE(X509_REQ_INFO, version, ASN1_INTEGER),
+ ASN1_SIMPLE(X509_REQ_INFO, subject, X509_NAME),
+ ASN1_SIMPLE(X509_REQ_INFO, pubkey, X509_PUBKEY),
+ /* This isn't really OPTIONAL but it gets round invalid
+ * encodings
*/
- if (a->req_kludge)
- {
- M_ASN1_I2D_len_IMP_SET_opt_type(X509_ATTRIBUTE,a->attributes,i2d_X509_ATTRIBUTE,0);
- }
- else
- {
- M_ASN1_I2D_len_IMP_SET_type(X509_ATTRIBUTE,a->attributes,
- i2d_X509_ATTRIBUTE,0);
- }
-
- M_ASN1_I2D_seq_total();
- M_ASN1_I2D_put(a->version, i2d_ASN1_INTEGER);
- M_ASN1_I2D_put(a->subject, i2d_X509_NAME);
- M_ASN1_I2D_put(a->pubkey, i2d_X509_PUBKEY);
+ ASN1_IMP_SET_OF_OPT(X509_REQ_INFO, attributes, X509_ATTRIBUTE, 0)
+} ASN1_SEQUENCE_END_enc(X509_REQ_INFO, X509_REQ_INFO);
- /* this is a *nasty* hack reported to be required by some CA's.
- * It is not following the PKCS standards ...
- * PKCS#10 pg 5
- * attributes [0] IMPLICIT Attributes
- * NOTE: no OPTIONAL ... so it *must* be there
- */
- if (a->req_kludge)
- {
- M_ASN1_I2D_put_IMP_SET_opt_type(X509_ATTRIBUTE,a->attributes,
- i2d_X509_ATTRIBUTE,0);
- }
- else
- {
- M_ASN1_I2D_put_IMP_SET_type(X509_ATTRIBUTE,a->attributes,
- i2d_X509_ATTRIBUTE,0);
- }
+IMPLEMENT_ASN1_FUNCTIONS(X509_REQ_INFO)
- M_ASN1_I2D_finish();
- }
+ASN1_SEQUENCE_ref(X509_REQ, 0, CRYPTO_LOCK_X509_INFO) = {
+ ASN1_SIMPLE(X509_REQ, req_info, X509_REQ_INFO),
+ ASN1_SIMPLE(X509_REQ, sig_alg, X509_ALGOR),
+ ASN1_SIMPLE(X509_REQ, signature, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END_ref(X509_REQ, X509_REQ);
-X509_REQ_INFO *d2i_X509_REQ_INFO(X509_REQ_INFO **a, unsigned char **pp,
- long length)
- {
- M_ASN1_D2I_vars(a,X509_REQ_INFO *,X509_REQ_INFO_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
- M_ASN1_D2I_get(ret->subject,d2i_X509_NAME);
- M_ASN1_D2I_get(ret->pubkey,d2i_X509_PUBKEY);
-
- /* this is a *nasty* hack to allow for some CA's that
- * have been reported as requiring it.
- * It is not following the PKCS standards ...
- * PKCS#10 pg 5
- * attributes [0] IMPLICIT Attributes
- * NOTE: no OPTIONAL ... so it *must* be there
- */
- if (asn1_Finish(&c))
- ret->req_kludge=1;
- else
- {
- M_ASN1_D2I_get_IMP_set_type(X509_ATTRIBUTE,ret->attributes,
- d2i_X509_ATTRIBUTE,
- X509_ATTRIBUTE_free,0);
- }
-
- M_ASN1_D2I_Finish(a,X509_REQ_INFO_free,ASN1_F_D2I_X509_REQ_INFO);
- }
-
-X509_REQ_INFO *X509_REQ_INFO_new(void)
- {
- X509_REQ_INFO *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_REQ_INFO);
- M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
- M_ASN1_New(ret->subject,X509_NAME_new);
- M_ASN1_New(ret->pubkey,X509_PUBKEY_new);
- M_ASN1_New(ret->attributes,sk_X509_ATTRIBUTE_new_null);
- ret->req_kludge=0;
- ret->asn1 = NULL;
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_REQ_INFO_NEW);
- }
-
-void X509_REQ_INFO_free(X509_REQ_INFO *a)
- {
- if (a == NULL) return;
- if(a->asn1) OPENSSL_free(a->asn1);
- M_ASN1_INTEGER_free(a->version);
- X509_NAME_free(a->subject);
- X509_PUBKEY_free(a->pubkey);
- sk_X509_ATTRIBUTE_pop_free(a->attributes,X509_ATTRIBUTE_free);
- OPENSSL_free(a);
- }
-
-int i2d_X509_REQ(X509_REQ *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
- M_ASN1_I2D_len(a->req_info, i2d_X509_REQ_INFO);
- M_ASN1_I2D_len(a->sig_alg, i2d_X509_ALGOR);
- M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->req_info, i2d_X509_REQ_INFO);
- M_ASN1_I2D_put(a->sig_alg, i2d_X509_ALGOR);
- M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING);
-
- M_ASN1_I2D_finish();
- }
-
-X509_REQ *d2i_X509_REQ(X509_REQ **a, unsigned char **pp, long length)
- {
- M_ASN1_D2I_vars(a,X509_REQ *,X509_REQ_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->req_info,d2i_X509_REQ_INFO);
-
- /* Keep a copy of the original encoding for signature checking */
- ret->req_info->length = c.p - c.q;
- if(!(ret->req_info->asn1 = OPENSSL_malloc(ret->req_info->length))) {
- c.line=__LINE__;
- c.error = ERR_R_MALLOC_FAILURE;
- goto err;
- }
-
- memcpy(ret->req_info->asn1, c.q, ret->req_info->length);
-
- M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
- M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
- M_ASN1_D2I_Finish(a,X509_REQ_free,ASN1_F_D2I_X509_REQ);
- }
-
-X509_REQ *X509_REQ_new(void)
- {
- X509_REQ *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_REQ);
- ret->references=1;
- M_ASN1_New(ret->req_info,X509_REQ_INFO_new);
- M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
- M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new);
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_REQ_NEW);
- }
-
-void X509_REQ_free(X509_REQ *a)
- {
- int i;
-
- if (a == NULL) return;
-
- i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_REQ);
-#ifdef REF_PRINT
- REF_PRINT("X509_REQ",a);
-#endif
- if (i > 0) return;
-#ifdef REF_CHECK
- if (i < 0)
- {
- fprintf(stderr,"X509_REQ_free, bad reference count\n");
- abort();
- }
-#endif
-
- X509_REQ_INFO_free(a->req_info);
- X509_ALGOR_free(a->sig_alg);
- M_ASN1_BIT_STRING_free(a->signature);
- OPENSSL_free(a);
- }
-
-
+IMPLEMENT_ASN1_FUNCTIONS(X509_REQ)
diff --git a/crypto/asn1/x_sig.c b/crypto/asn1/x_sig.c
index d79f147..e53d0a3 100644
--- a/crypto/asn1/x_sig.c
+++ b/crypto/asn1/x_sig.c
@@ -58,53 +58,12 @@
#include <stdio.h>
#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
#include <openssl/x509.h>
-int i2d_X509_SIG(X509_SIG *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
+ASN1_SEQUENCE(X509_SIG) = {
+ ASN1_SIMPLE(X509_SIG, algor, X509_ALGOR),
+ ASN1_SIMPLE(X509_SIG, digest, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(X509_SIG);
- M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR);
- M_ASN1_I2D_len(a->digest, i2d_ASN1_OCTET_STRING);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR);
- M_ASN1_I2D_put(a->digest, i2d_ASN1_OCTET_STRING);
-
- M_ASN1_I2D_finish();
- }
-
-X509_SIG *d2i_X509_SIG(X509_SIG **a, unsigned char **pp, long length)
- {
- M_ASN1_D2I_vars(a,X509_SIG *,X509_SIG_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
- M_ASN1_D2I_get(ret->digest,d2i_ASN1_OCTET_STRING);
- M_ASN1_D2I_Finish(a,X509_SIG_free,ASN1_F_D2I_X509_SIG);
- }
-
-X509_SIG *X509_SIG_new(void)
- {
- X509_SIG *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_SIG);
- M_ASN1_New(ret->algor,X509_ALGOR_new);
- M_ASN1_New(ret->digest,M_ASN1_OCTET_STRING_new);
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_SIG_NEW);
- }
-
-void X509_SIG_free(X509_SIG *a)
- {
- if (a == NULL) return;
- X509_ALGOR_free(a->algor);
- M_ASN1_OCTET_STRING_free(a->digest);
- OPENSSL_free(a);
- }
-
-
+IMPLEMENT_ASN1_FUNCTIONS(X509_SIG)
diff --git a/crypto/asn1/x_spki.c b/crypto/asn1/x_spki.c
index 4f01888..87dfb41 100644
--- a/crypto/asn1/x_spki.c
+++ b/crypto/asn1/x_spki.c
@@ -63,104 +63,19 @@
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/x509.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
-int i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
+ASN1_SEQUENCE(NETSCAPE_SPKAC) = {
+ ASN1_SIMPLE(NETSCAPE_SPKAC, pubkey, X509_PUBKEY),
+ ASN1_SIMPLE(NETSCAPE_SPKAC, challenge, ASN1_IA5STRING)
+} ASN1_SEQUENCE_END(NETSCAPE_SPKAC);
- M_ASN1_I2D_len(a->pubkey, i2d_X509_PUBKEY);
- M_ASN1_I2D_len(a->challenge, i2d_ASN1_IA5STRING);
+IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
- M_ASN1_I2D_seq_total();
+ASN1_SEQUENCE(NETSCAPE_SPKI) = {
+ ASN1_SIMPLE(NETSCAPE_SPKI, spkac, NETSCAPE_SPKAC),
+ ASN1_SIMPLE(NETSCAPE_SPKI, sig_algor, X509_ALGOR),
+ ASN1_SIMPLE(NETSCAPE_SPKI, signature, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END(NETSCAPE_SPKI);
- M_ASN1_I2D_put(a->pubkey, i2d_X509_PUBKEY);
- M_ASN1_I2D_put(a->challenge, i2d_ASN1_IA5STRING);
-
- M_ASN1_I2D_finish();
- }
-
-NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a, unsigned char **pp,
- long length)
- {
- M_ASN1_D2I_vars(a,NETSCAPE_SPKAC *,NETSCAPE_SPKAC_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->pubkey,d2i_X509_PUBKEY);
- M_ASN1_D2I_get(ret->challenge,d2i_ASN1_IA5STRING);
- M_ASN1_D2I_Finish(a,NETSCAPE_SPKAC_free,ASN1_F_D2I_NETSCAPE_SPKAC);
- }
-
-NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(void)
- {
- NETSCAPE_SPKAC *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,NETSCAPE_SPKAC);
- M_ASN1_New(ret->pubkey,X509_PUBKEY_new);
- M_ASN1_New(ret->challenge,M_ASN1_IA5STRING_new);
- return(ret);
- M_ASN1_New_Error(ASN1_F_NETSCAPE_SPKAC_NEW);
- }
-
-void NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a)
- {
- if (a == NULL) return;
- X509_PUBKEY_free(a->pubkey);
- M_ASN1_IA5STRING_free(a->challenge);
- OPENSSL_free(a);
- }
-
-int i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->spkac, i2d_NETSCAPE_SPKAC);
- M_ASN1_I2D_len(a->sig_algor, i2d_X509_ALGOR);
- M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->spkac, i2d_NETSCAPE_SPKAC);
- M_ASN1_I2D_put(a->sig_algor, i2d_X509_ALGOR);
- M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING);
-
- M_ASN1_I2D_finish();
- }
-
-NETSCAPE_SPKI *d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **a, unsigned char **pp,
- long length)
- {
- M_ASN1_D2I_vars(a,NETSCAPE_SPKI *,NETSCAPE_SPKI_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->spkac,d2i_NETSCAPE_SPKAC);
- M_ASN1_D2I_get(ret->sig_algor,d2i_X509_ALGOR);
- M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
- M_ASN1_D2I_Finish(a,NETSCAPE_SPKI_free,ASN1_F_D2I_NETSCAPE_SPKI);
- }
-
-NETSCAPE_SPKI *NETSCAPE_SPKI_new(void)
- {
- NETSCAPE_SPKI *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,NETSCAPE_SPKI);
- M_ASN1_New(ret->spkac,NETSCAPE_SPKAC_new);
- M_ASN1_New(ret->sig_algor,X509_ALGOR_new);
- M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new);
- return(ret);
- M_ASN1_New_Error(ASN1_F_NETSCAPE_SPKI_NEW);
- }
-
-void NETSCAPE_SPKI_free(NETSCAPE_SPKI *a)
- {
- if (a == NULL) return;
- NETSCAPE_SPKAC_free(a->spkac);
- X509_ALGOR_free(a->sig_algor);
- M_ASN1_BIT_STRING_free(a->signature);
- OPENSSL_free(a);
- }
-
+IMPLEMENT_ASN1_FUNCTIONS(NETSCAPE_SPKI)
diff --git a/crypto/asn1/x_val.c b/crypto/asn1/x_val.c
index 0f8f020..48edf88 100644
--- a/crypto/asn1/x_val.c
+++ b/crypto/asn1/x_val.c
@@ -58,52 +58,10 @@
#include <stdio.h>
#include "cryptlib.h"
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
#include <openssl/x509.h>
-int i2d_X509_VAL(X509_VAL *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->notBefore,i2d_ASN1_TIME);
- M_ASN1_I2D_len(a->notAfter,i2d_ASN1_TIME);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->notBefore,i2d_ASN1_TIME);
- M_ASN1_I2D_put(a->notAfter,i2d_ASN1_TIME);
-
- M_ASN1_I2D_finish();
- }
-
-X509_VAL *d2i_X509_VAL(X509_VAL **a, unsigned char **pp, long length)
- {
- M_ASN1_D2I_vars(a,X509_VAL *,X509_VAL_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->notBefore,d2i_ASN1_TIME);
- M_ASN1_D2I_get(ret->notAfter,d2i_ASN1_TIME);
- M_ASN1_D2I_Finish(a,X509_VAL_free,ASN1_F_D2I_X509_VAL);
- }
-
-X509_VAL *X509_VAL_new(void)
- {
- X509_VAL *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509_VAL);
- M_ASN1_New(ret->notBefore,M_ASN1_TIME_new);
- M_ASN1_New(ret->notAfter,M_ASN1_TIME_new);
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_VAL_NEW);
- }
-
-void X509_VAL_free(X509_VAL *a)
- {
- if (a == NULL) return;
- M_ASN1_TIME_free(a->notBefore);
- M_ASN1_TIME_free(a->notAfter);
- OPENSSL_free(a);
- }
-
+ASN1_SEQUENCE(X509_VAL) = {
+ ASN1_SIMPLE(X509_VAL, notBefore, ASN1_TIME),
+ ASN1_SIMPLE(X509_VAL, notAfter, ASN1_TIME)
+} ASN1_SEQUENCE_END(X509_VAL);
diff --git a/crypto/asn1/x_x509.c b/crypto/asn1/x_x509.c
index 61ba856..3209583 100644
--- a/crypto/asn1/x_x509.c
+++ b/crypto/asn1/x_x509.c
@@ -59,13 +59,74 @@
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/evp.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
static int x509_meth_num = 0;
static STACK_OF(CRYPTO_EX_DATA_FUNCS) *x509_meth = NULL;
+ASN1_SEQUENCE(X509_CINF) = {
+ ASN1_EXP_OPT(X509_CINF, version, ASN1_INTEGER, 0),
+ ASN1_SIMPLE(X509_CINF, serialNumber, ASN1_INTEGER),
+ ASN1_SIMPLE(X509_CINF, signature, X509_ALGOR),
+ ASN1_SIMPLE(X509_CINF, issuer, X509_NAME),
+ ASN1_SIMPLE(X509_CINF, validity, X509_VAL),
+ ASN1_SIMPLE(X509_CINF, subject, X509_NAME),
+ ASN1_SIMPLE(X509_CINF, key, X509_PUBKEY),
+ ASN1_IMP_OPT(X509_CINF, issuerUID, ASN1_BIT_STRING, 1),
+ ASN1_IMP_OPT(X509_CINF, subjectUID, ASN1_BIT_STRING, 2),
+ ASN1_EXP_SEQUENCE_OF_OPT(X509_CINF, extensions, X509_EXTENSION, 3)
+} ASN1_SEQUENCE_END(X509_CINF);
+
+IMPLEMENT_ASN1_FUNCTIONS(X509_CINF)
+/* X509 top level structure needs a bit of customisation */
+
+static int x509_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ X509 *ret = (X509 *)*pval;
+
+ switch(operation) {
+
+ case ASN1_OP_NEW_POST:
+ ret->valid=0;
+ ret->name = NULL;
+ ret->ex_flags = 0;
+ ret->ex_pathlen = -1;
+ ret->skid = NULL;
+ ret->akid = NULL;
+ ret->aux = NULL;
+ CRYPTO_new_ex_data(x509_meth, ret, &ret->ex_data);
+ break;
+
+ case ASN1_OP_D2I_POST:
+ if (ret->name != NULL) OPENSSL_free(ret->name);
+ ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0);
+ break;
+
+ case ASN1_OP_FREE_POST:
+ CRYPTO_free_ex_data(x509_meth,ret,&ret->ex_data);
+ X509_CERT_AUX_free(ret->aux);
+ ASN1_OCTET_STRING_free(ret->skid);
+ AUTHORITY_KEYID_free(ret->akid);
+
+ if (ret->name != NULL) OPENSSL_free(ret->name);
+ break;
+
+ }
+
+ return 1;
+
+}
+
+ASN1_SEQUENCE_ref(X509, x509_cb, CRYPTO_LOCK_X509) = {
+ ASN1_SIMPLE(X509, cert_info, X509_CINF),
+ ASN1_SIMPLE(X509, sig_alg, X509_ALGOR),
+ ASN1_SIMPLE(X509, signature, ASN1_BIT_STRING)
+} ASN1_SEQUENCE_END_ref(X509, X509);
+
+IMPLEMENT_ASN1_FUNCTIONS(X509)
+
static ASN1_METHOD meth={
(int (*)()) i2d_X509,
(char *(*)())d2i_X509,
@@ -77,91 +138,6 @@
return(&meth);
}
-int i2d_X509(X509 *a, unsigned char **pp)
- {
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->cert_info, i2d_X509_CINF);
- M_ASN1_I2D_len(a->sig_alg, i2d_X509_ALGOR);
- M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->cert_info, i2d_X509_CINF);
- M_ASN1_I2D_put(a->sig_alg, i2d_X509_ALGOR);
- M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING);
-
- M_ASN1_I2D_finish();
- }
-
-X509 *d2i_X509(X509 **a, unsigned char **pp, long length)
- {
- M_ASN1_D2I_vars(a,X509 *,X509_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->cert_info,d2i_X509_CINF);
- M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
- M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
- if (ret->name != NULL) OPENSSL_free(ret->name);
- ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0);
-
- M_ASN1_D2I_Finish(a,X509_free,ASN1_F_D2I_X509);
- }
-
-X509 *X509_new(void)
- {
- X509 *ret=NULL;
- ASN1_CTX c;
-
- M_ASN1_New_Malloc(ret,X509);
- ret->valid=0;
- ret->references=1;
- ret->name = NULL;
- ret->ex_flags = 0;
- ret->ex_pathlen = -1;
- ret->skid = NULL;
- ret->akid = NULL;
- ret->aux = NULL;
- M_ASN1_New(ret->cert_info,X509_CINF_new);
- M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
- M_ASN1_New(ret->signature,M_ASN1_BIT_STRING_new);
- CRYPTO_new_ex_data(x509_meth, ret, &ret->ex_data);
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_NEW);
- }
-
-void X509_free(X509 *a)
- {
- int i;
-
- if (a == NULL) return;
-
- i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509);
-#ifdef REF_PRINT
- REF_PRINT("X509",a);
-#endif
- if (i > 0) return;
-#ifdef REF_CHECK
- if (i < 0)
- {
- fprintf(stderr,"X509_free, bad reference count\n");
- abort();
- }
-#endif
-
- CRYPTO_free_ex_data(x509_meth,a,&a->ex_data);
- X509_CINF_free(a->cert_info);
- X509_ALGOR_free(a->sig_alg);
- M_ASN1_BIT_STRING_free(a->signature);
- X509_CERT_AUX_free(a->aux);
- ASN1_OCTET_STRING_free(a->skid);
- AUTHORITY_KEYID_free(a->akid);
-
- if (a->name != NULL) OPENSSL_free(a->name);
- OPENSSL_free(a);
- }
-
int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
{
diff --git a/crypto/asn1/x_x509a.c b/crypto/asn1/x_x509a.c
index ebcce87..67d7fff 100644
--- a/crypto/asn1/x_x509a.c
+++ b/crypto/asn1/x_x509a.c
@@ -59,7 +59,7 @@
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/evp.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
#include <openssl/x509.h>
/* X509_CERT_AUX routines. These are used to encode additional
@@ -71,72 +71,15 @@
static X509_CERT_AUX *aux_get(X509 *x);
-X509_CERT_AUX *d2i_X509_CERT_AUX(X509_CERT_AUX **a, unsigned char **pp, long length)
-{
- M_ASN1_D2I_vars(a, X509_CERT_AUX *, X509_CERT_AUX_new);
-
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
+ASN1_SEQUENCE(X509_CERT_AUX) = {
+ ASN1_SEQUENCE_OF_OPT(X509_CERT_AUX, trust, ASN1_OBJECT),
+ ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, reject, ASN1_OBJECT, 0),
+ ASN1_OPT(X509_CERT_AUX, alias, ASN1_UTF8STRING),
+ ASN1_OPT(X509_CERT_AUX, keyid, ASN1_OCTET_STRING),
+ ASN1_IMP_SEQUENCE_OF_OPT(X509_CERT_AUX, other, X509_ALGOR, 1)
+} ASN1_SEQUENCE_END(X509_CERT_AUX);
- M_ASN1_D2I_get_seq_opt_type(ASN1_OBJECT, ret->trust,
- d2i_ASN1_OBJECT, ASN1_OBJECT_free);
- M_ASN1_D2I_get_IMP_set_opt_type(ASN1_OBJECT, ret->reject,
- d2i_ASN1_OBJECT, ASN1_OBJECT_free, 0);
- M_ASN1_D2I_get_opt(ret->alias, d2i_ASN1_UTF8STRING, V_ASN1_UTF8STRING);
- M_ASN1_D2I_get_opt(ret->keyid, d2i_ASN1_OCTET_STRING, V_ASN1_OCTET_STRING);
- M_ASN1_D2I_get_IMP_set_opt_type(X509_ALGOR, ret->other,
- d2i_X509_ALGOR, X509_ALGOR_free, 1);
-
- M_ASN1_D2I_Finish(a, X509_CERT_AUX_free, ASN1_F_D2I_X509_CERT_AUX);
-}
-
-X509_CERT_AUX *X509_CERT_AUX_new()
-{
- X509_CERT_AUX *ret = NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, X509_CERT_AUX);
- ret->trust = NULL;
- ret->reject = NULL;
- ret->alias = NULL;
- ret->keyid = NULL;
- ret->other = NULL;
- return(ret);
- M_ASN1_New_Error(ASN1_F_X509_CERT_AUX_NEW);
-}
-
-void X509_CERT_AUX_free(X509_CERT_AUX *a)
-{
- if(a == NULL) return;
- sk_ASN1_OBJECT_pop_free(a->trust, ASN1_OBJECT_free);
- sk_ASN1_OBJECT_pop_free(a->reject, ASN1_OBJECT_free);
- ASN1_UTF8STRING_free(a->alias);
- ASN1_OCTET_STRING_free(a->keyid);
- sk_X509_ALGOR_pop_free(a->other, X509_ALGOR_free);
- OPENSSL_free(a);
-}
-
-int i2d_X509_CERT_AUX(X509_CERT_AUX *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len_SEQUENCE_opt_type(ASN1_OBJECT, a->trust, i2d_ASN1_OBJECT);
- M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(ASN1_OBJECT, a->reject, i2d_ASN1_OBJECT, 0);
-
- M_ASN1_I2D_len(a->alias, i2d_ASN1_UTF8STRING);
- M_ASN1_I2D_len(a->keyid, i2d_ASN1_OCTET_STRING);
- M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(X509_ALGOR, a->other, i2d_X509_ALGOR, 1);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put_SEQUENCE_opt_type(ASN1_OBJECT, a->trust, i2d_ASN1_OBJECT);
- M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(ASN1_OBJECT, a->reject, i2d_ASN1_OBJECT, 0);
-
- M_ASN1_I2D_put(a->alias, i2d_ASN1_UTF8STRING);
- M_ASN1_I2D_put(a->keyid, i2d_ASN1_OCTET_STRING);
- M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(X509_ALGOR, a->other, i2d_X509_ALGOR, 1);
-
- M_ASN1_I2D_finish();
-}
+IMPLEMENT_ASN1_FUNCTIONS(X509_CERT_AUX)
static X509_CERT_AUX *aux_get(X509 *x)
{
diff --git a/crypto/dh/Makefile.ssl b/crypto/dh/Makefile.ssl
index 470cca3..ccbac65 100644
--- a/crypto/dh/Makefile.ssl
+++ b/crypto/dh/Makefile.ssl
@@ -22,8 +22,8 @@
APPS=
LIB=$(TOP)/libcrypto.a
-LIBSRC= dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c
-LIBOBJ= dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o
+LIBSRC= dh_asn1.c dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c
+LIBOBJ= dh_asn1.o dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o
SRC= $(LIBSRC)
@@ -79,6 +79,16 @@
# DO NOT DELETE THIS LINE -- make depend depends on it.
+dh_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+dh_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+dh_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+dh_asn1.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
+dh_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+dh_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h
+dh_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+dh_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/safestack.h
+dh_asn1.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+dh_asn1.o: ../cryptlib.h
dh_check.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
dh_check.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
dh_check.o: ../../include/openssl/dh.h ../../include/openssl/e_os.h
diff --git a/crypto/asn1/a_null.c b/crypto/dh/dh_asn1.c
similarity index 69%
rename from crypto/asn1/a_null.c
rename to crypto/dh/dh_asn1.c
index 119fd78..1f26be7 100644
--- a/crypto/asn1/a_null.c
+++ b/crypto/dh/dh_asn1.c
@@ -1,9 +1,9 @@
-/* a_null.c */
+/* dh_asn1.c */
/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
+ * project 2000.
