diff options
| author | Jung-uk Kim <jkim@FreeBSD.org> | 2018-09-13 19:18:07 +0000 |
|---|---|---|
| committer | Jung-uk Kim <jkim@FreeBSD.org> | 2018-09-13 19:18:07 +0000 |
| commit | a43ce912fc025d11e1395506111f75fc194d7ba5 (patch) | |
| tree | 9794cf7720d75938ed0ea4f499c0dcd4b6eacdda /crypto/asn1 | |
| parent | 02be298e504b8554caca6dc85af450e1ea44d19d (diff) | |
| download | src-a43ce912fc025d11e1395506111f75fc194d7ba5.tar.gz src-a43ce912fc025d11e1395506111f75fc194d7ba5.zip | |
Import OpenSSL 1.1.1.vendor/openssl/1.1.1
Notes
Notes:
svn path=/vendor-crypto/openssl/dist/; revision=338658
svn path=/vendor-crypto/openssl/1.1.1/; revision=338659; tag=vendor/openssl/1.1.1
Diffstat (limited to 'crypto/asn1')
94 files changed, 4731 insertions, 15177 deletions
diff --git a/crypto/asn1/Makefile b/crypto/asn1/Makefile deleted file mode 100644 index fb3140c1d302..000000000000 --- a/crypto/asn1/Makefile +++ /dev/null @@ -1,933 +0,0 @@ -# -# OpenSSL/crypto/asn1/Makefile -# - -DIR= asn1 -TOP= ../.. -CC= cc -INCLUDES= -I.. -I$(TOP) -I../../include -CFLAG=-g -MAKEFILE= Makefile -AR= ar r - -CFLAGS= $(INCLUDES) $(CFLAG) - -GENERAL=Makefile README -TEST= -APPS= - -LIB=$(TOP)/libcrypto.a -LIBSRC= a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \ - a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c \ - a_enum.c a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \ - x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_bignum.c \ - x_long.c x_name.c x_x509.c x_x509a.c x_crl.c x_info.c x_spki.c nsseq.c \ - x_nx509.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\ - t_req.c t_x509.c t_x509a.c t_crl.c t_pkey.c t_spki.c t_bitst.c \ - tasn_new.c tasn_fre.c tasn_enc.c tasn_dec.c tasn_utl.c tasn_typ.c \ - tasn_prn.c ameth_lib.c \ - f_int.c f_string.c n_pkey.c \ - f_enum.c x_pkey.c a_bool.c x_exten.c bio_asn1.c bio_ndef.c asn_mime.c \ - asn1_gen.c asn1_par.c asn1_lib.c asn1_err.c a_bytes.c a_strnid.c \ - evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p8_pkey.c asn_moid.c -LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_gentm.o a_time.o a_int.o a_octet.o \ - a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \ - a_enum.o a_utf8.o a_sign.o a_digest.o a_verify.o a_mbstr.o a_strex.o \ - x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_bignum.o \ - x_long.o x_name.o x_x509.o x_x509a.o x_crl.o x_info.o x_spki.o nsseq.o \ - x_nx509.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \ - t_req.o t_x509.o t_x509a.o t_crl.o t_pkey.o t_spki.o t_bitst.o \ - tasn_new.o tasn_fre.o tasn_enc.o tasn_dec.o tasn_utl.o tasn_typ.o \ - tasn_prn.o ameth_lib.o \ - f_int.o f_string.o n_pkey.o \ - f_enum.o x_pkey.o a_bool.o x_exten.o bio_asn1.o bio_ndef.o asn_mime.o \ - asn1_gen.o asn1_par.o asn1_lib.o asn1_err.o a_bytes.o a_strnid.o \ - evp_asn1.o asn_pack.o p5_pbe.o p5_pbev2.o p8_pkey.o asn_moid.o - -SRC= $(LIBSRC) - -EXHEADER= asn1.h asn1_mac.h asn1t.h -HEADER= $(EXHEADER) asn1_locl.h - -ALL= $(GENERAL) $(SRC) $(HEADER) - -top: - (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all) - -test: test.c - cc -g -I../../include -c test.c - cc -g -I../../include -o test test.o -L../.. -lcrypto - -pk: pk.c - cc -g -I../../include -c pk.c - cc -g -I../../include -o pk pk.o -L../.. -lcrypto - -all: lib - -lib: $(LIBOBJ) - $(AR) $(LIB) $(LIBOBJ) - $(RANLIB) $(LIB) || echo Never mind. - @touch lib - -files: - $(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO - -links: - @$(PERL) $(TOP)/util/mklink.pl ../../include/openssl $(EXHEADER) - @$(PERL) $(TOP)/util/mklink.pl ../../test $(TEST) - @$(PERL) $(TOP)/util/mklink.pl ../../apps $(APPS) - -install: - @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... - @headerlist="$(EXHEADER)"; for i in $$headerlist ; \ - do \ - (cp $$i $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i; \ - chmod 644 $(INSTALL_PREFIX)$(INSTALLTOP)/include/openssl/$$i ); \ - done; - -tags: - ctags $(SRC) - -tests: - -lint: - lint -DLINT $(INCLUDES) $(SRC)>fluff - -update: depend - -depend: - @[ -n "$(MAKEDEPEND)" ] # should be set by top Makefile... - $(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC) - -dclean: - $(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new - mv -f Makefile.new $(MAKEFILE) - -clean: - rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff - - -# DO NOT DELETE THIS LINE -- make depend depends on it. - -a_bitstr.o: ../../e_os.h ../../include/openssl/asn1.h -a_bitstr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -a_bitstr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_bitstr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_bitstr.o: ../../include/openssl/opensslconf.h -a_bitstr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_bitstr.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_bitstr.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bitstr.c -a_bool.o: ../../e_os.h ../../include/openssl/asn1.h -a_bool.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -a_bool.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_bool.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_bool.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_bool.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_bool.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_bool.o: ../../include/openssl/symhacks.h ../cryptlib.h a_bool.c -a_bytes.o: ../../e_os.h ../../include/openssl/asn1.h -a_bytes.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -a_bytes.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_bytes.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_bytes.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_bytes.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_bytes.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_bytes.o: ../cryptlib.h a_bytes.c -a_d2i_fp.o: ../../e_os.h ../../include/openssl/asn1.h -a_d2i_fp.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -a_d2i_fp.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_d2i_fp.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_d2i_fp.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_d2i_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_d2i_fp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_d2i_fp.o: ../../include/openssl/symhacks.h ../cryptlib.h a_d2i_fp.c -a_digest.o: ../../e_os.h ../../include/openssl/asn1.h -a_digest.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -a_digest.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_digest.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -a_digest.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -a_digest.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -a_digest.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -a_digest.o: ../../include/openssl/opensslconf.h -a_digest.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_digest.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -a_digest.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -a_digest.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -a_digest.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_digest.c -a_dup.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_dup.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_dup.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_dup.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_dup.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_dup.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_dup.o: ../../include/openssl/symhacks.h ../cryptlib.h a_dup.c -a_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_enum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_enum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_enum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_enum.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_enum.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_enum.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_enum.o: ../cryptlib.h a_enum.c -a_gentm.o: ../../e_os.h ../../include/openssl/asn1.h -a_gentm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -a_gentm.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_gentm.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_gentm.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_gentm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_gentm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_gentm.o: ../cryptlib.h ../o_time.h a_gentm.c asn1_locl.h -a_i2d_fp.o: ../../e_os.h ../../include/openssl/asn1.h -a_i2d_fp.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -a_i2d_fp.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_i2d_fp.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_i2d_fp.o: ../../include/openssl/opensslconf.h -a_i2d_fp.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_i2d_fp.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_i2d_fp.o: ../../include/openssl/symhacks.h ../cryptlib.h a_i2d_fp.c -a_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_int.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_int.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_int.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_int.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_int.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_int.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_int.o: ../cryptlib.h a_int.c -a_mbstr.o: ../../e_os.h ../../include/openssl/asn1.h -a_mbstr.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -a_mbstr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_mbstr.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_mbstr.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_mbstr.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_mbstr.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_mbstr.o: ../cryptlib.h a_mbstr.c -a_object.o: ../../e_os.h ../../include/openssl/asn1.h -a_object.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_object.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_object.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_object.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -a_object.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -a_object.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_object.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_object.o: ../../include/openssl/symhacks.h ../cryptlib.h a_object.c -a_octet.o: ../../e_os.h ../../include/openssl/asn1.h -a_octet.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -a_octet.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_octet.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_octet.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_octet.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_octet.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_octet.o: ../cryptlib.h a_octet.c -a_print.o: ../../e_os.h ../../include/openssl/asn1.h -a_print.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -a_print.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_print.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_print.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_print.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_print.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_print.o: ../cryptlib.h a_print.c -a_set.o: ../../e_os.h ../../include/openssl/asn1.h -a_set.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -a_set.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_set.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_set.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_set.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_set.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_set.o: ../../include/openssl/symhacks.h ../cryptlib.h a_set.c -a_sign.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_sign.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -a_sign.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_sign.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -a_sign.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -a_sign.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -a_sign.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -a_sign.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_sign.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -a_sign.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -a_sign.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_sign.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -a_sign.o: ../cryptlib.h a_sign.c asn1_locl.h -a_strex.o: ../../e_os.h ../../include/openssl/asn1.h -a_strex.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -a_strex.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_strex.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -a_strex.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -a_strex.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -a_strex.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -a_strex.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_strex.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -a_strex.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -a_strex.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_strex.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -a_strex.o: ../cryptlib.h a_strex.c charmap.h -a_strnid.o: ../../e_os.h ../../include/openssl/asn1.h -a_strnid.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -a_strnid.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_strnid.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_strnid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -a_strnid.o: ../../include/openssl/opensslconf.h -a_strnid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_strnid.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_strnid.o: ../../include/openssl/symhacks.h ../cryptlib.h a_strnid.c -a_time.o: ../../e_os.h ../../include/openssl/asn1.h -a_time.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -a_time.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_time.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_time.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_time.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_time.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_time.o: ../../include/openssl/symhacks.h ../cryptlib.h ../o_time.h a_time.c -a_time.o: asn1_locl.h -a_type.o: ../../e_os.h ../../include/openssl/asn1.h -a_type.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -a_type.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_type.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_type.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -a_type.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -a_type.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_type.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_type.o: ../../include/openssl/symhacks.h ../cryptlib.h a_type.c -a_utctm.o: ../../e_os.h ../../include/openssl/asn1.h -a_utctm.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -a_utctm.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -a_utctm.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -a_utctm.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -a_utctm.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -a_utctm.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -a_utctm.o: ../cryptlib.h ../o_time.h a_utctm.c asn1_locl.h -a_utf8.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -a_utf8.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_utf8.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -a_utf8.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -a_utf8.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_utf8.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -a_utf8.o: ../../include/openssl/symhacks.h ../cryptlib.h a_utf8.c -a_verify.o: ../../e_os.h ../../include/openssl/asn1.h -a_verify.o: ../../include/openssl/bio.h ../../include/openssl/bn.h -a_verify.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -a_verify.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -a_verify.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -a_verify.o: ../../include/openssl/err.h ../../include/openssl/evp.h -a_verify.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -a_verify.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -a_verify.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -a_verify.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -a_verify.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -a_verify.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -a_verify.o: ../../include/openssl/x509_vfy.h ../cryptlib.h a_verify.c -a_verify.o: asn1_locl.h -ameth_lib.o: ../../e_os.h ../../include/openssl/asn1.h -ameth_lib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -ameth_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -ameth_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -ameth_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -ameth_lib.o: ../../include/openssl/engine.h ../../include/openssl/err.h -ameth_lib.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -ameth_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -ameth_lib.o: ../../include/openssl/opensslconf.h -ameth_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -ameth_lib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -ameth_lib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -ameth_lib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -ameth_lib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h ameth_lib.c -ameth_lib.o: asn1_locl.h -asn1_err.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -asn1_err.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -asn1_err.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -asn1_err.o: ../../include/openssl/opensslconf.h -asn1_err.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -asn1_err.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -asn1_err.o: ../../include/openssl/symhacks.h asn1_err.c -asn1_gen.o: ../../e_os.h ../../include/openssl/asn1.h -asn1_gen.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -asn1_gen.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -asn1_gen.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -asn1_gen.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -asn1_gen.o: ../../include/openssl/err.h ../../include/openssl/evp.h -asn1_gen.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -asn1_gen.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -asn1_gen.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -asn1_gen.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -asn1_gen.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -asn1_gen.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -asn1_gen.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -asn1_gen.o: ../cryptlib.h asn1_gen.c -asn1_lib.o: ../../e_os.h ../../include/openssl/asn1.h -asn1_lib.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -asn1_lib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -asn1_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -asn1_lib.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -asn1_lib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -asn1_lib.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -asn1_lib.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_lib.c -asn1_par.o: ../../e_os.h ../../include/openssl/asn1.h -asn1_par.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -asn1_par.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -asn1_par.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -asn1_par.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -asn1_par.o: ../../include/openssl/opensslconf.h -asn1_par.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -asn1_par.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -asn1_par.o: ../../include/openssl/symhacks.h ../cryptlib.h asn1_par.c -asn_mime.o: ../../e_os.h ../../include/openssl/asn1.h -asn_mime.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -asn_mime.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -asn_mime.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -asn_mime.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -asn_mime.o: ../../include/openssl/err.h ../../include/openssl/evp.h -asn_mime.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -asn_mime.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -asn_mime.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -asn_mime.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -asn_mime.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -asn_mime.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -asn_mime.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -asn_mime.o: ../cryptlib.h asn1_locl.h asn_mime.c -asn_moid.o: ../../e_os.h ../../include/openssl/asn1.h -asn_moid.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -asn_moid.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -asn_moid.o: ../../include/openssl/dso.h ../../include/openssl/e_os2.h -asn_moid.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -asn_moid.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -asn_moid.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -asn_moid.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -asn_moid.o: ../../include/openssl/opensslconf.h -asn_moid.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -asn_moid.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -asn_moid.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -asn_moid.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -asn_moid.o: ../../include/openssl/x509_vfy.h ../cryptlib.h asn_moid.c -asn_pack.o: ../../e_os.h ../../include/openssl/asn1.h -asn_pack.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -asn_pack.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -asn_pack.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -asn_pack.o: ../../include/openssl/opensslconf.h -asn_pack.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -asn_pack.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -asn_pack.o: ../../include/openssl/symhacks.h ../cryptlib.h asn_pack.c -bio_asn1.o: ../../include/openssl/asn1.h ../../include/openssl/bio.h -bio_asn1.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -bio_asn1.o: ../../include/openssl/opensslconf.h -bio_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -bio_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -bio_asn1.o: ../../include/openssl/symhacks.h bio_asn1.c -bio_ndef.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -bio_ndef.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -bio_ndef.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -bio_ndef.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -bio_ndef.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -bio_ndef.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -bio_ndef.o: ../../include/openssl/symhacks.h bio_ndef.c -d2i_pr.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -d2i_pr.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -d2i_pr.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -d2i_pr.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -d2i_pr.o: ../../include/openssl/ecdsa.h ../../include/openssl/engine.h -d2i_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h -d2i_pr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -d2i_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -d2i_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -d2i_pr.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -d2i_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -d2i_pr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -d2i_pr.o: ../../include/openssl/x509_vfy.h ../cryptlib.h asn1_locl.h d2i_pr.c -d2i_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -d2i_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -d2i_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h -d2i_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -d2i_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h -d2i_pu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -d2i_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -d2i_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -d2i_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -d2i_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -d2i_pu.o: ../cryptlib.h d2i_pu.c -evp_asn1.o: ../../e_os.h ../../include/openssl/asn1.h -evp_asn1.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -evp_asn1.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -evp_asn1.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -evp_asn1.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -evp_asn1.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -evp_asn1.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -evp_asn1.o: ../../include/openssl/symhacks.h ../cryptlib.h evp_asn1.c -f_enum.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -f_enum.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -f_enum.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -f_enum.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -f_enum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -f_enum.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -f_enum.o: ../../include/openssl/symhacks.h ../cryptlib.h f_enum.c -f_int.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -f_int.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -f_int.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -f_int.o: ../../include/openssl/lhash.h ../../include/openssl/opensslconf.h -f_int.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -f_int.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -f_int.o: ../../include/openssl/symhacks.h ../cryptlib.h f_int.c -f_string.o: ../../e_os.h ../../include/openssl/asn1.h -f_string.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -f_string.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -f_string.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -f_string.o: ../../include/openssl/opensslconf.h -f_string.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -f_string.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -f_string.o: ../../include/openssl/symhacks.h ../cryptlib.h f_string.c -i2d_pr.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -i2d_pr.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -i2d_pr.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -i2d_pr.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -i2d_pr.o: ../../include/openssl/err.h ../../include/openssl/evp.h -i2d_pr.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -i2d_pr.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -i2d_pr.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -i2d_pr.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -i2d_pr.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -i2d_pr.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -i2d_pr.o: ../../include/openssl/x509_vfy.h ../cryptlib.h asn1_locl.h i2d_pr.c -i2d_pu.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -i2d_pu.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -i2d_pu.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h -i2d_pu.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -i2d_pu.o: ../../include/openssl/err.h ../../include/openssl/evp.h -i2d_pu.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -i2d_pu.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -i2d_pu.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -i2d_pu.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -i2d_pu.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -i2d_pu.o: ../cryptlib.h i2d_pu.c -n_pkey.o: ../../e_os.h ../../include/openssl/asn1.h -n_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/asn1t.h -n_pkey.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -n_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -n_pkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -n_pkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -n_pkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -n_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -n_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -n_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -n_pkey.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -n_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -n_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -n_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h n_pkey.c -nsseq.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -nsseq.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -nsseq.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -nsseq.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -nsseq.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h -nsseq.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -nsseq.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -nsseq.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -nsseq.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -nsseq.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -nsseq.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -nsseq.o: ../../include/openssl/x509_vfy.h nsseq.c -p5_pbe.o: ../../e_os.h ../../include/openssl/asn1.h -p5_pbe.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -p5_pbe.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -p5_pbe.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -p5_pbe.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -p5_pbe.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p5_pbe.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -p5_pbe.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p5_pbe.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p5_pbe.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -p5_pbe.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p5_pbe.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p5_pbe.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p5_pbe.o: ../cryptlib.h p5_pbe.c -p5_pbev2.o: ../../e_os.h ../../include/openssl/asn1.h -p5_pbev2.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -p5_pbev2.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -p5_pbev2.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -p5_pbev2.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -p5_pbev2.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p5_pbev2.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -p5_pbev2.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p5_pbev2.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p5_pbev2.o: ../../include/openssl/pkcs7.h ../../include/openssl/rand.h -p5_pbev2.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -p5_pbev2.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -p5_pbev2.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -p5_pbev2.o: ../cryptlib.h p5_pbev2.c -p8_pkey.o: ../../e_os.h ../../include/openssl/asn1.h -p8_pkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -p8_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -p8_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -p8_pkey.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -p8_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h -p8_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -p8_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -p8_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -p8_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -p8_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -p8_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -p8_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h p8_pkey.c -t_bitst.o: ../../e_os.h ../../include/openssl/asn1.h -t_bitst.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -t_bitst.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -t_bitst.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -t_bitst.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -t_bitst.o: ../../include/openssl/err.h ../../include/openssl/evp.h -t_bitst.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -t_bitst.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -t_bitst.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -t_bitst.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -t_bitst.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_bitst.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -t_bitst.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -t_bitst.o: ../cryptlib.h t_bitst.c -t_crl.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -t_crl.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -t_crl.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -t_crl.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -t_crl.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -t_crl.o: ../../include/openssl/err.h ../../include/openssl/evp.h -t_crl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -t_crl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -t_crl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -t_crl.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -t_crl.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_crl.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -t_crl.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -t_crl.o: ../cryptlib.h t_crl.c -t_pkey.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -t_pkey.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -t_pkey.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -t_pkey.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -t_pkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -t_pkey.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -t_pkey.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -t_pkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -t_pkey.o: ../cryptlib.h t_pkey.c -t_req.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -t_req.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -t_req.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -t_req.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -t_req.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -t_req.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -t_req.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -t_req.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -t_req.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -t_req.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -t_req.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -t_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -t_req.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -t_req.o: ../cryptlib.h t_req.c -t_spki.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -t_spki.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -t_spki.o: ../../include/openssl/crypto.h ../../include/openssl/dsa.h -t_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -t_spki.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -t_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h -t_spki.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -t_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -t_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -t_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h -t_spki.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -t_spki.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -t_spki.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -t_spki.o: ../cryptlib.h t_spki.c -t_x509.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -t_x509.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -t_x509.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h -t_x509.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -t_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -t_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -t_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -t_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -t_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -t_x509.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -t_x509.o: ../../include/openssl/rsa.h ../../include/openssl/safestack.h -t_x509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -t_x509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -t_x509.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -t_x509.o: ../cryptlib.h asn1_locl.h t_x509.c -t_x509a.o: ../../e_os.h ../../include/openssl/asn1.h -t_x509a.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -t_x509a.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -t_x509a.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -t_x509a.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -t_x509a.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -t_x509a.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -t_x509a.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -t_x509a.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -t_x509a.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -t_x509a.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -t_x509a.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -t_x509a.o: ../cryptlib.h t_x509a.c -tasn_dec.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -tasn_dec.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -tasn_dec.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -tasn_dec.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -tasn_dec.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -tasn_dec.o: ../../include/openssl/opensslconf.h -tasn_dec.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tasn_dec.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -tasn_dec.o: ../../include/openssl/symhacks.h tasn_dec.c -tasn_enc.o: ../../e_os.h ../../include/openssl/asn1.h -tasn_enc.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -tasn_enc.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -tasn_enc.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -tasn_enc.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -tasn_enc.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -tasn_enc.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tasn_enc.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -tasn_enc.o: ../../include/openssl/symhacks.h ../cryptlib.h tasn_enc.c -tasn_fre.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -tasn_fre.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -tasn_fre.o: ../../include/openssl/e_os2.h ../../include/openssl/obj_mac.h -tasn_fre.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -tasn_fre.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tasn_fre.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -tasn_fre.o: ../../include/openssl/symhacks.h asn1_int.h tasn_fre.c -tasn_new.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -tasn_new.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -tasn_new.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -tasn_new.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -tasn_new.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -tasn_new.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tasn_new.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -tasn_new.o: ../../include/openssl/symhacks.h asn1_int.h tasn_new.c -tasn_prn.o: ../../e_os.h ../../include/openssl/asn1.h -tasn_prn.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -tasn_prn.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h -tasn_prn.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -tasn_prn.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -tasn_prn.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -tasn_prn.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -tasn_prn.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -tasn_prn.o: ../../include/openssl/opensslconf.h -tasn_prn.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tasn_prn.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -tasn_prn.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -tasn_prn.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -tasn_prn.o: ../../include/openssl/x509_vfy.h ../../include/openssl/x509v3.h -tasn_prn.o: ../cryptlib.h asn1_locl.h tasn_prn.c -tasn_typ.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -tasn_typ.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -tasn_typ.o: ../../include/openssl/e_os2.h ../../include/openssl/opensslconf.h -tasn_typ.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tasn_typ.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -tasn_typ.o: ../../include/openssl/symhacks.h tasn_typ.c -tasn_utl.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -tasn_utl.o: ../../include/openssl/bio.h ../../include/openssl/crypto.h -tasn_utl.o: ../../include/openssl/e_os2.h ../../include/openssl/err.h -tasn_utl.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -tasn_utl.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -tasn_utl.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -tasn_utl.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -tasn_utl.o: ../../include/openssl/symhacks.h tasn_utl.c -x_algor.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -x_algor.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -x_algor.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -x_algor.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -x_algor.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h -x_algor.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -x_algor.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_algor.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_algor.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -x_algor.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_algor.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x_algor.o: ../../include/openssl/x509_vfy.h x_algor.c -x_attrib.o: ../../e_os.h ../../include/openssl/asn1.h -x_attrib.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_attrib.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -x_attrib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -x_attrib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -x_attrib.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_attrib.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -x_attrib.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_attrib.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_attrib.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -x_attrib.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_attrib.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x_attrib.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_attrib.c -x_bignum.o: ../../e_os.h ../../include/openssl/asn1.h -x_bignum.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_bignum.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x_bignum.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -x_bignum.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -x_bignum.o: ../../include/openssl/opensslconf.h -x_bignum.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_bignum.o: ../../include/openssl/safestack.h ../../include/openssl/stack.h -x_bignum.o: ../../include/openssl/symhacks.h ../cryptlib.h x_bignum.c -x_crl.o: ../../e_os.h ../../include/openssl/asn1.h -x_crl.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_crl.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h -x_crl.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -x_crl.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -x_crl.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -x_crl.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -x_crl.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_crl.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_crl.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x_crl.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x_crl.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_crl.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x_crl.o: ../../include/openssl/x509v3.h ../cryptlib.h asn1_locl.h x_crl.c -x_exten.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -x_exten.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -x_exten.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -x_exten.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -x_exten.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h -x_exten.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -x_exten.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_exten.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_exten.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -x_exten.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_exten.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x_exten.o: ../../include/openssl/x509_vfy.h x_exten.c -x_info.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h -x_info.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -x_info.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -x_info.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -x_info.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_info.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -x_info.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_info.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_info.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -x_info.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_info.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x_info.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_info.c -x_long.o: ../../e_os.h ../../include/openssl/asn1.h -x_long.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_long.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h -x_long.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -x_long.o: ../../include/openssl/err.h ../../include/openssl/lhash.h -x_long.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_long.o: ../../include/openssl/ossl_typ.h ../../include/openssl/safestack.h -x_long.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_long.o: ../cryptlib.h x_long.c -x_name.o: ../../e_os.h ../../include/openssl/asn1.h -x_name.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_name.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -x_name.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -x_name.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -x_name.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_name.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -x_name.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_name.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_name.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -x_name.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_name.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x_name.o: ../../include/openssl/x509_vfy.h ../cryptlib.h asn1_locl.h x_name.c -x_nx509.o: ../../include/openssl/asn1.h ../../include/openssl/asn1t.h -x_nx509.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h -x_nx509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -x_nx509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -x_nx509.o: ../../include/openssl/ecdsa.h ../../include/openssl/evp.h -x_nx509.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -x_nx509.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_nx509.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_nx509.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -x_nx509.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_nx509.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x_nx509.o: ../../include/openssl/x509_vfy.h x_nx509.c -x_pkey.o: ../../e_os.h ../../include/openssl/asn1.h -x_pkey.o: ../../include/openssl/asn1_mac.h ../../include/openssl/bio.h -x_pkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -x_pkey.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -x_pkey.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -x_pkey.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_pkey.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -x_pkey.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_pkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_pkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -x_pkey.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_pkey.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x_pkey.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_pkey.c -x_pubkey.o: ../../e_os.h ../../include/openssl/asn1.h -x_pubkey.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_pubkey.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -x_pubkey.o: ../../include/openssl/dsa.h ../../include/openssl/e_os2.h -x_pubkey.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -x_pubkey.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -x_pubkey.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -x_pubkey.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_pubkey.o: ../../include/openssl/opensslconf.h -x_pubkey.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_pubkey.o: ../../include/openssl/pkcs7.h ../../include/openssl/rsa.h -x_pubkey.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x_pubkey.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_pubkey.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x_pubkey.o: ../cryptlib.h asn1_locl.h x_pubkey.c -x_req.o: ../../e_os.h ../../include/openssl/asn1.h -x_req.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_req.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -x_req.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -x_req.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -x_req.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_req.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -x_req.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_req.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_req.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -x_req.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_req.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x_req.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_req.c -x_sig.o: ../../e_os.h ../../include/openssl/asn1.h -x_sig.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_sig.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -x_sig.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -x_sig.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -x_sig.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_sig.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -x_sig.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_sig.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_sig.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -x_sig.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_sig.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x_sig.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_sig.c -x_spki.o: ../../e_os.h ../../include/openssl/asn1.h -x_spki.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_spki.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -x_spki.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -x_spki.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -x_spki.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_spki.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -x_spki.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_spki.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_spki.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -x_spki.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_spki.