*/
/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -58,62 +58,30 @@
#include <stdio.h>
#include "cryptlib.h"
-#include <openssl/asn1.h>
+#include <openssl/bn.h>
+#include <openssl/dh.h>
+#include <openssl/objects.h>
+#include <openssl/asn1t.h>
-/* ASN1 functions for NULL type. For compatibility with other ASN1 code
- * it returns a pointer to an "ASN1_NULL" structure. The new/free functions
- * don't need to do any allocating because nothing is stored in a NULL.
- */
-
-int i2d_ASN1_NULL(ASN1_NULL *a, unsigned char **pp)
- {
- if(!a) return 0;
- if (pp) ASN1_put_object(pp,0,0,V_ASN1_NULL,V_ASN1_UNIVERSAL);
- return 2;
- }
-
-ASN1_NULL *d2i_ASN1_NULL(ASN1_NULL **a, unsigned char **pp, long length)
- {
- ASN1_NULL *ret = NULL;
- unsigned char *p;
- long len;
- int inf,tag,xclass;
- int i=0;
-
- p= *pp;
- inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
- if (inf & 0x80)
- {
- i=ASN1_R_BAD_OBJECT_HEADER;
- goto err;
- }
-
- if (tag != V_ASN1_NULL)
- {
- i=ASN1_R_EXPECTING_A_NULL;
- goto err;
- }
-
- if (len != 0)
- {
- i=ASN1_R_NULL_IS_WRONG_LENGTH;
- goto err;
- }
- ret=(ASN1_NULL *)1;
- if (a != NULL) (*a)=ret;
- *pp=p;
- return(ret);
-err:
- ASN1err(ASN1_F_D2I_ASN1_NULL,i);
- return(ret);
- }
-
-ASN1_NULL *ASN1_NULL_new(void)
+/* Override the default free and new methods */
+static int dh_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
{
- return (ASN1_NULL *)1;
+ if(operation == ASN1_OP_NEW_PRE) {
+ *pval = (ASN1_VALUE *)DH_new();
+ if(*pval) return 2;
+ return 0;
+ } else if(operation == ASN1_OP_FREE_PRE) {
+ DH_free((DH *)*pval);
+ *pval = NULL;
+ return 2;
+ }
+ return 1;
}
-void ASN1_NULL_free(ASN1_NULL *a)
-{
- return;
-}
+ASN1_SEQUENCE_cb(DHparams, dh_cb) = {
+ ASN1_SIMPLE(DH, p, BIGNUM),
+ ASN1_SIMPLE(DH, g, BIGNUM),
+ ASN1_OPT(DH, length, ZLONG),
+} ASN1_SEQUENCE_END_cb(DH, DHparams);
+
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DH, DHparams, DHparams)
diff --git a/crypto/dsa/Makefile.ssl b/crypto/dsa/Makefile.ssl
index effcbb7..e735163 100644
--- a/crypto/dsa/Makefile.ssl
+++ b/crypto/dsa/Makefile.ssl
@@ -81,7 +81,7 @@
# DO NOT DELETE THIS LINE -- make depend depends on it.
-dsa_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+dsa_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
dsa_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
dsa_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
dsa_asn1.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h
index 4608b0f..9d72647 100644
--- a/crypto/dsa/dsa.h
+++ b/crypto/dsa/dsa.h
@@ -246,6 +246,7 @@
#define DSA_F_DSA_SIG_NEW 109
#define DSA_F_DSA_VERIFY 108
#define DSA_F_I2D_DSA_SIG 111
+#define DSA_F_SIG_CB 114
/* Reason codes. */
#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
diff --git a/crypto/dsa/dsa_asn1.c b/crypto/dsa/dsa_asn1.c
index 134fbee..fba2f73 100644
--- a/crypto/dsa/dsa_asn1.c
+++ b/crypto/dsa/dsa_asn1.c
@@ -1,97 +1,140 @@
-/* crypto/dsa/dsa_asn1.c */
+/* dsa_asn1.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/dsa.h>
#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
-DSA_SIG *DSA_SIG_new(void)
+/* Override the default new methods */
+static int sig_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
{
- DSA_SIG *ret;
-
- ret = OPENSSL_malloc(sizeof(DSA_SIG));
- if (ret == NULL)
- {
- DSAerr(DSA_F_DSA_SIG_NEW,ERR_R_MALLOC_FAILURE);
- return(NULL);
- }
- ret->r = NULL;
- ret->s = NULL;
- return(ret);
+ if(operation == ASN1_OP_NEW_PRE) {
+ DSA_SIG *sig;
+ sig = OPENSSL_malloc(sizeof(DSA_SIG));
+ sig->r = NULL;
+ sig->s = NULL;
+ *pval = (ASN1_VALUE *)sig;
+ if(sig) return 2;
+ DSAerr(DSA_F_SIG_CB, ERR_R_MALLOC_FAILURE);
+ return 0;
+ }
+ return 1;
}
-void DSA_SIG_free(DSA_SIG *r)
+ASN1_SEQUENCE_cb(DSA_SIG, sig_cb) = {
+ ASN1_SIMPLE(DSA_SIG, r, CBIGNUM),
+ ASN1_SIMPLE(DSA_SIG, s, CBIGNUM)
+} ASN1_SEQUENCE_END_cb(DSA_SIG, DSA_SIG);
+
+IMPLEMENT_ASN1_FUNCTIONS_const(DSA_SIG)
+
+/* Override the default free and new methods */
+static int dsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
{
- if (r == NULL) return;
- if (r->r) BN_clear_free(r->r);
- if (r->s) BN_clear_free(r->s);
- OPENSSL_free(r);
+ if(operation == ASN1_OP_NEW_PRE) {
+ *pval = (ASN1_VALUE *)DSA_new();
+ if(*pval) return 2;
+ return 0;
+ } else if(operation == ASN1_OP_FREE_PRE) {
+ DSA_free((DSA *)*pval);
+ *pval = NULL;
+ return 2;
+ }
+ return 1;
}
-int i2d_DSA_SIG(const DSA_SIG *v, unsigned char **pp)
-{
- int t=0,len;
- ASN1_INTEGER rbs,sbs;
- unsigned char *p;
+ASN1_SEQUENCE_cb(DSAPrivateKey, dsa_cb) = {
+ ASN1_SIMPLE(DSA, version, LONG),
+ ASN1_SIMPLE(DSA, p, BIGNUM),
+ ASN1_SIMPLE(DSA, q, BIGNUM),
+ ASN1_SIMPLE(DSA, g, BIGNUM),
+ ASN1_SIMPLE(DSA, pub_key, BIGNUM),
+ ASN1_SIMPLE(DSA, priv_key, BIGNUM)
+} ASN1_SEQUENCE_END_cb(DSA, DSAPrivateKey);
- rbs.data=OPENSSL_malloc(BN_num_bits(v->r)/8+1);
- if (rbs.data == NULL)
- {
- DSAerr(DSA_F_I2D_DSA_SIG, ERR_R_MALLOC_FAILURE);
- return(0);
- }
- rbs.type=V_ASN1_INTEGER;
- rbs.length=BN_bn2bin(v->r,rbs.data);
- sbs.data=OPENSSL_malloc(BN_num_bits(v->s)/8+1);
- if (sbs.data == NULL)
- {
- OPENSSL_free(rbs.data);
- DSAerr(DSA_F_I2D_DSA_SIG, ERR_R_MALLOC_FAILURE);
- return(0);
- }
- sbs.type=V_ASN1_INTEGER;
- sbs.length=BN_bn2bin(v->s,sbs.data);
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPrivateKey, DSAPrivateKey)
- len=i2d_ASN1_INTEGER(&rbs,NULL);
- len+=i2d_ASN1_INTEGER(&sbs,NULL);
+ASN1_SEQUENCE_cb(DSAparams, dsa_cb) = {
+ ASN1_SIMPLE(DSA, p, BIGNUM),
+ ASN1_SIMPLE(DSA, q, BIGNUM),
+ ASN1_SIMPLE(DSA, g, BIGNUM),
+} ASN1_SEQUENCE_END_cb(DSA, DSAparams);
- if (pp)
- {
- p=*pp;
- ASN1_put_object(&p,1,len,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
- i2d_ASN1_INTEGER(&rbs,&p);
- i2d_ASN1_INTEGER(&sbs,&p);
- }
- t=ASN1_object_size(1,len,V_ASN1_SEQUENCE);
- OPENSSL_free(rbs.data);
- OPENSSL_free(sbs.data);
- return(t);
-}
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAparams, DSAparams)
-DSA_SIG *d2i_DSA_SIG(DSA_SIG **a, const unsigned char **pp, long length)
-{
- int i=ERR_R_NESTED_ASN1_ERROR;
- ASN1_INTEGER *bs=NULL;
- M_ASN1_D2I_vars(a,DSA_SIG *,DSA_SIG_new);
+/* DSA public key is a bit trickier... its effectively a CHOICE type
+ * decided by a field called write_params which can either write out
+ * just the public key as an INTEGER or the parameters and public key
+ * in a SEQUENCE
+ */
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->r=BN_bin2bn(bs->data,bs->length,ret->r)) == NULL)
- goto err_bn;
- M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
- if ((ret->s=BN_bin2bn(bs->data,bs->length,ret->s)) == NULL)
- goto err_bn;
- M_ASN1_BIT_STRING_free(bs);
- bs = NULL;
- M_ASN1_D2I_Finish_2(a);
+ASN1_SEQUENCE(dsa_pub_internal) = {
+ ASN1_SIMPLE(DSA, pub_key, BIGNUM),
+ ASN1_SIMPLE(DSA, p, BIGNUM),
+ ASN1_SIMPLE(DSA, q, BIGNUM),
+ ASN1_SIMPLE(DSA, g, BIGNUM)
+} ASN1_SEQUENCE_END_name(DSA, dsa_pub_internal);
-err_bn:
- i=ERR_R_BN_LIB;
-err:
- DSAerr(DSA_F_D2I_DSA_SIG,i);
- if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_SIG_free(ret);
- if (bs != NULL) M_ASN1_BIT_STRING_free(bs);
- return(NULL);
-}
+ASN1_CHOICE_cb(DSAPublicKey, dsa_cb) = {
+ ASN1_SIMPLE(DSA, pub_key, BIGNUM),
+ ASN1_EX_COMBINE(0, 0, dsa_pub_internal)
+} ASN1_CHOICE_END_cb(DSA, DSAPublicKey, write_params);
+
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(DSA, DSAPublicKey, DSAPublicKey)
diff --git a/crypto/dsa/dsa_err.c b/crypto/dsa/dsa_err.c
index 2b3ab3a..37ecc18 100644
--- a/crypto/dsa/dsa_err.c
+++ b/crypto/dsa/dsa_err.c
@@ -79,6 +79,7 @@
{ERR_PACK(0,DSA_F_DSA_SIG_NEW,0), "DSA_SIG_new"},
{ERR_PACK(0,DSA_F_DSA_VERIFY,0), "DSA_verify"},
{ERR_PACK(0,DSA_F_I2D_DSA_SIG,0), "i2d_DSA_SIG"},
+{ERR_PACK(0,DSA_F_SIG_CB,0), "SIG_CB"},
{0,NULL}
};
diff --git a/crypto/pkcs12/Makefile.ssl b/crypto/pkcs12/Makefile.ssl
index 4ed1b26..7941853 100644
--- a/crypto/pkcs12/Makefile.ssl
+++ b/crypto/pkcs12/Makefile.ssl
@@ -22,12 +22,12 @@
APPS=
LIB=$(TOP)/libcrypto.a
-LIBSRC= p12_add.c p12_attr.c p12_bags.c p12_crpt.c p12_crt.c p12_decr.c \
- p12_init.c p12_key.c p12_kiss.c p12_lib.c p12_mac.c p12_mutl.c\
- p12_sbag.c p12_utl.c p12_npas.c pk12err.c
-LIBOBJ= p12_add.o p12_attr.o p12_bags.o p12_crpt.o p12_crt.o p12_decr.o \
- p12_init.o p12_key.o p12_kiss.o p12_lib.o p12_mac.o p12_mutl.o\
- p12_sbag.o p12_utl.o p12_npas.o pk12err.o
+LIBSRC= p12_add.c p12_asn.c p12_attr.c p12_crpt.c p12_crt.c p12_decr.c \
+ p12_init.c p12_key.c p12_kiss.c p12_mutl.c\
+ p12_utl.c p12_npas.c pk12err.c
+LIBOBJ= p12_add.o p12_asn.o p12_attr.o p12_crpt.o p12_crt.o p12_decr.o \
+ p12_init.o p12_key.o p12_kiss.o p12_mutl.o\
+ p12_utl.o p12_npas.o pk12err.o
SRC= $(LIBSRC)
@@ -105,6 +105,27 @@
p12_add.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
p12_add.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
p12_add.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
+p12_asn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+p12_asn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+p12_asn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+p12_asn.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+p12_asn.o: ../../include/openssl/des.h ../../include/openssl/dh.h
+p12_asn.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
+p12_asn.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+p12_asn.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+p12_asn.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+p12_asn.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+p12_asn.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+p12_asn.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+p12_asn.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
+p12_asn.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
+p12_asn.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
+p12_asn.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h
+p12_asn.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
+p12_asn.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+p12_asn.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+p12_asn.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
+p12_asn.o: ../cryptlib.h
p12_attr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
p12_attr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
p12_attr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
@@ -126,27 +147,6 @@
p12_attr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
p12_attr.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
p12_attr.o: ../cryptlib.h
-p12_bags.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p12_bags.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p12_bags.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p12_bags.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p12_bags.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p12_bags.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p12_bags.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p12_bags.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p12_bags.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p12_bags.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p12_bags.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p12_bags.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_bags.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
-p12_bags.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_bags.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_bags.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h
-p12_bags.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_bags.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_bags.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_bags.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_bags.o: ../cryptlib.h
p12_crpt.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
p12_crpt.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
p12_crpt.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
@@ -271,48 +271,6 @@
p12_kiss.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
p12_kiss.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
p12_kiss.o: ../cryptlib.h
-p12_lib.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p12_lib.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p12_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p12_lib.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p12_lib.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p12_lib.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p12_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p12_lib.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p12_lib.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p12_lib.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p12_lib.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p12_lib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
-p12_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_lib.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_lib.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h
-p12_lib.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_lib.o: ../cryptlib.h
-p12_mac.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p12_mac.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p12_mac.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p12_mac.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p12_mac.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p12_mac.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p12_mac.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p12_mac.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p12_mac.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p12_mac.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p12_mac.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p12_mac.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_mac.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
-p12_mac.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_mac.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_mac.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h
-p12_mac.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_mac.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_mac.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_mac.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_mac.o: ../cryptlib.h
p12_mutl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
p12_mutl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
p12_mutl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
@@ -354,27 +312,6 @@
p12_npas.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
p12_npas.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
p12_npas.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_sbag.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-p12_sbag.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-p12_sbag.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-p12_sbag.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-p12_sbag.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-p12_sbag.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-p12_sbag.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-p12_sbag.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-p12_sbag.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-p12_sbag.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-p12_sbag.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-p12_sbag.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
-p12_sbag.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs12.h
-p12_sbag.o: ../../include/openssl/pkcs7.h ../../include/openssl/rc2.h
-p12_sbag.o: ../../include/openssl/rc4.h ../../include/openssl/rc5.h
-p12_sbag.o: ../../include/openssl/rd_fst.h ../../include/openssl/rijndael.h
-p12_sbag.o: ../../include/openssl/ripemd.h ../../include/openssl/rsa.h
-p12_sbag.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
-p12_sbag.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
-p12_sbag.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
-p12_sbag.o: ../cryptlib.h
p12_utl.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
p12_utl.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
p12_utl.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
diff --git a/crypto/pkcs12/p12_asn.c b/crypto/pkcs12/p12_asn.c
new file mode 100644
index 0000000..cbee733
--- /dev/null
+++ b/crypto/pkcs12/p12_asn.c
@@ -0,0 +1,114 @@
+/* p12_asn.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 1999.
+ */
+/* ====================================================================
+ * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pkcs12.h>
+
+/* PKCS#12 ASN1 module */
+
+ASN1_SEQUENCE(PKCS12) = {
+ ASN1_SIMPLE(PKCS12, version, ASN1_INTEGER),
+ ASN1_SIMPLE(PKCS12, authsafes, PKCS7),
+ ASN1_OPT(PKCS12, mac, PKCS12_MAC_DATA)
+} ASN1_SEQUENCE_END(PKCS12);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS12)
+
+ASN1_SEQUENCE(PKCS12_MAC_DATA) = {
+ ASN1_SIMPLE(PKCS12_MAC_DATA, dinfo, X509_SIG),
+ ASN1_SIMPLE(PKCS12_MAC_DATA, salt, ASN1_OCTET_STRING),
+ ASN1_OPT(PKCS12_MAC_DATA, iter, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(PKCS12_MAC_DATA);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
+
+ASN1_ADB_TEMPLATE(bag_default) = ASN1_EXP(PKCS12_BAGS, value.other, ASN1_ANY, 0);
+
+ASN1_ADB(PKCS12_BAGS) = {
+ ADB_ENTRY(NID_x509Certificate, ASN1_EXP(PKCS12_BAGS, value.x509cert, ASN1_OCTET_STRING, 0)),
+ ADB_ENTRY(NID_x509Certificate, ASN1_EXP(PKCS12_BAGS, value.x509crl, ASN1_OCTET_STRING, 0)),
+ ADB_ENTRY(NID_x509Certificate, ASN1_EXP(PKCS12_BAGS, value.sdsicert, ASN1_IA5STRING, 0)),
+} ASN1_ADB_END(PKCS12_BAGS, 0, type, 0, &bag_default_tt, NULL);
+
+ASN1_SEQUENCE(PKCS12_BAGS) = {
+ ASN1_SIMPLE(PKCS12_BAGS, type, ASN1_OBJECT),
+ ASN1_ADB_OBJECT(PKCS12_BAGS),
+} ASN1_SEQUENCE_END(PKCS12_BAGS);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS12_BAGS)
+
+ASN1_ADB_TEMPLATE(safebag_default) = ASN1_EXP(PKCS12_SAFEBAG, value.other, ASN1_ANY, 0);
+
+ASN1_ADB(PKCS12_SAFEBAG) = {
+ ADB_ENTRY(NID_keyBag, ASN1_EXP(PKCS12_SAFEBAG, value.keybag, PKCS8_PRIV_KEY_INFO, 0)),
+ ADB_ENTRY(NID_pkcs8ShroudedKeyBag, ASN1_EXP(PKCS12_SAFEBAG, value.keybag, X509_SIG, 0)),
+ ADB_ENTRY(NID_safeContentsBag, ASN1_EXP_SET_OF(PKCS12_SAFEBAG, value.safes, PKCS12_SAFEBAG, 0)),
+ ADB_ENTRY(NID_certBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag, PKCS12_BAGS, 0)),
+ ADB_ENTRY(NID_crlBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag, PKCS12_BAGS, 0)),
+ ADB_ENTRY(NID_secretBag, ASN1_EXP(PKCS12_SAFEBAG, value.bag, PKCS12_BAGS, 0))
+} ASN1_ADB_END(PKCS12_SAFEBAG, 0, type, 0, &safebag_default_tt, NULL);
+
+ASN1_SEQUENCE(PKCS12_SAFEBAG) = {
+ ASN1_SIMPLE(PKCS12_SAFEBAG, type, ASN1_OBJECT),
+ ASN1_ADB_OBJECT(PKCS12_SAFEBAG),
+ ASN1_SET_OF_OPT(PKCS12_SAFEBAG, attrib, X509_ATTRIBUTE)
+} ASN1_SEQUENCE_END(PKCS12_SAFEBAG);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
diff --git a/crypto/pkcs12/p12_attr.c b/crypto/pkcs12/p12_attr.c
index f1a210b..64bf417 100644
--- a/crypto/pkcs12/p12_attr.c
+++ b/crypto/pkcs12/p12_attr.c
@@ -92,7 +92,7 @@
return 0;
}
sk_ASN1_TYPE_push (attrib->value.set,keyid);
- attrib->set = 1;
+ attrib->single = 0;
if (!bag->attrib && !(bag->attrib = sk_X509_ATTRIBUTE_new_null ())) {
PKCS12err(PKCS12_F_PKCS12_ADD_LOCALKEYID, ERR_R_MALLOC_FAILURE);
return 0;
@@ -134,7 +134,7 @@
return 0;
}
sk_ASN1_TYPE_push (attrib->value.set,keyid);
- attrib->set = 1;
+ attrib->single = 0;
if (!p8->attributes
&& !(p8->attributes = sk_X509_ATTRIBUTE_new_null ())) {
PKCS12err(PKCS12_F_PKCS8_ADD_KEYUSAGE, ERR_R_MALLOC_FAILURE);
@@ -201,7 +201,7 @@
return 0;
}
sk_ASN1_TYPE_push (attrib->value.set,fname);
- attrib->set = 1;
+ attrib->single = 0;
if (!bag->attrib && !(bag->attrib = sk_X509_ATTRIBUTE_new_null ())) {
PKCS12err(PKCS12_F_PKCS12_ADD_FRIENDLYNAME_UNI,
ERR_R_MALLOC_FAILURE);
diff --git a/crypto/pkcs12/pkcs12.h b/crypto/pkcs12/pkcs12.h
index 502fcef..d58a140 100644
--- a/crypto/pkcs12/pkcs12.h
+++ b/crypto/pkcs12/pkcs12.h
@@ -120,7 +120,6 @@
ASN1_TYPE *other;
}value;
STACK_OF(X509_ATTRIBUTE) *attrib;
-ASN1_TYPE *rest;
} PKCS12_SAFEBAG;
DECLARE_STACK_OF(PKCS12_SAFEBAG)
@@ -249,24 +248,12 @@
int saltlen, EVP_MD *md_type);
unsigned char *asc2uni(const char *asc, unsigned char **uni, int *unilen);
char *uni2asc(unsigned char *uni, int unilen);
-int i2d_PKCS12_BAGS(PKCS12_BAGS *a, unsigned char **pp);
-PKCS12_BAGS *PKCS12_BAGS_new(void);
-PKCS12_BAGS *d2i_PKCS12_BAGS(PKCS12_BAGS **a, unsigned char **pp, long length);
-void PKCS12_BAGS_free(PKCS12_BAGS *a);
-int i2d_PKCS12(PKCS12 *a, unsigned char **pp);
-PKCS12 *d2i_PKCS12(PKCS12 **a, unsigned char **pp, long length);
-PKCS12 *PKCS12_new(void);
-void PKCS12_free(PKCS12 *a);
-int i2d_PKCS12_MAC_DATA(PKCS12_MAC_DATA *a, unsigned char **pp);
-PKCS12_MAC_DATA *PKCS12_MAC_DATA_new(void);
-PKCS12_MAC_DATA *d2i_PKCS12_MAC_DATA(PKCS12_MAC_DATA **a, unsigned char **pp,
- long length);
-void PKCS12_MAC_DATA_free(PKCS12_MAC_DATA *a);
-int i2d_PKCS12_SAFEBAG(PKCS12_SAFEBAG *a, unsigned char **pp);
-PKCS12_SAFEBAG *PKCS12_SAFEBAG_new(void);
-PKCS12_SAFEBAG *d2i_PKCS12_SAFEBAG(PKCS12_SAFEBAG **a, unsigned char **pp,
- long length);
-void PKCS12_SAFEBAG_free(PKCS12_SAFEBAG *a);
+
+DECLARE_ASN1_FUNCTIONS(PKCS12)
+DECLARE_ASN1_FUNCTIONS(PKCS12_MAC_DATA)
+DECLARE_ASN1_FUNCTIONS(PKCS12_SAFEBAG)
+DECLARE_ASN1_FUNCTIONS(PKCS12_BAGS)
+
void ERR_load_PKCS12_strings(void);
void PKCS12_PBE_add(void);
int PKCS12_parse(PKCS12 *p12, const char *pass, EVP_PKEY **pkey, X509 **cert,
diff --git a/crypto/pkcs7/Makefile.ssl b/crypto/pkcs7/Makefile.ssl
index a5be0e0..ab87fb7 100644
--- a/crypto/pkcs7/Makefile.ssl
+++ b/crypto/pkcs7/Makefile.ssl
@@ -25,8 +25,10 @@
APPS=
LIB=$(TOP)/libcrypto.a
-LIBSRC= pk7_lib.c pkcs7err.c pk7_doit.c pk7_smime.c pk7_attr.c pk7_mime.c
-LIBOBJ= pk7_lib.o pkcs7err.o pk7_doit.o pk7_smime.o pk7_attr.o pk7_mime.o
+LIBSRC= pk7_asn1.c pk7_lib.c pkcs7err.c pk7_doit.c pk7_smime.c pk7_attr.c \
+ pk7_mime.c
+LIBOBJ= pk7_asn1.o pk7_lib.o pkcs7err.o pk7_doit.o pk7_smime.o pk7_attr.o \
+ pk7_mime.o
SRC= $(LIBSRC)
@@ -98,6 +100,26 @@
# DO NOT DELETE THIS LINE -- make depend depends on it.
+pk7_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+pk7_asn1.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+pk7_asn1.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+pk7_asn1.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
+pk7_asn1.o: ../../include/openssl/des.h ../../include/openssl/dh.h
+pk7_asn1.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
+pk7_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+pk7_asn1.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+pk7_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+pk7_asn1.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+pk7_asn1.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+pk7_asn1.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+pk7_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
+pk7_asn1.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
+pk7_asn1.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
+pk7_asn1.o: ../../include/openssl/rijndael.h ../../include/openssl/ripemd.h
+pk7_asn1.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h
+pk7_asn1.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
+pk7_asn1.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
+pk7_asn1.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
pk7_attr.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
pk7_attr.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
pk7_attr.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
diff --git a/crypto/pkcs7/pk7_asn1.c b/crypto/pkcs7/pk7_asn1.c
new file mode 100644
index 0000000..777a861
--- /dev/null
+++ b/crypto/pkcs7/pk7_asn1.c
@@ -0,0 +1,175 @@
+/* pk7_asn.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <openssl/asn1t.h>
+#include <openssl/pkcs7.h>
+
+/* PKCS#7 ASN1 module */
+
+/* This is the ANY DEFINED BY table for the top level PKCS#7 structure */
+
+ASN1_ADB_TEMPLATE(p7default) = ASN1_EXP_OPT(PKCS7, d.other, ASN1_ANY, 0);
+
+ASN1_ADB(PKCS7) = {
+ ADB_ENTRY(NID_pkcs7_data, ASN1_EXP_OPT(PKCS7, d.data, ASN1_OCTET_STRING, 0)),
+ ADB_ENTRY(NID_pkcs7_signed, ASN1_EXP_OPT(PKCS7, d.sign, PKCS7_SIGNED, 0)),
+ ADB_ENTRY(NID_pkcs7_enveloped, ASN1_EXP_OPT(PKCS7, d.enveloped, PKCS7_ENVELOPE, 0)),
+ ADB_ENTRY(NID_pkcs7_signedAndEnveloped, ASN1_EXP_OPT(PKCS7, d.signed_and_enveloped, PKCS7_SIGN_ENVELOPE, 0)),
+ ADB_ENTRY(NID_pkcs7_digest, ASN1_EXP_OPT(PKCS7, d.digest, PKCS7_DIGEST, 0)),
+ ADB_ENTRY(NID_pkcs7_encrypted, ASN1_EXP_OPT(PKCS7, d.encrypted, PKCS7_ENCRYPT, 0))
+} ASN1_ADB_END(PKCS7, 0, type, 0, &p7default_tt, NULL);
+
+ASN1_SEQUENCE(PKCS7) = {
+ ASN1_SIMPLE(PKCS7, type, ASN1_OBJECT),
+ ASN1_ADB_OBJECT(PKCS7)
+}ASN1_SEQUENCE_END(PKCS7);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7)
+
+ASN1_SEQUENCE(PKCS7_SIGNED) = {
+ ASN1_SIMPLE(PKCS7_SIGNED, version, ASN1_INTEGER),
+ ASN1_SET_OF(PKCS7_SIGNED, md_algs, X509_ALGOR),
+ ASN1_SIMPLE(PKCS7_SIGNED, contents, PKCS7),
+ ASN1_IMP_SEQUENCE_OF_OPT(PKCS7_SIGNED, cert, X509, 0),
+ ASN1_IMP_SET_OF_OPT(PKCS7_SIGNED, crl, X509_CRL, 1),
+ ASN1_SET_OF(PKCS7_SIGNED, signer_info, PKCS7_SIGNER_INFO)
+} ASN1_SEQUENCE_END(PKCS7_SIGNED);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGNED)
+
+/* Minor tweak to operation: free up EVP_PKEY */
+static int si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ if(operation == ASN1_OP_FREE_POST) {
+ PKCS7_SIGNER_INFO *si = (PKCS7_SIGNER_INFO *)*pval;
+ EVP_PKEY_free(si->pkey);
+ }
+ return 1;
+}
+
+ASN1_SEQUENCE_cb(PKCS7_SIGNER_INFO, si_cb) = {
+ ASN1_SIMPLE(PKCS7_SIGNER_INFO, version, ASN1_INTEGER),
+ ASN1_SIMPLE(PKCS7_SIGNER_INFO, issuer_and_serial, PKCS7_ISSUER_AND_SERIAL),
+ ASN1_SIMPLE(PKCS7_SIGNER_INFO, digest_alg, X509_ALGOR),
+ ASN1_IMP_SET_OF_OPT(PKCS7_SIGNER_INFO, auth_attr, X509_ATTRIBUTE, 0),
+ ASN1_SIMPLE(PKCS7_SIGNER_INFO, digest_enc_alg, X509_ALGOR),
+ ASN1_SIMPLE(PKCS7_SIGNER_INFO, enc_digest, ASN1_OCTET_STRING),
+ ASN1_IMP_SET_OF_OPT(PKCS7_SIGNER_INFO, unauth_attr, X509_ATTRIBUTE, 1)
+} ASN1_SEQUENCE_END_cb(PKCS7_SIGNER_INFO, PKCS7_SIGNER_INFO);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO)
+
+ASN1_SEQUENCE(PKCS7_ISSUER_AND_SERIAL) = {
+ ASN1_SIMPLE(PKCS7_ISSUER_AND_SERIAL, issuer, X509_NAME),
+ ASN1_SIMPLE(PKCS7_ISSUER_AND_SERIAL, serial, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(PKCS7_ISSUER_AND_SERIAL);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
+
+ASN1_SEQUENCE(PKCS7_ENVELOPE) = {
+ ASN1_SIMPLE(PKCS7_ENVELOPE, version, ASN1_INTEGER),
+ ASN1_SET_OF(PKCS7_ENVELOPE, recipientinfo, PKCS7_RECIP_INFO),
+ ASN1_SIMPLE(PKCS7_ENVELOPE, enc_data, PKCS7_ENC_CONTENT)
+} ASN1_SEQUENCE_END(PKCS7_ENVELOPE);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENVELOPE)
+
+ASN1_SEQUENCE(PKCS7_RECIP_INFO) = {
+ ASN1_SIMPLE(PKCS7_RECIP_INFO, version, ASN1_INTEGER),
+ ASN1_SIMPLE(PKCS7_RECIP_INFO, issuer_and_serial, PKCS7_ISSUER_AND_SERIAL),
+ ASN1_SIMPLE(PKCS7_RECIP_INFO, key_enc_algor, X509_ALGOR),
+ ASN1_SIMPLE(PKCS7_RECIP_INFO, enc_key, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(PKCS7_RECIP_INFO);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
+
+ASN1_SEQUENCE(PKCS7_ENC_CONTENT) = {
+ ASN1_SIMPLE(PKCS7_ENC_CONTENT, content_type, ASN1_OBJECT),
+ ASN1_SIMPLE(PKCS7_ENC_CONTENT, algorithm, X509_ALGOR),
+ ASN1_IMP_OPT(PKCS7_ENC_CONTENT, enc_data, ASN1_OCTET_STRING, 0)
+} ASN1_SEQUENCE_END(PKCS7_ENC_CONTENT);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT)
+
+ASN1_SEQUENCE(PKCS7_SIGN_ENVELOPE) = {
+ ASN1_SIMPLE(PKCS7_SIGN_ENVELOPE, version, ASN1_INTEGER),
+ ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, recipientinfo, PKCS7_RECIP_INFO),
+ ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, md_algs, X509_ALGOR),
+ ASN1_SIMPLE(PKCS7_SIGN_ENVELOPE, enc_data, PKCS7_ENC_CONTENT),
+ ASN1_IMP_SET_OF_OPT(PKCS7_SIGN_ENVELOPE, cert, X509, 0),
+ ASN1_IMP_SET_OF_OPT(PKCS7_SIGN_ENVELOPE, crl, X509_CRL, 1),
+ ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, signer_info, PKCS7_SIGNER_INFO)
+} ASN1_SEQUENCE_END(PKCS7_SIGN_ENVELOPE);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE)
+
+ASN1_SEQUENCE(PKCS7_ENCRYPT) = {
+ ASN1_SIMPLE(PKCS7_ENCRYPT, version, ASN1_INTEGER),
+ ASN1_SIMPLE(PKCS7_ENCRYPT, enc_data, PKCS7_ENC_CONTENT)
+} ASN1_SEQUENCE_END(PKCS7_ENCRYPT);
+
+IMPLEMENT_ASN1_FUNCTIONS(PKCS7_ENCRYPT)
+
+ASN1_SEQUENCE(PKCS7_DIGEST) = {
+ ASN1_SIMPLE(PKCS7_DIGEST, version, ASN1_INTEGER),
+ ASN1_SIMPLE(PKCS7_DIGEST, md, X509_ALGOR),
+ ASN1_SIMPLE(PKCS7_DIGEST, contents, PKCS7),
+ ASN1_SIMPLE(PKCS7_DIGEST, digest, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(PKCS7_DIGEST);
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
index 099e965..d294c5e 100644
--- a/crypto/pkcs7/pk7_doit.c
+++ b/crypto/pkcs7/pk7_doit.c
@@ -219,7 +219,7 @@
}
if (bio == NULL) {
- if (p7->detached)
+ if (PKCS7_is_detached(p7))
bio=BIO_new(BIO_s_null());
else {
if (PKCS7_type_is_signed(p7) &&
@@ -419,7 +419,7 @@
}
#if 1
- if (p7->detached || (in_bio != NULL))
+ if (PKCS7_is_detached(p7) || (in_bio != NULL))
{
bio=in_bio;
}
@@ -606,7 +606,7 @@
}
}
- if (!p7->detached)
+ if (!PKCS7_is_detached(p7))
{
btmp=BIO_find_type(bio,BIO_TYPE_MEM);
if (btmp == NULL)
@@ -838,7 +838,7 @@
xa=sk_X509_ATTRIBUTE_value(sk,i);
if (OBJ_cmp(xa->object,o) == 0)
{
- if (xa->set && sk_ASN1_TYPE_num(xa->value.set))
+ if (!xa->single && sk_ASN1_TYPE_num(xa->value.set))
return(sk_ASN1_TYPE_value(xa->value.set,0));
else
return(NULL);
diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c
index 45973fe..9ceeab6 100644
--- a/crypto/pkcs7/pk7_lib.c
+++ b/crypto/pkcs7/pk7_lib.c
@@ -84,7 +84,11 @@
case PKCS7_OP_GET_DETACHED_SIGNATURE:
if (nid == NID_pkcs7_signed)
{
- ret=p7->detached;
+ if(!p7->d.sign || !p7->d.sign->contents->d.ptr)
+ ret = 1;
+ else ret = 0;
+
+ p7->detached = ret;
}
else
{
@@ -144,7 +148,7 @@
{
ASN1_OBJECT *obj;
- PKCS7_content_free(p7);
+ /*PKCS7_content_free(p7);*/
obj=OBJ_nid2obj(type); /* will not fail */
switch (type)
diff --git a/crypto/pkcs7/pkcs7.h b/crypto/pkcs7/pkcs7.h
index 1b817e6..1dfbace 100644
--- a/crypto/pkcs7/pkcs7.h
+++ b/crypto/pkcs7/pkcs7.h
@@ -235,6 +235,8 @@
#define PKCS7_get_detached(p) \
PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL)
+#define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7))
+
#ifdef SSLEAY_MACROS
#ifndef PKCS7_ISSUER_AND_SERIAL_digest
#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
@@ -268,14 +270,7 @@
#define SMIME_BINARY PKCS7_BINARY
#define SMIME_NOATTR PKCS7_NOATTR
-PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new(void );
-void PKCS7_ISSUER_AND_SERIAL_free(
- PKCS7_ISSUER_AND_SERIAL *a);
-int i2d_PKCS7_ISSUER_AND_SERIAL(
- PKCS7_ISSUER_AND_SERIAL *a,unsigned char **pp);
-PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL(
- PKCS7_ISSUER_AND_SERIAL **a,
- unsigned char **pp, long length);
+DECLARE_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
#ifndef SSLEAY_MACROS
int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,const EVP_MD *type,
@@ -289,69 +284,15 @@
int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7);
#endif
-PKCS7_SIGNER_INFO *PKCS7_SIGNER_INFO_new(void);
-void PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a);
-int i2d_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO *a,
- unsigned char **pp);
-PKCS7_SIGNER_INFO *d2i_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO **a,
- unsigned char **pp,long length);
-
-PKCS7_RECIP_INFO *PKCS7_RECIP_INFO_new(void);
-void PKCS7_RECIP_INFO_free(PKCS7_RECIP_INFO *a);
-int i2d_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO *a,
- unsigned char **pp);
-PKCS7_RECIP_INFO *d2i_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO **a,
- unsigned char **pp,long length);
-
-PKCS7_SIGNED *PKCS7_SIGNED_new(void);
-void PKCS7_SIGNED_free(PKCS7_SIGNED *a);
-int i2d_PKCS7_SIGNED(PKCS7_SIGNED *a,
- unsigned char **pp);
-PKCS7_SIGNED *d2i_PKCS7_SIGNED(PKCS7_SIGNED **a,
- unsigned char **pp,long length);
-
-PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new(void);
-void PKCS7_ENC_CONTENT_free(PKCS7_ENC_CONTENT *a);
-int i2d_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT *a,
- unsigned char **pp);
-PKCS7_ENC_CONTENT *d2i_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT **a,
- unsigned char **pp,long length);
-
-PKCS7_ENVELOPE *PKCS7_ENVELOPE_new(void);
-void PKCS7_ENVELOPE_free(PKCS7_ENVELOPE *a);
-int i2d_PKCS7_ENVELOPE(PKCS7_ENVELOPE *a,
- unsigned char **pp);
-PKCS7_ENVELOPE *d2i_PKCS7_ENVELOPE(PKCS7_ENVELOPE **a,
- unsigned char **pp,long length);
-
-PKCS7_SIGN_ENVELOPE *PKCS7_SIGN_ENVELOPE_new(void);
-void PKCS7_SIGN_ENVELOPE_free(PKCS7_SIGN_ENVELOPE *a);
-int i2d_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE *a,
- unsigned char **pp);
-PKCS7_SIGN_ENVELOPE *d2i_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE **a,
- unsigned char **pp,long length);
-
-PKCS7_DIGEST *PKCS7_DIGEST_new(void);
-void PKCS7_DIGEST_free(PKCS7_DIGEST *a);
-int i2d_PKCS7_DIGEST(PKCS7_DIGEST *a,
- unsigned char **pp);
-PKCS7_DIGEST *d2i_PKCS7_DIGEST(PKCS7_DIGEST **a,
- unsigned char **pp,long length);
-
-PKCS7_ENCRYPT *PKCS7_ENCRYPT_new(void);
-void PKCS7_ENCRYPT_free(PKCS7_ENCRYPT *a);
-int i2d_PKCS7_ENCRYPT(PKCS7_ENCRYPT *a,
- unsigned char **pp);
-PKCS7_ENCRYPT *d2i_PKCS7_ENCRYPT(PKCS7_ENCRYPT **a,
- unsigned char **pp,long length);
-
-PKCS7 *PKCS7_new(void);
-void PKCS7_free(PKCS7 *a);
-void PKCS7_content_free(PKCS7 *a);
-int i2d_PKCS7(PKCS7 *a,
- unsigned char **pp);
-PKCS7 *d2i_PKCS7(PKCS7 **a,
- unsigned char **pp,long length);
+DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO)
+DECLARE_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
+DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNED)
+DECLARE_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT)
+DECLARE_ASN1_FUNCTIONS(PKCS7_ENVELOPE)
+DECLARE_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE)
+DECLARE_ASN1_FUNCTIONS(PKCS7_DIGEST)
+DECLARE_ASN1_FUNCTIONS(PKCS7_ENCRYPT)
+DECLARE_ASN1_FUNCTIONS(PKCS7)
void ERR_load_PKCS7_strings(void);
diff --git a/crypto/rsa/Makefile.ssl b/crypto/rsa/Makefile.ssl
index ede3989..6f18d2b 100644
--- a/crypto/rsa/Makefile.ssl
+++ b/crypto/rsa/Makefile.ssl
@@ -23,9 +23,11 @@
LIB=$(TOP)/libcrypto.a
LIBSRC= rsa_eay.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c \
- rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c
+ rsa_pk1.c rsa_ssl.c rsa_none.c rsa_oaep.c rsa_chk.c rsa_null.c \
+ rsa_asn1.c
LIBOBJ= rsa_eay.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o \
- rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o
+ rsa_pk1.o rsa_ssl.o rsa_none.o rsa_oaep.o rsa_chk.o rsa_null.o \
+ rsa_asn1.o
SRC= $(LIBSRC)
@@ -81,6 +83,15 @@
# DO NOT DELETE THIS LINE -- make depend depends on it.
+rsa_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+rsa_asn1.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
+rsa_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h
+rsa_asn1.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+rsa_asn1.o: ../../include/openssl/err.h ../../include/openssl/lhash.h
+rsa_asn1.o: ../../include/openssl/opensslconf.h
+rsa_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/rsa.h
+rsa_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h
+rsa_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h
rsa_chk.o: ../../include/openssl/bio.h ../../include/openssl/bn.h
rsa_chk.o: ../../include/openssl/crypto.h ../../include/openssl/err.h
rsa_chk.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h
diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h
index ede6500..a488b80 100644
--- a/crypto/rsa/rsa.h
+++ b/crypto/rsa/rsa.h
@@ -119,7 +119,7 @@
/* The first parameter is used to pickup errors where
* this is passed instead of aEVP_PKEY, it is set to 0 */
int pad;
- int version;
+ long version;
#if 0
RSA_METHOD *meth;
#else
@@ -236,7 +236,6 @@
int i2d_RSA_NET(const RSA *a, unsigned char **pp, int (*cb)(), int sgckey);
RSA *d2i_RSA_NET(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey);
-RSA *d2i_RSA_NET_2(RSA **a, const unsigned char **pp, long length, int (*cb)(), int sgckey);
int i2d_Netscape_RSA(const RSA *a, unsigned char **pp, int (*cb)());
RSA *d2i_Netscape_RSA(RSA **a, const unsigned char **pp, long length, int (*cb)());
diff --git a/crypto/asn1/a_null.c b/crypto/rsa/rsa_asn1.c
similarity index 65%
copy from crypto/asn1/a_null.c
copy to crypto/rsa/rsa_asn1.c
index 119fd78..0585b24 100644
--- a/crypto/asn1/a_null.c
+++ b/crypto/rsa/rsa_asn1.c
@@ -1,9 +1,9 @@
-/* a_null.c */
+/* rsa_asn1.c */
/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
- * project 1999.
+ * project 2000.
*/
/* ====================================================================
- * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -58,62 +58,54 @@
#include <stdio.h>
#include "cryptlib.h"
-#include <openssl/asn1.h>
+#include <openssl/bn.h>
+#include <openssl/rsa.h>
+#include <openssl/asn1t.h>
-/* ASN1 functions for NULL type. For compatibility with other ASN1 code
- * it returns a pointer to an "ASN1_NULL" structure. The new/free functions
- * don't need to do any allocating because nothing is stored in a NULL.