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x_spki.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_spki.c -x_val.o: ../../e_os.h ../../include/openssl/asn1.h -x_val.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_val.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -x_val.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -x_val.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -x_val.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_val.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -x_val.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_val.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_val.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -x_val.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_val.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x_val.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_val.c -x_x509.o: ../../e_os.h ../../include/openssl/asn1.h -x_x509.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_x509.o: ../../include/openssl/buffer.h ../../include/openssl/conf.h -x_x509.o: ../../include/openssl/crypto.h ../../include/openssl/e_os2.h -x_x509.o: ../../include/openssl/ec.h ../../include/openssl/ecdh.h -x_x509.o: ../../include/openssl/ecdsa.h ../../include/openssl/err.h -x_x509.o: ../../include/openssl/evp.h ../../include/openssl/lhash.h -x_x509.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h -x_x509.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h -x_x509.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pkcs7.h -x_x509.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h -x_x509.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h -x_x509.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h -x_x509.o: ../../include/openssl/x509v3.h ../cryptlib.h x_x509.c -x_x509a.o: ../../e_os.h ../../include/openssl/asn1.h -x_x509a.o: ../../include/openssl/asn1t.h ../../include/openssl/bio.h -x_x509a.o: ../../include/openssl/buffer.h ../../include/openssl/crypto.h -x_x509a.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h -x_x509a.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h -x_x509a.o: ../../include/openssl/err.h ../../include/openssl/evp.h -x_x509a.o: ../../include/openssl/lhash.h ../../include/openssl/obj_mac.h -x_x509a.o: ../../include/openssl/objects.h ../../include/openssl/opensslconf.h -x_x509a.o: ../../include/openssl/opensslv.h ../../include/openssl/ossl_typ.h -x_x509a.o: ../../include/openssl/pkcs7.h ../../include/openssl/safestack.h -x_x509a.o: ../../include/openssl/sha.h ../../include/openssl/stack.h -x_x509a.o: ../../include/openssl/symhacks.h ../../include/openssl/x509.h -x_x509a.o: ../../include/openssl/x509_vfy.h ../cryptlib.h x_x509a.c diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c index 0c8bb144a099..bffbd160a233 100644 --- a/crypto/asn1/a_bitstr.c +++ b/crypto/asn1/a_bitstr.c @@ -1,69 +1,21 @@ -/* crypto/asn1/a_bitstr.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <limits.h> #include <stdio.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/asn1.h> +#include "asn1_locl.h" int ASN1_BIT_STRING_set(ASN1_BIT_STRING *x, unsigned char *d, int len) { - return M_ASN1_BIT_STRING_set(x, d, len); + return ASN1_STRING_set(x, d, len); } int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp) @@ -72,7 +24,7 @@ int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp) unsigned char *p, *d; if (a == NULL) - return (0); + return 0; len = a->length; @@ -109,7 +61,7 @@ int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp) ret = 1 + len; if (pp == NULL) - return (ret); + return ret; p = *pp; @@ -121,7 +73,7 @@ int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp) p[-1] &= (0xff << bits); } *pp = p; - return (ret); + return ret; } ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, @@ -143,8 +95,8 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, } if ((a == NULL) || ((*a) == NULL)) { - if ((ret = M_ASN1_BIT_STRING_new()) == NULL) - return (NULL); + if ((ret = ASN1_BIT_STRING_new()) == NULL) + return NULL; } else ret = (*a); @@ -162,7 +114,7 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, ret->flags |= (ASN1_STRING_FLAG_BITS_LEFT | i); /* set */ if (len-- > 1) { /* using one because of the bits left byte */ - s = (unsigned char *)OPENSSL_malloc((int)len); + s = OPENSSL_malloc((int)len); if (s == NULL) { i = ERR_R_MALLOC_FAILURE; goto err; @@ -174,23 +126,22 @@ ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, s = NULL; ret->length = (int)len; - if (ret->data != NULL) - OPENSSL_free(ret->data); + OPENSSL_free(ret->data); ret->data = s; ret->type = V_ASN1_BIT_STRING; if (a != NULL) (*a) = ret; *pp = p; - return (ret); + return ret; err: ASN1err(ASN1_F_C2I_ASN1_BIT_STRING, i); - if ((ret != NULL) && ((a == NULL) || (*a != ret))) - M_ASN1_BIT_STRING_free(ret); - return (NULL); + if ((a == NULL) || (*a != ret)) + ASN1_BIT_STRING_free(ret); + return NULL; } /* - * These next 2 functions from Goetz Babin-Ebell <babinebell@trustcenter.de> + * These next 2 functions from Goetz Babin-Ebell. */ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) { @@ -210,12 +161,8 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) if ((a->length < (w + 1)) || (a->data == NULL)) { if (!value) - return (1); /* Don't need to set */ - if (a->data == NULL) - c = (unsigned char *)OPENSSL_malloc(w + 1); - else - c = (unsigned char *)OPENSSL_realloc_clean(a->data, - a->length, w + 1); + return 1; /* Don't need to set */ + c = OPENSSL_clear_realloc(a->data, a->length, w + 1); if (c == NULL) { ASN1err(ASN1_F_ASN1_BIT_STRING_SET_BIT, ERR_R_MALLOC_FAILURE); return 0; @@ -228,17 +175,17 @@ int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value) a->data[w] = ((a->data[w]) & iv) | v; while ((a->length > 0) && (a->data[a->length - 1] == 0)) a->length--; - return (1); + return 1; } -int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n) +int ASN1_BIT_STRING_get_bit(const ASN1_BIT_STRING *a, int n) { int w, v; w = n / 8; v = 1 << (7 - (n & 0x07)); if ((a == NULL) || (a->length < (w + 1)) || (a->data == NULL)) - return (0); + return 0; return ((a->data[w] & v) != 0); } @@ -248,8 +195,8 @@ int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n) * which is not specified in 'flags', 1 otherwise. * 'len' is the length of 'flags'. */ -int ASN1_BIT_STRING_check(ASN1_BIT_STRING *a, - unsigned char *flags, int flags_len) +int ASN1_BIT_STRING_check(const ASN1_BIT_STRING *a, + const unsigned char *flags, int flags_len) { int i, ok; /* Check if there is one bit set at all. */ diff --git a/crypto/asn1/a_bool.c b/crypto/asn1/a_bool.c deleted file mode 100644 index 1b85bc9e61cd..000000000000 --- a/crypto/asn1/a_bool.c +++ /dev/null @@ -1,111 +0,0 @@ -/* crypto/asn1/a_bool.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/asn1t.h> - -int i2d_ASN1_BOOLEAN(int a, unsigned char **pp) -{ - int r; - unsigned char *p; - - r = ASN1_object_size(0, 1, V_ASN1_BOOLEAN); - if (pp == NULL) - return (r); - p = *pp; - - ASN1_put_object(&p, 0, 1, V_ASN1_BOOLEAN, V_ASN1_UNIVERSAL); - *(p++) = (unsigned char)a; - *pp = p; - return (r); -} - -int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length) -{ - int ret = -1; - const unsigned char *p; - long len; - int inf, tag, xclass; - int i = 0; - - p = *pp; - inf = ASN1_get_object(&p, &len, &tag, &xclass, length); - if (inf & 0x80) { - i = ASN1_R_BAD_OBJECT_HEADER; - goto err; - } - - if (tag != V_ASN1_BOOLEAN) { - i = ASN1_R_EXPECTING_A_BOOLEAN; - goto err; - } - - if (len != 1) { - i = ASN1_R_BOOLEAN_IS_WRONG_LENGTH; - goto err; - } - ret = (int)*(p++); - if (a != NULL) - (*a) = ret; - *pp = p; - return (ret); - err: - ASN1err(ASN1_F_D2I_ASN1_BOOLEAN, i); - return (ret); -} diff --git a/crypto/asn1/a_bytes.c b/crypto/asn1/a_bytes.c deleted file mode 100644 index 65e5394664a4..000000000000 --- a/crypto/asn1/a_bytes.c +++ /dev/null @@ -1,334 +0,0 @@ -/* crypto/asn1/a_bytes.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/asn1.h> - -static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c, - int depth); -static ASN1_STRING *int_d2i_ASN1_bytes(ASN1_STRING **a, - const unsigned char **pp, long length, - int Ptag, int Pclass, int depth, - int *perr); -/* - * type is a 'bitmap' of acceptable string types. - */ -ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp, - long length, int type) -{ - ASN1_STRING *ret = NULL; - const unsigned char *p; - unsigned char *s; - long len; - int inf, tag, xclass; - int i = 0; - - p = *pp; - inf = ASN1_get_object(&p, &len, &tag, &xclass, length); - if (inf & 0x80) - goto err; - - if (tag >= 32) { - i = ASN1_R_TAG_VALUE_TOO_HIGH; - goto err; - } - if (!(ASN1_tag2bit(tag) & type)) { - i = ASN1_R_WRONG_TYPE; - goto err; - } - - /* If a bit-string, exit early */ - if (tag == V_ASN1_BIT_STRING) - return (d2i_ASN1_BIT_STRING(a, pp, length)); - - if ((a == NULL) || ((*a) == NULL)) { - if ((ret = ASN1_STRING_new()) == NULL) - return (NULL); - } else - ret = (*a); - - if (len != 0) { - s = OPENSSL_malloc((int)len + 1); - if (s == NULL) { - i = ERR_R_MALLOC_FAILURE; - goto err; - } - memcpy(s, p, (int)len); - s[len] = '\0'; - p += len; - } else - s = NULL; - - if (ret->data != NULL) - OPENSSL_free(ret->data); - ret->length = (int)len; - ret->data = s; - ret->type = tag; - if (a != NULL) - (*a) = ret; - *pp = p; - return (ret); - err: - ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES, i); - if ((ret != NULL) && ((a == NULL) || (*a != ret))) - ASN1_STRING_free(ret); - return (NULL); -} - -int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass) -{ - int ret, r, constructed; - unsigned char *p; - - if (a == NULL) - return (0); - - if (tag == V_ASN1_BIT_STRING) - return (i2d_ASN1_BIT_STRING(a, pp)); - - ret = a->length; - r = ASN1_object_size(0, ret, tag); - if (pp == NULL) - return (r); - p = *pp; - - if ((tag == V_ASN1_SEQUENCE) || (tag == V_ASN1_SET)) - constructed = 1; - else - constructed = 0; - ASN1_put_object(&p, constructed, ret, tag, xclass); - memcpy(p, a->data, a->length); - p += a->length; - *pp = p; - return (r); -} - -/* - * Maximum recursion depth of d2i_ASN1_bytes(): much more than should be - * encountered in pratice. - */ - -#define ASN1_BYTES_MAXDEPTH 20 - -ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp, - long length, int Ptag, int Pclass) -{ - int err = 0; - ASN1_STRING *s = int_d2i_ASN1_bytes(a, pp, length, Ptag, Pclass, 0, &err); - if (err != 0) - ASN1err(ASN1_F_D2I_ASN1_BYTES, err); - return s; -} - -static ASN1_STRING *int_d2i_ASN1_bytes(ASN1_STRING **a, - const unsigned char **pp, long length, - int Ptag, int Pclass, - int depth, int *perr) -{ - ASN1_STRING *ret = NULL; - const unsigned char *p; - unsigned char *s; - long len; - int inf, tag, xclass; - - if (depth > ASN1_BYTES_MAXDEPTH) { - *perr = ASN1_R_NESTED_ASN1_STRING; - return NULL; - } - - if ((a == NULL) || ((*a) == NULL)) { - if ((ret = ASN1_STRING_new()) == NULL) - return (NULL); - } else - ret = (*a); - - p = *pp; - inf = ASN1_get_object(&p, &len, &tag, &xclass, length); - if (inf & 0x80) { - *perr = ASN1_R_BAD_OBJECT_HEADER; - goto err; - } - - if (tag != Ptag) { - *perr = ASN1_R_WRONG_TAG; - goto err; - } - - if (inf & V_ASN1_CONSTRUCTED) { - ASN1_const_CTX c; - - c.error = 0; - c.pp = pp; - c.p = p; - c.inf = inf; - c.slen = len; - c.tag = Ptag; - c.xclass = Pclass; - c.max = (length == 0) ? 0 : (p + length); - if (!asn1_collate_primitive(ret, &c, depth)) { - *perr = c.error; - goto err; - } else { - p = c.p; - } - } else { - if (len != 0) { - if ((ret->length < len) || (ret->data == NULL)) { - s = OPENSSL_malloc((int)len + 1); - if (s == NULL) { - *perr = ERR_R_MALLOC_FAILURE; - goto err; - } - if (ret->data != NULL) - OPENSSL_free(ret->data); - } else - s = ret->data; - memcpy(s, p, (int)len); - s[len] = '\0'; - p += len; - } else { - s = NULL; - if (ret->data != NULL) - OPENSSL_free(ret->data); - } - - ret->length = (int)len; - ret->data = s; - ret->type = Ptag; - } - - if (a != NULL) - (*a) = ret; - *pp = p; - return (ret); - err: - if ((ret != NULL) && ((a == NULL) || (*a != ret))) - ASN1_STRING_free(ret); - return (NULL); -} - -/* - * We are about to parse 0..n d2i_ASN1_bytes objects, we are to collapse them - * into the one structure that is then returned - */ -/* - * There have been a few bug fixes for this function from Paul Keogh - * <paul.keogh@sse.ie>, many thanks to him - */ -static int asn1_collate_primitive(ASN1_STRING *a, ASN1_const_CTX *c, - int depth) -{ - ASN1_STRING *os = NULL; - BUF_MEM b; - int num; - - b.length = 0; - b.max = 0; - b.data = NULL; - - if (a == NULL) { - c->error = ERR_R_PASSED_NULL_PARAMETER; - goto err; - } - - num = 0; - for (;;) { - if (c->inf & 1) { - c->eos = ASN1_const_check_infinite_end(&c->p, - (long)(c->max - c->p)); - if (c->eos) - break; - } else { - if (c->slen <= 0) - break; - } - - c->q = c->p; - if (int_d2i_ASN1_bytes(&os, &c->p, c->max - c->p, c->tag, c->xclass, - depth + 1, &c->error) == NULL) { - goto err; - } - - if (!BUF_MEM_grow_clean(&b, num + os->length)) { - c->error = ERR_R_BUF_LIB; - goto err; - } - memcpy(&(b.data[num]), os->data, os->length); - if (!(c->inf & 1)) - c->slen -= (c->p - c->q); - num += os->length; - } - - if (!asn1_const_Finish(c)) - goto err; - - a->length = num; - if (a->data != NULL) - OPENSSL_free(a->data); - a->data = (unsigned char *)b.data; - if (os != NULL) - ASN1_STRING_free(os); - return (1); - err: - if (os != NULL) - ASN1_STRING_free(os); - if (b.data != NULL) - OPENSSL_free(b.data); - return (0); -} diff --git a/crypto/asn1/a_d2i_fp.c b/crypto/asn1/a_d2i_fp.c index 51b6f245ab10..a1a17901b8f8 100644 --- a/crypto/asn1/a_d2i_fp.c +++ b/crypto/asn1/a_d2i_fp.c @@ -1,71 +1,22 @@ -/* crypto/asn1/a_d2i_fp.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> #include <limits.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" +#include "internal/numbers.h" #include <openssl/buffer.h> -#include <openssl/asn1_mac.h> - -static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb); +#include <openssl/asn1.h> +#include "internal/asn1_int.h" #ifndef NO_OLD_ASN1 -# ifndef OPENSSL_NO_FP_API +# ifndef OPENSSL_NO_STDIO void *ASN1_d2i_fp(void *(*xnew) (void), d2i_of_void *d2i, FILE *in, void **x) { @@ -74,12 +25,12 @@ void *ASN1_d2i_fp(void *(*xnew) (void), d2i_of_void *d2i, FILE *in, void **x) if ((b = BIO_new(BIO_s_file())) == NULL) { ASN1err(ASN1_F_ASN1_D2I_FP, ERR_R_BUF_LIB); - return (NULL); + return NULL; } BIO_set_fp(b, in, BIO_NOCLOSE); ret = ASN1_d2i_bio(xnew, d2i, b, x); BIO_free(b); - return (ret); + return ret; } # endif @@ -97,9 +48,8 @@ void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x) p = (unsigned char *)b->data; ret = d2i(x, &p, len); err: - if (b != NULL) - BUF_MEM_free(b); - return (ret); + BUF_MEM_free(b); + return ret; } #endif @@ -118,12 +68,11 @@ void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x) p = (const unsigned char *)b->data; ret = ASN1_item_d2i(x, &p, len, it); err: - if (b != NULL) - BUF_MEM_free(b); - return (ret); + BUF_MEM_free(b); + return ret; } -#ifndef OPENSSL_NO_FP_API +#ifndef OPENSSL_NO_STDIO void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x) { BIO *b; @@ -131,28 +80,31 @@ void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x) if ((b = BIO_new(BIO_s_file())) == NULL) { ASN1err(ASN1_F_ASN1_ITEM_D2I_FP, ERR_R_BUF_LIB); - return (NULL); + return NULL; } BIO_set_fp(b, in, BIO_NOCLOSE); ret = ASN1_item_d2i_bio(it, b, x); BIO_free(b); - return (ret); + return ret; } #endif #define HEADER_SIZE 8 #define ASN1_CHUNK_INITIAL_SIZE (16 * 1024) -static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) +int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) { BUF_MEM *b; unsigned char *p; int i; - ASN1_const_CTX c; size_t want = HEADER_SIZE; - int eos = 0; + uint32_t eos = 0; size_t off = 0; size_t len = 0; + const unsigned char *q; + long slen; + int inf, tag, xclass; + b = BUF_MEM_new(); if (b == NULL) { ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ERR_R_MALLOC_FAILURE); @@ -184,10 +136,9 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) /* else data already loaded */ p = (unsigned char *)&(b->data[off]); - c.p = p; - c.inf = ASN1_get_object(&(c.p), &(c.slen), &(c.tag), &(c.xclass), - len - off); - if (c.inf & 0x80) { + q = p; + inf = ASN1_get_object(&q, &slen, &tag, &xclass, len - off); + if (inf & 0x80) { unsigned long e; e = ERR_GET_REASON(ERR_peek_error()); @@ -196,27 +147,27 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) else ERR_clear_error(); /* clear error */ } - i = c.p - p; /* header length */ + i = q - p; /* header length */ off += i; /* end of data */ - if (c.inf & 1) { + if (inf & 1) { /* no data body so go round again */ - eos++; - if (eos < 0) { + if (eos == UINT32_MAX) { ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_HEADER_TOO_LONG); goto err; } + eos++; want = HEADER_SIZE; - } else if (eos && (c.slen == 0) && (c.tag == V_ASN1_EOC)) { + } else if (eos && (slen == 0) && (tag == V_ASN1_EOC)) { /* eos value, so go back and read another header */ eos--; - if (eos <= 0) + if (eos == 0) break; else want = HEADER_SIZE; } else { - /* suck in c.slen bytes of data */ - want = c.slen; + /* suck in slen bytes of data */ + want = slen; if (want > (len - off)) { size_t chunk_max = ASN1_CHUNK_INITIAL_SIZE; @@ -258,12 +209,12 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) chunk_max *= 2; } } - if (off + c.slen < off) { + if (off + slen < off) { ASN1err(ASN1_F_ASN1_D2I_READ_BIO, ASN1_R_TOO_LONG); goto err; } - off += c.slen; - if (eos <= 0) { + off += slen; + if (eos == 0) { break; } else want = HEADER_SIZE; @@ -278,7 +229,6 @@ static int asn1_d2i_read_bio(BIO *in, BUF_MEM **pb) *pb = b; return off; err: - if (b != NULL) - BUF_MEM_free(b); + BUF_MEM_free(b); return -1; } diff --git a/crypto/asn1/a_digest.c b/crypto/asn1/a_digest.c index 57a04f768ca0..f4cc1f2e0eaa 100644 --- a/crypto/asn1/a_digest.c +++ b/crypto/asn1/a_digest.c @@ -1,69 +1,17 @@ -/* crypto/asn1/a_digest.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> #include <time.h> +#include <sys/types.h> -#include "cryptlib.h" - -#ifndef NO_SYS_TYPES_H -# include <sys/types.h> -#endif +#include "internal/cryptlib.h" #include <openssl/err.h> #include <openssl/evp.h> @@ -79,9 +27,9 @@ int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data, unsigned char *str, *p; i = i2d(data, NULL); - if ((str = (unsigned char *)OPENSSL_malloc(i)) == NULL) { + if ((str = OPENSSL_malloc(i)) == NULL) { ASN1err(ASN1_F_ASN1_DIGEST, ERR_R_MALLOC_FAILURE); - return (0); + return 0; } p = str; i2d(data, &p); @@ -91,7 +39,7 @@ int ASN1_digest(i2d_of_void *i2d, const EVP_MD *type, char *data, return 0; } OPENSSL_free(str); - return (1); + return 1; } #endif @@ -104,12 +52,12 @@ int ASN1_item_digest(const ASN1_ITEM *it, const EVP_MD *type, void *asn, i = ASN1_item_i2d(asn, &str, it); if (!str) - return (0); + return 0; if (!EVP_Digest(str, i, md, len, type, NULL)) { OPENSSL_free(str); return 0; } OPENSSL_free(str); - return (1); + return 1; } diff --git a/crypto/asn1/a_dup.c b/crypto/asn1/a_dup.c index 349ab5621377..50af6b000609 100644 --- a/crypto/asn1/a_dup.c +++ b/crypto/asn1/a_dup.c @@ -1,63 +1,14 @@ -/* crypto/asn1/a_dup.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/asn1.h> #ifndef NO_OLD_ASN1 @@ -70,20 +21,20 @@ void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x) char *ret; if (x == NULL) - return (NULL); + return NULL; i = i2d(x, NULL); b = OPENSSL_malloc(i + 10); if (b == NULL) { ASN1err(ASN1_F_ASN1_DUP, ERR_R_MALLOC_FAILURE); - return (NULL); + return NULL; } p = b; i = i2d(x, &p); p2 = b; ret = d2i(NULL, &p2, i); OPENSSL_free(b); - return (ret); + return ret; } #endif @@ -103,15 +54,15 @@ void *ASN1_item_dup(const ASN1_ITEM *it, void *x) void *ret; if (x == NULL) - return (NULL); + return NULL; i = ASN1_item_i2d(x, &b, it); if (b == NULL) { ASN1err(ASN1_F_ASN1_ITEM_DUP, ERR_R_MALLOC_FAILURE); - return (NULL); + return NULL; } p = b; ret = ASN1_item_d2i(NULL, &p, i, it); OPENSSL_free(b); - return (ret); + return ret; } diff --git a/crypto/asn1/a_enum.c b/crypto/asn1/a_enum.c deleted file mode 100644 index c3498ac99c71..000000000000 --- a/crypto/asn1/a_enum.c +++ /dev/null @@ -1,181 +0,0 @@ -/* crypto/asn1/a_enum.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/asn1.h> -#include <openssl/bn.h> - -/* - * Code for ENUMERATED type: identical to INTEGER apart from a different tag. - * for comments on encoding see a_int.c - */ - -int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v) -{ - int j, k; - unsigned int i; - unsigned char buf[sizeof(long) + 1]; - long d; - - a->type = V_ASN1_ENUMERATED; - if (a->length < (int)(sizeof(long) + 1)) { - if (a->data != NULL) - OPENSSL_free(a->data); - if ((a->data = - (unsigned char *)OPENSSL_malloc(sizeof(long) + 1)) != NULL) - memset((char *)a->data, 0, sizeof(long) + 1); - } - if (a->data == NULL) { - ASN1err(ASN1_F_ASN1_ENUMERATED_SET, ERR_R_MALLOC_FAILURE); - return (0); - } - d = v; - if (d < 0) { - d = -d; - a->type = V_ASN1_NEG_ENUMERATED; - } - - for (i = 0; i < sizeof(long); i++) { - if (d == 0) - break; - buf[i] = (int)d & 0xff; - d >>= 8; - } - j = 0; - for (k = i - 1; k >= 0; k--) - a->data[j++] = buf[k]; - a->length = j; - return (1); -} - -long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a) -{ - int neg = 0, i; - long r = 0; - - if (a == NULL) - return (0L); - i = a->type; - if (i == V_ASN1_NEG_ENUMERATED) - neg = 1; - else if (i != V_ASN1_ENUMERATED) - return -1; - - if (a->length > (int)sizeof(long)) { - /* hmm... a bit ugly */ - return (0xffffffffL); - } - if (a->data == NULL) - return 0; - - for (i = 0; i < a->length; i++) { - r <<= 8; - r |= (unsigned char)a->data[i]; - } - if (neg) - r = -r; - return (r); -} - -ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai) -{ - ASN1_ENUMERATED *ret; - int len, j; - - if (ai == NULL) - ret = M_ASN1_ENUMERATED_new(); - else - ret = ai; - if (ret == NULL) { - ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED, ERR_R_NESTED_ASN1_ERROR); - goto err; - } - if (BN_is_negative(bn)) - ret->type = V_ASN1_NEG_ENUMERATED; - else - ret->type = V_ASN1_ENUMERATED; - j = BN_num_bits(bn); - len = ((j == 0) ? 0 : ((j / 8) + 1)); - if (ret->length < len + 4) { - unsigned char *new_data = OPENSSL_realloc(ret->data, len + 4); - if (!new_data) { - ASN1err(ASN1_F_BN_TO_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE); - goto err; - } - ret->data = new_data; - } - - ret->length = BN_bn2bin(bn, ret->data); - return (ret); - err: - if (ret != ai) - M_ASN1_ENUMERATED_free(ret); - return (NULL); -} - -BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn) -{ - BIGNUM *ret; - - if ((ret = BN_bin2bn(ai->data, ai->length, bn)) == NULL) - ASN1err(ASN1_F_ASN1_ENUMERATED_TO_BN, ASN1_R_BN_LIB); - else if (ai->type == V_ASN1_NEG_ENUMERATED) - BN_set_negative(ret, 1); - return (ret); -} diff --git a/crypto/asn1/a_gentm.c b/crypto/asn1/a_gentm.c index cb4481597064..d3878d6e57fe 100644 --- a/crypto/asn1/a_gentm.c +++ b/crypto/asn1/a_gentm.c @@ -1,238 +1,29 @@ -/* crypto/asn1/a_gentm.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. +/* + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ /* - * GENERALIZEDTIME implementation, written by Steve Henson. Based on UTCTIME + * GENERALIZEDTIME implementation. Based on UTCTIME */ #include <stdio.h> #include <time.h> -#include "cryptlib.h" -#include "o_time.h" +#include "internal/cryptlib.h" #include <openssl/asn1.h> #include "asn1_locl.h" -#if 0 - -int i2d_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME *a, unsigned char **pp) -{ -# ifdef CHARSET_EBCDIC - /* KLUDGE! We convert to ascii before writing DER */ - int len; - char tmp[24]; - ASN1_STRING tmpstr = *(ASN1_STRING *)a; - - len = tmpstr.length; - ebcdic2ascii(tmp, tmpstr.data, (len >= sizeof(tmp)) ? sizeof(tmp) : len); - tmpstr.data = tmp; - - a = (ASN1_GENERALIZEDTIME *)&tmpstr; -# endif - return (i2d_ASN1_bytes((ASN1_STRING *)a, pp, - V_ASN1_GENERALIZEDTIME, V_ASN1_UNIVERSAL)); -} - -ASN1_GENERALIZEDTIME *d2i_ASN1_GENERALIZEDTIME(ASN1_GENERALIZEDTIME **a, - unsigned char **pp, - long length) -{ - ASN1_GENERALIZEDTIME *ret = NULL; - - ret = - (ASN1_GENERALIZEDTIME *)d2i_ASN1_bytes((ASN1_STRING **)a, pp, length, - V_ASN1_GENERALIZEDTIME, - V_ASN1_UNIVERSAL); - if (ret == NULL) { - ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME, ERR_R_NESTED_ASN1_ERROR); - return (NULL); - } -# ifdef CHARSET_EBCDIC - ascii2ebcdic(ret->data, ret->data, ret->length); -# endif - if (!ASN1_GENERALIZEDTIME_check(ret)) { - ASN1err(ASN1_F_D2I_ASN1_GENERALIZEDTIME, ASN1_R_INVALID_TIME_FORMAT); - goto err; - } - - return (ret); - err: - if ((ret != NULL) && ((a == NULL) || (*a != ret))) - M_ASN1_GENERALIZEDTIME_free(ret); - return (NULL); -} - -#endif - +/* This is the primary function used to parse ASN1_GENERALIZEDTIME */ int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d) { - static const int min[9] = { 0, 0, 1, 1, 0, 0, 0, 0, 0 }; - static const int max[9] = { 99, 99, 12, 31, 23, 59, 59, 12, 59 }; - char *a; - int n, i, l, o; - + /* wrapper around asn1_time_to_tm */ if (d->type != V_ASN1_GENERALIZEDTIME) - return (0); - l = d->length; - a = (char *)d->data; - o = 0; - /* - * GENERALIZEDTIME is similar to UTCTIME except the year is represented - * as YYYY. This stuff treats everything as a two digit field so make - * first two fields 00 to 99 - */ - if (l < 13) - goto err; - for (i = 0; i < 7; i++) { - if ((i == 6) && ((a[o] == 'Z') || (a[o] == '+') || (a[o] == '-'))) { - i++; - if (tm) - tm->tm_sec = 0; - break; - } - if ((a[o] < '0') || (a[o] > '9')) - goto err; - n = a[o] - '0'; - if (++o > l) - goto err; - - if ((a[o] < '0') || (a[o] > '9')) - goto err; - n = (n * 10) + a[o] - '0'; - if (++o > l) - goto err; - - if ((n < min[i]) || (n > max[i])) - goto err; - if (tm) { - switch (i) { - case 0: - tm->tm_year = n * 100 - 1900; - break; - case 1: - tm->tm_year += n; - break; - case 2: - tm->tm_mon = n - 1; - break; - case 3: - tm->tm_mday = n; - break; - case 4: - tm->tm_hour = n; - break; - case 5: - tm->tm_min = n; - break; - case 6: - tm->tm_sec = n; - break; - } - } - } - /* - * Optional fractional seconds: decimal point followed by one or more - * digits. - */ - if (a[o] == '.') { - if (++o > l) - goto err; - i = o; - while ((a[o] >= '0') && (a[o] <= '9') && (o <= l)) - o++; - /* Must have at least one digit after decimal point */ - if (i == o) - goto err; - } - - if (a[o] == 'Z') - o++; - else if ((a[o] == '+') || (a[o] == '-')) { - int offsign = a[o] == '-' ? 1 : -1, offset = 0; - o++; - if (o + 4 > l) - goto err; - for (i = 7; i < 9; i++) { - if ((a[o] < '0') || (a[o] > '9')) - goto err; - n = a[o] - '0'; - o++; - if ((a[o] < '0') || (a[o] > '9')) - goto err; - n = (n * 10) + a[o] - '0'; - if ((n < min[i]) || (n > max[i])) - goto err; - if (tm) { - if (i == 7) - offset = n * 3600; - else if (i == 8) - offset += n * 60; - } - o++; - } - if (offset && !OPENSSL_gmtime_adj(tm, 0, offset * offsign)) - return 0; - } else if (a[o]) { - /* Missing time zone information. */ - goto err; - } - return (o == l); - err: - return (0); + return 0; + return asn1_time_to_tm(tm, d); } int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *d) @@ -247,16 +38,15 @@ int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str) t.type = V_ASN1_GENERALIZEDTIME; t.length = strlen(str); t.data = (unsigned char *)str; - if (ASN1_GENERALIZEDTIME_check(&t)) { - if (s != NULL) { - if (!ASN1_STRING_set((ASN1_STRING *)s, - (unsigned char *)str, t.length)) - return 0; - s->type = V_ASN1_GENERALIZEDTIME; - } - return (1); - } else - return (0); + t.flags = 0; + + if (!ASN1_GENERALIZEDTIME_check(&t)) + return 0; + + if (s != NULL && !ASN1_STRING_copy(s, &t)) + return 0; + + return 1; } ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s, @@ -269,44 +59,24 @@ ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s, time_t t, int offset_day, long offset_sec) { - char *p; struct tm *ts; struct tm data; - size_t len = 20; - - if (s == NULL) - s = M_ASN1_GENERALIZEDTIME_new(); - if (s == NULL) - return (NULL); ts = OPENSSL_gmtime(&t, &data); if (ts == NULL) - return (NULL); + return NULL; if (offset_day || offset_sec) { if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec)) return NULL; } - p = (char *)s->data; - if ((p == NULL) || ((size_t)s->length < len)) { - p = OPENSSL_malloc(len); - if (p == NULL) { - ASN1err(ASN1_F_ASN1_GENERALIZEDTIME_ADJ, ERR_R_MALLOC_FAILURE); - return (NULL); - } - if (s->data != NULL) - OPENSSL_free(s->data); - s->data = (unsigned char *)p; - } + return asn1_time_from_tm(s, ts, V_ASN1_GENERALIZEDTIME); +} - BIO_snprintf(p, len, "%04d%02d%02d%02d%02d%02dZ", ts->tm_year + 1900, - ts->tm_mon + 1, ts->tm_mday, ts->tm_hour, ts->tm_min, - ts->tm_sec); - s->length = strlen(p); - s->type = V_ASN1_GENERALIZEDTIME; -#ifdef CHARSET_EBCDIC_not - ebcdic2ascii(s->data, s->data, s->length); -#endif - return (s); +int ASN1_GENERALIZEDTIME_print(BIO *bp, const ASN1_GENERALIZEDTIME *tm) +{ + if (tm->type != V_ASN1_GENERALIZEDTIME) + return 0; + return ASN1_TIME_print(bp, tm); } diff --git a/crypto/asn1/a_i2d_fp.c b/crypto/asn1/a_i2d_fp.c index 2e85e041e4cf..980c65a25d2d 100644 --- a/crypto/asn1/a_i2d_fp.c +++ b/crypto/asn1/a_i2d_fp.c @@ -1,69 +1,20 @@ -/* crypto/asn1/a_i2d_fp.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/buffer.h> #include <openssl/asn1.h> #ifndef NO_OLD_ASN1 -# ifndef OPENSSL_NO_FP_API +# ifndef OPENSSL_NO_STDIO int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x) { BIO *b; @@ -71,12 +22,12 @@ int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x) if ((b = BIO_new(BIO_s_file())) == NULL) { ASN1err(ASN1_F_ASN1_I2D_FP, ERR_R_BUF_LIB); - return (0); + return 0; } BIO_set_fp(b, out, BIO_NOCLOSE); ret = ASN1_i2d_bio(i2d, b, x); BIO_free(b); - return (ret); + return ret; } # endif @@ -90,10 +41,10 @@ int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x) if (n <= 0) return 0; - b = (char *)OPENSSL_malloc(n); + b = OPENSSL_malloc(n); if (b == NULL) { ASN1err(ASN1_F_ASN1_I2D_BIO, ERR_R_MALLOC_FAILURE); - return (0); + return 0; } p = (unsigned char *)b; @@ -111,12 +62,12 @@ int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x) n -= i; } OPENSSL_free(b); - return (ret); + return ret; } #endif -#ifndef OPENSSL_NO_FP_API +#ifndef OPENSSL_NO_STDIO int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x) { BIO *b; @@ -124,12 +75,12 @@ int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x) if ((b = BIO_new(BIO_s_file())) == NULL) { ASN1err(ASN1_F_ASN1_ITEM_I2D_FP, ERR_R_BUF_LIB); - return (0); + return 0; } BIO_set_fp(b, out, BIO_NOCLOSE); ret = ASN1_item_i2d_bio(it, b, x); BIO_free(b); - return (ret); + return ret; } #endif @@ -141,7 +92,7 @@ int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x) n = ASN1_item_i2d(x, &b, it); if (b == NULL) { ASN1err(ASN1_F_ASN1_ITEM_I2D_BIO, ERR_R_MALLOC_FAILURE); - return (0); + return 0; } for (;;) { @@ -156,5 +107,5 @@ int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x) n -= i; } OPENSSL_free(b); - return (ret); + return ret; } diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c index 7e26704a5479..70a45cb3cc77 100644 --- a/crypto/asn1/a_int.c +++ b/crypto/asn1/a_int.c @@ -1,69 +1,23 @@ -/* crypto/asn1/a_int.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. +/* + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" +#include "internal/numbers.h" +#include <limits.h> #include <openssl/asn1.h> #include <openssl/bn.h> +#include "asn1_locl.h" ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x) { - return M_ASN1_INTEGER_dup(x); + return ASN1_STRING_dup(x); } int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y) @@ -87,10 +41,11 @@ int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y) } /*- - * This converts an ASN1 INTEGER into its content encoding. + * This converts a big endian buffer and sign into its content encoding. + * This is used for INTEGER and ENUMERATED types. * The internal representation is an ASN1_STRING whose data is a big endian * representation of the value, ignoring the sign. The sign is determined by - * the type: V_ASN1_INTEGER for positive and V_ASN1_NEG_INTEGER for negative. + * the type: if type & V_ASN1_NEG is true it is negative, otherwise positive. * * Positive integers are no problem: they are almost the same as the DER * encoding, except if the first byte is >= 0x80 we need to add a zero pad. @@ -111,165 +66,316 @@ int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y) * followed by optional zeros isn't padded. */ -int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp) +/* + * If |pad| is zero, the operation is effectively reduced to memcpy, + * and if |pad| is 0xff, then it performs two's complement, ~dst + 1. + * Note that in latter case sequence of zeros yields itself, and so + * does 0x80 followed by any number of zeros. These properties are + * used elsewhere below... + */ +static void twos_complement(unsigned char *dst, const unsigned char *src, + size_t len, unsigned char pad) { - int pad = 0, ret, i, neg; - unsigned char *p, *n, pb = 0; + unsigned int carry = pad & 1; + + /* Begin at the end of the encoding */ + dst += len; + src += len; + /* two's complement value: ~value + 1 */ + while (len-- != 0) { + *(--dst) = (unsigned char)(carry += *(--src) ^ pad); + carry >>= 8; + } +} - if (a == NULL) - return (0); - neg = a->type & V_ASN1_NEG; - if (a->length == 0) - ret = 1; - else { - ret = a->length; - i = a->data[0]; - if (ret == 1 && i == 0) - neg = 0; +static size_t i2c_ibuf(const unsigned char *b, size_t blen, int neg, + unsigned char **pp) +{ + unsigned int pad = 0; + size_t ret, i; + unsigned char *p, pb = 0; + + if (b != NULL && blen) { + ret = blen; + i = b[0]; if (!neg && (i > 127)) { pad = 1; pb = 0; } else if (neg) { + pb = 0xFF; if (i > 128) { pad = 1; - pb = 0xFF; } else if (i == 128) { /* - * Special case: if any other bytes non zero we pad: - * otherwise we don't. + * Special case [of minimal negative for given length]: + * if any other bytes non zero we pad, otherwise we don't. */ - for (i = 1; i < a->length; i++) - if (a->data[i]) { - pad = 1; - pb = 0xFF; - break; - } + for (pad = 0, i = 1; i < blen; i++) + pad |= b[i]; + pb = pad != 0 ? 0xffU : 0; + pad = pb & 1; } } ret += pad; + } else { + ret = 1; + blen = 0; /* reduce '(b == NULL || blen == 0)' to '(blen == 0)' */ } - if (pp == NULL) - return (ret); - p = *pp; - if (pad) - *(p++) = pb; - if (a->length == 0) - *(p++) = 0; - else if (!neg) - memcpy(p, a->data, (unsigned int)a->length); - else { - /* Begin at the end of the encoding */ - n = a->data + a->length - 1; - p += a->length - 1; - i = a->length; - /* Copy zeros to destination as long as source is zero */ - while (!*n && i > 1) { - *(p--) = 0; - n--; - i--; + if (pp == NULL || (p = *pp) == NULL) + return ret; + + /* + * This magically handles all corner cases, such as '(b == NULL || + * blen == 0)', non-negative value, "negative" zero, 0x80 followed + * by any number of zeros... + */ + *p = pb; + p += pad; /* yes, p[0] can be written twice, but it's little + * price to pay for eliminated branches */ + twos_complement(p, b, blen, pb); + + *pp += ret; + return ret; +} + +/* + * convert content octets into a big endian buffer. Returns the length + * of buffer or 0 on error: for malformed INTEGER. If output buffer is + * NULL just return length. + */ + +static size_t c2i_ibuf(unsigned char *b, int *pneg, + const unsigned char *p, size_t plen) +{ + int neg, pad; + /* Zero content length is illegal */ + if (plen == 0) { + ASN1err(ASN1_F_C2I_IBUF, ASN1_R_ILLEGAL_ZERO_CONTENT); + return 0; + } + neg = p[0] & 0x80; + if (pneg) + *pneg = neg; + /* Handle common case where length is 1 octet separately */ + if (plen == 1) { + if (b != NULL) { + if (neg) + b[0] = (p[0] ^ 0xFF) + 1; + else + b[0] = p[0]; } - /* Complement and increment next octet */ - *(p--) = ((*(n--)) ^ 0xff) + 1; - i--; - /* Complement any octets left */ - for (; i > 0; i--) - *(p--) = *(n--) ^ 0xff; + return 1; } - *pp += ret; - return (ret); + pad = 0; + if (p[0] == 0) { + pad = 1; + } else if (p[0] == 0xFF) { + size_t i; + + /* + * Special case [of "one less minimal negative" for given length]: + * if any other bytes non zero it was padded, otherwise not. + */ + for (pad = 0, i = 1; i < plen; i++) + pad |= p[i]; + pad = pad != 0 ? 1 : 0; + } + /* reject illegal padding: first two octets MSB can't match */ + if (pad && (neg == (p[1] & 0x80))) { + ASN1err(ASN1_F_C2I_IBUF, ASN1_R_ILLEGAL_PADDING); + return 0; + } + + /* skip over pad */ + p += pad; + plen -= pad; + + if (b != NULL) + twos_complement(b, p, plen, neg ? 0xffU : 0); + + return plen; +} + +int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp) +{ + return i2c_ibuf(a->data, a->length, a->type & V_ASN1_NEG, pp); +} + +/* Convert big endian buffer into uint64_t, return 0 on error */ +static int asn1_get_uint64(uint64_t *pr, const unsigned char *b, size_t blen) +{ + size_t i; + uint64_t r; + + if (blen > sizeof(*pr)) { + ASN1err(ASN1_F_ASN1_GET_UINT64, ASN1_R_TOO_LARGE); + return 0; + } + if (b == NULL) + return 0; + for (r = 0, i = 0; i < blen; i++) { + r <<= 8; + r |= b[i]; + } + *pr = r; + return 1; +} + +/* + * Write uint64_t to big endian buffer and return offset to first + * written octet. In other words it returns offset in range from 0 + * to 7, with 0 denoting 8 written octets and 7 - one. + */ +static size_t asn1_put_uint64(unsigned char b[sizeof(uint64_t)], uint64_t r) +{ + size_t off = sizeof(uint64_t); + + do { + b[--off] = (unsigned char)r; + } while (r >>= 8); + + return off; } -/* Convert just ASN1 INTEGER content octets to ASN1_INTEGER structure */ +/* + * Absolute value of INT64_MIN: we can't just use -INT64_MIN as gcc produces + * overflow warnings. + */ +#define ABS_INT64_MIN ((uint64_t)INT64_MAX + (-(INT64_MIN + INT64_MAX))) +/* signed version of asn1_get_uint64 */ +static int asn1_get_int64(int64_t *pr, const unsigned char *b, size_t blen, + int neg) +{ + uint64_t r; + if (asn1_get_uint64(&r, b, blen) == 0) + return 0; + if (neg) { + if (r <= INT64_MAX) { + /* Most significant bit is guaranteed to be clear, negation + * is guaranteed to be meaningful in platform-neutral sense. */ + *pr = -(int64_t)r; + } else if (r == ABS_INT64_MIN) { + /* This never happens if INT64_MAX == ABS_INT64_MIN, e.g. + * on ones'-complement system. */ + *pr = (int64_t)(0 - r); + } else { + ASN1err(ASN1_F_ASN1_GET_INT64, ASN1_R_TOO_SMALL); + return 0; + } + } else { + if (r <= INT64_MAX) { + *pr = (int64_t)r; + } else { + ASN1err(ASN1_F_ASN1_GET_INT64, ASN1_R_TOO_LARGE); + return 0; + } + } + return 1; +} + +/* Convert ASN1 INTEGER content octets to ASN1_INTEGER structure */ ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, long len) { ASN1_INTEGER *ret = NULL; - const unsigned char *p, *pend; - unsigned char *to, *s; - int i; + size_t r; + int neg; + + r = c2i_ibuf(NULL, NULL, *pp, len); + + if (r == 0) + return NULL; if ((a == NULL) || ((*a) == NULL)) { - if ((ret = M_ASN1_INTEGER_new()) == NULL) - return (NULL); + ret = ASN1_INTEGER_new(); + if (ret == NULL) + return NULL; ret->type = V_ASN1_INTEGER; } else - ret = (*a); - - p = *pp; - pend = p + len; + ret = *a; - /* - * We must OPENSSL_malloc stuff, even for 0 bytes otherwise it signifies - * a missing NULL parameter. - */ - s = (unsigned char *)OPENSSL_malloc((int)len + 1); - if (s == NULL) { - i = ERR_R_MALLOC_FAILURE; + if (ASN1_STRING_set(ret, NULL, r) == 0) goto err; - } - to = s; - if (!len) { - /* - * Strictly speaking this is an illegal INTEGER but we tolerate it. - */ - ret->type = V_ASN1_INTEGER; - } else if (*p & 0x80) { /* a negative number */ - ret->type = V_ASN1_NEG_INTEGER; - if ((*p == 0xff) && (len != 1)) { - p++; - len--; - } - i = len; - p += i - 1; - to += i - 1; - while ((!*p) && i) { - *(to--) = 0; - i--; - p--; - } - /* - * Special case: if all zeros then the number will be of the form FF - * followed by n zero bytes: this corresponds to 1 followed by n zero - * bytes. We've already written n zeros so we just append an extra - * one and set the first byte to a 1. This is treated separately - * because it is the only case where the number of bytes is larger - * than len. - */ - if (!i) { - *s = 1; - s[len] = 0; - len++; - } else { - *(to--) = (*(p--) ^ 0xff) + 1; - i--; - for (; i > 0; i--) - *(to--) = *(p--) ^ 0xff; - } - } else { - ret->type = V_ASN1_INTEGER; - if ((*p == 0) && (len != 1)) { - p++; - len--; - } - memcpy(s, p, (int)len); - } - if (ret->data != NULL) - OPENSSL_free(ret->data); - ret->data = s; - ret->length = (int)len; + c2i_ibuf(ret->data, &neg, *pp, len); + + if (neg) + ret->type |= V_ASN1_NEG; + + *pp += len; if (a != NULL) (*a) = ret; - *pp = pend; - return (ret); + return ret; err: - ASN1err(ASN1_F_C2I_ASN1_INTEGER, i); - if ((ret != NULL) && ((a == NULL) || (*a != ret))) - M_ASN1_INTEGER_free(ret); - return (NULL); + ASN1err(ASN1_F_C2I_ASN1_INTEGER, ERR_R_MALLOC_FAILURE); + if ((a == NULL) || (*a != ret)) + ASN1_INTEGER_free(ret); + return NULL; +} + +static int asn1_string_get_int64(int64_t *pr, const ASN1_STRING *a, int itype) +{ + if (a == NULL) { + ASN1err(ASN1_F_ASN1_STRING_GET_INT64, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + if ((a->type & ~V_ASN1_NEG) != itype) { + ASN1err(ASN1_F_ASN1_STRING_GET_INT64, ASN1_R_WRONG_INTEGER_TYPE); + return 0; + } + return asn1_get_int64(pr, a->data, a->length, a->type & V_ASN1_NEG); +} + +static int asn1_string_set_int64(ASN1_STRING *a, int64_t r, int itype) +{ + unsigned char tbuf[sizeof(r)]; + size_t off; + + a->type = itype; + if (r < 0) { + /* Most obvious '-r' triggers undefined behaviour for most + * common INT64_MIN. Even though below '0 - (uint64_t)r' can + * appear two's-complement centric, it does produce correct/ + * expected result even on one's-complement. This is because + * cast to unsigned has to change bit pattern... */ + off = asn1_put_uint64(tbuf, 0 - (uint64_t)r); + a->type |= V_ASN1_NEG; + } else { + off = asn1_put_uint64(tbuf, r); + a->type &= ~V_ASN1_NEG; + } + return ASN1_STRING_set(a, tbuf + off, sizeof(tbuf) - off); +} + +static int asn1_string_get_uint64(uint64_t *pr, const ASN1_STRING *a, + int itype) +{ + if (a == NULL) { + ASN1err(ASN1_F_ASN1_STRING_GET_UINT64, ERR_R_PASSED_NULL_PARAMETER); + return 0; + } + if ((a->type & ~V_ASN1_NEG) != itype) { + ASN1err(ASN1_F_ASN1_STRING_GET_UINT64, ASN1_R_WRONG_INTEGER_TYPE); + return 0; + } + if (a->type & V_ASN1_NEG) { + ASN1err(ASN1_F_ASN1_STRING_GET_UINT64, ASN1_R_ILLEGAL_NEGATIVE_VALUE); + return 0; + } + return asn1_get_uint64(pr, a->data, a->length); +} + +static int asn1_string_set_uint64(ASN1_STRING *a, uint64_t r, int itype) +{ + unsigned char tbuf[sizeof(r)]; + size_t off; + + a->type = itype; + off = asn1_put_uint64(tbuf, r); + return ASN1_STRING_set(a, tbuf + off, sizeof(tbuf) - off); } /* @@ -289,8 +395,8 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, int i; if ((a == NULL) || ((*a) == NULL)) { - if ((ret = M_ASN1_INTEGER_new()) == NULL) - return (NULL); + if ((ret = ASN1_INTEGER_new()) == NULL) + return NULL; ret->type = V_ASN1_INTEGER; } else ret = (*a); @@ -311,7 +417,7 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, * We must OPENSSL_malloc stuff, even for 0 bytes otherwise it signifies * a missing NULL parameter. */ - s = (unsigned char *)OPENSSL_malloc((int)len + 1); + s = OPENSSL_malloc((int)len + 1); if (s == NULL) { i = ERR_R_MALLOC_FAILURE; goto err; @@ -326,139 +432,199 @@ ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, p += len; } - if (ret->data != NULL) - OPENSSL_free(ret->data); + OPENSSL_free(ret->data); ret->data = s; ret->length = (int)len; if (a != NULL) (*a) = ret; *pp = p; - return (ret); + return ret; err: ASN1err(ASN1_F_D2I_ASN1_UINTEGER, i); - if ((ret != NULL) && ((a == NULL) || (*a != ret))) - M_ASN1_INTEGER_free(ret); - return (NULL); + if ((a == NULL) || (*a != ret)) + ASN1_INTEGER_free(ret); + return NULL; } -int ASN1_INTEGER_set(ASN1_INTEGER *a, long v) +static ASN1_STRING *bn_to_asn1_string(const BIGNUM *bn, ASN1_STRING *ai, + int atype) { - int j, k; - unsigned int i; - unsigned char buf[sizeof(long) + 1]; - long d; - - a->type = V_ASN1_INTEGER; - if (a->length < (int)(sizeof(long) + 1)) { - if (a->data != NULL) - OPENSSL_free(a->data); - if ((a->data = - (unsigned char *)OPENSSL_malloc(sizeof(long) + 1)) != NULL) - memset((char *)a->data, 0, sizeof(long) + 1); + ASN1_INTEGER *ret; + int len; + + if (ai == NULL) { + ret = ASN1_STRING_type_new(atype); + } else { + ret = ai; + ret->type = atype; } - if (a->data == NULL) { - ASN1err(ASN1_F_ASN1_INTEGER_SET, ERR_R_MALLOC_FAILURE); - return (0); + + if (ret == NULL) { + ASN1err(ASN1_F_BN_TO_ASN1_STRING, ERR_R_NESTED_ASN1_ERROR); + goto err; + } + + if (BN_is_negative(bn) && !BN_is_zero(bn)) + ret->type |= V_ASN1_NEG_INTEGER; + + len = BN_num_bytes(bn); + + if (len == 0) + len = 1; + + if (ASN1_STRING_set(ret, NULL, len) == 0) { + ASN1err(ASN1_F_BN_TO_ASN1_STRING, ERR_R_MALLOC_FAILURE); + goto err; } - d = v; - if (d < 0) { - d = -d; - a->type = V_ASN1_NEG_INTEGER; + + /* Correct zero case */ + if (BN_is_zero(bn)) + ret->data[0] = 0; + else + len = BN_bn2bin(bn, ret->data); + ret->length = len; + return ret; + err: + if (ret != ai) + ASN1_INTEGER_free(ret); + return NULL; +} + +static BIGNUM *asn1_string_to_bn(const ASN1_INTEGER *ai, BIGNUM *bn, + int itype) +{ + BIGNUM *ret; + + if ((ai->type & ~V_ASN1_NEG) != itype) { + ASN1err(ASN1_F_ASN1_STRING_TO_BN, ASN1_R_WRONG_INTEGER_TYPE); + return NULL; } - for (i = 0; i < sizeof(long); i++) { - if (d == 0) - break; - buf[i] = (int)d & 0xff; - d >>= 8; + ret = BN_bin2bn(ai->data, ai->length, bn); + if (ret == NULL) { + ASN1err(ASN1_F_ASN1_STRING_TO_BN, ASN1_R_BN_LIB); + return NULL; } - j = 0; - for (k = i - 1; k >= 0; k--) - a->data[j++] = buf[k]; - a->length = j; - return (1); + if (ai->type & V_ASN1_NEG) + BN_set_negative(ret, 1); + return ret; } -long ASN1_INTEGER_get(const ASN1_INTEGER *a) +int ASN1_INTEGER_get_int64(int64_t *pr, const ASN1_INTEGER *a) { - int neg = 0, i; - long r = 0; + return asn1_string_get_int64(pr, a, V_ASN1_INTEGER); +} + +int ASN1_INTEGER_set_int64(ASN1_INTEGER *a, int64_t r) +{ + return asn1_string_set_int64(a, r, V_ASN1_INTEGER); +} +int ASN1_INTEGER_get_uint64(uint64_t *pr, const ASN1_INTEGER *a) +{ + return asn1_string_get_uint64(pr, a, V_ASN1_INTEGER); +} + +int ASN1_INTEGER_set_uint64(ASN1_INTEGER *a, uint64_t r) +{ + return asn1_string_set_uint64(a, r, V_ASN1_INTEGER); +} + +int ASN1_INTEGER_set(ASN1_INTEGER *a, long v) +{ + return ASN1_INTEGER_set_int64(a, v); +} + +long ASN1_INTEGER_get(const ASN1_INTEGER *a) +{ + int i; + int64_t r; if (a == NULL) - return (0L); - i = a->type; - if (i == V_ASN1_NEG_INTEGER) - neg = 1; - else if (i != V_ASN1_INTEGER) + return 0; + i = ASN1_INTEGER_get_int64(&r, a); + if (i == 0) return -1; - - if (a->length > (int)sizeof(long)) { - /* hmm... a bit ugly, return all ones */ + if (r > LONG_MAX || r < LONG_MIN) return -1; - } - if (a->data == NULL) + return (long)r; +} + +ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai) +{ + return bn_to_asn1_string(bn, ai, V_ASN1_INTEGER); +} + +BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn) +{ + return asn1_string_to_bn(ai, bn, V_ASN1_INTEGER); +} + +int ASN1_ENUMERATED_get_int64(int64_t *pr, const ASN1_ENUMERATED *a) +{ + return asn1_string_get_int64(pr, a, V_ASN1_ENUMERATED); +} + +int ASN1_ENUMERATED_set_int64(ASN1_ENUMERATED *a, int64_t r) +{ + return asn1_string_set_int64(a, r, V_ASN1_ENUMERATED); +} + +int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v) +{ + return ASN1_ENUMERATED_set_int64(a, v); +} + +long ASN1_ENUMERATED_get(const ASN1_ENUMERATED *a) +{ + int i; + int64_t r; + if (a == NULL) return 0; + if ((a->type & ~V_ASN1_NEG) != V_ASN1_ENUMERATED) + return -1; + if (a->length > (int)sizeof(long)) + return 0xffffffffL; + i = ASN1_ENUMERATED_get_int64(&r, a); + if (i == 0) + return -1; + if (r > LONG_MAX || r < LONG_MIN) + return -1; + return (long)r; +} - for (i = 0; i < a->length; i++) { - r <<= 8; - r |= (unsigned char)a->data[i]; - } - if (neg) - r = -r; - return (r); +ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(const BIGNUM *bn, ASN1_ENUMERATED *ai) +{ + return bn_to_asn1_string(bn, ai, V_ASN1_ENUMERATED); } -ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai) +BIGNUM *ASN1_ENUMERATED_to_BN(const ASN1_ENUMERATED *ai, BIGNUM *bn) { - ASN1_INTEGER *ret; - int len, j; + return asn1_string_to_bn(ai, bn, V_ASN1_ENUMERATED); +} - if (ai == NULL) - ret = M_ASN1_INTEGER_new(); - else - ret = ai; - if (ret == NULL) { - ASN1err(ASN1_F_BN_TO_ASN1_INTEGER, ERR_R_NESTED_ASN1_ERROR); - goto err; - } - if (BN_is_negative(bn) && !BN_is_zero(bn)) - ret->type = V_ASN1_NEG_INTEGER; - else - ret->type = V_ASN1_INTEGER; - j = BN_num_bits(bn); - len = ((j == 0) ? 0 : ((j / 8) + 1)); - if (ret->length < len + 4) { - unsigned char *new_data = OPENSSL_realloc(ret->data, len + 4); - if (!new_data) { - ASN1err(ASN1_F_BN_TO_ASN1_INTEGER, ERR_R_MALLOC_FAILURE); - goto err; - } - ret->data = new_data; - } - ret->length = BN_bn2bin(bn, ret->data); - /* Correct zero case */ - if (!ret->length) { - ret->data[0] = 0; - ret->length = 1; +/* Internal functions used by x_int64.c */ +int c2i_uint64_int(uint64_t *ret, int *neg, const unsigned char **pp, long len) +{ + unsigned char buf[sizeof(uint64_t)]; + size_t buflen; + + buflen = c2i_ibuf(NULL, NULL, *pp, len); + if (buflen == 0) + return 0; + if (buflen > sizeof(uint64_t)) { + ASN1err(ASN1_F_C2I_UINT64_INT, ASN1_R_TOO_LARGE); + return 0; } - return (ret); - err: - if (ret != ai) - M_ASN1_INTEGER_free(ret); - return (NULL); + (void)c2i_ibuf(buf, neg, *pp, len); + return asn1_get_uint64(ret, buf, buflen); } -BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn) +int i2c_uint64_int(unsigned char *p, uint64_t r, int neg) { - BIGNUM *ret; + unsigned char buf[sizeof(uint64_t)]; + size_t off; - if ((ret = BN_bin2bn(ai->data, ai->length, bn)) == NULL) - ASN1err(ASN1_F_ASN1_INTEGER_TO_BN, ASN1_R_BN_LIB); - else if (ai->type == V_ASN1_NEG_INTEGER) - BN_set_negative(ret, 1); - return (ret); + off = asn1_put_uint64(buf, r); + return i2c_ibuf(buf + off, sizeof(buf) - off, neg, &p); } -IMPLEMENT_STACK_OF(ASN1_INTEGER) - -IMPLEMENT_ASN1_SET_OF(ASN1_INTEGER) diff --git a/crypto/asn1/a_mbstr.c b/crypto/asn1/a_mbstr.c index 5b8028aaa3a5..949fe6c1611a 100644 --- a/crypto/asn1/a_mbstr.c +++ b/crypto/asn1/a_mbstr.c @@ -1,65 +1,15 @@ -/* a_mbstr.c */ /* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project - * 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). + * Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include <ctype.h> -#include "cryptlib.h" +#include "internal/ctype.h" +#include "internal/cryptlib.h" #include <openssl/asn1.h> static int traverse_string(const unsigned char *p, int len, int inform, @@ -72,13 +22,12 @@ static int cpy_asc(unsigned long value, void *arg); static int cpy_bmp(unsigned long value, void *arg); static int cpy_univ(unsigned long value, void *arg); static int cpy_utf8(unsigned long value, void *arg); -static int is_printable(unsigned long value); /* * These functions take a string in UTF8, ASCII or multibyte form and a mask * of permissible ASN1 string types. It then works out the minimal type - * (using the order Printable < IA5 < T61 < BMP < Universal < UTF8) and - * creates a string of the correct type with the supplied data. Yes this is + * (using the order Numeric < Printable < IA5 < T61 < BMP < Universal < UTF8) + * and creates a string of the correct type with the supplied data. Yes this is * horrible: it has to be :-( The 'ncopy' form checks minimum and maximum * size limits too. */ @@ -169,7 +118,9 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, /* Now work out output format and string type */ outform = MBSTRING_ASC; - if (mask & B_ASN1_PRINTABLESTRING) + if (mask & B_ASN1_NUMERICSTRING) + str_type = V_ASN1_NUMERICSTRING; + else if (mask & B_ASN1_PRINTABLESTRING) str_type = V_ASN1_PRINTABLESTRING; else if (mask & B_ASN1_IA5STRING) str_type = V_ASN1_IA5STRING; @@ -190,16 +141,14 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, if (*out) { free_out = 0; dest = *out; - if (dest->data) { - dest->length = 0; - OPENSSL_free(dest->data); - dest->data = NULL; - } + OPENSSL_free(dest->data); + dest->data = NULL; + dest->length = 0; dest->type = str_type; } else { free_out = 1; dest = ASN1_STRING_type_new(str_type); - if (!dest) { + if (dest == NULL) { ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ERR_R_MALLOC_FAILURE); return -1; } @@ -237,7 +186,7 @@ int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, cpyfunc = cpy_utf8; break; } - if (!