- */
+static ASN1_METHOD method={
+ (int (*)()) i2d_RSAPrivateKey,
+ (char *(*)())d2i_RSAPrivateKey,
+ (char *(*)())RSA_new,
+ (void (*)()) RSA_free};
-int i2d_ASN1_NULL(ASN1_NULL *a, unsigned char **pp)
+ASN1_METHOD *RSAPrivateKey_asn1_meth(void)
{
- if(!a) return 0;
- if (pp) ASN1_put_object(pp,0,0,V_ASN1_NULL,V_ASN1_UNIVERSAL);
- return 2;
+ return(&method);
}
-ASN1_NULL *d2i_ASN1_NULL(ASN1_NULL **a, unsigned char **pp, long length)
- {
- ASN1_NULL *ret = NULL;
- unsigned char *p;
- long len;
- int inf,tag,xclass;
- int i=0;
-
- p= *pp;
- inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
- if (inf & 0x80)
- {
- i=ASN1_R_BAD_OBJECT_HEADER;
- goto err;
- }
-
- if (tag != V_ASN1_NULL)
- {
- i=ASN1_R_EXPECTING_A_NULL;
- goto err;
- }
-
- if (len != 0)
- {
- i=ASN1_R_NULL_IS_WRONG_LENGTH;
- goto err;
- }
- ret=(ASN1_NULL *)1;
- if (a != NULL) (*a)=ret;
- *pp=p;
- return(ret);
-err:
- ASN1err(ASN1_F_D2I_ASN1_NULL,i);
- return(ret);
+/* Override the default free and new methods */
+static int rsa_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it)
+{
+ if(operation == ASN1_OP_NEW_PRE) {
+ *pval = (ASN1_VALUE *)RSA_new();
+ if(*pval) return 2;
+ return 0;
+ } else if(operation == ASN1_OP_FREE_PRE) {
+ RSA_free((RSA *)*pval);
+ *pval = NULL;
+ return 2;
}
-
-ASN1_NULL *ASN1_NULL_new(void)
-{
- return (ASN1_NULL *)1;
+ return 1;
}
-void ASN1_NULL_free(ASN1_NULL *a)
-{
- return;
-}
+ASN1_SEQUENCE_cb(RSAPrivateKey, rsa_cb) = {
+ ASN1_SIMPLE(RSA, version, LONG),
+ ASN1_SIMPLE(RSA, n, BIGNUM),
+ ASN1_SIMPLE(RSA, e, BIGNUM),
+ ASN1_SIMPLE(RSA, d, BIGNUM),
+ ASN1_SIMPLE(RSA, p, BIGNUM),
+ ASN1_SIMPLE(RSA, q, BIGNUM),
+ ASN1_SIMPLE(RSA, dmp1, BIGNUM),
+ ASN1_SIMPLE(RSA, dmq1, BIGNUM),
+ ASN1_SIMPLE(RSA, iqmp, BIGNUM)
+} ASN1_SEQUENCE_END_cb(RSA, RSAPrivateKey);
+
+
+ASN1_SEQUENCE_cb(RSAPublicKey, rsa_cb) = {
+ ASN1_SIMPLE(RSA, n, BIGNUM),
+ ASN1_SIMPLE(RSA, e, BIGNUM),
+} ASN1_SEQUENCE_END_cb(RSA, RSAPublicKey);
+
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPrivateKey, RSAPrivateKey)
+
+IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(RSA, RSAPublicKey, RSAPublicKey)
diff --git a/crypto/stack/safestack.h b/crypto/stack/safestack.h
index 38eea51..67bce3f 100644
--- a/crypto/stack/safestack.h
+++ b/crypto/stack/safestack.h
@@ -304,6 +304,26 @@
#define sk_ASN1_TYPE_pop(st) SKM_sk_pop(ASN1_TYPE, (st))
#define sk_ASN1_TYPE_sort(st) SKM_sk_sort(ASN1_TYPE, (st))
+#define sk_ASN1_VALUE_new(st) SKM_sk_new(ASN1_VALUE, (st))
+#define sk_ASN1_VALUE_new_null() SKM_sk_new_null(ASN1_VALUE)
+#define sk_ASN1_VALUE_free(st) SKM_sk_free(ASN1_VALUE, (st))
+#define sk_ASN1_VALUE_num(st) SKM_sk_num(ASN1_VALUE, (st))
+#define sk_ASN1_VALUE_value(st, i) SKM_sk_value(ASN1_VALUE, (st), (i))
+#define sk_ASN1_VALUE_set(st, i, val) SKM_sk_set(ASN1_VALUE, (st), (i), (val))
+#define sk_ASN1_VALUE_zero(st) SKM_sk_zero(ASN1_VALUE, (st))
+#define sk_ASN1_VALUE_push(st, val) SKM_sk_push(ASN1_VALUE, (st), (val))
+#define sk_ASN1_VALUE_unshift(st, val) SKM_sk_unshift(ASN1_VALUE, (st), (val))
+#define sk_ASN1_VALUE_find(st, val) SKM_sk_find(ASN1_VALUE, (st), (val))
+#define sk_ASN1_VALUE_delete(st, i) SKM_sk_delete(ASN1_VALUE, (st), (i))
+#define sk_ASN1_VALUE_delete_ptr(st, ptr) SKM_sk_delete_ptr(ASN1_VALUE, (st), (ptr))
+#define sk_ASN1_VALUE_insert(st, val, i) SKM_sk_insert(ASN1_VALUE, (st), (val), (i))
+#define sk_ASN1_VALUE_set_cmp_func(st, cmp) SKM_sk_set_cmp_func(ASN1_VALUE, (st), (cmp))
+#define sk_ASN1_VALUE_dup(st) SKM_sk_dup(ASN1_VALUE, st)
+#define sk_ASN1_VALUE_pop_free(st, free_func) SKM_sk_pop_free(ASN1_VALUE, (st), (free_func))
+#define sk_ASN1_VALUE_shift(st) SKM_sk_shift(ASN1_VALUE, (st))
+#define sk_ASN1_VALUE_pop(st) SKM_sk_pop(ASN1_VALUE, (st))
+#define sk_ASN1_VALUE_sort(st) SKM_sk_sort(ASN1_VALUE, (st))
+
#define sk_BIO_new(st) SKM_sk_new(BIO, (st))
#define sk_BIO_new_null() SKM_sk_new_null(BIO)
#define sk_BIO_free(st) SKM_sk_free(BIO, (st))
diff --git a/crypto/x509/Makefile.ssl b/crypto/x509/Makefile.ssl
index 94020e4..c3ee997 100644
--- a/crypto/x509/Makefile.ssl
+++ b/crypto/x509/Makefile.ssl
@@ -481,18 +481,18 @@
x509rset.o: ../../include/openssl/sha.h ../../include/openssl/stack.h
x509rset.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
x509rset.o: ../../include/openssl/x509_vfy.h ../cryptlib.h
-x509spki.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
-x509spki.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
-x509spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
-x509spki.o: ../../include/openssl/cast.h ../../include/openssl/crypto.h
-x509spki.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-x509spki.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-x509spki.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
-x509spki.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
-x509spki.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
-x509spki.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
-x509spki.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
-x509spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
+x509spki.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
+x509spki.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
+x509spki.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
+x509spki.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+x509spki.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+x509spki.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
+x509spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+x509spki.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
+x509spki.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
+x509spki.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
+x509spki.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+x509spki.o: ../../include/openssl/opensslconf.h
x509spki.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
x509spki.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
x509spki.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h
index 228a0b7..82714b7 100644
--- a/crypto/x509/x509.h
+++ b/crypto/x509/x509.h
@@ -182,11 +182,8 @@
typedef struct X509_extension_st
{
ASN1_OBJECT *object;
- short critical;
- short netscape_hack;
+ ASN1_BOOLEAN critical;
ASN1_OCTET_STRING *value;
- struct v3_ext_method *method; /* V3 method to use */
- void *ext_val; /* extension value */
} X509_EXTENSION;
DECLARE_STACK_OF(X509_EXTENSION)
@@ -196,27 +193,26 @@
typedef struct x509_attributes_st
{
ASN1_OBJECT *object;
- int set; /* 1 for a set, 0 for a single item (which is wrong) */
+ int single; /* 0 for a set, 1 for a single item (which is wrong) */
union {
char *ptr;
-/* 1 */ STACK_OF(ASN1_TYPE) *set;
-/* 0 */ ASN1_TYPE *single;
+/* 0 */ STACK_OF(ASN1_TYPE) *set;
+/* 1 */ ASN1_TYPE *single;
} value;
} X509_ATTRIBUTE;
DECLARE_STACK_OF(X509_ATTRIBUTE)
DECLARE_ASN1_SET_OF(X509_ATTRIBUTE)
+
typedef struct X509_req_info_st
{
- unsigned char *asn1;
- int length;
+ ASN1_ENCODING enc;
ASN1_INTEGER *version;
X509_NAME *subject;
X509_PUBKEY *pubkey;
/* d=2 hl=2 l= 0 cons: cont: 00 */
STACK_OF(X509_ATTRIBUTE) *attributes; /* [ 0 ] */
- int req_kludge;
} X509_REQ_INFO;
typedef struct X509_req_st
@@ -827,23 +823,11 @@
X509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey);
void ERR_load_X509_strings(void );
-X509_ALGOR * X509_ALGOR_new(void );
-void X509_ALGOR_free(X509_ALGOR *a);
-int i2d_X509_ALGOR(X509_ALGOR *a,unsigned char **pp);
-X509_ALGOR * d2i_X509_ALGOR(X509_ALGOR **a,unsigned char **pp,
- long length);
+DECLARE_ASN1_FUNCTIONS(X509_ALGOR)
+DECLARE_ASN1_FUNCTIONS(X509_VAL)
-X509_VAL * X509_VAL_new(void );
-void X509_VAL_free(X509_VAL *a);
-int i2d_X509_VAL(X509_VAL *a,unsigned char **pp);
-X509_VAL * d2i_X509_VAL(X509_VAL **a,unsigned char **pp,
- long length);
+DECLARE_ASN1_FUNCTIONS(X509_PUBKEY)
-X509_PUBKEY * X509_PUBKEY_new(void );
-void X509_PUBKEY_free(X509_PUBKEY *a);
-int i2d_X509_PUBKEY(X509_PUBKEY *a,unsigned char **pp);
-X509_PUBKEY * d2i_X509_PUBKEY(X509_PUBKEY **a,unsigned char **pp,
- long length);
int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
EVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key);
int X509_get_pubkey_parameters(EVP_PKEY *pkey,
@@ -862,58 +846,26 @@
long length);
#endif
-X509_SIG * X509_SIG_new(void );
-void X509_SIG_free(X509_SIG *a);
-int i2d_X509_SIG(X509_SIG *a,unsigned char **pp);
-X509_SIG * d2i_X509_SIG(X509_SIG **a,unsigned char **pp,long length);
+DECLARE_ASN1_FUNCTIONS(X509_SIG)
+DECLARE_ASN1_FUNCTIONS(X509_REQ_INFO)
+DECLARE_ASN1_FUNCTIONS(X509_REQ)
-X509_REQ_INFO *X509_REQ_INFO_new(void);
-void X509_REQ_INFO_free(X509_REQ_INFO *a);
-int i2d_X509_REQ_INFO(X509_REQ_INFO *a,unsigned char **pp);
-X509_REQ_INFO *d2i_X509_REQ_INFO(X509_REQ_INFO **a,unsigned char **pp,
- long length);
-
-X509_REQ * X509_REQ_new(void);
-void X509_REQ_free(X509_REQ *a);
-int i2d_X509_REQ(X509_REQ *a,unsigned char **pp);
-X509_REQ * d2i_X509_REQ(X509_REQ **a,unsigned char **pp,long length);
-
-X509_ATTRIBUTE *X509_ATTRIBUTE_new(void );
-void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a);
-int i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a,unsigned char **pp);
-X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a,unsigned char **pp,
- long length);
+DECLARE_ASN1_FUNCTIONS(X509_ATTRIBUTE)
X509_ATTRIBUTE *X509_ATTRIBUTE_create(int nid, int atrtype, void *value);
+DECLARE_ASN1_FUNCTIONS(X509_EXTENSION)
-X509_EXTENSION *X509_EXTENSION_new(void );
-void X509_EXTENSION_free(X509_EXTENSION *a);
-int i2d_X509_EXTENSION(X509_EXTENSION *a,unsigned char **pp);
-X509_EXTENSION *d2i_X509_EXTENSION(X509_EXTENSION **a,unsigned char **pp,
- long length);
+DECLARE_ASN1_FUNCTIONS(X509_NAME_ENTRY)
-X509_NAME_ENTRY *X509_NAME_ENTRY_new(void);
-void X509_NAME_ENTRY_free(X509_NAME_ENTRY *a);
-int i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *a,unsigned char **pp);
-X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **a,unsigned char **pp,
- long length);
+DECLARE_ASN1_FUNCTIONS(X509_NAME)
-X509_NAME * X509_NAME_new(void);
-void X509_NAME_free(X509_NAME *a);
-int i2d_X509_NAME(X509_NAME *a,unsigned char **pp);
-X509_NAME * d2i_X509_NAME(X509_NAME **a,unsigned char **pp,long length);
int X509_NAME_set(X509_NAME **xn, X509_NAME *name);
+DECLARE_ASN1_FUNCTIONS(X509_CINF)
-X509_CINF * X509_CINF_new(void);
-void X509_CINF_free(X509_CINF *a);
-int i2d_X509_CINF(X509_CINF *a,unsigned char **pp);
-X509_CINF * d2i_X509_CINF(X509_CINF **a,unsigned char **pp,long length);
+DECLARE_ASN1_FUNCTIONS(X509)
+DECLARE_ASN1_FUNCTIONS(X509_CERT_AUX)
-X509 * X509_new(void);
-void X509_free(X509 *a);
-int i2d_X509(X509 *a,unsigned char **pp);
-X509 * d2i_X509(X509 **a,unsigned char **pp,long length);
int X509_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func);
int X509_set_ex_data(X509 *r, int idx, void *arg);
@@ -921,11 +873,6 @@
int i2d_X509_AUX(X509 *a,unsigned char **pp);
X509 * d2i_X509_AUX(X509 **a,unsigned char **pp,long length);
-X509_CERT_AUX * X509_CERT_AUX_new(void);
-void X509_CERT_AUX_free(X509_CERT_AUX *a);
-int i2d_X509_CERT_AUX(X509_CERT_AUX *a,unsigned char **pp);
-X509_CERT_AUX * d2i_X509_CERT_AUX(X509_CERT_AUX **a,unsigned char **pp,
- long length);
int X509_alias_set1(X509 *x, unsigned char *name, int len);
int X509_keyid_set1(X509 *x, unsigned char *id, int len);
unsigned char * X509_alias_get0(X509 *x, int *len);
@@ -935,44 +882,20 @@
void X509_trust_clear(X509 *x);
void X509_reject_clear(X509 *x);
-X509_REVOKED * X509_REVOKED_new(void);
-void X509_REVOKED_free(X509_REVOKED *a);
-int i2d_X509_REVOKED(X509_REVOKED *a,unsigned char **pp);
-X509_REVOKED * d2i_X509_REVOKED(X509_REVOKED **a,unsigned char **pp,long length);
+DECLARE_ASN1_FUNCTIONS(X509_REVOKED)
+DECLARE_ASN1_FUNCTIONS(X509_CRL_INFO)
+DECLARE_ASN1_FUNCTIONS(X509_CRL)
-X509_CRL_INFO *X509_CRL_INFO_new(void);
-void X509_CRL_INFO_free(X509_CRL_INFO *a);
-int i2d_X509_CRL_INFO(X509_CRL_INFO *a,unsigned char **pp);
-X509_CRL_INFO *d2i_X509_CRL_INFO(X509_CRL_INFO **a,unsigned char **pp,
- long length);
-
-X509_CRL * X509_CRL_new(void);
-void X509_CRL_free(X509_CRL *a);
-int i2d_X509_CRL(X509_CRL *a,unsigned char **pp);
-X509_CRL * d2i_X509_CRL(X509_CRL **a,unsigned char **pp,long length);
+int X509_CRL_add0_revoked(X509_CRL *crl, X509_REVOKED *rev);
X509_PKEY * X509_PKEY_new(void );
void X509_PKEY_free(X509_PKEY *a);
int i2d_X509_PKEY(X509_PKEY *a,unsigned char **pp);
X509_PKEY * d2i_X509_PKEY(X509_PKEY **a,unsigned char **pp,long length);
-NETSCAPE_SPKI * NETSCAPE_SPKI_new(void );
-void NETSCAPE_SPKI_free(NETSCAPE_SPKI *a);
-int i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a,unsigned char **pp);
-NETSCAPE_SPKI * d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **a,unsigned char **pp,
- long length);
-
-NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(void );
-void NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a);
-int i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a,unsigned char **pp);
-NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a,unsigned char **pp,
- long length);
-
-
-int i2d_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE *a, unsigned char **pp);
-NETSCAPE_CERT_SEQUENCE *NETSCAPE_CERT_SEQUENCE_new(void);
-NETSCAPE_CERT_SEQUENCE *d2i_NETSCAPE_CERT_SEQUENCE(NETSCAPE_CERT_SEQUENCE **a, unsigned char **pp, long length);
-void NETSCAPE_CERT_SEQUENCE_free(NETSCAPE_CERT_SEQUENCE *a);
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKI)
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_SPKAC)
+DECLARE_ASN1_FUNCTIONS(NETSCAPE_CERT_SEQUENCE)
#ifndef NO_EVP
X509_INFO * X509_INFO_new(void);
@@ -1192,31 +1115,17 @@
ASN1_INTEGER *serial);
X509 *X509_find_by_subject(STACK_OF(X509) *sk,X509_NAME *name);
-int i2d_PBEPARAM(PBEPARAM *a, unsigned char **pp);
-PBEPARAM *PBEPARAM_new(void);
-PBEPARAM *d2i_PBEPARAM(PBEPARAM **a, unsigned char **pp, long length);
-void PBEPARAM_free(PBEPARAM *a);
+DECLARE_ASN1_FUNCTIONS(PBEPARAM)
+DECLARE_ASN1_FUNCTIONS(PBE2PARAM)
+DECLARE_ASN1_FUNCTIONS(PBKDF2PARAM)
+
X509_ALGOR *PKCS5_pbe_set(int alg, int iter, unsigned char *salt, int saltlen);
X509_ALGOR *PKCS5_pbe2_set(const EVP_CIPHER *cipher, int iter,
unsigned char *salt, int saltlen);
-int i2d_PBKDF2PARAM(PBKDF2PARAM *a, unsigned char **pp);
-PBKDF2PARAM *PBKDF2PARAM_new(void);
-PBKDF2PARAM *d2i_PBKDF2PARAM(PBKDF2PARAM **a, unsigned char **pp, long length);
-void PBKDF2PARAM_free(PBKDF2PARAM *a);
-
-int i2d_PBE2PARAM(PBE2PARAM *a, unsigned char **pp);
-PBE2PARAM *PBE2PARAM_new(void);
-PBE2PARAM *d2i_PBE2PARAM(PBE2PARAM **a, unsigned char **pp, long length);
-void PBE2PARAM_free(PBE2PARAM *a);
-
/* PKCS#8 utilities */
-int i2d_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO *a, unsigned char **pp);
-PKCS8_PRIV_KEY_INFO *PKCS8_PRIV_KEY_INFO_new(void);
-PKCS8_PRIV_KEY_INFO *d2i_PKCS8_PRIV_KEY_INFO(PKCS8_PRIV_KEY_INFO **a,
- unsigned char **pp, long length);
-void PKCS8_PRIV_KEY_INFO_free(PKCS8_PRIV_KEY_INFO *a);
+DECLARE_ASN1_FUNCTIONS(PKCS8_PRIV_KEY_INFO)
EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8);
PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey);
diff --git a/crypto/x509/x509_att.c b/crypto/x509/x509_att.c
index caafde6..f074d2a 100644
--- a/crypto/x509/x509_att.c
+++ b/crypto/x509/x509_att.c
@@ -283,7 +283,7 @@
if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err;
if(!(ttmp = ASN1_TYPE_new())) goto err;
if(!sk_ASN1_TYPE_push(attr->value.set, ttmp)) goto err;
- attr->set = 1;
+ attr->single = 0;
ASN1_TYPE_set(ttmp, atype, stmp);
return 1;
err:
@@ -293,7 +293,7 @@
int X509_ATTRIBUTE_count(X509_ATTRIBUTE *attr)
{
- if(attr->set) return sk_ASN1_TYPE_num(attr->value.set);
+ if(!attr->single) return sk_ASN1_TYPE_num(attr->value.set);
if(attr->value.single) return 1;
return 0;
}
@@ -321,6 +321,6 @@
{
if (attr == NULL) return(NULL);
if(idx >= X509_ATTRIBUTE_count(attr)) return NULL;
- if(attr->set) return sk_ASN1_TYPE_value(attr->value.set, idx);
+ if(!attr->single) return sk_ASN1_TYPE_value(attr->value.set, idx);
else return attr->value.single;
}
diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c
index 7eca1bd..e2766e1 100644
--- a/crypto/x509/x509_req.c
+++ b/crypto/x509/x509_req.c
@@ -156,9 +156,9 @@
for(i = 0; i < sk_X509_ATTRIBUTE_num(sk); i++) {
attr = sk_X509_ATTRIBUTE_value(sk, i);
if(X509_REQ_extension_nid(OBJ_obj2nid(attr->object))) {
- if(attr->set && sk_ASN1_TYPE_num(attr->value.set))
+ if(attr->single) ext = attr->value.single;
+ else if(sk_ASN1_TYPE_num(attr->value.set))
ext = sk_ASN1_TYPE_value(attr->value.set, 0);
- else ext = attr->value.single;
break;
}
}
@@ -199,7 +199,7 @@
if(!(attr->value.set = sk_ASN1_TYPE_new_null())) goto err;
if(!sk_ASN1_TYPE_push(attr->value.set, at)) goto err;
at = NULL;
- attr->set = 1;
+ attr->single = 0;
attr->object = OBJ_nid2obj(nid);
if(!sk_X509_ATTRIBUTE_push(req->req_info->attributes, attr)) goto err;
return 1;
diff --git a/crypto/x509/x509_v3.c b/crypto/x509/x509_v3.c
index 5288798..b5f7daa 100644
--- a/crypto/x509/x509_v3.c
+++ b/crypto/x509/x509_v3.c
@@ -115,8 +115,8 @@
for ( ; lastpos < n; lastpos++)
{
ex=sk_X509_EXTENSION_value(sk,lastpos);
- if ( (ex->critical && crit) ||
- (!ex->critical && !crit))
+ if ( ((ex->critical > 0) && crit) ||
+ (!(ex->critical <= 0) && !crit))
return(lastpos);
}
return(-1);
@@ -234,7 +234,7 @@
int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit)
{
if (ex == NULL) return(0);
- ex->critical=(crit)?0xFF:0;
+ ex->critical=(crit)?0xFF:-1;
return(1);
}
@@ -263,5 +263,6 @@
int X509_EXTENSION_get_critical(X509_EXTENSION *ex)
{
if (ex == NULL) return(0);
- return(ex->critical);
+ if(ex->critical > 0) return 1;
+ return 0;
}
diff --git a/crypto/x509/x509spki.c b/crypto/x509/x509spki.c
index fd0a534..4c3af94 100644
--- a/crypto/x509/x509spki.c
+++ b/crypto/x509/x509spki.c
@@ -59,7 +59,6 @@
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/x509.h>
-#include <openssl/asn1_mac.h>
int NETSCAPE_SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey)