(p = OPENSSL_malloc(outlen + 1))) { + if ((p = OPENSSL_malloc(outlen + 1)) == NULL) { if (free_out) ASN1_STRING_free(dest); ASN1err(ASN1_F_ASN1_MBSTRING_NCOPY, ERR_R_MALLOC_FAILURE); @@ -320,11 +269,15 @@ static int out_utf8(unsigned long value, void *arg) static int type_str(unsigned long value, void *arg) { - unsigned long types; - types = *((unsigned long *)arg); - if ((types & B_ASN1_PRINTABLESTRING) && !is_printable(value)) + unsigned long types = *((unsigned long *)arg); + const int native = value > INT_MAX ? INT_MAX : ossl_fromascii(value); + + if ((types & B_ASN1_NUMERICSTRING) && !(ossl_isdigit(native) + || native == ' ')) + types &= ~B_ASN1_NUMERICSTRING; + if ((types & B_ASN1_PRINTABLESTRING) && !ossl_isasn1print(native)) types &= ~B_ASN1_PRINTABLESTRING; - if ((types & B_ASN1_IA5STRING) && (value > 127)) + if ((types & B_ASN1_IA5STRING) && !ossl_isascii(native)) types &= ~B_ASN1_IA5STRING; if ((types & B_ASN1_T61STRING) && (value > 0xff)) types &= ~B_ASN1_T61STRING; @@ -388,36 +341,3 @@ static int cpy_utf8(unsigned long value, void *arg) *p += ret; return 1; } - -/* Return 1 if the character is permitted in a PrintableString */ -static int is_printable(unsigned long value) -{ - int ch; - if (value > 0x7f) - return 0; - ch = (int)value; - /* - * Note: we can't use 'isalnum' because certain accented characters may - * count as alphanumeric in some environments. - */ -#ifndef CHARSET_EBCDIC - if ((ch >= 'a') && (ch <= 'z')) - return 1; - if ((ch >= 'A') && (ch <= 'Z')) - return 1; - if ((ch >= '0') && (ch <= '9')) - return 1; - if ((ch == ' ') || strchr("'()+,-./:=?", ch)) - return 1; -#else /* CHARSET_EBCDIC */ - if ((ch >= os_toascii['a']) && (ch <= os_toascii['z'])) - return 1; - if ((ch >= os_toascii['A']) && (ch <= os_toascii['Z'])) - return 1; - if ((ch >= os_toascii['0']) && (ch <= os_toascii['9'])) - return 1; - if ((ch == os_toascii[' ']) || strchr("'()+,-./:=?", os_toebcdic[ch])) - return 1; -#endif /* CHARSET_EBCDIC */ - return 0; -} diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c index ad6b12a53667..5e1424a806fb 100644 --- a/crypto/asn1/a_object.c +++ b/crypto/asn1/a_object.c @@ -1,88 +1,53 @@ -/* crypto/asn1/a_object.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> #include <limits.h> -#include "cryptlib.h" +#include "internal/ctype.h" +#include "internal/cryptlib.h" #include <openssl/buffer.h> #include <openssl/asn1.h> #include <openssl/objects.h> #include <openssl/bn.h> +#include "internal/asn1_int.h" +#include "asn1_locl.h" -int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp) +int i2d_ASN1_OBJECT(const ASN1_OBJECT *a, unsigned char **pp) { - unsigned char *p; + unsigned char *p, *allocated = NULL; int objsize; if ((a == NULL) || (a->data == NULL)) - return (0); + return 0; objsize = ASN1_object_size(0, a->length, V_ASN1_OBJECT); if (pp == NULL || objsize == -1) return objsize; - p = *pp; + if (*pp == NULL) { + if ((p = allocated = OPENSSL_malloc(objsize)) == NULL) { + ASN1err(ASN1_F_I2D_ASN1_OBJECT, ERR_R_MALLOC_FAILURE); + return 0; + } + } else { + p = *pp; + } + ASN1_put_object(&p, 0, a->length, V_ASN1_OBJECT, V_ASN1_UNIVERSAL); memcpy(p, a->data, a->length); - p += a->length; - *pp = p; - return (objsize); + /* + * If a new buffer was allocated, just return it back. + * If not, return the incremented buffer pointer. + */ + *pp = allocated != NULL ? allocated : p + a->length; + return objsize; } int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) @@ -95,7 +60,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) BIGNUM *bl = NULL; if (num == 0) - return (0); + return 0; else if (num == -1) num = strlen(buf); @@ -131,15 +96,15 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) c = *(p++); if ((c == ' ') || (c == '.')) break; - if ((c < '0') || (c > '9')) { + if (!ossl_isdigit(c)) { ASN1err(ASN1_F_A2D_ASN1_OBJECT, ASN1_R_INVALID_DIGIT); goto err; } if (!use_bn && l >= ((ULONG_MAX - 80) / 10L)) { use_bn = 1; - if (!bl) + if (bl == NULL) bl = BN_new(); - if (!bl || !BN_set_word(bl, l)) + if (bl == NULL || !BN_set_word(bl, l)) goto err; } if (use_bn) { @@ -171,7 +136,7 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) OPENSSL_free(tmp); tmpsize = blsize + 32; tmp = OPENSSL_malloc(tmpsize); - if (!tmp) + if (tmp == NULL) goto err; } while (blsize--) { @@ -203,42 +168,44 @@ int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num) } if (tmp != ftmp) OPENSSL_free(tmp); - if (bl) - BN_free(bl); - return (len); + BN_free(bl); + return len; err: if (tmp != ftmp) OPENSSL_free(tmp); - if (bl) - BN_free(bl); - return (0); + BN_free(bl); + return 0; } -int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a) +int i2t_ASN1_OBJECT(char *buf, int buf_len, const ASN1_OBJECT *a) { return OBJ_obj2txt(buf, buf_len, a, 0); } -int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a) +int i2a_ASN1_OBJECT(BIO *bp, const ASN1_OBJECT *a) { char buf[80], *p = buf; int i; if ((a == NULL) || (a->data == NULL)) - return (BIO_write(bp, "NULL", 4)); + return BIO_write(bp, "NULL", 4); i = i2t_ASN1_OBJECT(buf, sizeof(buf), a); if (i > (int)(sizeof(buf) - 1)) { - p = OPENSSL_malloc(i + 1); - if (!p) + if ((p = OPENSSL_malloc(i + 1)) == NULL) { + ASN1err(ASN1_F_I2A_ASN1_OBJECT, ERR_R_MALLOC_FAILURE); return -1; + } i2t_ASN1_OBJECT(p, i + 1, a); } - if (i <= 0) - return BIO_write(bp, "<INVALID>", 9); + if (i <= 0) { + i = BIO_write(bp, "<INVALID>", 9); + i += BIO_dump(bp, (const char *)a->data, a->length); + return i; + } BIO_write(bp, p, i); if (p != buf) OPENSSL_free(p); - return (i); + return i; } ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, @@ -266,13 +233,13 @@ ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, return ret; err: ASN1err(ASN1_F_D2I_ASN1_OBJECT, i); - return (NULL); + return NULL; } ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, long len) { - ASN1_OBJECT *ret = NULL; + ASN1_OBJECT *ret = NULL, tobj; const unsigned char *p; unsigned char *data; int i, length; @@ -289,6 +256,29 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, } /* Now 0 < len <= INT_MAX, so the cast is safe. */ length = (int)len; + /* + * Try to lookup OID in table: these are all valid encodings so if we get + * a match we know the OID is valid. + */ + tobj.nid = NID_undef; + tobj.data = p; + tobj.length = length; + tobj.flags = 0; + i = OBJ_obj2nid(&tobj); + if (i != NID_undef) { + /* + * Return shared registered OID object: this improves efficiency + * because we don't have to return a dynamically allocated OID + * and NID lookups can use the cached value. + */ + ret = OBJ_nid2obj(i); + if (a) { + ASN1_OBJECT_free(*a); + *a = ret; + } + *pp += len; + return ret; + } for (i = 0; i < length; i++, p++) { if (*p == 0x80 && (!i || !(p[-1] & 0x80))) { ASN1err(ASN1_F_C2I_ASN1_OBJECT, ASN1_R_INVALID_OBJECT_ENCODING); @@ -303,7 +293,7 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, if ((a == NULL) || ((*a) == NULL) || !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC)) { if ((ret = ASN1_OBJECT_new()) == NULL) - return (NULL); + return NULL; } else ret = (*a); @@ -314,9 +304,8 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, /* once detached we can change it */ if ((data == NULL) || (ret->length < length)) { ret->length = 0; - if (data != NULL) - OPENSSL_free(data); - data = (unsigned char *)OPENSSL_malloc(length); + OPENSSL_free(data); + data = OPENSSL_malloc(length); if (data == NULL) { i = ERR_R_MALLOC_FAILURE; goto err; @@ -335,30 +324,25 @@ ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, if (a != NULL) (*a) = ret; *pp = p; - return (ret); + return ret; err: ASN1err(ASN1_F_C2I_ASN1_OBJECT, i); - if ((ret != NULL) && ((a == NULL) || (*a != ret))) + if ((a == NULL) || (*a != ret)) ASN1_OBJECT_free(ret); - return (NULL); + return NULL; } ASN1_OBJECT *ASN1_OBJECT_new(void) { ASN1_OBJECT *ret; - ret = (ASN1_OBJECT *)OPENSSL_malloc(sizeof(ASN1_OBJECT)); + ret = OPENSSL_zalloc(sizeof(*ret)); if (ret == NULL) { ASN1err(ASN1_F_ASN1_OBJECT_NEW, ERR_R_MALLOC_FAILURE); - return (NULL); + return NULL; } - ret->length = 0; - ret->data = NULL; - ret->nid = 0; - ret->sn = NULL; - ret->ln = NULL; ret->flags = ASN1_OBJECT_FLAG_DYNAMIC; - return (ret); + return ret; } void ASN1_OBJECT_free(ASN1_OBJECT *a) @@ -369,16 +353,13 @@ void ASN1_OBJECT_free(ASN1_OBJECT *a) #ifndef CONST_STRICT /* disable purely for compile-time strict * const checking. Doing this on a "real" * compile will cause memory leaks */ - if (a->sn != NULL) - OPENSSL_free((void *)a->sn); - if (a->ln != NULL) - OPENSSL_free((void *)a->ln); + OPENSSL_free((void*)a->sn); + OPENSSL_free((void*)a->ln); #endif a->sn = a->ln = NULL; } if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA) { - if (a->data != NULL) - OPENSSL_free((void *)a->data); + OPENSSL_free((void*)a->data); a->data = NULL; a->length = 0; } @@ -398,9 +379,5 @@ ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len, o.length = len; o.flags = ASN1_OBJECT_FLAG_DYNAMIC | ASN1_OBJECT_FLAG_DYNAMIC_STRINGS | ASN1_OBJECT_FLAG_DYNAMIC_DATA; - return (OBJ_dup(&o)); + return OBJ_dup(&o); } - -IMPLEMENT_STACK_OF(ASN1_OBJECT) - -IMPLEMENT_ASN1_SET_OF(ASN1_OBJECT) diff --git a/crypto/asn1/a_octet.c b/crypto/asn1/a_octet.c index 1a6e9ca9cce3..2e1205caea00 100644 --- a/crypto/asn1/a_octet.c +++ b/crypto/asn1/a_octet.c @@ -1,78 +1,29 @@ -/* crypto/asn1/a_octet.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/asn1.h> ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *x) { - return M_ASN1_OCTET_STRING_dup(x); + return ASN1_STRING_dup(x); } int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a, const ASN1_OCTET_STRING *b) { - return M_ASN1_OCTET_STRING_cmp(a, b); + return ASN1_STRING_cmp(a, b); } int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *x, const unsigned char *d, int len) { - return M_ASN1_OCTET_STRING_set(x, d, len); + return ASN1_STRING_set(x, d, len); } diff --git a/crypto/asn1/a_print.c b/crypto/asn1/a_print.c index d83e4ad82c5d..8a373d9da9f6 100644 --- a/crypto/asn1/a_print.c +++ b/crypto/asn1/a_print.c @@ -1,63 +1,15 @@ -/* crypto/asn1/a_print.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "cryptlib.h" +#include "internal/ctype.h" +#include "internal/cryptlib.h" #include <openssl/asn1.h> int ASN1_PRINTABLE_type(const unsigned char *s, int len) @@ -69,35 +21,20 @@ int ASN1_PRINTABLE_type(const unsigned char *s, int len) if (len <= 0) len = -1; if (s == NULL) - return (V_ASN1_PRINTABLESTRING); + return V_ASN1_PRINTABLESTRING; while ((*s) && (len-- != 0)) { c = *(s++); -#ifndef CHARSET_EBCDIC - if (!(((c >= 'a') && (c <= 'z')) || - ((c >= 'A') && (c <= 'Z')) || - (c == ' ') || - ((c >= '0') && (c <= '9')) || - (c == ' ') || (c == '\'') || - (c == '(') || (c == ')') || - (c == '+') || (c == ',') || - (c == '-') || (c == '.') || - (c == '/') || (c == ':') || (c == '=') || (c == '?'))) - ia5 = 1; - if (c & 0x80) - t61 = 1; -#else - if (!isalnum(c) && (c != ' ') && strchr("'()+,-./:=?", c) == NULL) + if (!ossl_isasn1print(c)) ia5 = 1; - if (os_toascii[c] & 0x80) + if (!ossl_isascii(c)) t61 = 1; -#endif } if (t61) - return (V_ASN1_T61STRING); + return V_ASN1_T61STRING; if (ia5) - return (V_ASN1_IA5STRING); - return (V_ASN1_PRINTABLESTRING); + return V_ASN1_IA5STRING; + return V_ASN1_PRINTABLESTRING; } int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s) @@ -106,9 +43,9 @@ int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s) unsigned char *p; if (s->type != V_ASN1_UNIVERSALSTRING) - return (0); + return 0; if ((s->length % 4) != 0) - return (0); + return 0; p = s->data; for (i = 0; i < s->length; i += 4) { if ((p[0] != '\0') || (p[1] != '\0') || (p[2] != '\0')) @@ -117,7 +54,7 @@ int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s) p += 4; } if (i < s->length) - return (0); + return 0; p = s->data; for (i = 3; i < s->length; i += 4) { *(p++) = s->data[i]; @@ -125,5 +62,34 @@ int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s) *(p) = '\0'; s->length /= 4; s->type = ASN1_PRINTABLE_type(s->data, s->length); - return (1); + return 1; +} + +int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v) +{ + int i, n; + char buf[80]; + const char *p; + + if (v == NULL) + return 0; + n = 0; + p = (const char *)v->data; + for (i = 0; i < v->length; i++) { + if ((p[i] > '~') || ((p[i] < ' ') && + (p[i] != '\n') && (p[i] != '\r'))) + buf[n] = '.'; + else + buf[n] = p[i]; + n++; + if (n >= 80) { + if (BIO_write(bp, buf, n) <= 0) + return 0; + n = 0; + } + } + if (n > 0) + if (BIO_write(bp, buf, n) <= 0) + return 0; + return 1; } diff --git a/crypto/asn1/a_set.c b/crypto/asn1/a_set.c deleted file mode 100644 index 5fb58655757d..000000000000 --- a/crypto/asn1/a_set.c +++ /dev/null @@ -1,243 +0,0 @@ -/* crypto/asn1/a_set.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include <limits.h> -#include "cryptlib.h" -#include <openssl/asn1_mac.h> - -#ifndef NO_ASN1_OLD - -typedef struct { - unsigned char *pbData; - int cbData; -} MYBLOB; - -/* - * SetBlobCmp This function compares two elements of SET_OF block - */ -static int SetBlobCmp(const void *elem1, const void *elem2) -{ - const MYBLOB *b1 = (const MYBLOB *)elem1; - const MYBLOB *b2 = (const MYBLOB *)elem2; - int r; - - r = memcmp(b1->pbData, b2->pbData, - b1->cbData < b2->cbData ? b1->cbData : b2->cbData); - if (r != 0) - return r; - return b1->cbData - b2->cbData; -} - -/* - * int is_set: if TRUE, then sort the contents (i.e. it isn't a SEQUENCE) - */ -int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp, - i2d_of_void *i2d, int ex_tag, int ex_class, int is_set) -{ - int ret = 0, r; - int i; - unsigned char *p; - unsigned char *pStart, *pTempMem; - MYBLOB *rgSetBlob; - int totSize; - - if (a == NULL) - return (0); - for (i = sk_OPENSSL_BLOCK_num(a) - 1; i >= 0; i--) { - int tmplen = i2d(sk_OPENSSL_BLOCK_value(a, i), NULL); - if (tmplen > INT_MAX - ret) - return -1; - ret += i2d(sk_OPENSSL_BLOCK_value(a, i), NULL); - } - r = ASN1_object_size(1, ret, ex_tag); - if (pp == NULL || r == -1) - return (r); - - p = *pp; - ASN1_put_object(&p, 1, ret, ex_tag, ex_class); - -/* Modified by gp@nsj.co.jp */ - /* And then again by Ben */ - /* And again by Steve */ - - if (!is_set || (sk_OPENSSL_BLOCK_num(a) < 2)) { - for (i = 0; i < sk_OPENSSL_BLOCK_num(a); i++) - i2d(sk_OPENSSL_BLOCK_value(a, i), &p); - - *pp = p; - return (r); - } - - pStart = p; /* Catch the beg of Setblobs */ - /* In this array we will store the SET blobs */ - rgSetBlob = OPENSSL_malloc(sk_OPENSSL_BLOCK_num(a) * sizeof(MYBLOB)); - if (rgSetBlob == NULL) { - ASN1err(ASN1_F_I2D_ASN1_SET, ERR_R_MALLOC_FAILURE); - return (0); - } - - for (i = 0; i < sk_OPENSSL_BLOCK_num(a); i++) { - rgSetBlob[i].pbData = p; /* catch each set encode blob */ - i2d(sk_OPENSSL_BLOCK_value(a, i), &p); - rgSetBlob[i].cbData = p - rgSetBlob[i].pbData; /* Length of this - * SetBlob */ - } - *pp = p; - totSize = p - pStart; /* This is the total size of all set blobs */ - - /* - * Now we have to sort the blobs. I am using a simple algo. *Sort ptrs - * *Copy to temp-mem *Copy from temp-mem to user-mem - */ - qsort(rgSetBlob, sk_OPENSSL_BLOCK_num(a), sizeof(MYBLOB), SetBlobCmp); - if (!(pTempMem = OPENSSL_malloc(totSize))) { - ASN1err(ASN1_F_I2D_ASN1_SET, ERR_R_MALLOC_FAILURE); - return (0); - } - -/* Copy to temp mem */ - p = pTempMem; - for (i = 0; i < sk_OPENSSL_BLOCK_num(a); ++i) { - memcpy(p, rgSetBlob[i].pbData, rgSetBlob[i].cbData); - p += rgSetBlob[i].cbData; - } - -/* Copy back to user mem*/ - memcpy(pStart, pTempMem, totSize); - OPENSSL_free(pTempMem); - OPENSSL_free(rgSetBlob); - - return (r); -} - -STACK_OF(OPENSSL_BLOCK) *d2i_ASN1_SET(STACK_OF(OPENSSL_BLOCK) **a, - const unsigned char **pp, - long length, d2i_of_void *d2i, - void (*free_func) (OPENSSL_BLOCK), - int ex_tag, int ex_class) -{ - ASN1_const_CTX c; - STACK_OF(OPENSSL_BLOCK) *ret = NULL; - - if ((a == NULL) || ((*a) == NULL)) { - if ((ret = sk_OPENSSL_BLOCK_new_null()) == NULL) { - ASN1err(ASN1_F_D2I_ASN1_SET, ERR_R_MALLOC_FAILURE); - goto err; - } - } else - ret = (*a); - - c.p = *pp; - c.max = (length == 0) ? 0 : (c.p + length); - - c.inf = ASN1_get_object(&c.p, &c.slen, &c.tag, &c.xclass, c.max - c.p); - if (c.inf & 0x80) - goto err; - if (ex_class != c.xclass) { - ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_BAD_CLASS); - goto err; - } - if (ex_tag != c.tag) { - ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_BAD_TAG); - goto err; - } - if ((c.slen + c.p) > c.max) { - ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_LENGTH_ERROR); - goto err; - } - /* - * check for infinite constructed - it can be as long as the amount of - * data passed to us - */ - if (c.inf == (V_ASN1_CONSTRUCTED + 1)) - c.slen = length + *pp - c.p; - c.max = c.p + c.slen; - - while (c.p < c.max) { - char *s; - - if (M_ASN1_D2I_end_sequence()) - break; - /* - * XXX: This was called with 4 arguments, incorrectly, it seems if - * ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL) - */ - if ((s = d2i(NULL, &c.p, c.slen)) == NULL) { - ASN1err(ASN1_F_D2I_ASN1_SET, ASN1_R_ERROR_PARSING_SET_ELEMENT); - asn1_add_error(*pp, (int)(c.p - *pp)); - goto err; - } - if (!sk_OPENSSL_BLOCK_push(ret, s)) - goto err; - } - if (a != NULL) - (*a) = ret; - *pp = c.p; - return (ret); - err: - if ((ret != NULL) && ((a == NULL) || (*a != ret))) { - if (free_func != NULL) - sk_OPENSSL_BLOCK_pop_free(ret, free_func); - else - sk_OPENSSL_BLOCK_free(ret); - } - return (NULL); -} - -#endif diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c index 51c6a0c34daf..130e23eaaa1e 100644 --- a/crypto/asn1/a_sign.c +++ b/crypto/asn1/a_sign.c @@ -1,129 +1,25 @@ -/* crypto/asn1/a_sign.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ -/* ==================================================================== - * Copyright (c) 1998-2003 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> #include <time.h> +#include <sys/types.h> -#include "cryptlib.h" - -#ifndef NO_SYS_TYPES_H -# include <sys/types.h> -#endif +#include "internal/cryptlib.h" #include <openssl/bn.h> #include <openssl/evp.h> #include <openssl/x509.h> #include <openssl/objects.h> #include <openssl/buffer.h> -#include "asn1_locl.h" +#include "internal/asn1_int.h" +#include "internal/evp_int.h" #ifndef NO_ASN1_OLD @@ -131,12 +27,15 @@ int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2, ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey, const EVP_MD *type) { - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx = EVP_MD_CTX_new(); unsigned char *p, *buf_in = NULL, *buf_out = NULL; int i, inl = 0, outl = 0, outll = 0; X509_ALGOR *a; - EVP_MD_CTX_init(&ctx); + if (ctx == NULL) { + ASN1err(ASN1_F_ASN1_SIGN, ERR_R_MALLOC_FAILURE); + goto err; + } for (i = 0; i < 2; i++) { if (i == 0) a = algor1; @@ -171,9 +70,9 @@ int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2, } } inl = i2d(data, NULL); - buf_in = (unsigned char *)OPENSSL_malloc((unsigned int)inl); + buf_in = OPENSSL_malloc((unsigned int)inl); outll = outl = EVP_PKEY_size(pkey); - buf_out = (unsigned char *)OPENSSL_malloc((unsigned int)outl); + buf_out = OPENSSL_malloc((unsigned int)outl); if ((buf_in == NULL) || (buf_out == NULL)) { outl = 0; ASN1err(ASN1_F_ASN1_SIGN, ERR_R_MALLOC_FAILURE); @@ -182,16 +81,15 @@ int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2, p = buf_in; i2d(data, &p); - if (!EVP_SignInit_ex(&ctx, type, NULL) - || !EVP_SignUpdate(&ctx, (unsigned char *)buf_in, inl) - || !EVP_SignFinal(&ctx, (unsigned char *)buf_out, + if (!EVP_SignInit_ex(ctx, type, NULL) + || !EVP_SignUpdate(ctx, (unsigned char *)buf_in, inl) + || !EVP_SignFinal(ctx, (unsigned char *)buf_out, (unsigned int *)&outl, pkey)) { outl = 0; ASN1err(ASN1_F_ASN1_SIGN, ERR_R_EVP_LIB); goto err; } - if (signature->data != NULL) - OPENSSL_free(signature->data); + OPENSSL_free(signature->data); signature->data = buf_out; buf_out = NULL; signature->length = outl; @@ -202,16 +100,10 @@ int ASN1_sign(i2d_of_void *i2d, X509_ALGOR *algor1, X509_ALGOR *algor2, signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); signature->flags |= ASN1_STRING_FLAG_BITS_LEFT; err: - EVP_MD_CTX_cleanup(&ctx); - if (buf_in != NULL) { - OPENSSL_cleanse((char *)buf_in, (unsigned int)inl); - OPENSSL_free(buf_in); - } - if (buf_out != NULL) { - OPENSSL_cleanse((char *)buf_out, outll); - OPENSSL_free(buf_out); - } - return (outl); + EVP_MD_CTX_free(ctx); + OPENSSL_clear_free((char *)buf_in, (unsigned int)inl); + OPENSSL_clear_free((char *)buf_out, outll); + return outl; } #endif @@ -220,13 +112,22 @@ int ASN1_item_sign(const ASN1_ITEM *it, X509_ALGOR *algor1, X509_ALGOR *algor2, ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey, const EVP_MD *type) { - EVP_MD_CTX ctx; - EVP_MD_CTX_init(&ctx); - if (!EVP_DigestSignInit(&ctx, NULL, type, NULL, pkey)) { - EVP_MD_CTX_cleanup(&ctx); + int rv; + EVP_MD_CTX *ctx = EVP_MD_CTX_new(); + + if (ctx == NULL) { + ASN1err(ASN1_F_ASN1_ITEM_SIGN, ERR_R_MALLOC_FAILURE); return 0; } - return ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, &ctx); + if (!EVP_DigestSignInit(ctx, NULL, type, NULL, pkey)) { + EVP_MD_CTX_free(ctx); + return 0; + } + + rv = ASN1_item_sign_ctx(it, algor1, algor2, signature, asn, ctx); + + EVP_MD_CTX_free(ctx); + return rv; } int ASN1_item_sign_ctx(const ASN1_ITEM *it, @@ -241,11 +142,16 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, int rv; type = EVP_MD_CTX_md(ctx); - pkey = EVP_PKEY_CTX_get0_pkey(ctx->pctx); + pkey = EVP_PKEY_CTX_get0_pkey(EVP_MD_CTX_pkey_ctx(ctx)); - if (!type || !pkey) { + if (pkey == NULL) { ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED); - return 0; + goto err; + } + + if (pkey->ameth == NULL) { + ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); + goto err; } if (pkey->ameth->item_sign) { @@ -263,21 +169,22 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_EVP_LIB); if (rv <= 1) goto err; - } else + } else { rv = 2; + } if (rv == 2) { - if (type->flags & EVP_MD_FLAG_PKEY_METHOD_SIGNATURE) { - if (!pkey->ameth || - !OBJ_find_sigid_by_algs(&signid, - EVP_MD_nid(type), - pkey->ameth->pkey_id)) { - ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, - ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); - return 0; - } - } else - signid = type->pkey_type; + if (type == NULL) { + ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ASN1_R_CONTEXT_NOT_INITIALISED); + goto err; + } + if (!OBJ_find_sigid_by_algs(&signid, + EVP_MD_nid(type), + pkey->ameth->pkey_id)) { + ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, + ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED); + goto err; + } if (pkey->ameth->pkey_flags & ASN1_PKEY_SIGPARAM_NULL) paramtype = V_ASN1_NULL; @@ -300,14 +207,12 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, goto err; } - if (!EVP_DigestSignUpdate(ctx, buf_in, inl) - || !EVP_DigestSignFinal(ctx, buf_out, &outl)) { + if (!EVP_DigestSign(ctx, buf_out, &outl, buf_in, inl)) { outl = 0; ASN1err(ASN1_F_ASN1_ITEM_SIGN_CTX, ERR_R_EVP_LIB); goto err; } - if (signature->data != NULL) - OPENSSL_free(signature->data); + OPENSSL_free(signature->data); signature->data = buf_out; buf_out = NULL; signature->length = outl; @@ -318,14 +223,7 @@ int ASN1_item_sign_ctx(const ASN1_ITEM *it, signature->flags &= ~(ASN1_STRING_FLAG_BITS_LEFT | 0x07); signature->flags |= ASN1_STRING_FLAG_BITS_LEFT; err: - EVP_MD_CTX_cleanup(ctx); - if (buf_in != NULL) { - OPENSSL_cleanse((char *)buf_in, (unsigned int)inl); - OPENSSL_free(buf_in); - } - if (buf_out != NULL) { - OPENSSL_cleanse((char *)buf_out, outll); - OPENSSL_free(buf_out); - } - return (outl); + OPENSSL_clear_free((char *)buf_in, (unsigned int)inl); + OPENSSL_clear_free((char *)buf_out, outll); + return outl; } diff --git a/crypto/asn1/a_strex.c b/crypto/asn1/a_strex.c index 95f041620735..ea4dd1c5b189 100644 --- a/crypto/asn1/a_strex.c +++ b/crypto/asn1/a_strex.c @@ -1,65 +1,16 @@ -/* a_strex.c */ /* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project - * 2000. - */ -/* ==================================================================== - * Copyright (c) 2000 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). + * Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> #include <string.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" +#include "internal/asn1_int.h" #include <openssl/crypto.h> #include <openssl/x509.h> #include <openssl/asn1.h> @@ -75,6 +26,7 @@ #define CHARTYPE_BS_ESC (ASN1_STRFLGS_ESC_2253 | CHARTYPE_FIRST_ESC_2253 | CHARTYPE_LAST_ESC_2253) #define ESC_FLAGS (ASN1_STRFLGS_ESC_2253 | \ + ASN1_STRFLGS_ESC_2254 | \ ASN1_STRFLGS_ESC_QUOTE | \ ASN1_STRFLGS_ESC_CTRL | \ ASN1_STRFLGS_ESC_MSB) @@ -83,18 +35,6 @@ * Three IO functions for sending data to memory, a BIO and and a FILE * pointer. */ -#if 0 /* never used */ -static int send_mem_chars(void *arg, const void *buf, int len) -{ - unsigned char **out = arg; - if (!out) - return 1; - memcpy(*out, buf, len); - *out += len; - return 1; -} -#endif - static int send_bio_chars(void *arg, const void *buf, int len) { if (!arg) @@ -104,6 +44,7 @@ static int send_bio_chars(void *arg, const void *buf, int len) return 1; } +#ifndef OPENSSL_NO_STDIO static int send_fp_chars(void *arg, const void *buf, int len) { if (!arg) @@ -112,6 +53,7 @@ static int send_fp_chars(void *arg, const void *buf, int len) return 0; return 1; } +#endif typedef int char_io (void *arg, const void *buf, int len); @@ -121,10 +63,11 @@ typedef int char_io (void *arg, const void *buf, int len); * even 4 byte forms. */ -static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes, +static int do_esc_char(unsigned long c, unsigned short flags, char *do_quotes, char_io *io_ch, void *arg) { - unsigned char chflgs, chtmp; + unsigned short chflgs; + unsigned char chtmp; char tmphex[HEX_SIZE(long) + 3]; if (c > 0xffffffffL) @@ -161,7 +104,9 @@ static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes, return -1; return 2; } - if (chflgs & (ASN1_STRFLGS_ESC_CTRL | ASN1_STRFLGS_ESC_MSB)) { + if (chflgs & (ASN1_STRFLGS_ESC_CTRL + | ASN1_STRFLGS_ESC_MSB + | ASN1_STRFLGS_ESC_2254)) { BIO_snprintf(tmphex, 11, "\\%02X", chtmp); if (!io_ch(arg, tmphex, 3)) return -1; @@ -171,7 +116,7 @@ static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes, * If we get this far and do any escaping at all must escape the escape * character itself: backslash. */ - if (chtmp == '\\' && flags & ESC_FLAGS) { + if (chtmp == '\\' && (flags & ESC_FLAGS)) { if (!io_ch(arg, "\\\\", 2)) return -1; return 2; @@ -191,21 +136,43 @@ static int do_esc_char(unsigned long c, unsigned char flags, char *do_quotes, */ static int do_buf(unsigned char *buf, int buflen, - int type, unsigned char flags, char *quotes, char_io *io_ch, + int type, unsigned short flags, char *quotes, char_io *io_ch, void *arg) { - int i, outlen, len; - unsigned char orflags, *p, *q; + int i, outlen, len, charwidth; + unsigned short orflags; + unsigned char *p, *q; unsigned long c; + p = buf; q = buf + buflen; outlen = 0; + charwidth = type & BUF_TYPE_WIDTH_MASK; + + switch (charwidth) { + case 4: + if (buflen & 3) { + ASN1err(ASN1_F_DO_BUF, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH); + return -1; + } + break; + case 2: + if (buflen & 1) { + ASN1err(ASN1_F_DO_BUF, ASN1_R_INVALID_BMPSTRING_LENGTH); + return -1; + } + break; + default: + break; + } + while (p != q) { if (p == buf && flags & ASN1_STRFLGS_ESC_2253) orflags = CHARTYPE_FIRST_ESC_2253; else orflags = 0; - switch (type & BUF_TYPE_WIDTH_MASK) { + + switch (charwidth) { case 4: c = ((unsigned long)*p++) << 24; c |= ((unsigned long)*p++) << 16; @@ -226,6 +193,7 @@ static int do_buf(unsigned char *buf, int buflen, i = UTF8_getc(p, buflen, &c); if (i < 0) return -1; /* Invalid UTF8String */ + buflen -= i; p += i; break; default: @@ -244,17 +212,15 @@ static int do_buf(unsigned char *buf, int buflen, * otherwise each character will be > 0x7f and so the * character will never be escaped on first and last. */ - len = - do_esc_char(utfbuf[i], (unsigned char)(flags | orflags), - quotes, io_ch, arg); + len = do_esc_char(utfbuf[i], flags | orflags, quotes, + io_ch, arg); if (len < 0) return -1; outlen += len; } } else { - len = - do_esc_char(c, (unsigned char)(flags | orflags), quotes, - io_ch, arg); + len = do_esc_char(c, flags | orflags, quotes, + io_ch, arg); if (len < 0) return -1; outlen += len; @@ -292,7 +258,7 @@ static int do_hex_dump(char_io *io_ch, void *arg, unsigned char *buf, */ static int do_dump(unsigned long lflags, char_io *io_ch, void *arg, - ASN1_STRING *str) + const ASN1_STRING *str) { /* * Placing the ASN1_STRING in a temp ASN1_TYPE allows the DER encoding to @@ -314,9 +280,10 @@ static int do_dump(unsigned long lflags, char_io *io_ch, void *arg, t.type = str->type; t.value.ptr = (char *)str; der_len = i2d_ASN1_TYPE(&t, NULL); - der_buf = OPENSSL_malloc(der_len); - if (!der_buf) + if ((der_buf = OPENSSL_malloc(der_len)) == NULL) { + ASN1err(ASN1_F_DO_DUMP, ERR_R_MALLOC_FAILURE); return -1; + } p = der_buf; i2d_ASN1_TYPE(&t, &p); outlen = do_hex_dump(io_ch, arg, der_buf, der_len); @@ -335,12 +302,22 @@ static int do_dump(unsigned long lflags, char_io *io_ch, void *arg, static const signed char tag2nbyte[] = { -1, -1, -1, -1, -1, /* 0-4 */ -1, -1, -1, -1, -1, /* 5-9 */ - -1, -1, 0, -1, /* 10-13 */ - -1, -1, -1, -1, /* 15-17 */ - 1, 1, 1, /* 18-20 */ - -1, 1, 1, 1, /* 21-24 */ - -1, 1, -1, /* 25-27 */ - 4, -1, 2 /* 28-30 */ + -1, -1, /* 10-11 */ + 0, /* 12 V_ASN1_UTF8STRING */ + -1, -1, -1, -1, -1, /* 13-17 */ + 1, /* 18 V_ASN1_NUMERICSTRING */ + 1, /* 19 V_ASN1_PRINTABLESTRING */ + 1, /* 20 V_ASN1_T61STRING */ + -1, /* 21 */ + 1, /* 22 V_ASN1_IA5STRING */ + 1, /* 23 V_ASN1_UTCTIME */ + 1, /* 24 V_ASN1_GENERALIZEDTIME */ + -1, /* 25 */ + 1, /* 26 V_ASN1_ISO64STRING */ + -1, /* 27 */ + 4, /* 28 V_ASN1_UNIVERSALSTRING */ + -1, /* 29 */ + 2 /* 30 V_ASN1_BMPSTRING */ }; /* @@ -350,15 +327,15 @@ static const signed char tag2nbyte[] = { */ static int do_print_ex(char_io *io_ch, void *arg, unsigned long lflags, - ASN1_STRING *str) + const ASN1_STRING *str) { int outlen, len; int type; char quotes; - unsigned char flags; + unsigned short flags; quotes = 0; /* Keep a copy of escape flags */ - flags = (unsigned char)(lflags & ESC_FLAGS); + flags = (unsigned short)(lflags & ESC_FLAGS); type = str->type; @@ -442,14 +419,14 @@ static int do_indent(char_io *io_ch, void *arg, int indent) #define FN_WIDTH_LN 25 #define FN_WIDTH_SN 10 -static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n, +static int do_name_ex(char_io *io_ch, void *arg, const X509_NAME *n, int indent, unsigned long flags) { int i, prev = -1, orflags, cnt; int fn_opt, fn_nid; ASN1_OBJECT *fn; - ASN1_STRING *val; - X509_NAME_ENTRY *ent; + const ASN1_STRING *val; + const X509_NAME_ENTRY *ent; char objtmp[80]; const char *objbuf; int outlen, len; @@ -513,7 +490,7 @@ static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n, else ent = X509_NAME_get_entry(n, i); if (prev != -1) { - if (prev == ent->set) { + if (prev == X509_NAME_ENTRY_set(ent)) { if (!io_ch(arg, sep_mv, sep_mv_len)) return -1; outlen += sep_mv_len; @@ -526,7 +503,7 @@ static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n, outlen += indent; } } - prev = ent->set; + prev = X509_NAME_ENTRY_set(ent); fn = X509_NAME_ENTRY_get_object(ent); val = X509_NAME_ENTRY_get_data(ent); fn_nid = OBJ_obj2nid(fn); @@ -580,7 +557,7 @@ static int do_name_ex(char_io *io_ch, void *arg, X509_NAME *n, /* Wrappers round the main functions */ -int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, +int X509_NAME_print_ex(BIO *out, const X509_NAME *nm, int indent, unsigned long flags) { if (flags == XN_FLAG_COMPAT) @@ -588,8 +565,8 @@ int X509_NAME_print_ex(BIO *out, X509_NAME *nm, int indent, return do_name_ex(send_bio_chars, out, nm, indent, flags); } -#ifndef OPENSSL_NO_FP_API -int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, +#ifndef OPENSSL_NO_STDIO +int X509_NAME_print_ex_fp(FILE *fp, const X509_NAME *nm, int indent, unsigned long flags) { if (flags == XN_FLAG_COMPAT) { @@ -606,13 +583,13 @@ int X509_NAME_print_ex_fp(FILE *fp, X509_NAME *nm, int indent, } #endif -int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags) +int ASN1_STRING_print_ex(BIO *out, const ASN1_STRING *str, unsigned long flags) { return do_print_ex(send_bio_chars, out, flags, str); } -#ifndef OPENSSL_NO_FP_API -int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags) +#ifndef OPENSSL_NO_STDIO +int ASN1_STRING_print_ex_fp(FILE *fp, const ASN1_STRING *str, unsigned long flags) { return do_print_ex(send_fp_chars, fp, flags, str); } @@ -623,7 +600,7 @@ int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags) * in output string or a negative error code */ -int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in) +int ASN1_STRING_to_UTF8(unsigned char **out, const ASN1_STRING *in) { ASN1_STRING stmp, *str = &stmp; int mbflag, type, ret; diff --git a/crypto/asn1/a_strnid.c b/crypto/asn1/a_strnid.c index 99ffe7378735..f19a9de647b1 100644 --- a/crypto/asn1/a_strnid.c +++ b/crypto/asn1/a_strnid.c @@ -1,65 +1,14 @@ -/* a_strnid.c */ /* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project - * 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). + * Copyright 1999-2018 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include <ctype.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/asn1.h> #include <openssl/objects.h> @@ -100,19 +49,20 @@ int ASN1_STRING_set_default_mask_asc(const char *p) { unsigned long mask; char *end; - if (!strncmp(p, "MASK:", 5)) { + + if (strncmp(p, "MASK:", 5) == 0) { if (!p[5]) return 0; mask = strtoul(p + 5, &end, 0); if (*end) return 0; - } else if (!strcmp(p, "nombstr")) + } else if (strcmp(p, "nombstr") == 0) mask = ~((unsigned long)(B_ASN1_BMPSTRING | B_ASN1_UTF8STRING)); - else if (!strcmp(p, "pkix")) + else if (strcmp(p, "pkix") == 0) mask = ~((unsigned long)B_ASN1_T61STRING); - else if (!strcmp(p, "utf8only")) + else if (strcmp(p, "utf8only") == 0) mask = B_ASN1_UTF8STRING; - else if (!strcmp(p, "default")) + else if (strcmp(p, "default") == 0) mask = 0xFFFFFFFFL; else return 0; @@ -134,19 +84,20 @@ ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, ASN1_STRING *str = NULL; unsigned long mask; int ret; - if (!out) + + if (out == NULL) out = &str; tbl = ASN1_STRING_TABLE_get(nid); - if (tbl) { + if (tbl != NULL) { mask = tbl->mask; if (!(tbl->flags & STABLE_NO_MASK)) mask &= global_mask; ret = ASN1_mbstring_ncopy(out, in, inlen, inform, mask, tbl->minsize, tbl->maxsize); - } else - ret = - ASN1_mbstring_copy(out, in, inlen, inform, - DIRSTRING_TYPE & global_mask); + } else { + ret = ASN1_mbstring_copy(out, in, inlen, inform, + DIRSTRING_TYPE & global_mask); + } if (ret <= 0) return NULL; return *out; @@ -156,45 +107,7 @@ ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, * Now the tables and helper functions for the string table: */ -/* size limits: this stuff is taken straight from RFC3280 */ - -#define ub_name 32768 -#define ub_common_name 64 -#define ub_locality_name 128 -#define ub_state_name 128 -#define ub_organization_name 64 -#define ub_organization_unit_name 64 -#define ub_title 64 -#define ub_email_address 128 -#define ub_serial_number 64 - -/* This table must be kept in NID order */ - -static const ASN1_STRING_TABLE tbl_standard[] = { - {NID_commonName, 1, ub_common_name, DIRSTRING_TYPE, 0}, - {NID_countryName, 2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}, - {NID_localityName, 1, ub_locality_name, DIRSTRING_TYPE, 0}, - {NID_stateOrProvinceName, 1, ub_state_name, DIRSTRING_TYPE, 0}, - {NID_organizationName, 1, ub_organization_name, DIRSTRING_TYPE, 0}, - {NID_organizationalUnitName, 1, ub_organization_unit_name, DIRSTRING_TYPE, - 0}, - {NID_pkcs9_emailAddress, 1, ub_email_address, B_ASN1_IA5STRING, - STABLE_NO_MASK}, - {NID_pkcs9_unstructuredName, 1, -1, PKCS9STRING_TYPE, 0}, - {NID_pkcs9_challengePassword, 1, -1, PKCS9STRING_TYPE, 0}, - {NID_pkcs9_unstructuredAddress, 1, -1, DIRSTRING_TYPE, 0}, - {NID_givenName, 1, ub_name, DIRSTRING_TYPE, 0}, - {NID_surname, 1, ub_name, DIRSTRING_TYPE, 0}, - {NID_initials, 1, ub_name, DIRSTRING_TYPE, 0}, - {NID_serialNumber, 1, ub_serial_number, B_ASN1_PRINTABLESTRING, - STABLE_NO_MASK}, - {NID_friendlyName, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK}, - {NID_name, 1, ub_name, DIRSTRING_TYPE, 0}, - {NID_dnQualifier, -1, -1, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK}, - {NID_domainComponent, 1, -1, B_ASN1_IA5STRING, STABLE_NO_MASK}, - {NID_ms_csp_name, -1, -1, B_ASN1_BMPSTRING, STABLE_NO_MASK}, - {NID_jurisdictionCountryName, 2, 2, B_ASN1_PRINTABLESTRING, STABLE_NO_MASK} -}; +#include "tbl_standard.h" static int sk_table_cmp(const ASN1_STRING_TABLE *const *a, const ASN1_STRING_TABLE *const *b) @@ -214,20 +127,56 @@ IMPLEMENT_OBJ_BSEARCH_CMP_FN(ASN1_STRING_TABLE, ASN1_STRING_TABLE, table); ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid) { int idx; - ASN1_STRING_TABLE *ttmp; ASN1_STRING_TABLE fnd; + fnd.nid = nid; - ttmp = OBJ_bsearch_table(&fnd, tbl_standard, - sizeof(tbl_standard) / - sizeof(ASN1_STRING_TABLE)); - if (ttmp) - return ttmp; - if (!stable) + if (stable) { + idx = sk_ASN1_STRING_TABLE_find(stable, &fnd); + if (idx >= 0) + return sk_ASN1_STRING_TABLE_value(stable, idx); + } + return OBJ_bsearch_table(&fnd, tbl_standard, OSSL_NELEM(tbl_standard)); +} + +/* + * Return a string table pointer which can be modified: either directly from + * table or a copy of an internal value added to the table. + */ + +static ASN1_STRING_TABLE *stable_get(int nid) +{ + ASN1_STRING_TABLE *tmp, *rv; + + /* Always need a string table so allocate one if NULL */ + if (stable == NULL) { + stable = sk_ASN1_STRING_TABLE_new(sk_table_cmp); + if (stable == NULL) + return NULL; + } + tmp = ASN1_STRING_TABLE_get(nid); + if (tmp != NULL && tmp->flags & STABLE_FLAGS_MALLOC) + return tmp; + if ((rv = OPENSSL_zalloc(sizeof(*rv))) == NULL) { + ASN1err(ASN1_F_STABLE_GET, ERR_R_MALLOC_FAILURE); return NULL; - idx = sk_ASN1_STRING_TABLE_find(stable, &fnd); - if (idx < 0) + } + if (!sk_ASN1_STRING_TABLE_push(stable, rv)) { + OPENSSL_free(rv); return NULL; - return sk_ASN1_STRING_TABLE_value(stable, idx); + } + if (tmp != NULL) { + rv->nid = tmp->nid; + rv->minsize = tmp->minsize; + rv->maxsize = tmp->maxsize; + rv->mask = tmp->mask; + rv->flags = tmp->flags | STABLE_FLAGS_MALLOC; + } else { + rv->nid = nid; + rv->minsize = -1; + rv->maxsize = -1; + rv->flags = STABLE_FLAGS_MALLOC; + } + return rv; } int ASN1_STRING_TABLE_add(int nid, @@ -235,41 +184,29 @@ int ASN1_STRING_TABLE_add(int nid, unsigned long flags) { ASN1_STRING_TABLE *tmp; - char new_nid = 0; - flags &= ~STABLE_FLAGS_MALLOC; - if (!stable) - stable = sk_ASN1_STRING_TABLE_new(sk_table_cmp); - if (!stable) { + + tmp = stable_get(nid); + if (tmp == NULL) { ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD, ERR_R_MALLOC_FAILURE); return 0; } - if (!(tmp = ASN1_STRING_TABLE_get(nid))) { - tmp = OPENSSL_malloc(sizeof(ASN1_STRING_TABLE)); - if (!tmp) { - ASN1err(ASN1_F_ASN1_STRING_TABLE_ADD, ERR_R_MALLOC_FAILURE); - return 0; - } - tmp->flags = flags | STABLE_FLAGS_MALLOC; - tmp->nid = nid; - tmp->minsize = tmp->maxsize = -1; - new_nid = 1; - } else - tmp->flags = (tmp->flags & STABLE_FLAGS_MALLOC) | flags; - if (minsize != -1) + if (minsize >= 0) tmp->minsize = minsize; - if (maxsize != -1) + if (maxsize >= 0) tmp->maxsize = maxsize; - tmp->mask = mask; - if (new_nid) - sk_ASN1_STRING_TABLE_push(stable, tmp); + if (mask) + tmp->mask = mask; + if (flags) + tmp->flags = STABLE_FLAGS_MALLOC | flags; return 1; } void ASN1_STRING_TABLE_cleanup(void) { STACK_OF(ASN1_STRING_TABLE) *tmp; + tmp = stable; - if (!tmp) + if (tmp == NULL) return; stable = NULL; sk_ASN1_STRING_TABLE_pop_free(tmp, st_free); @@ -280,36 +217,3 @@ static void st_free(ASN1_STRING_TABLE *tbl) if (tbl->flags & STABLE_FLAGS_MALLOC) OPENSSL_free(tbl); } - - -IMPLEMENT_STACK_OF(ASN1_STRING_TABLE) - -#ifdef STRING_TABLE_TEST - -main() -{ - ASN1_STRING_TABLE *tmp; - int i, last_nid = -1; - - for (tmp = tbl_standard, i = 0; - i < sizeof(tbl_standard) / sizeof(ASN1_STRING_TABLE); i++, tmp++) { - if (tmp->nid < last_nid) { - last_nid = 0; - break; - } - last_nid = tmp->nid; - } - - if (last_nid != 0) { - printf("Table order OK\n"); - exit(0); - } - - for (tmp = tbl_standard, i = 0; - i < sizeof(tbl_standard) / sizeof(ASN1_STRING_TABLE); i++, tmp++) - printf("Index %d, NID %d, Name=%s\n", i, tmp->nid, - OBJ_nid2ln(tmp->nid)); - -} - -#endif diff --git a/crypto/asn1/a_time.c b/crypto/asn1/a_time.c index 28831d6b843c..1babb9636054 100644 --- a/crypto/asn1/a_time.c +++ b/crypto/asn1/a_time.c @@ -1,56 +1,10 @@ -/* crypto/asn1/a_time.c */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). +/* + * Copyright 1999-2017 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ /*- @@ -58,13 +12,12 @@ * Time ::= CHOICE { * utcTime UTCTime, * generalTime GeneralizedTime } - * written by Steve Henson. */ #include <stdio.h> #include <time.h> -#include "cryptlib.h" -#include "o_time.h" +#include "internal/ctype.h" +#include "internal/cryptlib.h" #include <openssl/asn1t.h> #include "asn1_locl.h" @@ -72,32 +25,290 @@ IMPLEMENT_ASN1_MSTRING(ASN1_TIME, B_ASN1_TIME) IMPLEMENT_ASN1_FUNCTIONS(ASN1_TIME) -#if 0 -int i2d_ASN1_TIME(ASN1_TIME *a, unsigned char **pp) +static int is_utc(const int year) { -# ifdef CHARSET_EBCDIC - /* KLUDGE! We convert to ascii before writing DER */ - char tmp[24]; - ASN1_STRING tmpstr; + if (50 <= year && year <= 149) + return 1; + return 0; +} + +static int leap_year(const int year) +{ + if (year % 400 == 0 || (year % 100 != 0 && year % 4 == 0)) + return 1; + return 0; +} - if (a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME) { - int len; +/* + * Compute the day of the week and the day of the year from the year, month + * and day. The day of the year is straightforward, the day of the week uses + * a form of Zeller's congruence. For this months start with March and are + * numbered 4 through 15. + */ +static void determine_days(struct tm *tm) +{ + static const int ydays[12] = { + 0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334 + }; + int y = tm->tm_year + 1900; + int m = tm->tm_mon; + int d = tm->tm_mday; + int c; - tmpstr = *(ASN1_STRING *)a; - len = tmpstr.length; - ebcdic2ascii(tmp, tmpstr.data, - (len >= sizeof(tmp)) ? sizeof(tmp) : len); - tmpstr.data = tmp; - a = (ASN1_GENERALIZEDTIME *)&tmpstr; + tm->tm_yday = ydays[m] + d - 1; + if (m >= 2) { + /* March and onwards can be one day further into the year */ + tm->tm_yday += leap_year(y); + m += 2; + } else { + /* Treat January and February as part of the previous year */ + m += 14; + y--; } -# endif - if (a->type == V_ASN1_UTCTIME || a->type == V_ASN1_GENERALIZEDTIME) - return (i2d_ASN1_bytes((ASN1_STRING *)a, pp, - a->type, V_ASN1_UNIVERSAL)); - ASN1err(ASN1_F_I2D_ASN1_TIME, ASN1_R_EXPECTING_A_TIME); - return -1; + c = y / 100; + y %= 100; + /* Zeller's congruance */ + tm->tm_wday = (d + (13 * m) / 5 + y + y / 4 + c / 4 + 5 * c + 6) % 7; } + +int asn1_time_to_tm(struct tm *tm, const ASN1_TIME *d) +{ + static const int min[9] = { 0, 0, 1, 1, 0, 0, 0, 0, 0 }; + static const int max[9] = { 99, 99, 12, 31, 23, 59, 59, 12, 59 }; + static const int mdays[12] = { 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 }; + char *a; + int n, i, i2, l, o, min_l = 11, strict = 0, end = 6, btz = 5, md; + struct tm tmp; + + /* + * ASN1_STRING_FLAG_X509_TIME is used to enforce RFC 5280 + * time string format, in which: + * + * 1. "seconds" is a 'MUST' + * 2. "Zulu" timezone is a 'MUST' + * 3. "+|-" is not allowed to indicate a time zone + */ + if (d->type == V_ASN1_UTCTIME) { + if (d->flags & ASN1_STRING_FLAG_X509_TIME) { + min_l = 13; + strict = 1; + } + } else if (d->type == V_ASN1_GENERALIZEDTIME) { + end = 7; + btz = 6; + if (d->flags & ASN1_STRING_FLAG_X509_TIME) { + min_l = 15; + strict = 1; + } else { + min_l = 13; + } + } else { + return 0; + } + + l = d->length; + a = (char *)d->data; + o = 0; + memset(&tmp, 0, sizeof(tmp)); + + /* + * GENERALIZEDTIME is similar to UTCTIME except the year is represented + * as YYYY. This stuff treats everything as a two digit field so make + * first two fields 00 to 99 + */ + + if (l < min_l) + goto err; + for (i = 0; i < end; i++) { + if (!strict && (i == btz) && ((a[o] == 'Z') || (a[o] == '+') || (a[o] == '-'))) { + i++; + break; + } + if (!ossl_isdigit(a[o])) + goto err; + n = a[o] - '0'; + /* incomplete 2-digital number */ + if (++o == l) + goto err; + + if (!ossl_isdigit(a[o])) + goto err; + n = (n * 10) + a[o] - '0'; + /* no more bytes to read, but we haven't seen time-zone yet */ + if (++o == l) + goto err; + + i2 = (d->type == V_ASN1_UTCTIME) ? i + 1 : i; + + if ((n < min[i2]) || (n > max[i2])) + goto err; + switch (i2) { + case 0: + /* UTC will never be here */ + tmp.tm_year = n * 100 - 1900; + break; + case 1: + if (d->type == V_ASN1_UTCTIME) + tmp.tm_year = n < 50 ? n + 100 : n; + else + tmp.tm_year += n; + break; + case 2: + tmp.tm_mon = n - 1; + break; + case 3: + /* check if tm_mday is valid in tm_mon */ + if (tmp.tm_mon == 1) { + /* it's February */ + md = mdays[1] + leap_year(tmp.tm_year + 1900); + } else { + md = mdays[tmp.tm_mon]; + } + if (n > md) + goto err; + tmp.tm_mday = n; + determine_days(&tmp); + break; + case 4: + tmp.tm_hour = n; + break; + case 5: + tmp.tm_min = n; + break; + case 6: + tmp.tm_sec = n; + break; + } + } + + /* + * Optional fractional seconds: decimal point followed by one or more + * digits. + */ + if (d->type == V_ASN1_GENERALIZEDTIME && a[o] == '.') { + if (strict) + /* RFC 5280 forbids fractional seconds */ + goto err; + if (++o == l) + goto err; + i = o; + while ((o < l) && ossl_isdigit(a[o])) + o++; + /* Must have at least one digit after decimal point */ + if (i == o) + goto err; + /* no more bytes to read, but we haven't seen time-zone yet */ + if (o == l) + goto err; + } + + /* + * 'o' will never point to '\0' at this point, the only chance + * 'o' can point to '\0' is either the subsequent if or the first + * else if is true. + */ + if (a[o] == 'Z') { + o++; + } else if (!strict && ((a[o] == '+') || (a[o] == '-'))) { + int offsign = a[o] == '-' ? 1 : -1; + int offset = 0; + + o++; + /* + * if not equal, no need to do subsequent checks + * since the following for-loop will add 'o' by 4 + * and the final return statement will check if 'l' + * and 'o' are equal. + */ + if (o + 4 != l) + goto err; + for (i = end; i < end + 2; i++) { + if (!ossl_isdigit(a[o])) + goto err; + n = a[o] - '0'; + o++; + if (!ossl_isdigit(a[o])) + goto err; + n = (n * 10) + a[o] - '0'; + i2 = (d->type == V_ASN1_UTCTIME) ? i + 1 : i; + if ((n < min[i2]) || (n > max[i2])) + goto err; + /* if tm is NULL, no need to adjust */ + if (tm != NULL) { + if (i == end) + offset = n * 3600; + else if (i == end + 1) + offset += n * 60; + } + o++; + } + if (offset && !OPENSSL_gmtime_adj(&tmp, 0, offset * offsign)) + goto err; + } else { + /* not Z, or not +/- in non-strict mode */ + goto err; + } + if (o == l) { + /* success, check if tm should be filled */ + if (tm != NULL) + *tm = tmp; + return 1; + } + err: + return 0; +} + +ASN1_TIME *asn1_time_from_tm(ASN1_TIME *s, struct tm *ts, int type) +{ + char* p; + ASN1_TIME *tmps = NULL; + const size_t len = 20; + + if (type == V_ASN1_UNDEF) { + if (is_utc(ts->tm_year)) + type = V_ASN1_UTCTIME; + else + type = V_ASN1_GENERALIZEDTIME; + } else if (type == V_ASN1_UTCTIME) { + if (!is_utc(ts->tm_year)) + goto err; + } else if (type != V_ASN1_GENERALIZEDTIME) { + goto err; + } + + if (s == NULL) + tmps = ASN1_STRING_new(); + else + tmps = s; + if (tmps == NULL) + return NULL; + + if (!ASN1_STRING_set(tmps, NULL, len)) + goto err; + + tmps->type = type; + p = (char*)tmps->data; + + if (type == V_ASN1_GENERALIZEDTIME) + tmps->length = BIO_snprintf(p, len, "%04d%02d%02d%02d%02d%02dZ", + ts->tm_year + 1900, ts->tm_mon + 1, + ts->tm_mday, ts->tm_hour, ts->tm_min, + ts->tm_sec); + else + tmps->length = BIO_snprintf(p, len, "%02d%02d%02d%02d%02d%02dZ", + ts->tm_year % 100, ts->tm_mon + 1, + ts->tm_mday, ts->tm_hour, ts->tm_min, + ts->tm_sec); + +#ifdef CHARSET_EBCDIC_not + ebcdic2ascii(tmps->data, tmps->data, tmps->length); #endif + return tmps; + err: + if (tmps != s) + ASN1_STRING_free(tmps); + return NULL; +} ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t) { @@ -119,12 +330,10 @@ ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec)) return NULL; } - if ((ts->tm_year >= 50) && (ts->tm_year < 150)) - return ASN1_UTCTIME_adj(s, t, offset_day, offset_sec); - return ASN1_GENERALIZEDTIME_adj(s, t, offset_day, offset_sec); + return asn1_time_from_tm(s, ts, V_ASN1_UNDEF); } -int ASN1_TIME_check(ASN1_TIME *t) +int ASN1_TIME_check(const ASN1_TIME *t) { if (t->type == V_ASN1_GENERALIZEDTIME) return ASN1_GENERALIZEDTIME_check(t); @@ -134,103 +343,211 @@ int ASN1_TIME_check(ASN1_TIME *t) } /* Convert an ASN1_TIME structure to GeneralizedTime */ -ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, +ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(const ASN1_TIME *t, ASN1_GENERALIZEDTIME **out) { ASN1_GENERALIZEDTIME *ret = NULL; - char *str; - int newlen; + struct tm tm; - if (!ASN1_TIME_check(t)) + if (!ASN1_TIME_to_tm(t, &tm)) return NULL; - if (!out || !*out) { - if (!(ret = ASN1_GENERALIZEDTIME_new())) - goto err; - } else { + if (out != NULL) ret = *out; - } - - /* If already GeneralizedTime just copy across */ - if (t->type == V_ASN1_GENERALIZEDTIME) { - if (!ASN1_STRING_set(ret, t->data, t->length)) - goto err; - goto done; - } - - /* grow the string */ - if (!ASN1_STRING_set(ret, NULL, t->length + 2)) - goto err; - /* ASN1_STRING_set() allocated 'len + 1' bytes. */ - newlen = t->length + 2 + 1; - str = (char *)ret->data; - /* Work out the century and prepend */ - if (t->data[0] >= '5') - BUF_strlcpy(str, "19", newlen); - else - BUF_strlcpy(str, "20", newlen); - BUF_strlcat(str, (char *)t->data, newlen); + ret = asn1_time_from_tm(ret, &tm, V_ASN1_GENERALIZEDTIME); - done: - if (out != NULL && *out == NULL) - *out = ret; - return ret; + if (out != NULL && ret != NULL) + *out = ret; - err: - if (out == NULL || *out != ret) - ASN1_GENERALIZEDTIME_free(ret); - return NULL; + return ret; } - int ASN1_TIME_set_string(ASN1_TIME *s, const char *str) { + /* Try UTC, if that fails, try GENERALIZED */ + if (ASN1_UTCTIME_set_string(s, str)) + return 1; + return ASN1_GENERALIZEDTIME_set_string(s, str); +} + +int ASN1_TIME_set_string_X509(ASN1_TIME *s, const char *str) +{ ASN1_TIME t; + struct tm tm; + int rv = 0; t.length = strlen(str); t.data = (unsigned char *)str; - t.flags = 0; + t.flags = ASN1_STRING_FLAG_X509_TIME; t.type = V_ASN1_UTCTIME; if (!ASN1_TIME_check(&t)) { t.type = V_ASN1_GENERALIZEDTIME; if (!ASN1_TIME_check(&t)) - return 0; + goto out; } - if (s && !ASN1_STRING_copy((ASN1_STRING *)s, (ASN1_STRING *)&t)) - return 0; + /* + * Per RFC 5280 (section 4.1.2.5.), the valid input time + * strings should be encoded with the following rules: + * + * 1. UTC: YYMMDDHHMMSSZ, if YY < 50 (20YY) --> UTC: YYMMDDHHMMSSZ + * 2. UTC: YYMMDDHHMMSSZ, if YY >= 50 (19YY) --> UTC: YYMMDDHHMMSSZ + * 3. G'd: YYYYMMDDHHMMSSZ, if YYYY >= 2050 --> G'd: YYYYMMDDHHMMSSZ + * 4. G'd: YYYYMMDDHHMMSSZ, if YYYY < 2050 --> UTC: YYMMDDHHMMSSZ + * + * Only strings of the 4th rule should be reformatted, but since a + * UTC can only present [1950, 2050), so if the given time string + * is less than 1950 (e.g. 19230419000000Z), we do nothing... + */ + + if (s != NULL && t.type == V_ASN1_GENERALIZEDTIME) { + if (!asn1_time_to_tm(&tm, &t)) + goto out; + if (is_utc(tm.tm_year)) { + t.length -= 2; + /* + * it's OK to let original t.data go since that's assigned + * to a piece of memory allocated outside of this function. + * new t.data would be freed after ASN1_STRING_copy is done. + */ + t.data = OPENSSL_zalloc(t.length + 1); + if (t.data == NULL) + goto out; + memcpy(t.data, str + 2, t.length); + t.type = V_ASN1_UTCTIME; + } + } + + if (s == NULL || ASN1_STRING_copy((ASN1_STRING *)s, (ASN1_STRING *)&t)) + rv = 1; - return 1; + if (t.data != (unsigned char *)str) + OPENSSL_free(t.data); +out: + return rv; } -static int asn1_time_to_tm(struct tm *tm, const ASN1_TIME *t) +int ASN1_TIME_to_tm(const ASN1_TIME *s, struct tm *tm) { - if (t == NULL) { + if (s == NULL) { time_t now_t; + time(&now_t); - if (OPENSSL_gmtime(&now_t, tm)) + memset(tm, 0, sizeof(*tm)); + if (OPENSSL_gmtime(&now_t, tm) != NULL) return 1; return 0; } - if (t->type == V_ASN1_UTCTIME) - return asn1_utctime_to_tm(tm, t); - else if (t->type == V_ASN1_GENERALIZEDTIME) - return asn1_generalizedtime_to_tm(tm, t); - - return 0; + return asn1_time_to_tm(tm, s); } int ASN1_TIME_diff(int *pday, int *psec, const ASN1_TIME *from, const ASN1_TIME *to) { struct tm tm_from, tm_to; - if (!asn1_time_to_tm(&tm_from, from)) + + if (!ASN1_TIME_to_tm(from, &tm_from)) return 0; - if (!asn1_time_to_tm(&tm_to, to)) + if (!ASN1_TIME_to_tm(to, &tm_to)) return 0; return OPENSSL_gmtime_diff(pday, psec, &tm_from, &tm_to); } + +static const char _asn1_mon[12][4] = { + "Jan", "Feb", "Mar", "Apr", "May", "Jun", + "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" +}; + +int ASN1_TIME_print(BIO *bp, const ASN1_TIME *tm) +{ + char *v; + int gmt = 0, l; + struct tm stm; + + if (!asn1_time_to_tm(&stm, tm)) { + /* asn1_time_to_tm will check the time type */ + goto err; + } + + l = tm->length; + v = (char *)tm->data; + if (v[l - 1] == 'Z') + gmt = 1; + + if (tm->type == V_ASN1_GENERALIZEDTIME) { + char *f = NULL; + int f_len = 0; + + /* + * Try to parse fractional seconds. '14' is the place of + * 'fraction point' in a GeneralizedTime string. + */ + if (tm->length > 15 && v[14] == '.') { + f = &v[14]; + f_len = 1; + while (14 + f_len < l && ossl_isdigit(f[f_len])) + ++f_len; + } + + return BIO_printf(bp, "%s %2d %02d:%02d:%02d%.*s %d%s", + _asn1_mon[stm.tm_mon], stm.tm_mday, stm.tm_hour, + stm.tm_min, stm.tm_sec, f_len, f, stm.tm_year + 1900, + (gmt ? " GMT" : "")) > 0; + } else { + return BIO_printf(bp, "%s %2d %02d:%02d:%02d %d%s", + _asn1_mon[stm.tm_mon], stm.tm_mday, stm.tm_hour, + stm.tm_min, stm.tm_sec, stm.tm_year + 1900, + (gmt ? " GMT" : "")) > 0; + } + err: + BIO_write(bp, "Bad time value", 14); + return 0; +} + +int ASN1_TIME_cmp_time_t(const ASN1_TIME *s, time_t t) +{ + struct tm stm, ttm; + int day, sec; + + if (!ASN1_TIME_to_tm(s, &stm)) + return -2; + + if (!OPENSSL_gmtime(&t, &ttm)) + return -2; + + if (!OPENSSL_gmtime_diff(&day, &sec, &ttm, &stm)) + return -2; + + if (day > 0 || sec > 0) + return 1; + if (day < 0 || sec < 0) + return -1; + return 0; +} + +int ASN1_TIME_normalize(ASN1_TIME *t) +{ + struct tm tm; + + if (!ASN1_TIME_to_tm(t, &tm)) + return 0; + + return asn1_time_from_tm(t, &tm, V_ASN1_UNDEF) != NULL; +} + +int ASN1_TIME_compare(const ASN1_TIME *a, const ASN1_TIME *b) +{ + int day, sec; + + if (!ASN1_TIME_diff(&day, &sec, b, a)) + return -2; + if (day > 0 || sec > 0) + return 1; + if (day < 0 || sec < 0) + return -1; + return 0; +} diff --git a/crypto/asn1/a_type.c b/crypto/asn1/a_type.c index bb166e8568b5..0c7aebe3076b 100644 --- a/crypto/asn1/a_type.c +++ b/crypto/asn1/a_type.c @@ -1,79 +1,31 @@ -/* crypto/asn1/a_type.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/asn1t.h> #include <openssl/objects.h> +#include "asn1_locl.h" -int ASN1_TYPE_get(ASN1_TYPE *a) +int ASN1_TYPE_get(const ASN1_TYPE *a) { if ((a->value.ptr != NULL) || (a->type == V_ASN1_NULL)) - return (a->type); + return a->type; else - return (0); + return 0; } void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value) { if (a->value.ptr != NULL) { ASN1_TYPE **tmp_a = &a; - ASN1_primitive_free((ASN1_VALUE **)tmp_a, NULL); + asn1_primitive_free((ASN1_VALUE **)tmp_a, NULL, 0); } a->type = type; if (type == V_ASN1_BOOLEAN) @@ -103,10 +55,6 @@ int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value) return 1; } -IMPLEMENT_STACK_OF(ASN1_TYPE) - -IMPLEMENT_ASN1_SET_OF(ASN1_TYPE) - /* Returns 0 if they are equal, != 0 otherwise. */ int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b) { @@ -153,3 +101,34 @@ int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b) return result; } + +ASN1_TYPE *ASN1_TYPE_pack_sequence(const ASN1_ITEM *it, void *s, ASN1_TYPE **t) +{ + ASN1_OCTET_STRING *oct; + ASN1_TYPE *rt; + + oct = ASN1_item_pack(s, it, NULL); + if (oct == NULL) + return NULL; + + if (t && *t) { + rt = *t; + } else { + rt = ASN1_TYPE_new(); + if (rt == NULL) { + ASN1_OCTET_STRING_free(oct); + return NULL; + } + if (t) + *t = rt; + } + ASN1_TYPE_set(rt, V_ASN1_SEQUENCE, oct); + return rt; +} + +void *ASN1_TYPE_unpack_sequence(const ASN1_ITEM *it, const ASN1_TYPE *t) +{ + if (t == NULL || t->type != V_ASN1_SEQUENCE || t->value.sequence == NULL) + return NULL; + return ASN1_item_unpack(t->value.sequence, it); +} diff --git a/crypto/asn1/a_utctm.c b/crypto/asn1/a_utctm.c index 9cbad7c5ee1a..b224991aa3df 100644 --- a/crypto/asn1/a_utctm.c +++ b/crypto/asn1/a_utctm.c @@ -1,205 +1,25 @@ -/* crypto/asn1/a_utctm.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> #include <time.h> -#include "cryptlib.h" -#include "o_time.h" +#include "internal/cryptlib.h" #include <openssl/asn1.h> #include "asn1_locl.h" -#if 0 -int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a, unsigned char **pp) -{ -# ifndef CHARSET_EBCDIC - return (i2d_ASN1_bytes((ASN1_STRING *)a, pp, - V_ASN1_UTCTIME, V_ASN1_UNIVERSAL)); -# else - /* KLUDGE! We convert to ascii before writing DER */ - int len; - char tmp[24]; - ASN1_STRING x = *(ASN1_STRING *)a; - - len = x.length; - ebcdic2ascii(tmp, x.data, (len >= sizeof(tmp)) ? sizeof(tmp) : len); - x.data = tmp; - return i2d_ASN1_bytes(&x, pp, V_ASN1_UTCTIME, V_ASN1_UNIVERSAL); -# endif -} - -ASN1_UTCTIME *d2i_ASN1_UTCTIME(ASN1_UTCTIME **a, unsigned char **pp, - long length) -{ - ASN1_UTCTIME *ret = NULL; - - ret = (ASN1_UTCTIME *)d2i_ASN1_bytes((ASN1_STRING **)a, pp, length, - V_ASN1_UTCTIME, V_ASN1_UNIVERSAL); - if (ret == NULL) { - ASN1err(ASN1_F_D2I_ASN1_UTCTIME, ERR_R_NESTED_ASN1_ERROR); - return (NULL); - } -# ifdef CHARSET_EBCDIC - ascii2ebcdic(ret->data, ret->data, ret->length); -# endif - if (!ASN1_UTCTIME_check(ret)) { - ASN1err(ASN1_F_D2I_ASN1_UTCTIME, ASN1_R_INVALID_TIME_FORMAT); - goto err; - } - - return (ret); - err: - if ((ret != NULL) && ((a == NULL) || (*a != ret))) - M_ASN1_UTCTIME_free(ret); - return (NULL); -} - -#endif - +/* This is the primary function used to parse ASN1_UTCTIME */ int asn1_utctime_to_tm(struct tm *tm, const ASN1_UTCTIME *d) { - static const int min[8] = { 0, 1, 1, 0, 0, 0, 0, 0 }; - static const int max[8] = { 99, 12, 31, 23, 59, 59, 12, 59 }; - char *a; - int n, i, l, o; - + /* wrapper around ans1_time_to_tm */ if (d->type != V_ASN1_UTCTIME) - return (0); - l = d->length; - a = (char *)d->data; - o = 0; - - if (l < 11) - goto err; - for (i = 0; i < 6; i++) { - if ((i == 5) && ((a[o] == 'Z') || (a[o] == '+') || (a[o] == '-'))) { - i++; - if (tm) - tm->tm_sec = 0; - break; - } - if ((a[o] < '0') || (a[o] > '9')) - goto err; - n = a[o] - '0'; - if (++o > l) - goto err; - - if ((a[o] < '0') || (a[o] > '9')) - goto err; - n = (n * 10) + a[o] - '0'; - if (++o > l) - goto err; - - if ((n < min[i]) || (n > max[i])) - goto err; - if (tm) { - switch (i) { - case 0: - tm->tm_year = n < 50 ? n + 100 : n; - break; - case 1: - tm->tm_mon = n - 1; - break; - case 2: - tm->tm_mday = n; - break; - case 3: - tm->tm_hour = n; - break; - case 4: - tm->tm_min = n; - break; - case 5: - tm->tm_sec = n; - break; - } - } - } - if (a[o] == 'Z') - o++; - else if ((a[o] == '+') || (a[o] == '-')) { - int offsign = a[o] == '-' ? 1 : -1, offset = 0; - o++; - if (o + 4 > l) - goto err; - for (i = 6; i < 8; i++) { - if ((a[o] < '0') || (a[o] > '9')) - goto err; - n = a[o] - '0'; - o++; - if ((a[o] < '0') || (a[o] > '9')) - goto err; - n = (n * 10) + a[o] - '0'; - if ((n < min[i]) || (n > max[i])) - goto err; - if (tm) { - if (i == 6) - offset = n * 3600; - else if (i == 7) - offset += n * 60; - } - o++; - } - if (offset && !OPENSSL_gmtime_adj(tm, 0, offset * offsign)) - return 0; - } - return o == l; - err: - return 0; + return 0; + return asn1_time_to_tm(tm, d); } int ASN1_UTCTIME_check(const ASN1_UTCTIME *d) @@ -207,6 +27,7 @@ int ASN1_UTCTIME_check(const ASN1_UTCTIME *d) return asn1_utctime_to_tm(NULL, d); } +/* Sets the string via simple copy without cleaning it up */ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str) { ASN1_UTCTIME t; @@ -214,16 +35,15 @@ int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str) t.type = V_ASN1_UTCTIME; t.length = strlen(str); t.data = (unsigned char *)str; - if (ASN1_UTCTIME_check(&t)) { - if (s != NULL) { - if (!ASN1_STRING_set((ASN1_STRING *)s, - (unsigned char *)str, t.length)) - return 0; - s->type = V_ASN1_UTCTIME; - } - return (1); - } else - return (0); + t.flags = 0; + + if (!ASN1_UTCTIME_check(&t)) + return 0; + + if (s != NULL && !ASN1_STRING_copy(s, &t)) + return 0; + + return 1; } ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t) @@ -234,56 +54,19 @@ ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t) ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, int offset_day, long offset_sec) { - char *p; struct tm *ts; struct tm data; - size_t len = 20; - int free_s = 0; - - if (s == NULL) { - free_s = 1; - s = M_ASN1_UTCTIME_new(); - } - if (s == NULL) - goto err; ts = OPENSSL_gmtime(&t, &data); if (ts == NULL) - goto err; + return NULL; if (offset_day || offset_sec) { if (!OPENSSL_gmtime_adj(ts, offset_day, offset_sec)) - goto err; + return NULL; } - if ((ts->tm_year < 50) || (ts->tm_year >= 150)) - goto err; - - p = (char *)s->data; - if ((p == NULL) || ((size_t)s->length < len)) { - p = OPENSSL_malloc(len); - if (p == NULL) { - ASN1err(ASN1_F_ASN1_UTCTIME_ADJ, ERR_R_MALLOC_FAILURE); - goto err; - } - if (s->data != NULL) - OPENSSL_free(s->data); - s->data = (unsigned char *)p; - } - - BIO_snprintf(p, len, "%02d%02d%02d%02d%02d%02dZ", ts->tm_year % 100, - ts->tm_mon + 1, ts->tm_mday, ts->tm_hour, ts->tm_min, - ts->tm_sec); - s->length = strlen(p); - s->type = V_ASN1_UTCTIME; -#ifdef CHARSET_EBCDIC_not - ebcdic2ascii(s->data, s->data, s->length); -#endif - return (s); - err: - if (free_s && s) - M_ASN1_UTCTIME_free(s); - return NULL; + return asn1_time_from_tm(s, ts, V_ASN1_UTCTIME); } int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t) @@ -294,59 +77,22 @@ int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t) if (!asn1_utctime_to_tm(&stm, s)) return -2; - if (!OPENSSL_gmtime(&t, &ttm)) + if (OPENSSL_gmtime(&t, &ttm) == NULL) return -2; if (!OPENSSL_gmtime_diff(&day, &sec, &ttm, &stm)) return -2; - if (day > 0) - return 1; - if (day < 0) - return -1; - if (sec > 0) + if (day > 0 || sec > 0) return 1; - if (sec < 0) + if (day < 0 || sec < 0) return -1; return 0; } -#if 0 -time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s) +int ASN1_UTCTIME_print(BIO *bp, const ASN1_UTCTIME *tm) { - struct tm tm; - int offset; - - memset(&tm, '\0', sizeof(tm)); - -# define g2(p) (((p)[0]-'0')*10+(p)[1]-'0') - tm.tm_year = g2(s->data); - if (tm.tm_year < 50) - tm.tm_year += 100; - tm.tm_mon = g2(s->data + 2) - 1; - tm.tm_mday = g2(s->data + 4); - tm.tm_hour = g2(s->data + 6); - tm.tm_min = g2(s->data + 8); - tm.tm_sec = g2(s->data + 10); - if (s->data[12] == 'Z') - offset = 0; - else { - offset = g2(s->data + 13) * 60 + g2(s->data + 15); - if (s->data[12] == '-') - offset = -offset; - } -# undef g2 - - /* - * FIXME: mktime assumes the current timezone - * instead of UTC, and unless we rewrite OpenSSL - * in Lisp we cannot locally change the timezone - * without possibly interfering with other parts - * of the program. timegm, which uses UTC, is - * non-standard. - * Also time_t is inappropriate for general - * UTC times because it may a 32 bit type. - */ - return mktime(&tm) - offset * 60; + if (tm->type != V_ASN1_UTCTIME) + return 0; + return ASN1_TIME_print(bp, tm); } -#endif diff --git a/crypto/asn1/a_utf8.c b/crypto/asn1/a_utf8.c index 23dc2e828ab6..e2dc09f6aee5 100644 --- a/crypto/asn1/a_utf8.c +++ b/crypto/asn1/a_utf8.c @@ -1,63 +1,14 @@ -/* crypto/asn1/a_utf8.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/asn1.h> /* UTF8 utilities */ diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c index 3ffd934cba96..973d50d24de9 100644 --- a/crypto/asn1/a_verify.c +++ b/crypto/asn1/a_verify.c @@ -1,88 +1,40 @@ -/* crypto/asn1/a_verify.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> #include <time.h> +#include <sys/types.h> -#include "cryptlib.h" -#include "asn1_locl.h" - -#ifndef NO_SYS_TYPES_H -# include <sys/types.h> -#endif +#include "internal/cryptlib.h" #include <openssl/bn.h> #include <openssl/x509.h> #include <openssl/objects.h> #include <openssl/buffer.h> #include <openssl/evp.h> +#include "internal/asn1_int.h" +#include "internal/evp_int.h" #ifndef NO_ASN1_OLD int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature, char *data, EVP_PKEY *pkey) { - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx = EVP_MD_CTX_new(); const EVP_MD *type; unsigned char *p, *buf_in = NULL; int ret = -1, i, inl; - EVP_MD_CTX_init(&ctx); + if (ctx == NULL) { + ASN1err(ASN1_F_ASN1_VERIFY, ERR_R_MALLOC_FAILURE); + goto err; + } i = OBJ_obj2nid(a->algorithm); type = EVP_get_digestbyname(OBJ_nid2sn(i)); if (type == NULL) { @@ -104,31 +56,27 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature, p = buf_in; i2d(data, &p); - if (!EVP_VerifyInit_ex(&ctx, type, NULL) - || !EVP_VerifyUpdate(&ctx, (unsigned char *)buf_in, inl)) { + ret = EVP_VerifyInit_ex(ctx, type, NULL) + && EVP_VerifyUpdate(ctx, (unsigned char *)buf_in, inl); + + OPENSSL_clear_free(buf_in, (unsigned int)inl); + + if (!ret) { ASN1err(ASN1_F_ASN1_VERIFY, ERR_R_EVP_LIB); - ret = 0; goto err; } + ret = -1; - OPENSSL_cleanse(buf_in, (unsigned int)inl); - OPENSSL_free(buf_in); - - if (EVP_VerifyFinal(&ctx, (unsigned char *)signature->data, + if (EVP_VerifyFinal(ctx, (unsigned char *)signature->data, (unsigned int)signature->length, pkey) <= 0) { ASN1err(ASN1_F_ASN1_VERIFY, ERR_R_EVP_LIB); ret = 0; goto err; } - /* - * we don't need to zero the 'ctx' because we just checked public - * information - */ - /* memset(&ctx,0,sizeof(ctx)); */ ret = 1; err: - EVP_MD_CTX_cleanup(&ctx); - return (ret); + EVP_MD_CTX_free(ctx); + return ret; } #endif @@ -136,9 +84,9 @@ int ASN1_verify(i2d_of_void *i2d, X509_ALGOR *a, ASN1_BIT_STRING *signature, int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_BIT_STRING *signature, void *asn, EVP_PKEY *pkey) { - EVP_MD_CTX ctx; + EVP_MD_CTX *ctx = NULL; unsigned char *buf_in = NULL; - int ret = -1, inl; + int ret = -1, inl = 0; int mdnid, pknid; @@ -152,7 +100,11 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, return -1; } - EVP_MD_CTX_init(&ctx); + ctx = EVP_MD_CTX_new(); + if (ctx == NULL) { + ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_MALLOC_FAILURE); + goto err; + } /* Convert signature OID into digest and public key OIDs */ if (!OBJ_find_sigid_algs(OBJ_obj2nid(a->algorithm), &mdnid, &pknid)) { @@ -165,7 +117,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM); goto err; } - ret = pkey->ameth->item_verify(&ctx, it, asn, a, signature, pkey); + ret = pkey->ameth->item_verify(ctx, it, asn, a, signature, pkey); /* * Return value of 2 means carry on, anything else means we exit * straight away: either a fatal error of the underlying verification @@ -189,7 +141,7 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, goto err; } - if (!EVP_DigestVerifyInit(&ctx, NULL, type, NULL, pkey)) { + if (!EVP_DigestVerifyInit(ctx, NULL, type, NULL, pkey)) { ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB); ret = 0; goto err; @@ -204,28 +156,15 @@ int ASN1_item_verify(const ASN1_ITEM *it, X509_ALGOR *a, goto err; } - if (!EVP_DigestVerifyUpdate(&ctx, buf_in, inl)) { - ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB); - ret = 0; - goto err; - } - - OPENSSL_cleanse(buf_in, (unsigned int)inl); - OPENSSL_free(buf_in); - - if (EVP_DigestVerifyFinal(&ctx, signature->data, - (size_t)signature->length) <= 0) { + ret = EVP_DigestVerify(ctx, signature->data, (size_t)signature->length, + buf_in, inl); + if (ret <= 0) { ASN1err(ASN1_F_ASN1_ITEM_VERIFY, ERR_R_EVP_LIB); - ret = 0; goto err; } - /* - * we don't need to zero the 'ctx' because we just checked public - * information - */ - /* memset(&ctx,0,sizeof(ctx)); */ ret = 1; err: - EVP_MD_CTX_cleanup(&ctx); - return (ret); + OPENSSL_clear_free(buf_in, (unsigned int)inl); + EVP_MD_CTX_free(ctx); + return ret; } diff --git a/crypto/asn1/ameth_lib.c b/crypto/asn1/ameth_lib.c index 43ddebba33a6..9a1644148af5 100644 --- a/crypto/asn1/ameth_lib.c +++ b/crypto/asn1/ameth_lib.c @@ -1,122 +1,26 @@ /* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project - * 2006. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). + * Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ +#include "e_os.h" /* for strncasecmp */ +#include "internal/cryptlib.h" #include <stdio.h> -#include "cryptlib.h" #include <openssl/asn1t.h> #include <openssl/x509.h> -#ifndef OPENSSL_NO_ENGINE -# include <openssl/engine.h> -#endif -#include "asn1_locl.h" - -extern const EVP_PKEY_ASN1_METHOD rsa_asn1_meths[]; -extern const EVP_PKEY_ASN1_METHOD dsa_asn1_meths[]; -extern const EVP_PKEY_ASN1_METHOD dh_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD dhx_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD eckey_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD hmac_asn1_meth; -extern const EVP_PKEY_ASN1_METHOD cmac_asn1_meth; - -/* Keep this sorted in type order !! */ -static const EVP_PKEY_ASN1_METHOD *standard_methods[] = { -#ifndef OPENSSL_NO_RSA - &rsa_asn1_meths[0], - &rsa_asn1_meths[1], -#endif -#ifndef OPENSSL_NO_DH - &dh_asn1_meth, -#endif -#ifndef OPENSSL_NO_DSA - &dsa_asn1_meths[0], - &dsa_asn1_meths[1], - &dsa_asn1_meths[2], - &dsa_asn1_meths[3], - &dsa_asn1_meths[4], -#endif -#ifndef OPENSSL_NO_EC - &eckey_asn1_meth, -#endif - &hmac_asn1_meth, -#ifndef OPENSSL_NO_CMAC - &cmac_asn1_meth, -#endif -#ifndef OPENSSL_NO_DH - &dhx_asn1_meth -#endif -}; +#include <openssl/engine.h> +#include "internal/asn1_int.h" +#include "internal/evp_int.h" + +#include "standard_methods.h" typedef int sk_cmp_fn_type(const char *const *a, const char *const *b); -DECLARE_STACK_OF(EVP_PKEY_ASN1_METHOD) static STACK_OF(EVP_PKEY_ASN1_METHOD) *app_methods = NULL; -#ifdef TEST -void main() -{ - int i; - for (i = 0; - i < sizeof(standard_methods) / sizeof(EVP_PKEY_ASN1_METHOD *); i++) - fprintf(stderr, "Number %d id=%d (%s)\n", i, - standard_methods[i]->pkey_id, - OBJ_nid2sn(standard_methods[i]->pkey_id)); -} -#endif - DECLARE_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_ASN1_METHOD *, const EVP_PKEY_ASN1_METHOD *, ameth); @@ -131,7 +35,7 @@ IMPLEMENT_OBJ_BSEARCH_CMP_FN(const EVP_PKEY_ASN1_METHOD *, int EVP_PKEY_asn1_get_count(void) { - int num = sizeof(standard_methods) / sizeof(EVP_PKEY_ASN1_METHOD *); + int num = OSSL_NELEM(standard_methods); if (app_methods) num += sk_EVP_PKEY_ASN1_METHOD_num(app_methods); return num; @@ -139,7 +43,7 @@ int EVP_PKEY_asn1_get_count(void) const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx) { - int num = sizeof(standard_methods) / sizeof(EVP_PKEY_ASN1_METHOD *); + int num = OSSL_NELEM(standard_methods); if (idx < 0) return NULL; if (idx < num) @@ -159,8 +63,7 @@ static const EVP_PKEY_ASN1_METHOD *pkey_asn1_find(int type) if (idx >= 0) return sk_EVP_PKEY_ASN1_METHOD_value(app_methods, idx); } - ret = OBJ_bsearch_ameth(&t, standard_methods, sizeof(standard_methods) - / sizeof(EVP_PKEY_ASN1_METHOD *)); + ret = OBJ_bsearch_ameth(&t, standard_methods, OSSL_NELEM(standard_methods)); if (!ret || !*ret) return NULL; return *ret; @@ -201,7 +104,8 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe, const char *str, int len) { int i; - const EVP_PKEY_ASN1_METHOD *ameth; + const EVP_PKEY_ASN1_METHOD *ameth = NULL; + if (len == -1) len = strlen(str); if (pe) { @@ -221,12 +125,12 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe, #endif *pe = NULL; } - for (i = 0; i < EVP_PKEY_asn1_get_count(); i++) { + for (i = EVP_PKEY_asn1_get_count(); i-- > 0; ) { ameth = EVP_PKEY_asn1_get0(i); if (ameth->pkey_flags & ASN1_PKEY_ALIAS) continue; - if (((int)strlen(ameth->pem_str) == len) && - !strncasecmp(ameth->pem_str, str, len)) + if ((int)strlen(ameth->pem_str) == len + && strncasecmp(ameth->pem_str, str, len) == 0) return ameth; } return NULL; @@ -234,11 +138,21 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_find_str(ENGINE **pe, int EVP_PKEY_asn1_add0(const EVP_PKEY_ASN1_METHOD *ameth) { + EVP_PKEY_ASN1_METHOD tmp = { 0, }; + if (app_methods == NULL) { app_methods = sk_EVP_PKEY_ASN1_METHOD_new(ameth_cmp); - if (!app_methods) + if (app_methods == NULL) return 0; } + + tmp.pkey_id = ameth->pkey_id; + if (sk_EVP_PKEY_ASN1_METHOD_find(app_methods, &tmp) >= 0) { + EVPerr(EVP_F_EVP_PKEY_ASN1_ADD0, + EVP_R_PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED); + return 0; + } + if (!sk_EVP_PKEY_ASN1_METHOD_push(app_methods, ameth)) return 0; sk_EVP_PKEY_ASN1_METHOD_sort(app_methods); @@ -249,7 +163,7 @@ int EVP_PKEY_asn1_add_alias(int to, int from) { EVP_PKEY_ASN1_METHOD *ameth; ameth = EVP_PKEY_asn1_new(from, ASN1_PKEY_ALIAS, NULL, NULL); - if (!ameth) + if (ameth == NULL) return 0; ameth->pkey_base_id = to; if (!EVP_PKEY_asn1_add0(ameth)) { @@ -279,7 +193,7 @@ int EVP_PKEY_asn1_get0_info(int *ppkey_id, int *ppkey_base_id, return 1; } -const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(EVP_PKEY *pkey) +const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(const EVP_PKEY *pkey) { return pkey->ameth; } @@ -287,63 +201,42 @@ const EVP_PKEY_ASN1_METHOD *EVP_PKEY_get0_asn1(EVP_PKEY *pkey) EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_new(int id, int flags, const char *pem_str, const char *info) { - EVP_PKEY_ASN1_METHOD *ameth; - ameth = OPENSSL_malloc(sizeof(EVP_PKEY_ASN1_METHOD)); - if (!ameth) - return NULL; + EVP_PKEY_ASN1_METHOD *ameth = OPENSSL_zalloc(sizeof(*ameth)); - memset(ameth, 0, sizeof(EVP_PKEY_ASN1_METHOD)); + if (ameth == NULL) + return NULL; ameth->pkey_id = id; ameth->pkey_base_id = id; ameth->pkey_flags = flags | ASN1_PKEY_DYNAMIC; if (info) { - ameth->info = BUF_strdup(info); + ameth->info = OPENSSL_strdup(info); if (!ameth->info) goto err; - } else - ameth->info = NULL; + } + + /* + * One of the following must be true: + * + * pem_str == NULL AND ASN1_PKEY_ALIAS is set + * pem_str != NULL AND ASN1_PKEY_ALIAS is clear + * + * Anything else is an error and may lead to a corrupt ASN1 method table + */ + if (!((pem_str == NULL && (flags & ASN1_PKEY_ALIAS) != 0) + || (pem_str != NULL && (flags & ASN1_PKEY_ALIAS) == 0))) + goto err; if (pem_str) { - ameth->pem_str = BUF_strdup(pem_str); + ameth->pem_str = OPENSSL_strdup(pem_str); if (!ameth->pem_str) goto err; - } else - ameth->pem_str = NULL; - - ameth->pub_decode = 0; - ameth->pub_encode = 0; - ameth->pub_cmp = 0; - ameth->pub_print = 0; - - ameth->priv_decode = 0; - ameth->priv_encode = 0; - ameth->priv_print = 0; - - ameth->old_priv_encode = 0; - ameth->old_priv_decode = 0; - - ameth->item_verify = 0; - ameth->item_sign = 0; - - ameth->pkey_size = 0; - ameth->pkey_bits = 0; - - ameth->param_decode = 0; - ameth->param_encode = 0; - ameth->param_missing = 0; - ameth->param_copy = 0; - ameth->param_cmp = 0; - ameth->param_print = 0; - - ameth->pkey_free = 0; - ameth->pkey_ctrl = 0; + } return ameth; err: - EVP_PKEY_asn1_free(ameth); return NULL; @@ -381,15 +274,17 @@ void EVP_PKEY_asn1_copy(EVP_PKEY_ASN1_METHOD *dst, dst->item_sign = src->item_sign; dst->item_verify = src->item_verify; + dst->siginf_set = src->siginf_set; + + dst->pkey_check = src->pkey_check; + } void EVP_PKEY_asn1_free(EVP_PKEY_ASN1_METHOD *ameth) { if (ameth && (ameth->pkey_flags & ASN1_PKEY_DYNAMIC)) { - if (ameth->pem_str) - OPENSSL_free(ameth->pem_str); - if (ameth->info) - OPENSSL_free(ameth->info); + OPENSSL_free(ameth->pem_str); + OPENSSL_free(ameth->info); OPENSSL_free(ameth); } } @@ -417,7 +312,7 @@ void EVP_PKEY_asn1_set_public(EVP_PKEY_ASN1_METHOD *ameth, void EVP_PKEY_asn1_set_private(EVP_PKEY_ASN1_METHOD *ameth, int (*priv_decode) (EVP_PKEY *pk, - PKCS8_PRIV_KEY_INFO + const PKCS8_PRIV_KEY_INFO *p8inf), int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk), @@ -467,6 +362,13 @@ void EVP_PKEY_asn1_set_ctrl(EVP_PKEY_ASN1_METHOD *ameth, ameth->pkey_ctrl = pkey_ctrl; } +void EVP_PKEY_asn1_set_security_bits(EVP_PKEY_ASN1_METHOD *ameth, + int (*pkey_security_bits) (const EVP_PKEY + *pk)) +{ + ameth->pkey_security_bits = pkey_security_bits; +} + void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth, int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, @@ -484,3 +386,62 @@ void EVP_PKEY_asn1_set_item(EVP_PKEY_ASN1_METHOD *ameth, ameth->item_sign = item_sign; ameth->item_verify = item_verify; } + +void EVP_PKEY_asn1_set_siginf(EVP_PKEY_ASN1_METHOD *ameth, + int (*siginf_set) (X509_SIG_INFO *siginf, + const X509_ALGOR *alg, + const ASN1_STRING *sig)) +{ + ameth->siginf_set = siginf_set; +} + +void EVP_PKEY_asn1_set_check(EVP_PKEY_ASN1_METHOD *ameth, + int (*pkey_check) (const EVP_PKEY *pk)) +{ + ameth->pkey_check = pkey_check; +} + +void EVP_PKEY_asn1_set_public_check(EVP_PKEY_ASN1_METHOD *ameth, + int (*pkey_pub_check) (const EVP_PKEY *pk)) +{ + ameth->pkey_public_check = pkey_pub_check; +} + +void EVP_PKEY_asn1_set_param_check(EVP_PKEY_ASN1_METHOD *ameth, + int (*pkey_param_check) (const EVP_PKEY *pk)) +{ + ameth->pkey_param_check = pkey_param_check; +} + +void EVP_PKEY_asn1_set_set_priv_key(EVP_PKEY_ASN1_METHOD *ameth, + int (*set_priv_key) (EVP_PKEY *pk, + const unsigned char + *priv, + size_t len)) +{ + ameth->set_priv_key = set_priv_key; +} + +void EVP_PKEY_asn1_set_set_pub_key(EVP_PKEY_ASN1_METHOD *ameth, + int (*set_pub_key) (EVP_PKEY *pk, + const unsigned char *pub, + size_t len)) +{ + ameth->set_pub_key = set_pub_key; +} + +void EVP_PKEY_asn1_set_get_priv_key(EVP_PKEY_ASN1_METHOD *ameth, + int (*get_priv_key) (const EVP_PKEY *pk, + unsigned char *priv, + size_t *len)) +{ + ameth->get_priv_key = get_priv_key; +} + +void EVP_PKEY_asn1_set_get_pub_key(EVP_PKEY_ASN1_METHOD *ameth, + int (*get_pub_key) (const EVP_PKEY *pk, + unsigned char *pub, + size_t *len)) +{ + ameth->get_pub_key = get_pub_key; +} diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h deleted file mode 100644 index 35a2b2aa0238..000000000000 --- a/crypto/asn1/asn1.h +++ /dev/null @@ -1,1420 +0,0 @@ -/* crypto/asn1/asn1.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_ASN1_H -# define HEADER_ASN1_H - -# include <time.h> -# include <openssl/e_os2.h> -# ifndef OPENSSL_NO_BIO -# include <openssl/bio.h> -# endif -# include <openssl/stack.h> -# include <openssl/safestack.h> - -# include <openssl/symhacks.h> - -# include <openssl/ossl_typ.h> -# ifndef OPENSSL_NO_DEPRECATED -# include <openssl/bn.h> -# endif - -# ifdef OPENSSL_BUILD_SHLIBCRYPTO -# undef OPENSSL_EXTERN -# define OPENSSL_EXTERN OPENSSL_EXPORT -# endif - -#ifdef __cplusplus -extern "C" { -#endif - -# define V_ASN1_UNIVERSAL 0x00 -# define V_ASN1_APPLICATION 0x40 -# define V_ASN1_CONTEXT_SPECIFIC 0x80 -# define V_ASN1_PRIVATE 0xc0 - -# define V_ASN1_CONSTRUCTED 0x20 -# define V_ASN1_PRIMITIVE_TAG 0x1f -# define V_ASN1_PRIMATIVE_TAG 0x1f - -# define V_ASN1_APP_CHOOSE -2/* let the recipient choose */ -# define V_ASN1_OTHER -3/* used in ASN1_TYPE */ -# define V_ASN1_ANY -4/* used in ASN1 template code */ - -# define V_ASN1_NEG 0x100/* negative flag */ - -# define V_ASN1_UNDEF -1 -# define V_ASN1_EOC 0 -# define V_ASN1_BOOLEAN 1 /**/ -# define V_ASN1_INTEGER 2 -# define V_ASN1_NEG_INTEGER (2 | V_ASN1_NEG) -# define V_ASN1_BIT_STRING 3 -# define V_ASN1_OCTET_STRING 4 -# define V_ASN1_NULL 5 -# define V_ASN1_OBJECT 6 -# define V_ASN1_OBJECT_DESCRIPTOR 7 -# define V_ASN1_EXTERNAL 8 -# define V_ASN1_REAL 9 -# define V_ASN1_ENUMERATED 10 -# define V_ASN1_NEG_ENUMERATED (10 | V_ASN1_NEG) -# define V_ASN1_UTF8STRING 12 -# define V_ASN1_SEQUENCE 16 -# define V_ASN1_SET 17 -# define V_ASN1_NUMERICSTRING 18 /**/ -# define V_ASN1_PRINTABLESTRING 19 -# define V_ASN1_T61STRING 20 -# define V_ASN1_TELETEXSTRING 20/* alias */ -# define V_ASN1_VIDEOTEXSTRING 21 /**/ -# define V_ASN1_IA5STRING 22 -# define V_ASN1_UTCTIME 23 -# define V_ASN1_GENERALIZEDTIME 24 /**/ -# define V_ASN1_GRAPHICSTRING 25 /**/ -# define V_ASN1_ISO64STRING 26 /**/ -# define V_ASN1_VISIBLESTRING 26/* alias */ -# define V_ASN1_GENERALSTRING 27 /**/ -# define V_ASN1_UNIVERSALSTRING 28 /**/ -# define V_ASN1_BMPSTRING 30 -/* For use with d2i_ASN1_type_bytes() */ -# define B_ASN1_NUMERICSTRING 0x0001 -# define B_ASN1_PRINTABLESTRING 0x0002 -# define B_ASN1_T61STRING 0x0004 -# define B_ASN1_TELETEXSTRING 0x0004 -# define B_ASN1_VIDEOTEXSTRING 0x0008 -# define B_ASN1_IA5STRING 0x0010 -# define B_ASN1_GRAPHICSTRING 0x0020 -# define B_ASN1_ISO64STRING 0x0040 -# define B_ASN1_VISIBLESTRING 0x0040 -# define B_ASN1_GENERALSTRING 0x0080 -# define B_ASN1_UNIVERSALSTRING 0x0100 -# define B_ASN1_OCTET_STRING 0x0200 -# define B_ASN1_BIT_STRING 0x0400 -# define B_ASN1_BMPSTRING 0x0800 -# define B_ASN1_UNKNOWN 0x1000 -# define B_ASN1_UTF8STRING 0x2000 -# define B_ASN1_UTCTIME 0x4000 -# define B_ASN1_GENERALIZEDTIME 0x8000 -# define B_ASN1_SEQUENCE 0x10000 -/* For use with ASN1_mbstring_copy() */ -# define MBSTRING_FLAG 0x1000 -# define MBSTRING_UTF8 (MBSTRING_FLAG) -# define MBSTRING_ASC (MBSTRING_FLAG|1) -# define MBSTRING_BMP (MBSTRING_FLAG|2) -# define MBSTRING_UNIV (MBSTRING_FLAG|4) -# define SMIME_OLDMIME 0x400 -# define SMIME_CRLFEOL 0x800 -# define SMIME_STREAM 0x1000 - struct X509_algor_st; -DECLARE_STACK_OF(X509_ALGOR) - -# define DECLARE_ASN1_SET_OF(type)/* filled in by mkstack.pl */ -# define IMPLEMENT_ASN1_SET_OF(type)/* nothing, no longer needed */ - -/* - * We MUST make sure that, except for constness, asn1_ctx_st and - * asn1_const_ctx are exactly the same. Fortunately, as soon as the old ASN1 - * parsing macros are gone, we can throw this away as well... - */ -typedef struct asn1_ctx_st { - unsigned char *p; /* work char pointer */ - int eos; /* end of sequence read for indefinite - * encoding */ - int error; /* error code to use when returning an error */ - int inf; /* constructed if 0x20, indefinite is 0x21 */ - int tag; /* tag from last 'get object' */ - int xclass; /* class from last 'get object' */ - long slen; /* length of last 'get object' */ - unsigned char *max; /* largest value of p allowed */ - unsigned char *q; /* temporary variable */ - unsigned char **pp; /* variable */ - int line; /* used in error processing */ -} ASN1_CTX; - -typedef struct asn1_const_ctx_st { - const unsigned char *p; /* work char pointer */ - int eos; /* end of sequence read for indefinite - * encoding */ - int error; /* error code to use when returning an error */ - int inf; /* constructed if 0x20, indefinite is 0x21 */ - int tag; /* tag from last 'get object' */ - int xclass; /* class from last 'get object' */ - long slen; /* length of last 'get object' */ - const unsigned char *max; /* largest value of p allowed */ - const unsigned char *q; /* temporary variable */ - const unsigned char **pp; /* variable */ - int line; /* used in error processing */ -} ASN1_const_CTX; - -/* - * These are used internally in the ASN1_OBJECT to keep track of whether the - * names and data need to be free()ed - */ -# define ASN1_OBJECT_FLAG_DYNAMIC 0x01/* internal use */ -# define ASN1_OBJECT_FLAG_CRITICAL 0x02/* critical x509v3 object id */ -# define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04/* internal use */ -# define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08/* internal use */ -struct asn1_object_st { - const char *sn, *ln; - int nid; - int length; - const unsigned char *data; /* data remains const after init */ - int flags; /* Should we free this one */ -}; - -# define ASN1_STRING_FLAG_BITS_LEFT 0x08/* Set if 0x07 has bits left value */ -/* - * This indicates that the ASN1_STRING is not a real value but just a place - * holder for the location where indefinite length constructed data should be - * inserted in the memory buffer - */ -# define ASN1_STRING_FLAG_NDEF 0x010 - -/* - * This flag is used by the CMS code to indicate that a string is not - * complete and is a place holder for content when it had all been accessed. - * The flag will be reset when content has been written to it. - */ - -# define ASN1_STRING_FLAG_CONT 0x020 -/* - * This flag is used by ASN1 code to indicate an ASN1_STRING is an MSTRING - * type. - */ -# define ASN1_STRING_FLAG_MSTRING 0x040 -/* This is the base type that holds just about everything :-) */ -struct asn1_string_st { - int length; - int type; - unsigned char *data; - /* - * The value of the following field depends on the type being held. It - * is mostly being used for BIT_STRING so if the input data has a - * non-zero 'unused bits' value, it will be handled correctly - */ - long flags; -}; - -/* - * ASN1_ENCODING structure: this is used to save the received encoding of an - * ASN1 type. This is useful to get round problems with invalid encodings - * which can break signatures. - */ - -typedef struct ASN1_ENCODING_st { - unsigned char *enc; /* DER encoding */ - long len; /* Length of encoding */ - int modified; /* set to 1 if 'enc' is invalid */ -} ASN1_ENCODING; - -/* Used with ASN1 LONG type: if a long is set to this it is omitted */ -# define ASN1_LONG_UNDEF 0x7fffffffL - -# define STABLE_FLAGS_MALLOC 0x01 -# define STABLE_NO_MASK 0x02 -# define DIRSTRING_TYPE \ - (B_ASN1_PRINTABLESTRING|B_ASN1_T61STRING|B_ASN1_BMPSTRING|B_ASN1_UTF8STRING) -# define PKCS9STRING_TYPE (DIRSTRING_TYPE|B_ASN1_IA5STRING) - -typedef struct asn1_string_table_st { - int nid; - long minsize; - long maxsize; - unsigned long mask; - unsigned long flags; -} ASN1_STRING_TABLE; - -DECLARE_STACK_OF(ASN1_STRING_TABLE) - -/* size limits: this stuff is taken straight from RFC2459 */ - -# define ub_name 32768 -# define ub_common_name 64 -# define ub_locality_name 128 -# define ub_state_name 128 -# define ub_organization_name 64 -# define ub_organization_unit_name 64 -# define ub_title 64 -# define ub_email_address 128 - -/* - * Declarations for template structures: for full definitions see asn1t.h - */ -typedef struct ASN1_TEMPLATE_st ASN1_TEMPLATE; -typedef struct ASN1_TLC_st ASN1_TLC; -/* This is just an opaque pointer */ -typedef struct ASN1_VALUE_st ASN1_VALUE; - -/* Declare ASN1 functions: the implement macro in in asn1t.h */ - -# define DECLARE_ASN1_FUNCTIONS(type) DECLARE_ASN1_FUNCTIONS_name(type, type) - -# define DECLARE_ASN1_ALLOC_FUNCTIONS(type) \ - DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, type) - -# define DECLARE_ASN1_FUNCTIONS_name(type, name) \ - DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ - DECLARE_ASN1_ENCODE_FUNCTIONS(type, name, name) - -# define DECLARE_ASN1_FUNCTIONS_fname(type, itname, name) \ - DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ - DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) - -# define DECLARE_ASN1_ENCODE_FUNCTIONS(type, itname, name) \ - type *d2i_##name(type **a, const unsigned char **in, long len); \ - int i2d_##name(type *a, unsigned char **out); \ - DECLARE_ASN1_ITEM(itname) - -# define DECLARE_ASN1_ENCODE_FUNCTIONS_const(type, name) \ - type *d2i_##name(type **a, const unsigned char **in, long len); \ - int i2d_##name(const type *a, unsigned char **out); \ - DECLARE_ASN1_ITEM(name) - -# define DECLARE_ASN1_NDEF_FUNCTION(name) \ - int i2d_##name##_NDEF(name *a, unsigned char **out); - -# define DECLARE_ASN1_FUNCTIONS_const(name) \ - DECLARE_ASN1_ALLOC_FUNCTIONS(name) \ - DECLARE_ASN1_ENCODE_FUNCTIONS_const(name, name) - -# define DECLARE_ASN1_ALLOC_FUNCTIONS_name(type, name) \ - type *name##_new(void); \ - void name##_free(type *a); - -# define DECLARE_ASN1_PRINT_FUNCTION(stname) \ - DECLARE_ASN1_PRINT_FUNCTION_fname(stname, stname) - -# define DECLARE_ASN1_PRINT_FUNCTION_fname(stname, fname) \ - int fname##_print_ctx(BIO *out, stname *x, int indent, \ - const ASN1_PCTX *pctx); - -# define D2I_OF(type) type *(*)(type **,const unsigned char **,long) -# define I2D_OF(type) int (*)(type *,unsigned char **) -# define I2D_OF_const(type) int (*)(const type *,unsigned char **) - -# define CHECKED_D2I_OF(type, d2i) \ - ((d2i_of_void*) (1 ? d2i : ((D2I_OF(type))0))) -# define CHECKED_I2D_OF(type, i2d) \ - ((i2d_of_void*) (1 ? i2d : ((I2D_OF(type))0))) -# define CHECKED_NEW_OF(type, xnew) \ - ((void *(*)(void)) (1 ? xnew : ((type *(*)(void))0))) -# define CHECKED_PTR_OF(type, p) \ - ((void*) (1 ? p : (type*)0)) -# define CHECKED_PPTR_OF(type, p) \ - ((void**) (1 ? p : (type**)0)) - -# define TYPEDEF_D2I_OF(type) typedef type *d2i_of_##type(type **,const unsigned char **,long) -# define TYPEDEF_I2D_OF(type) typedef int i2d_of_##type(type *,unsigned char **) -# define TYPEDEF_D2I2D_OF(type) TYPEDEF_D2I_OF(type); TYPEDEF_I2D_OF(type) - -TYPEDEF_D2I2D_OF(void); - -/*- - * The following macros and typedefs allow an ASN1_ITEM - * to be embedded in a structure and referenced. Since - * the ASN1_ITEM pointers need to be globally accessible - * (possibly from shared libraries) they may exist in - * different forms. On platforms that support it the - * ASN1_ITEM structure itself will be globally exported. - * Other platforms will export a function that returns - * an ASN1_ITEM pointer. - * - * To handle both cases transparently the macros below - * should be used instead of hard coding an ASN1_ITEM - * pointer in a structure. - * - * The structure will look like this: - * - * typedef struct SOMETHING_st { - * ... - * ASN1_ITEM_EXP *iptr; - * ... - * } SOMETHING; - * - * It would be initialised as e.g.: - * - * SOMETHING somevar = {...,ASN1_ITEM_ref(X509),...}; - * - * and the actual pointer extracted with: - * - * const ASN1_ITEM *it = ASN1_ITEM_ptr(somevar.iptr); - * - * Finally an ASN1_ITEM pointer can be extracted from an - * appropriate reference with: ASN1_ITEM_rptr(X509). This - * would be used when a function takes an ASN1_ITEM * argument. - * - */ - -# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION - -/* ASN1_ITEM pointer exported type */ -typedef const ASN1_ITEM ASN1_ITEM_EXP; - -/* Macro to obtain ASN1_ITEM pointer from exported type */ -# define ASN1_ITEM_ptr(iptr) (iptr) - -/* Macro to include ASN1_ITEM pointer from base type */ -# define ASN1_ITEM_ref(iptr) (&(iptr##_it)) - -# define ASN1_ITEM_rptr(ref) (&(ref##_it)) - -# define DECLARE_ASN1_ITEM(name) \ - OPENSSL_EXTERN const ASN1_ITEM name##_it; - -# else - -/* - * Platforms that can't easily handle shared global variables are declared as - * functions returning ASN1_ITEM pointers. - */ - -/* ASN1_ITEM pointer exported type */ -typedef const ASN1_ITEM *ASN1_ITEM_EXP (void); - -/* Macro to obtain ASN1_ITEM pointer from exported type */ -# define ASN1_ITEM_ptr(iptr) (iptr()) - -/* Macro to include ASN1_ITEM pointer from base type */ -# define ASN1_ITEM_ref(iptr) (iptr##_it) - -# define ASN1_ITEM_rptr(ref) (ref##_it()) - -# define DECLARE_ASN1_ITEM(name) \ - const ASN1_ITEM * name##_it(void); - -# endif - -/* Parameters used by ASN1_STRING_print_ex() */ - -/* - * These determine which characters to escape: RFC2253 special characters, - * control characters and MSB set characters - */ - -# define ASN1_STRFLGS_ESC_2253 1 -# define ASN1_STRFLGS_ESC_CTRL 2 -# define ASN1_STRFLGS_ESC_MSB 4 - -/* - * This flag determines how we do escaping: normally RC2253 backslash only, - * set this to use backslash and quote. - */ - -# define ASN1_STRFLGS_ESC_QUOTE 8 - -/* These three flags are internal use only. */ - -/* Character is a valid PrintableString character */ -# define CHARTYPE_PRINTABLESTRING 0x10 -/* Character needs escaping if it is the first character */ -# define CHARTYPE_FIRST_ESC_2253 0x20 -/* Character needs escaping if it is the last character */ -# define CHARTYPE_LAST_ESC_2253 0x40 - -/* - * NB the internal flags are safely reused below by flags handled at the top - * level. - */ - -/* - * If this is set we convert all character strings to UTF8 first - */ - -# define ASN1_STRFLGS_UTF8_CONVERT 0x10 - -/* - * If this is set we don't attempt to interpret content: just assume all - * strings are 1 byte per character. This will produce some pretty odd - * looking output! - */ - -# define ASN1_STRFLGS_IGNORE_TYPE 0x20 - -/* If this is set we include the string type in the output */ -# define ASN1_STRFLGS_SHOW_TYPE 0x40 - -/* - * This determines which strings to display and which to 'dump' (hex dump of - * content octets or DER encoding). We can only dump non character strings or - * everything. If we don't dump 'unknown' they are interpreted as character - * strings with 1 octet per character and are subject to the usual escaping - * options. - */ - -# define ASN1_STRFLGS_DUMP_ALL 0x80 -# define ASN1_STRFLGS_DUMP_UNKNOWN 0x100 - -/* - * These determine what 'dumping' does, we can dump the content octets or the - * DER encoding: both use the RFC2253 #XXXXX notation. - */ - -# define ASN1_STRFLGS_DUMP_DER 0x200 - -/* - * All the string flags consistent with RFC2253, escaping control characters - * isn't essential in RFC2253 but it is advisable anyway. - */ - -# define ASN1_STRFLGS_RFC2253 (ASN1_STRFLGS_ESC_2253 | \ - ASN1_STRFLGS_ESC_CTRL | \ - ASN1_STRFLGS_ESC_MSB | \ - ASN1_STRFLGS_UTF8_CONVERT | \ - ASN1_STRFLGS_DUMP_UNKNOWN | \ - ASN1_STRFLGS_DUMP_DER) - -DECLARE_STACK_OF(ASN1_INTEGER) -DECLARE_ASN1_SET_OF(ASN1_INTEGER) - -DECLARE_STACK_OF(ASN1_GENERALSTRING) - -typedef struct asn1_type_st { - int type; - union { - char *ptr; - ASN1_BOOLEAN boolean; - ASN1_STRING *asn1_string; - ASN1_OBJECT *object; - ASN1_INTEGER *integer; - ASN1_ENUMERATED *enumerated; - ASN1_BIT_STRING *bit_string; - ASN1_OCTET_STRING *octet_string; - ASN1_PRINTABLESTRING *printablestring; - ASN1_T61STRING *t61string; - ASN1_IA5STRING *ia5string; - ASN1_GENERALSTRING *generalstring; - ASN1_BMPSTRING *bmpstring; - ASN1_UNIVERSALSTRING *universalstring; - ASN1_UTCTIME *utctime; - ASN1_GENERALIZEDTIME *generalizedtime; - ASN1_VISIBLESTRING *visiblestring; - ASN1_UTF8STRING *utf8string; - /* - * set and sequence are left complete and still contain the set or - * sequence bytes - */ - ASN1_STRING *set; - ASN1_STRING *sequence; - ASN1_VALUE *asn1_value; - } value; -} ASN1_TYPE; - -DECLARE_STACK_OF(ASN1_TYPE) -DECLARE_ASN1_SET_OF(ASN1_TYPE) - -typedef STACK_OF(ASN1_TYPE) ASN1_SEQUENCE_ANY; - -DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SEQUENCE_ANY) -DECLARE_ASN1_ENCODE_FUNCTIONS_const(ASN1_SEQUENCE_ANY, ASN1_SET_ANY) - -typedef struct NETSCAPE_X509_st { - ASN1_OCTET_STRING *header; - X509 *cert; -} NETSCAPE_X509; - -/* This is used to contain a list of bit names */ -typedef struct BIT_STRING_BITNAME_st { - int bitnum; - const char *lname; - const char *sname; -} BIT_STRING_BITNAME; - -# define M_ASN1_STRING_length(x) ((x)->length) -# define M_ASN1_STRING_length_set(x, n) ((x)->length = (n)) -# define M_ASN1_STRING_type(x) ((x)->type) -# define M_ASN1_STRING_data(x) ((x)->data) - -/* Macros for string operations */ -# define M_ASN1_BIT_STRING_new() (ASN1_BIT_STRING *)\ - ASN1_STRING_type_new(V_ASN1_BIT_STRING) -# define M_ASN1_BIT_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -# define M_ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\ - ASN1_STRING_dup((const ASN1_STRING *)a) -# define M_ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\ - (const ASN1_STRING *)a,(const ASN1_STRING *)b) -# define M_ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c) - -# define M_ASN1_INTEGER_new() (ASN1_INTEGER *)\ - ASN1_STRING_type_new(V_ASN1_INTEGER) -# define M_ASN1_INTEGER_free(a) ASN1_STRING_free((ASN1_STRING *)a) -# define M_ASN1_INTEGER_dup(a) (ASN1_INTEGER *)\ - ASN1_STRING_dup((const ASN1_STRING *)a) -# define M_ASN1_INTEGER_cmp(a,b) ASN1_STRING_cmp(\ - (const ASN1_STRING *)a,(const ASN1_STRING *)b) - -# define M_ASN1_ENUMERATED_new() (ASN1_ENUMERATED *)\ - ASN1_STRING_type_new(V_ASN1_ENUMERATED) -# define M_ASN1_ENUMERATED_free(a) ASN1_STRING_free((ASN1_STRING *)a) -# define M_ASN1_ENUMERATED_dup(a) (ASN1_ENUMERATED *)\ - ASN1_STRING_dup((const ASN1_STRING *)a) -# define M_ASN1_ENUMERATED_cmp(a,b) ASN1_STRING_cmp(\ - (const ASN1_STRING *)a,(const ASN1_STRING *)b) - -# define M_ASN1_OCTET_STRING_new() (ASN1_OCTET_STRING *)\ - ASN1_STRING_type_new(V_ASN1_OCTET_STRING) -# define M_ASN1_OCTET_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -# define M_ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\ - ASN1_STRING_dup((const ASN1_STRING *)a) -# define M_ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\ - (const ASN1_STRING *)a,(const ASN1_STRING *)b) -# define M_ASN1_OCTET_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c) -# define M_ASN1_OCTET_STRING_print(a,b) ASN1_STRING_print(a,(ASN1_STRING *)b) -# define M_i2d_ASN1_OCTET_STRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_OCTET_STRING,\ - V_ASN1_UNIVERSAL) - -# define B_ASN1_TIME \ - B_ASN1_UTCTIME | \ - B_ASN1_GENERALIZEDTIME - -# define B_ASN1_PRINTABLE \ - B_ASN1_NUMERICSTRING| \ - B_ASN1_PRINTABLESTRING| \ - B_ASN1_T61STRING| \ - B_ASN1_IA5STRING| \ - B_ASN1_BIT_STRING| \ - B_ASN1_UNIVERSALSTRING|\ - B_ASN1_BMPSTRING|\ - B_ASN1_UTF8STRING|\ - B_ASN1_SEQUENCE|\ - B_ASN1_UNKNOWN - -# define B_ASN1_DIRECTORYSTRING \ - B_ASN1_PRINTABLESTRING| \ - B_ASN1_TELETEXSTRING|\ - B_ASN1_BMPSTRING|\ - B_ASN1_UNIVERSALSTRING|\ - B_ASN1_UTF8STRING - -# define B_ASN1_DISPLAYTEXT \ - B_ASN1_IA5STRING| \ - B_ASN1_VISIBLESTRING| \ - B_ASN1_BMPSTRING|\ - B_ASN1_UTF8STRING - -# define M_ASN1_PRINTABLE_new() ASN1_STRING_type_new(V_ASN1_T61STRING) -# define M_ASN1_PRINTABLE_free(a) ASN1_STRING_free((ASN1_STRING *)a) -# define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\ - pp,a->type,V_ASN1_UNIVERSAL) -# define M_d2i_ASN1_PRINTABLE(a,pp,l) \ - d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \ - B_ASN1_PRINTABLE) - -# define M_DIRECTORYSTRING_new() ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING) -# define M_DIRECTORYSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -# define M_i2d_DIRECTORYSTRING(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\ - pp,a->type,V_ASN1_UNIVERSAL) -# define M_d2i_DIRECTORYSTRING(a,pp,l) \ - d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \ - B_ASN1_DIRECTORYSTRING) - -# define M_DISPLAYTEXT_new() ASN1_STRING_type_new(V_ASN1_VISIBLESTRING) -# define M_DISPLAYTEXT_free(a) ASN1_STRING_free((ASN1_STRING *)a) -# define M_i2d_DISPLAYTEXT(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\ - pp,a->type,V_ASN1_UNIVERSAL) -# define M_d2i_DISPLAYTEXT(a,pp,l) \ - d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \ - B_ASN1_DISPLAYTEXT) - -# define M_ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING *)\ - ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING) -# define M_ASN1_PRINTABLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -# define M_i2d_ASN1_PRINTABLESTRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_PRINTABLESTRING,\ - V_ASN1_UNIVERSAL) -# define M_d2i_ASN1_PRINTABLESTRING(a,pp,l) \ - (ASN1_PRINTABLESTRING *)d2i_ASN1_type_bytes\ - ((ASN1_STRING **)a,pp,l,B_ASN1_PRINTABLESTRING) - -# define M_ASN1_T61STRING_new() (ASN1_T61STRING *)\ - ASN1_STRING_type_new(V_ASN1_T61STRING) -# define M_ASN1_T61STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -# define M_i2d_ASN1_T61STRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_T61STRING,\ - V_ASN1_UNIVERSAL) -# define M_d2i_ASN1_T61STRING(a,pp,l) \ - (ASN1_T61STRING *)d2i_ASN1_type_bytes\ - ((ASN1_STRING **)a,pp,l,B_ASN1_T61STRING) - -# define M_ASN1_IA5STRING_new() (ASN1_IA5STRING *)\ - ASN1_STRING_type_new(V_ASN1_IA5STRING) -# define M_ASN1_IA5STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -# define M_ASN1_IA5STRING_dup(a) \ - (ASN1_IA5STRING *)ASN1_STRING_dup((const ASN1_STRING *)a) -# define M_i2d_ASN1_IA5STRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\ - V_ASN1_UNIVERSAL) -# define M_d2i_ASN1_IA5STRING(a,pp,l) \ - (ASN1_IA5STRING *)d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l,\ - B_ASN1_IA5STRING) - -# define M_ASN1_UTCTIME_new() (ASN1_UTCTIME *)\ - ASN1_STRING_type_new(V_ASN1_UTCTIME) -# define M_ASN1_UTCTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a) -# define M_ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)\ - ASN1_STRING_dup((const ASN1_STRING *)a) - -# define M_ASN1_GENERALIZEDTIME_new() (ASN1_GENERALIZEDTIME *)\ - ASN1_STRING_type_new(V_ASN1_GENERALIZEDTIME) -# define M_ASN1_GENERALIZEDTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a) -# define M_ASN1_GENERALIZEDTIME_dup(a) (ASN1_GENERALIZEDTIME *)ASN1_STRING_dup(\ - (const ASN1_STRING *)a) - -# define M_ASN1_TIME_new() (ASN1_TIME *)\ - ASN1_STRING_type_new(V_ASN1_UTCTIME) -# define M_ASN1_TIME_free(a) ASN1_STRING_free((ASN1_STRING *)a) -# define M_ASN1_TIME_dup(a) (ASN1_TIME *)\ - ASN1_STRING_dup((const ASN1_STRING *)a) - -# define M_ASN1_GENERALSTRING_new() (ASN1_GENERALSTRING *)\ - ASN1_STRING_type_new(V_ASN1_GENERALSTRING) -# define M_ASN1_GENERALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -# define M_i2d_ASN1_GENERALSTRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_GENERALSTRING,\ - V_ASN1_UNIVERSAL) -# define M_d2i_ASN1_GENERALSTRING(a,pp,l) \ - (ASN1_GENERALSTRING *)d2i_ASN1_type_bytes\ - ((ASN1_STRING **)a,pp,l,B_ASN1_GENERALSTRING) - -# define M_ASN1_UNIVERSALSTRING_new() (ASN1_UNIVERSALSTRING *)\ - ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING) -# define