{
diff --git a/crypto/x509v3/Makefile.ssl b/crypto/x509v3/Makefile.ssl
index 5db86b9..0c59c84 100644
--- a/crypto/x509v3/Makefile.ssl
+++ b/crypto/x509v3/Makefile.ssl
@@ -83,7 +83,7 @@
# DO NOT DELETE THIS LINE -- make depend depends on it.
-v3_akey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+v3_akey.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
v3_akey.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
v3_akey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
v3_akey.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
@@ -126,7 +126,7 @@
v3_alt.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
v3_alt.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
v3_alt.o: ../../include/openssl/x509v3.h ../cryptlib.h
-v3_bcons.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+v3_bcons.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
v3_bcons.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
v3_bcons.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
v3_bcons.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
@@ -191,7 +191,7 @@
v3_conf.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
v3_conf.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
v3_conf.o: ../../include/openssl/x509v3.h ../cryptlib.h
-v3_cpols.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+v3_cpols.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
v3_cpols.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
v3_cpols.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
v3_cpols.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
@@ -213,7 +213,7 @@
v3_cpols.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
v3_cpols.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
v3_cpols.o: ../cryptlib.h
-v3_crld.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+v3_crld.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
v3_crld.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
v3_crld.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
v3_crld.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
@@ -256,19 +256,19 @@
v3_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
v3_enum.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
v3_enum.o: ../../include/openssl/x509v3.h ../cryptlib.h
-v3_extku.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h
-v3_extku.o: ../../include/openssl/blowfish.h ../../include/openssl/bn.h
-v3_extku.o: ../../include/openssl/buffer.h ../../include/openssl/cast.h
-v3_extku.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
-v3_extku.o: ../../include/openssl/des.h ../../include/openssl/dh.h
-v3_extku.o: ../../include/openssl/dsa.h ../../include/openssl/e_os.h
-v3_extku.o: ../../include/openssl/e_os.h ../../include/openssl/e_os2.h
-v3_extku.o: ../../include/openssl/err.h ../../include/openssl/evp.h
-v3_extku.o: ../../include/openssl/idea.h ../../include/openssl/lhash.h
-v3_extku.o: ../../include/openssl/md2.h ../../include/openssl/md4.h
-v3_extku.o: ../../include/openssl/md5.h ../../include/openssl/mdc2.h
-v3_extku.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
-v3_extku.o: ../../include/openssl/opensslconf.h
+v3_extku.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
+v3_extku.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
+v3_extku.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+v3_extku.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
+v3_extku.o: ../../include/openssl/crypto.h ../../include/openssl/des.h
+v3_extku.o: ../../include/openssl/dh.h ../../include/openssl/dsa.h
+v3_extku.o: ../../include/openssl/e_os.h ../../include/openssl/e_os.h
+v3_extku.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h
+v3_extku.o: ../../include/openssl/evp.h ../../include/openssl/idea.h
+v3_extku.o: ../../include/openssl/lhash.h ../../include/openssl/md2.h
+v3_extku.o: ../../include/openssl/md4.h ../../include/openssl/md5.h
+v3_extku.o: ../../include/openssl/mdc2.h ../../include/openssl/obj_mac.h
+v3_extku.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h
v3_extku.o: ../../include/openssl/opensslv.h ../../include/openssl/pkcs7.h
v3_extku.o: ../../include/openssl/rc2.h ../../include/openssl/rc4.h
v3_extku.o: ../../include/openssl/rc5.h ../../include/openssl/rd_fst.h
@@ -278,7 +278,7 @@
v3_extku.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h
v3_extku.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h
v3_extku.o: ../cryptlib.h
-v3_genn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+v3_genn.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
v3_genn.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
v3_genn.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
v3_genn.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
@@ -321,7 +321,7 @@
v3_ia5.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
v3_ia5.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
v3_ia5.o: ../../include/openssl/x509v3.h ../cryptlib.h
-v3_info.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+v3_info.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
v3_info.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
v3_info.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
v3_info.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
@@ -385,7 +385,7 @@
v3_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
v3_lib.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
v3_lib.o: ../../include/openssl/x509v3.h ../cryptlib.h ext_dat.h
-v3_pku.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+v3_pku.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
v3_pku.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
v3_pku.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
v3_pku.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
@@ -470,7 +470,7 @@
v3_skey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
v3_skey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
v3_skey.o: ../../include/openssl/x509v3.h ../cryptlib.h
-v3_sxnet.o: ../../include/openssl/asn1.h ../../include/openssl/asn1_mac.h
+v3_sxnet.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h
v3_sxnet.o: ../../include/openssl/bio.h ../../include/openssl/blowfish.h
v3_sxnet.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
v3_sxnet.o: ../../include/openssl/cast.h ../../include/openssl/conf.h
diff --git a/crypto/x509v3/v3_akey.c b/crypto/x509v3/v3_akey.c
index 0889a18..9ca3c88 100644
--- a/crypto/x509v3/v3_akey.c
+++ b/crypto/x509v3/v3_akey.c
@@ -60,7 +60,7 @@
#include "cryptlib.h"
#include <openssl/conf.h>
#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
#include <openssl/x509v3.h>
static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
@@ -81,59 +81,13 @@
NULL
};
+ASN1_SEQUENCE(AUTHORITY_KEYID) = {
+ ASN1_IMP_OPT(AUTHORITY_KEYID, keyid, ASN1_OCTET_STRING, 0),
+ ASN1_IMP_SEQUENCE_OF_OPT(AUTHORITY_KEYID, issuer, GENERAL_NAME, 1),
+ ASN1_IMP_OPT(AUTHORITY_KEYID, serial, ASN1_INTEGER, 2)
+} ASN1_SEQUENCE_END(AUTHORITY_KEYID);
-int i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len_IMP_opt (a->keyid, i2d_ASN1_OCTET_STRING);
- M_ASN1_I2D_len_IMP_opt (a->issuer, i2d_GENERAL_NAMES);
- M_ASN1_I2D_len_IMP_opt (a->serial, i2d_ASN1_INTEGER);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put_IMP_opt (a->keyid, i2d_ASN1_OCTET_STRING, 0);
- M_ASN1_I2D_put_IMP_opt (a->issuer, i2d_GENERAL_NAMES, 1);
- M_ASN1_I2D_put_IMP_opt (a->serial, i2d_ASN1_INTEGER, 2);
-
- M_ASN1_I2D_finish();
-}
-
-AUTHORITY_KEYID *AUTHORITY_KEYID_new(void)
-{
- AUTHORITY_KEYID *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, AUTHORITY_KEYID);
- ret->keyid = NULL;
- ret->issuer = NULL;
- ret->serial = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_AUTHORITY_KEYID_NEW);
-}
-
-AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, unsigned char **pp,
- long length)
-{
- M_ASN1_D2I_vars(a,AUTHORITY_KEYID *,AUTHORITY_KEYID_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get_IMP_opt (ret->keyid, d2i_ASN1_OCTET_STRING, 0,
- V_ASN1_OCTET_STRING);
- M_ASN1_D2I_get_IMP_opt (ret->issuer, d2i_GENERAL_NAMES, 1,
- V_ASN1_SEQUENCE);
- M_ASN1_D2I_get_IMP_opt (ret->serial, d2i_ASN1_INTEGER, 2,
- V_ASN1_INTEGER);
- M_ASN1_D2I_Finish(a, AUTHORITY_KEYID_free, ASN1_F_D2I_AUTHORITY_KEYID);
-}
-
-void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a)
-{
- if (a == NULL) return;
- M_ASN1_OCTET_STRING_free(a->keyid);
- sk_GENERAL_NAME_pop_free(a->issuer, GENERAL_NAME_free);
- M_ASN1_INTEGER_free (a->serial);
- OPENSSL_free (a);
-}
+IMPLEMENT_ASN1_FUNCTIONS(AUTHORITY_KEYID)
static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,
AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist)
@@ -171,7 +125,7 @@
CONF_VALUE *cnf;
ASN1_OCTET_STRING *ikeyid = NULL;
X509_NAME *isname = NULL;
-STACK_OF(GENERAL_NAME) * gens = NULL;
+GENERAL_NAMES * gens = NULL;
GENERAL_NAME *gen = NULL;
ASN1_INTEGER *serial = NULL;
X509_EXTENSION *ext;
@@ -192,8 +146,6 @@
}
}
-
-
if(!ctx || !ctx->issuer_cert) {
if(ctx && (ctx->flags==CTX_TEST)) return AUTHORITY_KEYID_new();
X509V3err(X509V3_F_V2I_AUTHORITY_KEYID,X509V3_R_NO_ISSUER_CERTIFICATE);
diff --git a/crypto/x509v3/v3_alt.c b/crypto/x509v3/v3_alt.c
index 733919f..52c4f54 100644
--- a/crypto/x509v3/v3_alt.c
+++ b/crypto/x509v3/v3_alt.c
@@ -61,10 +61,10 @@
#include <openssl/conf.h>
#include <openssl/x509v3.h>
-static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens);
-static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens);
+static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
+static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
+static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens);
+static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens);
X509V3_EXT_METHOD v3_alt[] = {
{ NID_subject_alt_name, 0,
(X509V3_EXT_NEW)GENERAL_NAMES_new,
@@ -87,7 +87,7 @@
};
STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
- STACK_OF(GENERAL_NAME) *gens, STACK_OF(CONF_VALUE) *ret)
+ GENERAL_NAMES *gens, STACK_OF(CONF_VALUE) *ret)
{
int i;
GENERAL_NAME *gen;
@@ -154,10 +154,10 @@
return ret;
}
-static STACK_OF(GENERAL_NAME) *v2i_issuer_alt(X509V3_EXT_METHOD *method,
+static GENERAL_NAMES *v2i_issuer_alt(X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
{
- STACK_OF(GENERAL_NAME) *gens = NULL;
+ GENERAL_NAMES *gens = NULL;
CONF_VALUE *cnf;
int i;
if(!(gens = sk_GENERAL_NAME_new_null())) {
@@ -184,9 +184,9 @@
/* Append subject altname of issuer to issuer alt name of subject */
-static int copy_issuer(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens)
+static int copy_issuer(X509V3_CTX *ctx, GENERAL_NAMES *gens)
{
- STACK_OF(GENERAL_NAME) *ialt;
+ GENERAL_NAMES *ialt;
GENERAL_NAME *gen;
X509_EXTENSION *ext;
int i;
@@ -219,10 +219,10 @@
}
-static STACK_OF(GENERAL_NAME) *v2i_subject_alt(X509V3_EXT_METHOD *method,
+static GENERAL_NAMES *v2i_subject_alt(X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
{
- STACK_OF(GENERAL_NAME) *gens = NULL;
+ GENERAL_NAMES *gens = NULL;
CONF_VALUE *cnf;
int i;
if(!(gens = sk_GENERAL_NAME_new_null())) {
@@ -251,7 +251,7 @@
* GENERAL_NAMES
*/
-static int copy_email(X509V3_CTX *ctx, STACK_OF(GENERAL_NAME) *gens)
+static int copy_email(X509V3_CTX *ctx, GENERAL_NAMES *gens)
{
X509_NAME *nm;
ASN1_IA5STRING *email = NULL;
@@ -297,11 +297,11 @@
}
-STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
+GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
{
GENERAL_NAME *gen;
- STACK_OF(GENERAL_NAME) *gens = NULL;
+ GENERAL_NAMES *gens = NULL;
CONF_VALUE *cnf;
int i;
if(!(gens = sk_GENERAL_NAME_new_null())) {
diff --git a/crypto/x509v3/v3_bcons.c b/crypto/x509v3/v3_bcons.c
index c576b8e..7dc866d 100644
--- a/crypto/x509v3/v3_bcons.c
+++ b/crypto/x509v3/v3_bcons.c
@@ -60,7 +60,7 @@
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
#include <openssl/conf.h>
#include <openssl/x509v3.h>
@@ -80,51 +80,13 @@
NULL
};
+ASN1_SEQUENCE(BASIC_CONSTRAINTS) = {
+ ASN1_OPT(BASIC_CONSTRAINTS, ca, ASN1_FBOOLEAN),
+ ASN1_OPT(BASIC_CONSTRAINTS, pathlen, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(BASIC_CONSTRAINTS);
-int i2d_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
- if(a->ca) M_ASN1_I2D_len (a->ca, i2d_ASN1_BOOLEAN);
- M_ASN1_I2D_len (a->pathlen, i2d_ASN1_INTEGER);
+IMPLEMENT_ASN1_FUNCTIONS(BASIC_CONSTRAINTS)
- M_ASN1_I2D_seq_total();
-
- if (a->ca) M_ASN1_I2D_put (a->ca, i2d_ASN1_BOOLEAN);
- M_ASN1_I2D_put (a->pathlen, i2d_ASN1_INTEGER);
- M_ASN1_I2D_finish();
-}
-
-BASIC_CONSTRAINTS *BASIC_CONSTRAINTS_new(void)
-{
- BASIC_CONSTRAINTS *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, BASIC_CONSTRAINTS);
- ret->ca = 0;
- ret->pathlen = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_BASIC_CONSTRAINTS_NEW);
-}
-
-BASIC_CONSTRAINTS *d2i_BASIC_CONSTRAINTS(BASIC_CONSTRAINTS **a,
- unsigned char **pp, long length)
-{
- M_ASN1_D2I_vars(a,BASIC_CONSTRAINTS *,BASIC_CONSTRAINTS_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- if((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) ==
- (V_ASN1_UNIVERSAL|V_ASN1_BOOLEAN) ) {
- M_ASN1_D2I_get_int (ret->ca, d2i_ASN1_BOOLEAN);
- }
- M_ASN1_D2I_get_opt (ret->pathlen, d2i_ASN1_INTEGER, V_ASN1_INTEGER);
- M_ASN1_D2I_Finish(a, BASIC_CONSTRAINTS_free, ASN1_F_D2I_BASIC_CONSTRAINTS);
-}
-
-void BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a)
-{
- if (a == NULL) return;
- M_ASN1_INTEGER_free (a->pathlen);
- OPENSSL_free (a);
-}
static STACK_OF(CONF_VALUE) *i2v_BASIC_CONSTRAINTS(X509V3_EXT_METHOD *method,
BASIC_CONSTRAINTS *bcons, STACK_OF(CONF_VALUE) *extlist)
diff --git a/crypto/x509v3/v3_cpols.c b/crypto/x509v3/v3_cpols.c
index 8203ed7..47e08c8 100644
--- a/crypto/x509v3/v3_cpols.c
+++ b/crypto/x509v3/v3_cpols.c
@@ -60,7 +60,7 @@
#include "cryptlib.h"
#include <openssl/conf.h>
#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
#include <openssl/x509v3.h>
/* Certificate policies extension support: this one is a bit complex... */
@@ -88,6 +88,46 @@
NULL
};
+ASN1_ITEM_TEMPLATE(CERTIFICATEPOLICIES) =
+ ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, CERTIFICATEPOLICIES, POLICYINFO)
+ASN1_ITEM_TEMPLATE_END(CERTIFICATEPOLICIES);
+
+IMPLEMENT_ASN1_FUNCTIONS(CERTIFICATEPOLICIES)
+
+ASN1_SEQUENCE(POLICYINFO) = {
+ ASN1_SIMPLE(POLICYINFO, policyid, ASN1_OBJECT),
+ ASN1_SEQUENCE_OF_OPT(POLICYINFO, qualifiers, POLICYQUALINFO)
+} ASN1_SEQUENCE_END(POLICYINFO);
+
+IMPLEMENT_ASN1_FUNCTIONS(POLICYINFO)
+
+ASN1_ADB_TEMPLATE(policydefault) = ASN1_SIMPLE(POLICYQUALINFO, d.other, ASN1_ANY);
+
+ASN1_ADB(POLICYQUALINFO) = {
+ ADB_ENTRY(NID_id_qt_cps, ASN1_SIMPLE(POLICYQUALINFO, d.cpsuri, ASN1_IA5STRING)),
+ ADB_ENTRY(NID_id_qt_unotice, ASN1_SIMPLE(POLICYQUALINFO, d.usernotice, USERNOTICE))
+} ASN1_ADB_END(POLICYQUALINFO, 0, pqualid, 0, &policydefault_tt, NULL);
+
+ASN1_SEQUENCE(POLICYQUALINFO) = {
+ ASN1_SIMPLE(POLICYQUALINFO, pqualid, ASN1_OBJECT),
+ ASN1_ADB_OBJECT(POLICYQUALINFO)
+} ASN1_SEQUENCE_END(POLICYQUALINFO);
+
+IMPLEMENT_ASN1_FUNCTIONS(POLICYQUALINFO)
+
+ASN1_SEQUENCE(USERNOTICE) = {
+ ASN1_OPT(USERNOTICE, noticeref, NOTICEREF),
+ ASN1_OPT(USERNOTICE, exptext, DISPLAYTEXT)
+} ASN1_SEQUENCE_END(USERNOTICE);
+
+IMPLEMENT_ASN1_FUNCTIONS(USERNOTICE)
+
+ASN1_SEQUENCE(NOTICEREF) = {
+ ASN1_SIMPLE(NOTICEREF, organization, DISPLAYTEXT),
+ ASN1_SEQUENCE_OF(NOTICEREF, noticenos, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(NOTICEREF);
+
+IMPLEMENT_ASN1_FUNCTIONS(NOTICEREF)
static STACK_OF(POLICYINFO) *r2i_certpol(X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, char *value)
@@ -327,83 +367,6 @@
return 1;
}
-
-int i2d_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) *a, unsigned char **pp)
-{
-
-return i2d_ASN1_SET_OF_POLICYINFO(a, pp, i2d_POLICYINFO, V_ASN1_SEQUENCE,
- V_ASN1_UNIVERSAL, IS_SEQUENCE);}
-
-STACK_OF(POLICYINFO) *CERTIFICATEPOLICIES_new(void)
-{
- return sk_POLICYINFO_new_null();
-}
-
-void CERTIFICATEPOLICIES_free(STACK_OF(POLICYINFO) *a)
-{
- sk_POLICYINFO_pop_free(a, POLICYINFO_free);
-}
-
-STACK_OF(POLICYINFO) *d2i_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) **a,
- unsigned char **pp,long length)
-{
-return d2i_ASN1_SET_OF_POLICYINFO(a, pp, length, d2i_POLICYINFO,
- POLICYINFO_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-
-}
-
-IMPLEMENT_STACK_OF(POLICYINFO)
-IMPLEMENT_ASN1_SET_OF(POLICYINFO)
-
-int i2d_POLICYINFO(POLICYINFO *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len (a->policyid, i2d_ASN1_OBJECT);
- M_ASN1_I2D_len_SEQUENCE_type(POLICYQUALINFO, a->qualifiers,
- i2d_POLICYQUALINFO);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put (a->policyid, i2d_ASN1_OBJECT);
- M_ASN1_I2D_put_SEQUENCE_type(POLICYQUALINFO, a->qualifiers,
- i2d_POLICYQUALINFO);
-
- M_ASN1_I2D_finish();
-}
-
-POLICYINFO *POLICYINFO_new(void)
-{
- POLICYINFO *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, POLICYINFO);
- ret->policyid = NULL;
- ret->qualifiers = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_POLICYINFO_NEW);
-}
-
-POLICYINFO *d2i_POLICYINFO(POLICYINFO **a, unsigned char **pp,long length)
-{
- M_ASN1_D2I_vars(a,POLICYINFO *,POLICYINFO_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->policyid, d2i_ASN1_OBJECT);
- if(!M_ASN1_D2I_end_sequence()) {
- M_ASN1_D2I_get_seq_type (POLICYQUALINFO, ret->qualifiers,
- d2i_POLICYQUALINFO, POLICYQUALINFO_free);
- }
- M_ASN1_D2I_Finish(a, POLICYINFO_free, ASN1_F_D2I_POLICYINFO);
-}
-
-void POLICYINFO_free(POLICYINFO *a)
-{
- if (a == NULL) return;
- ASN1_OBJECT_free(a->policyid);
- sk_POLICYQUALINFO_pop_free(a->qualifiers, POLICYQUALINFO_free);
- OPENSSL_free (a);
-}
-
static void print_qualifiers(BIO *out, STACK_OF(POLICYQUALINFO) *quals,
int indent)
{
@@ -459,202 +422,4 @@
BIO_printf(out, "%*sExplicit Text: %s\n", indent, "",
notice->exptext->data);
}
-
-
-int i2d_POLICYQUALINFO(POLICYQUALINFO *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len (a->pqualid, i2d_ASN1_OBJECT);
- switch(OBJ_obj2nid(a->pqualid)) {
- case NID_id_qt_cps:
- M_ASN1_I2D_len(a->d.cpsuri, i2d_ASN1_IA5STRING);
- break;
-
- case NID_id_qt_unotice:
- M_ASN1_I2D_len(a->d.usernotice, i2d_USERNOTICE);
- break;
-
- default:
- M_ASN1_I2D_len(a->d.other, i2d_ASN1_TYPE);
- break;
- }
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put (a->pqualid, i2d_ASN1_OBJECT);
- switch(OBJ_obj2nid(a->pqualid)) {
- case NID_id_qt_cps:
- M_ASN1_I2D_put(a->d.cpsuri, i2d_ASN1_IA5STRING);
- break;
-
- case NID_id_qt_unotice:
- M_ASN1_I2D_put(a->d.usernotice, i2d_USERNOTICE);
- break;
-
- default:
- M_ASN1_I2D_put(a->d.other, i2d_ASN1_TYPE);
- break;
- }
-
- M_ASN1_I2D_finish();
-}
-
-POLICYQUALINFO *POLICYQUALINFO_new(void)
-{
- POLICYQUALINFO *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, POLICYQUALINFO);
- ret->pqualid = NULL;
- ret->d.other = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_POLICYQUALINFO_NEW);
-}
-
-POLICYQUALINFO *d2i_POLICYQUALINFO(POLICYQUALINFO **a, unsigned char **pp,
- long length)
-{
- M_ASN1_D2I_vars(a,POLICYQUALINFO *,POLICYQUALINFO_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get (ret->pqualid, d2i_ASN1_OBJECT);
- switch(OBJ_obj2nid(ret->pqualid)) {
- case NID_id_qt_cps:
- M_ASN1_D2I_get(ret->d.cpsuri, d2i_ASN1_IA5STRING);
- break;
-
- case NID_id_qt_unotice:
- M_ASN1_D2I_get(ret->d.usernotice, d2i_USERNOTICE);
- break;
-
- default:
- M_ASN1_D2I_get(ret->d.other, d2i_ASN1_TYPE);
- break;
- }
- M_ASN1_D2I_Finish(a, POLICYQUALINFO_free, ASN1_F_D2I_POLICYQUALINFO);
-}
-
-void POLICYQUALINFO_free(POLICYQUALINFO *a)
-{
- if (a == NULL) return;
- switch(OBJ_obj2nid(a->pqualid)) {
- case NID_id_qt_cps:
- M_ASN1_IA5STRING_free(a->d.cpsuri);
- break;
-
- case NID_id_qt_unotice:
- USERNOTICE_free(a->d.usernotice);
- break;
-
- default:
- ASN1_TYPE_free(a->d.other);
- break;
- }
-
- ASN1_OBJECT_free(a->pqualid);
- OPENSSL_free (a);
-}
-
-int i2d_USERNOTICE(USERNOTICE *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len (a->noticeref, i2d_NOTICEREF);
- M_ASN1_I2D_len (a->exptext, i2d_DISPLAYTEXT);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put (a->noticeref, i2d_NOTICEREF);
- M_ASN1_I2D_put (a->exptext, i2d_DISPLAYTEXT);
-
- M_ASN1_I2D_finish();
-}
-
-USERNOTICE *USERNOTICE_new(void)
-{
- USERNOTICE *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, USERNOTICE);
- ret->noticeref = NULL;
- ret->exptext = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_USERNOTICE_NEW);
-}
-
-USERNOTICE *d2i_USERNOTICE(USERNOTICE **a, unsigned char **pp,long length)
-{
- M_ASN1_D2I_vars(a,USERNOTICE *,USERNOTICE_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get_opt(ret->noticeref, d2i_NOTICEREF, V_ASN1_SEQUENCE);
- if (!M_ASN1_D2I_end_sequence()) {
- M_ASN1_D2I_get(ret->exptext, d2i_DISPLAYTEXT);
- }
- M_ASN1_D2I_Finish(a, USERNOTICE_free, ASN1_F_D2I_USERNOTICE);
-}
-
-void USERNOTICE_free(USERNOTICE *a)
-{
- if (a == NULL) return;
- NOTICEREF_free(a->noticeref);
- M_DISPLAYTEXT_free(a->exptext);
- OPENSSL_free (a);
-}
-
-int i2d_NOTICEREF(NOTICEREF *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len (a->organization, i2d_DISPLAYTEXT);
- M_ASN1_I2D_len_SEQUENCE_type(ASN1_INTEGER, a->noticenos,
- i2d_ASN1_INTEGER);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put (a->organization, i2d_DISPLAYTEXT);
- M_ASN1_I2D_put_SEQUENCE_type(ASN1_INTEGER, a->noticenos,
- i2d_ASN1_INTEGER);
-
- M_ASN1_I2D_finish();
-}
-
-NOTICEREF *NOTICEREF_new(void)
-{
- NOTICEREF *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, NOTICEREF);
- ret->organization = NULL;
- ret->noticenos = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_NOTICEREF_NEW);
-}
-
-NOTICEREF *d2i_NOTICEREF(NOTICEREF **a, unsigned char **pp,long length)
-{
- M_ASN1_D2I_vars(a,NOTICEREF *,NOTICEREF_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- /* This is to cope with some broken encodings that use IA5STRING for
- * the organization field
- */
- M_ASN1_D2I_get_opt(ret->organization, d2i_ASN1_IA5STRING,
- V_ASN1_IA5STRING);
- if(!ret->organization) {
- M_ASN1_D2I_get(ret->organization, d2i_DISPLAYTEXT);
- }
- M_ASN1_D2I_get_seq_type(ASN1_INTEGER, ret->noticenos, d2i_ASN1_INTEGER,
- ASN1_STRING_free);
- M_ASN1_D2I_Finish(a, NOTICEREF_free, ASN1_F_D2I_NOTICEREF);
-}
-
-void NOTICEREF_free(NOTICEREF *a)
-{
- if (a == NULL) return;
- M_DISPLAYTEXT_free(a->organization);
- sk_ASN1_INTEGER_pop_free(a->noticenos, ASN1_STRING_free);
- OPENSSL_free (a);
-}
-
-IMPLEMENT_STACK_OF(POLICYQUALINFO)
-IMPLEMENT_ASN1_SET_OF(POLICYQUALINFO)
diff --git a/crypto/x509v3/v3_crld.c b/crypto/x509v3/v3_crld.c
index 67feea4..b1963a2 100644
--- a/crypto/x509v3/v3_crld.c
+++ b/crypto/x509v3/v3_crld.c
@@ -60,7 +60,7 @@
#include "cryptlib.h"
#include <openssl/conf.h>
#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
#include <openssl/x509v3.h>
static STACK_OF(CONF_VALUE) *i2v_crld(X509V3_EXT_METHOD *method,
@@ -87,16 +87,16 @@
int i;
for(i = 0; i < sk_DIST_POINT_num(crld); i++) {
point = sk_DIST_POINT_value(crld, i);
- if(point->distpoint && point->distpoint->fullname) {
- exts = i2v_GENERAL_NAMES(NULL,
- point->distpoint->fullname, exts);
+ if(point->distpoint) {
+ if(point->distpoint->type == 0)
+ exts = i2v_GENERAL_NAMES(NULL,
+ point->distpoint->name.fullname, exts);
+ else X509V3_add_value("RelativeName","<UNSUPPORTED>", &exts);
}
if(point->reasons)
X509V3_add_value("reasons","<UNSUPPORTED>", &exts);
if(point->CRLissuer)
X509V3_add_value("CRLissuer","<UNSUPPORTED>", &exts);
- if(point->distpoint && point->distpoint->relativename)
- X509V3_add_value("RelativeName","<UNSUPPORTED>", &exts);
}
return exts;
}
@@ -105,7 +105,7 @@
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
{
STACK_OF(DIST_POINT) *crld = NULL;
- STACK_OF(GENERAL_NAME) *gens = NULL;
+ GENERAL_NAMES *gens = NULL;
GENERAL_NAME *gen = NULL;
CONF_VALUE *cnf;
int i;
@@ -123,7 +123,8 @@
goto merr;
}
if(!(point->distpoint = DIST_POINT_NAME_new())) goto merr;
- point->distpoint->fullname = gens;
+ point->distpoint->name.fullname = gens;
+ point->distpoint->type = 0;
gens = NULL;
}
return crld;
@@ -137,149 +138,27 @@
return NULL;
}
-int i2d_CRL_DIST_POINTS(STACK_OF(DIST_POINT) *a, unsigned char **pp)
-{
-
-return i2d_ASN1_SET_OF_DIST_POINT(a, pp, i2d_DIST_POINT, V_ASN1_SEQUENCE,
- V_ASN1_UNIVERSAL, IS_SEQUENCE);}
-
-STACK_OF(DIST_POINT) *CRL_DIST_POINTS_new(void)
-{
- return sk_DIST_POINT_new_null();
-}
-
-void CRL_DIST_POINTS_free(STACK_OF(DIST_POINT) *a)
-{
- sk_DIST_POINT_pop_free(a, DIST_POINT_free);
-}
-
-STACK_OF(DIST_POINT) *d2i_CRL_DIST_POINTS(STACK_OF(DIST_POINT) **a,
- unsigned char **pp,long length)
-{
-return d2i_ASN1_SET_OF_DIST_POINT(a, pp, length, d2i_DIST_POINT,
- DIST_POINT_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-
-}
-
IMPLEMENT_STACK_OF(DIST_POINT)
IMPLEMENT_ASN1_SET_OF(DIST_POINT)
-int i2d_DIST_POINT(DIST_POINT *a, unsigned char **pp)
-{
- int v = 0;
- M_ASN1_I2D_vars(a);
- /* NB: underlying type is a CHOICE so need EXPLICIT tagging */
- M_ASN1_I2D_len_EXP_opt (a->distpoint, i2d_DIST_POINT_NAME, 0, v);
- M_ASN1_I2D_len_IMP_opt (a->reasons, i2d_ASN1_BIT_STRING);
- M_ASN1_I2D_len_IMP_opt (a->CRLissuer, i2d_GENERAL_NAMES);
- M_ASN1_I2D_seq_total();
+ASN1_CHOICE(DIST_POINT_NAME) = {
+ ASN1_IMP_SEQUENCE_OF(DIST_POINT_NAME, name.fullname, GENERAL_NAME, 0),
+ ASN1_IMP_SET_OF(DIST_POINT_NAME, name.relativename, X509_NAME_ENTRY, 1)
+} ASN1_CHOICE_END(DIST_POINT_NAME);
- M_ASN1_I2D_put_EXP_opt (a->distpoint, i2d_DIST_POINT_NAME, 0, v);
- M_ASN1_I2D_put_IMP_opt (a->reasons, i2d_ASN1_BIT_STRING, 1);
- M_ASN1_I2D_put_IMP_opt (a->CRLissuer, i2d_GENERAL_NAMES, 2);
+IMPLEMENT_ASN1_FUNCTIONS(DIST_POINT_NAME)
- M_ASN1_I2D_finish();
-}
+ASN1_SEQUENCE(DIST_POINT) = {
+ ASN1_EXP_OPT(DIST_POINT, distpoint, DIST_POINT_NAME, 0),
+ ASN1_IMP_OPT(DIST_POINT, reasons, ASN1_BIT_STRING, 1),
+ ASN1_IMP_SEQUENCE_OF_OPT(DIST_POINT, distpoint, GENERAL_NAME, 2)
+} ASN1_SEQUENCE_END(DIST_POINT);
-DIST_POINT *DIST_POINT_new(void)
-{
- DIST_POINT *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, DIST_POINT);
- ret->distpoint = NULL;
- ret->reasons = NULL;
- ret->CRLissuer = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_DIST_POINT_NEW);
-}
+IMPLEMENT_ASN1_FUNCTIONS(DIST_POINT)
-DIST_POINT *d2i_DIST_POINT(DIST_POINT **a, unsigned char **pp, long length)
-{
- M_ASN1_D2I_vars(a,DIST_POINT *,DIST_POINT_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get_EXP_opt (ret->distpoint, d2i_DIST_POINT_NAME, 0);
- M_ASN1_D2I_get_IMP_opt (ret->reasons, d2i_ASN1_BIT_STRING, 1,
- V_ASN1_BIT_STRING);
- M_ASN1_D2I_get_IMP_opt (ret->CRLissuer, d2i_GENERAL_NAMES, 2,
- V_ASN1_SEQUENCE);
- M_ASN1_D2I_Finish(a, DIST_POINT_free, ASN1_F_D2I_DIST_POINT);
-}
+ASN1_ITEM_TEMPLATE(CRL_DIST_POINTS) =
+ ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, DIST_POINT, DIST_POINT)
+ASN1_ITEM_TEMPLATE_END(CRL_DIST_POINTS);
-void DIST_POINT_free(DIST_POINT *a)
-{
- if (a == NULL) return;
- DIST_POINT_NAME_free(a->distpoint);
- M_ASN1_BIT_STRING_free(a->reasons);
- sk_GENERAL_NAME_pop_free(a->CRLissuer, GENERAL_NAME_free);
- OPENSSL_free (a);
-}
-
-int i2d_DIST_POINT_NAME(DIST_POINT_NAME *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
-
- if(a->fullname) {
- M_ASN1_I2D_len_IMP_opt (a->fullname, i2d_GENERAL_NAMES);
- } else {
- M_ASN1_I2D_len_IMP_SET_opt_type(X509_NAME_ENTRY,
- a->relativename, i2d_X509_NAME_ENTRY, 1);
- }
-
- /* Don't want a SEQUENCE so... */
- if(pp == NULL) return ret;
- p = *pp;
-
- if(a->fullname) {
- M_ASN1_I2D_put_IMP_opt (a->fullname, i2d_GENERAL_NAMES, 0);
- } else {
- M_ASN1_I2D_put_IMP_SET_opt_type(X509_NAME_ENTRY,
- a->relativename, i2d_X509_NAME_ENTRY, 1);
- }
- M_ASN1_I2D_finish();
-}
-
-DIST_POINT_NAME *DIST_POINT_NAME_new(void)
-{
- DIST_POINT_NAME *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, DIST_POINT_NAME);
- ret->fullname = NULL;
- ret->relativename = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_DIST_POINT_NAME_NEW);
-}
-
-void DIST_POINT_NAME_free(DIST_POINT_NAME *a)
-{
- if (a == NULL) return;
- sk_X509_NAME_ENTRY_pop_free(a->relativename, X509_NAME_ENTRY_free);
- sk_GENERAL_NAME_pop_free(a->fullname, GENERAL_NAME_free);
- OPENSSL_free (a);
-}
-
-DIST_POINT_NAME *d2i_DIST_POINT_NAME(DIST_POINT_NAME **a, unsigned char **pp,
- long length)
-{
- unsigned char _tmp, tag;
- M_ASN1_D2I_vars(a,DIST_POINT_NAME *,DIST_POINT_NAME_new);
- M_ASN1_D2I_Init();
- c.slen = length;
-
- _tmp = M_ASN1_next;
- tag = _tmp & ~V_ASN1_CONSTRUCTED;
-
- if(tag == (0|V_ASN1_CONTEXT_SPECIFIC)) {
- M_ASN1_D2I_get_imp(ret->fullname, d2i_GENERAL_NAMES,
- V_ASN1_SEQUENCE);
- } else if (tag == (1|V_ASN1_CONTEXT_SPECIFIC)) {
- M_ASN1_D2I_get_IMP_set_opt_type (X509_NAME_ENTRY,
- ret->relativename, d2i_X509_NAME_ENTRY, X509_NAME_ENTRY_free, 1);
- } else {
- c.error = ASN1_R_BAD_TAG;
- goto err;
- }
-
- M_ASN1_D2I_Finish(a, DIST_POINT_NAME_free, ASN1_F_D2I_DIST_POINT_NAME);
-}
+IMPLEMENT_ASN1_FUNCTIONS(CRL_DIST_POINTS)
diff --git a/crypto/x509v3/v3_extku.c b/crypto/x509v3/v3_extku.c
index 53ec40a..0b7bb77 100644
--- a/crypto/x509v3/v3_extku.c
+++ b/crypto/x509v3/v3_extku.c
@@ -59,55 +59,36 @@
#include <stdio.h>
#include "cryptlib.h"
-#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
#include <openssl/conf.h>
#include <openssl/x509v3.h>
-static STACK_OF(ASN1_OBJECT) *v2i_ext_ku(X509V3_EXT_METHOD *method,
+static EXTENDED_KEY_USAGE *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-static STACK_OF(CONF_VALUE) *i2v_ext_ku(X509V3_EXT_METHOD *method,
- STACK_OF(ASN1_OBJECT) *eku, STACK_OF(CONF_VALUE) *extlist);
+static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
+ EXTENDED_KEY_USAGE *eku, STACK_OF(CONF_VALUE) *extlist);
+
X509V3_EXT_METHOD v3_ext_ku = {
NID_ext_key_usage, 0,
-(X509V3_EXT_NEW)ext_ku_new,
-(X509V3_EXT_FREE)ext_ku_free,
-(X509V3_EXT_D2I)d2i_ext_ku,
-(X509V3_EXT_I2D)i2d_ext_ku,
+(X509V3_EXT_NEW)EXTENDED_KEY_USAGE_new,
+(X509V3_EXT_FREE)EXTENDED_KEY_USAGE_free,
+(X509V3_EXT_D2I)d2i_EXTENDED_KEY_USAGE,
+(X509V3_EXT_I2D)i2d_EXTENDED_KEY_USAGE,
NULL, NULL,
-(X509V3_EXT_I2V)i2v_ext_ku,
-(X509V3_EXT_V2I)v2i_ext_ku,
+(X509V3_EXT_I2V)i2v_EXTENDED_KEY_USAGE,
+(X509V3_EXT_V2I)v2i_EXTENDED_KEY_USAGE,
NULL,NULL,
NULL
};
-STACK_OF(ASN1_OBJECT) *ext_ku_new(void)
-{
- return sk_ASN1_OBJECT_new_null();
-}
+ASN1_ITEM_TEMPLATE(EXTENDED_KEY_USAGE) =
+ ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, EXTENDED_KEY_USAGE, ASN1_OBJECT)
+ASN1_ITEM_TEMPLATE_END(EXTENDED_KEY_USAGE);
-void ext_ku_free(STACK_OF(ASN1_OBJECT) *eku)
-{
- sk_ASN1_OBJECT_pop_free(eku, ASN1_OBJECT_free);
- return;
-}
+IMPLEMENT_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
-int i2d_ext_ku(STACK_OF(ASN1_OBJECT) *a, unsigned char **pp)
-{
- return i2d_ASN1_SET_OF_ASN1_OBJECT(a, pp, i2d_ASN1_OBJECT,
- V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, IS_SEQUENCE);
-}
-
-STACK_OF(ASN1_OBJECT) *d2i_ext_ku(STACK_OF(ASN1_OBJECT) **a,
- unsigned char **pp, long length)
-{
- return d2i_ASN1_SET_OF_ASN1_OBJECT(a, pp, length, d2i_ASN1_OBJECT,
- ASN1_OBJECT_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-}
-
-
-
-static STACK_OF(CONF_VALUE) *i2v_ext_ku(X509V3_EXT_METHOD *method,
- STACK_OF(ASN1_OBJECT) *eku, STACK_OF(CONF_VALUE) *ext_list)
+static STACK_OF(CONF_VALUE) *i2v_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
+ EXTENDED_KEY_USAGE *eku, STACK_OF(CONF_VALUE) *ext_list)
{
int i;
ASN1_OBJECT *obj;
@@ -120,10 +101,10 @@
return ext_list;
}
-static STACK_OF(ASN1_OBJECT) *v2i_ext_ku(X509V3_EXT_METHOD *method,
+static EXTENDED_KEY_USAGE *v2i_EXTENDED_KEY_USAGE(X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
{
-STACK_OF(ASN1_OBJECT) *extku;
+EXTENDED_KEY_USAGE *extku;
char *extval;
ASN1_OBJECT *objtmp;
CONF_VALUE *val;
diff --git a/crypto/x509v3/v3_genn.c b/crypto/x509v3/v3_genn.c
index d447514..dc5ceb0 100644
--- a/crypto/x509v3/v3_genn.c
+++ b/crypto/x509v3/v3_genn.c
@@ -59,233 +59,43 @@
#include <stdio.h>
#include "cryptlib.h"
-#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
#include <openssl/conf.h>
#include <openssl/x509v3.h>
-int i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **pp)
-{
- unsigned char *p;
- int ret;
+ASN1_SEQUENCE(OTHERNAME) = {
+ ASN1_SIMPLE(OTHERNAME, type_id, ASN1_OBJECT),
+ /* Maybe have a true ANY DEFINED BY later */
+ ASN1_EXP(OTHERNAME, value, ASN1_ANY, 0)
+} ASN1_SEQUENCE_END(OTHERNAME);
- ret = 0;
+IMPLEMENT_ASN1_FUNCTIONS(OTHERNAME)
- /* Save the location of initial TAG */
- if(pp) p = *pp;
- else p = NULL;
+ASN1_SEQUENCE(EDIPARTYNAME) = {
+ ASN1_IMP_OPT(EDIPARTYNAME, nameAssigner, DIRECTORYSTRING, 0),
+ ASN1_IMP_OPT(EDIPARTYNAME, partyName, DIRECTORYSTRING, 1)
+} ASN1_SEQUENCE_END(EDIPARTYNAME);
- /* GEN_DNAME needs special treatment because of EXPLICIT tag */
+IMPLEMENT_ASN1_FUNCTIONS(EDIPARTYNAME)
- if(a->type == GEN_DIRNAME) {
- int v = 0;
- M_ASN1_I2D_len_EXP_opt(a->d.dirn, i2d_X509_NAME, 4, v);
- if(!p) return ret;
- M_ASN1_I2D_put_EXP_opt(a->d.dirn, i2d_X509_NAME, 4, v);
- *pp = p;
- return ret;
- }
+ASN1_CHOICE(GENERAL_NAME) = {
+ ASN1_IMP(GENERAL_NAME, d.otherName, OTHERNAME, GEN_OTHERNAME),
+ ASN1_IMP(GENERAL_NAME, d.rfc822Name, ASN1_IA5STRING, GEN_EMAIL),
+ ASN1_IMP(GENERAL_NAME, d.dNSName, ASN1_IA5STRING, GEN_DNS),
+ /* Don't decode this */
+ ASN1_IMP(GENERAL_NAME, d.x400Address, ASN1_SEQUENCE, GEN_X400),
+ /* X509_NAME is a CHOICE type so use EXPLICIT */
+ ASN1_EXP(GENERAL_NAME, d.directoryName, X509_NAME, GEN_DIRNAME),
+ ASN1_IMP(GENERAL_NAME, d.ediPartyName, EDIPARTYNAME, GEN_EDIPARTY),
+ ASN1_IMP(GENERAL_NAME, d.uniformResourceIdentifier, ASN1_IA5STRING, GEN_URI),
+ ASN1_IMP(GENERAL_NAME, d.iPAddress, ASN1_OCTET_STRING, GEN_IPADD),
+ ASN1_IMP(GENERAL_NAME, d.registeredID, ASN1_OBJECT, GEN_RID)
+} ASN1_CHOICE_END(GENERAL_NAME);
- switch(a->type) {
+IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAME)
- case GEN_X400:
- case GEN_EDIPARTY:
- ret = i2d_ASN1_TYPE(a->d.other, pp);
- break;
+ASN1_ITEM_TEMPLATE(GENERAL_NAMES) =
+ ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, GENERAL_NAME)
+ASN1_ITEM_TEMPLATE_END(GENERAL_NAMES);
- case GEN_OTHERNAME:
- ret = i2d_OTHERNAME(a->d.otherName, pp);
- break;
-
- case GEN_EMAIL:
- case GEN_DNS:
- case GEN_URI:
- ret = i2d_ASN1_IA5STRING(a->d.ia5, pp);
- break;
-
- case GEN_IPADD:
- ret = i2d_ASN1_OCTET_STRING(a->d.ip, pp);
- break;
-
- case GEN_RID:
- ret = i2d_ASN1_OBJECT(a->d.rid, pp);
- break;
- }
- /* Replace TAG with IMPLICIT value */
- if(p) *p = (*p & V_ASN1_CONSTRUCTED) | a->type;
- return ret;
-}
-
-GENERAL_NAME *GENERAL_NAME_new()
-{
- GENERAL_NAME *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, GENERAL_NAME);
- ret->type = -1;
- ret->d.ptr = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_GENERAL_NAME_NEW);
-}
-
-GENERAL_NAME *d2i_GENERAL_NAME(GENERAL_NAME **a, unsigned char **pp,
- long length)
-{
- unsigned char _tmp;
- M_ASN1_D2I_vars(a,GENERAL_NAME *,GENERAL_NAME_new);
- M_ASN1_D2I_Init();
- c.slen = length;
-
- _tmp = M_ASN1_next;
- ret->type = _tmp & ~V_ASN1_CONSTRUCTED;
-
- switch(ret->type) {
- /* Just put these in a "blob" for now */
- case GEN_X400:
- case GEN_EDIPARTY:
- M_ASN1_D2I_get_imp(ret->d.other, d2i_ASN1_TYPE,V_ASN1_SEQUENCE);
- break;
-
- case GEN_OTHERNAME:
- M_ASN1_D2I_get_imp(ret->d.otherName, d2i_OTHERNAME,V_ASN1_SEQUENCE);
- break;
-
- case GEN_EMAIL:
- case GEN_DNS:
- case GEN_URI:
- M_ASN1_D2I_get_imp(ret->d.ia5, d2i_ASN1_IA5STRING,
- V_ASN1_IA5STRING);
- break;
-
- case GEN_DIRNAME:
- M_ASN1_D2I_get_EXP_opt(ret->d.dirn, d2i_X509_NAME, 4);
- break;
-
- case GEN_IPADD:
- M_ASN1_D2I_get_imp(ret->d.ip, d2i_ASN1_OCTET_STRING,
- V_ASN1_OCTET_STRING);
- break;
-
- case GEN_RID:
- M_ASN1_D2I_get_imp(ret->d.rid, d2i_ASN1_OBJECT,V_ASN1_OBJECT);
- break;
-
- default:
- c.error = ASN1_R_BAD_TAG;
- goto err;
- }
-
- c.slen = 0;
- M_ASN1_D2I_Finish(a, GENERAL_NAME_free, ASN1_F_D2I_GENERAL_NAME);
-}
-
-void GENERAL_NAME_free(GENERAL_NAME *a)
-{
- if (a == NULL) return;
- switch(a->type) {
- case GEN_X400:
- case GEN_EDIPARTY:
- ASN1_TYPE_free(a->d.other);
- break;
-
- case GEN_OTHERNAME:
- OTHERNAME_free(a->d.otherName);
- break;
-
- case GEN_EMAIL:
- case GEN_DNS:
- case GEN_URI:
-
- M_ASN1_IA5STRING_free(a->d.ia5);
- break;
-
- case GEN_DIRNAME:
- X509_NAME_free(a->d.dirn);
- break;
-
- case GEN_IPADD:
- M_ASN1_OCTET_STRING_free(a->d.ip);
- break;
-
- case GEN_RID:
- ASN1_OBJECT_free(a->d.rid);
- break;
-
- }
- OPENSSL_free (a);
-}
-
-/* Now the GeneralNames versions: a SEQUENCE OF GeneralName. These are needed as
- * explicit functions.