M_ASN1_UNIVERSALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -# define M_i2d_ASN1_UNIVERSALSTRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UNIVERSALSTRING,\ - V_ASN1_UNIVERSAL) -# define M_d2i_ASN1_UNIVERSALSTRING(a,pp,l) \ - (ASN1_UNIVERSALSTRING *)d2i_ASN1_type_bytes\ - ((ASN1_STRING **)a,pp,l,B_ASN1_UNIVERSALSTRING) - -# define M_ASN1_BMPSTRING_new() (ASN1_BMPSTRING *)\ - ASN1_STRING_type_new(V_ASN1_BMPSTRING) -# define M_ASN1_BMPSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -# define M_i2d_ASN1_BMPSTRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_BMPSTRING,\ - V_ASN1_UNIVERSAL) -# define M_d2i_ASN1_BMPSTRING(a,pp,l) \ - (ASN1_BMPSTRING *)d2i_ASN1_type_bytes\ - ((ASN1_STRING **)a,pp,l,B_ASN1_BMPSTRING) - -# define M_ASN1_VISIBLESTRING_new() (ASN1_VISIBLESTRING *)\ - ASN1_STRING_type_new(V_ASN1_VISIBLESTRING) -# define M_ASN1_VISIBLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -# define M_i2d_ASN1_VISIBLESTRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_VISIBLESTRING,\ - V_ASN1_UNIVERSAL) -# define M_d2i_ASN1_VISIBLESTRING(a,pp,l) \ - (ASN1_VISIBLESTRING *)d2i_ASN1_type_bytes\ - ((ASN1_STRING **)a,pp,l,B_ASN1_VISIBLESTRING) - -# define M_ASN1_UTF8STRING_new() (ASN1_UTF8STRING *)\ - ASN1_STRING_type_new(V_ASN1_UTF8STRING) -# define M_ASN1_UTF8STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a) -# define M_i2d_ASN1_UTF8STRING(a,pp) \ - i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UTF8STRING,\ - V_ASN1_UNIVERSAL) -# define M_d2i_ASN1_UTF8STRING(a,pp,l) \ - (ASN1_UTF8STRING *)d2i_ASN1_type_bytes\ - ((ASN1_STRING **)a,pp,l,B_ASN1_UTF8STRING) - - /* for the is_set parameter to i2d_ASN1_SET */ -# define IS_SEQUENCE 0 -# define IS_SET 1 - -DECLARE_ASN1_FUNCTIONS_fname(ASN1_TYPE, ASN1_ANY, ASN1_TYPE) - -int ASN1_TYPE_get(ASN1_TYPE *a); -void ASN1_TYPE_set(ASN1_TYPE *a, int type, void *value); -int ASN1_TYPE_set1(ASN1_TYPE *a, int type, const void *value); -int ASN1_TYPE_cmp(const ASN1_TYPE *a, const ASN1_TYPE *b); - -ASN1_OBJECT *ASN1_OBJECT_new(void); -void ASN1_OBJECT_free(ASN1_OBJECT *a); -int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp); -ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, - long length); -ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, - long length); - -DECLARE_ASN1_ITEM(ASN1_OBJECT) - -DECLARE_STACK_OF(ASN1_OBJECT) -DECLARE_ASN1_SET_OF(ASN1_OBJECT) - -ASN1_STRING *ASN1_STRING_new(void); -void ASN1_STRING_free(ASN1_STRING *a); -void ASN1_STRING_clear_free(ASN1_STRING *a); -int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str); -ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *a); -ASN1_STRING *ASN1_STRING_type_new(int type); -int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b); - /* - * Since this is used to store all sorts of things, via macros, for now, - * make its data void * - */ -int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len); -void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len); -int ASN1_STRING_length(const ASN1_STRING *x); -void ASN1_STRING_length_set(ASN1_STRING *x, int n); -int ASN1_STRING_type(ASN1_STRING *x); -unsigned char *ASN1_STRING_data(ASN1_STRING *x); - -DECLARE_ASN1_FUNCTIONS(ASN1_BIT_STRING) -int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp); -ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, - const unsigned char **pp, long length); -int ASN1_BIT_STRING_set(ASN1_BIT_STRING *a, unsigned char *d, int length); -int ASN1_BIT_STRING_set_bit(ASN1_BIT_STRING *a, int n, int value); -int ASN1_BIT_STRING_get_bit(ASN1_BIT_STRING *a, int n); -int ASN1_BIT_STRING_check(ASN1_BIT_STRING *a, - unsigned char *flags, int flags_len); - -# ifndef OPENSSL_NO_BIO -int ASN1_BIT_STRING_name_print(BIO *out, ASN1_BIT_STRING *bs, - BIT_STRING_BITNAME *tbl, int indent); -# endif -int ASN1_BIT_STRING_num_asc(char *name, BIT_STRING_BITNAME *tbl); -int ASN1_BIT_STRING_set_asc(ASN1_BIT_STRING *bs, char *name, int value, - BIT_STRING_BITNAME *tbl); - -int i2d_ASN1_BOOLEAN(int a, unsigned char **pp); -int d2i_ASN1_BOOLEAN(int *a, const unsigned char **pp, long length); - -DECLARE_ASN1_FUNCTIONS(ASN1_INTEGER) -int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp); -ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, - long length); -ASN1_INTEGER *d2i_ASN1_UINTEGER(ASN1_INTEGER **a, const unsigned char **pp, - long length); -ASN1_INTEGER *ASN1_INTEGER_dup(const ASN1_INTEGER *x); -int ASN1_INTEGER_cmp(const ASN1_INTEGER *x, const ASN1_INTEGER *y); - -DECLARE_ASN1_FUNCTIONS(ASN1_ENUMERATED) - -int ASN1_UTCTIME_check(const ASN1_UTCTIME *a); -ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s, time_t t); -ASN1_UTCTIME *ASN1_UTCTIME_adj(ASN1_UTCTIME *s, time_t t, - int offset_day, long offset_sec); -int ASN1_UTCTIME_set_string(ASN1_UTCTIME *s, const char *str); -int ASN1_UTCTIME_cmp_time_t(const ASN1_UTCTIME *s, time_t t); -# if 0 -time_t ASN1_UTCTIME_get(const ASN1_UTCTIME *s); -# endif - -int ASN1_GENERALIZEDTIME_check(const ASN1_GENERALIZEDTIME *a); -ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_set(ASN1_GENERALIZEDTIME *s, - time_t t); -ASN1_GENERALIZEDTIME *ASN1_GENERALIZEDTIME_adj(ASN1_GENERALIZEDTIME *s, - time_t t, int offset_day, - long offset_sec); -int ASN1_GENERALIZEDTIME_set_string(ASN1_GENERALIZEDTIME *s, const char *str); -int ASN1_TIME_diff(int *pday, int *psec, - const ASN1_TIME *from, const ASN1_TIME *to); - -DECLARE_ASN1_FUNCTIONS(ASN1_OCTET_STRING) -ASN1_OCTET_STRING *ASN1_OCTET_STRING_dup(const ASN1_OCTET_STRING *a); -int ASN1_OCTET_STRING_cmp(const ASN1_OCTET_STRING *a, - const ASN1_OCTET_STRING *b); -int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const unsigned char *data, - int len); - -DECLARE_ASN1_FUNCTIONS(ASN1_VISIBLESTRING) -DECLARE_ASN1_FUNCTIONS(ASN1_UNIVERSALSTRING) -DECLARE_ASN1_FUNCTIONS(ASN1_UTF8STRING) -DECLARE_ASN1_FUNCTIONS(ASN1_NULL) -DECLARE_ASN1_FUNCTIONS(ASN1_BMPSTRING) - -int UTF8_getc(const unsigned char *str, int len, unsigned long *val); -int UTF8_putc(unsigned char *str, int len, unsigned long value); - -DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, ASN1_PRINTABLE) - -DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DIRECTORYSTRING) -DECLARE_ASN1_FUNCTIONS_name(ASN1_STRING, DISPLAYTEXT) -DECLARE_ASN1_FUNCTIONS(ASN1_PRINTABLESTRING) -DECLARE_ASN1_FUNCTIONS(ASN1_T61STRING) -DECLARE_ASN1_FUNCTIONS(ASN1_IA5STRING) -DECLARE_ASN1_FUNCTIONS(ASN1_GENERALSTRING) -DECLARE_ASN1_FUNCTIONS(ASN1_UTCTIME) -DECLARE_ASN1_FUNCTIONS(ASN1_GENERALIZEDTIME) -DECLARE_ASN1_FUNCTIONS(ASN1_TIME) - -DECLARE_ASN1_ITEM(ASN1_OCTET_STRING_NDEF) - -ASN1_TIME *ASN1_TIME_set(ASN1_TIME *s, time_t t); -ASN1_TIME *ASN1_TIME_adj(ASN1_TIME *s, time_t t, - int offset_day, long offset_sec); -int ASN1_TIME_check(ASN1_TIME *t); -ASN1_GENERALIZEDTIME *ASN1_TIME_to_generalizedtime(ASN1_TIME *t, ASN1_GENERALIZEDTIME - **out); -int ASN1_TIME_set_string(ASN1_TIME *s, const char *str); - -int i2d_ASN1_SET(STACK_OF(OPENSSL_BLOCK) *a, unsigned char **pp, - i2d_of_void *i2d, int ex_tag, int ex_class, int is_set); -STACK_OF(OPENSSL_BLOCK) *d2i_ASN1_SET(STACK_OF(OPENSSL_BLOCK) **a, - const unsigned char **pp, - long length, d2i_of_void *d2i, - void (*free_func) (OPENSSL_BLOCK), - int ex_tag, int ex_class); - -# ifndef OPENSSL_NO_BIO -int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a); -int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size); -int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a); -int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size); -int i2a_ASN1_OBJECT(BIO *bp, ASN1_OBJECT *a); -int a2i_ASN1_STRING(BIO *bp, ASN1_STRING *bs, char *buf, int size); -int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type); -# endif -int i2t_ASN1_OBJECT(char *buf, int buf_len, ASN1_OBJECT *a); - -int a2d_ASN1_OBJECT(unsigned char *out, int olen, const char *buf, int num); -ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data, int len, - const char *sn, const char *ln); - -int ASN1_INTEGER_set(ASN1_INTEGER *a, long v); -long ASN1_INTEGER_get(const ASN1_INTEGER *a); -ASN1_INTEGER *BN_to_ASN1_INTEGER(const BIGNUM *bn, ASN1_INTEGER *ai); -BIGNUM *ASN1_INTEGER_to_BN(const ASN1_INTEGER *ai, BIGNUM *bn); - -int ASN1_ENUMERATED_set(ASN1_ENUMERATED *a, long v); -long ASN1_ENUMERATED_get(ASN1_ENUMERATED *a); -ASN1_ENUMERATED *BN_to_ASN1_ENUMERATED(BIGNUM *bn, ASN1_ENUMERATED *ai); -BIGNUM *ASN1_ENUMERATED_to_BN(ASN1_ENUMERATED *ai, BIGNUM *bn); - -/* General */ -/* given a string, return the correct type, max is the maximum length */ -int ASN1_PRINTABLE_type(const unsigned char *s, int max); - -int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass); -ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, const unsigned char **pp, - long length, int Ptag, int Pclass); -unsigned long ASN1_tag2bit(int tag); -/* type is one or more of the B_ASN1_ values. */ -ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a, const unsigned char **pp, - long length, int type); - -/* PARSING */ -int asn1_Finish(ASN1_CTX *c); -int asn1_const_Finish(ASN1_const_CTX *c); - -/* SPECIALS */ -int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, - int *pclass, long omax); -int ASN1_check_infinite_end(unsigned char **p, long len); -int ASN1_const_check_infinite_end(const unsigned char **p, long len); -void ASN1_put_object(unsigned char **pp, int constructed, int length, - int tag, int xclass); -int ASN1_put_eoc(unsigned char **pp); -int ASN1_object_size(int constructed, int length, int tag); - -/* Used to implement other functions */ -void *ASN1_dup(i2d_of_void *i2d, d2i_of_void *d2i, void *x); - -# define ASN1_dup_of(type,i2d,d2i,x) \ - ((type*)ASN1_dup(CHECKED_I2D_OF(type, i2d), \ - CHECKED_D2I_OF(type, d2i), \ - CHECKED_PTR_OF(type, x))) - -# define ASN1_dup_of_const(type,i2d,d2i,x) \ - ((type*)ASN1_dup(CHECKED_I2D_OF(const type, i2d), \ - CHECKED_D2I_OF(type, d2i), \ - CHECKED_PTR_OF(const type, x))) - -void *ASN1_item_dup(const ASN1_ITEM *it, void *x); - -/* ASN1 alloc/free macros for when a type is only used internally */ - -# define M_ASN1_new_of(type) (type *)ASN1_item_new(ASN1_ITEM_rptr(type)) -# define M_ASN1_free_of(x, type) \ - ASN1_item_free(CHECKED_PTR_OF(type, x), ASN1_ITEM_rptr(type)) - -# ifndef OPENSSL_NO_FP_API -void *ASN1_d2i_fp(void *(*xnew) (void), d2i_of_void *d2i, FILE *in, void **x); - -# define ASN1_d2i_fp_of(type,xnew,d2i,in,x) \ - ((type*)ASN1_d2i_fp(CHECKED_NEW_OF(type, xnew), \ - CHECKED_D2I_OF(type, d2i), \ - in, \ - CHECKED_PPTR_OF(type, x))) - -void *ASN1_item_d2i_fp(const ASN1_ITEM *it, FILE *in, void *x); -int ASN1_i2d_fp(i2d_of_void *i2d, FILE *out, void *x); - -# define ASN1_i2d_fp_of(type,i2d,out,x) \ - (ASN1_i2d_fp(CHECKED_I2D_OF(type, i2d), \ - out, \ - CHECKED_PTR_OF(type, x))) - -# define ASN1_i2d_fp_of_const(type,i2d,out,x) \ - (ASN1_i2d_fp(CHECKED_I2D_OF(const type, i2d), \ - out, \ - CHECKED_PTR_OF(const type, x))) - -int ASN1_item_i2d_fp(const ASN1_ITEM *it, FILE *out, void *x); -int ASN1_STRING_print_ex_fp(FILE *fp, ASN1_STRING *str, unsigned long flags); -# endif - -int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in); - -# ifndef OPENSSL_NO_BIO -void *ASN1_d2i_bio(void *(*xnew) (void), d2i_of_void *d2i, BIO *in, void **x); - -# define ASN1_d2i_bio_of(type,xnew,d2i,in,x) \ - ((type*)ASN1_d2i_bio( CHECKED_NEW_OF(type, xnew), \ - CHECKED_D2I_OF(type, d2i), \ - in, \ - CHECKED_PPTR_OF(type, x))) - -void *ASN1_item_d2i_bio(const ASN1_ITEM *it, BIO *in, void *x); -int ASN1_i2d_bio(i2d_of_void *i2d, BIO *out, unsigned char *x); - -# define ASN1_i2d_bio_of(type,i2d,out,x) \ - (ASN1_i2d_bio(CHECKED_I2D_OF(type, i2d), \ - out, \ - CHECKED_PTR_OF(type, x))) - -# define ASN1_i2d_bio_of_const(type,i2d,out,x) \ - (ASN1_i2d_bio(CHECKED_I2D_OF(const type, i2d), \ - out, \ - CHECKED_PTR_OF(const type, x))) - -int ASN1_item_i2d_bio(const ASN1_ITEM *it, BIO *out, void *x); -int ASN1_UTCTIME_print(BIO *fp, const ASN1_UTCTIME *a); -int ASN1_GENERALIZEDTIME_print(BIO *fp, const ASN1_GENERALIZEDTIME *a); -int ASN1_TIME_print(BIO *fp, const ASN1_TIME *a); -int ASN1_STRING_print(BIO *bp, const ASN1_STRING *v); -int ASN1_STRING_print_ex(BIO *out, ASN1_STRING *str, unsigned long flags); -int ASN1_bn_print(BIO *bp, const char *number, const BIGNUM *num, - unsigned char *buf, int off); -int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent); -int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent, - int dump); -# endif -const char *ASN1_tag2str(int tag); - -/* Used to load and write netscape format cert */ - -DECLARE_ASN1_FUNCTIONS(NETSCAPE_X509) - -int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s); - -int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len); -int ASN1_TYPE_get_octetstring(ASN1_TYPE *a, unsigned char *data, int max_len); -int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, - unsigned char *data, int len); -int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num, - unsigned char *data, int max_len); - -STACK_OF(OPENSSL_BLOCK) *ASN1_seq_unpack(const unsigned char *buf, int len, - d2i_of_void *d2i, - void (*free_func) (OPENSSL_BLOCK)); -unsigned char *ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d, - unsigned char **buf, int *len); -void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i); -void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it); -ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d, - ASN1_OCTET_STRING **oct); - -# define ASN1_pack_string_of(type,obj,i2d,oct) \ - (ASN1_pack_string(CHECKED_PTR_OF(type, obj), \ - CHECKED_I2D_OF(type, i2d), \ - oct)) - -ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, - ASN1_OCTET_STRING **oct); - -void ASN1_STRING_set_default_mask(unsigned long mask); -int ASN1_STRING_set_default_mask_asc(const char *p); -unsigned long ASN1_STRING_get_default_mask(void); -int ASN1_mbstring_copy(ASN1_STRING **out, const unsigned char *in, int len, - int inform, unsigned long mask); -int ASN1_mbstring_ncopy(ASN1_STRING **out, const unsigned char *in, int len, - int inform, unsigned long mask, - long minsize, long maxsize); - -ASN1_STRING *ASN1_STRING_set_by_NID(ASN1_STRING **out, - const unsigned char *in, int inlen, - int inform, int nid); -ASN1_STRING_TABLE *ASN1_STRING_TABLE_get(int nid); -int ASN1_STRING_TABLE_add(int, long, long, unsigned long, unsigned long); -void ASN1_STRING_TABLE_cleanup(void); - -/* ASN1 template functions */ - -/* Old API compatible functions */ -ASN1_VALUE *ASN1_item_new(const ASN1_ITEM *it); -void ASN1_item_free(ASN1_VALUE *val, const ASN1_ITEM *it); -ASN1_VALUE *ASN1_item_d2i(ASN1_VALUE **val, const unsigned char **in, - long len, const ASN1_ITEM *it); -int ASN1_item_i2d(ASN1_VALUE *val, unsigned char **out, const ASN1_ITEM *it); -int ASN1_item_ndef_i2d(ASN1_VALUE *val, unsigned char **out, - const ASN1_ITEM *it); - -void ASN1_add_oid_module(void); - -ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf); -ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf); - -/* ASN1 Print flags */ - -/* Indicate missing OPTIONAL fields */ -# define ASN1_PCTX_FLAGS_SHOW_ABSENT 0x001 -/* Mark start and end of SEQUENCE */ -# define ASN1_PCTX_FLAGS_SHOW_SEQUENCE 0x002 -/* Mark start and end of SEQUENCE/SET OF */ -# define ASN1_PCTX_FLAGS_SHOW_SSOF 0x004 -/* Show the ASN1 type of primitives */ -# define ASN1_PCTX_FLAGS_SHOW_TYPE 0x008 -/* Don't show ASN1 type of ANY */ -# define ASN1_PCTX_FLAGS_NO_ANY_TYPE 0x010 -/* Don't show ASN1 type of MSTRINGs */ -# define ASN1_PCTX_FLAGS_NO_MSTRING_TYPE 0x020 -/* Don't show field names in SEQUENCE */ -# define ASN1_PCTX_FLAGS_NO_FIELD_NAME 0x040 -/* Show structure names of each SEQUENCE field */ -# define ASN1_PCTX_FLAGS_SHOW_FIELD_STRUCT_NAME 0x080 -/* Don't show structure name even at top level */ -# define ASN1_PCTX_FLAGS_NO_STRUCT_NAME 0x100 - -int ASN1_item_print(BIO *out, ASN1_VALUE *ifld, int indent, - const ASN1_ITEM *it, const ASN1_PCTX *pctx); -ASN1_PCTX *ASN1_PCTX_new(void); -void ASN1_PCTX_free(ASN1_PCTX *p); -unsigned long ASN1_PCTX_get_flags(ASN1_PCTX *p); -void ASN1_PCTX_set_flags(ASN1_PCTX *p, unsigned long flags); -unsigned long ASN1_PCTX_get_nm_flags(ASN1_PCTX *p); -void ASN1_PCTX_set_nm_flags(ASN1_PCTX *p, unsigned long flags); -unsigned long ASN1_PCTX_get_cert_flags(ASN1_PCTX *p); -void ASN1_PCTX_set_cert_flags(ASN1_PCTX *p, unsigned long flags); -unsigned long ASN1_PCTX_get_oid_flags(ASN1_PCTX *p); -void ASN1_PCTX_set_oid_flags(ASN1_PCTX *p, unsigned long flags); -unsigned long ASN1_PCTX_get_str_flags(ASN1_PCTX *p); -void ASN1_PCTX_set_str_flags(ASN1_PCTX *p, unsigned long flags); - -BIO_METHOD *BIO_f_asn1(void); - -BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it); - -int i2d_ASN1_bio_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags, - const ASN1_ITEM *it); -int PEM_write_bio_ASN1_stream(BIO *out, ASN1_VALUE *val, BIO *in, int flags, - const char *hdr, const ASN1_ITEM *it); -int SMIME_write_ASN1(BIO *bio, ASN1_VALUE *val, BIO *data, int flags, - int ctype_nid, int econt_nid, - STACK_OF(X509_ALGOR) *mdalgs, const ASN1_ITEM *it); -ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it); -int SMIME_crlf_copy(BIO *in, BIO *out, int flags); -int SMIME_text(BIO *in, BIO *out); - -/* BEGIN ERROR CODES */ -/* - * The following lines are auto generated by the script mkerr.pl. Any changes - * made after this point may be overwritten when the script is next run. - */ -void ERR_load_ASN1_strings(void); - -/* Error codes for the ASN1 functions. */ - -/* Function codes. */ -# define ASN1_F_A2D_ASN1_OBJECT 100 -# define ASN1_F_A2I_ASN1_ENUMERATED 101 -# define ASN1_F_A2I_ASN1_INTEGER 102 -# define ASN1_F_A2I_ASN1_STRING 103 -# define ASN1_F_APPEND_EXP 176 -# define ASN1_F_ASN1_BIT_STRING_SET_BIT 183 -# define ASN1_F_ASN1_CB 177 -# define ASN1_F_ASN1_CHECK_TLEN 104 -# define ASN1_F_ASN1_COLLATE_PRIMITIVE 105 -# define ASN1_F_ASN1_COLLECT 106 -# define ASN1_F_ASN1_D2I_EX_PRIMITIVE 108 -# define ASN1_F_ASN1_D2I_FP 109 -# define ASN1_F_ASN1_D2I_READ_BIO 107 -# define ASN1_F_ASN1_DIGEST 184 -# define ASN1_F_ASN1_DO_ADB 110 -# define ASN1_F_ASN1_DUP 111 -# define ASN1_F_ASN1_ENUMERATED_SET 112 -# define ASN1_F_ASN1_ENUMERATED_TO_BN 113 -# define ASN1_F_ASN1_EX_C2I 204 -# define ASN1_F_ASN1_FIND_END 190 -# define ASN1_F_ASN1_GENERALIZEDTIME_ADJ 216 -# define ASN1_F_ASN1_GENERALIZEDTIME_SET 185 -# define ASN1_F_ASN1_GENERATE_V3 178 -# define ASN1_F_ASN1_GET_OBJECT 114 -# define ASN1_F_ASN1_HEADER_NEW 115 -# define ASN1_F_ASN1_I2D_BIO 116 -# define ASN1_F_ASN1_I2D_FP 117 -# define ASN1_F_ASN1_INTEGER_SET 118 -# define ASN1_F_ASN1_INTEGER_TO_BN 119 -# define ASN1_F_ASN1_ITEM_D2I_FP 206 -# define ASN1_F_ASN1_ITEM_DUP 191 -# define ASN1_F_ASN1_ITEM_EX_COMBINE_NEW 121 -# define ASN1_F_ASN1_ITEM_EX_D2I 120 -# define ASN1_F_ASN1_ITEM_I2D_BIO 192 -# define ASN1_F_ASN1_ITEM_I2D_FP 193 -# define ASN1_F_ASN1_ITEM_PACK 198 -# define ASN1_F_ASN1_ITEM_SIGN 195 -# define ASN1_F_ASN1_ITEM_SIGN_CTX 220 -# define ASN1_F_ASN1_ITEM_UNPACK 199 -# define ASN1_F_ASN1_ITEM_VERIFY 197 -# define ASN1_F_ASN1_MBSTRING_NCOPY 122 -# define ASN1_F_ASN1_OBJECT_NEW 123 -# define ASN1_F_ASN1_OUTPUT_DATA 214 -# define ASN1_F_ASN1_PACK_STRING 124 -# define ASN1_F_ASN1_PCTX_NEW 205 -# define ASN1_F_ASN1_PKCS5_PBE_SET 125 -# define ASN1_F_ASN1_SEQ_PACK 126 -# define ASN1_F_ASN1_SEQ_UNPACK 127 -# define ASN1_F_ASN1_SIGN 128 -# define ASN1_F_ASN1_STR2TYPE 179 -# define ASN1_F_ASN1_STRING_SET 186 -# define ASN1_F_ASN1_STRING_TABLE_ADD 129 -# define ASN1_F_ASN1_STRING_TYPE_NEW 130 -# define ASN1_F_ASN1_TEMPLATE_EX_D2I 132 -# define ASN1_F_ASN1_TEMPLATE_NEW 133 -# define ASN1_F_ASN1_TEMPLATE_NOEXP_D2I 131 -# define ASN1_F_ASN1_TIME_ADJ 217 -# define ASN1_F_ASN1_TIME_SET 175 -# define ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING 134 -# define ASN1_F_ASN1_TYPE_GET_OCTETSTRING 135 -# define ASN1_F_ASN1_UNPACK_STRING 136 -# define ASN1_F_ASN1_UTCTIME_ADJ 218 -# define ASN1_F_ASN1_UTCTIME_SET 187 -# define ASN1_F_ASN1_VERIFY 137 -# define ASN1_F_B64_READ_ASN1 209 -# define ASN1_F_B64_WRITE_ASN1 210 -# define ASN1_F_BIO_NEW_NDEF 208 -# define ASN1_F_BITSTR_CB 180 -# define ASN1_F_BN_TO_ASN1_ENUMERATED 138 -# define ASN1_F_BN_TO_ASN1_INTEGER 139 -# define ASN1_F_C2I_ASN1_BIT_STRING 189 -# define ASN1_F_C2I_ASN1_INTEGER 194 -# define ASN1_F_C2I_ASN1_OBJECT 196 -# define ASN1_F_COLLECT_DATA 140 -# define ASN1_F_D2I_ASN1_BIT_STRING 141 -# define ASN1_F_D2I_ASN1_BOOLEAN 142 -# define ASN1_F_D2I_ASN1_BYTES 143 -# define ASN1_F_D2I_ASN1_GENERALIZEDTIME 144 -# define ASN1_F_D2I_ASN1_HEADER 145 -# define ASN1_F_D2I_ASN1_INTEGER 146 -# define ASN1_F_D2I_ASN1_OBJECT 147 -# define ASN1_F_D2I_ASN1_SET 148 -# define ASN1_F_D2I_ASN1_TYPE_BYTES 149 -# define ASN1_F_D2I_ASN1_UINTEGER 150 -# define ASN1_F_D2I_ASN1_UTCTIME 151 -# define ASN1_F_D2I_AUTOPRIVATEKEY 207 -# define ASN1_F_D2I_NETSCAPE_RSA 152 -# define ASN1_F_D2I_NETSCAPE_RSA_2 153 -# define ASN1_F_D2I_PRIVATEKEY 154 -# define ASN1_F_D2I_PUBLICKEY 155 -# define ASN1_F_D2I_RSA_NET 200 -# define ASN1_F_D2I_RSA_NET_2 201 -# define ASN1_F_D2I_X509 156 -# define ASN1_F_D2I_X509_CINF 157 -# define ASN1_F_D2I_X509_PKEY 159 -# define ASN1_F_I2D_ASN1_BIO_STREAM 211 -# define ASN1_F_I2D_ASN1_SET 188 -# define ASN1_F_I2D_ASN1_TIME 160 -# define ASN1_F_I2D_DSA_PUBKEY 161 -# define ASN1_F_I2D_EC_PUBKEY 181 -# define ASN1_F_I2D_PRIVATEKEY 163 -# define ASN1_F_I2D_PUBLICKEY 164 -# define ASN1_F_I2D_RSA_NET 162 -# define ASN1_F_I2D_RSA_PUBKEY 165 -# define ASN1_F_LONG_C2I 166 -# define ASN1_F_OID_MODULE_INIT 174 -# define ASN1_F_PARSE_TAGGING 182 -# define ASN1_F_PKCS5_PBE2_SET_IV 167 -# define ASN1_F_PKCS5_PBE_SET 202 -# define ASN1_F_PKCS5_PBE_SET0_ALGOR 215 -# define ASN1_F_PKCS5_PBKDF2_SET 219 -# define ASN1_F_SMIME_READ_ASN1 212 -# define ASN1_F_SMIME_TEXT 213 -# define ASN1_F_X509_CINF_NEW 168 -# define ASN1_F_X509_CRL_ADD0_REVOKED 169 -# define ASN1_F_X509_INFO_NEW 170 -# define ASN1_F_X509_NAME_ENCODE 203 -# define ASN1_F_X509_NAME_EX_D2I 158 -# define ASN1_F_X509_NAME_EX_NEW 171 -# define ASN1_F_X509_NEW 172 -# define ASN1_F_X509_PKEY_NEW 173 - -/* Reason codes. */ -# define ASN1_R_ADDING_OBJECT 171 -# define ASN1_R_ASN1_PARSE_ERROR 203 -# define ASN1_R_ASN1_SIG_PARSE_ERROR 204 -# define ASN1_R_AUX_ERROR 100 -# define ASN1_R_BAD_CLASS 101 -# define ASN1_R_BAD_OBJECT_HEADER 102 -# define ASN1_R_BAD_PASSWORD_READ 103 -# define ASN1_R_BAD_TAG 104 -# define ASN1_R_BMPSTRING_IS_WRONG_LENGTH 214 -# define ASN1_R_BN_LIB 105 -# define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 106 -# define ASN1_R_BUFFER_TOO_SMALL 107 -# define ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 108 -# define ASN1_R_CONTEXT_NOT_INITIALISED 217 -# define ASN1_R_DATA_IS_WRONG 109 -# define ASN1_R_DECODE_ERROR 110 -# define ASN1_R_DECODING_ERROR 111 -# define ASN1_R_DEPTH_EXCEEDED 174 -# define ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED 198 -# define ASN1_R_ENCODE_ERROR 112 -# define ASN1_R_ERROR_GETTING_TIME 173 -# define ASN1_R_ERROR_LOADING_SECTION 172 -# define ASN1_R_ERROR_PARSING_SET_ELEMENT 113 -# define ASN1_R_ERROR_SETTING_CIPHER_PARAMS 114 -# define ASN1_R_EXPECTING_AN_INTEGER 115 -# define ASN1_R_EXPECTING_AN_OBJECT 116 -# define ASN1_R_EXPECTING_A_BOOLEAN 117 -# define ASN1_R_EXPECTING_A_TIME 118 -# define ASN1_R_EXPLICIT_LENGTH_MISMATCH 119 -# define ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED 120 -# define ASN1_R_FIELD_MISSING 121 -# define ASN1_R_FIRST_NUM_TOO_LARGE 122 -# define ASN1_R_HEADER_TOO_LONG 123 -# define ASN1_R_ILLEGAL_BITSTRING_FORMAT 175 -# define ASN1_R_ILLEGAL_BOOLEAN 176 -# define ASN1_R_ILLEGAL_CHARACTERS 124 -# define ASN1_R_ILLEGAL_FORMAT 177 -# define ASN1_R_ILLEGAL_HEX 178 -# define ASN1_R_ILLEGAL_IMPLICIT_TAG 179 -# define ASN1_R_ILLEGAL_INTEGER 180 -# define ASN1_R_ILLEGAL_NESTED_TAGGING 181 -# define ASN1_R_ILLEGAL_NULL 125 -# define ASN1_R_ILLEGAL_NULL_VALUE 182 -# define ASN1_R_ILLEGAL_OBJECT 183 -# define ASN1_R_ILLEGAL_OPTIONAL_ANY 126 -# define ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE 170 -# define ASN1_R_ILLEGAL_TAGGED_ANY 127 -# define ASN1_R_ILLEGAL_TIME_VALUE 184 -# define ASN1_R_INTEGER_NOT_ASCII_FORMAT 185 -# define ASN1_R_INTEGER_TOO_LARGE_FOR_LONG 128 -# define ASN1_R_INVALID_BIT_STRING_BITS_LEFT 220 -# define ASN1_R_INVALID_BMPSTRING_LENGTH 129 -# define ASN1_R_INVALID_DIGIT 130 -# define ASN1_R_INVALID_MIME_TYPE 205 -# define ASN1_R_INVALID_MODIFIER 186 -# define ASN1_R_INVALID_NUMBER 187 -# define ASN1_R_INVALID_OBJECT_ENCODING 216 -# define ASN1_R_INVALID_SEPARATOR 131 -# define ASN1_R_INVALID_TIME_FORMAT 132 -# define ASN1_R_INVALID_UNIVERSALSTRING_LENGTH 133 -# define ASN1_R_INVALID_UTF8STRING 134 -# define ASN1_R_IV_TOO_LARGE 135 -# define ASN1_R_LENGTH_ERROR 136 -# define ASN1_R_LIST_ERROR 188 -# define ASN1_R_MIME_NO_CONTENT_TYPE 206 -# define ASN1_R_MIME_PARSE_ERROR 207 -# define ASN1_R_MIME_SIG_PARSE_ERROR 208 -# define ASN1_R_MISSING_EOC 137 -# define ASN1_R_MISSING_SECOND_NUMBER 138 -# define ASN1_R_MISSING_VALUE 189 -# define ASN1_R_MSTRING_NOT_UNIVERSAL 139 -# define ASN1_R_MSTRING_WRONG_TAG 140 -# define ASN1_R_NESTED_ASN1_STRING 197 -# define ASN1_R_NESTED_TOO_DEEP 219 -# define ASN1_R_NON_HEX_CHARACTERS 141 -# define ASN1_R_NOT_ASCII_FORMAT 190 -# define ASN1_R_NOT_ENOUGH_DATA 142 -# define ASN1_R_NO_CONTENT_TYPE 209 -# define ASN1_R_NO_DEFAULT_DIGEST 201 -# define ASN1_R_NO_MATCHING_CHOICE_TYPE 143 -# define ASN1_R_NO_MULTIPART_BODY_FAILURE 210 -# define ASN1_R_NO_MULTIPART_BOUNDARY 211 -# define ASN1_R_NO_SIG_CONTENT_TYPE 212 -# define ASN1_R_NULL_IS_WRONG_LENGTH 144 -# define ASN1_R_OBJECT_NOT_ASCII_FORMAT 191 -# define ASN1_R_ODD_NUMBER_OF_CHARS 145 -# define ASN1_R_PRIVATE_KEY_HEADER_MISSING 146 -# define ASN1_R_SECOND_NUMBER_TOO_LARGE 147 -# define ASN1_R_SEQUENCE_LENGTH_MISMATCH 148 -# define ASN1_R_SEQUENCE_NOT_CONSTRUCTED 149 -# define ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG 192 -# define ASN1_R_SHORT_LINE 150 -# define ASN1_R_SIG_INVALID_MIME_TYPE 213 -# define ASN1_R_STREAMING_NOT_SUPPORTED 202 -# define ASN1_R_STRING_TOO_LONG 151 -# define ASN1_R_STRING_TOO_SHORT 152 -# define ASN1_R_TAG_VALUE_TOO_HIGH 153 -# define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 154 -# define ASN1_R_TIME_NOT_ASCII_FORMAT 193 -# define ASN1_R_TOO_LONG 155 -# define ASN1_R_TYPE_NOT_CONSTRUCTED 156 -# define ASN1_R_TYPE_NOT_PRIMITIVE 218 -# define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 157 -# define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 158 -# define ASN1_R_UNEXPECTED_EOC 159 -# define ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH 215 -# define ASN1_R_UNKNOWN_FORMAT 160 -# define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 161 -# define ASN1_R_UNKNOWN_OBJECT_TYPE 162 -# define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 163 -# define ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM 199 -# define ASN1_R_UNKNOWN_TAG 194 -# define ASN1_R_UNKOWN_FORMAT 195 -# define ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE 164 -# define ASN1_R_UNSUPPORTED_CIPHER 165 -# define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 166 -# define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 167 -# define ASN1_R_UNSUPPORTED_TYPE 196 -# define ASN1_R_WRONG_PUBLIC_KEY_TYPE 200 -# define ASN1_R_WRONG_TAG 168 -# define ASN1_R_WRONG_TYPE 169 - -#ifdef __cplusplus -} -#endif -#endif diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c index cfc1512f9d07..613f9ae71333 100644 --- a/crypto/asn1/asn1_err.c +++ b/crypto/asn1/asn1_err.c @@ -1,355 +1,350 @@ -/* crypto/asn1/asn1_err.c */ -/* ==================================================================== - * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - /* - * NOTE: this file was auto generated by the mkerr.pl script: any changes - * made to it will be overwritten when the script next updates this file, - * only reason strings will be preserved. + * Generated by util/mkerr.pl DO NOT EDIT + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ -#include <stdio.h> #include <openssl/err.h> -#include <openssl/asn1.h> +#include <openssl/asn1err.h> -/* BEGIN ERROR CODES */ #ifndef OPENSSL_NO_ERR -# define ERR_FUNC(func) ERR_PACK(ERR_LIB_ASN1,func,0) -# define ERR_REASON(reason) ERR_PACK(ERR_LIB_ASN1,0,reason) - -static ERR_STRING_DATA ASN1_str_functs[] = { - {ERR_FUNC(ASN1_F_A2D_ASN1_OBJECT), "a2d_ASN1_OBJECT"}, - {ERR_FUNC(ASN1_F_A2I_ASN1_ENUMERATED), "a2i_ASN1_ENUMERATED"}, - {ERR_FUNC(ASN1_F_A2I_ASN1_INTEGER), "a2i_ASN1_INTEGER"}, - {ERR_FUNC(ASN1_F_A2I_ASN1_STRING), "a2i_ASN1_STRING"}, - {ERR_FUNC(ASN1_F_APPEND_EXP), "APPEND_EXP"}, - {ERR_FUNC(ASN1_F_ASN1_BIT_STRING_SET_BIT), "ASN1_BIT_STRING_set_bit"}, - {ERR_FUNC(ASN1_F_ASN1_CB), "ASN1_CB"}, - {ERR_FUNC(ASN1_F_ASN1_CHECK_TLEN), "ASN1_CHECK_TLEN"}, - {ERR_FUNC(ASN1_F_ASN1_COLLATE_PRIMITIVE), "ASN1_COLLATE_PRIMITIVE"}, - {ERR_FUNC(ASN1_F_ASN1_COLLECT), "ASN1_COLLECT"}, - {ERR_FUNC(ASN1_F_ASN1_D2I_EX_PRIMITIVE), "ASN1_D2I_EX_PRIMITIVE"}, - {ERR_FUNC(ASN1_F_ASN1_D2I_FP), "ASN1_d2i_fp"}, - {ERR_FUNC(ASN1_F_ASN1_D2I_READ_BIO), "ASN1_D2I_READ_BIO"}, - {ERR_FUNC(ASN1_F_ASN1_DIGEST), "ASN1_digest"}, - {ERR_FUNC(ASN1_F_ASN1_DO_ADB), "ASN1_DO_ADB"}, - {ERR_FUNC(ASN1_F_ASN1_DUP), "ASN1_dup"}, - {ERR_FUNC(ASN1_F_ASN1_ENUMERATED_SET), "ASN1_ENUMERATED_set"}, - {ERR_FUNC(ASN1_F_ASN1_ENUMERATED_TO_BN), "ASN1_ENUMERATED_to_BN"}, - {ERR_FUNC(ASN1_F_ASN1_EX_C2I), "ASN1_EX_C2I"}, - {ERR_FUNC(ASN1_F_ASN1_FIND_END), "ASN1_FIND_END"}, - {ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_ADJ), "ASN1_GENERALIZEDTIME_adj"}, - {ERR_FUNC(ASN1_F_ASN1_GENERALIZEDTIME_SET), "ASN1_GENERALIZEDTIME_set"}, - {ERR_FUNC(ASN1_F_ASN1_GENERATE_V3), "ASN1_generate_v3"}, - {ERR_FUNC(ASN1_F_ASN1_GET_OBJECT), "ASN1_get_object"}, - {ERR_FUNC(ASN1_F_ASN1_HEADER_NEW), "ASN1_HEADER_NEW"}, - {ERR_FUNC(ASN1_F_ASN1_I2D_BIO), "ASN1_i2d_bio"}, - {ERR_FUNC(ASN1_F_ASN1_I2D_FP), "ASN1_i2d_fp"}, - {ERR_FUNC(ASN1_F_ASN1_INTEGER_SET), "ASN1_INTEGER_set"}, - {ERR_FUNC(ASN1_F_ASN1_INTEGER_TO_BN), "ASN1_INTEGER_to_BN"}, - {ERR_FUNC(ASN1_F_ASN1_ITEM_D2I_FP), "ASN1_item_d2i_fp"}, - {ERR_FUNC(ASN1_F_ASN1_ITEM_DUP), "ASN1_item_dup"}, - {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_COMBINE_NEW), "ASN1_ITEM_EX_COMBINE_NEW"}, - {ERR_FUNC(ASN1_F_ASN1_ITEM_EX_D2I), "ASN1_ITEM_EX_D2I"}, - {ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_BIO), "ASN1_item_i2d_bio"}, - {ERR_FUNC(ASN1_F_ASN1_ITEM_I2D_FP), "ASN1_item_i2d_fp"}, - {ERR_FUNC(ASN1_F_ASN1_ITEM_PACK), "ASN1_item_pack"}, - {ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN), "ASN1_item_sign"}, - {ERR_FUNC(ASN1_F_ASN1_ITEM_SIGN_CTX), "ASN1_item_sign_ctx"}, - {ERR_FUNC(ASN1_F_ASN1_ITEM_UNPACK), "ASN1_item_unpack"}, - {ERR_FUNC(ASN1_F_ASN1_ITEM_VERIFY), "ASN1_item_verify"}, - {ERR_FUNC(ASN1_F_ASN1_MBSTRING_NCOPY), "ASN1_mbstring_ncopy"}, - {ERR_FUNC(ASN1_F_ASN1_OBJECT_NEW), "ASN1_OBJECT_new"}, - {ERR_FUNC(ASN1_F_ASN1_OUTPUT_DATA), "ASN1_OUTPUT_DATA"}, - {ERR_FUNC(ASN1_F_ASN1_PACK_STRING), "ASN1_pack_string"}, - {ERR_FUNC(ASN1_F_ASN1_PCTX_NEW), "ASN1_PCTX_new"}, - {ERR_FUNC(ASN1_F_ASN1_PKCS5_PBE_SET), "ASN1_PKCS5_PBE_SET"}, - {ERR_FUNC(ASN1_F_ASN1_SEQ_PACK), "ASN1_seq_pack"}, - {ERR_FUNC(ASN1_F_ASN1_SEQ_UNPACK), "ASN1_seq_unpack"}, - {ERR_FUNC(ASN1_F_ASN1_SIGN), "ASN1_sign"}, - {ERR_FUNC(ASN1_F_ASN1_STR2TYPE), "ASN1_STR2TYPE"}, - {ERR_FUNC(ASN1_F_ASN1_STRING_SET), "ASN1_STRING_set"}, - {ERR_FUNC(ASN1_F_ASN1_STRING_TABLE_ADD), "ASN1_STRING_TABLE_add"}, - {ERR_FUNC(ASN1_F_ASN1_STRING_TYPE_NEW), "ASN1_STRING_type_new"}, - {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_EX_D2I), "ASN1_TEMPLATE_EX_D2I"}, - {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NEW), "ASN1_TEMPLATE_NEW"}, - {ERR_FUNC(ASN1_F_ASN1_TEMPLATE_NOEXP_D2I), "ASN1_TEMPLATE_NOEXP_D2I"}, - {ERR_FUNC(ASN1_F_ASN1_TIME_ADJ), "ASN1_TIME_adj"}, - {ERR_FUNC(ASN1_F_ASN1_TIME_SET), "ASN1_TIME_set"}, - {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING), +static const ERR_STRING_DATA ASN1_str_functs[] = { + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_A2D_ASN1_OBJECT, 0), "a2d_ASN1_OBJECT"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_A2I_ASN1_INTEGER, 0), "a2i_ASN1_INTEGER"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_A2I_ASN1_STRING, 0), "a2i_ASN1_STRING"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_APPEND_EXP, 0), "append_exp"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_BIO_INIT, 0), "asn1_bio_init"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_BIT_STRING_SET_BIT, 0), + "ASN1_BIT_STRING_set_bit"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_CB, 0), "asn1_cb"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_CHECK_TLEN, 0), "asn1_check_tlen"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_COLLECT, 0), "asn1_collect"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_D2I_EX_PRIMITIVE, 0), + "asn1_d2i_ex_primitive"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_D2I_FP, 0), "ASN1_d2i_fp"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_D2I_READ_BIO, 0), "asn1_d2i_read_bio"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_DIGEST, 0), "ASN1_digest"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_DO_ADB, 0), "asn1_do_adb"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_DO_LOCK, 0), "asn1_do_lock"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_DUP, 0), "ASN1_dup"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ENC_SAVE, 0), "asn1_enc_save"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_EX_C2I, 0), "asn1_ex_c2i"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_FIND_END, 0), "asn1_find_end"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_GENERALIZEDTIME_ADJ, 0), + "ASN1_GENERALIZEDTIME_adj"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_GENERATE_V3, 0), "ASN1_generate_v3"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_GET_INT64, 0), "asn1_get_int64"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_GET_OBJECT, 0), "ASN1_get_object"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_GET_UINT64, 0), "asn1_get_uint64"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_I2D_BIO, 0), "ASN1_i2d_bio"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_I2D_FP, 0), "ASN1_i2d_fp"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_D2I_FP, 0), "ASN1_item_d2i_fp"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_DUP, 0), "ASN1_item_dup"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_EMBED_D2I, 0), + "asn1_item_embed_d2i"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_EMBED_NEW, 0), + "asn1_item_embed_new"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_FLAGS_I2D, 0), + "asn1_item_flags_i2d"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_I2D_BIO, 0), "ASN1_item_i2d_bio"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_I2D_FP, 0), "ASN1_item_i2d_fp"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_PACK, 0), "ASN1_item_pack"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_SIGN, 0), "ASN1_item_sign"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_SIGN_CTX, 0), + "ASN1_item_sign_ctx"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_UNPACK, 0), "ASN1_item_unpack"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_ITEM_VERIFY, 0), "ASN1_item_verify"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_MBSTRING_NCOPY, 0), + "ASN1_mbstring_ncopy"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_OBJECT_NEW, 0), "ASN1_OBJECT_new"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_OUTPUT_DATA, 0), "asn1_output_data"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_PCTX_NEW, 0), "ASN1_PCTX_new"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_PRIMITIVE_NEW, 0), + "asn1_primitive_new"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_SCTX_NEW, 0), "ASN1_SCTX_new"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_SIGN, 0), "ASN1_sign"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_STR2TYPE, 0), "asn1_str2type"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_STRING_GET_INT64, 0), + "asn1_string_get_int64"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_STRING_GET_UINT64, 0), + "asn1_string_get_uint64"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_STRING_SET, 0), "ASN1_STRING_set"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_STRING_TABLE_ADD, 0), + "ASN1_STRING_TABLE_add"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_STRING_TO_BN, 0), "asn1_string_to_bn"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_STRING_TYPE_NEW, 0), + "ASN1_STRING_type_new"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_TEMPLATE_EX_D2I, 0), + "asn1_template_ex_d2i"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_TEMPLATE_NEW, 0), "asn1_template_new"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_TEMPLATE_NOEXP_D2I, 0), + "asn1_template_noexp_d2i"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_TIME_ADJ, 0), "ASN1_TIME_adj"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING, 0), "ASN1_TYPE_get_int_octetstring"}, - {ERR_FUNC(ASN1_F_ASN1_TYPE_GET_OCTETSTRING), "ASN1_TYPE_get_octetstring"}, - {ERR_FUNC(ASN1_F_ASN1_UNPACK_STRING), "ASN1_unpack_string"}, - {ERR_FUNC(ASN1_F_ASN1_UTCTIME_ADJ), "ASN1_UTCTIME_adj"}, - {ERR_FUNC(ASN1_F_ASN1_UTCTIME_SET), "ASN1_UTCTIME_set"}, - {ERR_FUNC(ASN1_F_ASN1_VERIFY), "ASN1_verify"}, - {ERR_FUNC(ASN1_F_B64_READ_ASN1), "B64_READ_ASN1"}, - {ERR_FUNC(ASN1_F_B64_WRITE_ASN1), "B64_WRITE_ASN1"}, - {ERR_FUNC(ASN1_F_BIO_NEW_NDEF), "BIO_new_NDEF"}, - {ERR_FUNC(ASN1_F_BITSTR_CB), "BITSTR_CB"}, - {ERR_FUNC(ASN1_F_BN_TO_ASN1_ENUMERATED), "BN_to_ASN1_ENUMERATED"}, - {ERR_FUNC(ASN1_F_BN_TO_ASN1_INTEGER), "BN_to_ASN1_INTEGER"}, - {ERR_FUNC(ASN1_F_C2I_ASN1_BIT_STRING), "c2i_ASN1_BIT_STRING"}, - {ERR_FUNC(ASN1_F_C2I_ASN1_INTEGER), "c2i_ASN1_INTEGER"}, - {ERR_FUNC(ASN1_F_C2I_ASN1_OBJECT), "c2i_ASN1_OBJECT"}, - {ERR_FUNC(ASN1_F_COLLECT_DATA), "COLLECT_DATA"}, - {ERR_FUNC(ASN1_F_D2I_ASN1_BIT_STRING), "D2I_ASN1_BIT_STRING"}, - {ERR_FUNC(ASN1_F_D2I_ASN1_BOOLEAN), "d2i_ASN1_BOOLEAN"}, - {ERR_FUNC(ASN1_F_D2I_ASN1_BYTES), "d2i_ASN1_bytes"}, - {ERR_FUNC(ASN1_F_D2I_ASN1_GENERALIZEDTIME), "D2I_ASN1_GENERALIZEDTIME"}, - {ERR_FUNC(ASN1_F_D2I_ASN1_HEADER), "D2I_ASN1_HEADER"}, - {ERR_FUNC(ASN1_F_D2I_ASN1_INTEGER), "D2I_ASN1_INTEGER"}, - {ERR_FUNC(ASN1_F_D2I_ASN1_OBJECT), "d2i_ASN1_OBJECT"}, - {ERR_FUNC(ASN1_F_D2I_ASN1_SET), "d2i_ASN1_SET"}, - {ERR_FUNC(ASN1_F_D2I_ASN1_TYPE_BYTES), "d2i_ASN1_type_bytes"}, - {ERR_FUNC(ASN1_F_D2I_ASN1_UINTEGER), "d2i_ASN1_UINTEGER"}, - {ERR_FUNC(ASN1_F_D2I_ASN1_UTCTIME), "D2I_ASN1_UTCTIME"}, - {ERR_FUNC(ASN1_F_D2I_AUTOPRIVATEKEY), "d2i_AutoPrivateKey"}, - {ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA), "d2i_Netscape_RSA"}, - {ERR_FUNC(ASN1_F_D2I_NETSCAPE_RSA_2), "D2I_NETSCAPE_RSA_2"}, - {ERR_FUNC(ASN1_F_D2I_PRIVATEKEY), "d2i_PrivateKey"}, - {ERR_FUNC(ASN1_F_D2I_PUBLICKEY), "d2i_PublicKey"}, - {ERR_FUNC(ASN1_F_D2I_RSA_NET), "d2i_RSA_NET"}, - {ERR_FUNC(ASN1_F_D2I_RSA_NET_2), "D2I_RSA_NET_2"}, - {ERR_FUNC(ASN1_F_D2I_X509), "D2I_X509"}, - {ERR_FUNC(ASN1_F_D2I_X509_CINF), "D2I_X509_CINF"}, - {ERR_FUNC(ASN1_F_D2I_X509_PKEY), "d2i_X509_PKEY"}, - {ERR_FUNC(ASN1_F_I2D_ASN1_BIO_STREAM), "i2d_ASN1_bio_stream"}, - {ERR_FUNC(ASN1_F_I2D_ASN1_SET), "i2d_ASN1_SET"}, - {ERR_FUNC(ASN1_F_I2D_ASN1_TIME), "I2D_ASN1_TIME"}, - {ERR_FUNC(ASN1_F_I2D_DSA_PUBKEY), "i2d_DSA_PUBKEY"}, - {ERR_FUNC(ASN1_F_I2D_EC_PUBKEY), "i2d_EC_PUBKEY"}, - {ERR_FUNC(ASN1_F_I2D_PRIVATEKEY), "i2d_PrivateKey"}, - {ERR_FUNC(ASN1_F_I2D_PUBLICKEY), "i2d_PublicKey"}, - {ERR_FUNC(ASN1_F_I2D_RSA_NET), "i2d_RSA_NET"}, - {ERR_FUNC(ASN1_F_I2D_RSA_PUBKEY), "i2d_RSA_PUBKEY"}, - {ERR_FUNC(ASN1_F_LONG_C2I), "LONG_C2I"}, - {ERR_FUNC(ASN1_F_OID_MODULE_INIT), "OID_MODULE_INIT"}, - {ERR_FUNC(ASN1_F_PARSE_TAGGING), "PARSE_TAGGING"}, - {ERR_FUNC(ASN1_F_PKCS5_PBE2_SET_IV), "PKCS5_pbe2_set_iv"}, - {ERR_FUNC(ASN1_F_PKCS5_PBE_SET), "PKCS5_pbe_set"}, - {ERR_FUNC(ASN1_F_PKCS5_PBE_SET0_ALGOR), "PKCS5_pbe_set0_algor"}, - {ERR_FUNC(ASN1_F_PKCS5_PBKDF2_SET), "PKCS5_pbkdf2_set"}, - {ERR_FUNC(ASN1_F_SMIME_READ_ASN1), "SMIME_read_ASN1"}, - {ERR_FUNC(ASN1_F_SMIME_TEXT), "SMIME_text"}, - {ERR_FUNC(ASN1_F_X509_CINF_NEW), "X509_CINF_NEW"}, - {ERR_FUNC(ASN1_F_X509_CRL_ADD0_REVOKED), "X509_CRL_add0_revoked"}, - {ERR_FUNC(ASN1_F_X509_INFO_NEW), "X509_INFO_new"}, - {ERR_FUNC(ASN1_F_X509_NAME_ENCODE), "X509_NAME_ENCODE"}, - {ERR_FUNC(ASN1_F_X509_NAME_EX_D2I), "X509_NAME_EX_D2I"}, - {ERR_FUNC(ASN1_F_X509_NAME_EX_NEW), "X509_NAME_EX_NEW"}, - {ERR_FUNC(ASN1_F_X509_NEW), "X509_NEW"}, - {ERR_FUNC(ASN1_F_X509_PKEY_NEW), "X509_PKEY_new"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_TYPE_GET_OCTETSTRING, 0), + "ASN1_TYPE_get_octetstring"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_UTCTIME_ADJ, 0), "ASN1_UTCTIME_adj"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_ASN1_VERIFY, 0), "ASN1_verify"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_B64_READ_ASN1, 0), "b64_read_asn1"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_B64_WRITE_ASN1, 0), "B64_write_ASN1"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_BIO_NEW_NDEF, 0), "BIO_new_NDEF"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_BITSTR_CB, 0), "bitstr_cb"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_BN_TO_ASN1_STRING, 0), "bn_to_asn1_string"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_C2I_ASN1_BIT_STRING, 0), + "c2i_ASN1_BIT_STRING"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_C2I_ASN1_INTEGER, 0), "c2i_ASN1_INTEGER"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_C2I_ASN1_OBJECT, 0), "c2i_ASN1_OBJECT"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_C2I_IBUF, 0), "c2i_ibuf"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_C2I_UINT64_INT, 0), "c2i_uint64_int"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_COLLECT_DATA, 0), "collect_data"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_D2I_ASN1_OBJECT, 0), "d2i_ASN1_OBJECT"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_D2I_ASN1_UINTEGER, 0), "d2i_ASN1_UINTEGER"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_D2I_AUTOPRIVATEKEY, 0), + "d2i_AutoPrivateKey"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_D2I_PRIVATEKEY, 0), "d2i_PrivateKey"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_D2I_PUBLICKEY, 0), "d2i_PublicKey"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_DO_BUF, 0), "do_buf"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_DO_CREATE, 0), "do_create"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_DO_DUMP, 0), "do_dump"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_DO_TCREATE, 0), "do_tcreate"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2A_ASN1_OBJECT, 0), "i2a_ASN1_OBJECT"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_ASN1_BIO_STREAM, 0), + "i2d_ASN1_bio_stream"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_ASN1_OBJECT, 0), "i2d_ASN1_OBJECT"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_DSA_PUBKEY, 0), "i2d_DSA_PUBKEY"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_EC_PUBKEY, 0), "i2d_EC_PUBKEY"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_PRIVATEKEY, 0), "i2d_PrivateKey"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_PUBLICKEY, 0), "i2d_PublicKey"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_I2D_RSA_PUBKEY, 0), "i2d_RSA_PUBKEY"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_LONG_C2I, 0), "long_c2i"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_NDEF_PREFIX, 0), "ndef_prefix"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_NDEF_SUFFIX, 0), "ndef_suffix"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_OID_MODULE_INIT, 0), "oid_module_init"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_PARSE_TAGGING, 0), "parse_tagging"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_PKCS5_PBE2_SET_IV, 0), "PKCS5_pbe2_set_iv"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_PKCS5_PBE2_SET_SCRYPT, 0), + "PKCS5_pbe2_set_scrypt"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_PKCS5_PBE_SET, 0), "PKCS5_pbe_set"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_PKCS5_PBE_SET0_ALGOR, 0), + "PKCS5_pbe_set0_algor"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_PKCS5_PBKDF2_SET, 0), "PKCS5_pbkdf2_set"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_PKCS5_SCRYPT_SET, 0), "pkcs5_scrypt_set"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_SMIME_READ_ASN1, 0), "SMIME_read_ASN1"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_SMIME_TEXT, 0), "SMIME_text"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_STABLE_GET, 0), "stable_get"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_STBL_MODULE_INIT, 0), "stbl_module_init"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_UINT32_C2I, 0), "uint32_c2i"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_UINT32_NEW, 0), "uint32_new"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_UINT64_C2I, 0), "uint64_c2i"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_UINT64_NEW, 0), "uint64_new"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_X509_CRL_ADD0_REVOKED, 0), + "X509_CRL_add0_revoked"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_X509_INFO_NEW, 0), "X509_INFO_new"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_X509_NAME_ENCODE, 0), "x509_name_encode"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_X509_NAME_EX_D2I, 0), "x509_name_ex_d2i"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_X509_NAME_EX_NEW, 0), "x509_name_ex_new"}, + {ERR_PACK(ERR_LIB_ASN1, ASN1_F_X509_PKEY_NEW, 0), "X509_PKEY_new"}, {0, NULL} }; -static ERR_STRING_DATA ASN1_str_reasons[] = { - {ERR_REASON(ASN1_R_ADDING_OBJECT), "adding object"}, - {ERR_REASON(ASN1_R_ASN1_PARSE_ERROR), "asn1 parse error"}, - {ERR_REASON(ASN1_R_ASN1_SIG_PARSE_ERROR), "asn1 sig parse error"}, - {ERR_REASON(ASN1_R_AUX_ERROR), "aux error"}, - {ERR_REASON(ASN1_R_BAD_CLASS), "bad class"}, - {ERR_REASON(ASN1_R_BAD_OBJECT_HEADER), "bad object header"}, - {ERR_REASON(ASN1_R_BAD_PASSWORD_READ), "bad password read"}, - {ERR_REASON(ASN1_R_BAD_TAG), "bad tag"}, - {ERR_REASON(ASN1_R_BMPSTRING_IS_WRONG_LENGTH), - "bmpstring is wrong length"}, - {ERR_REASON(ASN1_R_BN_LIB), "bn lib"}, - {ERR_REASON(ASN1_R_BOOLEAN_IS_WRONG_LENGTH), "boolean is wrong length"}, - {ERR_REASON(ASN1_R_BUFFER_TOO_SMALL), "buffer too small"}, - {ERR_REASON(ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER), - "cipher has no object identifier"}, - {ERR_REASON(ASN1_R_CONTEXT_NOT_INITIALISED), "context not initialised"}, - {ERR_REASON(ASN1_R_DATA_IS_WRONG), "data is wrong"}, - {ERR_REASON(ASN1_R_DECODE_ERROR), "decode error"}, - {ERR_REASON(ASN1_R_DECODING_ERROR), "decoding error"}, - {ERR_REASON(ASN1_R_DEPTH_EXCEEDED), "depth exceeded"}, - {ERR_REASON(ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED), - "digest and key type not supported"}, - {ERR_REASON(ASN1_R_ENCODE_ERROR), "encode error"}, - {ERR_REASON(ASN1_R_ERROR_GETTING_TIME), "error getting time"}, - {ERR_REASON(ASN1_R_ERROR_LOADING_SECTION), "error loading section"}, - {ERR_REASON(ASN1_R_ERROR_PARSING_SET_ELEMENT), - "error parsing set element"}, - {ERR_REASON(ASN1_R_ERROR_SETTING_CIPHER_PARAMS), - "error setting cipher params"}, - {ERR_REASON(ASN1_R_EXPECTING_AN_INTEGER), "expecting an integer"}, - {ERR_REASON(ASN1_R_EXPECTING_AN_OBJECT), "expecting an object"}, - {ERR_REASON(ASN1_R_EXPECTING_A_BOOLEAN), "expecting a boolean"}, - {ERR_REASON(ASN1_R_EXPECTING_A_TIME), "expecting a time"}, - {ERR_REASON(ASN1_R_EXPLICIT_LENGTH_MISMATCH), "explicit length mismatch"}, - {ERR_REASON(ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED), - "explicit tag not constructed"}, - {ERR_REASON(ASN1_R_FIELD_MISSING), "field missing"}, - {ERR_REASON(ASN1_R_FIRST_NUM_TOO_LARGE), "first num too large"}, - {ERR_REASON(ASN1_R_HEADER_TOO_LONG), "header too long"}, - {ERR_REASON(ASN1_R_ILLEGAL_BITSTRING_FORMAT), "illegal bitstring format"}, - {ERR_REASON(ASN1_R_ILLEGAL_BOOLEAN), "illegal boolean"}, - {ERR_REASON(ASN1_R_ILLEGAL_CHARACTERS), "illegal characters"}, - {ERR_REASON(ASN1_R_ILLEGAL_FORMAT), "illegal format"}, - {ERR_REASON(ASN1_R_ILLEGAL_HEX), "illegal hex"}, - {ERR_REASON(ASN1_R_ILLEGAL_IMPLICIT_TAG), "illegal implicit tag"}, - {ERR_REASON(ASN1_R_ILLEGAL_INTEGER), "illegal integer"}, - {ERR_REASON(ASN1_R_ILLEGAL_NESTED_TAGGING), "illegal nested tagging"}, - {ERR_REASON(ASN1_R_ILLEGAL_NULL), "illegal null"}, - {ERR_REASON(ASN1_R_ILLEGAL_NULL_VALUE), "illegal null value"}, - {ERR_REASON(ASN1_R_ILLEGAL_OBJECT), "illegal object"}, - {ERR_REASON(ASN1_R_ILLEGAL_OPTIONAL_ANY), "illegal optional any"}, - {ERR_REASON(ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE), - "illegal options on item template"}, - {ERR_REASON(ASN1_R_ILLEGAL_TAGGED_ANY), "illegal tagged any"}, - {ERR_REASON(ASN1_R_ILLEGAL_TIME_VALUE), "illegal time value"}, - {ERR_REASON(ASN1_R_INTEGER_NOT_ASCII_FORMAT), "integer not ascii format"}, - {ERR_REASON(ASN1_R_INTEGER_TOO_LARGE_FOR_LONG), - "integer too large for long"}, - {ERR_REASON(ASN1_R_INVALID_BIT_STRING_BITS_LEFT), - "invalid bit string bits left"}, - {ERR_REASON(ASN1_R_INVALID_BMPSTRING_LENGTH), "invalid bmpstring length"}, - {ERR_REASON(ASN1_R_INVALID_DIGIT), "invalid digit"}, - {ERR_REASON(ASN1_R_INVALID_MIME_TYPE), "invalid mime type"}, - {ERR_REASON(ASN1_R_INVALID_MODIFIER), "invalid modifier"}, - {ERR_REASON(ASN1_R_INVALID_NUMBER), "invalid number"}, - {ERR_REASON(ASN1_R_INVALID_OBJECT_ENCODING), "invalid object encoding"}, - {ERR_REASON(ASN1_R_INVALID_SEPARATOR), "invalid separator"}, - {ERR_REASON(ASN1_R_INVALID_TIME_FORMAT), "invalid time format"}, - {ERR_REASON(ASN1_R_INVALID_UNIVERSALSTRING_LENGTH), - "invalid universalstring length"}, - {ERR_REASON(ASN1_R_INVALID_UTF8STRING), "invalid utf8string"}, - {ERR_REASON(ASN1_R_IV_TOO_LARGE), "iv too large"}, - {ERR_REASON(ASN1_R_LENGTH_ERROR), "length error"}, - {ERR_REASON(ASN1_R_LIST_ERROR), "list error"}, - {ERR_REASON(ASN1_R_MIME_NO_CONTENT_TYPE), "mime no content type"}, - {ERR_REASON(ASN1_R_MIME_PARSE_ERROR), "mime parse error"}, - {ERR_REASON(ASN1_R_MIME_SIG_PARSE_ERROR), "mime sig parse error"}, - {ERR_REASON(ASN1_R_MISSING_EOC), "missing eoc"}, - {ERR_REASON(ASN1_R_MISSING_SECOND_NUMBER), "missing second number"}, - {ERR_REASON(ASN1_R_MISSING_VALUE), "missing value"}, - {ERR_REASON(ASN1_R_MSTRING_NOT_UNIVERSAL), "mstring not universal"}, - {ERR_REASON(ASN1_R_MSTRING_WRONG_TAG), "mstring wrong tag"}, - {ERR_REASON(ASN1_R_NESTED_ASN1_STRING), "nested asn1 string"}, - {ERR_REASON(ASN1_R_NESTED_TOO_DEEP), "nested too deep"}, - {ERR_REASON(ASN1_R_NON_HEX_CHARACTERS), "non hex characters"}, - {ERR_REASON(ASN1_R_NOT_ASCII_FORMAT), "not ascii format"}, - {ERR_REASON(ASN1_R_NOT_ENOUGH_DATA), "not enough data"}, - {ERR_REASON(ASN1_R_NO_CONTENT_TYPE), "no content type"}, - {ERR_REASON(ASN1_R_NO_DEFAULT_DIGEST), "no default digest"}, - {ERR_REASON(ASN1_R_NO_MATCHING_CHOICE_TYPE), "no matching choice type"}, - {ERR_REASON(ASN1_R_NO_MULTIPART_BODY_FAILURE), - "no multipart body failure"}, - {ERR_REASON(ASN1_R_NO_MULTIPART_BOUNDARY), "no multipart boundary"}, - {ERR_REASON(ASN1_R_NO_SIG_CONTENT_TYPE), "no sig content type"}, - {ERR_REASON(ASN1_R_NULL_IS_WRONG_LENGTH), "null is wrong length"}, - {ERR_REASON(ASN1_R_OBJECT_NOT_ASCII_FORMAT), "object not ascii format"}, - {ERR_REASON(ASN1_R_ODD_NUMBER_OF_CHARS), "odd number of