- */
-
-STACK_OF(GENERAL_NAME) *GENERAL_NAMES_new()
-{
- return sk_GENERAL_NAME_new_null();
-}
-
-void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *a)
-{
- sk_GENERAL_NAME_pop_free(a, GENERAL_NAME_free);
-}
-
-STACK_OF(GENERAL_NAME) *d2i_GENERAL_NAMES(STACK_OF(GENERAL_NAME) **a,
- unsigned char **pp, long length)
-{
-return d2i_ASN1_SET_OF_GENERAL_NAME(a, pp, length, d2i_GENERAL_NAME,
- GENERAL_NAME_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-}
-
-int i2d_GENERAL_NAMES(STACK_OF(GENERAL_NAME) *a, unsigned char **pp)
-{
-return i2d_ASN1_SET_OF_GENERAL_NAME(a, pp, i2d_GENERAL_NAME, V_ASN1_SEQUENCE,
- V_ASN1_UNIVERSAL, IS_SEQUENCE);
-}
-
-IMPLEMENT_STACK_OF(GENERAL_NAME)
-IMPLEMENT_ASN1_SET_OF(GENERAL_NAME)
-
-int i2d_OTHERNAME(OTHERNAME *a, unsigned char **pp)
-{
- int v = 0;
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->type_id, i2d_ASN1_OBJECT);
- M_ASN1_I2D_len_EXP_opt(a->value, i2d_ASN1_TYPE, 0, v);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->type_id, i2d_ASN1_OBJECT);
- M_ASN1_I2D_put_EXP_opt(a->value, i2d_ASN1_TYPE, 0, v);
-
- M_ASN1_I2D_finish();
-}
-
-OTHERNAME *OTHERNAME_new(void)
-{
- OTHERNAME *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, OTHERNAME);
- ret->type_id = OBJ_nid2obj(NID_undef);
- M_ASN1_New(ret->value, ASN1_TYPE_new);
- return (ret);
- M_ASN1_New_Error(ASN1_F_OTHERNAME_NEW);
-}
-
-OTHERNAME *d2i_OTHERNAME(OTHERNAME **a, unsigned char **pp, long length)
-{
- M_ASN1_D2I_vars(a,OTHERNAME *,OTHERNAME_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->type_id, d2i_ASN1_OBJECT);
- M_ASN1_D2I_get_EXP_opt(ret->value, d2i_ASN1_TYPE, 0);
- M_ASN1_D2I_Finish(a, OTHERNAME_free, ASN1_F_D2I_OTHERNAME);
-}
-
-void OTHERNAME_free(OTHERNAME *a)
-{
- if (a == NULL) return;
- ASN1_OBJECT_free(a->type_id);
- ASN1_TYPE_free(a->value);
- OPENSSL_free (a);
-}
-
+IMPLEMENT_ASN1_FUNCTIONS(GENERAL_NAMES)
diff --git a/crypto/x509v3/v3_info.c b/crypto/x509v3/v3_info.c
index 44d95a6..35d95ad 100644
--- a/crypto/x509v3/v3_info.c
+++ b/crypto/x509v3/v3_info.c
@@ -60,13 +60,13 @@
#include "cryptlib.h"
#include <openssl/conf.h>
#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
#include <openssl/x509v3.h>
static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
- STACK_OF(ACCESS_DESCRIPTION) *ainfo,
+ AUTHORITY_INFO_ACCESS *ainfo,
STACK_OF(CONF_VALUE) *ret);
-static STACK_OF(ACCESS_DESCRIPTION) *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
+static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
X509V3_EXT_METHOD v3_info =
@@ -80,8 +80,21 @@
(X509V3_EXT_V2I)v2i_AUTHORITY_INFO_ACCESS,
NULL, NULL, NULL};
+ASN1_SEQUENCE(ACCESS_DESCRIPTION) = {
+ ASN1_SIMPLE(ACCESS_DESCRIPTION, method, ASN1_OBJECT),
+ ASN1_SIMPLE(ACCESS_DESCRIPTION, location, GENERAL_NAME)
+} ASN1_SEQUENCE_END(ACCESS_DESCRIPTION);
+
+IMPLEMENT_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
+
+ASN1_ITEM_TEMPLATE(AUTHORITY_INFO_ACCESS) =
+ ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, GeneralNames, ACCESS_DESCRIPTION)
+ASN1_ITEM_TEMPLATE_END(AUTHORITY_INFO_ACCESS);
+
+IMPLEMENT_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
+
static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
- STACK_OF(ACCESS_DESCRIPTION) *ainfo,
+ AUTHORITY_INFO_ACCESS *ainfo,
STACK_OF(CONF_VALUE) *ret)
{
ACCESS_DESCRIPTION *desc;
@@ -111,10 +124,10 @@
return ret;
}
-static STACK_OF(ACCESS_DESCRIPTION) *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
+static AUTHORITY_INFO_ACCESS *v2i_AUTHORITY_INFO_ACCESS(X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval)
{
- STACK_OF(ACCESS_DESCRIPTION) *ainfo = NULL;
+ AUTHORITY_INFO_ACCESS *ainfo = NULL;
CONF_VALUE *cnf, ctmp;
ACCESS_DESCRIPTION *acc;
int i, objlen;
@@ -162,51 +175,6 @@
return NULL;
}
-int i2d_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len(a->method, i2d_ASN1_OBJECT);
- M_ASN1_I2D_len(a->location, i2d_GENERAL_NAME);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put(a->method, i2d_ASN1_OBJECT);
- M_ASN1_I2D_put(a->location, i2d_GENERAL_NAME);
-
- M_ASN1_I2D_finish();
-}
-
-ACCESS_DESCRIPTION *ACCESS_DESCRIPTION_new(void)
-{
- ACCESS_DESCRIPTION *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, ACCESS_DESCRIPTION);
- ret->method = OBJ_nid2obj(NID_undef);
- ret->location = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_ACCESS_DESCRIPTION_NEW);
-}
-
-ACCESS_DESCRIPTION *d2i_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION **a, unsigned char **pp,
- long length)
-{
- M_ASN1_D2I_vars(a,ACCESS_DESCRIPTION *,ACCESS_DESCRIPTION_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->method, d2i_ASN1_OBJECT);
- M_ASN1_D2I_get(ret->location, d2i_GENERAL_NAME);
- M_ASN1_D2I_Finish(a, ACCESS_DESCRIPTION_free, ASN1_F_D2I_ACCESS_DESCRIPTION);
-}
-
-void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *a)
-{
- if (a == NULL) return;
- ASN1_OBJECT_free(a->method);
- GENERAL_NAME_free(a->location);
- OPENSSL_free (a);
-}
-
int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a)
{
i2a_ASN1_OBJECT(bp, a->method);
@@ -215,31 +183,3 @@
#endif
return 2;
}
-
-STACK_OF(ACCESS_DESCRIPTION) *AUTHORITY_INFO_ACCESS_new(void)
-{
- return sk_ACCESS_DESCRIPTION_new_null();
-}
-
-void AUTHORITY_INFO_ACCESS_free(STACK_OF(ACCESS_DESCRIPTION) *a)
-{
- sk_ACCESS_DESCRIPTION_pop_free(a, ACCESS_DESCRIPTION_free);
-}
-
-STACK_OF(ACCESS_DESCRIPTION) *d2i_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) **a,
- unsigned char **pp, long length)
-{
-return d2i_ASN1_SET_OF_ACCESS_DESCRIPTION(a, pp, length, d2i_ACCESS_DESCRIPTION,
- ACCESS_DESCRIPTION_free, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL);
-}
-
-int i2d_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) *a, unsigned char **pp)
-{
-return i2d_ASN1_SET_OF_ACCESS_DESCRIPTION(a, pp, i2d_ACCESS_DESCRIPTION, V_ASN1_SEQUENCE,
- V_ASN1_UNIVERSAL, IS_SEQUENCE);
-}
-
-IMPLEMENT_STACK_OF(ACCESS_DESCRIPTION)
-IMPLEMENT_ASN1_SET_OF(ACCESS_DESCRIPTION)
-
-
diff --git a/crypto/x509v3/v3_pku.c b/crypto/x509v3/v3_pku.c
index 47f9e8f..600db6d 100644
--- a/crypto/x509v3/v3_pku.c
+++ b/crypto/x509v3/v3_pku.c
@@ -59,7 +59,7 @@
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
#include <openssl/x509v3.h>
static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method, PKEY_USAGE_PERIOD *usage, BIO *out, int indent);
@@ -77,52 +77,12 @@
NULL
};
-int i2d_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
+ASN1_SEQUENCE(PKEY_USAGE_PERIOD) = {
+ ASN1_IMP_OPT(PKEY_USAGE_PERIOD, notBefore, ASN1_GENERALIZEDTIME, 0),
+ ASN1_IMP_OPT(PKEY_USAGE_PERIOD, notAfter, ASN1_GENERALIZEDTIME, 1)
+} ASN1_SEQUENCE_END(PKEY_USAGE_PERIOD);
- M_ASN1_I2D_len_IMP_opt (a->notBefore, i2d_ASN1_GENERALIZEDTIME);
- M_ASN1_I2D_len_IMP_opt (a->notAfter, i2d_ASN1_GENERALIZEDTIME);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put_IMP_opt (a->notBefore, i2d_ASN1_GENERALIZEDTIME, 0);
- M_ASN1_I2D_put_IMP_opt (a->notAfter, i2d_ASN1_GENERALIZEDTIME, 1);
-
- M_ASN1_I2D_finish();
-}
-
-PKEY_USAGE_PERIOD *PKEY_USAGE_PERIOD_new(void)
-{
- PKEY_USAGE_PERIOD *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, PKEY_USAGE_PERIOD);
- ret->notBefore = NULL;
- ret->notAfter = NULL;
- return (ret);
- M_ASN1_New_Error(ASN1_F_PKEY_USAGE_PERIOD_NEW);
-}
-
-PKEY_USAGE_PERIOD *d2i_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD **a,
- unsigned char **pp, long length)
-{
- M_ASN1_D2I_vars(a,PKEY_USAGE_PERIOD *,PKEY_USAGE_PERIOD_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get_IMP_opt (ret->notBefore, d2i_ASN1_GENERALIZEDTIME, 0,
- V_ASN1_GENERALIZEDTIME);
- M_ASN1_D2I_get_IMP_opt (ret->notAfter, d2i_ASN1_GENERALIZEDTIME, 1,
- V_ASN1_GENERALIZEDTIME);
- M_ASN1_D2I_Finish(a, PKEY_USAGE_PERIOD_free, ASN1_F_D2I_PKEY_USAGE_PERIOD);
-}
-
-void PKEY_USAGE_PERIOD_free(PKEY_USAGE_PERIOD *a)
-{
- if (a == NULL) return;
- M_ASN1_GENERALIZEDTIME_free(a->notBefore);
- M_ASN1_GENERALIZEDTIME_free(a->notAfter);
- OPENSSL_free (a);
-}
+IMPLEMENT_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD)
static int i2r_PKEY_USAGE_PERIOD(X509V3_EXT_METHOD *method,
PKEY_USAGE_PERIOD *usage, BIO *out, int indent)
diff --git a/crypto/x509v3/v3_purp.c b/crypto/x509v3/v3_purp.c
index 867699b..717e23d 100644
--- a/crypto/x509v3/v3_purp.c
+++ b/crypto/x509v3/v3_purp.c
@@ -261,7 +261,7 @@
BASIC_CONSTRAINTS *bs;
ASN1_BIT_STRING *usage;
ASN1_BIT_STRING *ns;
- STACK_OF(ASN1_OBJECT) *extusage;
+ EXTENDED_KEY_USAGE *extusage;
int i;
if(x->ex_flags & EXFLAG_SET) return;
@@ -511,7 +511,7 @@
* There may be more than one but we only take any
* notice of the first.
*/
- STACK_OF(GENERAL_NAME) *gens;
+ GENERAL_NAMES *gens;
GENERAL_NAME *gen;
X509_NAME *nm = NULL;
int i;
diff --git a/crypto/x509v3/v3_sxnet.c b/crypto/x509v3/v3_sxnet.c
index bfecacd..bd38ad5 100644
--- a/crypto/x509v3/v3_sxnet.c
+++ b/crypto/x509v3/v3_sxnet.c
@@ -60,7 +60,7 @@
#include "cryptlib.h"
#include <openssl/conf.h>
#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
+#include <openssl/asn1t.h>
#include <openssl/x509v3.h>
/* Support for Thawte strong extranet extension */
@@ -90,94 +90,19 @@
NULL
};
+ASN1_SEQUENCE(SXNETID) = {
+ ASN1_SIMPLE(SXNETID, zone, ASN1_INTEGER),
+ ASN1_SIMPLE(SXNETID, user, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(SXNETID);
-int i2d_SXNET(SXNET *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
+IMPLEMENT_ASN1_FUNCTIONS(SXNETID)
- M_ASN1_I2D_len (a->version, i2d_ASN1_INTEGER);
- M_ASN1_I2D_len_SEQUENCE_type (SXNETID, a->ids, i2d_SXNETID);
+ASN1_SEQUENCE(SXNET) = {
+ ASN1_SIMPLE(SXNET, version, ASN1_INTEGER),
+ ASN1_SEQUENCE_OF(SXNET, ids, SXNETID)
+} ASN1_SEQUENCE_END(SXNET);
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put (a->version, i2d_ASN1_INTEGER);
- M_ASN1_I2D_put_SEQUENCE_type (SXNETID, a->ids, i2d_SXNETID);
-
- M_ASN1_I2D_finish();
-}
-
-SXNET *SXNET_new(void)
-{
- SXNET *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, SXNET);
- M_ASN1_New(ret->version,M_ASN1_INTEGER_new);
- M_ASN1_New(ret->ids,sk_SXNETID_new_null);
- return (ret);
- M_ASN1_New_Error(ASN1_F_SXNET_NEW);
-}
-
-SXNET *d2i_SXNET(SXNET **a, unsigned char **pp, long length)
-{
- M_ASN1_D2I_vars(a,SXNET *,SXNET_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get (ret->version, d2i_ASN1_INTEGER);
- M_ASN1_D2I_get_seq_type (SXNETID, ret->ids, d2i_SXNETID, SXNETID_free);
- M_ASN1_D2I_Finish(a, SXNET_free, ASN1_F_D2I_SXNET);
-}
-
-void SXNET_free(SXNET *a)
-{
- if (a == NULL) return;
- M_ASN1_INTEGER_free(a->version);
- sk_SXNETID_pop_free(a->ids, SXNETID_free);
- OPENSSL_free (a);
-}
-
-int i2d_SXNETID(SXNETID *a, unsigned char **pp)
-{
- M_ASN1_I2D_vars(a);
-
- M_ASN1_I2D_len (a->zone, i2d_ASN1_INTEGER);
- M_ASN1_I2D_len (a->user, i2d_ASN1_OCTET_STRING);
-
- M_ASN1_I2D_seq_total();
-
- M_ASN1_I2D_put (a->zone, i2d_ASN1_INTEGER);
- M_ASN1_I2D_put (a->user, i2d_ASN1_OCTET_STRING);
-
- M_ASN1_I2D_finish();
-}
-
-SXNETID *SXNETID_new(void)
-{
- SXNETID *ret=NULL;
- ASN1_CTX c;
- M_ASN1_New_Malloc(ret, SXNETID);
- ret->zone = NULL;
- M_ASN1_New(ret->user,M_ASN1_OCTET_STRING_new);
- return (ret);
- M_ASN1_New_Error(ASN1_F_SXNETID_NEW);
-}
-
-SXNETID *d2i_SXNETID(SXNETID **a, unsigned char **pp, long length)
-{
- M_ASN1_D2I_vars(a,SXNETID *,SXNETID_new);
- M_ASN1_D2I_Init();
- M_ASN1_D2I_start_sequence();
- M_ASN1_D2I_get(ret->zone, d2i_ASN1_INTEGER);
- M_ASN1_D2I_get(ret->user, d2i_ASN1_OCTET_STRING);
- M_ASN1_D2I_Finish(a, SXNETID_free, ASN1_F_D2I_SXNETID);
-}
-
-void SXNETID_free(SXNETID *a)
-{
- if (a == NULL) return;
- M_ASN1_INTEGER_free(a->zone);
- M_ASN1_OCTET_STRING_free(a->user);
- OPENSSL_free (a);
-}
+IMPLEMENT_ASN1_FUNCTIONS(SXNET)
static int sxnet_i2r(X509V3_EXT_METHOD *method, SXNET *sx, BIO *out,
int indent)
diff --git a/crypto/x509v3/v3_utl.c b/crypto/x509v3/v3_utl.c
index 619f161..727a93f 100644
--- a/crypto/x509v3/v3_utl.c
+++ b/crypto/x509v3/v3_utl.c
@@ -66,7 +66,7 @@
static char *strip_spaces(char *name);
static int sk_strcmp(const char * const *a, const char * const *b);
-static STACK *get_email(X509_NAME *name, STACK_OF(GENERAL_NAME) *gens);
+static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens);
static void str_free(void *str);
static int append_ia5(STACK **sk, ASN1_IA5STRING *email);
@@ -439,7 +439,7 @@
STACK *X509_get1_email(X509 *x)
{
- STACK_OF(GENERAL_NAME) *gens;
+ GENERAL_NAMES *gens;
STACK *ret;
gens = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
ret = get_email(X509_get_subject_name(x), gens);
@@ -449,7 +449,7 @@
STACK *X509_REQ_get1_email(X509_REQ *x)
{
- STACK_OF(GENERAL_NAME) *gens;
+ GENERAL_NAMES *gens;
STACK_OF(X509_EXTENSION) *exts;
STACK *ret;
exts = X509_REQ_get_extensions(x);
@@ -461,7 +461,7 @@
}
-static STACK *get_email(X509_NAME *name, STACK_OF(GENERAL_NAME) *gens)
+static STACK *get_email(X509_NAME *name, GENERAL_NAMES *gens)
{
STACK *ret = NULL;
X509_NAME_ENTRY *ne;
diff --git a/crypto/x509v3/v3conf.c b/crypto/x509v3/v3conf.c
index 21cf746..67ee14f 100644
--- a/crypto/x509v3/v3conf.c
+++ b/crypto/x509v3/v3conf.c
@@ -60,7 +60,6 @@
#include <stdio.h>
#include "cryptlib.h"
#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
#include <openssl/conf.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
diff --git a/crypto/x509v3/v3prin.c b/crypto/x509v3/v3prin.c
index ee79885..b529814 100644
--- a/crypto/x509v3/v3prin.c
+++ b/crypto/x509v3/v3prin.c
@@ -59,9 +59,7 @@
#include <stdio.h>
-#include "cryptlib.h"
#include <openssl/asn1.h>
-#include <openssl/asn1_mac.h>
#include <openssl/conf.h>
#include <openssl/x509.h>
#include <openssl/x509v3.h>
diff --git a/crypto/x509v3/x509v3.h b/crypto/x509v3/x509v3.h
index 908c3ae..fb70fde 100644
--- a/crypto/x509v3/x509v3.h
+++ b/crypto/x509v3/x509v3.h
@@ -156,35 +156,56 @@
ASN1_TYPE *value;
} OTHERNAME;
+typedef struct EDIPartyName_st {
+ ASN1_STRING *nameAssigner;
+ ASN1_STRING *partyName;
+} EDIPARTYNAME;
+
typedef struct GENERAL_NAME_st {
-#define GEN_OTHERNAME (0|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_EMAIL (1|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_DNS (2|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_X400 (3|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_DIRNAME (4|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_EDIPARTY (5|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_URI (6|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_IPADD (7|V_ASN1_CONTEXT_SPECIFIC)
-#define GEN_RID (8|V_ASN1_CONTEXT_SPECIFIC)
+#define GEN_OTHERNAME 0
+#define GEN_EMAIL 1
+#define GEN_DNS 2
+#define GEN_X400 3
+#define GEN_DIRNAME 4
+#define GEN_EDIPARTY 5
+#define GEN_URI 6
+#define GEN_IPADD 7
+#define GEN_RID 8
int type;
union {
char *ptr;
- ASN1_IA5STRING *ia5;/* rfc822Name, dNSName, uniformResourceIdentifier */
+ OTHERNAME *otherName; /* otherName */
+ ASN1_IA5STRING *rfc822Name;
+ ASN1_IA5STRING *dNSName;
+ ASN1_TYPE *x400Address;
+ X509_NAME *directoryName;
+ EDIPARTYNAME *ediPartyName;
+ ASN1_IA5STRING *uniformResourceIdentifier;
+ ASN1_OCTET_STRING *iPAddress;
+ ASN1_OBJECT *registeredID;
+
+ /* Old names */
ASN1_OCTET_STRING *ip; /* iPAddress */
X509_NAME *dirn; /* dirn */
+ ASN1_IA5STRING *ia5;/* rfc822Name, dNSName, uniformResourceIdentifier */
ASN1_OBJECT *rid; /* registeredID */
- OTHERNAME *otherName; /* otherName */
- ASN1_TYPE *other; /* ediPartyName, x400Address */
+ ASN1_TYPE *other; /* x400Address */
} d;
} GENERAL_NAME;
+typedef STACK_OF(GENERAL_NAME) GENERAL_NAMES;
+
typedef struct ACCESS_DESCRIPTION_st {
ASN1_OBJECT *method;
GENERAL_NAME *location;
} ACCESS_DESCRIPTION;
+typedef STACK_OF(ACCESS_DESCRIPTION) AUTHORITY_INFO_ACCESS;
+
+typedef STACK_OF(ASN1_OBJECT) EXTENDED_KEY_USAGE;
+
DECLARE_STACK_OF(GENERAL_NAME)
DECLARE_ASN1_SET_OF(GENERAL_NAME)
@@ -192,23 +213,27 @@
DECLARE_ASN1_SET_OF(ACCESS_DESCRIPTION)
typedef struct DIST_POINT_NAME_st {
-/* NB: this is a CHOICE type and only one of these should be set */
-STACK_OF(GENERAL_NAME) *fullname;
-STACK_OF(X509_NAME_ENTRY) *relativename;
+int type;
+union {
+ GENERAL_NAMES *fullname;
+ STACK_OF(X509_NAME_ENTRY) *relativename;
+} name;
} DIST_POINT_NAME;
typedef struct DIST_POINT_st {
DIST_POINT_NAME *distpoint;
ASN1_BIT_STRING *reasons;
-STACK_OF(GENERAL_NAME) *CRLissuer;
+GENERAL_NAMES *CRLissuer;
} DIST_POINT;
+typedef STACK_OF(DIST_POINT) CRL_DIST_POINTS;
+
DECLARE_STACK_OF(DIST_POINT)
DECLARE_ASN1_SET_OF(DIST_POINT)
typedef struct AUTHORITY_KEYID_st {
ASN1_OCTET_STRING *keyid;
-STACK_OF(GENERAL_NAME) *issuer;
+GENERAL_NAMES *issuer;
ASN1_INTEGER *serial;
} AUTHORITY_KEYID;
@@ -254,6 +279,8 @@
STACK_OF(POLICYQUALINFO) *qualifiers;
} POLICYINFO;
+typedef STACK_OF(POLICYINFO) CERTIFICATEPOLICIES;
+
DECLARE_STACK_OF(POLICYINFO)
DECLARE_ASN1_SET_OF(POLICYINFO)
@@ -372,21 +399,8 @@
BASIC_CONSTRAINTS *BASIC_CONSTRAINTS_new(void);
void BASIC_CONSTRAINTS_free(BASIC_CONSTRAINTS *a);
-int i2d_GENERAL_NAME(GENERAL_NAME *a, unsigned char **pp);
-GENERAL_NAME *d2i_GENERAL_NAME(GENERAL_NAME **a, unsigned char **pp, long length);
-GENERAL_NAME *GENERAL_NAME_new(void);