chars"}, - {ERR_REASON(ASN1_R_PRIVATE_KEY_HEADER_MISSING), - "private key header missing"}, - {ERR_REASON(ASN1_R_SECOND_NUMBER_TOO_LARGE), "second number too large"}, - {ERR_REASON(ASN1_R_SEQUENCE_LENGTH_MISMATCH), "sequence length mismatch"}, - {ERR_REASON(ASN1_R_SEQUENCE_NOT_CONSTRUCTED), "sequence not constructed"}, - {ERR_REASON(ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG), - "sequence or set needs config"}, - {ERR_REASON(ASN1_R_SHORT_LINE), "short line"}, - {ERR_REASON(ASN1_R_SIG_INVALID_MIME_TYPE), "sig invalid mime type"}, - {ERR_REASON(ASN1_R_STREAMING_NOT_SUPPORTED), "streaming not supported"}, - {ERR_REASON(ASN1_R_STRING_TOO_LONG), "string too long"}, - {ERR_REASON(ASN1_R_STRING_TOO_SHORT), "string too short"}, - {ERR_REASON(ASN1_R_TAG_VALUE_TOO_HIGH), "tag value too high"}, - {ERR_REASON(ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD), - "the asn1 object identifier is not known for this md"}, - {ERR_REASON(ASN1_R_TIME_NOT_ASCII_FORMAT), "time not ascii format"}, - {ERR_REASON(ASN1_R_TOO_LONG), "too long"}, - {ERR_REASON(ASN1_R_TYPE_NOT_CONSTRUCTED), "type not constructed"}, - {ERR_REASON(ASN1_R_TYPE_NOT_PRIMITIVE), "type not primitive"}, - {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_KEY), "unable to decode rsa key"}, - {ERR_REASON(ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY), - "unable to decode rsa private key"}, - {ERR_REASON(ASN1_R_UNEXPECTED_EOC), "unexpected eoc"}, - {ERR_REASON(ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH), - "universalstring is wrong length"}, - {ERR_REASON(ASN1_R_UNKNOWN_FORMAT), "unknown format"}, - {ERR_REASON(ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM), - "unknown message digest algorithm"}, - {ERR_REASON(ASN1_R_UNKNOWN_OBJECT_TYPE), "unknown object type"}, - {ERR_REASON(ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE), "unknown public key type"}, - {ERR_REASON(ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM), - "unknown signature algorithm"}, - {ERR_REASON(ASN1_R_UNKNOWN_TAG), "unknown tag"}, - {ERR_REASON(ASN1_R_UNKOWN_FORMAT), "unknown format"}, - {ERR_REASON(ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE), - "unsupported any defined by type"}, - {ERR_REASON(ASN1_R_UNSUPPORTED_CIPHER), "unsupported cipher"}, - {ERR_REASON(ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM), - "unsupported encryption algorithm"}, - {ERR_REASON(ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE), - "unsupported public key type"}, - {ERR_REASON(ASN1_R_UNSUPPORTED_TYPE), "unsupported type"}, - {ERR_REASON(ASN1_R_WRONG_PUBLIC_KEY_TYPE), "wrong public key type"}, - {ERR_REASON(ASN1_R_WRONG_TAG), "wrong tag"}, - {ERR_REASON(ASN1_R_WRONG_TYPE), "wrong type"}, +static const ERR_STRING_DATA ASN1_str_reasons[] = { + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ADDING_OBJECT), "adding object"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ASN1_PARSE_ERROR), "asn1 parse error"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ASN1_SIG_PARSE_ERROR), + "asn1 sig parse error"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_AUX_ERROR), "aux error"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BAD_OBJECT_HEADER), "bad object header"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BMPSTRING_IS_WRONG_LENGTH), + "bmpstring is wrong length"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BN_LIB), "bn lib"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BOOLEAN_IS_WRONG_LENGTH), + "boolean is wrong length"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_BUFFER_TOO_SMALL), "buffer too small"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER), + "cipher has no object identifier"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_CONTEXT_NOT_INITIALISED), + "context not initialised"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_DATA_IS_WRONG), "data is wrong"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_DECODE_ERROR), "decode error"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_DEPTH_EXCEEDED), "depth exceeded"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_DIGEST_AND_KEY_TYPE_NOT_SUPPORTED), + "digest and key type not supported"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ENCODE_ERROR), "encode error"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ERROR_GETTING_TIME), + "error getting time"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ERROR_LOADING_SECTION), + "error loading section"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ERROR_SETTING_CIPHER_PARAMS), + "error setting cipher params"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_EXPECTING_AN_INTEGER), + "expecting an integer"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_EXPECTING_AN_OBJECT), + "expecting an object"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_EXPLICIT_LENGTH_MISMATCH), + "explicit length mismatch"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_EXPLICIT_TAG_NOT_CONSTRUCTED), + "explicit tag not constructed"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_FIELD_MISSING), "field missing"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_FIRST_NUM_TOO_LARGE), + "first num too large"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_HEADER_TOO_LONG), "header too long"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_BITSTRING_FORMAT), + "illegal bitstring format"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_BOOLEAN), "illegal boolean"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_CHARACTERS), + "illegal characters"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_FORMAT), "illegal format"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_HEX), "illegal hex"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_IMPLICIT_TAG), + "illegal implicit tag"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_INTEGER), "illegal integer"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_NEGATIVE_VALUE), + "illegal negative value"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_NESTED_TAGGING), + "illegal nested tagging"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_NULL), "illegal null"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_NULL_VALUE), + "illegal null value"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_OBJECT), "illegal object"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_OPTIONAL_ANY), + "illegal optional any"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE), + "illegal options on item template"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_PADDING), "illegal padding"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_TAGGED_ANY), + "illegal tagged any"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_TIME_VALUE), + "illegal time value"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ILLEGAL_ZERO_CONTENT), + "illegal zero content"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INTEGER_NOT_ASCII_FORMAT), + "integer not ascii format"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INTEGER_TOO_LARGE_FOR_LONG), + "integer too large for long"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_BIT_STRING_BITS_LEFT), + "invalid bit string bits left"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_BMPSTRING_LENGTH), + "invalid bmpstring length"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_DIGIT), "invalid digit"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_MIME_TYPE), "invalid mime type"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_MODIFIER), "invalid modifier"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_NUMBER), "invalid number"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_OBJECT_ENCODING), + "invalid object encoding"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_SCRYPT_PARAMETERS), + "invalid scrypt parameters"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_SEPARATOR), "invalid separator"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_STRING_TABLE_VALUE), + "invalid string table value"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_UNIVERSALSTRING_LENGTH), + "invalid universalstring length"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_UTF8STRING), + "invalid utf8string"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_INVALID_VALUE), "invalid value"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_LIST_ERROR), "list error"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MIME_NO_CONTENT_TYPE), + "mime no content type"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MIME_PARSE_ERROR), "mime parse error"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MIME_SIG_PARSE_ERROR), + "mime sig parse error"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MISSING_EOC), "missing eoc"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MISSING_SECOND_NUMBER), + "missing second number"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MISSING_VALUE), "missing value"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MSTRING_NOT_UNIVERSAL), + "mstring not universal"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_MSTRING_WRONG_TAG), "mstring wrong tag"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NESTED_ASN1_STRING), + "nested asn1 string"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NESTED_TOO_DEEP), "nested too deep"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NON_HEX_CHARACTERS), + "non hex characters"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NOT_ASCII_FORMAT), "not ascii format"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NOT_ENOUGH_DATA), "not enough data"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NO_CONTENT_TYPE), "no content type"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NO_MATCHING_CHOICE_TYPE), + "no matching choice type"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NO_MULTIPART_BODY_FAILURE), + "no multipart body failure"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NO_MULTIPART_BOUNDARY), + "no multipart boundary"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NO_SIG_CONTENT_TYPE), + "no sig content type"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_NULL_IS_WRONG_LENGTH), + "null is wrong length"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_OBJECT_NOT_ASCII_FORMAT), + "object not ascii format"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_ODD_NUMBER_OF_CHARS), + "odd number of chars"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_SECOND_NUMBER_TOO_LARGE), + "second number too large"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_SEQUENCE_LENGTH_MISMATCH), + "sequence length mismatch"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_SEQUENCE_NOT_CONSTRUCTED), + "sequence not constructed"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_SEQUENCE_OR_SET_NEEDS_CONFIG), + "sequence or set needs config"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_SHORT_LINE), "short line"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_SIG_INVALID_MIME_TYPE), + "sig invalid mime type"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_STREAMING_NOT_SUPPORTED), + "streaming not supported"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_STRING_TOO_LONG), "string too long"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_STRING_TOO_SHORT), "string too short"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD), + "the asn1 object identifier is not known for this md"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_TIME_NOT_ASCII_FORMAT), + "time not ascii format"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_TOO_LARGE), "too large"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_TOO_LONG), "too long"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_TOO_SMALL), "too small"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_TYPE_NOT_CONSTRUCTED), + "type not constructed"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_TYPE_NOT_PRIMITIVE), + "type not primitive"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNEXPECTED_EOC), "unexpected eoc"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNIVERSALSTRING_IS_WRONG_LENGTH), + "universalstring is wrong length"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_FORMAT), "unknown format"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM), + "unknown message digest algorithm"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_OBJECT_TYPE), + "unknown object type"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE), + "unknown public key type"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_SIGNATURE_ALGORITHM), + "unknown signature algorithm"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNKNOWN_TAG), "unknown tag"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNSUPPORTED_ANY_DEFINED_BY_TYPE), + "unsupported any defined by type"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNSUPPORTED_CIPHER), + "unsupported cipher"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE), + "unsupported public key type"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_UNSUPPORTED_TYPE), "unsupported type"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_WRONG_INTEGER_TYPE), + "wrong integer type"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_WRONG_PUBLIC_KEY_TYPE), + "wrong public key type"}, + {ERR_PACK(ERR_LIB_ASN1, 0, ASN1_R_WRONG_TAG), "wrong tag"}, {0, NULL} }; #endif -void ERR_load_ASN1_strings(void) +int ERR_load_ASN1_strings(void) { #ifndef OPENSSL_NO_ERR - if (ERR_func_error_string(ASN1_str_functs[0].error) == NULL) { - ERR_load_strings(0, ASN1_str_functs); - ERR_load_strings(0, ASN1_str_reasons); + ERR_load_strings_const(ASN1_str_functs); + ERR_load_strings_const(ASN1_str_reasons); } #endif + return 1; } diff --git a/crypto/asn1/asn1_gen.c b/crypto/asn1/asn1_gen.c index 65749239b1a4..493a693aa384 100644 --- a/crypto/asn1/asn1_gen.c +++ b/crypto/asn1/asn1_gen.c @@ -1,63 +1,13 @@ -/* asn1_gen.c */ /* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project - * 2002. - */ -/* ==================================================================== - * Copyright (c) 2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). + * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/asn1.h> #include <openssl/x509v3.h> @@ -112,7 +62,7 @@ typedef struct { int exp_count; } tag_exp_arg; -static ASN1_TYPE *generate_v3(char *str, X509V3_CTX *cnf, int depth, +static ASN1_TYPE *generate_v3(const char *str, X509V3_CTX *cnf, int depth, int *perr); static int bitstr_cb(const char *elem, int len, void *bitstr); static int asn1_cb(const char *elem, int len, void *bitstr); @@ -125,7 +75,7 @@ static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf, static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype); static int asn1_str2tag(const char *tagstr, int len); -ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf) +ASN1_TYPE *ASN1_generate_nconf(const char *str, CONF *nconf) { X509V3_CTX cnf; @@ -136,7 +86,7 @@ ASN1_TYPE *ASN1_generate_nconf(char *str, CONF *nconf) return ASN1_generate_v3(str, &cnf); } -ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf) +ASN1_TYPE *ASN1_generate_v3(const char *str, X509V3_CTX *cnf) { int err = 0; ASN1_TYPE *ret = generate_v3(str, cnf, 0, &err); @@ -145,7 +95,7 @@ ASN1_TYPE *ASN1_generate_v3(char *str, X509V3_CTX *cnf) return ret; } -static ASN1_TYPE *generate_v3(char *str, X509V3_CTX *cnf, int depth, +static ASN1_TYPE *generate_v3(const char *str, X509V3_CTX *cnf, int depth, int *perr) { ASN1_TYPE *ret; @@ -159,7 +109,7 @@ static ASN1_TYPE *generate_v3(char *str, X509V3_CTX *cnf, int depth, unsigned char *p; const unsigned char *cp; int cpy_len; - long hdr_len; + long hdr_len = 0; int hdr_constructed = 0, hdr_tag, hdr_class; int r; @@ -243,7 +193,7 @@ static ASN1_TYPE *generate_v3(char *str, X509V3_CTX *cnf, int depth, /* Allocate buffer for new encoding */ new_der = OPENSSL_malloc(len); - if (!new_der) + if (new_der == NULL) goto err; /* Generate tagged encoding */ @@ -280,10 +230,8 @@ static ASN1_TYPE *generate_v3(char *str, X509V3_CTX *cnf, int depth, ret = d2i_ASN1_TYPE(NULL, &cp, len); err: - if (orig_der) - OPENSSL_free(orig_der); - if (new_der) - OPENSSL_free(new_der); + OPENSSL_free(orig_der); + OPENSSL_free(new_der); return ret; @@ -377,16 +325,16 @@ static int asn1_cb(const char *elem, int len, void *bitstr) ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKNOWN_FORMAT); return -1; } - if (!strncmp(vstart, "ASCII", 5)) + if (strncmp(vstart, "ASCII", 5) == 0) arg->format = ASN1_GEN_FORMAT_ASCII; - else if (!strncmp(vstart, "UTF8", 4)) + else if (strncmp(vstart, "UTF8", 4) == 0) arg->format = ASN1_GEN_FORMAT_UTF8; - else if (!strncmp(vstart, "HEX", 3)) + else if (strncmp(vstart, "HEX", 3) == 0) arg->format = ASN1_GEN_FORMAT_HEX; - else if (!strncmp(vstart, "BITLIST", 7)) + else if (strncmp(vstart, "BITLIST", 7) == 0) arg->format = ASN1_GEN_FORMAT_BITLIST; else { - ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKOWN_FORMAT); + ASN1err(ASN1_F_ASN1_CB, ASN1_R_UNKNOWN_FORMAT); return -1; } break; @@ -443,7 +391,6 @@ static int parse_tagging(const char *vstart, int vlen, int *ptag, int *pclass) ASN1err(ASN1_F_PARSE_TAGGING, ASN1_R_INVALID_MODIFIER); ERR_add_error_data(2, "Char=", erch); return 0; - break; } } else @@ -495,15 +442,12 @@ static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf, if (derlen < 0) goto bad; - - if (!(ret = ASN1_TYPE_new())) + if ((ret = ASN1_TYPE_new()) == NULL) goto bad; - - if (!(ret->value.asn1_string = ASN1_STRING_type_new(utype))) + if ((ret->value.asn1_string = ASN1_STRING_type_new(utype)) == NULL) goto bad; ret->type = utype; - ret->value.asn1_string->data = der; ret->value.asn1_string->length = derlen; @@ -511,13 +455,10 @@ static ASN1_TYPE *asn1_multi(int utype, const char *section, X509V3_CTX *cnf, bad: - if (der) - OPENSSL_free(der); + OPENSSL_free(der); - if (sk) - sk_ASN1_TYPE_pop_free(sk, ASN1_TYPE_free); - if (sect) - X509V3_section_free(cnf, sect); + sk_ASN1_TYPE_pop_free(sk, ASN1_TYPE_free); + X509V3_section_free(cnf, sect); return ret; } @@ -626,8 +567,8 @@ static int asn1_str2tag(const char *tagstr, int len) len = strlen(tagstr); tntmp = tnst; - for (i = 0; i < sizeof(tnst) / sizeof(struct tag_name_st); i++, tntmp++) { - if ((len == tntmp->len) && !strncmp(tntmp->strnam, tagstr, len)) + for (i = 0; i < OSSL_NELEM(tnst); i++, tntmp++) { + if ((len == tntmp->len) && (strncmp(tntmp->strnam, tagstr, len) == 0)) return tntmp->tag; } @@ -637,15 +578,12 @@ static int asn1_str2tag(const char *tagstr, int len) static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) { ASN1_TYPE *atmp = NULL; - CONF_VALUE vtmp; - unsigned char *rdata; long rdlen; - int no_unused = 1; - if (!(atmp = ASN1_TYPE_new())) { + if ((atmp = ASN1_TYPE_new()) == NULL) { ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE); return NULL; } @@ -682,7 +620,8 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_INTEGER_NOT_ASCII_FORMAT); goto bad_form; } - if (!(atmp->value.integer = s2i_ASN1_INTEGER(NULL, (char *)str))) { + if ((atmp->value.integer + = s2i_ASN1_INTEGER(NULL, str)) == NULL) { ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_INTEGER); goto bad_str; } @@ -693,7 +632,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_OBJECT_NOT_ASCII_FORMAT); goto bad_form; } - if (!(atmp->value.object = OBJ_txt2obj(str, 0))) { + if ((atmp->value.object = OBJ_txt2obj(str, 0)) == NULL) { ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_OBJECT); goto bad_str; } @@ -705,7 +644,7 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_TIME_NOT_ASCII_FORMAT); goto bad_form; } - if (!(atmp->value.asn1_string = ASN1_STRING_new())) { + if ((atmp->value.asn1_string = ASN1_STRING_new()) == NULL) { ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE); goto bad_str; } @@ -730,7 +669,6 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) case V_ASN1_UNIVERSALSTRING: case V_ASN1_GENERALSTRING: case V_ASN1_NUMERICSTRING: - if (format == ASN1_GEN_FORMAT_ASCII) format = MBSTRING_ASC; else if (format == ASN1_GEN_FORMAT_UTF8) @@ -749,25 +687,20 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) break; case V_ASN1_BIT_STRING: - case V_ASN1_OCTET_STRING: - - if (!(atmp->value.asn1_string = ASN1_STRING_new())) { + if ((atmp->value.asn1_string = ASN1_STRING_new()) == NULL) { ASN1err(ASN1_F_ASN1_STR2TYPE, ERR_R_MALLOC_FAILURE); goto bad_form; } if (format == ASN1_GEN_FORMAT_HEX) { - - if (!(rdata = string_to_hex((char *)str, &rdlen))) { + if ((rdata = OPENSSL_hexstr2buf(str, &rdlen)) == NULL) { ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_ILLEGAL_HEX); goto bad_str; } - atmp->value.asn1_string->data = rdata; atmp->value.asn1_string->length = rdlen; atmp->value.asn1_string->type = utype; - } else if (format == ASN1_GEN_FORMAT_ASCII) ASN1_STRING_set(atmp->value.asn1_string, str, -1); else if ((format == ASN1_GEN_FORMAT_BITLIST) @@ -795,7 +728,6 @@ static ASN1_TYPE *asn1_str2type(const char *str, int format, int utype) default: ASN1err(ASN1_F_ASN1_STR2TYPE, ASN1_R_UNSUPPORTED_TYPE); goto bad_str; - break; } atmp->type = utype; @@ -829,3 +761,29 @@ static int bitstr_cb(const char *elem, int len, void *bitstr) } return 1; } + +static int mask_cb(const char *elem, int len, void *arg) +{ + unsigned long *pmask = arg, tmpmask; + int tag; + if (elem == NULL) + return 0; + if ((len == 3) && (strncmp(elem, "DIR", 3) == 0)) { + *pmask |= B_ASN1_DIRECTORYSTRING; + return 1; + } + tag = asn1_str2tag(elem, len); + if (!tag || (tag & ASN1_GEN_FLAG)) + return 0; + tmpmask = ASN1_tag2bit(tag); + if (!tmpmask) + return 0; + *pmask |= tmpmask; + return 1; +} + +int ASN1_str2mask(const char *str, unsigned long *pmask) +{ + *pmask = 0; + return CONF_parse_list(str, '|', 1, mask_cb, pmask); +} diff --git a/crypto/asn1/asn1_int.h b/crypto/asn1/asn1_int.h deleted file mode 100644 index c9fd8b12ae17..000000000000 --- a/crypto/asn1/asn1_int.h +++ /dev/null @@ -1,63 +0,0 @@ -/* asn1t.h */ -/* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project - * 2006. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -/* Internal ASN1 template structures and functions: not for application use */ - -void asn1_item_combine_free(ASN1_VALUE **pval, const ASN1_ITEM *it, - int combine); diff --git a/crypto/asn1/asn1_item_list.c b/crypto/asn1/asn1_item_list.c new file mode 100644 index 000000000000..9798192f4be2 --- /dev/null +++ b/crypto/asn1/asn1_item_list.c @@ -0,0 +1,42 @@ +/* + * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include <stdio.h> +#include "internal/cryptlib.h" +#include <openssl/asn1.h> +#include <openssl/asn1t.h> +#include <openssl/cms.h> +#include <openssl/dh.h> +#include <openssl/ocsp.h> +#include <openssl/pkcs7.h> +#include <openssl/pkcs12.h> +#include <openssl/rsa.h> +#include <openssl/x509v3.h> + +#include "asn1_item_list.h" + +const ASN1_ITEM *ASN1_ITEM_lookup(const char *name) +{ + size_t i; + + for (i = 0; i < OSSL_NELEM(asn1_item_list); i++) { + const ASN1_ITEM *it = ASN1_ITEM_ptr(asn1_item_list[i]); + + if (strcmp(it->sname, name) == 0) + return it; + } + return NULL; +} + +const ASN1_ITEM *ASN1_ITEM_get(size_t i) +{ + if (i >= OSSL_NELEM(asn1_item_list)) + return NULL; + return ASN1_ITEM_ptr(asn1_item_list[i]); +} diff --git a/crypto/asn1/asn1_item_list.h b/crypto/asn1/asn1_item_list.h new file mode 100644 index 000000000000..db8107ed1b19 --- /dev/null +++ b/crypto/asn1/asn1_item_list.h @@ -0,0 +1,178 @@ +/* + * Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +static ASN1_ITEM_EXP *asn1_item_list[] = { + + ASN1_ITEM_ref(ACCESS_DESCRIPTION), +#ifndef OPENSSL_NO_RFC3779 + ASN1_ITEM_ref(ASIdOrRange), + ASN1_ITEM_ref(ASIdentifierChoice), + ASN1_ITEM_ref(ASIdentifiers), +#endif + ASN1_ITEM_ref(ASN1_ANY), + ASN1_ITEM_ref(ASN1_BIT_STRING), + ASN1_ITEM_ref(ASN1_BMPSTRING), + ASN1_ITEM_ref(ASN1_BOOLEAN), + ASN1_ITEM_ref(ASN1_ENUMERATED), + ASN1_ITEM_ref(ASN1_FBOOLEAN), + ASN1_ITEM_ref(ASN1_GENERALIZEDTIME), + ASN1_ITEM_ref(ASN1_GENERALSTRING), + ASN1_ITEM_ref(ASN1_IA5STRING), + ASN1_ITEM_ref(ASN1_INTEGER), + ASN1_ITEM_ref(ASN1_NULL), + ASN1_ITEM_ref(ASN1_OBJECT), + ASN1_ITEM_ref(ASN1_OCTET_STRING_NDEF), + ASN1_ITEM_ref(ASN1_OCTET_STRING), + ASN1_ITEM_ref(ASN1_PRINTABLESTRING), + ASN1_ITEM_ref(ASN1_PRINTABLE), + ASN1_ITEM_ref(ASN1_SEQUENCE_ANY), + ASN1_ITEM_ref(ASN1_SEQUENCE), + ASN1_ITEM_ref(ASN1_SET_ANY), + ASN1_ITEM_ref(ASN1_T61STRING), + ASN1_ITEM_ref(ASN1_TBOOLEAN), + ASN1_ITEM_ref(ASN1_TIME), + ASN1_ITEM_ref(ASN1_UNIVERSALSTRING), + ASN1_ITEM_ref(ASN1_UTCTIME), + ASN1_ITEM_ref(ASN1_UTF8STRING), + ASN1_ITEM_ref(ASN1_VISIBLESTRING), +#ifndef OPENSSL_NO_RFC3779 + ASN1_ITEM_ref(ASRange), +#endif + ASN1_ITEM_ref(AUTHORITY_INFO_ACCESS), + ASN1_ITEM_ref(AUTHORITY_KEYID), + ASN1_ITEM_ref(BASIC_CONSTRAINTS), + ASN1_ITEM_ref(BIGNUM), + ASN1_ITEM_ref(CBIGNUM), + ASN1_ITEM_ref(CERTIFICATEPOLICIES), +#ifndef OPENSSL_NO_CMS + ASN1_ITEM_ref(CMS_ContentInfo), + ASN1_ITEM_ref(CMS_ReceiptRequest), +#endif + ASN1_ITEM_ref(CRL_DIST_POINTS), +#ifndef OPENSSL_NO_DH + ASN1_ITEM_ref(DHparams), +#endif + ASN1_ITEM_ref(DIRECTORYSTRING), + ASN1_ITEM_ref(DISPLAYTEXT), + ASN1_ITEM_ref(DIST_POINT_NAME), + ASN1_ITEM_ref(DIST_POINT), +#ifndef OPENSSL_NO_EC + ASN1_ITEM_ref(ECPARAMETERS), + ASN1_ITEM_ref(ECPKPARAMETERS), +#endif + ASN1_ITEM_ref(EDIPARTYNAME), + ASN1_ITEM_ref(EXTENDED_KEY_USAGE), + ASN1_ITEM_ref(GENERAL_NAMES), + ASN1_ITEM_ref(GENERAL_NAME), + ASN1_ITEM_ref(GENERAL_SUBTREE), +#ifndef OPENSSL_NO_RFC3779 + ASN1_ITEM_ref(IPAddressChoice), + ASN1_ITEM_ref(IPAddressFamily), + ASN1_ITEM_ref(IPAddressOrRange), + ASN1_ITEM_ref(IPAddressRange), +#endif + ASN1_ITEM_ref(ISSUING_DIST_POINT), +#if OPENSSL_API_COMPAT < 0x10200000L + ASN1_ITEM_ref(LONG), +#endif + ASN1_ITEM_ref(NAME_CONSTRAINTS), + ASN1_ITEM_ref(NETSCAPE_CERT_SEQUENCE), + ASN1_ITEM_ref(NETSCAPE_SPKAC), + ASN1_ITEM_ref(NETSCAPE_SPKI), + ASN1_ITEM_ref(NOTICEREF), +#ifndef OPENSSL_NO_OCSP + ASN1_ITEM_ref(OCSP_BASICRESP), + ASN1_ITEM_ref(OCSP_CERTID), + ASN1_ITEM_ref(OCSP_CERTSTATUS), + ASN1_ITEM_ref(OCSP_CRLID), + ASN1_ITEM_ref(OCSP_ONEREQ), + ASN1_ITEM_ref(OCSP_REQINFO), + ASN1_ITEM_ref(OCSP_REQUEST), + ASN1_ITEM_ref(OCSP_RESPBYTES), + ASN1_ITEM_ref(OCSP_RESPDATA), + ASN1_ITEM_ref(OCSP_RESPID), + ASN1_ITEM_ref(OCSP_RESPONSE), + ASN1_ITEM_ref(OCSP_REVOKEDINFO), + ASN1_ITEM_ref(OCSP_SERVICELOC), + ASN1_ITEM_ref(OCSP_SIGNATURE), + ASN1_ITEM_ref(OCSP_SINGLERESP), +#endif + ASN1_ITEM_ref(OTHERNAME), + ASN1_ITEM_ref(PBE2PARAM), + ASN1_ITEM_ref(PBEPARAM), + ASN1_ITEM_ref(PBKDF2PARAM), + ASN1_ITEM_ref(PKCS12_AUTHSAFES), + ASN1_ITEM_ref(PKCS12_BAGS), + ASN1_ITEM_ref(PKCS12_MAC_DATA), + ASN1_ITEM_ref(PKCS12_SAFEBAGS), + ASN1_ITEM_ref(PKCS12_SAFEBAG), + ASN1_ITEM_ref(PKCS12), + ASN1_ITEM_ref(PKCS7_ATTR_SIGN), + ASN1_ITEM_ref(PKCS7_ATTR_VERIFY), + ASN1_ITEM_ref(PKCS7_DIGEST), + ASN1_ITEM_ref(PKCS7_ENCRYPT), + ASN1_ITEM_ref(PKCS7_ENC_CONTENT), + ASN1_ITEM_ref(PKCS7_ENVELOPE), + ASN1_ITEM_ref(PKCS7_ISSUER_AND_SERIAL), + ASN1_ITEM_ref(PKCS7_RECIP_INFO), + ASN1_ITEM_ref(PKCS7_SIGNED), + ASN1_ITEM_ref(PKCS7_SIGNER_INFO), + ASN1_ITEM_ref(PKCS7_SIGN_ENVELOPE), + ASN1_ITEM_ref(PKCS7), + ASN1_ITEM_ref(PKCS8_PRIV_KEY_INFO), + ASN1_ITEM_ref(PKEY_USAGE_PERIOD), + ASN1_ITEM_ref(POLICYINFO), + ASN1_ITEM_ref(POLICYQUALINFO), + ASN1_ITEM_ref(POLICY_CONSTRAINTS), + ASN1_ITEM_ref(POLICY_MAPPINGS), + ASN1_ITEM_ref(POLICY_MAPPING), + ASN1_ITEM_ref(PROXY_CERT_INFO_EXTENSION), + ASN1_ITEM_ref(PROXY_POLICY), +#ifndef OPENSSL_NO_RSA + ASN1_ITEM_ref(RSAPrivateKey), + ASN1_ITEM_ref(RSAPublicKey), + ASN1_ITEM_ref(RSA_OAEP_PARAMS), + ASN1_ITEM_ref(RSA_PSS_PARAMS), +#endif +#ifndef OPENSSL_NO_SCRYPT + ASN1_ITEM_ref(SCRYPT_PARAMS), +#endif + ASN1_ITEM_ref(SXNETID), + ASN1_ITEM_ref(SXNET), + ASN1_ITEM_ref(USERNOTICE), + ASN1_ITEM_ref(X509_ALGORS), + ASN1_ITEM_ref(X509_ALGOR), + ASN1_ITEM_ref(X509_ATTRIBUTE), + ASN1_ITEM_ref(X509_CERT_AUX), + ASN1_ITEM_ref(X509_CINF), + ASN1_ITEM_ref(X509_CRL_INFO), + ASN1_ITEM_ref(X509_CRL), + ASN1_ITEM_ref(X509_EXTENSIONS), + ASN1_ITEM_ref(X509_EXTENSION), + ASN1_ITEM_ref(X509_NAME_ENTRY), + ASN1_ITEM_ref(X509_NAME), + ASN1_ITEM_ref(X509_PUBKEY), + ASN1_ITEM_ref(X509_REQ_INFO), + ASN1_ITEM_ref(X509_REQ), + ASN1_ITEM_ref(X509_REVOKED), + ASN1_ITEM_ref(X509_SIG), + ASN1_ITEM_ref(X509_VAL), + ASN1_ITEM_ref(X509), +#if OPENSSL_API_COMPAT < 0x10200000L + ASN1_ITEM_ref(ZLONG), +#endif + ASN1_ITEM_ref(INT32), + ASN1_ITEM_ref(UINT32), + ASN1_ITEM_ref(ZINT32), + ASN1_ITEM_ref(ZUINT32), + ASN1_ITEM_ref(INT64), + ASN1_ITEM_ref(UINT64), + ASN1_ITEM_ref(ZINT64), + ASN1_ITEM_ref(ZUINT64), +}; diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c index b52c3e1264c7..88c4b5391802 100644 --- a/crypto/asn1/asn1_lib.c +++ b/crypto/asn1/asn1_lib.c @@ -1,71 +1,21 @@ -/* crypto/asn1/asn1_lib.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> #include <limits.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/asn1.h> -#include <openssl/asn1_mac.h> +#include "asn1_locl.h" static int asn1_get_length(const unsigned char **pp, int *inf, long *rl, long max); static void asn1_put_length(unsigned char **pp, int length); -const char ASN1_version[] = "ASN.1" OPENSSL_VERSION_PTEXT; static int _asn1_check_infinite_end(const unsigned char **p, long len) { @@ -73,12 +23,12 @@ static int _asn1_check_infinite_end(const unsigned char **p, long len) * If there is 0 or 1 byte left, the length check should pick things up */ if (len <= 0) - return (1); + return 1; else if ((len >= 2) && ((*p)[0] == 0) && ((*p)[1] == 0)) { (*p) += 2; - return (1); + return 1; } - return (0); + return 0; } int ASN1_check_infinite_end(unsigned char **p, long len) @@ -137,12 +87,6 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, if (inf && !(ret & V_ASN1_CONSTRUCTED)) goto err; -#if 0 - fprintf(stderr, "p=%d + *plength=%ld > omax=%ld + *pp=%d (%d > %d)\n", - (int)p, *plength, omax, (int)*pp, (int)(p + *plength), - (int)(omax + *pp)); - -#endif if (*plength > (omax - (p - *pp))) { ASN1err(ASN1_F_ASN1_GET_OBJECT, ASN1_R_TOO_LONG); /* @@ -152,40 +96,54 @@ int ASN1_get_object(const unsigned char **pp, long *plength, int *ptag, ret |= 0x80; } *pp = p; - return (ret | inf); + return ret | inf; err: ASN1err(ASN1_F_ASN1_GET_OBJECT, ASN1_R_HEADER_TOO_LONG); - return (0x80); + return 0x80; } +/* + * Decode a length field. + * The short form is a single byte defining a length 0 - 127. + * The long form is a byte 0 - 127 with the top bit set and this indicates + * the number of following octets that contain the length. These octets + * are stored most significant digit first. + */ static int asn1_get_length(const unsigned char **pp, int *inf, long *rl, long max) { const unsigned char *p = *pp; unsigned long ret = 0; - unsigned long i; + int i; if (max-- < 1) return 0; if (*p == 0x80) { *inf = 1; - ret = 0; p++; } else { *inf = 0; i = *p & 0x7f; - if (*(p++) & 0x80) { - if (i > sizeof(ret) || max < (long)i) + if (*p++ & 0x80) { + if (max < i + 1) return 0; - while (i-- > 0) { - ret <<= 8L; - ret |= *(p++); + /* Skip leading zeroes */ + while (i > 0 && *p == 0) { + p++; + i--; } + if (i > (int)sizeof(long)) + return 0; + while (i > 0) { + ret <<= 8; + ret |= *p++; + i--; + } + if (ret > LONG_MAX) + return 0; } else ret = i; } - if (ret > LONG_MAX) - return 0; *pp = p; *rl = (long)ret; return 1; @@ -282,57 +240,6 @@ int ASN1_object_size(int constructed, int length, int tag) return ret + length; } -static int _asn1_Finish(ASN1_const_CTX *c) -{ - if ((c->inf == (1 | V_ASN1_CONSTRUCTED)) && (!c->eos)) { - if (!ASN1_const_check_infinite_end(&c->p, c->slen)) { - c->error = ERR_R_MISSING_ASN1_EOS; - return (0); - } - } - if (((c->slen != 0) && !(c->inf & 1)) || ((c->slen < 0) && (c->inf & 1))) { - c->error = ERR_R_ASN1_LENGTH_MISMATCH; - return (0); - } - return (1); -} - -int asn1_Finish(ASN1_CTX *c) -{ - return _asn1_Finish((ASN1_const_CTX *)c); -} - -int asn1_const_Finish(ASN1_const_CTX *c) -{ - return _asn1_Finish(c); -} - -int asn1_GetSequence(ASN1_const_CTX *c, long *length) -{ - const unsigned char *q; - - q = c->p; - c->inf = ASN1_get_object(&(c->p), &(c->slen), &(c->tag), &(c->xclass), - *length); - if (c->inf & 0x80) { - c->error = ERR_R_BAD_GET_ASN1_OBJECT_CALL; - return (0); - } - if (c->tag != V_ASN1_SEQUENCE) { - c->error = ERR_R_EXPECTING_AN_ASN1_SEQUENCE; - return (0); - } - (*length) -= (c->p - q); - if (c->max && (*length < 0)) { - c->error = ERR_R_ASN1_LENGTH_MISMATCH; - return (0); - } - if (c->inf == (1 | V_ASN1_CONSTRUCTED)) - c->slen = *length; - c->eos = 0; - return (1); -} - int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str) { if (str == NULL) @@ -340,7 +247,9 @@ int ASN1_STRING_copy(ASN1_STRING *dst, const ASN1_STRING *str) dst->type = str->type; if (!ASN1_STRING_set(dst, str->data, str->length)) return 0; - dst->flags = str->flags; + /* Copy flags but preserve embed value */ + dst->flags &= ASN1_STRING_FLAG_EMBED; + dst->flags |= str->flags & ~ASN1_STRING_FLAG_EMBED; return 1; } @@ -350,7 +259,7 @@ ASN1_STRING *ASN1_STRING_dup(const ASN1_STRING *str) if (!str) return NULL; ret = ASN1_STRING_new(); - if (!ret) + if (ret == NULL) return NULL; if (!ASN1_STRING_copy(ret, str)) { ASN1_STRING_free(ret); @@ -366,21 +275,17 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len) if (len < 0) { if (data == NULL) - return (0); + return 0; else len = strlen(data); } if ((str->length <= len) || (str->data == NULL)) { c = str->data; - if (c == NULL) - str->data = OPENSSL_malloc(len + 1); - else - str->data = OPENSSL_realloc(c, len + 1); - + str->data = OPENSSL_realloc(c, len + 1); if (str->data == NULL) { ASN1err(ASN1_F_ASN1_STRING_SET, ERR_R_MALLOC_FAILURE); str->data = c; - return (0); + return 0; } } str->length = len; @@ -389,50 +294,56 @@ int ASN1_STRING_set(ASN1_STRING *str, const void *_data, int len) /* an allowance for strings :-) */ str->data[len] = '\0'; } - return (1); + return 1; } void ASN1_STRING_set0(ASN1_STRING *str, void *data, int len) { - if (str->data) - OPENSSL_free(str->data); + OPENSSL_free(str->data); str->data = data; str->length = len; } ASN1_STRING *ASN1_STRING_new(void) { - return (ASN1_STRING_type_new(V_ASN1_OCTET_STRING)); + return ASN1_STRING_type_new(V_ASN1_OCTET_STRING); } ASN1_STRING *ASN1_STRING_type_new(int type) { ASN1_STRING *ret; - ret = (ASN1_STRING *)OPENSSL_malloc(sizeof(ASN1_STRING)); + ret = OPENSSL_zalloc(sizeof(*ret)); if (ret == NULL) { ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW, ERR_R_MALLOC_FAILURE); - return (NULL); + return NULL; } - ret->length = 0; ret->type = type; - ret->data = NULL; - ret->flags = 0; - return (ret); + return ret; } -void ASN1_STRING_free(ASN1_STRING *a) +void asn1_string_embed_free(ASN1_STRING *a, int embed) { if (a == NULL) return; - if (a->data && !(a->flags & ASN1_STRING_FLAG_NDEF)) + if (!(a->flags & ASN1_STRING_FLAG_NDEF)) OPENSSL_free(a->data); - OPENSSL_free(a); + if (embed == 0) + OPENSSL_free(a); +} + +void ASN1_STRING_free(ASN1_STRING *a) +{ + if (a == NULL) + return; + asn1_string_embed_free(a, a->flags & ASN1_STRING_FLAG_EMBED); } void ASN1_STRING_clear_free(ASN1_STRING *a) { - if (a && a->data && !(a->flags & ASN1_STRING_FLAG_NDEF)) + if (a == NULL) + return; + if (a->data && !(a->flags & ASN1_STRING_FLAG_NDEF)) OPENSSL_cleanse(a->data, a->length); ASN1_STRING_free(a); } @@ -445,39 +356,36 @@ int ASN1_STRING_cmp(const ASN1_STRING *a, const ASN1_STRING *b) if (i == 0) { i = memcmp(a->data, b->data, a->length); if (i == 0) - return (a->type - b->type); + return a->type - b->type; else - return (i); + return i; } else - return (i); + return i; } -void asn1_add_error(const unsigned char *address, int offset) +int ASN1_STRING_length(const ASN1_STRING *x) { - char buf1[DECIMAL_SIZE(address) + 1], buf2[DECIMAL_SIZE(offset) + 1]; - - BIO_snprintf(buf1, sizeof(buf1), "%lu", (unsigned long)address); - BIO_snprintf(buf2, sizeof(buf2), "%d", offset); - ERR_add_error_data(4, "address=", buf1, " offset=", buf2); + return x->length; } -int ASN1_STRING_length(const ASN1_STRING *x) +void ASN1_STRING_length_set(ASN1_STRING *x, int len) { - return M_ASN1_STRING_length(x); + x->length = len; } -void ASN1_STRING_length_set(ASN1_STRING *x, int len) +int ASN1_STRING_type(const ASN1_STRING *x) { - M_ASN1_STRING_length_set(x, len); - return; + return x->type; } -int ASN1_STRING_type(ASN1_STRING *x) +const unsigned char *ASN1_STRING_get0_data(const ASN1_STRING *x) { - return M_ASN1_STRING_type(x); + return x->data; } +# if OPENSSL_API_COMPAT < 0x10100000L unsigned char *ASN1_STRING_data(ASN1_STRING *x) { - return M_ASN1_STRING_data(x); + return x->data; } +#endif diff --git a/crypto/asn1/asn1_locl.h b/crypto/asn1/asn1_locl.h index 4c004fab9a8d..cec141721b34 100644 --- a/crypto/asn1/asn1_locl.h +++ b/crypto/asn1/asn1_locl.h @@ -1,135 +1,83 @@ -/* asn1t.h */ /* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project - * 2006. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). + * Copyright 2005-2017 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ /* Internal ASN1 structures and functions: not for application use */ +int asn1_time_to_tm(struct tm *tm, const ASN1_TIME *d); int asn1_utctime_to_tm(struct tm *tm, const ASN1_UTCTIME *d); int asn1_generalizedtime_to_tm(struct tm *tm, const ASN1_GENERALIZEDTIME *d); -/* ASN1 print context structure */ +/* ASN1 scan context structure */ -struct asn1_pctx_st { +struct asn1_sctx_st { + /* The ASN1_ITEM associated with this field */ + const ASN1_ITEM *it; + /* If ASN1_TEMPLATE associated with this field */ + const ASN1_TEMPLATE *tt; + /* Various flags associated with field and context */ unsigned long flags; - unsigned long nm_flags; - unsigned long cert_flags; - unsigned long oid_flags; - unsigned long str_flags; -} /* ASN1_PCTX */ ; + /* If SEQUENCE OF or SET OF, field index */ + int skidx; + /* ASN1 depth of field */ + int depth; + /* Structure and field name */ + const char *sname, *fname; + /* If a primitive type the type of underlying field */ + int prim_type; + /* The field value itself */ + ASN1_VALUE **field; + /* Callback to pass information to */ + int (*scan_cb) (ASN1_SCTX *ctx); + /* Context specific application data */ + void *app_data; +} /* ASN1_SCTX */ ; -/* ASN1 public key method structure */ +typedef struct mime_param_st MIME_PARAM; +DEFINE_STACK_OF(MIME_PARAM) +typedef struct mime_header_st MIME_HEADER; +DEFINE_STACK_OF(MIME_HEADER) -struct evp_pkey_asn1_method_st { - int pkey_id; - int pkey_base_id; - unsigned long pkey_flags; - char *pem_str; - char *info; - int (*pub_decode) (EVP_PKEY *pk, X509_PUBKEY *pub); - int (*pub_encode) (X509_PUBKEY *pub, const EVP_PKEY *pk); - int (*pub_cmp) (const EVP_PKEY *a, const EVP_PKEY *b); - int (*pub_print) (BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx); - int (*priv_decode) (EVP_PKEY *pk, PKCS8_PRIV_KEY_INFO *p8inf); - int (*priv_encode) (PKCS8_PRIV_KEY_INFO *p8, const EVP_PKEY *pk); - int (*priv_print) (BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx); - int (*pkey_size) (const EVP_PKEY *pk); - int (*pkey_bits) (const EVP_PKEY *pk); - int (*param_decode) (EVP_PKEY *pkey, - const unsigned char **pder, int derlen); - int (*param_encode) (const EVP_PKEY *pkey, unsigned char **pder); - int (*param_missing) (const EVP_PKEY *pk); - int (*param_copy) (EVP_PKEY *to, const EVP_PKEY *from); - int (*param_cmp) (const EVP_PKEY *a, const EVP_PKEY *b); - int (*param_print) (BIO *out, const EVP_PKEY *pkey, int indent, - ASN1_PCTX *pctx); - int (*sig_print) (BIO *out, - const X509_ALGOR *sigalg, const ASN1_STRING *sig, - int indent, ASN1_PCTX *pctx); - void (*pkey_free) (EVP_PKEY *pkey); - int (*pkey_ctrl) (EVP_PKEY *pkey, int op, long arg1, void *arg2); - /* Legacy functions for old PEM */ - int (*old_priv_decode) (EVP_PKEY *pkey, - const unsigned char **pder, int derlen); - int (*old_priv_encode) (const EVP_PKEY *pkey, unsigned char **pder); - /* Custom ASN1 signature verification */ - int (*item_verify) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, - X509_ALGOR *a, ASN1_BIT_STRING *sig, EVP_PKEY *pkey); - int (*item_sign) (EVP_MD_CTX *ctx, const ASN1_ITEM *it, void *asn, - X509_ALGOR *alg1, X509_ALGOR *alg2, - ASN1_BIT_STRING *sig); -} /* EVP_PKEY_ASN1_METHOD */ ; +void asn1_string_embed_free(ASN1_STRING *a, int embed); -/* - * Method to handle CRL access. In general a CRL could be very large (several - * Mb) and can consume large amounts of resources if stored in memory by - * multiple processes. This method allows general CRL operations to be - * redirected to more efficient callbacks: for example a CRL entry database. - */ +int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it); +int asn1_set_choice_selector(ASN1_VALUE **pval, int value, + const ASN1_ITEM *it); + +ASN1_VALUE **asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); + +const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, + int nullerr); + +int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it); + +void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it); +void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it); +int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, + const ASN1_ITEM *it); +int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen, + const ASN1_ITEM *it); + +void asn1_item_embed_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int embed); +void asn1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it, int embed); +void asn1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); + +ASN1_OBJECT *c2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, + long length); +int i2c_ASN1_BIT_STRING(ASN1_BIT_STRING *a, unsigned char **pp); +ASN1_BIT_STRING *c2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a, + const unsigned char **pp, long length); +int i2c_ASN1_INTEGER(ASN1_INTEGER *a, unsigned char **pp); +ASN1_INTEGER *c2i_ASN1_INTEGER(ASN1_INTEGER **a, const unsigned char **pp, + long length); -#define X509_CRL_METHOD_DYNAMIC 1 +/* Internal functions used by x_int64.c */ +int c2i_uint64_int(uint64_t *ret, int *neg, const unsigned char **pp, long len); +int i2c_uint64_int(unsigned char *p, uint64_t r, int neg); -struct x509_crl_method_st { - int flags; - int (*crl_init) (X509_CRL *crl); - int (*crl_free) (X509_CRL *crl); - int (*crl_lookup) (X509_CRL *crl, X509_REVOKED **ret, - ASN1_INTEGER *ser, X509_NAME *issuer); - int (*crl_verify) (X509_CRL *crl, EVP_PKEY *pk); -}; +ASN1_TIME *asn1_time_from_tm(ASN1_TIME *s, struct tm *ts, int type); diff --git a/crypto/asn1/asn1_mac.h b/crypto/asn1/asn1_mac.h deleted file mode 100644 index abc6dc35ca41..000000000000 --- a/crypto/asn1/asn1_mac.h +++ /dev/null @@ -1,579 +0,0 @@ -/* crypto/asn1/asn1_mac.h */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#ifndef HEADER_ASN1_MAC_H -# define HEADER_ASN1_MAC_H - -# include <openssl/asn1.h> - -#ifdef __cplusplus -extern "C" { -#endif - -# ifndef ASN1_MAC_ERR_LIB -# define ASN1_MAC_ERR_LIB ERR_LIB_ASN1 -# endif - -# define ASN1_MAC_H_err(f,r,line) \ - ERR_PUT_error(ASN1_MAC_ERR_LIB,(f),(r),__FILE__,(line)) - -# define M_ASN1_D2I_vars(a,type,func) \ - ASN1_const_CTX c; \ - type ret=NULL; \ - \ - c.pp=(const unsigned char **)pp; \ - c.q= *(const unsigned char **)pp; \ - c.error=ERR_R_NESTED_ASN1_ERROR; \ - if ((a == NULL) || ((*a) == NULL)) \ - { if ((ret=(type)func()) == NULL) \ - { c.line=__LINE__; goto err; } } \ - else ret=(*a); - -# define M_ASN1_D2I_Init() \ - c.p= *(const unsigned char **)pp; \ - c.max=(length == 0)?0:(c.p+length); - -# define M_ASN1_D2I_Finish_2(a) \ - if (!asn1_const_Finish(&c)) \ - { c.line=__LINE__; goto err; } \ - *(const unsigned char **)pp=c.p; \ - if (a != NULL) (*a)=ret; \ - return(ret); - -# define M_ASN1_D2I_Finish(a,func,e) \ - M_ASN1_D2I_Finish_2(a); \ -err:\ - ASN1_MAC_H_err((e),c.error,c.line); \ - asn1_add_error(*(const unsigned char **)pp,(int)(c.q- *pp)); \ - if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \ - return(NULL) - -# define M_ASN1_D2I_start_sequence() \ - if (!asn1_GetSequence(&c,&length)) \ - { c.line=__LINE__; goto err; } -/* Begin reading ASN1 without a surrounding sequence */ -# define M_ASN1_D2I_begin() \ - c.slen = length; - -/* End reading ASN1 with no check on length */ -# define M_ASN1_D2I_Finish_nolen(a, func, e) \ - *pp=c.p; \ - if (a != NULL) (*a)=ret; \ - return(ret); \ -err:\ - ASN1_MAC_H_err((e),c.error,c.line); \ - asn1_add_error(*pp,(int)(c.q- *pp)); \ - if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \ - return(NULL) - -# define M_ASN1_D2I_end_sequence() \ - (((c.inf&1) == 0)?