-void GENERAL_NAME_free(GENERAL_NAME *a);
-STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret);
-
-int i2d_SXNET(SXNET *a, unsigned char **pp);
-SXNET *d2i_SXNET(SXNET **a, unsigned char **pp, long length);
-SXNET *SXNET_new(void);
-void SXNET_free(SXNET *a);
-
-int i2d_SXNETID(SXNETID *a, unsigned char **pp);
-SXNETID *d2i_SXNETID(SXNETID **a, unsigned char **pp, long length);
-SXNETID *SXNETID_new(void);
-void SXNETID_free(SXNETID *a);
+DECLARE_ASN1_FUNCTIONS(SXNET)
+DECLARE_ASN1_FUNCTIONS(SXNETID)
int SXNET_add_id_asc(SXNET **psx, char *zone, char *user, int userlen);
int SXNET_add_id_ulong(SXNET **psx, unsigned long lzone, char *user, int userlen);
@@ -396,96 +410,42 @@
ASN1_OCTET_STRING *SXNET_get_id_ulong(SXNET *sx, unsigned long lzone);
ASN1_OCTET_STRING *SXNET_get_id_INTEGER(SXNET *sx, ASN1_INTEGER *zone);
-int i2d_AUTHORITY_KEYID(AUTHORITY_KEYID *a, unsigned char **pp);
-AUTHORITY_KEYID *d2i_AUTHORITY_KEYID(AUTHORITY_KEYID **a, unsigned char **pp, long length);
-AUTHORITY_KEYID *AUTHORITY_KEYID_new(void);
-void AUTHORITY_KEYID_free(AUTHORITY_KEYID *a);
+DECLARE_ASN1_FUNCTIONS(AUTHORITY_KEYID)
-int i2d_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD *a, unsigned char **pp);
-PKEY_USAGE_PERIOD *d2i_PKEY_USAGE_PERIOD(PKEY_USAGE_PERIOD **a, unsigned char **pp, long length);
-PKEY_USAGE_PERIOD *PKEY_USAGE_PERIOD_new(void);
-void PKEY_USAGE_PERIOD_free(PKEY_USAGE_PERIOD *a);
+DECLARE_ASN1_FUNCTIONS(PKEY_USAGE_PERIOD)
-STACK_OF(GENERAL_NAME) *GENERAL_NAMES_new(void);
-void GENERAL_NAMES_free(STACK_OF(GENERAL_NAME) *a);
-STACK_OF(GENERAL_NAME) *d2i_GENERAL_NAMES(STACK_OF(GENERAL_NAME) **a, unsigned char **pp, long length);
-int i2d_GENERAL_NAMES(STACK_OF(GENERAL_NAME) *a, unsigned char **pp);
+DECLARE_ASN1_FUNCTIONS(GENERAL_NAME)
+
+STACK_OF(CONF_VALUE) *i2v_GENERAL_NAME(X509V3_EXT_METHOD *method, GENERAL_NAME *gen, STACK_OF(CONF_VALUE) *ret);
+
+DECLARE_ASN1_FUNCTIONS(GENERAL_NAMES)
+
STACK_OF(CONF_VALUE) *i2v_GENERAL_NAMES(X509V3_EXT_METHOD *method,
- STACK_OF(GENERAL_NAME) *gen, STACK_OF(CONF_VALUE) *extlist);
-STACK_OF(GENERAL_NAME) *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
+ GENERAL_NAMES *gen, STACK_OF(CONF_VALUE) *extlist);
+GENERAL_NAMES *v2i_GENERAL_NAMES(X509V3_EXT_METHOD *method,
X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *nval);
-int i2d_OTHERNAME(OTHERNAME *a, unsigned char **pp);
-OTHERNAME *OTHERNAME_new(void);
-OTHERNAME *d2i_OTHERNAME(OTHERNAME **a, unsigned char **pp, long length);
-void OTHERNAME_free(OTHERNAME *a);
+DECLARE_ASN1_FUNCTIONS(OTHERNAME)
+DECLARE_ASN1_FUNCTIONS(EDIPARTYNAME)
char *i2s_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, ASN1_OCTET_STRING *ia5);
ASN1_OCTET_STRING *s2i_ASN1_OCTET_STRING(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, char *str);
-int i2d_ext_ku(STACK_OF(ASN1_OBJECT) *a, unsigned char **pp);
-STACK_OF(ASN1_OBJECT) *d2i_ext_ku(STACK_OF(ASN1_OBJECT) **a,
- unsigned char **pp, long length);
-void ext_ku_free(STACK_OF(ASN1_OBJECT) *a);
-STACK_OF(ASN1_OBJECT) *ext_ku_new(void);
-
-int i2d_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) *a, unsigned char **pp);
-STACK_OF(POLICYINFO) *CERTIFICATEPOLICIES_new(void);
-void CERTIFICATEPOLICIES_free(STACK_OF(POLICYINFO) *a);
-STACK_OF(POLICYINFO) *d2i_CERTIFICATEPOLICIES(STACK_OF(POLICYINFO) **a, unsigned char **pp, long length);
-
-int i2d_POLICYINFO(POLICYINFO *a, unsigned char **pp);
-POLICYINFO *POLICYINFO_new(void);
-POLICYINFO *d2i_POLICYINFO(POLICYINFO **a, unsigned char **pp, long length);
-void POLICYINFO_free(POLICYINFO *a);
-
-int i2d_POLICYQUALINFO(POLICYQUALINFO *a, unsigned char **pp);
-POLICYQUALINFO *POLICYQUALINFO_new(void);
-POLICYQUALINFO *d2i_POLICYQUALINFO(POLICYQUALINFO **a, unsigned char **pp,
- long length);
-void POLICYQUALINFO_free(POLICYQUALINFO *a);
-
-int i2d_USERNOTICE(USERNOTICE *a, unsigned char **pp);
-USERNOTICE *USERNOTICE_new(void);
-USERNOTICE *d2i_USERNOTICE(USERNOTICE **a, unsigned char **pp, long length);
-void USERNOTICE_free(USERNOTICE *a);
-
-int i2d_NOTICEREF(NOTICEREF *a, unsigned char **pp);
-NOTICEREF *NOTICEREF_new(void);
-NOTICEREF *d2i_NOTICEREF(NOTICEREF **a, unsigned char **pp, long length);
-void NOTICEREF_free(NOTICEREF *a);
-
-int i2d_CRL_DIST_POINTS(STACK_OF(DIST_POINT) *a, unsigned char **pp);
-STACK_OF(DIST_POINT) *CRL_DIST_POINTS_new(void);
-void CRL_DIST_POINTS_free(STACK_OF(DIST_POINT) *a);
-STACK_OF(DIST_POINT) *d2i_CRL_DIST_POINTS(STACK_OF(DIST_POINT) **a,
- unsigned char **pp,long length);
-
-int i2d_DIST_POINT(DIST_POINT *a, unsigned char **pp);
-DIST_POINT *DIST_POINT_new(void);
-DIST_POINT *d2i_DIST_POINT(DIST_POINT **a, unsigned char **pp, long length);
-void DIST_POINT_free(DIST_POINT *a);
-
-int i2d_DIST_POINT_NAME(DIST_POINT_NAME *a, unsigned char **pp);
-DIST_POINT_NAME *DIST_POINT_NAME_new(void);
-void DIST_POINT_NAME_free(DIST_POINT_NAME *a);
-DIST_POINT_NAME *d2i_DIST_POINT_NAME(DIST_POINT_NAME **a, unsigned char **pp,
- long length);
-
-int i2d_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION *a, unsigned char **pp);
-ACCESS_DESCRIPTION *ACCESS_DESCRIPTION_new(void);
-void ACCESS_DESCRIPTION_free(ACCESS_DESCRIPTION *a);
-ACCESS_DESCRIPTION *d2i_ACCESS_DESCRIPTION(ACCESS_DESCRIPTION **a, unsigned char **pp,
- long length);
+DECLARE_ASN1_FUNCTIONS(EXTENDED_KEY_USAGE)
int i2a_ACCESS_DESCRIPTION(BIO *bp, ACCESS_DESCRIPTION* a);
-STACK_OF(ACCESS_DESCRIPTION) *AUTHORITY_INFO_ACCESS_new(void);
-void AUTHORITY_INFO_ACCESS_free(STACK_OF(ACCESS_DESCRIPTION) *a);
-STACK_OF(ACCESS_DESCRIPTION) *d2i_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) **a,
- unsigned char **pp, long length);
-int i2d_AUTHORITY_INFO_ACCESS(STACK_OF(ACCESS_DESCRIPTION) *a, unsigned char **pp);
+DECLARE_ASN1_FUNCTIONS(CERTIFICATEPOLICIES)
+DECLARE_ASN1_FUNCTIONS(POLICYINFO)
+DECLARE_ASN1_FUNCTIONS(POLICYQUALINFO)
+DECLARE_ASN1_FUNCTIONS(USERNOTICE)
+DECLARE_ASN1_FUNCTIONS(NOTICEREF)
+DECLARE_ASN1_FUNCTIONS(CRL_DIST_POINTS)
+DECLARE_ASN1_FUNCTIONS(DIST_POINT)
+DECLARE_ASN1_FUNCTIONS(DIST_POINT_NAME)
+DECLARE_ASN1_FUNCTIONS(ACCESS_DESCRIPTION)
+DECLARE_ASN1_FUNCTIONS(AUTHORITY_INFO_ACCESS)
#ifdef HEADER_CONF_H
GENERAL_NAME *v2i_GENERAL_NAME(X509V3_EXT_METHOD *method, X509V3_CTX *ctx, CONF_VALUE *cnf);
diff --git a/demos/asn1/README.ASN1 b/demos/asn1/README.ASN1
new file mode 100644
index 0000000..ac497be
--- /dev/null
+++ b/demos/asn1/README.ASN1
@@ -0,0 +1,7 @@
+This is a demo of the new ASN1 code. Its an OCSP ASN1 module. Doesn't
+do much yet other than demonstrate what the new ASN1 modules might look
+like.
+
+It wont even compile yet: the new code isn't in place.
+
+
diff --git a/demos/asn1/ocsp.c b/demos/asn1/ocsp.c
new file mode 100644
index 0000000..0199fe1
--- /dev/null
+++ b/demos/asn1/ocsp.c
@@ -0,0 +1,366 @@
+/* ocsp.c */
+/* Written by Dr Stephen N Henson (shenson@bigfoot.com) for the OpenSSL
+ * project 2000.
+ */
+/* ====================================================================
+ * Copyright (c) 2000 The OpenSSL Project. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ * software must display the following acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ * endorse or promote products derived from this software without
+ * prior written permission. For written permission, please contact
+ * licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ * nor may "OpenSSL" appear in their names without prior written
+ * permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ * acknowledgment:
+ * "This product includes software developed by the OpenSSL Project
+ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com). This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+#include <openssl/asn1.h>
+#include <openssl/asn1t.h>
+#include <openssl/x509v3.h>
+
+
+
+
+/* Example of new ASN1 code, OCSP request
+
+ OCSPRequest ::= SEQUENCE {
+ tbsRequest TBSRequest,
+ optionalSignature [0] EXPLICIT Signature OPTIONAL }
+
+ TBSRequest ::= SEQUENCE {
+ version [0] EXPLICIT Version DEFAULT v1,
+ requestorName [1] EXPLICIT GeneralName OPTIONAL,
+ requestList SEQUENCE OF Request,
+ requestExtensions [2] EXPLICIT Extensions OPTIONAL }
+
+ Signature ::= SEQUENCE {
+ signatureAlgorithm AlgorithmIdentifier,
+ signature BIT STRING,
+ certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
+
+ Version ::= INTEGER { v1(0) }
+
+ Request ::= SEQUENCE {
+ reqCert CertID,
+ singleRequestExtensions [0] EXPLICIT Extensions OPTIONAL }
+
+ CertID ::= SEQUENCE {
+ hashAlgorithm AlgorithmIdentifier,
+ issuerNameHash OCTET STRING, -- Hash of Issuer's DN
+ issuerKeyHash OCTET STRING, -- Hash of Issuers public key
+ serialNumber CertificateSerialNumber }
+
+ OCSPResponse ::= SEQUENCE {
+ responseStatus OCSPResponseStatus,
+ responseBytes [0] EXPLICIT ResponseBytes OPTIONAL }
+
+ OCSPResponseStatus ::= ENUMERATED {
+ successful (0), --Response has valid confirmations
+ malformedRequest (1), --Illegal confirmation request
+ internalError (2), --Internal error in issuer
+ tryLater (3), --Try again later
+ --(4) is not used
+ sigRequired (5), --Must sign the request
+ unauthorized (6) --Request unauthorized
+ }
+
+ ResponseBytes ::= SEQUENCE {
+ responseType OBJECT IDENTIFIER,
+ response OCTET STRING }
+
+ BasicOCSPResponse ::= SEQUENCE {
+ tbsResponseData ResponseData,
+ signatureAlgorithm AlgorithmIdentifier,
+ signature BIT STRING,
+ certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
+
+ ResponseData ::= SEQUENCE {
+ version [0] EXPLICIT Version DEFAULT v1,
+ responderID ResponderID,
+ producedAt GeneralizedTime,
+ responses SEQUENCE OF SingleResponse,
+ responseExtensions [1] EXPLICIT Extensions OPTIONAL }
+
+ ResponderID ::= CHOICE {
+ byName [1] Name, --EXPLICIT
+ byKey [2] KeyHash }
+
+ KeyHash ::= OCTET STRING --SHA-1 hash of responder's public key
+ --(excluding the tag and length fields)
+
+ SingleResponse ::= SEQUENCE {
+ certID CertID,
+ certStatus CertStatus,
+ thisUpdate GeneralizedTime,
+ nextUpdate [0] EXPLICIT GeneralizedTime OPTIONAL,
+ singleExtensions [1] EXPLICIT Extensions OPTIONAL }
+
+ CertStatus ::= CHOICE {
+ good [0] IMPLICIT NULL,
+ revoked [1] IMPLICIT RevokedInfo,
+ unknown [2] IMPLICIT UnknownInfo }
+
+ RevokedInfo ::= SEQUENCE {
+ revocationTime GeneralizedTime,
+ revocationReason [0] EXPLICIT CRLReason OPTIONAL }
+
+ UnknownInfo ::= NULL -- this can be replaced with an enumeration
+
+ ArchiveCutoff ::= GeneralizedTime
+
+ AcceptableResponses ::= SEQUENCE OF OBJECT IDENTIFIER
+
+ ServiceLocator ::= SEQUENCE {
+ issuer Name,
+ locator AuthorityInfoAccessSyntax }
+
+ -- Object Identifiers
+
+ id-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-kp 9 }
+ id-pkix-ocsp OBJECT IDENTIFIER ::= { id-ad-ocsp }
+ id-pkix-ocsp-basic OBJECT IDENTIFIER ::= { id-pkix-ocsp 1 }
+ id-pkix-ocsp-nonce OBJECT IDENTIFIER ::= { id-pkix-ocsp 2 }
+ id-pkix-ocsp-crl OBJECT IDENTIFIER ::= { id-pkix-ocsp 3 }
+ id-pkix-ocsp-response OBJECT IDENTIFIER ::= { id-pkix-ocsp 4 }
+ id-pkix-ocsp-nocheck OBJECT IDENTIFIER ::= { id-pkix-ocsp 5 }
+ id-pkix-ocsp-archive-cutoff OBJECT IDENTIFIER ::= { id-pkix-ocsp 6 }
+ id-pkix-ocsp-service-locator OBJECT IDENTIFIER ::= { id-pkix-ocsp 7 }
+
+*/
+
+/* Request Structures */
+
+DECLARE_STACK_OF(Request)
+
+typedef struct {
+ ASN1_INTEGER *version;
+ GENERAL_NAME *requestorName;
+ STACK_OF(Request) *requestList;
+ STACK_OF(X509_EXTENSION) *requestExtensions;
+} TBSRequest;
+
+typedef struct {
+ X509_ALGOR *signatureAlgorithm;
+ ASN1_BIT_STRING *signature;
+ STACK_OF(X509) *certs;
+} Signature;
+
+typedef struct {
+ TBSRequest *tbsRequest;
+ Signature *optionalSignature;
+} OCSPRequest;
+
+typedef struct {
+ X509_ALGOR *hashAlgorithm;
+ ASN1_OCTET_STRING *issuerNameHash;
+ ASN1_OCTET_STRING *issuerKeyHash;
+ ASN1_INTEGER *certificateSerialNumber;
+} CertID;
+
+typedef struct {
+ CertID *reqCert;
+ STACK_OF(X509_EXTENSION) *singleRequestExtensions;
+} Request;
+
+/* Response structures */
+
+typedef struct {
+ ASN1_OBJECT *responseType;
+ ASN1_OCTET_STRING *response;
+} ResponseBytes;
+
+typedef struct {
+ ASN1_ENUMERATED *responseStatus;
+ ResponseBytes *responseBytes;
+} OCSPResponse;
+
+typedef struct {
+ int type;
+ union {
+ X509_NAME *byName;
+ ASN1_OCTET_STRING *byKey;
+ }d;
+} ResponderID;
+
+typedef struct {
+ ASN1_INTEGER *version;
+ ResponderID *responderID;
+ ASN1_GENERALIZEDTIME *producedAt;
+ STACK_OF(SingleResponse) *responses;
+ STACK_OF(X509_EXTENSION) *responseExtensions;
+} ResponseData;
+
+typedef struct {
+ ResponseData *tbsResponseData;
+ X509_ALGOR *signatureAlgorithm;
+ ASN1_BIT_STRING *signature;
+ STACK_OF(X509) *certs;
+} BasicOCSPResponse;
+
+typedef struct {
+ ASN1_GENERALIZEDTIME *revocationTime;
+ ASN1_ENUMERATED * revocationReason;
+} RevokedInfo;
+
+typedef struct {
+ int type;
+ union {
+ ASN1_NULL *good;
+ RevokedInfo *revoked;
+ ASN1_NULL *unknown;
+ } d;
+} CertStatus;
+
+typedef struct {
+ CertID *certID;
+ CertStatus *certStatus;
+ ASN1_GENERALIZEDTIME *thisUpdate;
+ ASN1_GENERALIZEDTIME *nextUpdate;
+ STACK_OF(X509_EXTENSION) *singleExtensions;
+} SingleResponse;
+
+
+typedef struct {
+ X509_NAME *issuer;
+ STACK_OF(ACCESS_DESCRIPTION) *locator;
+} ServiceLocator;
+
+
+/* Now the ASN1 templates */
+
+IMPLEMENT_COMPAT_ASN1(X509);
+IMPLEMENT_COMPAT_ASN1(X509_ALGOR);
+//IMPLEMENT_COMPAT_ASN1(X509_EXTENSION);
+IMPLEMENT_COMPAT_ASN1(GENERAL_NAME);
+IMPLEMENT_COMPAT_ASN1(X509_NAME);
+
+ASN1_SEQUENCE(X509_EXTENSION) = {
+ ASN1_SIMPLE(X509_EXTENSION, object, ASN1_OBJECT),
+ ASN1_OPT(X509_EXTENSION, critical, ASN1_BOOLEAN),
+ ASN1_SIMPLE(X509_EXTENSION, value, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(X509_EXTENSION);
+
+
+ASN1_SEQUENCE(Signature) = {
+ ASN1_SIMPLE(Signature, signatureAlgorithm, X509_ALGOR),
+ ASN1_SIMPLE(Signature, signature, ASN1_BIT_STRING),
+ ASN1_SEQUENCE_OF(Signature, certs, X509)
+} ASN1_SEQUENCE_END(Signature);
+
+ASN1_SEQUENCE(CertID) = {
+ ASN1_SIMPLE(CertID, hashAlgorithm, X509_ALGOR),
+ ASN1_SIMPLE(CertID, issuerNameHash, ASN1_OCTET_STRING),
+ ASN1_SIMPLE(CertID, issuerKeyHash, ASN1_OCTET_STRING),
+ ASN1_SIMPLE(CertID, certificateSerialNumber, ASN1_INTEGER)
+} ASN1_SEQUENCE_END(CertID);
+
+ASN1_SEQUENCE(Request) = {
+ ASN1_SIMPLE(Request, reqCert, CertID),
+ ASN1_EXP_SEQUENCE_OF_OPT(Request, singleRequestExtensions, X509_EXTENSION, 0)
+} ASN1_SEQUENCE_END(Request);
+
+ASN1_SEQUENCE(TBSRequest) = {
+ ASN1_EXP_OPT(TBSRequest, version, ASN1_INTEGER, 0),
+ ASN1_EXP_OPT(TBSRequest, requestorName, GENERAL_NAME, 1),
+ ASN1_SEQUENCE_OF(TBSRequest, requestList, Request),
+ ASN1_EXP_SEQUENCE_OF_OPT(TBSRequest, requestExtensions, X509_EXTENSION, 2)
+} ASN1_SEQUENCE_END(TBSRequest);
+
+ASN1_SEQUENCE(OCSPRequest) = {
+ ASN1_SIMPLE(OCSPRequest, tbsRequest, TBSRequest),
+ ASN1_EXP_OPT(OCSPRequest, optionalSignature, Signature, 0)
+} ASN1_SEQUENCE_END(OCSPRequest);
+
+
+/* Response templates */
+
+ASN1_SEQUENCE(ResponseBytes) = {
+ ASN1_SIMPLE(ResponseBytes, responseType, ASN1_OBJECT),
+ ASN1_SIMPLE(ResponseBytes, response, ASN1_OCTET_STRING)
+} ASN1_SEQUENCE_END(ResponseBytes);
+
+ASN1_SEQUENCE(OCSPResponse) = {
+ ASN1_SIMPLE(OCSPResponse, responseStatus, ASN1_ENUMERATED),
+ ASN1_EXP_OPT(OCSPResponse, responseBytes, ResponseBytes, 0)
+} ASN1_SEQUENCE_END(OCSPResponse);
+
+ASN1_CHOICE(ResponderID) = {
+ ASN1_EXP(ResponderID, d.byName, X509_NAME, 1),
+ ASN1_IMP(ResponderID, d.byKey, ASN1_OCTET_STRING, 2)
+} ASN1_CHOICE_END(ResponderID);
+
+ASN1_SEQUENCE(RevokedInfo) = {
+ ASN1_SIMPLE(RevokedInfo, revocationTime, ASN1_GENERALIZEDTIME),
+ ASN1_EXP_OPT(RevokedInfo, revocationReason, ASN1_ENUMERATED, 0)
+} ASN1_SEQUENCE_END(RevokedInfo);
+
+ASN1_CHOICE(CertStatus) = {
+ ASN1_IMP(CertStatus, d.good, ASN1_NULL, 0),
+ ASN1_IMP(CertStatus, d.revoked, RevokedInfo, 1),
+ ASN1_IMP(CertStatus, d.unknown, ASN1_NULL, 2)
+} ASN1_CHOICE_END(CertStatus);
+
+ASN1_SEQUENCE(SingleResponse) = {
+ ASN1_SIMPLE(SingleResponse, certID, CertID),
+ ASN1_SIMPLE(SingleResponse, certStatus, CertStatus),
+ ASN1_SIMPLE(SingleResponse, thisUpdate, ASN1_GENERALIZEDTIME),
+ ASN1_EXP_OPT(SingleResponse, nextUpdate, ASN1_GENERALIZEDTIME, 0),
+ ASN1_EXP_SEQUENCE_OF_OPT(SingleResponse, singleExtensions, X509_EXTENSION, 1)
+} ASN1_SEQUENCE_END(SingleResponse);
+
+ASN1_SEQUENCE(ResponseData) = {
+ ASN1_EXP_OPT(ResponseData, version, ASN1_INTEGER, 0),
+ ASN1_SIMPLE(ResponseData, responderID, ResponderID),
+ ASN1_SIMPLE(ResponseData, producedAt, ASN1_GENERALIZEDTIME),
+ ASN1_SEQUENCE_OF(ResponseData, responses, SingleResponse),
+ ASN1_EXP_SEQUENCE_OF_OPT(ResponseData, responseExtensions, X509_EXTENSION, 1)
+} ASN1_SEQUENCE_END(ResponseData);
+
+ASN1_SEQUENCE(BasicOCSPResponse) = {
+ ASN1_SIMPLE(BasicOCSPResponse, tbsResponseData, ResponseData),
+ ASN1_SIMPLE(BasicOCSPResponse, signatureAlgorithm, X509_ALGOR),
+ ASN1_SIMPLE(BasicOCSPResponse, signature, ASN1_BIT_STRING),
+ ASN1_EXP_SEQUENCE_OF_OPT(BasicOCSPResponse, certs, X509, 0)
+} ASN1_SEQUENCE_END(BasicOCSPResponse);
+