(c.slen <= 0): \ - (c.eos=ASN1_const_check_infinite_end(&c.p,c.slen))) - -/* Don't use this with d2i_ASN1_BOOLEAN() */ -# define M_ASN1_D2I_get(b, func) \ - c.q=c.p; \ - if (func(&(b),&c.p,c.slen) == NULL) \ - {c.line=__LINE__; goto err; } \ - c.slen-=(c.p-c.q); - -/* Don't use this with d2i_ASN1_BOOLEAN() */ -# define M_ASN1_D2I_get_x(type,b,func) \ - c.q=c.p; \ - if (((D2I_OF(type))func)(&(b),&c.p,c.slen) == NULL) \ - {c.line=__LINE__; goto err; } \ - c.slen-=(c.p-c.q); - -/* use this instead () */ -# define M_ASN1_D2I_get_int(b,func) \ - c.q=c.p; \ - if (func(&(b),&c.p,c.slen) < 0) \ - {c.line=__LINE__; goto err; } \ - c.slen-=(c.p-c.q); - -# define M_ASN1_D2I_get_opt(b,func,type) \ - if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \ - == (V_ASN1_UNIVERSAL|(type)))) \ - { \ - M_ASN1_D2I_get(b,func); \ - } - -# define M_ASN1_D2I_get_int_opt(b,func,type) \ - if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \ - == (V_ASN1_UNIVERSAL|(type)))) \ - { \ - M_ASN1_D2I_get_int(b,func); \ - } - -# define M_ASN1_D2I_get_imp(b,func, type) \ - M_ASN1_next=(_tmp& V_ASN1_CONSTRUCTED)|type; \ - c.q=c.p; \ - if (func(&(b),&c.p,c.slen) == NULL) \ - {c.line=__LINE__; M_ASN1_next_prev = _tmp; goto err; } \ - c.slen-=(c.p-c.q);\ - M_ASN1_next_prev=_tmp; - -# define M_ASN1_D2I_get_IMP_opt(b,func,tag,type) \ - if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == \ - (V_ASN1_CONTEXT_SPECIFIC|(tag)))) \ - { \ - unsigned char _tmp = M_ASN1_next; \ - M_ASN1_D2I_get_imp(b,func, type);\ - } - -# define M_ASN1_D2I_get_set(r,func,free_func) \ - M_ASN1_D2I_get_imp_set(r,func,free_func, \ - V_ASN1_SET,V_ASN1_UNIVERSAL); - -# define M_ASN1_D2I_get_set_type(type,r,func,free_func) \ - M_ASN1_D2I_get_imp_set_type(type,r,func,free_func, \ - V_ASN1_SET,V_ASN1_UNIVERSAL); - -# define M_ASN1_D2I_get_set_opt(r,func,free_func) \ - if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \ - V_ASN1_CONSTRUCTED|V_ASN1_SET)))\ - { M_ASN1_D2I_get_set(r,func,free_func); } - -# define M_ASN1_D2I_get_set_opt_type(type,r,func,free_func) \ - if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \ - V_ASN1_CONSTRUCTED|V_ASN1_SET)))\ - { M_ASN1_D2I_get_set_type(type,r,func,free_func); } - -# define M_ASN1_I2D_len_SET_opt(a,f) \ - if ((a != NULL) && (sk_num(a) != 0)) \ - M_ASN1_I2D_len_SET(a,f); - -# define M_ASN1_I2D_put_SET_opt(a,f) \ - if ((a != NULL) && (sk_num(a) != 0)) \ - M_ASN1_I2D_put_SET(a,f); - -# define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \ - if ((a != NULL) && (sk_num(a) != 0)) \ - M_ASN1_I2D_put_SEQUENCE(a,f); - -# define M_ASN1_I2D_put_SEQUENCE_opt_type(type,a,f) \ - if ((a != NULL) && (sk_##type##_num(a) != 0)) \ - M_ASN1_I2D_put_SEQUENCE_type(type,a,f); - -# define M_ASN1_D2I_get_IMP_set_opt(b,func,free_func,tag) \ - if ((c.slen != 0) && \ - (M_ASN1_next == \ - (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\ - { \ - M_ASN1_D2I_get_imp_set(b,func,free_func,\ - tag,V_ASN1_CONTEXT_SPECIFIC); \ - } - -# define M_ASN1_D2I_get_IMP_set_opt_type(type,b,func,free_func,tag) \ - if ((c.slen != 0) && \ - (M_ASN1_next == \ - (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\ - { \ - M_ASN1_D2I_get_imp_set_type(type,b,func,free_func,\ - tag,V_ASN1_CONTEXT_SPECIFIC); \ - } - -# define M_ASN1_D2I_get_seq(r,func,free_func) \ - M_ASN1_D2I_get_imp_set(r,func,free_func,\ - V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL); - -# define M_ASN1_D2I_get_seq_type(type,r,func,free_func) \ - M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\ - V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL) - -# define M_ASN1_D2I_get_seq_opt(r,func,free_func) \ - if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \ - V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\ - { M_ASN1_D2I_get_seq(r,func,free_func); } - -# define M_ASN1_D2I_get_seq_opt_type(type,r,func,free_func) \ - if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \ - V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\ - { M_ASN1_D2I_get_seq_type(type,r,func,free_func); } - -# define M_ASN1_D2I_get_IMP_set(r,func,free_func,x) \ - M_ASN1_D2I_get_imp_set(r,func,free_func,\ - x,V_ASN1_CONTEXT_SPECIFIC); - -# define M_ASN1_D2I_get_IMP_set_type(type,r,func,free_func,x) \ - M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,\ - x,V_ASN1_CONTEXT_SPECIFIC); - -# define M_ASN1_D2I_get_imp_set(r,func,free_func,a,b) \ - c.q=c.p; \ - if (d2i_ASN1_SET(&(r),&c.p,c.slen,(char *(*)())func,\ - (void (*)())free_func,a,b) == NULL) \ - { c.line=__LINE__; goto err; } \ - c.slen-=(c.p-c.q); - -# define M_ASN1_D2I_get_imp_set_type(type,r,func,free_func,a,b) \ - c.q=c.p; \ - if (d2i_ASN1_SET_OF_##type(&(r),&c.p,c.slen,func,\ - free_func,a,b) == NULL) \ - { c.line=__LINE__; goto err; } \ - c.slen-=(c.p-c.q); - -# define M_ASN1_D2I_get_set_strings(r,func,a,b) \ - c.q=c.p; \ - if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \ - { c.line=__LINE__; goto err; } \ - c.slen-=(c.p-c.q); - -# define M_ASN1_D2I_get_EXP_opt(r,func,tag) \ - if ((c.slen != 0L) && (M_ASN1_next == \ - (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \ - { \ - int Tinf,Ttag,Tclass; \ - long Tlen; \ - \ - c.q=c.p; \ - Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \ - if (Tinf & 0x80) \ - { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \ - c.line=__LINE__; goto err; } \ - if (Tinf == (V_ASN1_CONSTRUCTED+1)) \ - Tlen = c.slen - (c.p - c.q) - 2; \ - if (func(&(r),&c.p,Tlen) == NULL) \ - { c.line=__LINE__; goto err; } \ - if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \ - Tlen = c.slen - (c.p - c.q); \ - if(!ASN1_const_check_infinite_end(&c.p, Tlen)) \ - { c.error=ERR_R_MISSING_ASN1_EOS; \ - c.line=__LINE__; goto err; } \ - }\ - c.slen-=(c.p-c.q); \ - } - -# define M_ASN1_D2I_get_EXP_set_opt(r,func,free_func,tag,b) \ - if ((c.slen != 0) && (M_ASN1_next == \ - (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \ - { \ - int Tinf,Ttag,Tclass; \ - long Tlen; \ - \ - c.q=c.p; \ - Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \ - if (Tinf & 0x80) \ - { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \ - c.line=__LINE__; goto err; } \ - if (Tinf == (V_ASN1_CONSTRUCTED+1)) \ - Tlen = c.slen - (c.p - c.q) - 2; \ - if (d2i_ASN1_SET(&(r),&c.p,Tlen,(char *(*)())func, \ - (void (*)())free_func, \ - b,V_ASN1_UNIVERSAL) == NULL) \ - { c.line=__LINE__; goto err; } \ - if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \ - Tlen = c.slen - (c.p - c.q); \ - if(!ASN1_check_infinite_end(&c.p, Tlen)) \ - { c.error=ERR_R_MISSING_ASN1_EOS; \ - c.line=__LINE__; goto err; } \ - }\ - c.slen-=(c.p-c.q); \ - } - -# define M_ASN1_D2I_get_EXP_set_opt_type(type,r,func,free_func,tag,b) \ - if ((c.slen != 0) && (M_ASN1_next == \ - (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \ - { \ - int Tinf,Ttag,Tclass; \ - long Tlen; \ - \ - c.q=c.p; \ - Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \ - if (Tinf & 0x80) \ - { c.error=ERR_R_BAD_ASN1_OBJECT_HEADER; \ - c.line=__LINE__; goto err; } \ - if (Tinf == (V_ASN1_CONSTRUCTED+1)) \ - Tlen = c.slen - (c.p - c.q) - 2; \ - if (d2i_ASN1_SET_OF_##type(&(r),&c.p,Tlen,func, \ - free_func,b,V_ASN1_UNIVERSAL) == NULL) \ - { c.line=__LINE__; goto err; } \ - if (Tinf == (V_ASN1_CONSTRUCTED+1)) { \ - Tlen = c.slen - (c.p - c.q); \ - if(!ASN1_check_infinite_end(&c.p, Tlen)) \ - { c.error=ERR_R_MISSING_ASN1_EOS; \ - c.line=__LINE__; goto err; } \ - }\ - c.slen-=(c.p-c.q); \ - } - -/* New macros */ -# define M_ASN1_New_Malloc(ret,type) \ - if ((ret=(type *)OPENSSL_malloc(sizeof(type))) == NULL) \ - { c.line=__LINE__; goto err2; } - -# define M_ASN1_New(arg,func) \ - if (((arg)=func()) == NULL) return(NULL) - -# define M_ASN1_New_Error(a) \ -/*- err: ASN1_MAC_H_err((a),ERR_R_NESTED_ASN1_ERROR,c.line); \ - return(NULL);*/ \ - err2: ASN1_MAC_H_err((a),ERR_R_MALLOC_FAILURE,c.line); \ - return(NULL) - -/* - * BIG UGLY WARNING! This is so damn ugly I wanna puke. Unfortunately, some - * macros that use ASN1_const_CTX still insist on writing in the input - * stream. ARGH! ARGH! ARGH! Let's get rid of this macro package. Please? -- - * Richard Levitte - */ -# define M_ASN1_next (*((unsigned char *)(c.p))) -# define M_ASN1_next_prev (*((unsigned char *)(c.q))) - -/*************************************************/ - -# define M_ASN1_I2D_vars(a) int r=0,ret=0; \ - unsigned char *p; \ - if (a == NULL) return(0) - -/* Length Macros */ -# define M_ASN1_I2D_len(a,f) ret+=f(a,NULL) -# define M_ASN1_I2D_len_IMP_opt(a,f) if (a != NULL) M_ASN1_I2D_len(a,f) - -# define M_ASN1_I2D_len_SET(a,f) \ - ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET); - -# define M_ASN1_I2D_len_SET_type(type,a,f) \ - ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SET, \ - V_ASN1_UNIVERSAL,IS_SET); - -# define M_ASN1_I2D_len_SEQUENCE(a,f) \ - ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \ - IS_SEQUENCE); - -# define M_ASN1_I2D_len_SEQUENCE_type(type,a,f) \ - ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,V_ASN1_SEQUENCE, \ - V_ASN1_UNIVERSAL,IS_SEQUENCE) - -# define M_ASN1_I2D_len_SEQUENCE_opt(a,f) \ - if ((a != NULL) && (sk_num(a) != 0)) \ - M_ASN1_I2D_len_SEQUENCE(a,f); - -# define M_ASN1_I2D_len_SEQUENCE_opt_type(type,a,f) \ - if ((a != NULL) && (sk_##type##_num(a) != 0)) \ - M_ASN1_I2D_len_SEQUENCE_type(type,a,f); - -# define M_ASN1_I2D_len_IMP_SET(a,f,x) \ - ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET); - -# define M_ASN1_I2D_len_IMP_SET_type(type,a,f,x) \ - ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \ - V_ASN1_CONTEXT_SPECIFIC,IS_SET); - -# define M_ASN1_I2D_len_IMP_SET_opt(a,f,x) \ - if ((a != NULL) && (sk_num(a) != 0)) \ - ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \ - IS_SET); - -# define M_ASN1_I2D_len_IMP_SET_opt_type(type,a,f,x) \ - if ((a != NULL) && (sk_##type##_num(a) != 0)) \ - ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \ - V_ASN1_CONTEXT_SPECIFIC,IS_SET); - -# define M_ASN1_I2D_len_IMP_SEQUENCE(a,f,x) \ - ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \ - IS_SEQUENCE); - -# define M_ASN1_I2D_len_IMP_SEQUENCE_opt(a,f,x) \ - if ((a != NULL) && (sk_num(a) != 0)) \ - ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC, \ - IS_SEQUENCE); - -# define M_ASN1_I2D_len_IMP_SEQUENCE_opt_type(type,a,f,x) \ - if ((a != NULL) && (sk_##type##_num(a) != 0)) \ - ret+=i2d_ASN1_SET_OF_##type(a,NULL,f,x, \ - V_ASN1_CONTEXT_SPECIFIC, \ - IS_SEQUENCE); - -# define M_ASN1_I2D_len_EXP_opt(a,f,mtag,v) \ - if (a != NULL)\ - { \ - v=f(a,NULL); \ - ret+=ASN1_object_size(1,v,mtag); \ - } - -# define M_ASN1_I2D_len_EXP_SET_opt(a,f,mtag,tag,v) \ - if ((a != NULL) && (sk_num(a) != 0))\ - { \ - v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL,IS_SET); \ - ret+=ASN1_object_size(1,v,mtag); \ - } - -# define M_ASN1_I2D_len_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \ - if ((a != NULL) && (sk_num(a) != 0))\ - { \ - v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL, \ - IS_SEQUENCE); \ - ret+=ASN1_object_size(1,v,mtag); \ - } - -# define M_ASN1_I2D_len_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \ - if ((a != NULL) && (sk_##type##_num(a) != 0))\ - { \ - v=i2d_ASN1_SET_OF_##type(a,NULL,f,tag, \ - V_ASN1_UNIVERSAL, \ - IS_SEQUENCE); \ - ret+=ASN1_object_size(1,v,mtag); \ - } - -/* Put Macros */ -# define M_ASN1_I2D_put(a,f) f(a,&p) - -# define M_ASN1_I2D_put_IMP_opt(a,f,t) \ - if (a != NULL) \ - { \ - unsigned char *q=p; \ - f(a,&p); \ - *q=(V_ASN1_CONTEXT_SPECIFIC|t|(*q&V_ASN1_CONSTRUCTED));\ - } - -# define M_ASN1_I2D_put_SET(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SET,\ - V_ASN1_UNIVERSAL,IS_SET) -# define M_ASN1_I2D_put_SET_type(type,a,f) \ - i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SET,V_ASN1_UNIVERSAL,IS_SET) -# define M_ASN1_I2D_put_IMP_SET(a,f,x) i2d_ASN1_SET(a,&p,f,x,\ - V_ASN1_CONTEXT_SPECIFIC,IS_SET) -# define M_ASN1_I2D_put_IMP_SET_type(type,a,f,x) \ - i2d_ASN1_SET_OF_##type(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC,IS_SET) -# define M_ASN1_I2D_put_IMP_SEQUENCE(a,f,x) i2d_ASN1_SET(a,&p,f,x,\ - V_ASN1_CONTEXT_SPECIFIC,IS_SEQUENCE) - -# define M_ASN1_I2D_put_SEQUENCE(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SEQUENCE,\ - V_ASN1_UNIVERSAL,IS_SEQUENCE) - -# define M_ASN1_I2D_put_SEQUENCE_type(type,a,f) \ - i2d_ASN1_SET_OF_##type(a,&p,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL, \ - IS_SEQUENCE) - -# define M_ASN1_I2D_put_SEQUENCE_opt(a,f) \ - if ((a != NULL) && (sk_num(a) != 0)) \ - M_ASN1_I2D_put_SEQUENCE(a,f); - -# define M_ASN1_I2D_put_IMP_SET_opt(a,f,x) \ - if ((a != NULL) && (sk_num(a) != 0)) \ - { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \ - IS_SET); } - -# define M_ASN1_I2D_put_IMP_SET_opt_type(type,a,f,x) \ - if ((a != NULL) && (sk_##type##_num(a) != 0)) \ - { i2d_ASN1_SET_OF_##type(a,&p,f,x, \ - V_ASN1_CONTEXT_SPECIFIC, \ - IS_SET); } - -# define M_ASN1_I2D_put_IMP_SEQUENCE_opt(a,f,x) \ - if ((a != NULL) && (sk_num(a) != 0)) \ - { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC, \ - IS_SEQUENCE); } - -# define M_ASN1_I2D_put_IMP_SEQUENCE_opt_type(type,a,f,x) \ - if ((a != NULL) && (sk_##type##_num(a) != 0)) \ - { i2d_ASN1_SET_OF_##type(a,&p,f,x, \ - V_ASN1_CONTEXT_SPECIFIC, \ - IS_SEQUENCE); } - -# define M_ASN1_I2D_put_EXP_opt(a,f,tag,v) \ - if (a != NULL) \ - { \ - ASN1_put_object(&p,1,v,tag,V_ASN1_CONTEXT_SPECIFIC); \ - f(a,&p); \ - } - -# define M_ASN1_I2D_put_EXP_SET_opt(a,f,mtag,tag,v) \ - if ((a != NULL) && (sk_num(a) != 0)) \ - { \ - ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \ - i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SET); \ - } - -# define M_ASN1_I2D_put_EXP_SEQUENCE_opt(a,f,mtag,tag,v) \ - if ((a != NULL) && (sk_num(a) != 0)) \ - { \ - ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \ - i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL,IS_SEQUENCE); \ - } - -# define M_ASN1_I2D_put_EXP_SEQUENCE_opt_type(type,a,f,mtag,tag,v) \ - if ((a != NULL) && (sk_##type##_num(a) != 0)) \ - { \ - ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \ - i2d_ASN1_SET_OF_##type(a,&p,f,tag,V_ASN1_UNIVERSAL, \ - IS_SEQUENCE); \ - } - -# define M_ASN1_I2D_seq_total() \ - r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); \ - if (pp == NULL) return(r); \ - p= *pp; \ - ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL) - -# define M_ASN1_I2D_INF_seq_start(tag,ctx) \ - *(p++)=(V_ASN1_CONSTRUCTED|(tag)|(ctx)); \ - *(p++)=0x80 - -# define M_ASN1_I2D_INF_seq_end() *(p++)=0x00; *(p++)=0x00 - -# define M_ASN1_I2D_finish() *pp=p; \ - return(r); - -int asn1_GetSequence(ASN1_const_CTX *c, long *length); -void asn1_add_error(const unsigned char *address, int offset); -#ifdef __cplusplus -} -#endif - -#endif diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c index 0b1a689d6831..4b60c615de76 100644 --- a/crypto/asn1/asn1_par.c +++ b/crypto/asn1/asn1_par.c @@ -1,63 +1,14 @@ -/* crypto/asn1/asn1_par.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/buffer.h> #include <openssl/objects.h> #include <openssl/asn1.h> @@ -99,20 +50,20 @@ static int asn1_print_info(BIO *bp, int tag, int xclass, int constructed, if (BIO_printf(bp, fmt, p) <= 0) goto err; - return (1); + return 1; err: - return (0); + return 0; } int ASN1_parse(BIO *bp, const unsigned char *pp, long len, int indent) { - return (asn1_parse2(bp, &pp, len, 0, 0, indent, 0)); + return asn1_parse2(bp, &pp, len, 0, 0, indent, 0); } int ASN1_parse_dump(BIO *bp, const unsigned char *pp, long len, int indent, int dump) { - return (asn1_parse2(bp, &pp, len, 0, 0, indent, dump)); + return asn1_parse2(bp, &pp, len, 0, 0, indent, dump); } static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, @@ -125,28 +76,19 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, ASN1_OBJECT *o = NULL; ASN1_OCTET_STRING *os = NULL; /* ASN1_BMPSTRING *bmp=NULL; */ - int dump_indent; - -#if 0 - dump_indent = indent; -#else - dump_indent = 6; /* Because we know BIO_dump_indent() */ -#endif + int dump_indent, dump_cont = 0; if (depth > ASN1_PARSE_MAXDEPTH) { - BIO_puts(bp, "BAD RECURSION DEPTH\n"); - return 0; + BIO_puts(bp, "BAD RECURSION DEPTH\n"); + return 0; } + dump_indent = 6; /* Because we know BIO_dump_indent() */ p = *pp; tot = p + length; - op = p - 1; - while ((p < tot) && (op < p)) { + while (length > 0) { op = p; j = ASN1_get_object(&p, &len, &tag, &xclass, length); -#ifdef LINT - j = j; -#endif if (j & 0x80) { if (BIO_write(bp, "Error in encoding\n", 18) <= 0) goto end; @@ -173,7 +115,7 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, if (!asn1_print_info(bp, tag, xclass, j, (indent) ? depth : 0)) goto end; if (j & V_ASN1_CONSTRUCTED) { - const unsigned char *sp; + const unsigned char *sp = p; ep = p + len; if (BIO_write(bp, "\n", 1) <= 0) @@ -184,7 +126,6 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, goto end; } if ((j == 0x21) && (len == 0)) { - sp = p; for (;;) { r = asn1_parse2(bp, &p, (long)(tot - p), offset + (p - *pp), depth + 1, @@ -203,7 +144,8 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, while (p < ep) { sp = p; - r = asn1_parse2(bp, &p, tmp, offset + (p - *pp), depth + 1, + r = asn1_parse2(bp, &p, tmp, + offset + (p - *pp), depth + 1, indent, dump); if (r == 0) { ret = 0; @@ -237,19 +179,18 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, goto end; i2a_ASN1_OBJECT(bp, o); } else { - if (BIO_write(bp, ":BAD OBJECT", 11) <= 0) + if (BIO_puts(bp, ":BAD OBJECT") <= 0) goto end; + dump_cont = 1; } } else if (tag == V_ASN1_BOOLEAN) { - int ii; - - opp = op; - ii = d2i_ASN1_BOOLEAN(NULL, &opp, len + hl); - if (ii < 0) { - if (BIO_write(bp, "Bad boolean\n", 12) <= 0) + if (len != 1) { + if (BIO_puts(bp, ":BAD BOOLEAN") <= 0) goto end; + dump_cont = 1; } - BIO_printf(bp, ":%d", ii); + if (len > 0) + BIO_printf(bp, ":%u", p[0]); } else if (tag == V_ASN1_BMPSTRING) { /* do the BMP thang */ } else if (tag == V_ASN1_OCTET_STRING) { @@ -306,10 +247,8 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, nl = 1; } } - if (os != NULL) { - M_ASN1_OCTET_STRING_free(os); - os = NULL; - } + ASN1_OCTET_STRING_free(os); + os = NULL; } else if (tag == V_ASN1_INTEGER) { ASN1_INTEGER *bs; int i; @@ -331,10 +270,11 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, goto end; } } else { - if (BIO_write(bp, "BAD INTEGER", 11) <= 0) + if (BIO_puts(bp, ":BAD INTEGER") <= 0) goto end; + dump_cont = 1; } - M_ASN1_INTEGER_free(bs); + ASN1_INTEGER_free(bs); } else if (tag == V_ASN1_ENUMERATED) { ASN1_ENUMERATED *bs; int i; @@ -356,10 +296,11 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, goto end; } } else { - if (BIO_write(bp, "BAD ENUMERATED", 14) <= 0) + if (BIO_puts(bp, ":BAD ENUMERATED") <= 0) goto end; + dump_cont = 1; } - M_ASN1_ENUMERATED_free(bs); + ASN1_ENUMERATED_free(bs); } else if (len > 0 && dump) { if (!nl) { if (BIO_write(bp, "\n", 1) <= 0) @@ -371,6 +312,18 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, goto end; nl = 1; } + if (dump_cont) { + int i; + const unsigned char *tmp = op + hl; + if (BIO_puts(bp, ":[") <= 0) + goto end; + for (i = 0; i < len; i++) { + if (BIO_printf(bp, "%02X", tmp[i]) <= 0) + goto end; + } + if (BIO_puts(bp, "]") <= 0) + goto end; + } if (!nl) { if (BIO_write(bp, "\n", 1) <= 0) @@ -386,12 +339,10 @@ static int asn1_parse2(BIO *bp, const unsigned char **pp, long length, } ret = 1; end: - if (o != NULL) - ASN1_OBJECT_free(o); - if (os != NULL) - M_ASN1_OCTET_STRING_free(os); + ASN1_OBJECT_free(o); + ASN1_OCTET_STRING_free(os); *pp = p; - return (ret); + return ret; } const char *ASN1_tag2str(int tag) diff --git a/crypto/asn1/asn1t.h b/crypto/asn1/asn1t.h deleted file mode 100644 index 99bc0eecf323..000000000000 --- a/crypto/asn1/asn1t.h +++ /dev/null @@ -1,973 +0,0 @@ -/* asn1t.h */ -/* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project - * 2000. - */ -/* ==================================================================== - * Copyright (c) 2000-2005 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -#ifndef HEADER_ASN1T_H -# define HEADER_ASN1T_H - -# include <stddef.h> -# include <openssl/e_os2.h> -# include <openssl/asn1.h> - -# ifdef OPENSSL_BUILD_SHLIBCRYPTO -# undef OPENSSL_EXTERN -# define OPENSSL_EXTERN OPENSSL_EXPORT -# endif - -/* ASN1 template defines, structures and functions */ - -#ifdef __cplusplus -extern "C" { -#endif - -# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION - -/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */ -# define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr)) - -/* Macros for start and end of ASN1_ITEM definition */ - -# define ASN1_ITEM_start(itname) \ - OPENSSL_GLOBAL const ASN1_ITEM itname##_it = { - -# define ASN1_ITEM_end(itname) \ - }; - -# else - -/* Macro to obtain ASN1_ADB pointer from a type (only used internally) */ -# define ASN1_ADB_ptr(iptr) ((const ASN1_ADB *)(iptr())) - -/* Macros for start and end of ASN1_ITEM definition */ - -# define ASN1_ITEM_start(itname) \ - const ASN1_ITEM * itname##_it(void) \ - { \ - static const ASN1_ITEM local_it = { - -# define ASN1_ITEM_end(itname) \ - }; \ - return &local_it; \ - } - -# endif - -/* Macros to aid ASN1 template writing */ - -# define ASN1_ITEM_TEMPLATE(tname) \ - static const ASN1_TEMPLATE tname##_item_tt - -# define ASN1_ITEM_TEMPLATE_END(tname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_PRIMITIVE,\ - -1,\ - &tname##_item_tt,\ - 0,\ - NULL,\ - 0,\ - #tname \ - ASN1_ITEM_end(tname) - -/* This is a ASN1 type which just embeds a template */ - -/*- - * This pair helps declare a SEQUENCE. We can do: - * - * ASN1_SEQUENCE(stname) = { - * ... SEQUENCE components ... - * } ASN1_SEQUENCE_END(stname) - * - * This will produce an ASN1_ITEM called stname_it - * for a structure called stname. - * - * If you want the same structure but a different - * name then use: - * - * ASN1_SEQUENCE(itname) = { - * ... SEQUENCE components ... - * } ASN1_SEQUENCE_END_name(stname, itname) - * - * This will create an item called itname_it using - * a structure called stname. - */ - -# define ASN1_SEQUENCE(tname) \ - static const ASN1_TEMPLATE tname##_seq_tt[] - -# define ASN1_SEQUENCE_END(stname) ASN1_SEQUENCE_END_name(stname, stname) - -# define ASN1_SEQUENCE_END_name(stname, tname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_SEQUENCE,\ - V_ASN1_SEQUENCE,\ - tname##_seq_tt,\ - sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ - NULL,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - -# define ASN1_NDEF_SEQUENCE(tname) \ - ASN1_SEQUENCE(tname) - -# define ASN1_NDEF_SEQUENCE_cb(tname, cb) \ - ASN1_SEQUENCE_cb(tname, cb) - -# define ASN1_SEQUENCE_cb(tname, cb) \ - static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \ - ASN1_SEQUENCE(tname) - -# define ASN1_BROKEN_SEQUENCE(tname) \ - static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_BROKEN, 0, 0, 0, 0}; \ - ASN1_SEQUENCE(tname) - -# define ASN1_SEQUENCE_ref(tname, cb, lck) \ - static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_REFCOUNT, offsetof(tname, references), lck, cb, 0}; \ - ASN1_SEQUENCE(tname) - -# define ASN1_SEQUENCE_enc(tname, enc, cb) \ - static const ASN1_AUX tname##_aux = {NULL, ASN1_AFLG_ENCODING, 0, 0, cb, offsetof(tname, enc)}; \ - ASN1_SEQUENCE(tname) - -# define ASN1_NDEF_SEQUENCE_END(tname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_NDEF_SEQUENCE,\ - V_ASN1_SEQUENCE,\ - tname##_seq_tt,\ - sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ - NULL,\ - sizeof(tname),\ - #tname \ - ASN1_ITEM_end(tname) - -# define ASN1_BROKEN_SEQUENCE_END(stname) ASN1_SEQUENCE_END_ref(stname, stname) - -# define ASN1_SEQUENCE_END_enc(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname) - -# define ASN1_SEQUENCE_END_cb(stname, tname) ASN1_SEQUENCE_END_ref(stname, tname) - -# define ASN1_SEQUENCE_END_ref(stname, tname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_SEQUENCE,\ - V_ASN1_SEQUENCE,\ - tname##_seq_tt,\ - sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ - &tname##_aux,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - -# define ASN1_NDEF_SEQUENCE_END_cb(stname, tname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_NDEF_SEQUENCE,\ - V_ASN1_SEQUENCE,\ - tname##_seq_tt,\ - sizeof(tname##_seq_tt) / sizeof(ASN1_TEMPLATE),\ - &tname##_aux,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - -/*- - * This pair helps declare a CHOICE type. We can do: - * - * ASN1_CHOICE(chname) = { - * ... CHOICE options ... - * ASN1_CHOICE_END(chname) - * - * This will produce an ASN1_ITEM called chname_it - * for a structure called chname. The structure - * definition must look like this: - * typedef struct { - * int type; - * union { - * ASN1_SOMETHING *opt1; - * ASN1_SOMEOTHER *opt2; - * } value; - * } chname; - * - * the name of the selector must be 'type'. - * to use an alternative selector name use the - * ASN1_CHOICE_END_selector() version. - */ - -# define ASN1_CHOICE(tname) \ - static const ASN1_TEMPLATE tname##_ch_tt[] - -# define ASN1_CHOICE_cb(tname, cb) \ - static const ASN1_AUX tname##_aux = {NULL, 0, 0, 0, cb, 0}; \ - ASN1_CHOICE(tname) - -# define ASN1_CHOICE_END(stname) ASN1_CHOICE_END_name(stname, stname) - -# define ASN1_CHOICE_END_name(stname, tname) ASN1_CHOICE_END_selector(stname, tname, type) - -# define ASN1_CHOICE_END_selector(stname, tname, selname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_CHOICE,\ - offsetof(stname,selname) ,\ - tname##_ch_tt,\ - sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\ - NULL,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - -# define ASN1_CHOICE_END_cb(stname, tname, selname) \ - ;\ - ASN1_ITEM_start(tname) \ - ASN1_ITYPE_CHOICE,\ - offsetof(stname,selname) ,\ - tname##_ch_tt,\ - sizeof(tname##_ch_tt) / sizeof(ASN1_TEMPLATE),\ - &tname##_aux,\ - sizeof(stname),\ - #stname \ - ASN1_ITEM_end(tname) - -/* This helps with the template wrapper form of ASN1_ITEM */ - -# define ASN1_EX_TEMPLATE_TYPE(flags, tag, name, type) { \ - (flags), (tag), 0,\ - #name, ASN1_ITEM_ref(type) } - -/* These help with SEQUENCE or CHOICE components */ - -/* used to declare other types */ - -# define ASN1_EX_TYPE(flags, tag, stname, field, type) { \ - (flags), (tag), offsetof(stname, field),\ - #field, ASN1_ITEM_ref(type) } - -/* used when the structure is combined with the parent */ - -# define ASN1_EX_COMBINE(flags, tag, type) { \ - (flags)|ASN1_TFLG_COMBINE, (tag), 0, NULL, ASN1_ITEM_ref(type) } - -/* implicit and explicit helper macros */ - -# define ASN1_IMP_EX(stname, field, type, tag, ex) \ - ASN1_EX_TYPE(ASN1_TFLG_IMPLICIT | ex, tag, stname, field, type) - -# define ASN1_EXP_EX(stname, field, type, tag, ex) \ - ASN1_EX_TYPE(ASN1_TFLG_EXPLICIT | ex, tag, stname, field, type) - -/* Any defined by macros: the field used is in the table itself */ - -# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION -# define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) } -# define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, (const ASN1_ITEM *)&(tblname##_adb) } -# else -# define ASN1_ADB_OBJECT(tblname) { ASN1_TFLG_ADB_OID, -1, 0, #tblname, tblname##_adb } -# define ASN1_ADB_INTEGER(tblname) { ASN1_TFLG_ADB_INT, -1, 0, #tblname, tblname##_adb } -# endif -/* Plain simple type */ -# define ASN1_SIMPLE(stname, field, type) ASN1_EX_TYPE(0,0, stname, field, type) - -/* OPTIONAL simple type */ -# define ASN1_OPT(stname, field, type) ASN1_EX_TYPE(ASN1_TFLG_OPTIONAL, 0, stname, field, type) - -/* IMPLICIT tagged simple type */ -# define ASN1_IMP(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, 0) - -/* IMPLICIT tagged OPTIONAL simple type */ -# define ASN1_IMP_OPT(stname, field, type, tag) ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL) - -/* Same as above but EXPLICIT */ - -# define ASN1_EXP(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, 0) -# define ASN1_EXP_OPT(stname, field, type, tag) ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL) - -/* SEQUENCE OF type */ -# define ASN1_SEQUENCE_OF(stname, field, type) \ - ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF, 0, stname, field, type) - -/* OPTIONAL SEQUENCE OF */ -# define ASN1_SEQUENCE_OF_OPT(stname, field, type) \ - ASN1_EX_TYPE(ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type) - -/* Same as above but for SET OF */ - -# define ASN1_SET_OF(stname, field, type) \ - ASN1_EX_TYPE(ASN1_TFLG_SET_OF, 0, stname, field, type) - -# define ASN1_SET_OF_OPT(stname, field, type) \ - ASN1_EX_TYPE(ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL, 0, stname, field, type) - -/* Finally compound types of SEQUENCE, SET, IMPLICIT, EXPLICIT and OPTIONAL */ - -# define ASN1_IMP_SET_OF(stname, field, type, tag) \ - ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF) - -# define ASN1_EXP_SET_OF(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF) - -# define ASN1_IMP_SET_OF_OPT(stname, field, type, tag) \ - ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL) - -# define ASN1_EXP_SET_OF_OPT(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SET_OF|ASN1_TFLG_OPTIONAL) - -# define ASN1_IMP_SEQUENCE_OF(stname, field, type, tag) \ - ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF) - -# define ASN1_IMP_SEQUENCE_OF_OPT(stname, field, type, tag) \ - ASN1_IMP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL) - -# define ASN1_EXP_SEQUENCE_OF(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF) - -# define ASN1_EXP_SEQUENCE_OF_OPT(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_SEQUENCE_OF|ASN1_TFLG_OPTIONAL) - -/* EXPLICIT using indefinite length constructed form */ -# define ASN1_NDEF_EXP(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_NDEF) - -/* EXPLICIT OPTIONAL using indefinite length constructed form */ -# define ASN1_NDEF_EXP_OPT(stname, field, type, tag) \ - ASN1_EXP_EX(stname, field, type, tag, ASN1_TFLG_OPTIONAL|ASN1_TFLG_NDEF) - -/* Macros for the ASN1_ADB structure */ - -# define ASN1_ADB(name) \ - static const ASN1_ADB_TABLE name##_adbtbl[] - -# ifndef OPENSSL_EXPORT_VAR_AS_FUNCTION - -# define ASN1_ADB_END(name, flags, field, app_table, def, none) \ - ;\ - static const ASN1_ADB name##_adb = {\ - flags,\ - offsetof(name, field),\ - app_table,\ - name##_adbtbl,\ - sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\ - def,\ - none\ - } - -# else - -# define ASN1_ADB_END(name, flags, field, app_table, def, none) \ - ;\ - static const ASN1_ITEM *name##_adb(void) \ - { \ - static const ASN1_ADB internal_adb = \ - {\ - flags,\ - offsetof(name, field),\ - app_table,\ - name##_adbtbl,\ - sizeof(name##_adbtbl) / sizeof(ASN1_ADB_TABLE),\ - def,\ - none\ - }; \ - return (const ASN1_ITEM *) &internal_adb; \ - } \ - void dummy_function(void) - -# endif - -# define ADB_ENTRY(val, template) {val, template} - -# define ASN1_ADB_TEMPLATE(name) \ - static const ASN1_TEMPLATE name##_tt - -/* - * This is the ASN1 template structure that defines a wrapper round the - * actual type. It determines the actual position of the field in the value - * structure, various flags such as OPTIONAL and the field name. - */ - -struct ASN1_TEMPLATE_st { - unsigned long flags; /* Various flags */ - long tag; /* tag, not used if no tagging */ - unsigned long offset; /* Offset of this field in structure */ -# ifndef NO_ASN1_FIELD_NAMES - const char *field_name; /* Field name */ -# endif - ASN1_ITEM_EXP *item; /* Relevant ASN1_ITEM or ASN1_ADB */ -}; - -/* Macro to extract ASN1_ITEM and ASN1_ADB pointer from ASN1_TEMPLATE */ - -# define ASN1_TEMPLATE_item(t) (t->item_ptr) -# define ASN1_TEMPLATE_adb(t) (t->item_ptr) - -typedef struct ASN1_ADB_TABLE_st ASN1_ADB_TABLE; -typedef struct ASN1_ADB_st ASN1_ADB; - -struct ASN1_ADB_st { - unsigned long flags; /* Various flags */ - unsigned long offset; /* Offset of selector field */ - STACK_OF(ASN1_ADB_TABLE) **app_items; /* Application defined items */ - const ASN1_ADB_TABLE *tbl; /* Table of possible types */ - long tblcount; /* Number of entries in tbl */ - const ASN1_TEMPLATE *default_tt; /* Type to use if no match */ - const ASN1_TEMPLATE *null_tt; /* Type to use if selector is NULL */ -}; - -struct ASN1_ADB_TABLE_st { - long value; /* NID for an object or value for an int */ - const ASN1_TEMPLATE tt; /* item for this value */ -}; - -/* template flags */ - -/* Field is optional */ -# define ASN1_TFLG_OPTIONAL (0x1) - -/* Field is a SET OF */ -# define ASN1_TFLG_SET_OF (0x1 << 1) - -/* Field is a SEQUENCE OF */ -# define ASN1_TFLG_SEQUENCE_OF (0x2 << 1) - -/* - * Special case: this refers to a SET OF that will be sorted into DER order - * when encoded *and* the corresponding STACK will be modified to match the - * new order. - */ -# define ASN1_TFLG_SET_ORDER (0x3 << 1) - -/* Mask for SET OF or SEQUENCE OF */ -# define ASN1_TFLG_SK_MASK (0x3 << 1) - -/* - * These flags mean the tag should be taken from the tag field. If EXPLICIT - * then the underlying type is used for the inner tag. - */ - -/* IMPLICIT tagging */ -# define ASN1_TFLG_IMPTAG (0x1 << 3) - -/* EXPLICIT tagging, inner tag from underlying type */ -# define ASN1_TFLG_EXPTAG (0x2 << 3) - -# define ASN1_TFLG_TAG_MASK (0x3 << 3) - -/* context specific IMPLICIT */ -# define ASN1_TFLG_IMPLICIT ASN1_TFLG_IMPTAG|ASN1_TFLG_CONTEXT - -/* context specific EXPLICIT */ -# define ASN1_TFLG_EXPLICIT ASN1_TFLG_EXPTAG|ASN1_TFLG_CONTEXT - -/* - * If tagging is in force these determine the type of tag to use. Otherwise - * the tag is determined by the underlying type. These values reflect the - * actual octet format. - */ - -/* Universal tag */ -# define ASN1_TFLG_UNIVERSAL (0x0<<6) -/* Application tag */ -# define ASN1_TFLG_APPLICATION (0x1<<6) -/* Context specific tag */ -# define ASN1_TFLG_CONTEXT (0x2<<6) -/* Private tag */ -# define ASN1_TFLG_PRIVATE (0x3<<6) - -# define ASN1_TFLG_TAG_CLASS (0x3<<6) - -/* - * These are for ANY DEFINED BY type. In this case the 'item' field points to - * an ASN1_ADB structure which contains a table of values to decode the - * relevant type - */ - -# define ASN1_TFLG_ADB_MASK (0x3<<8) - -# define ASN1_TFLG_ADB_OID (0x1<<8) - -# define ASN1_TFLG_ADB_INT (0x1<<9) - -/* - * This flag means a parent structure is passed instead of the field: this is - * useful is a SEQUENCE is being combined with a CHOICE for example. Since - * this means the structure and item name will differ we need to use the - * ASN1_CHOICE_END_name() macro for example. - */ - -# define ASN1_TFLG_COMBINE (0x1<<10) - -/* - * This flag when present in a SEQUENCE OF, SET OF or EXPLICIT causes - * indefinite length constructed encoding to be used if required. - */ - -# define ASN1_TFLG_NDEF (0x1<<11) - -/* This is the actual ASN1 item itself */ - -struct ASN1_ITEM_st { - char itype; /* The item type, primitive, SEQUENCE, CHOICE - * or extern */ - long utype; /* underlying type */ - const ASN1_TEMPLATE *templates; /* If SEQUENCE or CHOICE this contains - * the contents */ - long tcount; /* Number of templates if SEQUENCE or CHOICE */ - const void *funcs; /* functions that handle this type */ - long size; /* Structure size (usually) */ -# ifndef NO_ASN1_FIELD_NAMES - const char *sname; /* Structure name */ -# endif -}; - -/*- - * These are values for the itype field and - * determine how the type is interpreted. - * - * For PRIMITIVE types the underlying type - * determines the behaviour if items is NULL. - * - * Otherwise templates must contain a single - * template and the type is treated in the - * same way as the type specified in the template. - * - * For SEQUENCE types the templates field points - * to the members, the size field is the - * structure size. - * - * For CHOICE types the templates field points - * to each possible member (typically a union) - * and the 'size' field is the offset of the - * selector. - * - * The 'funcs' field is used for application - * specific functions. - * - * For COMPAT types the funcs field gives a - * set of functions that handle this type, this - * supports the old d2i, i2d convention. - * - * The EXTERN type uses a new style d2i/i2d. - * The new style should be used where possible - * because it avoids things like the d2i IMPLICIT - * hack. - * - * MSTRING is a multiple string type, it is used - * for a CHOICE of character strings where the - * actual strings all occupy an ASN1_STRING - * structure. In this case the 'utype' field - * has a special meaning, it is used as a mask - * of acceptable types using the B_ASN1 constants. - * - * NDEF_SEQUENCE is the same as SEQUENCE except - * that it will use indefinite length constructed - * encoding if requested. - * - */ - -# define ASN1_ITYPE_PRIMITIVE 0x0 - -# define ASN1_ITYPE_SEQUENCE 0x1 - -# define ASN1_ITYPE_CHOICE 0x2 - -# define ASN1_ITYPE_COMPAT 0x3 - -# define ASN1_ITYPE_EXTERN 0x4 - -# define ASN1_ITYPE_MSTRING 0x5 - -# define ASN1_ITYPE_NDEF_SEQUENCE 0x6 - -/* - * Cache for ASN1 tag and length, so we don't keep re-reading it for things - * like CHOICE - */ - -struct ASN1_TLC_st { - char valid; /* Values below are valid */ - int ret; /* return value */ - long plen; /* length */ - int ptag; /* class value */ - int pclass; /* class value */ - int hdrlen; /* header length */ -}; - -/* Typedefs for ASN1 function pointers */ - -typedef ASN1_VALUE *ASN1_new_func(void); -typedef void ASN1_free_func(ASN1_VALUE *a); -typedef ASN1_VALUE *ASN1_d2i_func(ASN1_VALUE **a, const unsigned char **in, - long length); -typedef int ASN1_i2d_func(ASN1_VALUE *a, unsigned char **in); - -typedef int ASN1_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, - const ASN1_ITEM *it, int tag, int aclass, char opt, - ASN1_TLC *ctx); - -typedef int ASN1_ex_i2d(ASN1_VALUE **pval, unsigned char **out, - const ASN1_ITEM *it, int tag, int aclass); -typedef int ASN1_ex_new_func(ASN1_VALUE **pval, const ASN1_ITEM *it); -typedef void ASN1_ex_free_func(ASN1_VALUE **pval, const ASN1_ITEM *it); - -typedef int ASN1_ex_print_func(BIO *out, ASN1_VALUE **pval, - int indent, const char *fname, - const ASN1_PCTX *pctx); - -typedef int ASN1_primitive_i2c(ASN1_VALUE **pval, unsigned char *cont, - int *putype, const ASN1_ITEM *it); -typedef int ASN1_primitive_c2i(ASN1_VALUE **pval, const unsigned char *cont, - int len, int utype, char *free_cont, - const ASN1_ITEM *it); -typedef int ASN1_primitive_print(BIO *out, ASN1_VALUE **pval, - const ASN1_ITEM *it, int indent, - const ASN1_PCTX *pctx); - -typedef struct ASN1_COMPAT_FUNCS_st { - ASN1_new_func *asn1_new; - ASN1_free_func *asn1_free; - ASN1_d2i_func *asn1_d2i; - ASN1_i2d_func *asn1_i2d; -} ASN1_COMPAT_FUNCS; - -typedef struct ASN1_EXTERN_FUNCS_st { - void *app_data; - ASN1_ex_new_func *asn1_ex_new; - ASN1_ex_free_func *asn1_ex_free; - ASN1_ex_free_func *asn1_ex_clear; - ASN1_ex_d2i *asn1_ex_d2i; - ASN1_ex_i2d *asn1_ex_i2d; - ASN1_ex_print_func *asn1_ex_print; -} ASN1_EXTERN_FUNCS; - -typedef struct ASN1_PRIMITIVE_FUNCS_st { - void *app_data; - unsigned long flags; - ASN1_ex_new_func *prim_new; - ASN1_ex_free_func *prim_free; - ASN1_ex_free_func *prim_clear; - ASN1_primitive_c2i *prim_c2i; - ASN1_primitive_i2c *prim_i2c; - ASN1_primitive_print *prim_print; -} ASN1_PRIMITIVE_FUNCS; - -/* - * This is the ASN1_AUX structure: it handles various miscellaneous - * requirements. For example the use of reference counts and an informational - * callback. The "informational callback" is called at various points during - * the ASN1 encoding and decoding. It can be used to provide minor - * customisation of the structures used. This is most useful where the - * supplied routines *almost* do the right thing but need some extra help at - * a few points. If the callback returns zero then it is assumed a fatal - * error has occurred and the main operation should be abandoned. If major - * changes in the default behaviour are required then an external type is - * more appropriate. - */ - -typedef int ASN1_aux_cb(int operation, ASN1_VALUE **in, const ASN1_ITEM *it, - void *exarg); - -typedef struct ASN1_AUX_st { - void *app_data; - int flags; - int ref_offset; /* Offset of reference value */ - int ref_lock; /* Lock type to use */ - ASN1_aux_cb *asn1_cb; - int enc_offset; /* Offset of ASN1_ENCODING structure */ -} ASN1_AUX; - -/* For print related callbacks exarg points to this structure */ -typedef struct ASN1_PRINT_ARG_st { - BIO *out; - int indent; - const ASN1_PCTX *pctx; -} ASN1_PRINT_ARG; - -/* For streaming related callbacks exarg points to this structure */ -typedef struct ASN1_STREAM_ARG_st { - /* BIO to stream through */ - BIO *out; - /* BIO with filters appended */ - BIO *ndef_bio; - /* Streaming I/O boundary */ - unsigned char **boundary; -} ASN1_STREAM_ARG; - -/* Flags in ASN1_AUX */ - -/* Use a reference count */ -# define ASN1_AFLG_REFCOUNT 1 -/* Save the encoding of structure (useful for signatures) */ -# define ASN1_AFLG_ENCODING 2 -/* The Sequence length is invalid */ -# define ASN1_AFLG_BROKEN 4 - -/* operation values for asn1_cb */ - -# define ASN1_OP_NEW_PRE 0 -# define ASN1_OP_NEW_POST 1 -# define ASN1_OP_FREE_PRE 2 -# define ASN1_OP_FREE_POST 3 -# define ASN1_OP_D2I_PRE 4 -# define ASN1_OP_D2I_POST 5 -# define ASN1_OP_I2D_PRE 6 -# define ASN1_OP_I2D_POST 7 -# define ASN1_OP_PRINT_PRE 8 -# define ASN1_OP_PRINT_POST 9 -# define ASN1_OP_STREAM_PRE 10 -# define ASN1_OP_STREAM_POST 11 -# define ASN1_OP_DETACHED_PRE 12 -# define ASN1_OP_DETACHED_POST 13 - -/* Macro to implement a primitive type */ -# define IMPLEMENT_ASN1_TYPE(stname) IMPLEMENT_ASN1_TYPE_ex(stname, stname, 0) -# define IMPLEMENT_ASN1_TYPE_ex(itname, vname, ex) \ - ASN1_ITEM_start(itname) \ - ASN1_ITYPE_PRIMITIVE, V_##vname, NULL, 0, NULL, ex, #itname \ - ASN1_ITEM_end(itname) - -/* Macro to implement a multi string type */ -# define IMPLEMENT_ASN1_MSTRING(itname, mask) \ - ASN1_ITEM_start(itname) \ - ASN1_ITYPE_MSTRING, mask, NULL, 0, NULL, sizeof(ASN1_STRING), #itname \ - ASN1_ITEM_end(itname) - -/* Macro to implement an ASN1_ITEM in terms of old style funcs */ - -# define IMPLEMENT_COMPAT_ASN1(sname) IMPLEMENT_COMPAT_ASN1_type(sname, V_ASN1_SEQUENCE) - -# define IMPLEMENT_COMPAT_ASN1_type(sname, tag) \ - static const ASN1_COMPAT_FUNCS sname##_ff = { \ - (ASN1_new_func *)sname##_new, \ - (ASN1_free_func *)sname##_free, \ - (ASN1_d2i_func *)d2i_##sname, \ - (ASN1_i2d_func *)i2d_##sname, \ - }; \ - ASN1_ITEM_start(sname) \ - ASN1_ITYPE_COMPAT, \ - tag, \ - NULL, \ - 0, \ - &sname##_ff, \ - 0, \ - #sname \ - ASN1_ITEM_end(sname) - -# define IMPLEMENT_EXTERN_ASN1(sname, tag, fptrs) \ - ASN1_ITEM_start(sname) \ - ASN1_ITYPE_EXTERN, \ - tag, \ - NULL, \ - 0, \ - &fptrs, \ - 0, \ - #sname \ - ASN1_ITEM_end(sname) - -/* Macro to implement standard functions in terms of ASN1_ITEM structures */ - -# define IMPLEMENT_ASN1_FUNCTIONS(stname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname) - -# define IMPLEMENT_ASN1_FUNCTIONS_name(stname, itname) IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname) - -# define IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) \ - IMPLEMENT_ASN1_FUNCTIONS_ENCODE_fname(stname, itname, itname) - -# define IMPLEMENT_STATIC_ASN1_ALLOC_FUNCTIONS(stname) \ - IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(static, stname, stname, stname) - -# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS(stname) \ - IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, stname, stname) - -# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_pfname(pre, stname, itname, fname) \ - pre stname *fname##_new(void) \ - { \ - return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \ - } \ - pre void fname##_free(stname *a) \ - { \ - ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \ - } - -# define IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) \ - stname *fname##_new(void) \ - { \ - return (stname *)ASN1_item_new(ASN1_ITEM_rptr(itname)); \ - } \ - void fname##_free(stname *a) \ - { \ - ASN1_item_free((ASN1_VALUE *)a, ASN1_ITEM_rptr(itname)); \ - } - -# define IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, fname) \ - IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \ - IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) - -# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_fname(stname, itname, fname) \ - stname *d2i_##fname(stname **a, const unsigned char **in, long len) \ - { \ - return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\ - } \ - int i2d_##fname(stname *a, unsigned char **out) \ - { \ - return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\ - } - -# define IMPLEMENT_ASN1_NDEF_FUNCTION(stname) \ - int i2d_##stname##_NDEF(stname *a, unsigned char **out) \ - { \ - return ASN1_item_ndef_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(stname));\ - } - -/* - * This includes evil casts to remove const: they will go away when full ASN1 - * constification is done. - */ -# define IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ - stname *d2i_##fname(stname **a, const unsigned char **in, long len) \ - { \ - return (stname *)ASN1_item_d2i((ASN1_VALUE **)a, in, len, ASN1_ITEM_rptr(itname));\ - } \ - int i2d_##fname(const stname *a, unsigned char **out) \ - { \ - return ASN1_item_i2d((ASN1_VALUE *)a, out, ASN1_ITEM_rptr(itname));\ - } - -# define IMPLEMENT_ASN1_DUP_FUNCTION(stname) \ - stname * stname##_dup(stname *x) \ - { \ - return ASN1_item_dup(ASN1_ITEM_rptr(stname), x); \ - } - -# define IMPLEMENT_ASN1_PRINT_FUNCTION(stname) \ - IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, stname, stname) - -# define IMPLEMENT_ASN1_PRINT_FUNCTION_fname(stname, itname, fname) \ - int fname##_print_ctx(BIO *out, stname *x, int indent, \ - const ASN1_PCTX *pctx) \ - { \ - return ASN1_item_print(out, (ASN1_VALUE *)x, indent, \ - ASN1_ITEM_rptr(itname), pctx); \ - } - -# define IMPLEMENT_ASN1_FUNCTIONS_const(name) \ - IMPLEMENT_ASN1_FUNCTIONS_const_fname(name, name, name) - -# define IMPLEMENT_ASN1_FUNCTIONS_const_fname(stname, itname, fname) \ - IMPLEMENT_ASN1_ENCODE_FUNCTIONS_const_fname(stname, itname, fname) \ - IMPLEMENT_ASN1_ALLOC_FUNCTIONS_fname(stname, itname, fname) - -/* external definitions for primitive types */ - -DECLARE_ASN1_ITEM(ASN1_BOOLEAN) -DECLARE_ASN1_ITEM(ASN1_TBOOLEAN) -DECLARE_ASN1_ITEM(ASN1_FBOOLEAN) -DECLARE_ASN1_ITEM(ASN1_SEQUENCE) -DECLARE_ASN1_ITEM(CBIGNUM) -DECLARE_ASN1_ITEM(BIGNUM) -DECLARE_ASN1_ITEM(LONG) -DECLARE_ASN1_ITEM(ZLONG) - -DECLARE_STACK_OF(ASN1_VALUE) - -/* Functions used internally by the ASN1 code */ - -int ASN1_item_ex_new(ASN1_VALUE **pval, const ASN1_ITEM *it); -void ASN1_item_ex_free(ASN1_VALUE **pval, const ASN1_ITEM *it); -int ASN1_template_new(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); -int ASN1_primitive_new(ASN1_VALUE **pval, const ASN1_ITEM *it); - -void ASN1_template_free(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); -int ASN1_template_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, - const ASN1_TEMPLATE *tt); -int ASN1_item_ex_d2i(ASN1_VALUE **pval, const unsigned char **in, long len, - const ASN1_ITEM *it, int tag, int aclass, char opt, - ASN1_TLC *ctx); - -int ASN1_item_ex_i2d(ASN1_VALUE **pval, unsigned char **out, - const ASN1_ITEM *it, int tag, int aclass); -int ASN1_template_i2d(ASN1_VALUE **pval, unsigned char **out, - const ASN1_TEMPLATE *tt); -void ASN1_primitive_free(ASN1_VALUE **pval, const ASN1_ITEM *it); - -int asn1_ex_i2c(ASN1_VALUE **pval, unsigned char *cont, int *putype, - const ASN1_ITEM *it); -int asn1_ex_c2i(ASN1_VALUE **pval, const unsigned char *cont, int len, - int utype, char *free_cont, const ASN1_ITEM *it); - -int asn1_get_choice_selector(ASN1_VALUE **pval, const ASN1_ITEM *it); -int asn1_set_choice_selector(ASN1_VALUE **pval, int value, - const ASN1_ITEM *it); - -ASN1_VALUE **asn1_get_field_ptr(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt); - -const ASN1_TEMPLATE *asn1_do_adb(ASN1_VALUE **pval, const ASN1_TEMPLATE *tt, - int nullerr); - -int asn1_do_lock(ASN1_VALUE **pval, int op, const ASN1_ITEM *it); - -void asn1_enc_init(ASN1_VALUE **pval, const ASN1_ITEM *it); -void asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it); -int asn1_enc_restore(int *len, unsigned char **out, ASN1_VALUE **pval, - const ASN1_ITEM *it); -int asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen, - const ASN1_ITEM *it); - -#ifdef __cplusplus -} -#endif -#endif diff --git a/crypto/asn1/asn_mime.c b/crypto/asn1/asn_mime.c index 02b7c9b7efc6..dfd5be634754 100644 --- a/crypto/asn1/asn_mime.c +++ b/crypto/asn1/asn_mime.c @@ -1,65 +1,21 @@ -/* asn_mime.c */ /* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 1999-2018 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== + * Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include <ctype.h> -#include "cryptlib.h" +#include "internal/ctype.h" +#include "internal/cryptlib.h" #include <openssl/rand.h> #include <openssl/x509.h> #include <openssl/asn1.h> #include <openssl/asn1t.h> +#include "internal/evp_int.h" +#include "internal/bio.h" #include "asn1_locl.h" /* @@ -72,41 +28,35 @@ * from parameter values. Quotes are stripped off */ -typedef struct { +struct mime_param_st { char *param_name; /* Param name e.g. "micalg" */ char *param_value; /* Param value e.g. "sha1" */ -} MIME_PARAM; +}; -DECLARE_STACK_OF(MIME_PARAM) -IMPLEMENT_STACK_OF(MIME_PARAM) - -typedef struct { +struct mime_header_st { char *name; /* Name of line e.g. "content-type" */ char *value; /* Value of line e.g. "text/plain" */ STACK_OF(MIME_PARAM) *params; /* Zero or more parameters */ -} MIME_HEADER; - -DECLARE_STACK_OF(MIME_HEADER) -IMPLEMENT_STACK_OF(MIME_HEADER) +}; static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags, const ASN1_ITEM *it); static char *strip_ends(char *name); static char *strip_start(char *name); static char *strip_end(char *name); -static MIME_HEADER *mime_hdr_new(char *name, char *value); -static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value); +static MIME_HEADER *mime_hdr_new(const char *name, const char *value); +static int mime_hdr_addparam(MIME_HEADER *mhdr, const char *name, const char *value); static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio); static int mime_hdr_cmp(const MIME_HEADER *const *a, const MIME_HEADER *const *b); static int mime_param_cmp(const MIME_PARAM *const *a, const MIME_PARAM *const *b); static void mime_param_free(MIME_PARAM *param); -static int mime_bound_check(char *line, int linelen, char *bound, int blen); -static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret); -static int strip_eol(char *linebuf, int *plen); -static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name); -static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name); +static int mime_bound_check(char *line, int linelen, const char *bound, int blen); +static int multi_split(BIO *bio, const char *bound, STACK_OF(BIO) **ret); +static int strip_eol(char *linebuf, int *plen, int flags); +static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, const char *name); +static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, const char *name); static void mime_hdr_free(MIME_HEADER *hdr); #define MAX_SMLEN 1024 @@ -151,7 +101,7 @@ static int B64_write_ASN1(BIO *out, ASN1_VALUE *val, BIO *in, int flags, BIO *b64; int r; b64 = BIO_new(BIO_f_base64()); - if (!b64) { + if (b64 == NULL) { ASN1err(ASN1_F_B64_WRITE_ASN1, ERR_R_MALLOC_FAILURE); return 0; } @@ -182,7 +132,8 @@ static ASN1_VALUE *b64_read_asn1(BIO *bio, const ASN1_ITEM *it) { BIO *b64; ASN1_VALUE *val; - if (!(b64 = BIO_new(BIO_f_base64()))) { + + if ((b64 = BIO_new(BIO_f_base64())) == NULL) { ASN1err(ASN1_F_B64_READ_ASN1, ERR_R_MALLOC_FAILURE); return 0; } @@ -191,7 +142,7 @@ static ASN1_VALUE *b64_read_asn1(BIO *bio, const ASN1_ITEM *it) if (!val) ASN1err(ASN1_F_B64_READ_ASN1, ASN1_R_DECODE_ERROR); (void)BIO_flush(bio); - bio = BIO_pop(bio); + BIO_pop(bio); BIO_free(b64); return val; } @@ -246,7 +197,6 @@ static int asn1_write_micalg(BIO *out, STACK_OF(X509_ALGOR) *mdalgs) case NID_id_GostR3411_94: BIO_puts(out, "gostr3411-94"); goto err; - break; default: if (have_unknown) @@ -370,7 +320,7 @@ static int asn1_output_data(BIO *out, BIO *data, ASN1_VALUE *val, int flags, int rv = 1; /* - * If data is not deteched or resigning then the output BIO is already + * If data is not detached or resigning then the output BIO is already * set up to finalise when it is written through. */ if (!(flags & SMIME_DETACHED) || (flags & PKCS7_REUSE_DIGEST)) { @@ -430,12 +380,13 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it) if (bcont) *bcont = NULL; - if (!(headers = mime_parse_hdr(bio))) { + if ((headers = mime_parse_hdr(bio)) == NULL) { ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_MIME_PARSE_ERROR); return NULL; } - if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) { + if ((hdr = mime_hdr_find(headers, "content-type")) == NULL + || hdr->value == NULL) { sk_MIME_HEADER_pop_free(headers, mime_hdr_free); ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_CONTENT_TYPE); return NULL; @@ -443,7 +394,7 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it) /* Handle multipart/signed */ - if (!strcmp(hdr->value, "multipart/signed")) { + if (strcmp(hdr->value, "multipart/signed") == 0) { /* Split into two parts */ prm = mime_param_find(hdr, "boundary"); if (!prm || !prm->param_value) { @@ -462,7 +413,7 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it) /* Parse the signature piece */ asnin = sk_BIO_value(parts, 1); - if (!(headers = mime_parse_hdr(asnin))) { + if ((headers = mime_parse_hdr(asnin)) == NULL) { ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_MIME_SIG_PARSE_ERROR); sk_BIO_pop_free(parts, BIO_vfree); return NULL; @@ -470,7 +421,8 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it) /* Get content type */ - if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) { + if ((hdr = mime_hdr_find(headers, "content-type")) == NULL + || hdr->value == NULL) { sk_MIME_HEADER_pop_free(headers, mime_hdr_free); ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_NO_SIG_CONTENT_TYPE); sk_BIO_pop_free(parts, BIO_vfree); @@ -487,7 +439,7 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it) } sk_MIME_HEADER_pop_free(headers, mime_hdr_free); /* Read in ASN1 */ - if (!(val = b64_read_asn1(asnin, it))) { + if ((val = b64_read_asn1(asnin, it)) == NULL) { ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_ASN1_SIG_PARSE_ERROR); sk_BIO_pop_free(parts, BIO_vfree); return NULL; @@ -514,7 +466,7 @@ ASN1_VALUE *SMIME_read_ASN1(BIO *bio, BIO **bcont, const ASN1_ITEM *it) sk_MIME_HEADER_pop_free(headers, mime_hdr_free); - if (!(val = b64_read_asn1(bio, it))) { + if ((val = b64_read_asn1(bio, it)) == NULL) { ASN1err(ASN1_F_SMIME_READ_ASN1, ASN1_R_ASN1_PARSE_ERROR); return NULL; } @@ -534,20 +486,32 @@ int SMIME_crlf_copy(BIO *in, BIO *out, int flags) * when streaming as we don't end up with one OCTET STRING per line. */ bf = BIO_new(BIO_f_buffer()); - if (!bf) + if (bf == NULL) return 0; out = BIO_push(bf, out); if (flags & SMIME_BINARY) { while ((len = BIO_read(in, linebuf, MAX_SMLEN)) > 0) BIO_write(out, linebuf, len); } else { + int eolcnt = 0; if (flags & SMIME_TEXT) BIO_printf(out, "Content-Type: text/plain\r\n\r\n"); while ((len = BIO_gets(in, linebuf, MAX_SMLEN)) > 0) { - eol = strip_eol(linebuf, &len); - if (len) + eol = strip_eol(linebuf, &len, flags); + if (len) { + /* Not EOF: write out all CRLF */ + if (flags & SMIME_ASCIICRLF) { + int i; + for (i = 0; i < eolcnt; i++) + BIO_write(out, "\r\n", 2); + eolcnt = 0; + } BIO_write(out, linebuf, len); - if (eol) + if (eol) + BIO_write(out, "\r\n", 2); + } else if (flags & SMIME_ASCIICRLF) + eolcnt++; + else if (eol) BIO_write(out, "\r\n", 2); } } @@ -565,11 +529,12 @@ int SMIME_text(BIO *in, BIO *out) STACK_OF(MIME_HEADER) *headers; MIME_HEADER *hdr; - if (!(headers = mime_parse_hdr(in))) { + if ((headers = mime_parse_hdr(in)) == NULL) { ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_MIME_PARSE_ERROR); return 0; } - if (!(hdr = mime_hdr_find(headers, "content-type")) || !hdr->value) { + if ((hdr = mime_hdr_find(headers, "content-type")) == NULL + || hdr->value == NULL) { ASN1err(ASN1_F_SMIME_TEXT, ASN1_R_MIME_NO_CONTENT_TYPE); sk_MIME_HEADER_pop_free(headers, mime_hdr_free); return 0; @@ -593,7 +558,7 @@ int SMIME_text(BIO *in, BIO *out) * canonical parts in a STACK of bios */ -static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret) +static int multi_split(BIO *bio, const char *bound, STACK_OF(BIO) **ret) { char linebuf[MAX_SMLEN]; int len, blen; @@ -608,24 +573,32 @@ static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret) first = 1; parts = sk_BIO_new_null(); *ret = parts; + if (*ret == NULL) + return 0; while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) { state = mime_bound_check(linebuf, len, bound, blen); if (state == 1) { first = 1; part++; } else if (state == 2) { - sk_BIO_push(parts, bpart); + if (!sk_BIO_push(parts, bpart)) { + BIO_free(bpart); + return 0; + } return 1; } else if (part) { /* Strip CR+LF from linebuf */ - next_eol = strip_eol(linebuf, &len); + next_eol = strip_eol(linebuf, &len, 0); if (first) { first = 0; if (bpart) - sk_BIO_push(parts, bpart); + if (!sk_BIO_push(parts, bpart)) { + BIO_free(bpart); + return 0; + } bpart = BIO_new(BIO_s_mem()); if (bpart == NULL) - return 1; + return 0; BIO_set_mem_eof_return(bpart, 0); } else if (eol) BIO_write(bpart, "\r\n", 2); @@ -634,6 +607,7 @@ static int multi_split(BIO *bio, char *bound, STACK_OF(BIO) **ret) BIO_write(bpart, linebuf, len); } } + BIO_free(bpart); return 0; } @@ -652,16 +626,16 @@ static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio) char *p, *q, c; char *ntmp; char linebuf[MAX_SMLEN]; - MIME_HEADER *mhdr = NULL; + MIME_HEADER *mhdr = NULL, *new_hdr = NULL; STACK_OF(MIME_HEADER) *headers; int len, state, save_state = 0; headers = sk_MIME_HEADER_new(mime_hdr_cmp); - if (!headers) + if (headers == NULL) return NULL; while ((len = BIO_gets(bio, linebuf, MAX_SMLEN)) > 0) { /* If whitespace at line start then continuation line */ - if (mhdr && isspace((unsigned char)linebuf[0])) + if (mhdr && ossl_isspace(linebuf[0])) state = MIME_NAME; else state = MIME_START; @@ -689,8 +663,13 @@ static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio) if (c == ';') { mime_debug("Found End Value\n"); *p = 0; - mhdr = mime_hdr_new(ntmp, strip_ends(q)); - sk_MIME_HEADER_push(headers, mhdr); + new_hdr = mime_hdr_new(ntmp, strip_ends(q)); + if (new_hdr == NULL) + goto err; + if (!sk_MIME_HEADER_push(headers, new_hdr)) + goto err; + mhdr = new_hdr; + new_hdr = NULL; ntmp = NULL; q = p + 1; state = MIME_NAME; @@ -741,8 +720,13 @@ static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio) } if (state == MIME_TYPE) { - mhdr = mime_hdr_new(ntmp, strip_ends(q)); - sk_MIME_HEADER_push(headers, mhdr); + new_hdr = mime_hdr_new(ntmp, strip_ends(q)); + if (new_hdr == NULL) + goto err; + if (!sk_MIME_HEADER_push(headers, new_hdr)) + goto err; + mhdr = new_hdr; + new_hdr = NULL; } else if (state == MIME_VALUE) mime_hdr_addparam(mhdr, ntmp, strip_ends(q)); if (p == linebuf) @@ -751,6 +735,10 @@ static STACK_OF(MIME_HEADER) *mime_parse_hdr(BIO *bio) return headers; +err: + mime_hdr_free(new_hdr); + sk_MIME_HEADER_pop_free(headers, mime_hdr_free); + return NULL; } static char *strip_ends(char *name) @@ -771,7 +759,7 @@ static char *strip_start(char *name) /* Else null string */ return NULL; } - if (!isspace((unsigned char)c)) + if (!ossl_isspace(c)) return p; } return NULL; @@ -792,7 +780,7 @@ static char *strip_end(char *name) *p = 0; return name; } - if (isspace((unsigned char)c)) + if (ossl_isspace(c)) *p = 0; else return name; @@ -800,77 +788,70 @@ static char *strip_end(char *name) return NULL; } -static MIME_HEADER *mime_hdr_new(char *name, char *value) +static MIME_HEADER *mime_hdr_new(const char *name, const char *value) { - MIME_HEADER *mhdr; - char *tmpname, *tmpval, *p; - int c; + MIME_HEADER *mhdr = NULL; + char *tmpname = NULL, *tmpval = NULL, *p; + if (name) { - if (!(tmpname = BUF_strdup(name))) + if ((tmpname = OPENSSL_strdup(name)) == NULL) return NULL; - for (p = tmpname; *p; p++) { - c = (unsigned char)*p; - if (isupper(c)) { - c = tolower(c); - *p = c; - } - } - } else - tmpname = NULL; + for (p = tmpname; *p; p++) + *p = ossl_tolower(*p); + } if (value) { - if (!(tmpval = BUF_strdup(value))) - return NULL; - for (p = tmpval; *p; p++) { - c = (unsigned char)*p; - if (isupper(c)) { - c = tolower(c); - *p = c; - } - } - } else - tmpval = NULL; - mhdr = (MIME_HEADER *)OPENSSL_malloc(sizeof(MIME_HEADER)); - if (!mhdr) - return NULL; + if ((tmpval = OPENSSL_strdup(value)) == NULL) + goto err; + for (p = tmpval; *p; p++) + *p = ossl_tolower(*p); + } + mhdr = OPENSSL_malloc(sizeof(*mhdr)); + if (mhdr == NULL) + goto err; mhdr->name = tmpname; mhdr->value = tmpval; - if (!(mhdr->params = sk_MIME_PARAM_new(mime_param_cmp))) - return NULL; + if ((mhdr->params = sk_MIME_PARAM_new(mime_param_cmp)) == NULL) + goto err; return mhdr; + + err: + OPENSSL_free(tmpname); + OPENSSL_free(tmpval); + OPENSSL_free(mhdr); + return NULL; } -static int mime_hdr_addparam(MIME_HEADER *mhdr, char *name, char *value) +static int mime_hdr_addparam(MIME_HEADER *mhdr, const char *name, const char *value) { - char *tmpname, *tmpval, *p; - int c; - MIME_PARAM *mparam; + char *tmpname = NULL, *tmpval = NULL, *p; + MIME_PARAM *mparam = NULL; + if (name) { - tmpname = BUF_strdup(name); + tmpname = OPENSSL_strdup(name); if (!tmpname) - return 0; - for (p = tmpname; *p; p++) { - c = (unsigned char)*p; - if (isupper(c)) { - c = tolower(c); - *p = c; - } - } - } else - tmpname = NULL; + goto err; + for (p = tmpname; *p; p++) + *p = ossl_tolower(*p); + } if (value) { - tmpval = BUF_strdup(value); + tmpval = OPENSSL_strdup(value); if (!tmpval) - return 0; - } else - tmpval = NULL; + goto err; + } /* Parameter values are case sensitive so leave as is */ - mparam = (MIME_PARAM *)OPENSSL_malloc(sizeof(MIME_PARAM)); - if (!mparam) - return 0; + mparam = OPENSSL_malloc(sizeof(*mparam)); + if (mparam == NULL) + goto err; mparam->param_name = tmpname; mparam->param_value = tmpval; - sk_MIME_PARAM_push(mhdr->params, mparam); + if (!sk_MIME_PARAM_push(mhdr->params, mparam)) + goto err; return 1; + err: + OPENSSL_free(tmpname); + OPENSSL_free(tmpval); + OPENSSL_free(mparam); + return 0; } static int mime_hdr_cmp(const MIME_HEADER *const *a, @@ -879,7 +860,7 @@ static int mime_hdr_cmp(const MIME_HEADER *const *a, if (!(*a)->name || !(*b)->name) return ! !(*a)->name - ! !(*b)->name; - return (strcmp((*a)->name, (*b)->name)); + return strcmp((*a)->name, (*b)->name); } static int mime_param_cmp(const MIME_PARAM *const *a, @@ -887,39 +868,41 @@ static int mime_param_cmp(const MIME_PARAM *const *a, { if (!(*a)->param_name || !(*b)->param_name) return ! !(*a)->param_name - ! !(*b)->param_name; - return (strcmp((*a)->param_name, (*b)->param_name)); + return strcmp((*a)->param_name, (*b)->param_name); } /* Find a header with a given name (if possible) */ -static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, char *name) +static MIME_HEADER *mime_hdr_find(STACK_OF(MIME_HEADER) *hdrs, const char *name) { MIME_HEADER htmp; int idx; - htmp.name = name; + + htmp.name = (char *)name; + htmp.value = NULL; + htmp.params = NULL; + idx = sk_MIME_HEADER_find(hdrs, &htmp); - if (idx < 0) - return NULL; return sk_MIME_HEADER_value(hdrs, idx); } -static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, char *name) +static MIME_PARAM *mime_param_find(MIME_HEADER *hdr, const char *name) { MIME_PARAM param; int idx; - param.param_name = name; + + param.param_name = (char *)name; + param.param_value = NULL; idx = sk_MIME_PARAM_find(hdr->params, ¶m); - if (idx < 0) - return NULL; return sk_MIME_PARAM_value(hdr->params, idx); } static void mime_hdr_free(MIME_HEADER *hdr) { - if (hdr->name) - OPENSSL_free(hdr->name); - if (hdr->value) - OPENSSL_free(hdr->value); + if (hdr == NULL) + return; + OPENSSL_free(hdr->name); + OPENSSL_free(hdr->value); if (hdr->params) sk_MIME_PARAM_pop_free(hdr->params, mime_param_free); OPENSSL_free(hdr); @@ -927,10 +910,8 @@ static void mime_hdr_free(MIME_HEADER *hdr) static void mime_param_free(MIME_PARAM *param) { - if (param->param_name) - OPENSSL_free(param->param_name); - if (param->param_value) - OPENSSL_free(param->param_value); + OPENSSL_free(param->param_name); + OPENSSL_free(param->param_value); OPENSSL_free(param); } @@ -940,7 +921,7 @@ static void mime_param_free(MIME_PARAM *param) * 1 : part boundary * 2 : final boundary */ -static int mime_bound_check(char *line, int linelen, char *bound, int blen) +static int mime_bound_check(char *line, int linelen, const char *bound, int blen) { if (linelen == -1) linelen = strlen(line); @@ -950,8 +931,9 @@ static int mime_bound_check(char *line, int linelen, char *bound, int blen) if (blen + 2 > linelen) return 0; /* Check for part boundary */ - if (!strncmp(line, "--", 2) && !strncmp(line + 2, bound, blen)) { - if (!strncmp(line + blen + 2, "--", 2)) + if ((strncmp(line, "--", 2) == 0) + && strncmp(line + 2, bound, blen) == 0) { + if (strncmp(line + blen + 2, "--", 2) == 0) return 2; else return 1; @@ -959,18 +941,22 @@ static int mime_bound_check(char *line, int linelen, char *bound, int blen) return 0; } -static int strip_eol(char *linebuf, int *plen) +static int strip_eol(char *linebuf, int *plen, int flags) { int len = *plen; char *p, c; int is_eol = 0; - p = linebuf + len - 1; + for (p = linebuf + len - 1; len > 0; len--, p--) { c = *p; - if (c == '\n') + if (c == '\n') { is_eol = 1; - else if (c != '\r') + } else if (is_eol && flags & SMIME_ASCIICRLF && c == 32) { + /* Strip trailing space on a line; 32 == ASCII for ' ' */ + continue; + } else if (c != '\r') { break; + } } *plen = len; return is_eol; diff --git a/crypto/asn1/asn_moid.c b/crypto/asn1/asn_moid.c index fab2dd92e244..68a01f31179e 100644 --- a/crypto/asn1/asn_moid.c +++ b/crypto/asn1/asn_moid.c @@ -1,73 +1,24 @@ -/* asn_moid.c */ /* - * Written by Stephen Henson (steve@openssl.org) for the OpenSSL project - * 2001. - */ -/* ==================================================================== - * Copyright (c) 2001-2004 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). + * Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include <ctype.h> +#include "internal/ctype.h" #include <openssl/crypto.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/conf.h> -#include <openssl/dso.h> #include <openssl/x509.h> +#include "internal/asn1_int.h" +#include "internal/objects.h" /* Simple ASN1 OID module: add all objects in a given section */ -static int do_create(char *value, char *name); +static int do_create(const char *value, const char *name); static int oid_module_init(CONF_IMODULE *md, const CONF *cnf) { @@ -75,8 +26,9 @@ static int oid_module_init(CONF_IMODULE *md, const CONF *cnf) const char *oid_section; STACK_OF(CONF_VALUE) *sktmp; CONF_VALUE *oval; + oid_section = CONF_imodule_get_value(md); - if (!(sktmp = NCONF_get_section(cnf, oid_section))) { + if ((sktmp = NCONF_get_section(cnf, oid_section)) == NULL) { ASN1err(ASN1_F_OID_MODULE_INIT, ASN1_R_ERROR_LOADING_SECTION); return 0; } @@ -92,7 +44,6 @@ static int oid_module_init(CONF_IMODULE *md, const CONF *cnf) static void oid_module_finish(CONF_IMODULE *md) { - OBJ_cleanup(); } void ASN1_add_oid_module(void) @@ -106,48 +57,44 @@ void ASN1_add_oid_module(void) * shortname = some long name, 1.2.3.4 */ -static int do_create(char *value, char *name) +static int do_create(const char *value, const char *name) { int nid; - ASN1_OBJECT *oid; - char *ln, *ostr, *p, *lntmp; + const char *ln, *ostr, *p; + char *lntmp = NULL; + p = strrchr(value, ','); - if (!p) { + if (p == NULL) { ln = name; ostr = value; } else { - ln = NULL; + ln = value; ostr = p + 1; - if (!*ostr) + if (*ostr == '\0') return 0; - while (isspace((unsigned char)*ostr)) + while (ossl_isspace(*ostr)) ostr++; - } - - nid = OBJ_create(ostr, name, ln); - - if (nid == NID_undef) - return 0; - - if (p) { - ln = value; - while (isspace((unsigned char)*ln)) + while (ossl_isspace(*ln)) ln++; p--; - while (isspace((unsigned char)*p)) { + while (ossl_isspace(*p)) { if (p == ln) return 0; p--; } p++; - lntmp = OPENSSL_malloc((p - ln) + 1); - if (lntmp == NULL) + if ((lntmp = OPENSSL_malloc((p - ln) + 1)) == NULL) { + ASN1err(ASN1_F_DO_CREATE, ERR_R_MALLOC_FAILURE); return 0; + } memcpy(lntmp, ln, p - ln); - lntmp[p - ln] = 0; - oid = OBJ_nid2obj(nid); - oid->ln = lntmp; + lntmp[p - ln] = '\0'; + ln = lntmp; } - return 1; + nid = OBJ_create(ostr, name, ln); + + OPENSSL_free(lntmp); + + return nid != NID_undef; } diff --git a/crypto/asn1/asn_mstbl.c b/crypto/asn1/asn_mstbl.c new file mode 100644 index 000000000000..ddcbcd07fe6e --- /dev/null +++ b/crypto/asn1/asn_mstbl.c @@ -0,0 +1,113 @@ +/* + * Copyright 2012-2017 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#include <stdio.h> +#include <openssl/crypto.h> +#include "internal/cryptlib.h" +#include <openssl/conf.h> +#include <openssl/x509v3.h> + +/* Multi string module: add table entries from a given section */ + +static int do_tcreate(const char *value, const char *name); + +static int stbl_module_init(CONF_IMODULE *md, const CONF *cnf) +{ + int i; + const char *stbl_section; + STACK_OF(CONF_VALUE) *sktmp; + CONF_VALUE *mval; + + stbl_section = CONF_imodule_get_value(md); + if ((sktmp = NCONF_get_section(cnf, stbl_section)) == NULL) { + ASN1err(ASN1_F_STBL_MODULE_INIT, ASN1_R_ERROR_LOADING_SECTION); + return 0; + } + for (i = 0; i < sk_CONF_VALUE_num(sktmp); i++) { + mval = sk_CONF_VALUE_value(sktmp, i); + if (!do_tcreate(mval->value, mval->name)) { + ASN1err(ASN1_F_STBL_MODULE_INIT, ASN1_R_INVALID_VALUE); + return 0; + } + } + return 1; +} + +static void stbl_module_finish(CONF_IMODULE *md) +{ + ASN1_STRING_TABLE_cleanup(); +} + +void ASN1_add_stable_module(void) +{ + CONF_module_add("stbl_section", stbl_module_init, stbl_module_finish); +} + +/* + * Create an table entry based on a name value pair. format is oid_name = + * n1:v1, n2:v2,... where name is "min", "max", "mask" or "flags". + */ + +static int do_tcreate(const char *value, const char *name) +{ + char *eptr; + int nid, i, rv = 0; + long tbl_min = -1, tbl_max = -1; + unsigned long tbl_mask = 0, tbl_flags = 0; + STACK_OF(CONF_VALUE) *lst = NULL; + CONF_VALUE *cnf = NULL; + nid = OBJ_sn2nid(name); + if (nid == NID_undef) + nid = OBJ_ln2nid(name); + if (nid == NID_undef) + goto err; + lst = X509V3_parse_list(value); + if (!lst) + goto err; + for (i = 0; i < sk_CONF_VALUE_num(lst); i++) { + cnf = sk_CONF_VALUE_value(lst, i); + if (strcmp(cnf->name, "min") == 0) { + tbl_min = strtoul(cnf->value, &eptr, 0); + if (*eptr) + goto err; + } else if (strcmp(cnf->name, "max") == 0) { + tbl_max = strtoul(cnf->value, &eptr, 0); + if (*eptr) + goto err; + } else if (strcmp(cnf->name, "mask") == 0) { + if (!ASN1_str2mask(cnf->value, &tbl_mask) || !tbl_mask) + goto err; + } else if (strcmp(cnf->name, "flags") == 0) { + if (strcmp(cnf->value, "nomask") == 0) + tbl_flags = STABLE_NO_MASK; + else if (strcmp(cnf->value, "none") == 0) + tbl_flags = STABLE_FLAGS_CLEAR; + else + goto err; + } else + goto err; + } + rv = 1; + err: + if (rv == 0) { + ASN1err(ASN1_F_DO_TCREATE, ASN1_R_INVALID_STRING_TABLE_VALUE); + if (cnf) + ERR_add_error_data(4, "field=", cnf->name, + ", value=", cnf->value); + else + ERR_add_error_data(4, "name=", name, ", value=", value); + } else { + rv = ASN1_STRING_TABLE_add(nid, tbl_min, tbl_max, + tbl_mask, tbl_flags); + if (!rv) + ASN1err(ASN1_F_DO_TCREATE, ERR_R_MALLOC_FAILURE); + } + sk_CONF_VALUE_pop_free(lst, X509V3_conf_free); + return rv; +} diff --git a/crypto/asn1/asn_pack.c b/crypto/asn1/asn_pack.c index 366caf01f091..63bc30675655 100644 --- a/crypto/asn1/asn_pack.c +++ b/crypto/asn1/asn_pack.c @@ -1,207 +1,62 @@ -/* asn_pack.c */ /* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project - * 1999. - */ -/* ==================================================================== - * Copyright (c) 1999 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). + * Copyright 1999-2016 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/asn1.h> -#ifndef NO_ASN1_OLD - /* ASN1 packing and unpacking functions */ -/* Turn an ASN1 encoded SEQUENCE OF into a STACK of structures */ - -STACK_OF(OPENSSL_BLOCK) *ASN1_seq_unpack(const unsigned char *buf, int len, - d2i_of_void *d2i, - void (*free_func) (OPENSSL_BLOCK)) -{ - STACK_OF(OPENSSL_BLOCK) *sk; - const unsigned char *pbuf; - pbuf = buf; - if (!(sk = d2i_ASN1_SET(NULL, &pbuf, len, d2i, free_func, - V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL))) - ASN1err(ASN1_F_ASN1_SEQ_UNPACK, ASN1_R_DECODE_ERROR); - return sk; -} - -/* - * Turn a STACK structures into an ASN1 encoded SEQUENCE OF structure in a - * OPENSSL_malloc'ed buffer - */ - -unsigned char *ASN1_seq_pack(STACK_OF(OPENSSL_BLOCK) *safes, i2d_of_void *i2d, - unsigned char **buf, int *len) -{ - int safelen; - unsigned char *safe, *p; - if (!(safelen = i2d_ASN1_SET(safes, NULL, i2d, V_ASN1_SEQUENCE, - V_ASN1_UNIVERSAL, IS_SEQUENCE))) { - ASN1err(ASN1_F_ASN1_SEQ_PACK, ASN1_R_ENCODE_ERROR); - return NULL; - } - if (!(safe = OPENSSL_malloc(safelen))) { - ASN1err(ASN1_F_ASN1_SEQ_PACK, ERR_R_MALLOC_FAILURE); - return NULL; - } - p = safe; - i2d_ASN1_SET(safes, &p, i2d, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL, - IS_SEQUENCE); - if (len) - *len = safelen; - if (buf) - *buf = safe; - return safe; -} - -/* Extract an ASN1 object from an ASN1_STRING */ - -void *ASN1_unpack_string(ASN1_STRING *oct, d2i_of_void *d2i) -{ - const unsigned char *p; - char *ret; - - p = oct->data; - if (!(ret = d2i(NULL, &p, oct->length))) - ASN1err(ASN1_F_ASN1_UNPACK_STRING, ASN1_R_DECODE_ERROR); - return ret; -} - -/* Pack an ASN1 object into an ASN1_STRING */ - -ASN1_STRING *ASN1_pack_string(void *obj, i2d_of_void *i2d, ASN1_STRING **oct) -{ - unsigned char *p; - ASN1_STRING *octmp; - - if (!oct || !*oct) { - if (!(octmp = ASN1_STRING_new())) { - ASN1err(ASN1_F_ASN1_PACK_STRING, ERR_R_MALLOC_FAILURE); - return NULL; - } - if (oct) - *oct = octmp; - } else - octmp = *oct; - - if (!(octmp->length = i2d(obj, NULL))) { - ASN1err(ASN1_F_ASN1_PACK_STRING, ASN1_R_ENCODE_ERROR); - goto err; - } - if (!(p = OPENSSL_malloc(octmp->length))) { - ASN1err(ASN1_F_ASN1_PACK_STRING, ERR_R_MALLOC_FAILURE); - goto err; - } - octmp->data = p; - i2d(obj, &p); - return octmp; - err: - if (!oct || !*oct) { - ASN1_STRING_free(octmp); - if (oct) - *oct = NULL; - } - return NULL; -} - -#endif - -/* ASN1_ITEM versions of the above */ - ASN1_STRING *ASN1_item_pack(void *obj, const ASN1_ITEM *it, ASN1_STRING **oct) { ASN1_STRING *octmp; - if (!oct || !*oct) { - if (!(octmp = ASN1_STRING_new())) { + if (oct == NULL || *oct == NULL) { + if ((octmp = ASN1_STRING_new()) == NULL) { ASN1err(ASN1_F_ASN1_ITEM_PACK, ERR_R_MALLOC_FAILURE); return NULL; } - if (oct) - *oct = octmp; - } else + } else { octmp = *oct; - - if (octmp->data) { - OPENSSL_free(octmp->data); - octmp->data = NULL; } - if (!(octmp->length = ASN1_item_i2d(obj, &octmp->data, it))) { + OPENSSL_free(octmp->data); + octmp->data = NULL; + + if ((octmp->length = ASN1_item_i2d(obj, &octmp->data, it)) == 0) { ASN1err(ASN1_F_ASN1_ITEM_PACK, ASN1_R_ENCODE_ERROR); - return NULL; + goto err; } - if (!octmp->data) { + if (octmp->data == NULL) { ASN1err(ASN1_F_ASN1_ITEM_PACK, ERR_R_MALLOC_FAILURE); - return NULL; + goto err; } + + if (oct != NULL && *oct == NULL) + *oct = octmp; + return octmp; + err: + if (oct == NULL || *oct == NULL) + ASN1_STRING_free(octmp); + return NULL; } /* Extract an ASN1 object from an ASN1_STRING */ -void *ASN1_item_unpack(ASN1_STRING *oct, const ASN1_ITEM *it) +void *ASN1_item_unpack(const ASN1_STRING *oct, const ASN1_ITEM *it) { const unsigned char *p; void *ret; p = oct->data; - if (!(ret = ASN1_item_d2i(NULL, &p, oct->length, it))) + if ((ret = ASN1_item_d2i(NULL, &p, oct->length, it)) == NULL) ASN1err(ASN1_F_ASN1_ITEM_UNPACK, ASN1_R_DECODE_ERROR); return ret; } diff --git a/crypto/asn1/bio_asn1.c b/crypto/asn1/bio_asn1.c index c3afff69dc7e..86ee56632305 100644 --- a/crypto/asn1/bio_asn1.c +++ b/crypto/asn1/bio_asn1.c @@ -1,60 +1,10 @@ -/* bio_asn1.c */ /* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2006 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). + * Copyright 2006-2018 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ /* @@ -64,8 +14,9 @@ */ #include <string.h> -#include <openssl/bio.h> +#include "internal/bio.h" #include <openssl/asn1.h> +#include "internal/cryptlib.h" /* Must be large enough for biggest tag+length */ #define DEFAULT_ASN1_BUF_SIZE 20 @@ -115,7 +66,7 @@ static int asn1_bio_gets(BIO *h, char *str, int size); static long asn1_bio_ctrl(BIO *h, int cmd, long arg1, void *arg2); static int asn1_bio_new(BIO *h); static int asn1_bio_free(BIO *data); -static long asn1_bio_callback_ctrl(BIO *h, int cmd, bio_info_cb *fp); +static long asn1_bio_callback_ctrl(BIO *h, int cmd, BIO_info_cb *fp); static int asn1_bio_init(BIO_ASN1_BUF_CTX *ctx, int size); static int asn1_bio_flush_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx, @@ -125,10 +76,14 @@ static int asn1_bio_setup_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx, asn1_bio_state_t ex_state, asn1_bio_state_t other_state); -static BIO_METHOD methods_asn1 = { +static const BIO_METHOD methods_asn1 = { BIO_TYPE_ASN1, "asn1", + /* TODO: Convert to new style write function */ + bwrite_conv, asn1_bio_write, + /* TODO: Convert to new style read function */ + bread_conv, asn1_bio_read, asn1_bio_puts, asn1_bio_gets, @@ -138,59 +93,56 @@ static BIO_METHOD methods_asn1 = { asn1_bio_callback_ctrl, }; -BIO_METHOD *BIO_f_asn1(void) +const BIO_METHOD *BIO_f_asn1(void) { - return (&methods_asn1); + return &methods_asn1; } static int asn1_bio_new(BIO *b) { - BIO_ASN1_BUF_CTX *ctx; - ctx = OPENSSL_malloc(sizeof(BIO_ASN1_BUF_CTX)); - if (!ctx) + BIO_ASN1_BUF_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); + + if (ctx == NULL) return 0; if (!asn1_bio_init(ctx, DEFAULT_ASN1_BUF_SIZE)) { OPENSSL_free(ctx); return 0; } - b->init = 1; - b->ptr = (char *)ctx; - b->flags = 0; + BIO_set_data(b, ctx); + BIO_set_init(b, 1); + return 1; } static int asn1_bio_init(BIO_ASN1_BUF_CTX *ctx, int size) { - ctx->buf = OPENSSL_malloc(size); - if (!ctx->buf) + if ((ctx->buf = OPENSSL_malloc(size)) == NULL) { + ASN1err(ASN1_F_ASN1_BIO_INIT, ERR_R_MALLOC_FAILURE); return 0; + } ctx->bufsize = size; - ctx->bufpos = 0; - ctx->buflen = 0; - ctx->copylen = 0; ctx->asn1_class = V_ASN1_UNIVERSAL; ctx->asn1_tag = V_ASN1_OCTET_STRING; - ctx->ex_buf = NULL; - ctx->ex_len = 0; - ctx->ex_pos = 0; ctx->state = ASN1_STATE_START; - ctx->prefix = ctx->prefix_free = ctx->suffix = ctx->suffix_free = NULL; - ctx->ex_arg = NULL; return 1; } static int asn1_bio_free(BIO *b) { BIO_ASN1_BUF_CTX *ctx; - ctx = (BIO_ASN1_BUF_CTX *)b->ptr; + + if (b == NULL) + return 0; + + ctx = BIO_get_data(b); if (ctx == NULL) return 0; - if (ctx->buf) - OPENSSL_free(ctx->buf); + + OPENSSL_free(ctx->buf); OPENSSL_free(ctx); - b->init = 0; - b->ptr = NULL; - b->flags = 0; + BIO_set_data(b, NULL); + BIO_set_init(b, 0); + return 1; } @@ -199,10 +151,11 @@ static int asn1_bio_write(BIO *b, const char *in, int inl) BIO_ASN1_BUF_CTX *ctx; int wrmax, wrlen, ret; unsigned char *p; - if (!in || (inl < 0) || (b->next_bio == NULL)) - return 0; - ctx = (BIO_ASN1_BUF_CTX *)b->ptr; - if (ctx == NULL) + BIO *next; + + ctx = BIO_get_data(b); + next = BIO_next(b); + if (in == NULL || inl < 0 || ctx == NULL || next == NULL) return 0; wrlen = 0; @@ -210,7 +163,6 @@ static int asn1_bio_write(BIO *b, const char *in, int inl) for (;;) { switch (ctx->state) { - /* Setup prefix data, call it */ case ASN1_STATE_START: if (!asn1_bio_setup_ex(b, ctx, ctx->prefix, @@ -231,7 +183,8 @@ static int asn1_bio_write(BIO *b, const char *in, int inl) case ASN1_STATE_HEADER: ctx->buflen = ASN1_object_size(0, inl, ctx->asn1_tag) - inl; - OPENSSL_assert(ctx->buflen <= ctx->bufsize); + if (!ossl_assert(ctx->buflen <= ctx->bufsize)) + return 0; p = ctx->buf; ASN1_put_object(&p, 0, inl, ctx->asn1_tag, ctx->asn1_class); ctx->copylen = inl; @@ -240,7 +193,7 @@ static int asn1_bio_write(BIO *b, const char *in, int inl) break; case ASN1_STATE_HEADER_COPY: - ret = BIO_write(b->next_bio, ctx->buf + ctx->bufpos, ctx->buflen); + ret = BIO_write(next, ctx->buf + ctx->bufpos, ctx->buflen); if (ret <= 0) goto done; @@ -260,9 +213,9 @@ static int asn1_bio_write(BIO *b, const char *in, int inl) wrmax = ctx->copylen; else wrmax = inl; - ret = BIO_write(b->next_bio, in, wrmax); + ret = BIO_write(next, in, wrmax); if (ret <= 0) - break; + goto done; wrlen += ret; ctx->copylen -= ret; in += ret; @@ -276,7 +229,8 @@ static int asn1_bio_write(BIO *b, const char *in, int inl) break; - default: + case ASN1_STATE_POST_COPY: + case ASN1_STATE_DONE: BIO_clear_retry_flags(b); return 0; @@ -296,10 +250,11 @@ static int asn1_bio_flush_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx, asn1_ps_func *cleanup, asn1_bio_state_t next) { int ret; + if (ctx->ex_len <= 0) return 1; for (;;) { - ret = BIO_write(b->next_bio, ctx->ex_buf + ctx->ex_pos, ctx->ex_len); + ret = BIO_write(BIO_next(b), ctx->ex_buf + ctx->ex_pos, ctx->ex_len); if (ret <= 0) break; ctx->ex_len -= ret; @@ -334,9 +289,10 @@ static int asn1_bio_setup_ex(BIO *b, BIO_ASN1_BUF_CTX *ctx, static int asn1_bio_read(BIO *b, char *in, int inl) { - if (!b->next_bio) + BIO *next = BIO_next(b); + if (next == NULL) return 0; - return BIO_read(b->next_bio, in, inl); + return BIO_read(next, in, inl); } static int asn1_bio_puts(BIO *b, const char *str) @@ -346,16 +302,18 @@ static int asn1_bio_puts(BIO *b, const char *str) static int asn1_bio_gets(BIO *b, char *str, int size) { - if (!b->next_bio) + BIO *next = BIO_next(b); + if (next == NULL) return 0; - return BIO_gets(b->next_bio, str, size); + return BIO_gets(next, str, size); } -static long asn1_bio_callback_ctrl(BIO *b, int cmd, bio_info_cb *fp) +static long asn1_bio_callback_ctrl(BIO *b, int cmd, BIO_info_cb *fp) { - if (b->next_bio == NULL) - return (0); - return BIO_callback_ctrl(b->next_bio, cmd, fp); + BIO *next = BIO_next(b); + if (next == NULL) + return 0; + return BIO_callback_ctrl(next, cmd, fp); } static long asn1_bio_ctrl(BIO *b, int cmd, long arg1, void *arg2) @@ -363,9 +321,12 @@ static long asn1_bio_ctrl(BIO *b, int cmd, long arg1, void *arg2) BIO_ASN1_BUF_CTX *ctx; BIO_ASN1_EX_FUNCS *ex_func; long ret = 1; - ctx = (BIO_ASN1_BUF_CTX *)b->ptr; + BIO *next; + + ctx = BIO_get_data(b); if (ctx == NULL) return 0; + next = BIO_next(b); switch (cmd) { case BIO_C_SET_PREFIX: @@ -401,7 +362,7 @@ static long asn1_bio_ctrl(BIO *b, int cmd, long arg1, void *arg2) break; case BIO_CTRL_FLUSH: - if (!b->next_bio) + if (next == NULL) return 0; /* Call post function if possible */ @@ -419,17 +380,16 @@ static long asn1_bio_ctrl(BIO *b, int cmd, long arg1, void *arg2) } if (ctx->state == ASN1_STATE_DONE) - return BIO_ctrl(b->next_bio, cmd, arg1, arg2); + return BIO_ctrl(next, cmd, arg1, arg2); else { BIO_clear_retry_flags(b); return 0; } - break; default: - if (!b->next_bio) + if (next == NULL) return 0; - return BIO_ctrl(b->next_bio, cmd, arg1, arg2); + return BIO_ctrl(next, cmd, arg1, arg2); } diff --git a/crypto/asn1/bio_ndef.c b/crypto/asn1/bio_ndef.c index 8d7046633cfe..6222c99074de 100644 --- a/crypto/asn1/bio_ndef.c +++ b/crypto/asn1/bio_ndef.c @@ -1,56 +1,10 @@ -/* bio_ndef.c */ /* - * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL - * project. - */ -/* ==================================================================== - * Copyright (c) 2008 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== + * Copyright 2008-2018 The OpenSSL Project Authors. All Rights Reserved. * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <openssl/asn1.h> @@ -65,7 +19,7 @@ /* * The usage is quite simple, initialize an ASN1 structure, get a BIO from it * then any data written through the BIO will end up translated to - * approptiate format on the fly. The data is streamed out and does *not* + * appropriate format on the fly. The data is streamed out and does *not* * need to be all held in memory at once. When the BIO is flushed the output * is finalized and any signatures etc written out. The BIO is a 'proper' * BIO and can handle non blocking I/O correctly. The usage is simple. The @@ -106,21 +60,21 @@ BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it) ASN1err(ASN1_F_BIO_NEW_NDEF, ASN1_R_STREAMING_NOT_SUPPORTED); return NULL; } - ndef_aux = OPENSSL_malloc(sizeof(NDEF_SUPPORT)); + ndef_aux = OPENSSL_zalloc(sizeof(*ndef_aux)); asn_bio = BIO_new(BIO_f_asn1()); + if (ndef_aux == NULL || asn_bio == NULL) + goto err; /* ASN1 bio needs to be next to output BIO */ - out = BIO_push(asn_bio, out); - - if (!ndef_aux || !asn_bio || !out) + if (out == NULL) goto err; BIO_asn1_set_prefix(asn_bio, ndef_prefix, ndef_prefix_free); BIO_asn1_set_suffix(asn_bio, ndef_suffix, ndef_suffix_free); /* - * Now let callback prepend any digest, cipher etc BIOs ASN1 structure + * Now let callback prepends any digest, cipher etc BIOs ASN1 structure * needs. */ @@ -136,17 +90,14 @@ BIO *BIO_new_NDEF(BIO *out, ASN1_VALUE *val, const ASN1_ITEM *it) ndef_aux->ndef_bio = sarg.ndef_bio; ndef_aux->boundary = sarg.boundary; ndef_aux->out = out; - ndef_aux->derbuf = NULL; BIO_ctrl(asn_bio, BIO_C_SET_EX_ARG, 0, ndef_aux); return sarg.ndef_bio; err: - if (asn_bio) - BIO_free(asn_bio); - if (ndef_aux) - OPENSSL_free(ndef_aux); + BIO_free(asn_bio); + OPENSSL_free(ndef_aux); return NULL; } @@ -162,9 +113,10 @@ static int ndef_prefix(BIO *b, unsigned char **pbuf, int *plen, void *parg) ndef_aux = *(NDEF_SUPPORT **)parg; derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it); - p = OPENSSL_malloc(derlen); - if (!p) + if ((p = OPENSSL_malloc(derlen)) == NULL) { + ASN1err(ASN1_F_NDEF_PREFIX, ERR_R_MALLOC_FAILURE); return 0; + } ndef_aux->derbuf = p; *pbuf = p; @@ -188,8 +140,7 @@ static int ndef_prefix_free(BIO *b, unsigned char **pbuf, int *plen, ndef_aux = *(NDEF_SUPPORT **)parg; - if (ndef_aux->derbuf) - OPENSSL_free(ndef_aux->derbuf); + OPENSSL_free(ndef_aux->derbuf); ndef_aux->derbuf = NULL; *pbuf = NULL; @@ -232,9 +183,10 @@ static int ndef_suffix(BIO *b, unsigned char **pbuf, int *plen, void *parg) return 0; derlen = ASN1_item_ndef_i2d(ndef_aux->val, NULL, ndef_aux->it); - p = OPENSSL_malloc(derlen); - if (!p) + if ((p = OPENSSL_malloc(derlen)) == NULL) { + ASN1err(ASN1_F_NDEF_SUFFIX, ERR_R_MALLOC_FAILURE); return 0; + } ndef_aux->derbuf = p; *pbuf = p; diff --git a/crypto/asn1/build.info b/crypto/asn1/build.info new file mode 100644 index 000000000000..d3e92c81acfe --- /dev/null +++ b/crypto/asn1/build.info @@ -0,0 +1,16 @@ +LIBS=../../libcrypto +SOURCE[../../libcrypto]=\ + a_object.c a_bitstr.c a_utctm.c a_gentm.c a_time.c a_int.c a_octet.c \ + a_print.c a_type.c a_dup.c a_d2i_fp.c a_i2d_fp.c \ + a_utf8.c a_sign.c a_digest.c a_verify.c a_mbstr.c a_strex.c \ + x_algor.c x_val.c x_sig.c x_bignum.c \ + x_long.c x_int64.c x_info.c x_spki.c nsseq.c \ + d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\ + t_pkey.c t_spki.c t_bitst.c \ + tasn_new.c tasn_fre.c tasn_enc.c tasn_dec.c tasn_utl.c tasn_typ.c \ + tasn_prn.c tasn_scn.c ameth_lib.c \ + f_int.c f_string.c n_pkey.c \ + x_pkey.c bio_asn1.c bio_ndef.c asn_mime.c \ + asn1_gen.c asn1_par.c asn1_lib.c asn1_err.c a_strnid.c \ + evp_asn1.c asn_pack.c p5_pbe.c p5_pbev2.c p5_scrypt.c p8_pkey.c \ + asn_moid.c asn_mstbl.c asn1_item_list.c diff --git a/crypto/asn1/charmap.h b/crypto/asn1/charmap.h index 3305ad146b9c..bfccac2cb4e3 100644 --- a/crypto/asn1/charmap.h +++ b/crypto/asn1/charmap.h @@ -1,15 +1,34 @@ /* - * Auto generated with chartype.pl script. Mask of various character - * properties + * WARNING: do not edit! + * Generated by crypto/asn1/charmap.pl + * + * Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ -static const unsigned char char_type[] = { - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, - 120, 0, 1, 40, 0, 0, 0, 16, 16, 16, 0, 25, 25, 16, 16, 16, - 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 9, 9, 16, 9, 16, - 0, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, - 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 0, 1, 0, 0, 0, - 0, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, - 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 16, 0, 0, 0, 0, 2 +#define CHARTYPE_HOST_ANY 4096 +#define CHARTYPE_HOST_DOT 8192 +#define CHARTYPE_HOST_HYPHEN 16384 +#define CHARTYPE_HOST_WILD 32768 + +/* + * Mask of various character properties + */ + +static const unsigned short char_type[] = { + 1026, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 120, 0, 1, 40, + 0, 0, 0, 16, 1040, 1040, 33792, 25, 25, 16400, 8208, 16, + 4112, 4112, 4112, 4112, 4112, 4112, 4112, 4112, 4112, 4112, 16, 9, + 9, 16, 9, 16, 0, 4112, 4112, 4112, 4112, 4112, 4112, 4112, + 4112, 4112, 4112, 4112, 4112, 4112, 4112, 4112, 4112, 4112, 4112, 4112, + 4112, 4112, 4112, 4112, 4112, 4112, 4112, 0, 1025, 0, 0, 0, + 0, 4112, 4112, 4112, 4112, 4112, 4112, 4112, 4112, 4112, 4112, 4112, + 4112, 4112, 4112, 4112, 4112, 4112, 4112, 4112, 4112, 4112, 4112, 4112, + 4112, 4112, 4112, 0, 0, 0, 0, 2 }; diff --git a/crypto/asn1/charmap.pl b/crypto/asn1/charmap.pl index 12ac34ad7423..fbab1f3b0ad7 100644 --- a/crypto/asn1/charmap.pl +++ b/crypto/asn1/charmap.pl @@ -1,7 +1,10 @@ -#!/usr/local/bin/perl -w - -# Written by Dr Stephen N Henson (steve@openssl.org). -# Licensed under the terms of the OpenSSL license. +#! /usr/bin/env perl +# Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. +# +# Licensed under the OpenSSL license (the "License"). You may not use +# this file except in compliance with the License. You can obtain a copy +# in the file LICENSE in the source distribution or at +# https://www.openssl.org/source/license.html use strict; @@ -18,6 +21,11 @@ my $NOESC_QUOTE = 8; # Not escaped if quoted my $PSTRING_CHAR = 0x10; # Valid PrintableString character my $RFC2253_FIRST_ESC = 0x20; # Escaped with \ if first character my $RFC2253_LAST_ESC = 0x40; # Escaped with \ if last character +my $RFC2254_ESC = 0x400; # Character escaped \XX +my $HOST_ANY = 0x1000; # Valid hostname character anywhere in label +my $HOST_DOT = 0x2000; # Dot: hostname label separator +my $HOST_HYPHEN = 0x4000; # Hyphen: not valid at start or end. +my $HOST_WILD = 0x8000; # Wildcard character for($i = 0; $i < 128; $i++) { # Set the RFC2253 escape characters (control) @@ -30,7 +38,7 @@ for($i = 0; $i < 128; $i++) { if( ( ( $i >= ord("a")) && ( $i <= ord("z")) ) || ( ( $i >= ord("A")) && ( $i <= ord("Z")) ) || ( ( $i >= ord("0")) && ( $i <= ord("9")) ) ) { - $arr[$i] |= $PSTRING_CHAR; + $arr[$i] |= $PSTRING_CHAR | $HOST_ANY; } } @@ -49,6 +57,14 @@ $arr[ord("<")] |= $NOESC_QUOTE | $RFC2253_ESC; $arr[ord(">")] |= $NOESC_QUOTE | $RFC2253_ESC; $arr[ord(";")] |= $NOESC_QUOTE | $RFC2253_ESC; +# Remaining RFC2254 characters + +$arr[0] |= $RFC2254_ESC; +$arr[ord("(")] |= $RFC2254_ESC; +$arr[ord(")")] |= $RFC2254_ESC; +$arr[ord("*")] |= $RFC2254_ESC | $HOST_WILD; +$arr[ord("\\")] |= $RFC2254_ESC; + # Remaining PrintableString characters $arr[ord(" ")] |= $PSTRING_CHAR; @@ -57,8 +73,8 @@ $arr[ord("(")] |= $PSTRING_CHAR; $arr[ord(")")] |= $PSTRING_CHAR; $arr[ord("+")] |= $PSTRING_CHAR; $arr[ord(",")] |= $PSTRING_CHAR; -$arr[ord("-")] |= $PSTRING_CHAR; -$arr[ord(".")] |= $PSTRING_CHAR; +$arr[ord("-")] |= $PSTRING_CHAR | $HOST_HYPHEN; +$arr[ord(".")] |= $PSTRING_CHAR | $HOST_DOT; $arr[ord("/")] |= $PSTRING_CHAR; $arr[ord(":")] |= $PSTRING_CHAR; $arr[ord("=")] |= $PSTRING_CHAR; @@ -66,19 +82,37 @@ $arr[ord("?")] |= $PSTRING_CHAR; # Now generate the C code +# Output year depends on the year of the script. +my $YEAR = [localtime([stat($0)]->[9])]->[5] + 1900; print <<EOF; /* - * Auto generated with chartype.pl script. Mask of various character - * properties + * WARNING: do not edit! + * Generated by crypto/asn1/charmap.pl + * + * Copyright 2000-$YEAR The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ + +#define CHARTYPE_HOST_ANY $HOST_ANY +#define CHARTYPE_HOST_DOT $HOST_DOT +#define CHARTYPE_HOST_HYPHEN $HOST_HYPHEN +#define CHARTYPE_HOST_WILD $HOST_WILD + +/* + * Mask of various character properties */ -static const unsigned char char_type[] = { +static const unsigned short char_type[] = { EOF print " "; for($i = 0; $i < 128; $i++) { - print("\n ") if($i && (($i % 16) == 0)); - printf(" %d", $arr[$i]); + print("\n ") if($i && (($i % 12) == 0)); + printf(" %4d", $arr[$i]); print(",") if ($i != 127); } print("\n};\n"); diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c index 86dcf5fba9d7..aa0d6ad6aed0 100644 --- a/crypto/asn1/d2i_pr.c +++ b/crypto/asn1/d2i_pr.c @@ -1,72 +1,22 @@ -/* crypto/asn1/d2i_pr.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/bn.h> #include <openssl/evp.h> #include <openssl/objects.h> -#ifndef OPENSSL_NO_ENGINE -# include <openssl/engine.h> -#endif +#include <openssl/engine.h> #include <openssl/x509.h> #include <openssl/asn1.h> -#include "asn1_locl.h" +#include "internal/asn1_int.h" +#include "internal/evp_int.h" EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, long length) @@ -77,15 +27,13 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, if ((a == NULL) || (*a == NULL)) { if ((ret = EVP_PKEY_new()) == NULL) { ASN1err(ASN1_F_D2I_PRIVATEKEY, ERR_R_EVP_LIB); - return (NULL); + return NULL; } } else { ret = *a; #ifndef OPENSSL_NO_ENGINE - if (ret->engine) { - ENGINE_finish(ret->engine); - ret->engine = NULL; - } + ENGINE_finish(ret->engine); + ret->engine = NULL; #endif } @@ -116,11 +64,11 @@ EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, *pp = p; if (a != NULL) (*a) = ret; - return (ret); + return ret; err: - if ((ret != NULL) && ((a == NULL) || (*a != ret))) + if (a == NULL || *a != ret) EVP_PKEY_free(ret); - return (NULL); + return NULL; } /* diff --git a/crypto/asn1/d2i_pu.c b/crypto/asn1/d2i_pu.c index 33542dd122ad..9452e08a5874 100644 --- a/crypto/asn1/d2i_pu.c +++ b/crypto/asn1/d2i_pu.c @@ -1,76 +1,23 @@ -/* crypto/asn1/d2i_pu.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/bn.h> #include <openssl/evp.h> #include <openssl/objects.h> #include <openssl/asn1.h> -#ifndef OPENSSL_NO_RSA -# include <openssl/rsa.h> -#endif -#ifndef OPENSSL_NO_DSA -# include <openssl/dsa.h> -#endif -#ifndef OPENSSL_NO_EC -# include <openssl/ec.h> -#endif +#include <openssl/rsa.h> +#include <openssl/dsa.h> +#include <openssl/ec.h> + +#include "internal/evp_int.h" EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, long length) @@ -80,7 +27,7 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, if ((a == NULL) || (*a == NULL)) { if ((ret = EVP_PKEY_new()) == NULL) { ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_EVP_LIB); - return (NULL); + return NULL; } } else ret = *a; @@ -93,10 +40,7 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, switch (EVP_PKEY_id(ret)) { #ifndef OPENSSL_NO_RSA case EVP_PKEY_RSA: - /* TMP UGLY CAST */ - if ((ret->pkey.rsa = d2i_RSAPublicKey(NULL, - (const unsigned char **)pp, - length)) == NULL) { + if ((ret->pkey.rsa = d2i_RSAPublicKey(NULL, pp, length)) == NULL) { ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB); goto err; } @@ -105,8 +49,7 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, #ifndef OPENSSL_NO_DSA case EVP_PKEY_DSA: /* TMP UGLY CAST */ - if (!d2i_DSAPublicKey(&(ret->pkey.dsa), - (const unsigned char **)pp, length)) { + if (!d2i_DSAPublicKey(&ret->pkey.dsa, pp, length)) { ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB); goto err; } @@ -114,8 +57,7 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, #endif #ifndef OPENSSL_NO_EC case EVP_PKEY_EC: - if (!o2i_ECPublicKey(&(ret->pkey.ec), - (const unsigned char **)pp, length)) { + if (!o2i_ECPublicKey(&ret->pkey.ec, pp, length)) { ASN1err(ASN1_F_D2I_PUBLICKEY, ERR_R_ASN1_LIB); goto err; } @@ -124,13 +66,12 @@ EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp, default: ASN1err(ASN1_F_D2I_PUBLICKEY, ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE); goto err; - /* break; */ } if (a != NULL) (*a) = ret; - return (ret); + return ret; err: - if ((ret != NULL) && ((a == NULL) || (*a != ret))) + if (a == NULL || *a != ret) EVP_PKEY_free(ret); - return (NULL); + return NULL; } diff --git a/crypto/asn1/evp_asn1.c b/crypto/asn1/evp_asn1.c index 5876afa5e4df..895085a520a1 100644 --- a/crypto/asn1/evp_asn1.c +++ b/crypto/asn1/evp_asn1.c @@ -1,195 +1,115 @@ -/* crypto/asn1/evp_asn1.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. +/* + * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "cryptlib.h" +#include "internal/cryptlib.h" #include <openssl/asn1.h> -#include <openssl/asn1_mac.h> +#include <openssl/asn1t.h> int ASN1_TYPE_set_octetstring(ASN1_TYPE *a, unsigned char *data, int len) { ASN1_STRING *os; - if ((os = M_ASN1_OCTET_STRING_new()) == NULL) - return (0); - if (!M_ASN1_OCTET_STRING_set(os, data, len)) { - M_ASN1_OCTET_STRING_free(os); + if ((os = ASN1_OCTET_STRING_new()) == NULL) + return 0; + if (!ASN1_OCTET_STRING_set(os, data, len)) { + ASN1_OCTET_STRING_free(os); return 0; } ASN1_TYPE_set(a, V_ASN1_OCTET_STRING, os); - return (1); + return 1; } /* int max_len: for returned value */ -int ASN1_TYPE_get_octetstring(ASN1_TYPE *a, unsigned char *data, int max_len) +int ASN1_TYPE_get_octetstring(const ASN1_TYPE *a, unsigned char *data, int max_len) { int ret, num; - unsigned char *p; + const unsigned char *p; if ((a->type != V_ASN1_OCTET_STRING) || (a->value.octet_string == NULL)) { ASN1err(ASN1_F_ASN1_TYPE_GET_OCTETSTRING, ASN1_R_DATA_IS_WRONG); - return (-1); + return -1; } - p = M_ASN1_STRING_data(a->value.octet_string); - ret = M_ASN1_STRING_length(a->value.octet_string); + p = ASN1_STRING_get0_data(a->value.octet_string); + ret = ASN1_STRING_length(a->value.octet_string); if (ret < max_len) num = ret; else num = max_len; memcpy(data, p, num); - return (ret); + return ret; } -int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data, - int len) -{ - int n, size; - ASN1_OCTET_STRING os, *osp; - ASN1_INTEGER in; - unsigned char *p; - unsigned char buf[32]; /* when they have 256bit longs, I'll be in - * trouble */ - in.data = buf; - in.length = 32; - os.data = data; - os.type = V_ASN1_OCTET_STRING; - os.length = len; - ASN1_INTEGER_set(&in, num); - n = i2d_ASN1_INTEGER(&in, NULL); - n += M_i2d_ASN1_OCTET_STRING(&os, NULL); - - size = ASN1_object_size(1, n, V_ASN1_SEQUENCE); - - if ((osp = ASN1_STRING_new()) == NULL) - return (0); - /* Grow the 'string' */ - if (!ASN1_STRING_set(osp, NULL, size)) { - ASN1_STRING_free(osp); - return (0); - } +typedef struct { + int32_t num; + ASN1_OCTET_STRING *oct; +} asn1_int_oct; - M_ASN1_STRING_length_set(osp, size); - p = M_ASN1_STRING_data(osp); +ASN1_SEQUENCE(asn1_int_oct) = { + ASN1_EMBED(asn1_int_oct, num, INT32), + ASN1_SIMPLE(asn1_int_oct, oct, ASN1_OCTET_STRING) +} static_ASN1_SEQUENCE_END(asn1_int_oct) - ASN1_put_object(&p, 1, n, V_ASN1_SEQUENCE, V_ASN1_UNIVERSAL); - i2d_ASN1_INTEGER(&in, &p); - M_i2d_ASN1_OCTET_STRING(&os, &p); +DECLARE_ASN1_ITEM(asn1_int_oct) - ASN1_TYPE_set(a, V_ASN1_SEQUENCE, osp); - return (1); +int ASN1_TYPE_set_int_octetstring(ASN1_TYPE *a, long num, unsigned char *data, + int len) +{ + asn1_int_oct atmp; + ASN1_OCTET_STRING oct; + + atmp.num = num; + atmp.oct = &oct; + oct.data = data; + oct.type = V_ASN1_OCTET_STRING; + oct.length = len; + oct.flags = 0; + + if (ASN1_TYPE_pack_sequence(ASN1_ITEM_rptr(asn1_int_oct), &atmp, &a)) + return 1; + return 0; } /* - * we return the actual length..., num may be missing, in which case, set it - * to zero + * we return the actual length... */ /* int max_len: for returned value */ -int ASN1_TYPE_get_int_octetstring(ASN1_TYPE *a, long *num, +int ASN1_TYPE_get_int_octetstring(const ASN1_TYPE *a, long *num, unsigned char *data, int max_len) { + asn1_int_oct *atmp = NULL; int ret = -1, n; - ASN1_INTEGER *ai = NULL; - ASN1_OCTET_STRING *os = NULL; - const unsigned char *p; - long length; - ASN1_const_CTX c; if ((a->type != V_ASN1_SEQUENCE) || (a->value.sequence == NULL)) { goto err; } - p = M_ASN1_STRING_data(a->value.sequence); - length = M_ASN1_STRING_length(a->value.sequence); - c.pp = &p; - c.p = p; - c.max = p + length; - c.error = ASN1_R_DATA_IS_WRONG; + atmp = ASN1_TYPE_unpack_sequence(ASN1_ITEM_rptr(asn1_int_oct), a); - M_ASN1_D2I_start_sequence(); - c.q = c.p; - if ((ai = d2i_ASN1_INTEGER(NULL, &c.p, c.slen)) == NULL) - goto err; - c.slen -= (c.p - c.q); - c.q = c.p; - if ((os = d2i_ASN1_OCTET_STRING(NULL, &c.p, c.slen)) == NULL) - goto err; - c.slen -= (c.p - c.q); - if (!M_ASN1_D2I_end_sequence()) + if (atmp == NULL) goto err; if (num != NULL) - *num = ASN1_INTEGER_get(ai); + *num = atmp->num; - ret = M_ASN1_STRING_length(os); + ret = ASN1_STRING_length(atmp->oct); if (max_len > ret) n = ret; else n = max_len; if (data != NULL) - memcpy(data, M_ASN1_STRING_data(os), n); - if (0) { + memcpy(data, ASN1_STRING_get0_data(atmp->oct), n); + if (ret == -1) { err: ASN1err(ASN1_F_ASN1_TYPE_GET_INT_OCTETSTRING, ASN1_R_DATA_IS_WRONG); } - if (os != NULL) - M_ASN1_OCTET_STRING_free(os); - if (ai != NULL) - M_ASN1_INTEGER_free(ai); - return (ret); + M_ASN1_free_of(atmp, asn1_int_oct); + return ret; } diff --git a/crypto/asn1/f_enum.c b/crypto/asn1/f_enum.c deleted file mode 100644 index 527f1d8f87b3..000000000000 --- a/crypto/asn1/f_enum.c +++ /dev/null @@ -1,203 +0,0 @@ -/* crypto/asn1/f_enum.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. - * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include <stdio.h> -#include "cryptlib.h" -#include <openssl/buffer.h> -#include <openssl/asn1.h> - -/* Based on a_int.c: equivalent ENUMERATED functions */ - -int i2a_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *a) -{ - int i, n = 0; - static const char *h = "0123456789ABCDEF"; - char buf[2]; - - if (a == NULL) - return (0); - - if (a->length == 0) { - if (BIO_write(bp, "00", 2) != 2) - goto err; - n = 2; - } else { - for (i = 0; i < a->length; i++) { - if ((i != 0) && (i % 35 == 0)) { - if (BIO_write(bp, "\\\n", 2) != 2) - goto err; - n += 2; - } - buf[0] = h[((unsigned char)a->data[i] >> 4) & 0x0f]; - buf[1] = h[((unsigned char)a->data[i]) & 0x0f]; - if (BIO_write(bp, buf, 2) != 2) - goto err; - n += 2; - } - } - return (n); - err: - return (-1); -} - -int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size) -{ - int ret = 0; - int i, j, k, m, n, again, bufsize; - unsigned char *s = NULL, *sp; - unsigned char *bufp; - int num = 0, slen = 0, first = 1; - - bs->type = V_ASN1_ENUMERATED; - - bufsize = BIO_gets(bp, buf, size); - for (;;) { - if (bufsize < 1) - goto err_sl; - i = bufsize; - if (buf[i - 1] == '\n') - buf[--i] = '\0'; - if (i == 0) - goto err_sl; - if (buf[i - 1] == '\r') - buf[--i] = '\0'; - if (i == 0) - goto err_sl; - again = (buf[i - 1] == '\\'); - - for (j = 0; j < i; j++) { - if (!(((buf[j] >= '0') && (buf[j] <= '9')) || - ((buf[j] >= 'a') && (buf[j] <= 'f')) || - ((buf[j] >= 'A') && (buf[j] <= 'F')))) { - i = j; - break; - } - } - buf[i] = '\0'; - /* - * We have now cleared all the crap off the end of the line - */ - if (i < 2) - goto err_sl; - - bufp = (unsigned char *)buf; - if (first) { - first = 0; - if ((bufp[0] == '0') && (bufp[1] == '0')) { - bufp += 2; - i -= 2; - } - } - k = 0; - i -= again; - if (i % 2 != 0) { - ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ASN1_R_ODD_NUMBER_OF_CHARS); - goto err; - } - i /= 2; - if (num + i > slen) { - if (s == NULL) - sp = (unsigned char *)OPENSSL_malloc((unsigned int)num + - i * 2); - else - sp = (unsigned char *)OPENSSL_realloc(s, - (unsigned int)num + - i * 2); - if (sp == NULL) { - ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ERR_R_MALLOC_FAILURE); - goto err; - } - s = sp; - slen = num + i * 2; - } - for (j = 0; j < i; j++, k += 2) { - for (n = 0; n < 2; n++) { - m = bufp[k + n]; - if ((m >= '0') && (m <= '9')) - m -= '0'; - else if ((m >= 'a') && (m <= 'f')) - m = m - 'a' + 10; - else if ((m >= 'A') && (m <= 'F')) - m = m - 'A' + 10; - else { - ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, - ASN1_R_NON_HEX_CHARACTERS); - goto err; - } - s[num + j] <<= 4; - s[num + j] |= m; - } - } - num += i; - if (again) - bufsize = BIO_gets(bp, buf, size); - else - break; - } - bs->length = num; - bs->data = s; - ret = 1; - err: - if (0) { - err_sl: - ASN1err(ASN1_F_A2I_ASN1_ENUMERATED, ASN1_R_SHORT_LINE); - } - if (ret != 1) - OPENSSL_free(s); - return (ret); -} diff --git a/crypto/asn1/f_int.c b/crypto/asn1/f_int.c index e6ed7f1e770b..6d6bddc651cc 100644 --- a/crypto/asn1/f_int.c +++ b/crypto/asn1/f_int.c @@ -1,74 +1,26 @@ -/* crypto/asn1/f_int.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * "This product includes cryptographic software written by - * Eric Young (eay@cryptsoft.com)" - * The word 'cryptographic' can be left out if the rouines from the library - * being used are not cryptographic related :-). - * 4. If you include any Windows specific code (or a derivative thereof) from - * the apps directory (application code) you must include an acknowledgement: - * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)" - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html */ #include <stdio.h> -#include "cryptlib.h" +#include "internal/ctype.h" +#include "internal/cryptlib.h" #include <openssl/buffer.h> #include <openssl/asn1.h> -int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a) +int i2a_ASN1_INTEGER(BIO *bp, const ASN1_INTEGER *a) { int i, n = 0; static const char *h = "0123456789ABCDEF"; char buf[2]; if (a == NULL) - return (0); + return 0; if (a->type & V_ASN1_NEG) { if (BIO_write(bp, "-", 1) != 1) @@ -94,14 +46,13 @@ int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a) n += 2; } } - return (n); + return n; err: - return (-1); + return -1; } int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) { - int ret = 0; int i, j, k, m, n, again, bufsize; unsigned char *s = NULL, *sp; unsigned char *bufp; @@ -112,31 +63,20 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) bufsize = BIO_gets(bp, buf, size); for (;;) { if (bufsize < 1) - goto err_sl; + goto err; i = bufsize; if (buf[i - 1] == '\n') buf[--i] = '\0'; if (i == 0) - goto err_sl; + goto err; if (buf[i - 1] == '\r') buf[--i] = '\0'; if (i == 0) - goto err_sl; + goto err; again = (buf[i - 1] == '\\'); for (j = 0; j < i; j++) { -#ifndef CHARSET_EBCDIC - if (!(((buf[j] >= '0') && (buf[j] <= '9')) || - ((buf[j] >= 'a') && (buf[j] <= 'f')) || - ((buf[j] >= 'A') && (buf[j] <= 'F')))) -#else - /* - * This #ifdef is not strictly necessary, since the characters - * A...F a...f 0...9 are contiguous (yes, even in EBCDIC - but - * not the whole alphabet). Nevertheless, isxdigit() is faster. - */ - if (!isxdigit(buf[j])) -#endif + if (!ossl_isxdigit(buf[j])) { i = j; break; @@ -147,7 +87,7 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) * We have now cleared all the crap off the end of the line */ if (i < 2) - goto err_sl; + goto err; bufp = (unsigned char *)buf; if (first) { @@ -161,32 +101,24 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) i -= again; if (i % 2 != 0) { ASN1err(ASN1_F_A2I_ASN1_INTEGER, ASN1_R_ODD_NUMBER_OF_CHARS); - goto err; + OPENSSL_free(s); + return 0; } i /= 2; if (num + i > slen) { - if (s == NULL) - sp = (unsigned char *)OPENSSL_malloc((unsigned int)num + - i * 2); - else - sp = OPENSSL_realloc_clean(s, slen, num + i * 2); + sp = OPENSSL_clear_realloc(s, slen, num + i * 2); if (sp == NULL) { ASN1err(ASN1_F_A2I_ASN1_INTEGER, ERR_R_MALLOC_FAILURE); - goto err; + OPENSSL_free(s); + return 0; } s = sp; slen = num + i * 2; } for (j = 0; j < i; j++, k += 2) { for (n = 0; n < 2; n++) { - m = bufp[k + n]; - if ((m >= '0') && (m <= '9')) - m -= '0'; - else if ((m >= 'a') && (m <= 'f')) - m = m - 'a' + 10; - else if ((m >= 'A') && (m <= 'F')) - m = m - 'A' + 10; - else { + m = OPENSSL_hexchar2int(bufp[k + n]); + if (m < 0) { ASN1err(ASN1_F_A2I_ASN1_INTEGER, ASN1_R_NON_HEX_CHARACTERS); goto err; @@ -203,13 +135,22 @@ int a2i_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *bs, char *buf, int size) } bs->length = num; bs->data = s; - ret = 1; + return 1; err: - if (0) { - err_sl: - ASN1err(ASN1_F_A2I_ASN1_INTEGER, ASN1_R_SHORT_LINE); - } - if (ret != 1) - OPENSSL_free(s); - return (ret); + ASN1err(ASN1_F_A2I_ASN1_INTEGER, ASN1_R_SHORT_LINE); + OPENSSL_free(s); + return 0; +} + +int i2a_ASN1_ENUMERATED(BIO *bp, const ASN1_ENUMERATED *a) +{ + return i2a_ASN1_INTEGER(bp, a); +} + +int a2i_ASN1_ENUMERATED(BIO *bp, ASN1_ENUMERATED *bs, char *buf, int size) +{ + int rv = a2i_ASN1_INTEGER(bp, bs, buf, size); + if (rv == 1) + bs->type = V_ASN1_INTEGER | (bs->type & V_ASN1_NEG); + return rv; } diff --git a/crypto/asn1/f_string.c b/crypto/asn1/f_string.c index 0f7b9cfb119b..f893489a6719 100644 --- a/crypto/asn1/f_string.c +++ b/crypto/asn1/f_string.c @@ -1,74 +1,26 @@ -/* crypto/asn1/f_string.c */ -/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) - * All rights reserved. +/* + * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. * - * This package is an SSL implementation written - * by Eric Young (eay@cryptsoft.com). - * The implementation was written so as to conform with Netscapes SSL. - * - * This library is free for commercial and non-commercial use as long as - * the following conditions are aheared to. The following conditions - * apply to all code found in this distribution, be it the RC4, RSA, - * lhash, DES, etc., code; not just the SSL code. The SSL documentation - * included with this distribution is covered by the same copyright terms - * except that the holder is Tim Hudson (tjh@cryptsoft.com). - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. - * If this package is used in a product, Eric Young should be given attribution - * as the author of the parts of the library used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following |